Posted 16 February 2010 - 10:59 AM
I am interested in becoming proficient at malware detection and removal. It seems to me that it would, in many situations, be very helpful to connect (USB, eSATA, etc) an infected drive from one computer to another computer for diagnosis and repair. This would allow editing of the infected drive's registry, scanning of its files, etc without interference from malware. I have not seen discussion about techniques for doing this, or applications to facilitate it. For example, such application could include a registry editor or scanner/repair program that would operate on the registry of the infected drive rather than that of the computer it is running on. A scanner that knew when it was looking at windows OS files even though they were not on the C: drive would help.
Is there some reason that this is not a good idea, please explain so I can learn. If such techniques are used, please direct me to the best place(s) to learn more about the tools and techniques used.