Slashdot Mirror
Stand-Alone Antivirus Software?
An anonymous reader writes "I work for a company that repairs specialty devices that have an embedded Mini-ATX motherboard without a CD-ROM drive and run Windows XP Home. And while the USB flash drives we insert into them have a physical write-protect tab, we still encounter a (rather annoying) display dialog from malware/viruses to remove the write-protect so the malware can infect the flash drive. We don't remove the write-protect, obviously, but would like to offer our customers the option of removing the malware/virus without having to install any software. We would rather not install/uninstall antivirus software even for one-time use, due to various licensing issues, nor do we want to connect to the Internet to use web-based online scanners. Is there any stand-alone anti-virus/anti-malware software for Windows that can be run directly from the write-protected flash drive itself?"
Techs doing residential work live on it. Face it, nothing involved in doing a virus removal is rocket science. I had a customer who used to call me every other month to clean up their son's computer. Now the son's at college and it's someone else's goldmine.
But isn't there a risk with this whole USB-virus-scanner thing that if a computer is infected, you can't be sure that your scanner is being read and executed correctly? If the OS you're scanning is infected, the malware could be monitoring for clamwin.exe etc and running its own version, or intercepting the important IO calls. I know if I was writing a virus and wanted to take control of as many computers as possible, one of the first things I'd do would be to make it look like my virus wasn't there.
Surely the only way to really scan a computer is by booting into a guaranteed-clean OS? And even then, isn't there a risk that firmware could be compromised? Or am I just being way too paranoid?