How do I browse a hard drive that has viruses?
Solution 1:
Using LiveCD is indeed the best and safest way. Here's why:
Effect of Autorun feature
If you're using Windows Vista or XP, you might need to disable Autorun feature, so your computer doesn't try to execute anything from the infected hard disk automatically. This Microsoft KB article says:
Starting with Windows XP SP2, AutoPlay is enabled for removable drives. This includes ZIP drives and some USB mass storage devices.
In Windows 7 this "feature" was disabled by default, and this fix was backported to Vista and XP, so if you're running Vista or earlier, you need to be fully updated or download and install this update manually. This is how Microsoft "tactfully" says that the malware from your USB disks will not run:
Users who install this update will no longer receive a setup message that prompts them to install programs that are delivered by USB flash drives. Users will have to manually install the software.
Not running anything from infecting disk is not enough
If you don't execute or view or open anything (yes, including office files!) on your infected disk, the chance of infection is very small, but still non-zero. Here are some examples of how it could happen:
-
Vulnerability in the thumbnail preview in Windows Explorer. For example, exploit Win32/CVE-2010-3970. Microsoft says:
Exploitation can occur by simply browsing to a folder containing the malicious file - no further user interaction is required.
Other vulnerabilities in Windows itself or in any of the Explorer extensions that you have installed. For example, some shell (explorer) extensions are still vulnerable to DLL Preloading remote attack.
You must remember to disconnect it from your computer if you reboot, so your computer won't try to boot from the infected disk.
Conclusion
Because of the issues outlined above, I think the safest way is to use a bootable ("live") CD, scan the disk with an antivirus, then cherry-pick the files you need and copy them selectively to other media.
Solution 2:
Ubuntu or other non-windows LiveCD will give you a lot of protection, as it would have to be multi-OS malware, so the likelihood here is negligible, but...
Various forms of malware DO have the ability to hook into lower level activity and jump from your hard disk without you thinking you have executed, viewed or opened anything - if you are running Windows, as it tries very hard to be helpful.
The examples from comments below include Stuxnet and Autorun (which should be patched anyway, in an up to date Windows) but there are others.