Using bartPE for Virus Removal

Wow... thanks for the fast reply!

I'm still a little puzzled about the plugins. I see there is one for Avast. So I take it that I need to install the plugin to run advast, right? It doesn't specify any particular version but I've seen one for AVG that targets an older AVG version.

I the real question that I have at this time is:

Does this work any better than pulling the hard drive and scanning it with another computer? I can see the advantage of not pulling the hard drive, but almost always I pull off the case to blow out the dust and it's not much of a step to pull the hard drive.

My first focus is pulling the hard drive, backing it up, then working from there. I use Acronis as my backup tool. I've had problems installing it with highly infected computers so I typically pull the hard drive during the dust cleaning and use my work computer to backup and do the initial scanning.

the only real benefit I can see to using the boot CD rather than doing it your way is the time saved while pulling and attaching to another machine. If you are used to doing it and dont mind then I would stick with what works for you. That said I usually keep a copy of the CD in my laptop bag because you never know when your gonna need it and you might not have another machine to slave into.

I think as far as the scanning/cleaning both methods should work almost identically. In both situations the drive is only being read, there is no OS or EXE attempting to lock certain files.

Pulling an image with acronis is a good idea just incase the disinfection causes some unintended system failure. That said there are plugins for BARTPE that utilize the DriveimageXML program. This could be useful in the situations like you mention where Acronis wont install correctly.

I cant really give you a definite answer as to which is the better option for you as they both have their benefits. I would suggest setting yourself up a BARTPE disk just to have it as another option in your cleaning efforts.

Good general overview with detail and links here:  http://en.wikipedia.org/wiki/Bartpe
Asta

Outdated antvirus wont be effective.

FREE COMPUTER REPAIR
http://onecare.live.com/site/en-us/default.htm
And run the: "FULL SERVICE SCAN" it will cleanup & speedup your computer, if it won't run then:
You may have been infected with Worm:Win32/Conficker.B
To protect from Conficker apply an emergency patch that Microsoft issued in October - ahead of Conficker's arrival - for a recently discovered flaw in the Windows operating system that Conficker was designed to exploit.
The patch was originally intended to protect Microsoft's customers against a different piece of malicious code, a data-stealing worm called Gimmev.
Conficker could still activate itself, and it's not the most dangerous piece of malicious code out there
Ways to detect and clean a system that has the Win32/Conficker.B worm
http://support.microsoft.com/kb/962007
If on a network, I recommend disabling "Password Lockout" policy for the time being, till you are sure the infection has been contained and cleaned in your network.
(http://technet.microsoft.com/en-us/library/cc781491.aspx)
Also see:
Bit Defender:
http://anti-virus-software-review.toptenreviews.com/
This is  free:
http://www.pctools.com/free-antivirus/
(Regards from Michael Best: a Kiwi in Tokyo: I troubleshoot: both, English OS & Japanese OS)