On Tue, Sep 13, 2011 at 12:08 PM, Ken Schaefer <k...@adopenstatic.com> wrote: >> You are booting into a completely different OS and not launching any >> applictions to do this scan. I am not sure I understand the level of >> paronoia. > > Entirely possible that during a scan of the drive, the virus exploits a > buffer overflow in the AV application.
Or exploits one of the various vulnerabilities in Windows over the years that have lead to supposedly passive content being loaded and executed simply by mounting or browsing it. Or the operator accidentally runs a compromised executable on the target computer. Either because they're not careful, or because Windows always considers the current directory first when looking for an executable to run. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin