Jump to content

Boot-Time Scan


Recommended Posts

  • 3 weeks later...

I'm an IT tech and I have always been told MBAM works best in 'normal mode' as opposed to Safe Mode because it works best when all the malware is currently running (among other reasons that I can't remember) and this problem is exacerbated when scanning a slaved hard drive. My question is how will a boot time scanner avoid these issues?

Link to post
Share on other sites

  • Staff
I'm an IT tech and I have always been told MBAM works best in 'normal mode' as opposed to Safe Mode because it works best when all the malware is currently running (among other reasons that I can't remember) and this problem is exacerbated when scanning a slaved hard drive. My question is how will a boot time scanner avoid these issues?

It will partially avoid the Safe Mode issue because, since it isn't Safe Mode, it can use its driver while scanning, but it won't avoid the issue of not having the malware running (ie, it can't detect what's in memory if it isn't in memory), so it would have to rely totally on detecting infections in the registry and files/folders etc. It avoids the issues with slaved drives because it's still scanning the system drive (usually C:) where Windows is installed, that means all of our whitelisting etc will still be in place, thus massively decreasing the likelihood that we'll delete something that could make the drive unbootable and we'll also be able to scan the registry (something we can't do with slaved hard drives or running from a CD).

The only real issue that would remain would be catching malicious processes since they aren't running, something that might hurt detection rates a bit, but everything else would be in place, thus allowing us (hopefully) to kill the majority of the nasties, allowing the system to be bootable in normal mode, and avoiding the majority of pitfalls that scanning in Safe Mode, from a bootable CD or scanning a slaved drive all bring into the picture :D.

Link to post
Share on other sites

  • 1 month later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.