Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

USB Utility Disk


  • Please log in to reply
6 replies to this topic

#1 Michael-Anthony

Michael-Anthony

  • Banned
  • 267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:38 AM

Posted 28 November 2008 - 09:40 AM

I have made a USB utility disk that contains the following utilities:



Michael's Scanner Suite v.1.1

0 Run Mcafee Stinger
1 Run ClamWin Scanner
2 Run Avast Cleaner
3 Run DR Web CureIt
4 Run Norton Security Scan
5 Run Rogue Remover
6 Run Sophos Anti Rootkit (XP and lower only)
7 Run Hijack This
8 Run PC DeCrapifier
9 Run Process Explorer
10 Run Norton Product Remover
11 Run SmitFraudFix
12 Run CPU-Z
13 Run Rootkit Revealer (Xp and Lower Only)
14 Run ATF Cleaner
15 Run System Information for Windows
16 Remove Cool Web Search
17 Remove Vundo
18 Remove Virtumundo
19 Install MBAM
20 Exit

Your Selection(0-20):


On a 1 gig drive, it only takes up about 74MB

Any ideas of any other standalone (portable) apps that would be good on here?

--edit--
updated list

thank you garmanma

note:
To elevate in a batch file, (which is necessary for some utils) this code was helpful.. i found it last night, forgot the page i found it on.

If you wrote it, thank you...

Save this as elevate.js and place it in the same directory as your batch file. (also works in xp if you need to runas a different account)

usage:
elevate path\to\program /switches
// elevate.js -- runs target command line elevated
if (WScript.Arguments.Length >= 1) {
	Application = WScript.Arguments(0);
	Arguments = "";
	for (Index = 1; Index < WScript.Arguments.Length; Index += 1) {
		if (Index > 1) {
			Arguments += " ";
		}
		Arguments += WScript.Arguments(Index);
	}
	new ActiveXObject("Shell.Application").ShellExecute(Application, Arguments, "", "runas");
} else {
	WScript.Echo("Usage:");
	WScript.Echo("elevate Application Arguments");
}

Edited by Michael-Anthony, 28 November 2008 - 01:47 PM.


BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:04:38 AM

Posted 28 November 2008 - 12:26 PM

ATF Cleaner
http://majorgeeks.com/ATF_Cleaner_d4949.html
SIW freeware version
http://www.gtopala.com/siw-download.html
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 Michael-Anthony

Michael-Anthony
  • Topic Starter

  • Banned
  • 267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:38 AM

Posted 28 November 2008 - 07:37 PM

Just in case you actually want to make this on your own..

Create a text file called "run.bat", place it in the root of your usb disk and paste the following.
@echo off

echo Initializing Michael's Scanner Suite v.1.1
pause

:start
cls
echo  0 Run Mcafee Stinger
echo  1 Run ClamWin Scanner
echo  2 Run Avast Cleaner
echo  3 Run DR Web CureIt
echo  4 Run Norton Security Scan
echo  5 Run Rogue Remover
echo  6 Run Sophos Anti Rootkit (XP and lower only)
echo  7 Run Hijack This
echo  8 Run PC DeCrapifier
echo  9 Run Process Explorer
echo 10 Run Norton Product Remover
echo 11 Run SmitFraudFix
echo 12 Run CPU-Z
echo 13 Run Rootkit Revealer (Xp and Lower Only)
echo 14 Run ATF Cleaner
echo 15 Run System Information for Windows
echo 16 Remove Cool Web Search
echo 17 Remove Vundo
echo 18 Remove Virtumundo
echo 19 Install MBAM
echo 20 Eject USB
echo 21 Exit
echo.
set /p userinp=Your Selection(0-21):
set userinp=%userinp:~0,21%
if "%userinp%"=="0" goto 0
if "%userinp%"=="1" goto 1
if "%userinp%"=="2" goto 2
if "%userinp%"=="3" goto 3
if "%userinp%"=="4" goto 4
if "%userinp%"=="5" goto 5
if "%userinp%"=="6" goto 6
if "%userinp%"=="7" goto 7
if "%userinp%"=="8" goto 8
if "%userinp%"=="9" goto 9
if "%userinp%"=="10" goto 10
if "%userinp%"=="11" goto 11
if "%userinp%"=="12" goto 12
if "%userinp%"=="13" goto 13
if "%userinp%"=="14" goto 14
if "%userinp%"=="15" goto 15
if "%userinp%"=="16" goto 16
if "%userinp%"=="17" goto 17
if "%userinp%"=="18" goto 18
if "%userinp%"=="19" goto 19
if "%userinp%"=="20" goto 20
if "%userinp%"=="21" goto 21

cls
echo invalid choice
goto start


:0
cls
echo Starting Stinger...
elevate programs\stinger\stinger.exe
echo Done
goto start


:1
cls
echo Initializing ClamWin Scanner...
echo.
elevate "\Programs\ClamWinPortable\ClamWinPortable.exe"
echo Done.
goto start


:2
cls
echo Starting Avast Virus Cleaner...
elevate "Programs\Avast\aswclnr.exe"
echo Done.
goto start


:3
cls 
echo Starting DR. Web CureIt
elevate "Programs\Cureit\launch.exe"
echo Done.
goto start


:4
cls
echo Starting Norton Security Scan...
elevate "Programs\Norton Security Scan\Nss.exe"
echo Done.
goto start


:5
cls
echo Starting Rogue Remover
elevate "Programs\RogueRemover\RogueRemover.exe"
echo Done.
goto start


:6
cls
echo Starting Sophos Anti-Rootkit (xp and lower only)
elevate "Programs\Sophos\sargui.exe"
echo Done.
goto start



:7
cls
echo Starting Hijack This
elevate "Programs\hijackthis\HijackThis.exe"
echo Done.
goto start



:8
cls
echo Starting DeCrapper
elevate "Programs\DeCrap\DeCrap.exe"
echo Done
goto start


:9
cls
echo Starting Process Explorer
elevate "Programs\Procxp\procexp.exe"
echo Done.
goto start


:10
cls
echo starting Norton Removal Tool
echo Make sure you have any Norton Licenses backed up
elevate "Programs\Norton\NRT.exe"
echo Done.
goto start


:11
cls
echo Starting SmitFraudFix
elevate "Programs\SFF\SmitfraudFix.exe"
echo Done.
goto start


:12
cls
echo Starting CPU-Z
elevate "Programs\cpuz\cpuz.exe"
echo Done.
goto start

:13
cls
Echo !Warning! This program is NOT designed for Vista or later.
echo Are you sure you want to run this program?
echo.
echo 0: No
echo 1: Yes
echo.
set /p userinp=Your Selection(0-1):
set userinp=%userinp:~0,3%
if "%userinp%"=="0" goto no
if "%userinp%"=="1" goto yes
cls
echo invalid choice
goto 13

:yes
cls
echo Starting Rootkit Revealer
elevate "Programs\RKIT\RootkitRevealer.exe"
echo Done.
goto start
:no
cls 
echo Cancelling...
goto start


:14
cls
echo Starting ATF Cleaner
elevate "Programs\ATF\ATF-Cleaner.exe"
echo Done.
goto start


:15
cls
echo Starting System Information for Windows
elevate "Programs\SIW\siw.exe"
echo Done.
goto start


:16
cls
echo Starting CoolWebShredder
elevate "Programs\CWS\cwshredder.exe"
echo Done.
goto start


:17
cls
echo Starting VundoFix
elevate "Programs\VRMV\VundoFix.exe"
echo Done.
goto start


:18
cls
@echo on
copy "Programs\VRMV\VirtumundoBeGone.exe" %userprofile%\desktop
@echo off
echo.
echo Please restart in safe mode (restart, then tap the f8 key until you see a menu) to run the scan from the desktop.
echo.
pause
goto start


:19
cls
echo Starting MBAM Installer
elevate "installs\mbam.exe"
echo done
goto start


:20
cls
echo Exiting...
echo.
echo Please wait for the notification before removing USB.
echo.
"Programs\eject\EjectUSB.exe"

:21


#4 Michael-Anthony

Michael-Anthony
  • Topic Starter

  • Banned
  • 267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:38 AM

Posted 28 November 2008 - 07:41 PM

the file structure would go as follows

root disk

run.bat
autorun.ini
programs (folder)
installs (folder)
icon.ico
elevate.js (noted in first post)


the installs folder contains malwarebytes' anti malware installer renamed to MBAM.exe


the contents of the programs folder are as follows (may be too long to post here)

Directory of H:\Programs

11/28/2008  12:17 AM	<DIR>		  .
11/28/2008  12:17 AM	<DIR>		  ..
11/28/2008  12:06 AM	<DIR>		  Avast
11/28/2008  12:02 AM	<DIR>		  Cureit
11/27/2008  11:47 PM	<DIR>		  Norton Security Scan
11/26/2008  07:31 PM	<DIR>		  stinger
11/26/2008  07:28 PM	<DIR>		  ClamWinPortable
11/27/2008  11:59 PM	<DIR>		  Sophos
11/27/2008  11:55 PM	<DIR>		  RogueRemover
11/28/2008  12:30 AM	<DIR>		  Procxp
11/28/2008  09:01 AM	<DIR>		  hijackthis
11/28/2008  09:10 AM	<DIR>		  DeCrap
11/28/2008  11:25 AM	<DIR>		  Norton
11/28/2008  11:28 AM	<DIR>		  SFF
11/27/2008  10:17 AM	<DIR>		  cpuz
11/28/2008  12:25 PM	<DIR>		  CWS
11/28/2008  12:28 PM	<DIR>		  RKIT
11/28/2008  12:56 PM	<DIR>		  ATF
11/28/2008  12:58 PM	<DIR>		  SIW
11/28/2008  01:34 PM	<DIR>		  VRMV
11/28/2008  02:20 PM	<DIR>		  eject
11/28/2008  07:39 PM				 0 dir.txt
			   1 File(s)			  0 bytes

 Directory of H:\Programs\Avast

11/28/2008  12:06 AM	<DIR>		  .
11/28/2008  12:06 AM	<DIR>		  ..
11/28/2008  12:06 AM		   407,680 aswclnr.exe
			   1 File(s)		407,680 bytes

 Directory of H:\Programs\Cureit

11/28/2008  12:02 AM	<DIR>		  .
11/28/2008  12:02 AM	<DIR>		  ..
11/28/2008  12:03 AM		12,443,056 launch.exe
			   1 File(s)	 12,443,056 bytes

 Directory of H:\Programs\Norton Security Scan

11/27/2008  11:48 PM	<DIR>		  .
11/27/2008  11:48 PM	<DIR>		  ..
01/04/2008  09:21 PM		   621,928 ccL70U.dll
01/04/2008  09:12 PM		   370,024 ccScanw.dll
01/04/2008  09:12 PM		   120,680 ccVrTrst.dll
07/18/2007  01:44 PM		 1,291,616 dec_abi.dll
02/13/2008  05:36 PM		   632,184 DefUtDCD.dll
08/08/2006  05:16 PM			43,176 ecmldr32.dll
06/28/2008  03:44 AM			27,348 help.htm
12/01/2006  10:03 PM			 1,869 Microsoft.VC80.CRT.manifest
10/13/2006  01:15 PM		   321,152 msl.dll
12/01/2006  10:03 PM		   548,864 msvcp80.dll
12/01/2006  10:03 PM		   626,688 msvcr80.dll
09/19/2008  04:18 AM		   777,584 Nss.exe
02/13/2008  03:54 PM			39,808 patch25d.dll
09/11/2008  01:02 AM		   904,024 SAUpdt.dll
09/11/2008  01:02 AM		   301,400 ScanCore.dll
09/19/2008  04:18 AM		   766,320 ScanRes.dll
09/19/2008  04:18 AM		   615,280 SKURes.dll
06/17/2008  01:56 AM		 1,874,776 SymHTML.dll
			  18 File(s)	  9,884,721 bytes

 Directory of H:\Programs\stinger

11/26/2008  07:31 PM	<DIR>		  .
11/26/2008  07:31 PM	<DIR>		  ..
11/26/2008  05:42 PM		 2,747,911 stinger.exe
11/28/2008  08:32 AM				27 stinger.opt
			   2 File(s)	  2,747,938 bytes

 Directory of H:\Programs\ClamWinPortable

11/26/2008  07:28 PM	<DIR>		  .
11/26/2008  07:28 PM	<DIR>		  ..
09/09/2008  10:16 PM		   117,424 ClamWinPortable.exe
11/10/2008  03:07 PM			 5,568 help.html
11/26/2008  07:28 PM	<DIR>		  App
11/26/2008  07:28 PM	<DIR>		  Other
11/26/2008  07:28 PM	<DIR>		  Data
11/28/2008  12:19 AM	<DIR>		  me
			   2 File(s)		122,992 bytes

 Directory of H:\Programs\ClamWinPortable\App

11/26/2008  07:28 PM	<DIR>		  .
11/26/2008  07:28 PM	<DIR>		  ..
11/26/2008  07:28 PM	<DIR>		  AppInfo
11/26/2008  07:28 PM	<DIR>		  DefaultData
11/26/2008  07:28 PM	<DIR>		  clamwin
			   0 File(s)			  0 bytes

 Directory of H:\Programs\ClamWinPortable\App\AppInfo

11/26/2008  07:28 PM	<DIR>		  .
11/26/2008  07:28 PM	<DIR>		  ..
09/09/2008  10:04 PM			22,486 appicon.ico
11/10/2008  03:08 PM			   547 appinfo.ini
			   2 File(s)		 23,033 bytes

 Directory of H:\Programs\ClamWinPortable\App\DefaultData

11/26/2008  07:28 PM	<DIR>		  .
11/26/2008  07:28 PM	<DIR>		  ..
11/26/2008  07:28 PM	<DIR>		  settings
			   0 File(s)			  0 bytes

 Directory of H:\Programs\ClamWinPortable\App\DefaultData\settings

11/26/2008  07:28 PM	<DIR>		  .
11/26/2008  07:28 PM	<DIR>		  ..
07/25/2007  01:29 PM			 1,310 ClamWin.conf
			   1 File(s)		  1,310 bytes

 Directory of H:\Programs\ClamWinPortable\App\clamwin

11/26/2008  07:28 PM	<DIR>		  .
11/26/2008  07:28 PM	<DIR>		  ..
11/26/2008  07:28 PM	<DIR>		  bin
11/26/2008  07:28 PM	<DIR>		  lib
			   0 File(s)			  0 bytes

 Directory of H:\Programs\ClamWinPortable\App\clamwin\bin

11/26/2008  07:28 PM	<DIR>		  .
11/26/2008  07:28 PM	<DIR>		  ..
11/09/2008  10:20 AM			45,568 ClamTray.exe
11/09/2008  10:20 AM			35,840 ClamWin.exe
03/23/2008  11:39 AM			 1,868 Microsoft.VC80.CRT.manifest
11/09/2008  10:20 AM			33,792 WClose.exe
11/04/2008  01:27 PM			46,592 clamscan.exe
11/04/2008  01:26 PM			72,704 freshclam.exe
11/04/2008  01:26 PM		   353,280 libclamav.dll
11/04/2008  01:24 PM			27,136 libclamunrar.dll
11/04/2008  01:24 PM			12,288 libclamunrar_iface.dll
03/19/2008  02:31 AM		   251,551 manual.chm
03/19/2008  02:35 AM		   480,378 manual_en.pdf
03/23/2008  11:39 AM		   479,232 msvcm80.dll
03/23/2008  11:39 AM		   548,864 msvcp80.dll
03/23/2008  11:39 AM		   626,688 msvcr80.dll
06/14/2008  11:13 AM			 9,216 pyc.pyd
02/08/2005  05:23 PM		   368,640 python23.dll
11/04/2008  01:26 PM			64,512 sigtool.exe
05/25/2004  09:18 PM			 3,584 w9xpopen.exe
11/26/2008  07:28 PM	<DIR>		  img
11/26/2008  08:01 PM			24,576 ScheduledScans
			  19 File(s)	  3,486,309 bytes

 Directory of H:\Programs\ClamWinPortable\App\clamwin\bin\img

11/26/2008  07:28 PM	<DIR>		  .
11/26/2008  07:28 PM	<DIR>		  ..
09/05/2008  03:28 AM			 7,476 ClamAV.png
09/05/2008  03:28 AM			   898 Control.png
09/05/2008  03:28 AM			26,014 FrameIcon.ico
09/05/2008  03:28 AM			   597 ListScan.png
09/05/2008  03:28 AM			 1,542 Scan.png
09/05/2008  03:28 AM			 1,378 ScanMem.png
09/05/2008  03:28 AM		   113,568 Splash.bmp
09/05/2008  03:28 AM			 5,010 Title.png
09/05/2008  03:28 AM			 2,862 TrayIcon.ico
09/05/2008  03:28 AM			 1,985 World.png
09/05/2008  03:28 AM			19,209 clamwin.png
09/05/2008  03:28 AM			 3,382 netfarm.png
			  12 File(s)		183,921 bytes

 Directory of H:\Programs\ClamWinPortable\App\clamwin\lib

11/26/2008  07:28 PM	<DIR>		  .
11/26/2008  07:28 PM	<DIR>		  ..
05/25/2004  09:17 PM		   262,656 _bsddb.pyd
01/15/2004  02:45 PM			21,504 _ctypes.pyd
05/25/2004  09:18 PM			16,896 _socket.pyd
05/25/2004  09:18 PM			18,432 _sre.pyd
05/25/2004  09:18 PM		   196,608 _ssl.pyd
05/25/2004  09:20 PM			11,264 _winreg.pyd
11/10/2008  01:44 PM		 1,675,815 clamwin.zip
05/25/2004  09:19 PM			17,408 datetime.pyd
11/20/2004  03:27 AM			12,800 exchange.pyd
11/20/2004  03:27 AM			11,264 exchdapi.pyd
10/01/2003  01:40 PM			71,168 gizmosc.pyd
10/01/2003  01:40 PM			35,840 htmlc.pyd
11/20/2004  03:27 AM			23,552 mapi.pyd
08/10/2003  09:14 AM			17,920 mxDateTime.pyd
10/11/2004  08:22 PM		   104,960 pythoncom23.dll
10/11/2004  08:21 PM			40,960 pywintypes23.dll
11/20/2004  03:27 AM			29,184 shell.pyd
05/25/2004  09:20 PM		   169,984 unicodedata.pyd
05/25/2004  09:18 PM			 3,584 w9xpopen.exe
11/20/2004  03:27 AM			21,504 win32api.pyd
11/20/2004  03:27 AM			 6,656 win32clipboard.pyd
11/20/2004  03:27 AM			 5,632 win32event.pyd
11/20/2004  03:27 AM			20,992 win32file.pyd
11/20/2004  03:27 AM			25,088 win32gui.pyd
11/20/2004  03:27 AM			 7,680 win32pipe.pyd
11/20/2004  03:27 AM			11,264 win32process.pyd
11/20/2004  03:27 AM			19,456 win32security.pyd
11/20/2004  03:27 AM			 5,632 win32trace.pyd
10/01/2003  01:40 PM		   366,592 wxc.pyd
10/01/2003  11:43 AM		 1,475,072 wxmsw24h.dll
05/25/2004  09:20 PM			23,552 zlib.pyd
			  31 File(s)	  4,730,919 bytes

 Directory of H:\Programs\ClamWinPortable\Other

11/26/2008  07:28 PM	<DIR>		  .
11/26/2008  07:28 PM	<DIR>		  ..
11/26/2008  07:28 PM	<DIR>		  Help
11/26/2008  07:28 PM	<DIR>		  Source
			   0 File(s)			  0 bytes

 Directory of H:\Programs\ClamWinPortable\Other\Help

11/26/2008  07:28 PM	<DIR>		  .
11/26/2008  07:28 PM	<DIR>		  ..
11/26/2008  07:28 PM	<DIR>		  images
			   0 File(s)			  0 bytes

 Directory of H:\Programs\ClamWinPortable\Other\Help\images

11/26/2008  07:28 PM	<DIR>		  .
11/26/2008  07:28 PM	<DIR>		  ..
10/22/2007  10:46 AM			 2,396 donation_button.png
10/22/2007  10:40 AM			 2,550 favicon.ico
10/22/2007  11:14 AM			   216 help_background_footer.png
10/22/2007  11:09 AM			   283 help_background_header.png
10/22/2007  11:06 AM			 8,576 help_logo_top.png
			   5 File(s)		 14,021 bytes

 Directory of H:\Programs\ClamWinPortable\Other\Source

11/26/2008  07:28 PM	<DIR>		  .
11/26/2008  07:28 PM	<DIR>		  ..
01/22/2008  04:25 PM				86 AppSource.txt
07/25/2007  01:30 PM			   464 ClamWinPortable.ini
04/21/2008  09:39 PM			49,375 ClamWinPortable.jpg
09/09/2008  10:16 PM			 9,617 ClamWinPortable.nsi
08/15/2008  07:11 AM			   957 GetParametersUnicode.nsh
11/29/2005  04:58 PM			18,322 License.txt
10/22/2007  10:30 AM			52,574 PortableApps.comInstaller.bmp
09/09/2008  10:31 PM			18,978 PortableApps.comInstaller.nsi
11/10/2008  03:08 PM			 5,947 PortableApps.comInstallerConfig.nsh
12/20/2007  06:50 PM			   936 PortableApps.comInstallerLANG_ENGLISH.nsh
06/17/2008  03:05 PM			 1,230 PortableApps.comLauncherLANG_ENGLISH.nsh
07/19/2008  09:34 PM			 1,130 ReadINIStrWithDefault.nsh
09/09/2008  10:17 PM			 3,763 Readme.txt
			  13 File(s)		163,379 bytes

 Directory of H:\Programs\ClamWinPortable\Data

11/26/2008  07:28 PM	<DIR>		  .
11/26/2008  07:28 PM	<DIR>		  ..
11/26/2008  07:38 PM	<DIR>		  settings
11/26/2008  07:38 PM	<DIR>		  db
11/26/2008  07:38 PM	<DIR>		  log
11/26/2008  07:38 PM	<DIR>		  quarantine
			   0 File(s)			  0 bytes

 Directory of H:\Programs\ClamWinPortable\Data\settings

11/26/2008  07:38 PM	<DIR>		  .
11/26/2008  07:38 PM	<DIR>		  ..
11/28/2008  12:49 AM			 1,333 ClamWin.conf
			   1 File(s)		  1,333 bytes

 Directory of H:\Programs\ClamWinPortable\Data\db

11/26/2008  07:38 PM	<DIR>		  .
11/26/2008  07:38 PM	<DIR>		  ..
11/26/2008  07:39 PM		18,462,921 main.cvd
11/27/2008  01:28 AM			   104 mirrors.dat
11/26/2008  09:46 PM		 2,009,600 daily.cld
			   3 File(s)	 20,472,625 bytes

 Directory of H:\Programs\ClamWinPortable\Data\log

11/26/2008  07:38 PM	<DIR>		  .
11/26/2008  07:38 PM	<DIR>		  ..
11/26/2008  08:00 PM			   920 ClamUpdateLog.txt
11/26/2008  07:44 PM			   595 ClamScanLog.txt
			   2 File(s)		  1,515 bytes

 Directory of H:\Programs\ClamWinPortable\Data\quarantine

11/26/2008  07:38 PM	<DIR>		  .
11/26/2008  07:38 PM	<DIR>		  ..
			   0 File(s)			  0 bytes

 Directory of H:\Programs\ClamWinPortable\me

11/28/2008  12:19 AM	<DIR>		  .
11/28/2008  12:19 AM	<DIR>		  ..
11/26/2008  08:08 PM			   318 config.cfg
			   1 File(s)			318 bytes

 Directory of H:\Programs\Sophos

11/27/2008  11:59 PM	<DIR>		  .
11/27/2008  11:59 PM	<DIR>		  ..
08/14/2007  08:12 AM			53,248 helper.exe
08/14/2007  08:12 AM			 5,760 MEMSWEEP.sys
08/14/2007  08:12 AM		   131,072 sar1.dll
08/14/2007  08:12 AM			53,248 sar2.dll
08/14/2007  08:12 AM		   131,072 sar3.dll
08/14/2007  08:12 AM		   126,976 sar4.dll
08/14/2007  08:11 AM		   954,368 sar5.dll
08/14/2007  08:12 AM			81,920 sar6.dll
08/14/2007  08:12 AM		   159,744 sarcli.exe
08/14/2007  07:41 AM			   181 sargui.cnt
08/14/2007  08:13 AM		   425,984 sargui.exe
08/14/2007  08:12 AM			 8,126 SARGUI.HLP
08/14/2007  08:12 AM			18,816 savrkboottasks.sys
02/06/2008  04:16 PM			82,096 vdl.dat
03/22/2007  08:46 AM			 2,870 readsar.txt
03/08/2007  12:23 PM		   256,018 sarman.pdf
			  16 File(s)	  2,491,499 bytes

 Directory of H:\Programs\RogueRemover

11/27/2008  11:55 PM	<DIR>		  .
11/27/2008  11:55 PM	<DIR>		  ..
11/27/2008  11:55 PM			 1,262 unins000.dat
11/27/2008  11:54 PM		   691,481 unins000.exe
02/24/2008  02:53 PM		   266,240 RogueRemover.exe
02/23/2008  03:53 PM			40,640 RogueRemover.dll
02/23/2008  03:53 PM			57,536 zlib.dll
11/04/2006  09:42 PM		   608,448 COMCTL32.OCX
12/27/2006  08:42 PM			 4,049 License.txt
01/04/2007  02:37 PM			18,830 manual.chm
11/28/2008  12:55 AM			81,164 rules.dat
			   9 File(s)	  1,769,650 bytes

 Directory of H:\Programs\Procxp

11/28/2008  12:30 AM	<DIR>		  .
11/28/2008  12:30 AM	<DIR>		  ..
11/26/2008  08:43 AM		 3,549,552 procexp.exe
			   1 File(s)	  3,549,552 bytes

 Directory of H:\Programs\hijackthis

11/28/2008  09:01 AM	<DIR>		  .
11/28/2008  09:01 AM	<DIR>		  ..
06/28/2007  02:36 PM		   401,720 HijackThis.exe
			   1 File(s)		401,720 bytes

 Directory of H:\Programs\DeCrap

11/28/2008  09:10 AM	<DIR>		  .
11/28/2008  09:10 AM	<DIR>		  ..
11/28/2008  09:07 AM		 1,656,933 DeCrap.exe
			   1 File(s)	  1,656,933 bytes

 Directory of H:\Programs\Norton

11/28/2008  11:25 AM	<DIR>		  .
11/28/2008  11:25 AM	<DIR>		  ..
11/28/2008  11:24 AM		 2,428,928 NRT.exe
			   1 File(s)	  2,428,928 bytes

 Directory of H:\Programs\SFF

11/28/2008  11:28 AM	<DIR>		  .
11/28/2008  11:28 AM	<DIR>		  ..
11/27/2008  12:40 PM		 1,581,780 SmitfraudFix.exe
			   1 File(s)	  1,581,780 bytes

 Directory of H:\Programs\cpuz

11/28/2008  11:33 AM	<DIR>		  .
11/28/2008  11:33 AM	<DIR>		  ..
10/15/2008  09:06 PM			14,307 cpuz-readme.txt
10/15/2008  09:04 PM		 1,499,136 cpuz.exe
10/07/2008  08:49 PM			   180 cpuz.ini
			   3 File(s)	  1,513,623 bytes

 Directory of H:\Programs\CWS

11/28/2008  12:25 PM	<DIR>		  .
11/28/2008  12:25 PM	<DIR>		  ..
11/28/2008  12:24 PM		   532,480 cwshredder.exe
			   1 File(s)		532,480 bytes

 Directory of H:\Programs\RKIT

11/28/2008  12:28 PM	<DIR>		  .
11/28/2008  12:28 PM	<DIR>		  ..
12/07/2005  02:19 PM		   102,160 RootkitRevealer.chm
11/01/2006  01:07 PM		   334,720 RootkitRevealer.exe
07/28/2006  08:32 AM			 7,005 Eula.txt
			   3 File(s)		443,885 bytes

 Directory of H:\Programs\ATF

11/28/2008  12:56 PM	<DIR>		  .
11/28/2008  12:56 PM	<DIR>		  ..
11/28/2008  12:55 PM			50,688 ATF-Cleaner.exe
			   1 File(s)		 50,688 bytes

 Directory of H:\Programs\SIW

11/28/2008  12:58 PM	<DIR>		  .
11/28/2008  12:58 PM	<DIR>		  ..
11/28/2008  12:55 PM		 1,539,072 siw.exe
			   1 File(s)	  1,539,072 bytes

 Directory of H:\Programs\VRMV

11/28/2008  01:34 PM	<DIR>		  .
11/28/2008  01:34 PM	<DIR>		  ..
11/28/2008  01:33 PM		   119,808 VundoFix.exe
11/28/2008  01:40 PM			96,978 VirtumundoBeGone.exe
			   2 File(s)		216,786 bytes

 Directory of H:\Programs\eject

11/28/2008  02:20 PM	<DIR>		  .
11/28/2008  02:20 PM	<DIR>		  ..
07/20/2008  10:04 AM			15,832 EjectUSB.txt
07/18/2008  02:16 PM			   290 EjectUSB.ini
07/20/2008  09:44 AM		   267,743 EjectUSB.exe
			   3 File(s)		283,865 bytes

	 Total Files Listed:
			 159 File(s)	 73,145,531 bytes
			 113 Dir(s)	 949,387,264 bytes free

Edited by Michael-Anthony, 28 November 2008 - 07:43 PM.


#5 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:38 AM

Posted 28 November 2008 - 08:03 PM

Hello Michael-Anthony.

Which of those programs requires "elevated" priviledges?

Vundofix and Virtumondebegone are no longer being updated.

With Regards,
The Panda

#6 Michael-Anthony

Michael-Anthony
  • Topic Starter

  • Banned
  • 267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:38 AM

Posted 29 November 2008 - 12:35 AM

rogue revealer cannot update unless its elevated, so i just threw it in there on all of em for good measure.

those others are in there for extra usage as well (a bit overkill i would say, but hey, it could come in handy sometime)
Have any ideas for updates for the vundo and virtumunto then??

Edited by Michael-Anthony, 29 November 2008 - 12:36 AM.


#7 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:38 AM

Posted 29 November 2008 - 09:40 AM

Hello Michael-Anthony.

Have any ideas for updates for the vundo and virtumunto

MBAM takes care of Vundo nicely.

With Regards,
The Panda




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users