Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Scanning hidden partitions


28 Dec 2010   #1
mjf

Windows 7x64 Home Premium SP1
 
 
Scanning hidden partitions

When I run Malwarebytes it gives me the option to scan partitions assigned a letter but what about:
1) The hidden factory recovery partition
2) The System reserved (100MB partition
3) The MBR (first 512 bytes on HDD).

Can someone advise what software covers these areas for security checking?


My System SpecsSystem Spec
.

28 Dec 2010   #2

Windows 7 Home Premium x64
 
 

I was under the impression that those areas could not be infected because they cannot be altered through any ordinary means. But I could be wrong. I've never heard of a program that can scan them.
My System SpecsSystem Spec
28 Dec 2010   #3
mjf

Windows 7x64 Home Premium SP1
 
 

This is not an area I have any strength in and hence the post. I could envisage situations where code planted in those areas could cause havoc.
My System SpecsSystem Spec
.


28 Dec 2010   #4

Windows Seven Home Premium 32bit SP1
 
 

I am really not sure on the in's & out's of this but i had concerns about the system reserved either not getting scanned or being infected so i assigned a drive letter to it so my security software could see it & i could independently scan the partition.

It is probably unnecessary but gave me peace of mind

http://www.sevenforums.com/tutorials...ndows-7-a.html
My System SpecsSystem Spec
28 Dec 2010   #5

Windows 7 Enterprise (x64); Windows Server 2008 R2 (x64)
 
 

The answer is yes they can become infected.

You have two easy options for scanning them:

1) Use a program that knows how to access them or
2) Boot on a CD/DVD AV recovery disc or in a *IX based OS that can scan them. -WS
My System SpecsSystem Spec
29 Dec 2010   #6
mjf

Windows 7x64 Home Premium SP1
 
 

Quote   Quote: Originally Posted by WindowsStar View Post
The answer is yes they can become infected.

You have two easy options for scanning them:

1) Use a program that knows how to access them or
2) Boot on a CD/DVD AV recovery disc or in a *IX based OS that can scan them. -WS
Are you able to comment on specific software?
My System SpecsSystem Spec
29 Dec 2010   #7

Windows 7 Enterprise (x64); Windows Server 2008 R2 (x64)
 
 

Most AV software is supposed to scan them?? I don't rely on software, when I have an issue (virus or otherwise) I always boot off a CD and scan that way I know for sure.
My System SpecsSystem Spec
30 Dec 2010   #8
mjf

Windows 7x64 Home Premium SP1
 
 

Quote   Quote: Originally Posted by WindowsStar View Post
Most AV software is supposed to scan them?? I don't rely on software, when I have an issue (virus or otherwise) I always boot off a CD and scan that way I know for sure.
What do you do exactly?
My System SpecsSystem Spec
30 Dec 2010   #9

Windows 7 Enterprise (x64); Windows Server 2008 R2 (x64)
 
 

Quote   Quote: Originally Posted by mjf View Post
Quote   Quote: Originally Posted by WindowsStar View Post
Most AV software is supposed to scan them?? I don't rely on software, when I have an issue (virus or otherwise) I always boot off a CD and scan that way I know for sure.
What do you do exactly?
That can get complicated quickly, due to over 10 years of development. However if you want to get started like we did; download Ubuntu Desktop Edition v10.10 (32-bit). Burn the CD and then you can boot off it. Do a live boot (just boot the CD) don't do the install because you are not installing. Once the disk boots, go to the add applications and add the recommended Anti-Virus software. From there you can scan your machine and the Ubuntu will see all your partitions and the AV will scan them all. This is a bit cumbersome but will give you the basic idea of how this works. We have developed a CD that gives us utilities and AV to repair machines that will not boot or we suspect they have a virus on them. -WS

Download | Ubuntu
My System SpecsSystem Spec
30 Dec 2010   #10
mjf

Windows 7x64 Home Premium SP1
 
 

OK.
The Hirens boot CD (12.0 latest) is grub4dos based and has some AV utilities built in. They could be updated and new ones added.
I'm obviously not getting the reason for this AV checking to be done in a live boot environment ?

For the MBR with a stable partition structure, the MRB should be a static 512byte binary. A bit check of 2 small binaries is probably the safest check against inserted assembly code.
My System SpecsSystem Spec
Reply

 Scanning hidden partitions




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 08:48 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33