 Using BartPE or others to remove infections, Why isn't there more discussion on this? |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. How to use this Forum
HI! Please do not use this General Chat forum for computer support questions. If you are looking for support, please post your question in the appropriate forum. For HijackThis logs please post your log here:
HijackThis Logs and Analysis Forum
Welcome to the site and looking forward to your introduction posts!
  |
 Jan 3 2009, 09:38 PM
Post
#1
|
|
|
New Member  Group: Members Posts: 8 Joined: 1-April 08 Member No.: 200,182  |
In my opinion it's better to boot from a cd and remove spyware and virus infections from the outside since the infections aren't actively running and trying to avoid the scanners. It would be great if combofix and Malware Bytes Anti-malware could run on such a tool as the bartpe or even the UBCD4win CD since both of these softwares are able to load and access the registry for scanning of the PC on which it is running without having to boot the infected OS. I don't know if this has been suggested or asked and whether or not it has been answered but can anyone shed any light on this for me? Thanks. |
 |
 
|
|
Jan 4 2009, 12:14 AM
Post
#2
|
|
 SPAM Magnet Group: Site Admin Posts: 15,720 Joined: 6-May 04 From: SW Louisiana Member No.: 363 |
ComboFix is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.
There will be no discussion of ComboFix, outside of the HijackThis Logs and Virus/Trojan/Spyware/Malware Removal forum. If you wish to discuss other programs, that is fine. Any further mention, of this program, will result in this topic being closed. -------------------- Health is merely the slowest possible rate at which one can die.
. Become a BleepingComputer fan: Facebook |
|
|
|
|
Jan 4 2009, 09:11 AM
Post
#3
|
|
|
New Member Group: Members Posts: 8 Joined: 1-April 08 Member No.: 200,182 |
OK.
This post has been edited by shinomen: Jan 4 2009, 09:24 AM |
|
|
|
|
Jan 7 2009, 11:36 PM
Post
#4
|
|
 Bleeping Hacker Group: BC Advisor Posts: 2,202 Joined: 14-April 04 From: Texas Member No.: 151 |
MalwareBytes will not be ported to BartPE.
QUOTE The way our heuristics work, MBAM's detection capabilities would be crippled when running in BartPE. The malware needs to be running normally for our heuristics to be the most effective, that means Windows needs to be booted normally. For LiveCD cleaning of a Windows machine have a look at Trinity Rescue Kit. http://trinityhome.org/Home/index.php?wpid=1&front_id=12 -------------------- |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 8th November 2009 - 08:26 AM |
© 2003-2009 All Rights Reserved Bleeping Computer LLC.