Using Backtrack to remove virus

[cacaptrage]

Is this a good tool to use to remove virus,trojans,worms, etc on a machine? Are there utilities to do that on this CD or are there better options?

Any help would be great.

[Archangel-Amael]

Read here and you decide. BackTrack Linux Because it is obvious you went through all the trouble to create an account and didn't bother to read even the slightest amount of information.

[cacaptrage]

Read here and you decide. BackTrack Linux Because it is obvious you went through all the trouble to create an account and didn't bother to read even the slightest amount of information.

Gee, thanks for the helpful reply. I did read that but no where does it say about removing viruses, only that it is the best security tool. I even read the FAQ's and the how to's but don't see any reference to this either. What I could not find was even a list of all the installed applications to see if there were any that would be of use. It looks like this can do a lot, but I can't tell if it will do what I need.

[lupin]

Gee, thanks for the helpful reply. I did read that but no where does it say about removing viruses, only that it is the best security tool. I even read the FAQ's and the how to's but don't see any reference to this either. What I could not find was even a list of all the installed applications to see if there were any that would be of use. It looks like this can do a lot, but I can't tell if it will do what I need.

While you can use BackTrack to remove viruses if you are experienced in the process, its not really the best tool to do this if you are not. Backtrack was not designed with this function in mind. Try a virus scanner.

[mixit]

They bring up a good point though. It would be nice if there were a list of programs that come pre-installed on bt4. It would just let users get a better idea of what bt4 includes before they download the iso

[lordplagueis]

They bring up a good point though. It would be nice if there were a list of programs that come pre-installed on bt4. It would just let users get a better idea of what bt4 includes before they download the iso

if they dont know what backtrack is or the basics atleast they shouldn't download it period it's not noob friendly like ubuntu

[cacaptrage]

if they dont know what backtrack is or the basics atleast they shouldn't download it period it's not noob friendly like ubuntu

The basics from what I gather is that it is a live DVD that is packed with utilities to do security checks (and other stuff) on a machine. You don't have to be an expert at BT to know what a live CD is. What I wanted to know is what kind of utilities are packed on the image and if any of them are good at removing viruses. There are multiple flavors of live CD's, each better in a specific area. How is anyone going to know what BT is or is capable of without trying it or asking questions and reading.

While you can use BackTrack to remove viruses if you are experienced in the process, its not really the best tool to do this if you are not. Backtrack was not designed with this function in mind. Try a virus scanner.

If by this you mean that you can manually infected remove files and repairing things, this would not be the tool I would use for that. There are other live CD's out there that have the appropriate tools to do what I am looking for, I just wanted to see what this has to offer. A virus scanner is not as helpful in removing an already infected machine, removing it before it is allowed to load is ideal and why a live CD is a better option.

[lupin]

If by this you mean that you can manually infected remove files and repairing things, this would not be the tool I would use for that.

That is what I mean and just about any Live CD with the right tools added is appropriate for doing that, BackTrack included.

There are other live CD's out there that have the appropriate tools to do what I am looking for, I just wanted to see what this has to offer. A virus scanner is not as helpful in removing an already infected machine, removing it before it is allowed to load is ideal and why a live CD is a better option.

Some virus scanners do come with boot media that can be used to remove tricky infections, and some of them can also remove infections without having to boot from alternative media. Neither method is suitable for all virus infections, but these are generally the best methods for beginners to use because the manual method can be difficult. I personally clean files manually using a customised BackTrack live CD that has some additional forensic tools added.

Yes removing a virus before it is allowed is ideal, however most viruses have already activated by the time they reach the victim PC unless a virus scanner stops this, or unless the virus is distributed an executable/document that has to be run/opened by the end user, and no auto run functionality is being used (e.g. USB auto run). An unactivated virus can just be deleted like any other file, and a Live CD is not even needed in this case.

[bofh28]

To bring the thread back on topic clamav is included with backtrack. The first thing you have to do is run freshclam to update the virus definition files. The update will take a little time depending on the speed of your internet connection. You can then use clamscan to scan. I have not used clamav before so I cannot say how well it works or not work.

Good Luck and post your results so everyone can learn.

[cacaptrage]

To bring the thread back on topic clamav is included with backtrack. The first thing you have to do is run freshclam to update the virus definition files. The update will take a little time depending on the speed of your internet connection. You can then use clamscan to scan. I have not used clamav before so I cannot say how well it works or not work.

Good Luck and post your results so everyone can learn.

Thank You for the input.