• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Linux Spyware removal tool?

T

TiziteLayinLow

Senior member
I am a technician and tired of removing spyware that is running in teh background recreating itself. I was wondering if there is a DOS based tool or linux based that i could boot to knoppix and clean the registry and file structure with?

any info is greatly appreciated, thanks in advance, matt enderle
 
The only spyware removal tool that I am aware of is the normal install cds.

Usually the spyware gets removed when the installer repartitions and formats the partitions to get rid of the old windows install. 😛

There is anti-virus and stuff aviable for linux stuff. F-prot, Clam-av, that sort of thing. Commonly used to screen e-mail and files on file servers to help protect Windows machines from themselves. Also you can get them on various linux-based rescue cds for scanning inert windows partitions.

I don't know how well they work against spyware, though.

edit:
Another thing people do is use dd to image a Windows partition using a Linux dual boot setup. When the machines get slow, buggy, or infected you simply boot up on the small linux install and run a script to restore the original Windows image. The proccess can be very automated, were all you have to do is select a boot entry in a lilo/grub bootloader and the Linux rescue partition boots up, copies over the image, and then reboots into Windows again. All without any user intervention, all it takes is some editing of the init scripts.
 
hey sorry guys i might have not been clear about what i am wanting to do...

seeing as though some spyware biggy back off of each other, closing one .exe makes the other exe recreate the new exe and then back and forth.. in fact some spyware open 3 or more exe files. some of these exe files hide so well into windows components that you cannot isolate it. not to mention since they are running in the background windows protects them.

i simply want a tool that will be able to run in a NON windows enviroment to prevent methods like this. the windows image is a good idea, but I am talking about the fact that I work at a computer repair shop and that would be impractical.

also - spybot alone is garage.. im talking about heavily infected machines that have been scanned with adaware se, spybot 1.3, cwshredder, kazaabegone, hijack this, spysweeper and at normal bootup has spyware still..]


thanks, matt enderle
 
Originally posted by: drag
The only spyware removal tool that I am aware of is the normal install cds.

Usually the spyware gets removed when the installer repartitions and formats the partitions to get rid of the old windows install. 😛

There is anti-virus and stuff aviable for linux stuff. F-prot, Clam-av, that sort of thing. Commonly used to screen e-mail and files on file servers to help protect Windows machines from themselves. Also you can get them on various linux-based rescue cds for scanning inert windows partitions.

I don't know how well they work against spyware, though.

edit:
Another thing people do is use dd to image a Windows partition using a Linux dual boot setup. When the machines get slow, buggy, or infected you simply boot up on the small linux install and run a script to restore the original Windows image. The proccess can be very automated, were all you have to do is select a boot entry in a lilo/grub bootloader and the Linux rescue partition boots up, copies over the image, and then reboots into Windows again. All without any user intervention, all it takes is some editing of the init scripts.
Click to expand...

THAT is an excellent idea for a simple rescue distro, options to backup and restore, from which partition to which.
 
Originally posted by: TiziteLayinLow
hey sorry guys i might have not been clear about what i am wanting to do...

seeing as though some spyware biggy back off of each other, closing one .exe makes the other exe recreate the new exe and then back and forth.. in fact some spyware open 3 or more exe files. some of these exe files hide so well into windows components that you cannot isolate it. not to mention since they are running in the background windows protects them.

i simply want a tool that will be able to run in a NON windows enviroment to prevent methods like this. the windows image is a good idea, but I am talking about the fact that I work at a computer repair shop and that would be impractical.

also - spybot alone is garage.. im talking about heavily infected machines that have been scanned with adaware se, spybot 1.3, cwshredder, kazaabegone, hijack this, spysweeper and at normal bootup has spyware still..]


thanks, matt enderle
Click to expand...

Did you read my link? I don't see why a Bart's PE disc wouldn't work in this situation.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top