BleepingComputer.com: Using BartPE or others to remove infections

Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

How to use this Forum


HI! Please do not use this General Chat forum for computer support questions. If you are looking for support, please post your question in the appropriate forum. For HijackThis logs please post your log here:



Virus, Trojan, Spyware, and Malware Removal Logs



Welcome to the site and looking forward to your introduction posts!
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Using BartPE or others to remove infections Why isn't there more discussion on this?

#1 User is offline   shinomen 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 8
  • Joined: 01-April 08

Posted 03 January 2009 - 09:38 PM

For quite some time I've been using a bartpe CD with the XPE plugin that has Ad-aware, A Squared, and AVG 7.5 plugins on it to fight viruses and spyware infection from outside of the windows OS. But I'm finding that as time goes by, these programs are not as capable of getting rid of some of the harder to fight infections that Combofix and Malware Bytes Anti-Malware can detect and remove.

In my opinion it's better to boot from a cd and remove spyware and virus infections from the outside since the infections aren't actively running and trying to avoid the scanners. It would be great if combofix and Malware Bytes Anti-malware could run on such a tool as the bartpe or even the UBCD4win CD since both of these softwares are able to load and access the registry for scanning of the PC on which it is running without having to boot the infected OS.

I don't know if this has been suggested or asked and whether or not it has been answered but can anyone shed any light on this for me?

Thanks.

#2 User is offline   tg1911 

  • Lord Spam Magnet
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Site Admin
  • Posts: 18,424
  • Joined: 06-May 04
  • Gender:Male
  • Location:SW Louisiana

Posted 04 January 2009 - 12:14 AM

ComboFix is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

There will be no discussion of ComboFix, outside of the HijackThis Logs and Virus/Trojan/Spyware/Malware Removal forum.
If you wish to discuss other programs, that is fine.

Any further mention, of this program, will result in this topic being closed.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, GPU: eVGA GeForce 9800 GTX+, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#3 User is offline   shinomen 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 8
  • Joined: 01-April 08

Posted 04 January 2009 - 09:11 AM

OK.

This post has been edited by shinomen: 04 January 2009 - 09:24 AM

#4 User is offline   raw 

  • Bleeping Hacker
  • PipPipPipPipPipPip
  • Find Topics
  • Group: BC Advisor
  • Posts: 2,294
  • Joined: 14-April 04
  • Gender:Male
  • Location:Texas

Posted 07 January 2009 - 11:36 PM

MalwareBytes will not be ported to BartPE.

Quote

The way our heuristics work, MBAM's detection capabilities would be crippled when running in BartPE. The malware needs to be running normally for our heuristics to be the most effective, that means Windows needs to be booted normally.

For LiveCD cleaning of a Windows machine have a look at Trinity Rescue Kit.
http://trinityhome.org/Home/index.php?wpid=1&front_id=12
Posted Image
Posted ImageHOSTFix only works on XP,no longer maintained

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users