We help IT Professionals succeed at work.

Create a bootable CD for troubleshooting purposes

sfjacobs
sfjacobs asked
on
329 Views
Last Modified: 2007-12-19
I would like to create a bootable CD that will enable me to troubleshoot and fix problems with my table PC.  I have a Toshiba Protege M400 and it's been hit twice with a virus than Symantec AV can't fix because of the file that is infected.  I'd like to have a bootable CD that would enable me to run an AV program (not necessarily SAV) as well as run other tools that might be helpful in troubleshooting and fixing problems.

Any help would be appreciated.
Comment
Watch Question

Technology and Business Process Advisor
CERTIFIED EXPERT
Most Valuable Expert 2013
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
CERTIFIED EXPERT

Commented:
safemode is a good place to go for scanning difficult to remove malware, safemode is  windows diagnostic system, as it uses very little drivers thus freeing up programs that may prevent access.
The reason you getting hit is:
AV is not kept up to date all the time
Scan after an update
clear temp IE files daily
donot install or download .exe until they are scanned first.
Opening email attachments scan them first.
Starting your computer in Safe mode
Symantics
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406?OpenDocument&src=sec_doc_nam

sysclean is a great tool scan in safemode
readme text
http://support.trendmicro.com.cn/Anti-Virus/Clean-Tool/Sysclean/EX_SysClean_Readme_EN.txt
http://www.trendmicro.com/download/dcs.asp

Norton has a bad reputation for causing problems  even finding malware nolonger there, if this is the case uninstall, many highly recomend not using it
AVG free
http://free.grisoft.com/doc/avg-anti-virus-free/lng/us/tpl/v5

CERTIFIED EXPERT
Most Valuable Expert 2011
Top Expert 2011

Commented:
For the BartPE, there are several AV plugins that you can use to enable AV in it....

I have tested ClamWin, Sophos command line scanner, and also the Mcafee Stinger tool...

The Plugin Repository
http://www.collewijn.info/xpe/page/plugin.php?type=500

ClamWin Antivirus Scanner
http://www.bootcd.us/BartPE_Plugin_Details/465/ClamWin-Antivirus-Scanner.html?PHPSESSID=b8fa81d399707348f91e5666b3acbaf5

Sophos command line scanner
http://winpe.sourceforge.net/files/3dpart/sophosgui.cab 

Not sure about UBCD, but BartPE doesnt include any AV scanners, but they are easy enough to add....




Lee W, MVPTechnology and Business Process Advisor
CERTIFIED EXPERT
Most Valuable Expert 2013

Commented:
I strongly suggest you look into BartPE - it contains MANY utilities including MULTIPLE antivirus scanners, registry editors, and other tools.  BartPE is like getting the Base model of a car.  UBCD is like getting the same car with every imaginable feature added in.
CERTIFIED EXPERT
Author of the Year 2011
Top Expert 2006

Commented:
Hi sfjacobs,
In addition to all of the other great advice, do you have the option to switch AV programs?
If something has gotten past Symantec twice, you need better protection.

Several free programs available for personal use and even more options if you want to pay for it.

Post back when you can.
Vic
Nirmal SharmaSolution Architect
Top Expert 2005

Commented:
Merete has suggested you right thing but BartPE is not too bad.
CERTIFIED EXPERT

Commented:
hi thanks SystmProg    :)

It would be quite a difficult task to create a bootable CD that would enable you to run an AV program
CERTIFIED EXPERT
Most Valuable Expert 2011
Top Expert 2011

Commented:
"It would be quite a difficult task to create a bootable CD that would enable you to run an AV program "

On the contrary...Even a first time Bart Builder could do it with the few pluings I linked to. They are all self contained, just add them into the plugins, refresh and your good to go. No searching for installers, extracting files etc...
CERTIFIED EXPERT
Author of the Year 2011
Top Expert 2006

Commented:
I'm with johnb on this one - the first time I had to create a BART's PE, it was nothing more than following the instructions.
Simple enough even for an old INfantry guy.

Vic
CERTIFIED EXPERT

Commented:
but if this a malware problem then he will be running this cd  in safemode anyway :)
Lee W, MVPTechnology and Business Process Advisor
CERTIFIED EXPERT
Most Valuable Expert 2013

Commented:
Merete - are you familiar with BartPE/Ultimate Boot CD for Windows?  It doesn't sound like it.


He will NOT be running either CD in safe mode because the CD is bootable - you boot to it and run everything from the CD.  I have used this many times to clean malware and viruses from infected PCs.
CERTIFIED EXPERT

Commented:
yes I am familiar with BartPE
but if the user owns a DEL or HP  OEM which dont ship with xp they may have a different problem creating a BartPE disc from a recovery disc
 however I have not as yet  had the need to use it to run AV  scans and malware removal  I just use safmode or slave the pc :)
Nirmal SharmaSolution Architect
Top Expert 2005

Commented:
>>>however I have not as yet  had the need to use it to run AV  scans and malware removal  I just use safmode or slave the pc :)

Safe Mode - That's what it is here for!
CERTIFIED EXPERT

Commented:
oh dah
Lee W, MVPTechnology and Business Process Advisor
CERTIFIED EXPERT
Most Valuable Expert 2013

Commented:
I've worked on enough malware and virus infected PCs to know that Safe Mode isn't as safe as people would like to believe.  I had a virus/malware infestation on one machine that I couldn't remove in safe mode - didn't have bartpe/ubcd around, so I ended up having to boot to the recovery console and rename all the bad files so they wouldn't start.  And if the malware put itself in an area other than %windir%, it wouldn't have worked because the recovery console limits you to %windir% and the root directory to file management.
CERTIFIED EXPERT
Most Valuable Expert 2011
Top Expert 2011

Commented:
leew hit the nose on the head with that statement.

Merete did too, slaving the HDD is always a great option.

Really just have to take it on a case by case basis. I guess being a tech, I am used to having tons of machines and CD's as resources laying around to make these tools. Even if they have the I386, like the OEM's *should* have loaded, then the bart CD can stilll be made, or simply borrow one from a friend.
Nirmal SharmaSolution Architect
Top Expert 2005

Commented:
Interesting...
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.