• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Scanning for Malware on Non-Boot Drive

T

timswim78

Diamond Member
I have used the Consolidated Security Thread on many occasions, with much success.
http://forums.anandtech.com/messageview...?catid=33&threadid=2004933&STARTPAGE=1

However, I have always tried to solve malware, spyware, and virus problems by working on an infected computer. As you have probably experienced, this can be a challenge because many of the little buggers are hard to get rid of on a running computer.

So, my question is this. Can I take an infected system's boot drive from and try to clean it up by adding it to the storage drive of another computer and running all of the recommended cleanup tools? I imagine that this method would allow for the effective removal of some viruses and spyware, but I'm not sure if it would be able to clean problems from the registry, look for rootkits, and etc.

Any thoughts on this?
 
It would be easier to just create an Ultimate BootCD for Windows and run the antimalware tools from the CD on the affected computer:

http://www.ubcd4win.com/

One can use this as a "first pass" and then run the malware tools after the really nasty stuff has been cleaned. Many of the registry entries are associated with files on the hard drive (such as an .exe that is ordered to startup with windows that is a virus), which these antimalware tools should be able to find.
 
Originally posted by: Schadenfroh
It would be easier to just create an Ultimate BootCD for Windows and run the antimalware tools from the CD on the affected computer:

http://www.ubcd4win.com/

One can use this as a "first pass" and then run the malware tools after the really nasty stuff has been cleaned. Many of the registry entries are associated with files on the hard drive (such as an .exe that is ordered to startup with windows that is a virus), which these antimalware tools should be able to find.
Click to expand...

So, I understand you correctly, booting from a antimalware CD or another computer should allow one to cleanup an infected hard drive, without booting from the infected drive? And, the leftover registry entries shouldn't be harmful, once the offending files to which theyt point are removed?
 
Originally posted by: timswim78
Originally posted by: Schadenfroh
It would be easier to just create an Ultimate BootCD for Windows and run the antimalware tools from the CD on the affected computer:

http://www.ubcd4win.com/

One can use this as a "first pass" and then run the malware tools after the really nasty stuff has been cleaned. Many of the registry entries are associated with files on the hard drive (such as an .exe that is ordered to startup with windows that is a virus), which these antimalware tools should be able to find.
Click to expand...

So, I understand you correctly, booting from a antimalware CD or another computer should allow one to cleanup an infected hard drive, without booting from the infected drive? And, the leftover registry entries shouldn't be harmful, once the offending files to which theyt point are removed?
Click to expand...

Negative, sometimes things can "rebuild" if they are not fully purged. I do not know if these tools scan the registry on a slave hard drive's windows install as I mainly just install all the applications on the infected computer and then clean. That is why I suggested just using it as a "first pass" to get rid of the bulk of it and then running all of the tools from the installed windows just to be safe.
 
Originally posted by: Schadenfroh
Originally posted by: timswim78
Originally posted by: Schadenfroh
It would be easier to just create an Ultimate BootCD for Windows and run the antimalware tools from the CD on the affected computer:

http://www.ubcd4win.com/

One can use this as a "first pass" and then run the malware tools after the really nasty stuff has been cleaned. Many of the registry entries are associated with files on the hard drive (such as an .exe that is ordered to startup with windows that is a virus), which these antimalware tools should be able to find.
Click to expand...

So, I understand you correctly, booting from a antimalware CD or another computer should allow one to cleanup an infected hard drive, without booting from the infected drive? And, the leftover registry entries shouldn't be harmful, once the offending files to which theyt point are removed?
Click to expand...

Negative, sometimes things can "rebuild" if they are not fully purged. I do not know if these tools scan the registry on a slave hard drive's windows install as I mainly just install all the applications on the infected computer and then clean. That is why I suggested just using it as a "first pass" to get rid of the bulk of it and then running all of the tools from the installed windows just to be safe.
Click to expand...

OK, Thanks.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top