Is a boot scan better ?
Posted 29 June 2012 - 12:21 PM
Posted 29 June 2012 - 02:12 PM
Viruses have a certain "signature" by which the AntiVirus recognizes it, whether On The HDD or In Memory. If you scan your WHOLE HARD DRIVE off-line, they can usually be found, except those that a smart enough to "self-alter" in order to "hide" and then at StartUp (the Registry RUN/RUNONCE keys) "self-alter" again to Activate. That's why if you DO get one then it MIGHT be a booger to eradicate. In that case, special procedures need to be followed along with sometimes special "eradicator" programs. Nothing (AFAIK) is "failsafe".
Sorry, but your question is rather vague in its context.
Posted 30 June 2012 - 08:47 PM
Posted 01 July 2012 - 12:41 PM
I personally normally use 4 basic tools - AntiVirus, SpyBot, MalwareBytes, and CCleaner. I do NOT use the "registry cleaner" of CCleaner but include the TEMP folders in the Options and run it pretty much before each shut-down. I've only been almost hit twice by "drive-by's" (MySpace and Facebook one each). Had a booger of a time ensuring the darn things were gone (both cases were bogus ScareWare AntiVirus).
If you DO get hit (badly), do the "slave" trick, download the 3 free softwares I mentioned (in addition to a good AntiVirus), replace the HDD, boot and install/update/run each. Good chance of eliminating it except for boogers which take more research on "how to eradicate"...
Side note - apparently the latest SpyBot will allow for a Reboot/Rescan-On-Signon (before your user startup but after System Startup) to eliminate anything "in memory". Found that out last night on Daughter's unprotected Laptop...
Posted 05 July 2012 - 11:06 AM
Most active AV evasion techniques can be defeated with a boot time scan, but anything with a custom cryptor (or at least one without a signature) will not be detected. Heuristic detection is almost entirely useless at boot time, not that most AV offerings even have useful heuristic capabilities. Removal is easier, detection is not in most cases.
It's really academic at this point, with a boot time scan not being prevention or security of any sort, it's just another cleanup method.