(OT) Open Source Virus Scanner
Tom Metro
tmetro-blu-5a1Jt6qxUNc at public.gmane.org
Mon Jan 26 13:39:06 EST 2009
Bill Horne wrote:
> paul.cour1-H+0wwilmMs3R7s880joybQ at public.gmane.org wrote:
>> Ran Spy Bot and Clamwin Virus Scanners without finding anything (???)
>> Any suggestions on Open Source Virus Scanner or technique ???
>
> Download Process Explorer from the Microsoft Sysinternals site, and use
> it to find all non-MS processes running in the machine. Kill them, then
> run the virus scan.
Better yet, boot a Linux CD, and run ClamAV from that. Similarly there
are bootable Windows CDs (http://www.ubcd4win.com/) that - with some
effort - will let you run virus scanners independent of the installed OS.
The System Internals guys also have a tool called RootkitRevealer[1],
which you run on the infected OS. It compares the file system as seen
from the OS, vs. what it looks like from low-level I/O that bypasses the
OS, to reveal files that are being hidden from the OS. I don't know if
this tool is still getting much use - I see it hasn't been updated since
2006.
1. http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx
-Tom
--
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/
More information about the Discuss
mailing list