favorite tool for analyzing hacked windows partitions

[Matthew Gillen]

My brother just called me with some symptoms that sound an awful lot like 
his windows machine has a virus.

What are some of your favorite bootable-CD distros for seeing what's on there?

I used to like Helix, since it had a bunch of tools packaged up nicely:
http://www.e-fense.com/helix/index.php
But it hasn't been updated in over a year (and the ISO image for the latest 
version is 701MB, which won't quite fit on a CD...).

Requirements are that it's a bootable live system, and can at least run 
clamav with no fuss (preferably in a way that doesn't involve the command 
line and isn't a 10-step process).  Not needing internet access is a 
nice-to-have.  I don't want to have to walk him through anything too 
complicated over the phone for a bunch of reasons, not the least of which is 
his crappy cell-phone reception in his house (coupled with a lack of a 
land-line).

Thanks,
Matt