 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Tom Metro wrote: > Bill Horne wrote: > >> paul.cour1-H+0wwilmMs3R7s880joybQ at public.gmane.org wrote: >> >>> Ran Spy Bot and Clamwin Virus Scanners without finding anything (???) >>> Any suggestions on Open Source Virus Scanner or technique ??? >>> >> Download Process Explorer from the Microsoft Sysinternals site, and use >> it to find all non-MS processes running in the machine. Kill them, then >> run the virus scan. >> > > Better yet, boot a Linux CD, and run ClamAV from that. Similarly there > are bootable Windows CDs (http://www.ubcd4win.com/) that - with some > effort - will let you run virus scanners independent of the installed OS. > I didn't know Linux could write to the NTFS file system: is that possible now, or is ClamAV only able to ID viruses on NTFS disks, but not fix them? > The System Internals guys also have a tool called RootkitRevealer[1], > which you run on the infected OS. It compares the file system as seen > from the OS, vs. what it looks like from low-level I/O that bypasses the > OS, to reveal files that are being hidden from the OS. I don't know if > this tool is still getting much use - I see it hasn't been updated since > 2006. > > 1. http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx > That's good to know. I'll add that to my av bag-o-tricks. Bill -- E. William Horne William Warren Consulting Computer & Network Installations, Security, and Service http://william-warren.com 781-784-7287
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
