General question about offline hard drive
I have several offline external hard drives (EHD) and would like to connect to them but suspect they might have a virus on them. I assume that some bugs can jump to your computer hard drive as soon as the EHD is connected. If so, when I scan them, I assume I also have to scan my entire computer?
If all of this is true, I have some hard drives with several old backups on them and need to delete much of it before starting, because there is more than a terrabyte and a lot to scan. So I assume it would be best to connect the EHD, delete unwanted files (a terrabyte or more, which takes a lot of time) and then run a scan on both the computer and the EHD?
Would appreciate a reply by someone who is up on these things, I know this will take hours and I want to cut down the hours. Just to scan my active hard drive takes hours. Thanks in advance for any reply
Comments
-
Hello,
Sorry for my reply.
I just can to think about next points around your background:
-> When you connect EHD with your main system... can be something of next:
---> If there have some of malicious files/viruses or other, which can to be with autorun-action (or simply... can to trigger execute/launch of them... or same things):
If current files known for F-Secure (under your main machine) will be detected, prevented and prompted about "active" actions, which was trying to do something wrong. Such as detected/prevented and most likely.... system will be with safe-status (such as... if it's known threats... it will be prevented.. because all executed files scanned, when real-time scanning turned ON and all work good).
---> If there have some of unknown threats for F-Secure... so.... there can be various troubles. When some of malicious files can to do something, but partly can to detected by F-Secure (payload or results of malicious actions). It's mean... that potentially.... can be troubles, but most likely.. malicious threats should be known for F-Secure during "launch" (such as.. if it's not signature-based.. maybe DeepGuard can to detected strange behavior).
-------------
With other meanings.... when malicious files comes just as "not launched" software, executable files.. such as passive ones... it's can be detected just with Full scan... or during access to folder.
It's mean... when you goes to folder, where have something malicious (but for malicious actions required launch.... ) - it's will be detected.. during scanning on access (?!). Such as... when you visit page.. it's as trigger for scanning for current files.
If there have a lot of files.. there can be too much for resources (overload).... time to scanning on access.. and can be various variants.
Sorry for my reply. Maybe I wrong understand your questions.
I think.. potentially.. you can to do next things:
-> When EHD connected... wait some minutes (for check.. if real-time scanning goes to get something as result of autorunning or other related things).
After that... before any actions for scanning full EHD.... just remove some of not important files. And after that launch a full scan.
But probably more nice.. wait during visit a folder... for check.. if during your visit/access F-Secure can to detect something.
With speedy actions with file-systems.... where a lot of new files.. or large files.. can be with various overloads for F-Secure modules (as scanning, cloud-scanning, behavior-checks and other).
Sorry again for my reply and not nice English.
-
I just wonder, and I don't know about these things, but could some sort of 'sandbox' be used to isolate the external drive, so that it can't interfere with the main computer hard drive? Or perhaps the computer could be sandboxed to protect it from the external drive? Either way, I'm sure there must be a safe method to do what you want to do, Jack.