A co-worker friend of my wife asked if I would be willing to look at their
PC. Appearantly they have a bad virus infestation on their PC and have not
been using an anti-virus program. They have spoke to tech support at Gateway
and were told that they may be best off backing up their data and
On Fri, 10 Feb 2006, Jerry Jones wrote:
A co-worker friend of my wife asked if I would be willing to look at their
PC. Appearantly they have a bad virus infestation on their PC and have not
been using an anti-virus program. They have spoke to tech support at Gateway
and were told that they
At 02:44 PM 10/02/2006, Jerry Jones wrote:
A co-worker friend of my wife asked if I would be willing to look
at their PC. Appearantly they have a bad virus infestation on their
PC and have not been using an anti-virus program. They have spoke to
tech support at Gateway and were told that they
I'd also second the backup reinstall, nothing else is 100% in this day
age of things that cloak themselves and not-as-yet detected
exploits/malware.
In addition I would suggest they rotate all passwords used anywhere and
consider monitoring their credit reports if they've done any online
At 03:20 PM 10/02/2006, Mesdaq, Ali wrote:
Honestly just reformat. If you were to try to clean it you would need to
be versed in rootkit detection and other kernel level skills to even be
remotely able to clean out a partially sophisticated virus. Its just
totally not worth it then you never
On Fri, 10 Feb 2006, Thane Sherrington (S) wrote:
Man, I'm shocked at the surrender attitude coming from this list. Removing
viruses and spyware is possible, and really isn't much more time consuming
than a reinstall, and is much less time consuming than a reinstall plus
software install
This is not surrender, it's the current state of things. Why go through
a process that you can't guaranty?
At least if you backup everything, reformat/reinstall then restore
only what is assumed to be data you're narrowing down the field quite
a bit and also removing the potential for a
At 04:00 PM 10/02/2006, Christopher Fisk wrote:
In a business environment, yeah, removal is fine, but as a favor for
someone, go the full reinstall route IMO, it's more sure thing, less
gambling on how long it's going to take, and you leave knowing they
at least have a backup from that day in
On Fri, 10 Feb 2006, Thane Sherrington (S) wrote:
At 04:00 PM 10/02/2006, Christopher Fisk wrote:
In a business environment, yeah, removal is fine, but as a favor for
someone, go the full reinstall route IMO, it's more sure thing, less
gambling on how long it's going to take, and you leave
You have better odds on cleaning the data files then you do cleaning an
entire system. Data alone, unaccessed by the programs that facilitate
virus delivery makes he data easier to clean. If you can't see that,
time to step back and see the forest through the trees.
This is not about making
At 04:07 PM 10/02/2006, warpmedia wrote:
One way is now a hit-or-miss hack job, the other the proper
solution. It's not a academic exercise, it's a job, there is no
reason to spend time and still not be certain you've done the job right.
I am doing the job right. Just because you can't get
You've got half of the answer. But even if it had a payload, having not
been opened with the exploitable program or delivered through a series
steps would mean it's payload is not executed and MAY be detectable.
In some cases the simple act of how the file 1st delivered to the PC is
the
At 04:30 PM 10/02/2006, warpmedia wrote:
This is not about making statement by not giving up and not
bowing down to some malware assholes will, it's about getting the
job done right.
I am doing the job right. I'm glad that you find reinstallation the
best route, but it's not the only route,
At 04:27 PM 10/02/2006, Christopher Fisk wrote:
Because data is data, it's not executed, it's not stored in
registry, it's much easier to verify with virus scanning software.
When was the last time you saw a tiff file with a virus?
What about Word Macros, WMF infections, movie files with
warpmedia wrote:
This is not surrender, it's the current state of things. Why go through
a process that you can't guaranty?
At least if you backup everything, reformat/reinstall then restore
only what is assumed to be data you're narrowing down the field quite
a bit and also removing the
No it means you are assuming because you find nothing more no one
has complained yet. Kind of like an AIDS test, just because it's
negative doesn't mean a whole lot since it tests for the presence of
something. Granted that applied both surgical cleaning and data only
cleanings, but data only
I've not said it's the only, just that it's better. You can't be SURE
it's clean since the executables have been surgically fixed, period.
I'm not trying to be an ass T, it's just that you have no way of BEING
SURE so limiting what you need to disinfect IS the better way because
you are
Yes, but if you are restoring only the data files it's not the same as
doing a full restore with the executables nor is it like how the
infected file got there in the 1st place. I've just posted the statement
that only wiping everything including data and starting from scratch is
known clean
On Fri, 10 Feb 2006, Thane Sherrington (S) wrote:
At 04:27 PM 10/02/2006, Christopher Fisk wrote:
Because data is data, it's not executed, it's not stored in registry, it's
much easier to verify with virus scanning software.
When was the last time you saw a tiff file with a virus?
What
At 03:49 PM 2/10/2006, Thane Sherrington (S) typed:
I am doing the job right. I'm glad that you find reinstallation the
best route, but it's not the only route, and I find it isn't the
best. If the machine is clean at the end, and the customer has a
functional Windows and programs and all
20 matches
Mail list logo