Anti-Virus Scan

J

JamesJ

vista basic 32 bit sp2

When doing a scan for malware with any anti-malware/anti-virus software,
does it matter whether I do the scan in safe mode or in normal mode??

Thanks,
James
 

My Computer

F

FromTheRafters

"JamesJ" <[email protected]_roadrunner.com> wrote in message
news:[email protected]

> vista basic 32 bit sp2
>
> When doing a scan for malware with any anti-malware/anti-virus
> software,
> does it matter whether I do the scan in safe mode or in normal mode??

Yes for some antimalware scanners. Some *require* normal mode for the
best results. Others hope that safe mode has an inactive installation
that they can address from there. Antivirus (specifically, file content
scanners) don't care one way or the other - active malware can hide from
scanners, so safe mode has its advantages there. Context scanners sort
of look for evidence of malware installation (infestation) - you have to
be malware infested in order for that evidence to be there.

Some things that scanners scan for might be rootkits. A rookit is very
hard to detect if it is not active (most rootkit detectors look for
"rootkit activity" - which means it must be active). Some rootkits hide
from detectors by detecting the detector and ceasing their "rootkit
activity" while they are being looked at.
 

My Computer

J

JamesJ

Got it.

Thanks,
James

"FromTheRafters" <erratic @nomail.afraid.org> wrote in message
news:%[email protected]

> "JamesJ" <[email protected]_roadrunner.com> wrote in message
> news:[email protected]

>> vista basic 32 bit sp2
>>
>> When doing a scan for malware with any anti-malware/anti-virus software,
>> does it matter whether I do the scan in safe mode or in normal mode??
>
> Yes for some antimalware scanners. Some *require* normal mode for the best
> results. Others hope that safe mode has an inactive installation that they
> can address from there. Antivirus (specifically, file content scanners)
> don't care one way or the other - active malware can hide from scanners,
> so safe mode has its advantages there. Context scanners sort of look for
> evidence of malware installation (infestation) - you have to be malware
> infested in order for that evidence to be there.
>
> Some things that scanners scan for might be rootkits. A rookit is very
> hard to detect if it is not active (most rootkit detectors look for
> "rootkit activity" - which means it must be active). Some rootkits hide
> from detectors by detecting the detector and ceasing their "rootkit
> activity" while they are being looked at.
>
 

My Computer

Top