Bootable Scanners - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 12-29-2005, 12:25 PM   #1 (permalink)
Newb Techie
 
Join Date: Dec 2005
Posts: 32
Default Bootable Scanners

I can do a google search for this but it won't reveal people's opinions/stories on the software so I'll post here.

Does anyone know of a (preferably free) bootable CD (linux distro, DOS, etc) that is a virus scanner, spyware scanner, rootkit scanner, and any other scanner that detects bad stuff? I need one that will scan from outside of windows that will scan for both viruses and spyware because neither Norton and AVG in conjunction with spybot and Ad-aware will find this thing.
__________________

MajorHertz is offline  
Old 12-29-2005, 01:46 PM   #2 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

I can find it. How do you know you have something? Nothing is the hidden
__________________

__________________
Osiris is offline  
Old 12-29-2005, 01:57 PM   #3 (permalink)
Newb Techie
 
Join Date: Dec 2005
Posts: 32
Default

I'm fixing a friend's machine which I'm not getting any restitution (I'm just a nice guy) so I just don't feel like doing all the SARC research I would do normally. I know this thing was really really infected as I've removed 8-12 viruses she could not find, in addition to 12 she did originally find with Norton (her Norton subscription ran out last week... funny how things work out). Also 40+ spyware/malware was removed.

There is something still hijacking her IE homepage that I can't find. Its forwarding to a local html document (c:/seure32.htm) and when I delete it, it is instantly put back. I can't see this thing in the running processes.

I know there is still other stuff on this system that AVG, Norton, Spybot, Ad-aware, and I have not found which is why I'm looking for this bootable solution. Plus if its linux, I know linux better than I remember DOS and this solution, independent of XP, may identify things faster and easier and remove them without worrying about security policies.
MajorHertz is offline  
Old 12-29-2005, 02:03 PM   #4 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

No problem

Run Adaware SE 1.6 make sure to update spyware definitions
Spybot 1.4 make sure to update spyware definitions
Microsoft Antispy Beta make sure to update spyware definitions
All Free from www.majorgeeks.com

Remove everything they find
Delete the prefetch folder C:\WINDOWS\Prefetch, this folder will come back on next reboot
Delete all cookies and TIF's
Go to Start, run, type msconfig, go to startup, disable everything except your antivirus, apply, dont reboot yet.

Now go to control panel, display, desktop, customize desktop, web, click on security and then click delete, if you dont see security, thats good, dont worry about this step then

Go into safemode
Run your spyware programs again and remove anything they find. Reboot and run the programs once more in normal mode and remove everthing they find.


Scan with Hijackthis! 1.99 and post your log here
__________________
Osiris is offline  
Old 12-29-2005, 02:09 PM   #5 (permalink)
Newb Techie
 
Join Date: Dec 2005
Posts: 32
Default

I've done all that minus Microsoft's solution and the prefetch and ran two different virus scan programs (AVG up-to-date, Norton one week old) and still have this issue. Unfortunately, the machine is not in front of me so I can't show you the hijack this log.

Regardless, I still want this bootable solution to add to my tools collection for use in a later situation, should it arise.
MajorHertz is offline  
Old 12-29-2005, 02:10 PM   #6 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

Well you need to do Microsoft also and I need to see your log. I can tell you what you have so post it here, not as an attachment, and we will get it fixed for ya
__________________
Osiris is offline  
Old 12-29-2005, 03:32 PM   #7 (permalink)
Newb Techie
 
Join Date: Dec 2005
Posts: 32
Default

Incase anyone out there reading this wants the same soltion as I do, I came accross this shell script which you can run from Knoppix bootable linux distro that will install f-prot into memory and then can scan an NTFS disk and scan and disinfect FAT disks.

PHP Code:
#
# Install f-prot - useful in combination with persistant home
#
# GPL
#
# Author: Fabian Franz <knx-f-prot@fabian-franz.de>;
#

mkdir -p $HOME/software/
cd $HOME/software/
wget [url]ftp://ftp.f-prot.com/pub/linux/fp-linux-sb.tar.gz[/url]
tar xzf fp-linux-sb.tar.gz

mkdir 
-p $HOME/man/man8
mkdir 
-p $HOME/bin

ln 
-fs $(pwd)/f-prot/f-prot.sh $HOME/bin/f-prot
ln 
-fs $(pwd)/f-prot/check-updates.sh $HOME/bin/check-updates.sh
ln 
-fs $(pwd)/f-prot/man8/f-prot.8 $HOME/man/man8/
ln -fs $(pwd)/f-prot/man8/check-updates.sh.8 $HOME/man/man8/

# Setting up Manpath & PATH for f-prot

cp $HOME/.bashrc $HOME/.bashrc.templ
cat $HOME
/.bashrc.templ grep -"export MANPATH=\$HOME/man" 
grep -"export PATH=\$HOME/bin/"$HOME/.bashrc
echo "export MANPATH=\$HOME/man/:\$MANPATH" >> $HOME/.bashrc
echo "export PATH=\$HOME/bin/:\$PATH" >> $HOME/.bashrc
rm 
-f $HOME/.bashrc.templ

# Fix pathes

cp f-prot/f-prot.sh /tmp/f-prot.$$
sed 's%/usr/local/f-prot/%'$(pwd)'/f-prot/%g' /tmp/f-prot.$$ > f-prot/f-prot.sh

cp f
-prot/check-updates.sh /tmp/f-prot.$$
sed 's%/usr/local/f-prot/%'$(pwd)'/f-prot/%g' /tmp/f-prot.$$ > f-prot/check-updates.sh
rm 
-/tmp/f-prot.$$

# cleanup

rm -f fp-linux-sb.tar.gz 
I guess this will suffice.
MajorHertz is offline  
Old 12-29-2005, 03:48 PM   #8 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

your not going to try my suggestion?
__________________
Osiris is offline  
Old 12-29-2005, 05:33 PM   #9 (permalink)
Newb Techie
 
Join Date: Dec 2005
Posts: 32
Default

Sure I will try the suggestion but, as mentioned, I do not have the machine here with me. As a result, when I try to fix it again, I would like to have my option ready incase not all of the stuff can be removed through your suggestions.

Also, as I said, I still wanted a bootable solution to add to my tools collection for use in a later situation, should it arise.

Now I have two seperate options using two seperate techniques. One or a combination of both should resolve the issue.

Regardless. I will post the output log of hijack this when I get back to the machine.
MajorHertz is offline  
Old 12-29-2005, 07:19 PM   #10 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

You need to look into ERD Commander and the Techi Tools is good that I have, it has many bootable scanners but I cant see to copy all the programs, do a search for Techi Tool Kit and download them and see if you can use it
__________________

__________________
Osiris is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 12:46 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.