+Warwagon MVC Posted June 7, 2012 MVC Share Posted June 7, 2012 (edited) Would you connect a customers hard drive you know to be infected to your windows machine so you can scan it in windows? I Personally use rescue discs on a spare machine or the customers machine to scan the drive. I was just talking with someone who does computer repair as a living and he said he scans all the infected machine by hooking them up to his machine and scanning them with AVG. This is also his main machine office computer he does billing on! Edited June 7, 2012 by warwagon Link to comment Share on other sites More sharing options...
Dot Matrix Posted June 7, 2012 Share Posted June 7, 2012 **** NO! Aergan and Sadelwo 2 Share Link to comment Share on other sites More sharing options...
SirEvan Posted June 7, 2012 Share Posted June 7, 2012 mmm Would you have unprotected sex? It depends. If you have good enough protection, that can scan memory, file access, etc, then you should be reasonably safe from autorun launchers and what not. I've connected peoples drives to my machine before, and the VERY first thing I do is scan it thouroughly before touching any file on it. (malware, nod32, etc) Once those scans come back clean, I do what needs to be done with the drive, then deep scan my system one or two more times just to be sure, and I always have the latest virus def updates. Would it be smarter to boot to a scanner that runs in memory from a boot cd like Hirens? probably, but thats kind of a hassle. If I was doing this as a business, I'd probably have a dedicated machine sitting on the side, not connected to the network, running ubuntu or something to look at/scan customer disks. Link to comment Share on other sites More sharing options...
Miuku. Posted June 7, 2012 Share Posted June 7, 2012 Since I wouldn't be using a Windows machine, nor should anyone else be using one to clean an infected box (but instead use a USB/LiveCD/PXE Linux), the answer is no. Link to comment Share on other sites More sharing options...
Hum Posted June 7, 2012 Share Posted June 7, 2012 Sure -- why not. I live on the edge. Flae_qui, PurpleHaze420 and oliver182 3 Share Link to comment Share on other sites More sharing options...
+Warwagon MVC Posted June 7, 2012 Author MVC Share Posted June 7, 2012 It's also his main office / billing computer. Link to comment Share on other sites More sharing options...
MarkusDarkus Posted June 7, 2012 Share Posted June 7, 2012 Only in a Windows PE. But in this case the guy is crazy. Link to comment Share on other sites More sharing options...
Arceles Posted June 7, 2012 Share Posted June 7, 2012 Come on guys, it's just a hardrive with data, have done it for almost 10 years, no problem as you "OPEN" the harddrive and don't double click just on the icon... because that would trigger surely an autorun, other than that... I would only do it to recover important data then wipe the whole drive. Ambroos 1 Share Link to comment Share on other sites More sharing options...
MarkusDarkus Posted June 7, 2012 Share Posted June 7, 2012 Come on guys, it's just a hardrive with data, have done it for almost 10 years, no problem as you "OPEN" the harddrive and don't double click just on the icon... because that would trigger surely an autorun, other than that... I would only do it to recover important data then wipe the whole drive. Lol Are you the guy Warwagon is on about??? Link to comment Share on other sites More sharing options...
+Warwagon MVC Posted June 7, 2012 Author MVC Share Posted June 7, 2012 Come on guys, it's just a hardrive with data, have done it for almost 10 years, no problem as you "OPEN" the harddrive and don't double click just on the icon... because that would trigger surely an autorun True but just the though of doing it gives me one hell of a Gibsonian response! Link to comment Share on other sites More sharing options...
xdot.tk Posted June 7, 2012 Share Posted June 7, 2012 Absolutely. Malware just sitting on a drive poses no risks whatsoever. I have a folder full of trojans, virus,etc that I play with in a sandbox. Anybody that thinks otherwise is just plain wrong. morphen and Southern Patriot 2 Share Link to comment Share on other sites More sharing options...
mps69 Posted June 7, 2012 Share Posted June 7, 2012 It's also his main office / billing computer. If it was just a PC he used for fixing hard drive's, which can be re-imaged once it was done, maybe. A main PC I doubt I'd do it that way, Live CD in the original PC seems safer and smarter. Link to comment Share on other sites More sharing options...
Detection Posted June 7, 2012 Share Posted June 7, 2012 Only on Tuesdays oliver182 and Marshall 2 Share Link to comment Share on other sites More sharing options...
Hum Posted June 7, 2012 Share Posted June 7, 2012 ^ I've noticed that Link to comment Share on other sites More sharing options...
Lingwo Posted June 7, 2012 Share Posted June 7, 2012 No, just not worth the risk. Live CD/USB is the way to go. Link to comment Share on other sites More sharing options...
butilikethecookie Posted June 7, 2012 Share Posted June 7, 2012 One Word: Linux If it were a windows computer... **** NO! Link to comment Share on other sites More sharing options...
hjf288 Posted June 7, 2012 Share Posted June 7, 2012 I use a secure pxe boot environment on a dedicated machine for disinfection and scanning with that machine on a seperate network to my networked machines Link to comment Share on other sites More sharing options...
Max Norris Posted June 7, 2012 Share Posted June 7, 2012 If you know what you're doing, sure. Malware that's sitting on another drive won't automagically start on its own unless you tell it to (or blindly let an autorun execute if its present). Just to be safe I'd still probably do it on a spare machine that has nothing I'd mind losing though, just in case of a derp moment on my part. Why risk it. Link to comment Share on other sites More sharing options...
+Warwagon MVC Posted June 7, 2012 Author MVC Share Posted June 7, 2012 I use a secure pxe boot environment on a dedicated machine for disinfection and scanning with that machine on a seperate network to my networked machines Indeed. I would also be VERY surprised if he had a Vlan setup in his office. I also saw him browsing the program files directory on a customers machine and just deleting the folders of unwanted applications. Without actually uninstalling them. He would then run a registry scanner. Link to comment Share on other sites More sharing options...
hjf288 Posted June 7, 2012 Share Posted June 7, 2012 Indeed. I would also be VERY surprised if he had a Vlan setup in his office. I also saw him browsing the program files directory on a customers machine and just deleting the folders of unwanted applications. Without actually uninstalling them. He would then run a registry scanner. Derp XD Link to comment Share on other sites More sharing options...
LaP Posted June 7, 2012 Share Posted June 7, 2012 Why not ? I would probably do it on a spare machine using a Linux Live CD and a USB case just to be safe but as long as you don't boot from this HD or don't autorun/run anything on it there should not be any problem. But why not do it directly from the infected machine ? Link to comment Share on other sites More sharing options...
TEX4S Posted June 7, 2012 Share Posted June 7, 2012 Do it all the time - I have webroot, so I know my system will be safe & if something were to jump across from simply scanning files (which is rare these days) its easy to fix. Now, with that said - I wouldnt do it on the main billing/business system NO. I have NEVER been cross-contaminated from attaching an infectefd HDD just to scan it. Link to comment Share on other sites More sharing options...
Dotdot Posted June 7, 2012 Share Posted June 7, 2012 To my main machine? No just NO!! To a secondary box? YES :) (one thats offline) Link to comment Share on other sites More sharing options...
Kondrath Posted June 7, 2012 Share Posted June 7, 2012 I've done that for a few friends, but only with using a Live Linux CD. Tried it once using Windows but that was a horrible mistake. Had to reformat. Link to comment Share on other sites More sharing options...
M_Lyons10 Posted June 7, 2012 Share Posted June 7, 2012 Sure -- why not. I live on the edge. HAHAHA! Yeah, I think I'd play it a bit safer. I guess I'm a bit boring. LOL Link to comment Share on other sites More sharing options...
Recommended Posts