CLEO Thread, sophos boot cd in Regional Broadband Consortiums (RBC); used to be able to download a sophos boot cd from here:
Computing Services - University of Liverpool
they've since ...
18th November 2008, 01:01 PM #1
sophos boot cd
used to be able to download a sophos boot cd from here:
Computing Services - University of Liverpool
they've since come to their senses and password protected the downloads lol
sophos doesnt seem to do a boot time scan and sometimes it would be handy. maybe lancsngfl could make a similar page, that has a real-time up to date bootable sophos cd. just had to install avast to deal with some viruses at boot time on a laptop.
23rd November 2008, 02:53 PM #2
If you need to run a scan on a computer with Sophos Anti-Virus so the host operating system is not booted you could use Ubuntu. Sometimes files are locked open by the operating system or files are hiding themselves in various ways or perhaps the computer is struggling to boot properly because of the infection. This method also allows you to replace system files that have become infected with clean ones from a similar service packed machine.
AT YOUR DESK:
1. Download Ubuntu live CD .iso and burn to a CD-R
2. Copy on to USB pen (upload to a website or copy to a Windows share):
b: https://secure.sophos.com/support/up...libc.2.2.tar.Z (Enterprise Security and Control licence required)
c: the sav-script.sh file (attached to this post)
AT THE INFECTED COMPUTER:
3. Now go to the infected computer and put the CD-R in the drive and boot the machine from the CD-ROM drive. Select your language and "Try Linux..." option
NOTE: If required you can change the screen resolution by selecting from the dropdown menu at the top of the screen: System > Preferences > Screen Resolution
4. Move the three file to the Desktop of the computer (now running Ubuntu).
5. Mount the hard drive. On drop-down menu at the top of the screen select: Places > "<yourHardDriveAsItAppearsInTheList> (mine was called "6.4 GB Media"). A new icon should appear on the Desktop. Though you don't need to access the drive yourself, if you were click on the icon you should see a familiar file structure (WINDOWS folder, Program Files, Documents and Settings.. etc.)
6. Open an Terminal windows from the drop-down menu: Applications > Accessories > Terminal
7. Change directory to the Desktop: cd /home/ubuntu/Desktop
NOTE: Linux filesystem is case sensitive so "desktop" is NOT the same as "Desktop"
8. Change the user to "superuser" (administrator) by entering: sudo su
9. Enter: chmod +x sav-script.sh
10. Enter: ./sav-script.sh
The hard drive will be scanned with the arguments "-all", "-archive" and "-p". This means all files will be scanned including archive files (zips, cabs, etc.) and a log file will be created on the Desktop that you can refer to later (i.e. copy off the machine).
You could also add the argument "-remove". This will actually prompt you when a virus is detected as to whether or not you want to remove the file. Type "A" and press return. NOTE: The Terminal may not display the "A" you typed but it is there.
NOTE: It is always best, if time allows, to scan the computer first without removing any files just to see what is there. A second scan can then be performed to action the presence of the viral file(s).
Some people may feel that the instructions above are a bit fiddly. I should mention that Ubuntu is being used here as it has (1) excellent support for writing to NTFS filesystems and (2) allow you to mount USB devices and the local hard drive very easily. However (for those familiar with Unix/Linux) any other distribution of could work. There are "lighter" distros out there but they require much more Linux knowledge and may be missing vital packages.
It's worth noting that there are other ways to create a boot "CD". You could put Ubuntu on a USB pen with the additional files and simply boot off that. However not all computers support booting from USB devices and I think the method above should work on most systems. Again you could also burn the ISO to DVD and include the files but the computer may not have a DVD-ROM drive.
Hope this helps.
WARNING: Caveat Emptor. I've used this quite a few times and it works very well. However you must understand that you are attacking the OS in a way that mean ANY file can be deleted. If you were you delete core system files the machine may not boot. Backup any important files to a remote locate before scanning the drive.
23rd November 2008, 03:30 PM #3
You can also use F-Secure Rescue CD which is free and updates itself on boot
F-Secure Linux weblog Blog Archive F-Secure Rescue CD 3.00 released
23rd November 2008, 03:42 PM #4
Yeah, I use this one.
Originally Posted by somabc
25th February 2009, 11:22 PM #5
By boomam in forum Hardware
Last Post: 22nd September 2008, 05:26 PM
By rob101 in forum Hardware
Last Post: 23rd May 2008, 01:51 PM
By Jackd in forum Hardware
Last Post: 23rd January 2008, 08:35 PM
By richard in forum General Chat
Last Post: 28th February 2007, 02:32 PM
By danIT in forum Wireless Networks
Last Post: 22nd September 2006, 07:45 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)