Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

When Do You Safe Mode?


  • Please log in to reply
4 replies to this topic

#1 honu1

honu1

  • Members
  • 477 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:08:12 PM

Posted 16 December 2007 - 11:05 AM

I recently had to take my CPU in for a diagnostic as it kept shutting itself off! Most annoying.
Yes, my system was "infected with virus,spyware+1 root kit. I just searched the glossary here for root kit, but still don't understand what it is+why it harmed my system.

The diagnosing tech who was to repair my CPU stated that all the free virus protection programs carry spyware themselves+it's better to purchase them instead. I figured it was just a way for the store to make more money, so I wanted to get your feedback here. /he also stated that the anti-virus+spyware programs I had on my system(all from B.C.) would interfere with each other. Huh?????

I need to ask here if I should be running Anti-virus+spyware programs in safe mode only? I still don't understand the concept of safe mode, but I'll try to research it at the forums here.


Thanks for any + all input.
honu1
Life isn't about how to survive the storm, but how to dance in the rain.

BC AdBot (Login to Remove)

 


#2 frankp316

frankp316

  • Members
  • 2,677 posts
  • OFFLINE
  •  
  • Local time:09:12 PM

Posted 16 December 2007 - 11:25 AM

May I assume that he suggests buying anti virus & anti spyware from him?

#3 mommabear

mommabear

  • Members
  • 492 posts
  • OFFLINE
  •  
  • Local time:10:12 PM

Posted 16 December 2007 - 11:47 AM

I need to ask here if I should be running Anti-virus+spyware programs in safe mode only? I still don't understand the concept of safe mode, but I'll try to research it at the forums here.

NO! Especially your anti-virus program. You need it running in "real time" as you use your computer and the programs you've installed, for real time protection. But, if you wanted or needed to scan your entire system after getting a warning about an infection, you can do that in Safe Mode. The idea being that the scan will run faster without all the other programs running in the background; and Safe Mode can disable some active malware, which could prevent your scan from working properly in the first place.

Spyware programs differ. It depends on what programs you are using. Some are designed for real time protection, so you'd run them like you do your antivirus. My personal preference is to use them manually. I don't like a lot of stuff running in the background. For example, I have Spybot Search and Destroy installed. But I run the scans (and updates) manually from time to time. I have a good antivirus and firewall installed. I use Firefox as my default browser. I also take some responsibility for the sites I visit, so I'm pretty careful. Experience has taught me that running Spybot now and then is all I need to do, because it seldom finds anything more threatening on my system than a few tracking cookies.

Safe Mode is now used mostly for troubleshooting when you have problems with a program or something on your system not running right. It loads just the basic stuff needed to run Windows, while you can dig around to find the problem. For example, open one program at a time until you see which program is causing problems and needs to be repaired or uninstalled.

Some people like to go into Safe Mode before using System Restore to help prevent any conflicts and glitches. Sometimes using Safe Mode is the only way to get to System Restore if a computer is infected.

In the old days of Windows, it was advisable to install new programs in Safe Mode to prevent any problems with the installation. As Windows got better, then you could install a program in normal mode, but you got the message to reboot to complete the installation. Now even having to do that is rare.

Others can probably explain it better for you, but this should give you some idea of what Safe Mode is for.

Edit: BTW, I only use Antivir (Free) for my antivirus program and Sygate Firewall. Sygate has been discontinued for at least a couple of years now (Symantec bought it), but it's still a very effective firewall. Simple to use, too. The free versions are still easy to find. I can help with that, if needed.

Edited by mommabear, 16 December 2007 - 11:50 AM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,143 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:12 PM

Posted 16 December 2007 - 11:59 AM

I just searched the glossary here for root kit, but still don't understand what it is+why it harmed my system.

Rootkits and how to combat them
Windows Rootkit Overview
Rootkits, Part 1 of 3: The Growing Threat

tech who was to repair my CPU stated that all the free virus protection programs carry spyware themselves

That's not true.

that the anti-virus+spyware programs I had on my system(all from B.C.) would interfere with each other

Again not true unless your trying to use two antivirus programs.


The primary concern with using more than one anti-virus program is due to conflicts that can arise when both are running in real-time mode simultaneously. Anti-virus software components insert themselves into the operating systems core and using more than one can cause instability, crash your computer, slow performance and waste system resources. When actively running in the background while connected to the Internet, they both may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.

Each anti-virus will often interpret the activity of the other as a virus and there is a greater chance of them alerting you to a "False Positive". If one finds a virus and then the other also finds the same virus, both programs will be competing over exclusive rights on dealing with that virus. Each anti-virus will attempt to remove the offending file and quarantine it. If one finds and quarantines the file before the other one does, then you encounter the problem of both wanting to scan each other's zipped or archived files and each reporting the other's quarantined contents. This can lead to a repetitive cycle of endless alerts that continually warn you that a virus has been found when that is not the case.

Anti-virus scanners use virus definitions to check for viruses and these can include a fragment of the virus code which may be recognised by other anti-virus programs as the virus itself. Because of this, most anti-virus programs encrypt their definitions so that they do not trigger a false alarm when scanned by other security programs. However, some anti-virus vendors do not encrypt their definitions and will trigger false alarms if used while another resident anti-virus program is active.

Further, dual installation is not always possible because some anti-virus programs will detect the presence of others and may insist they be removed prior to installation. To avoid these problems, use only one anti-virus solution. Deciding which one to remove is your choice. Be aware that you may lose your subscription to that anti-virus program's virus definitions once you uninstall that software.

In contrast, using more than one anti-spyware program with real-time protection increases your protection coverage without causing the same kind of conflicts or affecting the stability of your system that can occur when using more than one anti-virus. Even if your anti-spyware programs are not running in real-time, the overlap of protection from using different signature databases will aid in detection and removal of more threats when scanning your system for malware.

No single product is 100% foolproof and can detect and remove all threats at any given time. The security community is in a constant state of change as new infections appear. Each vendor has its own definition of what constitutes malware and scanning your computer using different criteria will yield different results. The fact that each program has its own definition files means that some malware may be picked up by one that could be missed by another. Thus, a multi-layered defense using several anti-spyware products (including an effective firewall) to supplement your anti-virus combined with common sense and safe surfing habits provides the most complete protection.

However, you can overkill your system with resource heavy security programs that will drain your resources and slow down performance. Sometimes you just have to experiment to get the right combo for your particular system as there is no universal solution that works for everyone.

Why use safe mode? The Windows operating system protects files when they are being accessed by an application or a program. Malware writers create programs that can insert itself and hide in these protected areas when the files are being used. Using "Safe Mode" reduces the number of modules requesting files to only the essentials to make your computer functional. This in turn reduces the number of hiding places for malware, making it easier to find and delete the offending files when performing scans with anti-virus and anti-malware tools. In most cases, performing your scans in "Safe Mode" speeds up the scanning process.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 jgweed

jgweed

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:09:12 PM

Posted 17 December 2007 - 08:43 AM

Quiteman7's reply is absolutely correct.

I would only add that running scanning applications in "Safe Mode" by reducing the number of applications and Windows components taking RAM to run, will speed up the scans.
Regards,
John
Whereof one cannot speak, thereof one should be silent.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users