Which drives and partitions to scan?
in [Anti-Virus]
|
Prev: AvxBar and icon in Microsoft Access - Virus or Antivirus?
Next: Protecting against malware with combinations of free programs
From: Dustin Cook on 15 Mar 2010 16:17 "The Central Scrutinizer" <gcisko(a)hotmail.com> wrote in news:hnfdab$8r5$1(a)speranza.aioe.org: > In general, if the virus or malware compromises the system areas, it > is a wipe > and reinstall. I do not care what you experts say. You cannot be 100% > certain > you know everything the virus did via the compromise. I have a word for people who are quick to wipe and reload; can you guess what it probably is? yes, the word is incompetent. In many cases, the big bad virus and/or malware can be removed without further harm to the system. Exceptions do exist and will require a reload, but that's not the general norm. If you really wipe and reload a system to remove.. say, antivirusxp2010; you shouldn't be anywhere near computers. It's a non replicating trojan... In many cases, what the virus or malware program did can be well documented and studied on test systems; so yes, one can learn what the malware in question did AND how to undo it. > "Dustin Cook" <bughunter.dustin(a)gmail.com> wrote in message > news:Xns9D392CA606FAAHHI2948AJD832(a)69.16.185.250... >> "The Central Scrutinizer" <gcisko(a)hotmail.com> wrote in >>> If definitions exist to deal with the virus/malware you should be >>> OK. >> >> Depends. The definitions may support the detection of the virus, but >> offer no antidote. Most malware OTH are glorified trojans so deleting >> them and reversing any unwanted changes they made in the registry >> will usually remove them without unwanted sideffects. The same cannot >> be said for an actual virus. > > > -- "Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh.. nudge this boulder right down a cliff." - Goblin Warrior
From: The Central Scrutinizer on 15 Mar 2010 19:28 And in a corporate environment where you do not have time to manually remove the big bad virus or malware? Then what? "Dustin Cook" <bughunter.dustin(a)gmail.com> wrote in message news:Xns9D3CA6B96EF7FHHI2948AJD832(a)69.16.185.247... > "The Central Scrutinizer" <gcisko(a)hotmail.com> wrote in > news:hnfdab$8r5$1(a)speranza.aioe.org: > >> In general, if the virus or malware compromises the system areas, it >> is a wipe >> and reinstall. I do not care what you experts say. You cannot be 100% >> certain >> you know everything the virus did via the compromise. > > I have a word for people who are quick to wipe and reload; can you guess > what it probably is? yes, the word is incompetent. > > In many cases, the big bad virus and/or malware can be removed without > further harm to the system. Exceptions do exist and will require a > reload, but that's not the general norm. If you really wipe and reload a > system to remove.. say, antivirusxp2010; you shouldn't be anywhere near > computers. It's a non replicating trojan... > > > In many cases, what the virus or malware program did can be well > documented and studied on test systems; so yes, one can learn what the > malware in question did AND how to undo it. > >> "Dustin Cook" <bughunter.dustin(a)gmail.com> wrote in message >> news:Xns9D392CA606FAAHHI2948AJD832(a)69.16.185.250... >>> "The Central Scrutinizer" <gcisko(a)hotmail.com> wrote in >>>> If definitions exist to deal with the virus/malware you should be >>>> OK. >>> >>> Depends. The definitions may support the detection of the virus, but >>> offer no antidote. Most malware OTH are glorified trojans so deleting >>> them and reversing any unwanted changes they made in the registry >>> will usually remove them without unwanted sideffects. The same cannot >>> be said for an actual virus. >> >> >> > > > > -- > "Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh.. > nudge this boulder right down a cliff." - Goblin Warrior >
From: David H. Lipman on 15 Mar 2010 19:36 From: "The Central Scrutinizer" <gcisko(a)hotmail.com> | And in a corporate environment where you do not have time to manually remove | the big bad virus or malware? Then what? In a corporate environment that follows a strict IA compliance it would be a complete wipe and re-image. However note "re-image". Something that most enterprises practice while most individuals do not. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: Dustin Cook on 15 Mar 2010 20:08 "The Central Scrutinizer" <gcisko(a)hotmail.com> wrote in news:hnmfq4$lql$1(a)speranza.aioe.org: > And in a corporate environment where you do not have time to manually > remove the big bad virus or malware? Then what? That depends on the situation. I'd be asking myself in the corporate environment how this machine was compromised in the first place and take steps to prevent that from happening again. Being as it is a corporate computer and shouldn't have user personal data or anything on it, I'd resort to a known clean image. I should have one readily available if it's a corp machine. In any event, before wiping and reloading; I'd want to know how the machine was compromised, it's important. :) IMO, taking a wipe and reload approach to all situations is akin to using a shotgun for target shooting. -- "Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh.. nudge this boulder right down a cliff." - Goblin Warrior
From: The Central Scrutinizer on 15 Mar 2010 22:14
OK. I am mainly talking about the corp environment not the home environment. :-) Home-wise, I manually fix problems when they arise because it is in my best interest to try to do so. "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:hnmg9c0523(a)news3.newsguy.com... > From: "The Central Scrutinizer" <gcisko(a)hotmail.com> > > | And in a corporate environment where you do not have time to manually > remove > | the big bad virus or malware? Then what? > > In a corporate environment that follows a strict IA compliance it would be > a complete wipe > and re-image. > > However note "re-image". Something that most enterprises practice while > most individuals > do not. > > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > > |