[ale] OT: offline malware removal tool for windoze

Brian nym.bnm at gmail.com
Mon Aug 13 14:19:01 EDT 2007


Might I suggest creating a BartPE CD-ROM with McAfee and SpyBot installed on it?

(you can later try getting it to work via network boot, but let's
disinfect first)

BartPE: http://www.nu2.nu/pebuilder
SpyBot Search & Destroy: http://www.safer-networking.org/en/home/index.html
McAfee: http://www.bootcd.us/BartPE_Plugin_Details/124/Mcafee-Ramdisk+Autoupdater.html

With the Sherpya McAfee plugin, you can do updates if you have network
support loaded into BartPE.

Under the pebuilderXXX/plugins directory, you'll see SPYBOTSD.  The
.htm file there will describe what files you need to copy from the
SpyBot installation to make it work in PE.  This will also let you do
updates from the PE eniviroment (to RAM only, but, it updates).

You can expand BartPE as needed, and even make it work off of network
boots and USB keys.

bnm



On 8/13/07, Sid Lane <jakes.dad at gmail.com> wrote:
> pls don't flame me for asking this but...
>
> one of my son's teachers asked me to look at her laptop which I would
> ordinarily NEVER do but she is a teacher & her son is one of mine's friends.
>
> anyhoos, I booted it (off our network naturally) and am running what tools
> it has on it (M$ & Brave-Sentry?) but the BS thing won't remove anything w/o
> activating (paying) & apparently M$'s won't work offline.
>
> this thing is owned bigtime to the point I'm afraid to plug it into my
> network at home (forget about work) for fear it could be a pron zombie
> (which happened to someone I know in '03 & they're still dealing w/the legal
> fallout but at least aren't in prison - yet...) - I don't have any specific
> reason to suspect it is other than Brave-Sentry(?) has found 67 pieces of
> malware on this thing, several of which are zombie-warz.  I could/would
> install other/better tools but I'm afraid to connect this thing to the net.
>
> does anyone know of any malware removal tools I could run from a CD/offline
> (ideally booting from it as well)?
>
> I'll tell her to get legit anti-virus/etc but at this point I don't trust
> anything that's running from within windoze to fix the problem.
>
> thanks for any advice!
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
>



More information about the Ale mailing list