[Multi-AV] Offline Preparation

Secure Home | Search | About

Lost Password?

Microsoft Antivirus Discussions

get this group's latest topics as an RSS feed

add this group's latest topics to your My MSN content

add this group's latest topics to your My Yahoo content

add this group's latest topics to your Google content

Subject

Author

Date

[Multi-AV] Offline Preparation

p00lb0y

06-28-2006

RE: [Multi-AV] Offline Preparation

Pan

06-28-2006

Re: [Multi-AV] Offline Preparation

David H. Lipman

06-28-2006

Posted by p00lb0y on June 28, 2006, 7:18 am

If you were Registered and logged in, you could reply and use other advanced thread options

Greetings, all.

I am looking for some expanded instructions on how to prepare the
Multi-AV utility to perform an off-line scan and clean operation. A
friend has reported they cannot connect to the Internet and can barely
boot to a functional desktop. Their browsing habits and adherence to
proactive security suggests they are likely to be infested with viruses
and malware. Target OS is Windows XP Home Edition (not sure of SP
level, probably SP1).

From my tinkering, installing on my own clean PC and grabbing all the
updates will allow for me to create a CD that contains the contents of
the C:\Multi-AV directory which I would subsequently copy to the target
PC, retaining that very directory, and running these modules in Safe
Mode. Are there additional steps?

Thanks in advance for any tips,

PB

Posted by =?Utf-8?B?UGFuZGFfbWFu?= on June 28, 2006, 10:31 am

If you were Registered and logged in, you could reply and use other advanced thread options

"p00lb0y" wrote:

> Greetings, all.

> I am looking for some expanded instructions on how to prepare the

> Multi-AV utility to perform an off-line scan and clean operation. A

> friend has reported they cannot connect to the Internet and can barely

> boot to a functional desktop. Their browsing habits and adherence to

> proactive security suggests they are likely to be infested with viruses

> and malware. Target OS is Windows XP Home Edition (not sure of SP

> level, probably SP1).

> From my tinkering, installing on my own clean PC and grabbing all the

> updates will allow for me to create a CD that contains the contents of

> the C:\Multi-AV directory which I would subsequently copy to the target

> PC, retaining that very directory, and running these modules in Safe

> Mode. Are there additional steps?

> Thanks in advance for any tips,

May the author (Dave) will tell you more , however here is what I know :

Download it on your "clean" machine . Update all the modules just like you
are going to use them . Update at least Kaspersky and McAfee . Then save the
whole folder of the Multi_AV to a CD or USB flash drive

Perform full scan on the infected machine . When the scan with David's tool
is ready you can use another tool to repair Winsock on that machine .Download
it form here and use it on the infected machine after it is clean :
http://www.spychecker.com/program/winsockxpfix.html

At the end , protected that machine :
http://pandaman.my.contact.bg/Protect_your_PC.htm

Panda_man
--
Bronze level Contributor
http://pandaman.my.contact.bg
Please , rate posts

Posted by David H. Lipman on June 28, 2006, 5:32 pm

If you were Registered and logged in, you could reply and use other advanced thread options

| Greetings, all.
|
| I am looking for some expanded instructions on how to prepare the
| Multi-AV utility to perform an off-line scan and clean operation. A
| friend has reported they cannot connect to the Internet and can barely
| boot to a functional desktop. Their browsing habits and adherence to
| proactive security suggests they are likely to be infested with viruses
| and malware. Target OS is Windows XP Home Edition (not sure of SP
| level, probably SP1).
|
| From my tinkering, installing on my own clean PC and grabbing all the
| updates will allow for me to create a CD that contains the contents of
| the C:\Multi-AV directory which I would subsequently copy to the target
| PC, retaining that very directory, and running these modules in Safe
| Mode. Are there additional steps?
|
| Thanks in advance for any tips,
|
| PB

I am the author of the Multi-AV Scanning Tool.

The PDF File has instructions for creating a DOS Boot Disk or a DOS Boot Disk
with NTFS4DOS
for booting outside the installed OS.

The *MOST* important concept is the default folder must be C:\AV-CLS it is
deliberately
hard-coded.

You can install the software on PC_B and update all AV Modules. Then you can
copy the tree
C:\AV-CLS to other media. You can use a CDROM but I suggest Read/Write media
such as a ZIP
Disk or USB Flash Drive. If you use a CDROM the files are, by definition, mared
as
Read-Only.

Copy the .\AV-CLS foler on the media to the affected "C:" drive such that you
now have
C:\AV-CLS on the affected computer. If you copied the folder from a CDROM then
you should
change the folder/file attributes from Read-Only to Read-Write.

You can gthen scan the system from within the OS of the affected system or boot
from a DOS
Boot Disk and execute that associted DOS batcgh files to run the scanner outside
the
affected computers OS.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Similar Threads	Posted
offline virus tools?	September 6, 2008, 11:11 am
URLs sent from Contacts who are offline via Windows Live Messenger 8.1	February 11, 2008, 8:02 am

The site map in XML format XML site map