Can AV applications detect all forms of malware, even deep stuff like rootkits, while running within the infected OS?
I'm no expert, but au contraire, it seems to me a better way to first boot from a known, safe OS, and then perform a scan of a possibly infected hard-disk.
No, Comodo can't
Last week my WinXP has got infected by aluroot.c rootkit. It overwrote cmdguard.sys, i.e. the Defense+ Comodo component, and then it wrecked havoc around on my poor beast. It created undeletable symlinks in my %system% folder, added a bunch of "services" in automatic mode, prevented any scheduled tasks to run (including checkdisk) and tried to warn a whole lot of hosts around the world that my XP workstation was ready to be obey. Nasty little creeper
Fortunately I have a dual boot with fedora (and grub was still safe). From linux I started up avast and I scanned the whole win partition, finding the culprit and blasting it to dust
Just to let you know, never overestimate an AV (or yourself, btw
) ... and no, I didn't dumped Comodo. It's a good guy