Using write-locked SD cards when virus hunting on Windows PCs.

Sometimes you want to check a client Windows PC that is suspected of having a virus and you want to install software that the Windows machine doesn’t have installed e.g. ProcessExplorer or SiSoft Sandra or similar as part of your preliminary checks.

You should keep  the suspect Windows PC away from the Internet so you want a safe way to quickly copy software.  Obviously this is now USB keys but all cheap USB keys I know of don’t have a “write-protect” switch. If there is a virus you want to prevent it copying itself to your USB keys else you’ll make some mistake and could end up with a Windows virus moving around your Windows test systems.

The easiest way to get a cheap write-protected USB key is to use a low cost SD card like you would use in a camera and a SD-USB adapter. Most, if not all, SD cards have a write-protect switch and SD to USB adapters are cheap. Load all your software that you expect to use onto the SD card, set the write-protect switch to lock and then plug this into  the USB adapter and then you can safely plug that into the suspect machine and start your investigations.  As far as I know the write-protect logic is part of  the SD reader so few viruses would be able to override that without a good understanding of that device driver and truthfully if you’ve got something that ingenious then a high level process view of such a Windows PC will probably find nothing amiss.