Gentoo Archives: gentoo-user

From: Mick <michaelkintzios@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Which desktop antivirus?
Date: Sun, 30 Oct 2011 12:52:11
In Reply to: Re: [gentoo-user] Which desktop antivirus? by Mick
1 On Saturday 29 Oct 2011 19:40:49 Mick wrote:
2 > On Saturday 29 Oct 2011 19:25:00 Pandu Poluan wrote:
3 > > On Oct 30, 2011 1:15 AM, "Mick" <michaelkintzios@×××××.com> wrote:
4 > > > pagefile.sys of a WinXP OS and it thinks it is a Win32:Patched-HO.
5 > >
6 > > If pagefile.sys is detected as a malware, most likely the actual malware
7 > > was once loaded into (Windows XP's) memory got swapped, and avast! picked
8 > > up its remnant. Loaded into memory doesn't mean that the malware was
9 > > active, if the Windows XP was equipped with a good antivirus.
10 >
11 > Interesting! The WinXP has Microsoft Security Essentials on it. I'll ask
12 > my wife if it picked up anything lately.
14 She can't recall any MSE reports of malware. I did check the WinXP fs for all
15 the files and registry entries that this trojan is meant to create and none
16 were present. Then I've zero'ed the pagefile and a second scan did not flag
17 anything up.
19 I also checked for a reported trojan in a Windows 7 vdi file (in virtualbox).
20 Nothing found there either. I am tempted to think that avast! is rather
21 super-sensitive. However, avast! also picked up some php files from a backed
22 up website - so this may be a worthwhile find.
24 Anyway, I can't make it integrate with kmail which was the original user
25 requirement. Tried this script but the kmail Antivirus Wizard will not pick
26 it up:
30 So I am now heading for clamav to see how that works with a Linux desktop.
32 --
33 Regards,
34 Mick


File name MIME type
signature.asc application/pgp-signature


Subject Author
Re: [gentoo-user] Which desktop antivirus? James Broadhead <jamesbroadhead@×××××.com>