Start Free TrialLog in
Avatar of john8217
john8217

asked on 

Retrieving data from infected drive

Suppose I have a hard drive that's infected with serious malware (like a rootkit) and I need to retrieve some files off of it. Would it  be safe to plug it into another PC as a secondary drive? After all, if its not going to be the boot drive, the malware won't become active. Is that a correct assumption?
     P.S. this is just for future reference. I currently do not need to access anything off of an infected drive.
Anti-Virus AppsOS SecurityVulnerabilities
Avatar of undefined
Last Comment
john8217
Avatar of aadih
aadih
Flag of United States of America image
Yes. It is a working-safe assumption.
Avatar of Member_2_6582184
Member_2_6582184
Flag of Germany image
If it is a well coded root kit or virus I would not say this is safe at all.

I suggest this procedure:

- Install a working virus scanner on your Windows OS
- Boot your PC from any Linux live system.
- Make sure your local (windows) drive is not mounted
- mount the infected drive, copy over the files you need on a USB stick.
- wipe the partition table of the infected drive
- start your Windows again, scan plug in the Stick and scan it.

IMHO chances are really slim your virus/rootkit is on this USB stick in the first place; if so it was in one of the files you copied.
ASKER CERTIFIED SOLUTION
Avatar of Dave Howe
Dave Howe
Flag of United Kingdom of Great Britain and Northern Ireland image
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of McKnife
McKnife
Flag of Germany image
Of course it's inactive no matter how good it is coded. The only possible way to become infected now is to activate autorun-on-connect, but that is off by default.
Avatar of Dave Howe
Dave Howe
Flag of United Kingdom of Great Britain and Northern Ireland image
or by opening an infected document that has scripting capabilities (such as pdf)
Avatar of john8217
john8217

ASKER

Thanks
Anti-Virus Apps
Anti-Virus Apps

Anti-virus software was originally developed to detect and remove computer viruses. However, with the proliferation of other kinds of malware, antivirus software started to provide protection from other computer threats. In particular, modern antivirus software can protect from malicious browser helper objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious layered service providers (LSPs), dialers, fraud tools, adware and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity theft (privacy), online banking attacks, social engineering techniques, Advanced Persistent Threat (APT), botnets and DDoS attacks.

23K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts

  • "Invaluable tool for our organization"

    Josh Regalski

  • "Your help has saved me hundreds of hours of internet surfing."

    @fblack61

  • "Just a dang good service!"

    @golferski

  • "Worth every penny."

    Steve Hougom

  • "It’s been a life saver."

    Maria Halt

  • "Best support site I’ve seen!"

    Bob Schneider

  • "I would be lost without them."

    @fblack61

  • "Saved my job multiple times."

    Walt Forbes

  • "I love this site."

    Maria Duwe

  • "Friendly respectful help."

    Andrew Kowtalo

  • "Such top-notch experts."

    @magento

  • "The best money I have ever spent."

    @rwheeler23

  • "Beyond any comprehensible value"

    George Morris

  • "Invaluable tool for our organization"

    Josh Regalski

Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo
© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent