Anyone use a U3 flashdrive loaded with an antivirus program to check multiple pc's for viruses? I'm sure it can do a file scan but can it check the registry? I would imagine that the pc's drives will show up on the flashdrive and one could select which drives to scan. But my guess is that the registry of that pc will not be scanned. Anyone know for sure?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
U3 Technology 3
- Thread starter macten88
- Start date
-
2
- #2
U3 drives run from within Windows so, yes, the registry is scanned. We use U3 drives for this very purpose as they are easier to keep up to date than CD's.
The downside of using U3's is:-
- having to generate a unique GUID for updates of the same product.
- heavily infected PC's often have difficulty running the U3 auto-boot utility due to the amount of CPU cycles used by malware processes.
- U3 auto-boot is slow to create the menu, even on un-infected PC's.
- U3 menus are not sorted alphabetically automatically nor can groups be created. As a result it can be a right pain trying to find a specific utility if you have a lot installed on the U3 stick.
I'm currently evaluating dual-purpose USB sticks which can autoboot into XP run from the USB stick itself or, when used from within Windows, will autorun PStart.exe to pop up a menu of anti-malware tools.
The advantage of this is that:
- anti-malware tools can be kept up-to-date without having to amend U3 manifest files or generate new GUID's each time.
- a PStart.exe menu is far faster to execute than using U3.
- PStart allows the use of groups.
- Sorting can be carried by drag'n'drop quickly.
Hope this info helps...
The downside of using U3's is:-
- having to generate a unique GUID for updates of the same product.
- heavily infected PC's often have difficulty running the U3 auto-boot utility due to the amount of CPU cycles used by malware processes.
- U3 auto-boot is slow to create the menu, even on un-infected PC's.
- U3 menus are not sorted alphabetically automatically nor can groups be created. As a result it can be a right pain trying to find a specific utility if you have a lot installed on the U3 stick.
I'm currently evaluating dual-purpose USB sticks which can autoboot into XP run from the USB stick itself or, when used from within Windows, will autorun PStart.exe to pop up a menu of anti-malware tools.
The advantage of this is that:
- anti-malware tools can be kept up-to-date without having to amend U3 manifest files or generate new GUID's each time.
- a PStart.exe menu is far faster to execute than using U3.
- PStart allows the use of groups.
- Sorting can be carried by drag'n'drop quickly.
Hope this info helps...
- Thread starter
- #3
I've been using it that way for quite a while. I also keep Firefox & Thunderbird installed so I can usually get online if there's a problem. And of course, the usual tools & utilities on the "drive" ready for local installation.
As an FYI - these U3 drives won't run applications easily on Vista.
As an FYI - these U3 drives won't run applications easily on Vista.
- Thread starter
- #5
I bought a 2G Sandisk U3 flashdrive today and ran Avast Antivirus. It found a trojan called ssstbar.dll on the host machine. I was given two choices:
'skip and continue'
'eject the flashdrive'
No choice to delete or quarantine the trojan horse. What gives here?
'skip and continue'
'eject the flashdrive'
No choice to delete or quarantine the trojan horse. What gives here?
- Thread starter
- #6
- Thread starter
- #7
looks like Avast on this little flashdrive nailed that ssstbar.dll.
I ran: Avast from the laptop, SpySweeper, A trial copy of TrojanHunter and CounterSpy. Those 4 applications couldn't even find it.
I'm really impressed with this flashdrive....
I ran: Avast from the laptop, SpySweeper, A trial copy of TrojanHunter and CounterSpy. Those 4 applications couldn't even find it.
I'm really impressed with this flashdrive....
-
1
- #8
some info on that rogue entry!
It appears to be linked to a toolbar from spyblocs & e-blocs!
Member of ASAP Alliance of Security Analysis Professionals
under the name khazars
It appears to be linked to a toolbar from spyblocs & e-blocs!
Member of ASAP Alliance of Security Analysis Professionals
under the name khazars
- Thread starter
- #9
I downloaded a trial copy of spyhunter. It found something called NetRatings in the Registry. They want $29.95 to get rid of it...in other words to fully activate their product. All 5 programs that I previously mentioned can't even find that NetRatings...
Maybe I should just do a search on the registry for NetRatings and delete what I find...
Maybe I should just do a search on the registry for NetRatings and delete what I find...
Download hijack this from the link below.Please do this. Click here:
to download HijackThis. Click scan and save a logfile, then post it here so
we can take a look at it for you. Don't click fix on anything in hijack this
as most of the files are legitimate.
Member of ASAP Alliance of Security Analysis Professionals
under the name khazars
to download HijackThis. Click scan and save a logfile, then post it here so
we can take a look at it for you. Don't click fix on anything in hijack this
as most of the files are legitimate.
Member of ASAP Alliance of Security Analysis Professionals
under the name khazars
go to add/remove and uninstall these prgorams!
C:\Program Files\Netratings\
C:\Program Files\OpiStat\OpiStat\
Also in delete these folders.
C:\windows\Program Files\Netratings
C:\Program Files\OpiStat\OpiStat
Member of ASAP Alliance of Security Analysis Professionals
under the name khazars
C:\Program Files\Netratings\
C:\Program Files\OpiStat\OpiStat\
Also in delete these folders.
C:\windows\Program Files\Netratings
C:\Program Files\OpiStat\OpiStat
Member of ASAP Alliance of Security Analysis Professionals
under the name khazars
- Thread starter
- #12
I did a file search for both netratings and opistat. Didn't find anything. But a search of the registry turned up both.
In the registry:
000 reg-sz netratings
000 reg-sz opistat
If I right click on them, I can select 'delete'. Think I should just delete them out of the registry?
In the registry:
000 reg-sz netratings
000 reg-sz opistat
If I right click on them, I can select 'delete'. Think I should just delete them out of the registry?
Rick998,
I like the idea of what you are talking about. That sounds like a winner for sure!
If/when you get that up and running to your liking, do you think you could post a "how to" thread in here showing exactly what you went through with that?
Thanks!
--
"If to err is human, then I must be some kind of human!" -Me
I like the idea of what you are talking about. That sounds like a winner for sure!
If/when you get that up and running to your liking, do you think you could post a "how to" thread in here showing exactly what you went through with that?
Thanks!
--
"If to err is human, then I must be some kind of human!" -Me
- Status