Boot AV's?

Discussion in 'other anti-virus software' started by Rico, Sep 12, 2014.

  1. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,699
    Location:
    Texas
    Hi Guys,

    Normally I have pretty crappy results, running the likes of "Avira Rescue CD", as many files are locked, & after the long scan, mostly no improvement, in removing infection, or would have been better off, scanning from the native OS. Any suggestions?

    Thanks
    Rico
     
  2. Aryeh Goretsky

    Aryeh Goretsky Security Expert

    Joined:
    Apr 4, 2006
    Posts:
    54
    Location:
    United States
    Hello,

    Here's a partial listing I came up with awhile ago:

    Alwil - AVAST! Rescue Disk
    AnviSoft - Anvi Rescue Disk
    AVG - AVG Rescue CD
    Avira - Avira Rescue System
    Bitdefender - BitDefedner Rescue CD
    Comodo - Comodo Rescue Disk
    Doctor Web - Dr.Web LiveCD
    ESET - ESET SysRescue Live
    F-Secure - Rescue CD
    Kaspersky Kaspersky Rescue Disk 10
    McAfee - McAfee CleanBoot (requires license)
    Microsoft - Windows Defender Offline
    MWTI - eSCAN Rescue Disc (direct link to ISO)
    Panda Security - Panda Safe CD
    PC Tools - PC Tools Alternate Operating System Scanner (company acquired by Symantec;last updated in 2010)
    Rising - Rising Antvirus Linux (direct link to ISO)
    Sophos - Sophos Bootable Anti-Virus
    Surfright - HitmanPro.Kickstart USB
    Symantec - Norton Bootable Recovery Tool
    ThreatTrack - VIPRE Rescue
    Trend Micro - Rescue Disk
    Trinity Rescue Kit - Trinity Rescue Kit (contains engines from five different anti-malware programs)
    TrustPort - WinPEBartPE (tutorials on how to make rescue CDs)
    VirusBlokAda - VBA Rescue (direct link to ISO)
    Zillya Antivirus - Zillya Live (direct link to ISO)

    Perhaps one of these will better meet your needs.

    Regards,

    Aryeh Goretsky
     
  3. DX2

    DX2 Guest

    I think he's looking for a AV that scans on bootup...Hitman Pro does for sure, not sure what other AV does..
     
  4. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,695
    Location:
    Zagreb, Croatia
    avast?
     
  5. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    701
    Location:
    North of the 38th parallel.
    Hello Rico:

    Take a good read of what professional Malware Removal Experts use. Just before declaring systems as being all clear, many will have the users run ESET's free Online Scanner from: <http://www.eset.com/us/online-scanner/>

    HTH :)
     
  6. NWOAbschaum

    NWOAbschaum Registered Member

    Joined:
    Feb 9, 2014
    Posts:
    185
    Location:
    Germany
    Avast have a bootscan option and its works quit nice
     
  7. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,699
    Location:
    Texas
    Hi Guys,

    Thanks for the comments!

    I've tried several boot AV discs, now I have a bunch of boot CD's, that do not help much, so the mostly just rot in a drawer.

    @1PW - Eset online is one of my FAV's recommend this allot, plus use it allot & prefer it to boot AV's.

    @DX2 - HMP is great

    Avast also is wonderful product - Normally club members drop a machine off, (all fixed gratis), very infected. I never know which AV is installed, & switching AV's is not a solution.

    I had great hopes & tried many boot AV's, ALL have done a very poor job at, getting back control of the OS. HMP does a good job, but if it has been used before, it does not remove found, so 30 day window, or manually hunt down the offending files. I believe (could be wrong) that Avira running from the OS does a better job, than Avira boot disc. Perhaps it's all those locked files the boot disc runs into, not sure.

    Has anyone else had better luck from a boot disc, than from the native OS?
     
  8. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    701
    Location:
    North of the 38th parallel.
    Hello Rico:

    Procedurally, wouldn't the most accomplished malware removal professionals likely run passive diagnostics early on to not only confirm the reported symptoms, but to possibly highlight the underlying cause(s) and reveal/catalog other relevant issues. Perhaps then purpose built remedial/specialty tools could likely follow.

    My personal observations have noted running generalized A/V and A/M scans are most apt to be found as the professional is nearing the end of the job - and even then as confirmation that their preceding efforts have yielded the desired results. Of course notable exceptions can always alter any remedial plan.

    HTH :)
     
  9. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Yes, if the system is unusable in SAFE mode I'll boot it with Kaspersky Rescue CD. It immediately gives access to the registry and files so that malware startup entries can be deleted, etc. Its scanning function does a good job of finding malware too. It takes a little while to update the definitions, but well worth the wait IME.
     
