Scanning for Viruses-1.

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I have a couple of questions with respect to scanning modes.

1.Should routine scanning for viruses/malware be performed in safe mode or
is normal mode adequate?

If a virus is found, I understand that it is highly advisable to scan in
safe mode to
remove viruses more effectively.

2.Should the safe-mode scan *include* clean-boot operation, and if so, are
the succeeding steps acceptable?

Follow instructions as per http://support.microsoft.com/kb/31053 **AND**
click on tab BOOT.INI and check /SAFEBOOT.

Thanks in advance for response.



Re: Scanning for Viruses-1.

Kayman wrote:
Quoted text here. Click to load it

ideally it would be done after booting from a known clean bootable
medium (like a bartpe disk)... barring that, safe mode is probably
better than normal mode but that's not always a sufficient precaution...

the idea is to scan in an environment where the malware can't be running
so that the malware can't interfere with the scanning process or
actively hide itself... there's a somewhat reduced chance of the malware
running when you boot into safe mode, but if you execute anything off of
the suspect drive there is a chance that whatever malware you suspect is
on it will be executed as well...

Quoted text here. Click to load it

running in a 'safe' environment is just as important for detection as it
is for recovery...

Quoted text here. Click to load it

??? are you sure that's the right url? that seems to be something about
quickbasic..

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Re: Scanning for Viruses-1.

Thanks for informative response.
With respect to the URL,  I omitted by mistake the number 3.
The correct URL is http://support.microsoft.com/kb/310353
Regards,

Quoted text here. Click to load it



Re: Scanning for Viruses-1.

Kayman wrote:
Quoted text here. Click to load it

ah, yes, that's much better...

the answer is that microsoft's idea of what a clean boot is is
completely borked... it's a suped up version of safe mode, disabling as
much as possible but still booting from the suspect media, which means
it's running code off the suspect drive and therefore possibly running
malware...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Re: Scanning for Viruses-1.

Thanks Kurt, I really appreciate your explanation.
With very best regards,

Quoted text here. Click to load it



Site Timeline