Anti Virus Solutions That Use Their Own Boot CD?

Anti Virus Solutions That Use Their Own Boot CD?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Anti Virus Solutions That Use Their Own Boot CD? Will 07-02-2008
Posted by Will on July 2, 2008, 1:47 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Can someone recommend an anti-virus solution that lets you build a boot CD
that will inspect the NTFS file system for trojans or viruses without any
need to boot the OS on the file system you are inspecting?

--
Will



Posted by Doug McIntyre on July 2, 2008, 3:38 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
>Can someone recommend an anti-virus solution that lets you build a boot CD
>that will inspect the NTFS file system for trojans or viruses without any
>need to boot the OS on the file system you are inspecting?

Thats not going to be too common, because its not a very effective
model for ongoing A/V protection.

You could probably do something like this by combining together
something like BartPE or WindowsPE boot disks with Clamwin so that can
you can boot (or even PXE boot) off CD and run Clamwin to scan files
on the mounted hard drive.






Posted by FromTheRafters on July 2, 2008, 4:32 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Has Clamwin now gone beyond the mostly email scanning
database? I recall that Clam's original purpose had been to
look for the types of malware that you would expect to find
in the email environment and misused as an all around scanner
by many of the open source proponents.

It shouldn't be any problem inspecting the files, but affecting
them is another matter.

>>Can someone recommend an anti-virus solution that lets you build a boot CD
>>that will inspect the NTFS file system for trojans or viruses without any
>>need to boot the OS on the file system you are inspecting?
>
> Thats not going to be too common, because its not a very effective
> model for ongoing A/V protection.
>
> You could probably do something like this by combining together
> something like BartPE or WindowsPE boot disks with Clamwin so that can
> you can boot (or even PXE boot) off CD and run Clamwin to scan files
> on the mounted hard drive.
>
>
>
>
>


Posted by Will on July 3, 2008, 2:59 am
If you were  Registered and logged in, you could reply and use other advanced thread options
>>Can someone recommend an anti-virus solution that lets you build a boot CD
>>that will inspect the NTFS file system for trojans or viruses without any
>>need to boot the OS on the file system you are inspecting?
>
> Thats not going to be too common, because its not a very effective
> model for ongoing A/V protection.

Day-to-day protection has to balance many different issues like
intrusiveness and performance on a system under use. It's very easy to
subvert modern virus checking programs with root kit viruses. The rootkit
simply rewrites kernel functions and reports back to the virus checker only
the data it wants the checker to see.

Booting from a standalone CD is the only approach that guarantees that all
files on the file system can be inspected by an OS and application that is
not under control of a trojan or rootkit. It would be an extremely good
way of checking for hidden files or folders that would otherwise be hidden
from view if the rootkit were active.

It's a shame if no anti-virus vendor has seen to create such a bootable CD.

--
Will



Posted by David H. Lipman on July 3, 2008, 6:21 am
If you were  Registered and logged in, you could reply and use other advanced thread options

>>>Can someone recommend an anti-virus solution that lets you build a boot CD
>>>that will inspect the NTFS file system for trojans or viruses without any
>>>need to boot the OS on the file system you are inspecting?

>> Thats not going to be too common, because its not a very effective
>> model for ongoing A/V protection.

| Day-to-day protection has to balance many different issues like
| intrusiveness and performance on a system under use. It's very easy to
| subvert modern virus checking programs with root kit viruses. The rootkit
| simply rewrites kernel functions and reports back to the virus checker only
| the data it wants the checker to see.

| Booting from a standalone CD is the only approach that guarantees that all
| files on the file system can be inspected by an OS and application that is
| not under control of a trojan or rootkit. It would be an extremely good
| way of checking for hidden files or folders that would otherwise be hidden
| from view if the rootkit were active.

| It's a shame if no anti-virus vendor has seen to create such a bootable CD.

| --
| Will



The problem is by nature a CDROM is Read-Only and thus can't be updated easily.
Thus, its
signature would go out of date rather rapidly.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Similar ThreadsPosted
SMB needing web filtering/anti-virus/anti-spyware/anti-spam January 25, 2006, 4:01 pm
Sample virus or bit pattern to verify anti-virus software is working? December 1, 2004, 12:47 pm
Norton Anti-Virus 5 May 10, 2005, 6:05 pm
Need help with with Norton anti virus problems March 3, 2005, 12:52 pm
Freeware Anti Virus software?? June 20, 2005, 7:42 pm
Re: Any Free Anti-Virus software? December 20, 2006, 8:22 am
Re: question about Microsoft's Anti-Virus program March 9, 2008, 5:06 pm
Second Try: Any Anti Virus Applications That Do Not Require Install to Registry? July 4, 2008, 6:56 pm
Anti-crack and anti-piracy application protection and licensing solution using code morphing July 10, 2006, 7:07 am
Very funny video clips about Security Solutions Salesguy October 27, 2006, 12:39 am

The site map in XML format XML site map

Contact Us | Privacy Policy