Thread: Anti Virus Solutions That Use Their Own Boot CD?
View Single Post
  #7 (permalink)  
Old 07-03-2008, 08:06 PM
Will
 
Posts: n/a
Re: Anti Virus Solutions That Use Their Own Boot CD?
A well-made product of the kind I am describing contains a program to create
that boot CD on demand, from the latest updates.

It's the same model that ERD Commander uses to build new recovery boot CDs,
installing different sets of device drivers on each build.

If you have a suspect computer, you would go to the "safe" computer,
download the latest virus files, then build a new boot CD and use it the
same day to do your inspection of the infected computer.

--
Will

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:eyW2kaP3IHA.3544@TK2MSFTNGP05.phx.gbl...
> From: "Will" <westes-usc@noemail.nospam>
>
> | "Doug McIntyre" <merlyn@geeks.org> wrote in message
> | news:486bd948$0$60075$8046368a@newsreader.iphouse. net...
> >> "Will" <westes-usc@noemail.nospam> writes:
> >>>Can someone recommend an anti-virus solution that lets you build a boot
CD
> >>>that will inspect the NTFS file system for trojans or viruses without
any
> >>>need to boot the OS on the file system you are inspecting?
>
> >> Thats not going to be too common, because its not a very effective
> >> model for ongoing A/V protection.
>
> | Day-to-day protection has to balance many different issues like
> | intrusiveness and performance on a system under use. It's very easy to
> | subvert modern virus checking programs with root kit viruses. The
rootkit
> | simply rewrites kernel functions and reports back to the virus checker
only
> | the data it wants the checker to see.
>
> | Booting from a standalone CD is the only approach that guarantees that
all
> | files on the file system can be inspected by an OS and application that
is
> | not under control of a trojan or rootkit. It would be an extremely
good
> | way of checking for hidden files or folders that would otherwise be
hidden
> | from view if the rootkit were active.
>
> | It's a shame if no anti-virus vendor has seen to create such a bootable
CD.
>
> | --
> | Will
>
>
>
> The problem is by nature a CDROM is Read-Only and thus can't be updated
easily. Thus, its
> signature would go out of date rather rapidly.
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
>
>


Reply With Quote