Warning: Be Careful With Rescue Mode Scan In Windows 8

Daf44
edited December 2012 in Antivirus

When installing a free app from the Windows 8 Store, BD Windows 8 Security stopped the installation with an "infected" event. The file is quarantined.


Fine, I rather be safe than sorry. But then I decide to do an offline scan, just to be sure, using the BD Rescue Mode scan. I had done this succesfully many times with Windows 7 so I did not give lot of thought.


Big mistake!


The scan did not find any malware so I just rebooted back to Windows 8 and now Windows tells me that it cannot boot due to a missing/corrupted boot file!


I try the Windows boot repair in the Win 8 installation disk with no success. My system would not boot! <img class=" />


My reasoning is that the new Windows 8 boot architecture does not play nice with BD's Linux installer for the Resue Mode scan.


Luckily I had a 2 day old Ghost image and was able to restore the system back to normal. :D


Lessons learned:


I will not be using the Rescue Mode scan again in Windows 8.


I will continue to make a backup image on a regular basis and recommend you do the same. ;)

Comments

  • Hi


    Thanks for sharing your experience. I think the possible cause is the ELAM Technology introduced by Microsoft. I asked some questions about ELAM and Rescue Mode here in this topic


    Early-Launch Anti-malware (ELAM) And Bitdefender.


    Hope this will also help you.

  • Thanks ONT!


    After the "infected" event BD offered to re-start the computer to finish the clean up. Windows 8 did not do a full re-start for this but there was a black screen dialog from BD showing a success message and then Windows went back to the desktop normally. This probably was the Windows 8 way for off-line cleanup.


    Where I screwed up was when I decided to use the Rescue Mode scan. This made a full re-boot into the BD Linux boot process. The Rescue Scan proceeded normally and found no issues. When I restarted the computer Windows gave me the can't boot missing/corrupt boot file message.


    The Windows boot repair in the Win 8 installation disk could not fix it!


    As I said before, I was able to restore my system with a recent backup image and everything is good now.


    I agree with you that this must be related to ELAM and all the changes in the boot process for Windows 8. Maybe the BD Rescue Mode only works in prior versions of Windows and should not be included in the Windows 8 Security product.


    I hope the "Silent Support" is reading this and comes with an explanation! :rolleyes:


    Regards!

  • Hello :)


    We are truly sorry for all the inconvenience.


    Do you remember the name of the detection? Do you remember the name of that application?


    Since you restored the systems, all the logs were lost.


    Happy Holidays!