|
|
|
|
|
Posted by Thor Kottelin on June 20, 2008, 6:19 am
Please log in for more thread options
Instead of replying to every single "I have a virus" post, I am going to
say this once.
The best current practice for cleaning up a system on which malware has
been executed is to reinstall the operating system cleanly. Vendors will
offer you software, bells and whistles to no end, but the only way to be
certain that your system is clean is to reinstall it. Of course you need
to do this in a way that does not repeat whatever you did in order to have
the malware installed in the first place.
You do need is a good antivirus and firewall product to continuously
protect you from intrusion attempts. This is absolutely vital. In
addition, your virus scanner will try to remove any non-executed malware
from e.g. incoming email. However, once malicious software has actually
run on your computer, you should reinstall.
Please believe me when I say that professional sysadmins do not wield
FixCleanSuperThis or WizKillHyperThat when cleaning up after e.g. a server
compromise. They try to work out how the intrusion occurred, and then they
reinstall the system from scratch, in a way that does not reopen the
previous attack window.
Your comments are welcome.
--
Thor Kottelin
http://www.anta.net/
Antivirus, firewall, parental control: http://www.anta.net/sw/norman/
|
|
Posted by David H. Lipman on June 20, 2008, 6:37 am
Please log in for more thread options
| Instead of replying to every single "I have a virus" post, I am going to
| say this once.
| The best current practice for cleaning up a system on which malware has
| been executed is to reinstall the operating system cleanly. Vendors will
| offer you software, bells and whistles to no end, but the only way to be
| certain that your system is clean is to reinstall it. Of course you need
| to do this in a way that does not repeat whatever you did in order to have
| the malware installed in the first place.
| You do need is a good antivirus and firewall product to continuously
| protect you from intrusion attempts. This is absolutely vital. In
| addition, your virus scanner will try to remove any non-executed malware
| from e.g. incoming email. However, once malicious software has actually
| run on your computer, you should reinstall.
| Please believe me when I say that professional sysadmins do not wield
| FixCleanSuperThis or WizKillHyperThat when cleaning up after e.g. a server
| compromise. They try to work out how the intrusion occurred, and then they
| reinstall the system from scratch, in a way that does not reopen the
| previous attack window.
| Your comments are welcome.
| --
| Thor Kottelin
| http://www.anta.net/
| Antivirus, firewall, parental control: http://www.anta.net/sw/norman/
Yes. Everyone should wield a sledge hammer at all flies and one size fits all.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
|
|
Posted by Root Kit on June 20, 2008, 7:26 am
Please log in for more thread options On Fri, 20 Jun 2008 06:37:06 -0400, "David H. Lipman"
>Yes. Everyone should wield a sledge hammer at all flies and one size fits all.
Well, if you don't know about the damage, better use a big tool.
See, unless you have a baseline and can revert to a known clean state
that way this is the only reasonable solution. There is NO other way
to make sure you made a full clean.
I know that what you normally promote is much more convenient - but
this is about security, not about luck and good feelings. I'm afraid
you don't understand the nature of modern malware.
|
|
Posted by David H. Lipman on June 20, 2008, 6:25 pm
Please log in for more thread options
| On Fri, 20 Jun 2008 06:37:06 -0400, "David H. Lipman"
|
>> Yes. Everyone should wield a sledge hammer at all flies and one size fits
all.
|
| Well, if you don't know about the damage, better use a big tool.
|
| See, unless you have a baseline and can revert to a known clean state
| that way this is the only reasonable solution. There is NO other way
| to make sure you made a full clean.
|
| I know that what you normally promote is much more convenient - but
| this is about security, not about luck and good feelings. I'm afraid
| you don't understand the nature of modern malware.
Actually I do.
I wouldn't wipe a system and reinstall the OS just because the user has an
adware BHO.
One size does NOT fit all.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
|
|
Posted by Root Kit on June 21, 2008, 1:40 am
Please log in for more thread options On Fri, 20 Jun 2008 18:25:14 -0400, "David H. Lipman"
>I wouldn't wipe a system and reinstall the OS just because the user has an
adware BHO.
Of course not. Adware is not malware. It's just a user-induced
problem.
>One size does NOT fit all.
When dealing with the unknown, yes. And that's true in the vast
majority of cases.
|
| Similar Threads | Posted | | remove malware - drive cleaner | January 13, 2007, 1:09 pm |
| Is Skype Emotions Art a malware? How to remove this junk? | January 18, 2008, 11:22 am |
| reinstall ...or just hope ? | July 16, 2006, 5:37 pm |
| System.ini | January 23, 2006, 9:52 am |
| System shutting Down | June 28, 2005, 10:21 am |
| NT AUTHORITY SYSTEM | September 13, 2005, 2:52 pm |
| system error | December 12, 2006, 3:18 am |
| System Alert!!! | January 24, 2007, 12:06 am |
| System Volume Information...WTF | December 14, 2005, 8:57 am |
| System Restore File is a PUP | August 1, 2006, 2:05 am |
|
|
|
|
XML Sitemap