Can Restarting An Infected Computer Make It Worse?

I seem to remember that rebooting a potentially infected Windows PC before removing the malware may allow it to take advantage of early boot up states that may be vulnerable if the security measures load after the core, thereby deepening its infection level, or making it more difficult to remove. I am not sure if this pertains to a rootkit in particular or not... it may have been describing malware transforming into what is known as a rootkit.

QUESTION: Is this true and does it apply to Android and Windows 7/8/10? How about Linux and Mac?

A FEW QUICK THOUGHTS: On the other hand, I know that a lot of incident response guidelines suggest disconnecting the network cable AND/OR shutsown the computer after discovering or suspecting a malware infections, which is a contradiction to the previous point. In an enterprise environment, technicians may wish to keep the computer alive to preserve forensic evidence, but I also know that most techs will just shut it down and take it back to the shop for the scan. Also of note, is that the most thorough scanning method using a bootable CD would require a restart to load as well.

To be clear, this question is not about incident response, but the capabilities of malware and the consequences of restarting the computer after infection. Incident response guidelines may be offered in addition to your answer where appropriate.


Category: malware Time: 2016-07-28 Views: 0

Related post

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development


Front-end development


development tools

Open Platform

Javascript development

.NET development

cloud computing


Copyright (C), All Rights Reserved.

processed in 0.219 (s). 12 q(s)