2 Replies Latest reply on Feb 19, 2011 3:02 AM by sundar.8212

    On-Demand Scan Notification

      Hi,

       

      while running On-Demand scan i got a notification,

       

      "The On-Demand scan found alterations to code or data which may indicate that a rootkit is attempting to hide files, registry keys, process or other items. If this scan fails to find anything then computer

      should be scanned with McAfee Prescan or booted into safe Mode and this scan run again "

       

      why On-Demand scan unable to do this scan in normal mode?

       

      Why is possible in safemode...Is that the rootkit program can't perform in safemode?

       

      How rootkit (back door) execute or allow virus program?

       

      Can anyone explain this?

       

      Thanks in advance

       

      ....Sundar....

        • 1. On-Demand Scan Notification
          hem

          ODS very well runs in Normal mode but if the file is locked by some one (either by application or by OS etc) then ODS will fail to scan and the threat file will seat easily.

           

          When you boot the machine in safemode. Window will load minimal drivers and there is very less chance that the threat file will be locked  by anyone so ODS will be able to clean/delete (as per configured action) succesfully.

           

          Rootkit/virus programs have their own mechanism to run/execute so its very difficult for us to say, how are they programmed?

          • 2. Re: On-Demand Scan Notification

            Hem...Thanks for your reply.......

             

            Message was edited by: sundar.8212 on 2/19/11 3:02:26 AM CST