Virus Disabled System Restore & Windows Security
in [Anti-Virus]
|
From: David H. Lipman on 26 May 2010 19:06 From: "FromTheRafters" <erratic(a)nomail.afraid.org> | "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message | news:htk98601uct(a)news3.newsguy.com... >> From: "FromTheRafters" <erratic(a)nomail.afraid.org> >>>> Yes but will not "clean" a virus infected file. >> | Does it detect virally infected files? What I mean is, I'm sure it >> can >> | detect blended threats by their *other* vector's wormlike artifacts >> | (dropped copies of themselves for instance) but can it detect a >> single >> | file infected by Virut for instance (which is listed as a detectable >> | malware)? >> It may detect a file that is infected with Parite or Virut but can not >> remove the Parite >> or Virut virus from the file that had been infected. >> IFF detected, file would be deleted thus iMBAM does not really target >> such infectors and >> leaves them to traditional anti virus applicatiosn that will. | Thanks for the information. YW Think of MBAM as a supplement not as a replacement for traditional anti virus applications. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: Dustin Cook on 26 May 2010 20:20 "FromTheRafters" <erratic(a)nomail.afraid.org> wrote in news:htk712$tbc$1 @news.eternal-september.org: > "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message > news:htk1s001oqs(a)news3.newsguy.com... >> From: "FromTheRafters" <erratic(a)nomail.afraid.org> >> >> | "ASCII" <me2(a)privacy.net> wrote in message >> | news:4bfc113f.3947296(a)EDCBIC... >>>> Doug R wrote: >>>>>Some months back I was infected by some virus but running >>>>>Malwarebytes >>>>>and other anti virus programs cleaned it up >> >>>> MBAM isn't known to be antiviral, won't even detect; IroK, Toady, >>>> Krilie, >>>> Weed, Rustybug, all written and distributed by someone claiming to >>>> be >>>> a >>>> 'malware researcher' for the company. At least until the super >>>> secret >>>> circumstances of his separation transpired. >> >> | It claims detection for *some* viruses and worms though. >> >> >> Yes but will not "clean" a virus infected file. > > Does it detect virally infected files? What I mean is, I'm sure it can > detect blended threats by their *other* vector's wormlike artifacts > (dropped copies of themselves for instance) but can it detect a single > file infected by Virut for instance (which is listed as a detectable > malware)? > > Yes.. it can..in some cases. Virut is very polymorphic tho. -- Are you a former BBSer? Want to go back in time to the old days of ANSI and Renegade? Fire up telnet and go here then: ttb.slyip.com
From: FromTheRafters on 26 May 2010 21:56 "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:htk9a101uee(a)news3.newsguy.com... > From: "FromTheRafters" <erratic(a)nomail.afraid.org> > > | Funny that MBAM didn't do that for you. Sometimes code in a new > version > | of a malware can be close enough to code in a previous version that > a > | detector misidentifies version 'b' as version 'a' and the resulting > | cleaning becomes incomplete. I don't suppose you have the original > | malware quarantined somewhere? > > He never answer my question. > > "You said you used MBAM "Some months back". Have you updated it to > v1.46 and run an scan > since you found these problems ?" Don't you just hate that? :oD He's edited the registry and moved on...
From: David H. Lipman on 26 May 2010 22:02 From: "FromTheRafters" <erratic(a)nomail.afraid.org> | "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message | news:htk9a101uee(a)news3.newsguy.com... >> From: "FromTheRafters" <erratic(a)nomail.afraid.org> >> | Funny that MBAM didn't do that for you. Sometimes code in a new >> version >> | of a malware can be close enough to code in a previous version that >> a >> | detector misidentifies version 'b' as version 'a' and the resulting >> | cleaning becomes incomplete. I don't suppose you have the original >> | malware quarantined somewhere? >> He never answer my question. >> "You said you used MBAM "Some months back". Have you updated it to >> v1.46 and run an scan >> since you found these problems ?" | Don't you just hate that? :oD | He's edited the registry and moved on... { sigh } Yes. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: ~BD~ on 27 May 2010 03:36
"FromTheRafters" <erratic(a)nomail.afraid.org> wrote in message news:htkjgv$9m3$1(a)news.eternal-september.org... | He's edited the registry and moved on... Surely that's the *only* way to 'fix' things if malware has caused a registry alteration? -- Dave |