Ishwor <[email protected]> writes:
> Ashley Maher wrote:
>> The hard drive from a badly infected windows computer has been put into
>> an external case.
>>
>> What are peoples favourite tools for inspecting files as they are
>> "rescued" from this drive. The drive is going to be attached to a Linux
>> computer. There are business files on it so we do need to get some
>> files. However we can not risk reinfecting the original windows host again.
>>
>> Thanks for any suggestions.
>
> Simple solution:
> - Download clamav and run freshclam first.
> - Scan the files on the partition.
> - Run cp/dd/mv/tar/gzip over ( {a freshly formatted disk} or {a tmp
> location, format and back} :)
>
> Its the most straight-forward solution that exist.
Yeah, that works for me too. You can use some random other Linux
supporting virus scanner, if you care to, but I wouldn't bother.
It is also advisable to ensure that an up to date virus scanner with "on
access" scanning is installed, updated and running on the Windows
machine.
You will need to check that routinely, too, given how much of the
current round of malware will disable or bypass the virus scanner.
Regards,
Daniel
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
