4

I have a laptop that has been infected with a virus.

I am thinking of taking the disk out of the laptop, putting it into an external disk enclosure, and connecting it to a second laptop so I can run avast on it.

Is it a good idea? Can the virus be completely removed?

Graham Hill
  • 15,474
  • 37
  • 63
GabeRivers
  • 41
  • 1
  • 2

3 Answers3

4

Here's what I recommend:

  • If there is no valuable data on the disk, just wipe it and reinstall from scratch.
  • Otherwise, boot from a LiveCD (ideally one with a different OS), salvage your data, then wipe and reinstall.
  • If you cannot afford to wipe (although I can hardly imagine why that would be the case), boot from a LiveCD and try to get rid of the malware from there. The problem with this approach is that you can't be certain that it actually worked - you may have removed obvious infections, but the better ones may remain undetected.
tdammers
  • 1,776
  • 9
  • 14
  • Although the other answers offer good insight, I have to agree with tdammers. Once a system has been compromised, you can never safely trust it, 100%. In these cases I always back up what needs to be saved (and be careful with what you're backing up... for example, if you copy over the entire home folder, you have a good chance that you're backing up the virus as well) and then start from a fresh installation of your OS. – Safado Apr 27 '12 at 17:32
2

Not a good idea. The repair-ability depends on the type of infection. Viruses are less common and it's possible that the infection might be something more serious.

Sure, you can pop the infected hdd into a HD case and run an av/anti-malware software on another laptop. But you do risk the infection spreading to the new laptop. Keep in mind that there are different types of infections that may not be cleaned completely by avast or any similar solution. The safest approach is to wipe the infected hdd completely and start from scratch.

Alternatively, AV/anti-malware vendors usually offer some sort of LiveCD/PE functionality where you can use a CD/DVD/USB to boot into a known clean OS image. From this point, you'd generally run the AV/anti-malware scrubber to hopefully remove all traces of the virus/malware/trojan/spyware/etc. This is probably your best bet because you can confine the infection while you try to remove the infection or retrieve/backup data.

If you have data stored on the hdd you can't lose, then I'd recommend consulting a data recovery expert.

bangdang
  • 1,834
  • 11
  • 9
2

As bangdang says, there is a better way: use a live CD with virus scanning tools, but it is important to know what you are infected with. Getting the right removal tool for the right virus helps a lot.

There are a number of good ones available:

I would run a few on your system because one might find things another did not.

schroeder
  • 125,553
  • 55
  • 289
  • 326