Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 6 subscribers
  • Views 2751 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Newbie question: Any need to boot from CD for a "clean" scan?

peterpqa
I'm a brand new user of Sophos AV Mac Home. I searched the forums on "boot" and "startup" but found no info on this issue... I've always been a Mac user at home, but I used Windows machines at work 'til 2002. To properly scan a Windows machine, we had to boot it from a CD or a locked floppy so we could scan for boot sector viruses. If we booted up the Windows machine from its hard drive and ran a virus scanner, it couldn't see that malware. Is there a need to do this on a Mac? That is, if I boot my Mac normally from my hard drive and run a Sophos scan, are there certain files and/or firmware that Sophos can't scan because they are "in use" or otherwise inaccessible, and would they be scannable with a boot from CD? Thanks, Peter
:1003063


This thread was automatically locked due to age.
Parents
  • 0
    Andrew, thanks for the thorough reply. Glad to know system-level malware like that isn't out there for Macs ... yet. But it will almost certainly emerge eventually. And it's a good bet lots of users won't have an emergency hard disk prepared in advance like you suggested, or access to another known-clean Mac. It would be great if SAV were already enhanced in the near future with an emergency recovery capability. I know absolutely nothing about software engineering, but I imagine it working something like this: Boot from OS X Install Disc 1, launch Terminal, FTP "get" an updated SAV package to the hard drive, install it, launch SAV, remove the malware, and reboot from the hard drive. (Instead of an entire new SAV package that needs installing, it could be a special launch-ready application file just for removing system-level malware.) This may not be possible. I don't know if the machine's pre-existing internet connection is active and usable after booting from the install disc and launching Terminal. Also, I don't know how much of this could be done in Terminal. It's just an uneducated suggestion. But thanks for the answer to my original question. Peter
    :1003093
Reply
  • 0
    Andrew, thanks for the thorough reply. Glad to know system-level malware like that isn't out there for Macs ... yet. But it will almost certainly emerge eventually. And it's a good bet lots of users won't have an emergency hard disk prepared in advance like you suggested, or access to another known-clean Mac. It would be great if SAV were already enhanced in the near future with an emergency recovery capability. I know absolutely nothing about software engineering, but I imagine it working something like this: Boot from OS X Install Disc 1, launch Terminal, FTP "get" an updated SAV package to the hard drive, install it, launch SAV, remove the malware, and reboot from the hard drive. (Instead of an entire new SAV package that needs installing, it could be a special launch-ready application file just for removing system-level malware.) This may not be possible. I don't know if the machine's pre-existing internet connection is active and usable after booting from the install disc and launching Terminal. Also, I don't know how much of this could be done in Terminal. It's just an uneducated suggestion. But thanks for the answer to my original question. Peter
    :1003093
Children
No Data