vmagecic Posted April 4, 2011 ID:410972 Share Posted April 4, 2011 I think that you need to offer a Live CD version that you can boot off to perform virus and rootkit scans.A "good" rootkit will go undetected by any scanner if the system it is infecting is currently running. This is where a Live CD comes in. You boot off the CD and perform a full scan. As long as the system has internet access, you can have the definitions update (everything is stored in memory) and start the scan.Norton has this option on their CD's to boot into their utilities, but Norton is a horrible scanner and only does viruses and worms.Currently, I am using BartPE to build my own BootCD and I put MBAM on it along with Combofix, in the event that one of our machines is infected.If there is also a way to run MBAM from Linux, creating a Linux Live CD is rather trivial now a days. There are already quite a few out there, Linux Defender was pretty decent, but didn't detect certain pieces of malware. There is also SystemRescueCD, but that uses ClamAV and I have had a lot of misses with ClamAV. Link to post Share on other sites More sharing options...
Staff TeMerc Posted April 6, 2011 Staff ID:412214 Share Posted April 6, 2011 HelloThis issue has been brought up many times, a forum search will show you that.At this time there is currently no development working for this issue, but it may be considered in the future.Thanks for the suggestion. Link to post Share on other sites More sharing options...
Recommended Posts