From: "Will" <westes-usc@noemail.nospam>
| "Doug McIntyre" <merlyn@geeks.org> wrote in message
| news:486bd948$0$60075$8046368a@newsreader.iphouse.net...
>> "Will" <westes-usc@noemail.nospam> writes:
>>>Can someone recommend an anti-virus solution that lets you build a boot CD
>>>that will inspect the NTFS file system for trojans or viruses without any
>>>need to boot the OS on the file system you are inspecting?
>> Thats not going to be too common, because its not a very effective
>> model for ongoing A/V protection.
| Day-to-day protection has to balance many different issues like
| intrusiveness and performance on a system under use. It's very easy to
| subvert modern virus checking programs with root kit viruses. The rootkit
| simply rewrites kernel functions and reports back to the virus checker only
| the data it wants the checker to see.
| Booting from a standalone CD is the only approach that guarantees that all
| files on the file system can be inspected by an OS and application that is
| not under control of a trojan or rootkit. It would be an extremely good
| way of checking for hidden files or folders that would otherwise be hidden
| from view if the rootkit were active.
| It's a shame if no anti-virus vendor has seen to create such a bootable CD.
| --
| Will
The problem is by nature a CDROM is Read-Only and thus can't be updated easily. Thus, its
signature would go out of date rather rapidly.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV -
http://www.pctipp.ch/downloads/dl/35905.asp