[SGVLUG] scanning windows systems for viruses from live-CD's

Christopher Smith x at xman.org
Sun Sep 24 13:44:00 PDT 2006


Tom Emerson wrote:
> Any thoughts?  (and yes, I did go back through the recent thread on a
> similar situation and saw Dustin's "tough love" post -- I know I've
> tried getting him to use this on a regular basis, but of course, the
> "problem" machine is one "at work"  (or is it the one he plays on-line
> web-based games that require specific active-x controls which don't work
> well with firefox?)
Linux virus scanners are not terribly sophisticated and are problematic
to use on Windows partitions. For starters, the Linux NTFS driver leaves
MUCH to be desired. Then you have the problem of removing all the magic
foo in the system registry, which Linux virus scanners were never
designed to address.

My guess is that the system has been compromised such that it is
effectively impossible to remove the virus. A lot of viruses these days
are designed merely to open a door for someone to install whatever
someone wants on your system, which is why it appears that going to the
web page is causing more viruses to be installed. Your best bet is
probably to boot off a live CD, copy and scan any data files that are
important, and then reformat and reinstall.

--Chris


More information about the SGVLUG mailing list