Virus Disabled System Restore & Windows Security
in [Anti-Virus]
|
From: FromTheRafters on 26 May 2010 18:23 "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:htk1s001oqs(a)news3.newsguy.com... > From: "FromTheRafters" <erratic(a)nomail.afraid.org> > > | "ASCII" <me2(a)privacy.net> wrote in message > | news:4bfc113f.3947296(a)EDCBIC... >>> Doug R wrote: >>>>Some months back I was infected by some virus but running >>>>Malwarebytes >>>>and other anti virus programs cleaned it up > >>> MBAM isn't known to be antiviral, won't even detect; IroK, Toady, >>> Krilie, >>> Weed, Rustybug, all written and distributed by someone claiming to >>> be >>> a >>> 'malware researcher' for the company. At least until the super >>> secret >>> circumstances of his separation transpired. > > | It claims detection for *some* viruses and worms though. > > > Yes but will not "clean" a virus infected file. Does it detect virally infected files? What I mean is, I'm sure it can detect blended threats by their *other* vector's wormlike artifacts (dropped copies of themselves for instance) but can it detect a single file infected by Virut for instance (which is listed as a detectable malware)?
From: FromTheRafters on 26 May 2010 18:29 Funny that MBAM didn't do that for you. Sometimes code in a new version of a malware can be close enough to code in a previous version that a detector misidentifies version 'b' as version 'a' and the resulting cleaning becomes incomplete. I don't suppose you have the original malware quarantined somewhere? "Doug R" <scootersite(a)NOSPAMhotmail.com> wrote in message news:ak3rv51h2f0n4aormc3ttg97pat1gl3u0n(a)4ax.com... > What I found was that the virus had added a line to the registry > turning Restore off. I deleted that one line and all is good again. > Thanks for replying! [...]
From: David H. Lipman on 26 May 2010 19:01 From: "FromTheRafters" <erratic(a)nomail.afraid.org> >> Yes but will not "clean" a virus infected file. | Does it detect virally infected files? What I mean is, I'm sure it can | detect blended threats by their *other* vector's wormlike artifacts | (dropped copies of themselves for instance) but can it detect a single | file infected by Virut for instance (which is listed as a detectable | malware)? It may detect a file that is infected with Parite or Virut but can not remove the Parite or Virut virus from the file that had been infected. IFF detected, file would be deleted thus iMBAM does not really target such infectors and leaves them to traditional anti virus applicatiosn that will. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: David H. Lipman on 26 May 2010 19:02 From: "FromTheRafters" <erratic(a)nomail.afraid.org> | Funny that MBAM didn't do that for you. Sometimes code in a new version | of a malware can be close enough to code in a previous version that a | detector misidentifies version 'b' as version 'a' and the resulting | cleaning becomes incomplete. I don't suppose you have the original | malware quarantined somewhere? He never answer my question. "You said you used MBAM "Some months back". Have you updated it to v1.46 and run an scan since you found these problems ?" -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: FromTheRafters on 26 May 2010 19:03
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:htk98601uct(a)news3.newsguy.com... > From: "FromTheRafters" <erratic(a)nomail.afraid.org> > >>> Yes but will not "clean" a virus infected file. > > | Does it detect virally infected files? What I mean is, I'm sure it > can > | detect blended threats by their *other* vector's wormlike artifacts > | (dropped copies of themselves for instance) but can it detect a > single > | file infected by Virut for instance (which is listed as a detectable > | malware)? > > It may detect a file that is infected with Parite or Virut but can not > remove the Parite > or Virut virus from the file that had been infected. > > IFF detected, file would be deleted thus iMBAM does not really target > such infectors and > leaves them to traditional anti virus applicatiosn that will. Thanks for the information. |