Helping people with computers... one answer at a time.
Mounting a disk drive on your system can expose you to various types of malware, most notably viruses. We'll look at steps to do so safely.
I have a hard drive that was diagnosed with a virus. I had it replaced but it contains many files (pictures, data, etc.) that I would like to recover. Would it be safe to connect it to my computer as a secondary drive and attempt to copy those files to my computer's primary drive?
I'm a tad concerned that there's more going on here than you've stated. There's no reason to replace a drive just because it contains a virus. Viruses don't harm the hardware in any way that would necessitate replacement.
That having been said, your question is a good one: does mounting any disk, be it a hard drive, DVD, CD-ROM or even a floppy, that contains a virus put your system at risk?
Yes, of course there's risk. But the risk is in what you do after you mount it.
The key to viruses that inhabit some kind of media is that they must be run. By that I mean that some program that contains the virus must actually be executed on your computer in order for the virus to infect you. As long as the virus isn't executed, its mere presence doesn't actually do anything. It simply lays in wait.
So, yes, you're quite safe to mount your hard drive and copy files off of it, as long as you don't copy or execute any file that is infected with a virus. Seems simple, right?
Things are rarely simple.
At issue is how to make certain that nothing on that infected hard drive is executed.
My actual recommendation is to run an up-to-date anti-virus scan of the drive once you've mounted it. Let the scanner actually delete or at least quarantine any of the files that it finds are infected. Scan again - and if your scanner reports no viruses, where it did before, you're likely clean, and can copy away to your hearts content. (I must emphasize that it's very important that your anti-virus program's database of viruses be up to date, to make sure to catch even the most recent threats.)
A common "gotcha" on removable media - meaning CDs, USB flash drives and the like - is "autorun". This rarely applies to hard disks (though I've heard reports that it can). As soon as you insert the media, Windows looks for, and then executes the autorun information on the media. That puts you at immediate risk if that media has been infected. If you suspect issues, I actually recommend turning of auto-run on all devices, at least until you have your situation recovered and cleaned up.
So after all that, the last remaining piece of advice? Don't run anything from the infected drive. That means, essentially, don't double click on anything. Copy off your pictures and other data, taking care to avoid any program files or other executables.
And then once you have everything you want saved off of the drive, format it. This will erase all its contents, including any malware, and give you lots of room to copy whatever you like back to it.
In a case like this, I often look at the extra drive as a candidate for an external USB enclosure. That way I can plug the now extra drive into any machine I might want to.
And as a closing reminder: if that drive was the only place you were keeping your data, you haven't been backing up. Now's also a good time to consider implementing a backup strategy. That extra, empty drive you now have might be just the thing to use.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.