  10. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,699
    Location:
    Texas
    Hi Guys,

    @1PW - So what 'passive diagnostics' do you like, likewise which remedial tools? Always that nasty curve-ball!

    @Victek - First time in the city best ever Pizza! Have had bad luck with KAV Rescue. Updating is a problem forget-about-it, wireless, & even with a wired connection, updating Avira KAV, is a crap shoot.
     
  11. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Yeah, I don't currently live in the "City" and the Pizza is something I miss! :'(

    Regarding KAV Rescue CD I can often get control of the system using the registry editor and file manager, then boot back into Windows and finish cleaning with other tools. If updating is too slow scanning can still be effective using the included signatures. It will still catch the malware unless it's new. I usually do just a Startup scan.
     
  12. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    701
    Location:
    North of the 38th parallel.
    Hello Rico:

    I try to use my best powers of persuasion to have family and friends invest their time in education, scheduled system backups, updates, and thoughtful prevention.

    After a full system backup, as a generality, I see the Farbar Recovery Scan Tool (FRST) as certainly one of the leaders in first used passive diagnostics. This generally assumes the system is bootable. After careful & detailed analysis, most professionals will employ only the indicated purpose built specialty tools that are nearly always available in Lawrence Abrams' Bleeping Computer archives. FRST must be properly interpreted to point the way and in what what order of priority. Frequently (but not always) the next tool could be BC's RKill or maybe Tigzy's RogueKiller, and here is where continued speculation on my part would be folly. Cookbook recipes are discouraged if user satisfaction, efficiency of time and resources, and your reputation are highly valued.

    If you anticipate taking on frequent remediation, I strongly recommend enrolling in a proctored course such as that available through BleepingComputer.com or others.

    Further convincing may simply be yours if you read a few dozen of the successfully completed threads for malware victims and their malware removal professionals.

    HTH :)
     
    Last edited: Sep 19, 2014
  13. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,699
    Location:
    Texas
    Hello 1PW,

    "I try to use my best powers of persuasion to have family and friends invest their time in education, scheduled system backups, updates, and thoughtful prevention."

    Wise! I package the above as "routine maintenance", akin to the maintenance one does for there automobile.

    Paragraph 2 - Excellent choices, familiar with & use all mentioned, plus many others.

    Paragraph 3 - Been there done that

    Paragraph 4 - See response to paragraph #3

    Regardless of what other pro's use, regardless of passive, diagnostic tools etc. :

    The topic is, discussion is about boot AV's. I've shared my experience with them, & seeking what other experiences & insight regarding boot AV's.

    Thanks
    Rico
     
  14. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,518
    Location:
    USA - Back in a real State in time for a real Pres
    99% of people use PCs like toasters & refrigerators. I'm done helping all but those I take pity on, can afford to pay my exorbitant rate or close loved ones.

    Course I'll help when I can here. Because Wilders is where I learned almost everything I know about maintenance & repair of PCs.
     
  15. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,699
    Location:
    Texas
    Agree! I have not burned myself out helping yet, & view it as "paying it forward", what movie was that line from?

    Do you have any good bad or indifferent experiences with Boot AV's?
     
  16. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    974
    Used plenty of AV's over the years including bootable rescue CDs. Both Kaspersky and Dr.Web were slow. Now I mostly stick with on-demand scanners (MBAM, EEK, HMP) if needed. Having a clone and/or full image backup is a good idea.
     
  17. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,699
    Location:
    Texas
    Let's try to understand something, I'm not interested in what you use as an alternative like: Eset online, Mbam, SAS, etc or any native to windows AV, nor am I asking about stratagems, or backups here.

    Simple "BOOT AV's" ONLY do you have good luck or bad luck with them, are they first thing tried, for clean up?

    Again my luck with them is, hard to update, long scans, many locked files, then when it's all finished, boot back to windows, which still is infected. Because of this experience I don't use them often.
     
  18. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Last edited: Sep 19, 2014
  19. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,699
    Location:
    Texas
    Cool, I should watch it:Dnice cast, now I've got time whilst the boot disc does it's thing, I'll look on the bright side as it removes 51% of the bugs.:):doubt:

    Thanks All
    Rico
     
  20. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,518
    Location:
    USA - Back in a real State in time for a real Pres
    Honestly I don't waste my time. Ask if they've backed up personal data, photos, work etc. 99.99999% of the time the answer is no. Boot to a Linux LiveCD, get the data, photos, etc. Nuke the drive, format & fresh install. Anything else is a waste of time.
     
  21. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,061
    I also don't use them often. I did use them in past and they cleaned some infections that were not possible to clean from within system. Usually they are the last thing I try, before reinstall.

    I just tried Kaspersky and as I see it's not UEFI secure boot compatible. I don't know how others support it.
     
Loading...