Would you continue using a HD you disinfected--or do a clean reinstall or Ghost an older H... - Page 2

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Re: Would you continue using a HD you disinfected--or do a clean reinstall or Ghost an older HD image?


Quoted text here. Click to load it

There limits to the locations malware can be installed and that is diminished if
it is
under a LUA.

Also, it is NOT a fact that an "...infected machine can not ever be trusted."
It depends on the malware, aits family and associations.  For example a
FakeAlert trojan
used in a con game can be a simple trojan not associated with a rootkit and
could be a
singular DLL or EXE file.



--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp



Re: Would you continue using a HD you disinfected--or do a clean reinstall or Ghost an older HD image?


Quoted text here. Click to load it

Lol! You never cease to amaze!

Re: Would you continue using a HD you disinfected--or do a clean reinstall or Ghost an older HD image?

Hadron wrote:

Quoted text here. Click to load it

Except that he is right. And you are a pompous stupid twit
How is your imaginary "Debian install" doing?

Re: Would you continue using a HD you disinfected--or do a clean reinstall or Ghost an older HD image?

wrote:

Quoted text here. Click to load it


Projection noted, you dumb kraut.  And keep working:  my fellow
citizens in Greece want your bailout money.  Shutup and get back to
your factory and work you idiot.

RL

Re: Would you continue using a HD you disinfected--or do a clean reinstall or Ghost an older HD image?

Peter Köhlmann wrote:

Quoted text here. Click to load it

Talk about "amazing"...  The Quack asshole just *has* to attack
someone saying "not nice" things about Windows.  Amazingly, the
Wintroll doesn't even *attempt* to make a point!


Re: Would you continue using a HD you disinfected--or do a clean reinstall or Ghost an older HD image?

Quoted text here. Click to load it

   Morons like you are why Windows is such a historic cluster fuck from
top to bottom. It start at Microsoft Corp with engineers with their heads
firmly implanted in their asses all the way down to individual Lemmings
that try to encourage everyone to drink the cool-aid.

   No wonder it's such a mess.

   You idiots will be the end of consumer general purpose computing as
people wrongfully associate your nonsense with general purpose systems
in general.

--
     It's great to run an OS where you have to search Google          |||
     to find problems rather than experiencing them yourself.        / | \

Re: Would you continue using a HD you disinfected--or do a clean reinstall or Ghost an older HD image?

wrote:

Quoted text here. Click to load it
All you say is correct.  However, just to make it clear:
. The operating system doesn't matter
. ALL of the disks connected to the machine after the malware appeared
  is suspect, so needs to be restored from safe backups
. Any machines or disks reachable from the infected machine are
  suspect. You should determine if the antimalware software on the
  remote machines would have protected them and their disks from the
  malware.  Continue until closure.
. Make sure no BIOS malware is present before connecting you backups
. Best to put backup disks in enclosures that only allow readonly
  access

Re: Would you continue using a HD you disinfected--or do a clean reinstall or Ghost an older HD image?


Quoted text here. Click to load it

BIOS malware?  There's malware that infects the BIOS?  What would that
do, aside from annoying the user and perhaps having them go in and
override the BIOS settings?

Reading your post I take it you are tongue-in-cheek.

RL

Re: Would you continue using a HD you disinfected--or do a clean reinstall or Ghost an older HD image?

Per RayLopez99:
Quoted text here. Click to load it

My bias is to not use such a PC - but it's not a religious issue.

Once you learn the ins and outs of keeping data and system on
separate drives, restoring from a known good image becomes close
to trivial - and that's the path I choose given the option.
--
PeteCresswell

Re: Would you continue using a HD you disinfected--or do a clean reinstall or Ghost an older HD image?

(PeteCresswell) wrote:
Quoted text here. Click to load it

Exactly - make the 'flatten and rebuild' scenario the less daunting and
it becomes a no-brainer.

Re: Would you continue using a HD you disinfected--or do a clean reinstall or Ghost an older HD image?

Quoted text here. Click to load it

THanks PeteCresswell.  That seems to be, as I research this issue, the
consensus:  removing the virus is often as much work (or just about)
as a restore.  But sometimes not--hence I ask whether you would trust
the AV software to remove a trojan using a 'one click' fast fix--it's
a bit suspicious to me that a virus could be removed so quick by a
program, hence I took the restore (or rather, even harder, clean metal
re-installation) route.

RL

Re: Would you continue using a HD you disinfected--or do a clean reinstall or Ghost an older HD image?


Quoted text here. Click to load it

I would ask myself these questions:

1. Since *you* cleaned it, how difficult was it, and how confident are you
that you got it all? Are you familiar with what you were dealing with wrt
potential MBR involvment etc.?

2. How easily and how quickly could you detect the first sign that it was
still there?

3. Can you keep up-to-date backups of your data in case it comes back (in
which case I would definitely recomment a reformat and re-install).

Repair vs. Re-install is a fairly controversial subject as I understand it.
 --
Jim




Re: Would you continue using a HD you disinfected--or do a clean reinstall or Ghost an older HD image?

Quoted text here. Click to load it

Those are all good points and worthy of separate threads.

For example, I can see where if you keep shallow copies, or say copies
only going back two iterations (like I do--they go back 2 weeks x 2 =
1 month back) then restoring an old version might mean you still have
the virus but you did not notice it back then--assuming such "delayed
viruses" are out there.

Backups of data: good point--I do keep separate backups of data (as
opposed to ghost backups of HD sectors)

MBR--good stuff.  The virus I had messed up the MBR and I ended up
doing a clean reinstall.

RL

Site Timeline