Alternate OS scanners – introduction

What is Alternate OS Scanners

Alternate OS scanners are packages, distributed by antivirus software makers that can be either burned on CDs or placed on USB drives and a PC can be booted from this media. The main goal of Alternate OS scanners is providing a malware-unaffected environment for Antivirus process launch. The OS on rescue CD might be different from the one on infected PC. This reduces chances for accidental malware execution even further.
After system boot with alternate OS, one can launch the antivirus engine and scan whole system. Alternate OS scanners have a huge advantage at detecting malware, which hides from OS after launch, mostly rootkits. Rescue CDs will help to remove programs that disable antivirus processes too. This offers a huge advantage when scanning heavily infected PCs.
Alternate OS scanners have several weak points as well.
1. They might have problems detecting well -packed processes that might be easier to notice when they are running. Additionally, it is easier to fix registry when system is fully booted up, thus rescue CDs are not really suitable for this task.
2. Alternate OS scanners will have to be updated before scan. This requires either fresh burns each day your PC is infected or (if the rescue CD has an updater) downloading updates each time you use older CD.
3. Alternate OS scanners have same limitations as original antivirus: when the malware is not in the database, antivirus scanner will likely miss it and will not fix the system.
Despite these issues, Alternate OS scanners are extremely useful at fixing heavily infected PCs.

How to get Alternate OS scanner

Typical alternate OS scanner is free. They have to be downloaded and burned on clean PC.
Here is short list of Alternate OS scanners available now:
1. Avira Rescue CD : http://dlpro.antivir.com/package/rescue_system/common/en/rescue_system-common-en.exe.
2. PC Tools Alternate OS scanner : http://www.pctools.com/aoss/
3. Norton Power Eraser http://security.symantec.com/nbrt/npe.aspx?
4. AVG Rescue CD http://www.avg.com/us-en/avg-rescue-cd
Note, that rescue CDs should not be used if one can launch and scan with regular antivirus, as there is increased risk of messing up system registry.

 

 

4 thoughts on “Alternate OS scanners – introduction

4 Comments
  1. […] This is the most cumbersome process to remove rootkits like Zero Access. for that, you will have to make bootable CD or USB stick and boot computer from it. This CD should be burned on clean PC. Scanning with Alternate OS scanners might cause system malfunctions later on, especially when drivers are removed (like with ZeroAccess). After scanning with any of these CDs, you should write down which files are removed. Driver files should be redownloaded into same places or copied from driver cache before system is rebooted normally again. You might have to run Windows repair install as well. Here is the introduction to Alternate OS scanners. […]

Leave a Reply

Your email address will not be published. Required fields are marked *