Dustin Cook wrote:
> "Gaz" <gazter@msn.com> wrote in
> news:6g12q3Fdge60U1@mid.individual.net:
>
>> "Dustin Cook" <bughunter.dustin@gmail.com> wrote in message
>> news:Xns9AF2D91E2366HHI2948AJD832@69.16.185.247...
>>> "Gaz" <gazter@msn.com> wrote in
>>> news:6fttadFd3knnU1@mid.individual.net:
>>>
>>>> "John Doe" <johndoe@microsoft.com> wrote in message
>>>> news:Skgmk.4269$Lb6.1309@fe99.usenetserver.com...
>>>>> combofix also does a great job of eradicating this infector . . .
>>>>>
>>>>
>>>> Shocked, as it is the first time i have seen a piece of spyware
>>>> completely evade hijackthis... The cheeky ******* even had a block
>>>> on loading the exe file... (of course a name change sorted that,
>>>> but what if a variant is set to automatically delete files on its
>>>> watch list instead of just closing them? what a ******* that would
>>>> be).
>>>>
>>>> Gaz
>>>>
>>>>
>>>>
>>>
>>> Not really an issue if you scan outside the host os.
>>>
>>
>> Do you do that on a regular basis? Is it not a bit messy 'on site' to
>> do that?
>
> Messy in what way? I have a custom BartPE disc I use to run outside
> the host, if and when that's necessary. Short of mainboard work that
> requires t's removal from the case, I can do most things onsite with
> the cds I carry with me.

I find that i tend to use bartpe/minipe for carrying out common chkdsk
repairs, and for repairing corrupt registrys (registry restorer is a great
little programme which automates the transfer of the snapshot registry files
to the config folder on a bust windows.
For everything else, i run the software either in safe mode or regular
windows.

Gaz