Would you connect an infected hard drive to your computer to scan it?


Would you connect an infected hard drive to your computer to scan  

76 members have voted

  1. 1. Would you connect an infected hard drive to your computer to scan it from inside windows??

    • Yes
      42
    • No
      14
    • NO!! Are you crazy?!!
      20


Recommended Posts

Would you connect a customers hard drive you know to be infected to your windows machine so you can scan it in windows? I Personally use rescue discs on a spare machine or the customers machine to scan the drive. I was just talking with someone who does computer repair as a living and he said he scans all the infected machine by hooking them up to his machine and scanning them with AVG.

This is also his main machine office computer he does billing on!

Edited by warwagon
Link to comment
Share on other sites

mmm Would you have unprotected sex? It depends. If you have good enough protection, that can scan memory, file access, etc, then you should be reasonably safe from autorun launchers and what not. I've connected peoples drives to my machine before, and the VERY first thing I do is scan it thouroughly before touching any file on it. (malware, nod32, etc) Once those scans come back clean, I do what needs to be done with the drive, then deep scan my system one or two more times just to be sure, and I always have the latest virus def updates.

Would it be smarter to boot to a scanner that runs in memory from a boot cd like Hirens? probably, but thats kind of a hassle. If I was doing this as a business, I'd probably have a dedicated machine sitting on the side, not connected to the network, running ubuntu or something to look at/scan customer disks.

Link to comment
Share on other sites

Since I wouldn't be using a Windows machine, nor should anyone else be using one to clean an infected box (but instead use a USB/LiveCD/PXE Linux), the answer is no.

Link to comment
Share on other sites

Come on guys, it's just a hardrive with data, have done it for almost 10 years, no problem as you "OPEN" the harddrive and don't double click just on the icon... because that would trigger surely an autorun, other than that... I would only do it to recover important data then wipe the whole drive.

Link to comment
Share on other sites

Come on guys, it's just a hardrive with data, have done it for almost 10 years, no problem as you "OPEN" the harddrive and don't double click just on the icon... because that would trigger surely an autorun, other than that... I would only do it to recover important data then wipe the whole drive.

Lol Are you the guy Warwagon is on about???

Link to comment
Share on other sites

Come on guys, it's just a hardrive with data, have done it for almost 10 years, no problem as you "OPEN" the harddrive and don't double click just on the icon... because that would trigger surely an autorun

True but just the though of doing it gives me one hell of a Gibsonian response!

Link to comment
Share on other sites

Absolutely. Malware just sitting on a drive poses no risks whatsoever. I have a folder full of trojans, virus,etc that I play with in a sandbox.

Anybody that thinks otherwise is just plain wrong.

  • Like 2
Link to comment
Share on other sites

It's also his main office / billing computer.

If it was just a PC he used for fixing hard drive's, which can be re-imaged once it was done, maybe. A main PC I doubt I'd do it that way, Live CD in the original PC seems safer and smarter.

Link to comment
Share on other sites

I use a secure pxe boot environment on a dedicated machine for disinfection and scanning with that machine on a seperate network to my networked machines

Link to comment
Share on other sites

If you know what you're doing, sure. Malware that's sitting on another drive won't automagically start on its own unless you tell it to (or blindly let an autorun execute if its present). Just to be safe I'd still probably do it on a spare machine that has nothing I'd mind losing though, just in case of a derp moment on my part. Why risk it.

Link to comment
Share on other sites

I use a secure pxe boot environment on a dedicated machine for disinfection and scanning with that machine on a seperate network to my networked machines

Indeed. I would also be VERY surprised if he had a Vlan setup in his office. I also saw him browsing the program files directory on a customers machine and just deleting the folders of unwanted applications. Without actually uninstalling them. He would then run a registry scanner.

Link to comment
Share on other sites

Indeed. I would also be VERY surprised if he had a Vlan setup in his office. I also saw him browsing the program files directory on a customers machine and just deleting the folders of unwanted applications. Without actually uninstalling them. He would then run a registry scanner.

Derp XD

Link to comment
Share on other sites

Why not ?

I would probably do it on a spare machine using a Linux Live CD and a USB case just to be safe but as long as you don't boot from this HD or don't autorun/run anything on it there should not be any problem.

But why not do it directly from the infected machine ?

Link to comment
Share on other sites

Do it all the time - I have webroot, so I know my system will be safe & if something were to jump across from simply scanning files (which is rare these days) its easy to fix.

Now, with that said - I wouldnt do it on the main billing/business system NO.

I have NEVER been cross-contaminated from attaching an infectefd HDD just to scan it.

Link to comment
Share on other sites

I've done that for a few friends, but only with using a Live Linux CD. Tried it once using Windows but that was a horrible mistake. Had to reformat.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.