hi Guys,

Spyware/Adware, Virus's, Worms,and trojans to me all fall under the guise of Malware. And when it comes to the problems they cause for my clients there is little difference.

At one time if I couldn't get a fix on a virus I would remove the HDD from the clients machine and scan it in a test machine, and until recently I would still do this when desperate. This is untill live OS Cd's started to become more readily available.. My concern is time.. the quicker I can identify and remove the malware the sooner I can start enjoying the comming Summer.. And I am sure many would like a quicker method of getting back to the serious stuff on the net than stuffing around removing crud from their Windows PC..

I had used a couple of *nix based CD's and unfortunatly not being very literate in linux was beaten back to looking for a windows solution.. Well that was untill reading about BartPE .. For links on the subject and the feedback for plugins check out this thread ..

Basicly I saw my old idea of removing the HDD and scanning in a clean machine becoming almost the first step in the removal chain. Boot to the live CD, run a Virus scan identify the virus or run a Spyware detector . Clean machine .. see ya later sir..

Well not exactly like that in reality.. but I think we can get close to that..

The disk I am using at the moment has McAfee commandline Virus scanner, Stinger, Adaware, and a remote registry editor.. almost all that you would need? Not yet

The problems are:
You need to update the cd when ever the Virus or Adware defs update, same with stinger.
The current remote registry editors will list the local as well as the target registry
Adaware will only scan the files on the Target drive, it is unable to repair the registry or fix/replace corrupt system files.
Editing the registry on a slow XP machine can be a very slow exercise, even when you have a good idea where you need to be.
The system works best if the machine has 256Mb RAM or better.. forget it if it's got less than 100MB
Only works with the target OS., and will not work with older OS ie Win 9x, Win NT etc.

The upside is:
You don't have to open the box
Your own service hardware is not at risk
Able to kill SafeMode Malware
delete files that are normaly active ormalware protected
see all files.. easy to delete ALL files from Temp and Temp internet folders
The iso for a basic boot cd is less than 200MB

If any one ihave not yet started experimenting with this toy.. give it a go.. burn a CD-RW and play with different configs

And most importantly..If you find a plug in that will allow a malware scann and clean of a remote registry as well as seek and destroy of malware files.. Please let us know..

please note the BartPE Builder is not a panacea, the holy grail of removals.. it is a tool to help build what I feel can become a bloody helpful Tool

My thanks to Irongeek for the info he passed on.. and I apologise to the member who remineded me of BART PE.. I had the builder downloaded but had put the project a side for a few days.. well my third revision CD has now helped cleaned 6 machines in the time I would normaly clean 4 .. I was only left with the manual cleanup, and next to no safemode boots.

any contributing thoughts wellcome

All the best guys..