[plug] Anti Virus LiveCD

Chris Caston caston at arach.net.au
Wed Jun 22 10:50:13 WST 2005 

On Wed, 2005-06-22 at 10:18, Onno Benschop wrote:
> Hi all,
> 
> Going on-site each day and needing to install AVG, AdAware and SpyBot, 
> then update them, then running a full scan for each application takes 
> the better part of two hours for most machines, longer if their machine 
> is completely toast.
> 

You can use BartPE, run the mcafee command line scanner and run adaware
but it only removes the files and not the registry entries.

The problem I find with cleaning up infected machines is trying to work
out if will in fact fix all the problems or if in fact its best to do a
clean reinstall.

If you want to speed up the time it takes to clean a machine  without
using a bootcd I recommend just using msconfig to disable all the
start-up items and restarting the machine. You may need to get into the
system using safe mode to do this.

After you have finished used hijack this to remove dodgy start-up
entries.

> I imagine there is a better way using a Linux LiveCD of some description.
> 
> I've investigated ClamAV and I've been thinking about a Toms Boot Disk 
> with the command-line versions of AVG, but it all seems pretty clunky.
> 
> I need to be able to boot the CD, use it on Win95 -> WinXP (fat, vfat & 
> ntfs), be able to keep it up to date - daily if necessary, preferably so 
> simple to use that I could mail it out to a distant client and have them 
> run the software.
> 

Keeping it up to date is a problem. You find yourself burning the cd
again a couple of times a week and sometimes you forget.

> Also, while I'm at it, can someone please explain why there is a need to 
> separate out scanners for Trojan Horses, Ad-Ware and Virus infestations, 
> because I completely fail to understand why it would be that these 
> things are different from each other in any way.
> 
> 

The way I explain it to my customers is that spyware/adware usually has
a profit motive and is often blurred with installed legitimate software.

 Viruses are tiny malicious programs written by unemployed software
developers because companies like Microsoft take the market hostage and
make it difficult for people to see how using their talent for
creativity instead of destruction can have positive rewards.  

There are viruses and trojans and perform like spyware/adware and hijack
the IE startpage or active desktop for example. These are usually the
hardest to remove and often get discovered by a AVG. 

Over all I would say the best term is greyware and many AV vendors
release product that target both for example Trend Micro.
> /me keeps fingers crossed for some help and hints...

regards,
-- 
Chris Caston

Aptitude Technology
http://www.aptitudetech.com.au
ABN: 51614966828

Office: 1300 722 146
mobile: 0422 978315

[T]he entrepreneur appears in a genuinely competitive market economy as a sort of trustee whom the community 
has placed in charge of its means of production. Comparing the costs of his services with those of a bureaucratic 
state-controlled economy, our entrepreneur may be regarded as a very inexpensive public servant, one who really assumes risks, 
while the politician is apt to be answerable only to God and history. ( Economics of the Free Society (1937),Wilhelm Röpke, p. 192).

More information about the plug mailing list