From: Dustin Cook on
"The Central Scrutinizer" <gcisko(a)hotmail.com> wrote in
news:hnfdab$8r5$1(a)speranza.aioe.org:

> In general, if the virus or malware compromises the system areas, it
> is a wipe
> and reinstall. I do not care what you experts say. You cannot be 100%
> certain
> you know everything the virus did via the compromise.

I have a word for people who are quick to wipe and reload; can you guess
what it probably is? yes, the word is incompetent.

In many cases, the big bad virus and/or malware can be removed without
further harm to the system. Exceptions do exist and will require a
reload, but that's not the general norm. If you really wipe and reload a
system to remove.. say, antivirusxp2010; you shouldn't be anywhere near
computers. It's a non replicating trojan...


In many cases, what the virus or malware program did can be well
documented and studied on test systems; so yes, one can learn what the
malware in question did AND how to undo it.

> "Dustin Cook" <bughunter.dustin(a)gmail.com> wrote in message
> news:Xns9D392CA606FAAHHI2948AJD832(a)69.16.185.250...
>> "The Central Scrutinizer" <gcisko(a)hotmail.com> wrote in
>>> If definitions exist to deal with the virus/malware you should be
>>> OK.
>>
>> Depends. The definitions may support the detection of the virus, but
>> offer no antidote. Most malware OTH are glorified trojans so deleting
>> them and reversing any unwanted changes they made in the registry
>> will usually remove them without unwanted sideffects. The same cannot
>> be said for an actual virus.
>
>
>



--
"Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh..
nudge this boulder right down a cliff." - Goblin Warrior

From: The Central Scrutinizer on
And in a corporate environment where you do not have time to manually remove
the big bad virus or malware? Then what?

"Dustin Cook" <bughunter.dustin(a)gmail.com> wrote in message
news:Xns9D3CA6B96EF7FHHI2948AJD832(a)69.16.185.247...
> "The Central Scrutinizer" <gcisko(a)hotmail.com> wrote in
> news:hnfdab$8r5$1(a)speranza.aioe.org:
>
>> In general, if the virus or malware compromises the system areas, it
>> is a wipe
>> and reinstall. I do not care what you experts say. You cannot be 100%
>> certain
>> you know everything the virus did via the compromise.
>
> I have a word for people who are quick to wipe and reload; can you guess
> what it probably is? yes, the word is incompetent.
>
> In many cases, the big bad virus and/or malware can be removed without
> further harm to the system. Exceptions do exist and will require a
> reload, but that's not the general norm. If you really wipe and reload a
> system to remove.. say, antivirusxp2010; you shouldn't be anywhere near
> computers. It's a non replicating trojan...
>
>
> In many cases, what the virus or malware program did can be well
> documented and studied on test systems; so yes, one can learn what the
> malware in question did AND how to undo it.
>
>> "Dustin Cook" <bughunter.dustin(a)gmail.com> wrote in message
>> news:Xns9D392CA606FAAHHI2948AJD832(a)69.16.185.250...
>>> "The Central Scrutinizer" <gcisko(a)hotmail.com> wrote in
>>>> If definitions exist to deal with the virus/malware you should be
>>>> OK.
>>>
>>> Depends. The definitions may support the detection of the virus, but
>>> offer no antidote. Most malware OTH are glorified trojans so deleting
>>> them and reversing any unwanted changes they made in the registry
>>> will usually remove them without unwanted sideffects. The same cannot
>>> be said for an actual virus.
>>
>>
>>
>
>
>
> --
> "Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh..
> nudge this boulder right down a cliff." - Goblin Warrior
>
From: David H. Lipman on
From: "The Central Scrutinizer" <gcisko(a)hotmail.com>

| And in a corporate environment where you do not have time to manually remove
| the big bad virus or malware? Then what?

In a corporate environment that follows a strict IA compliance it would be a complete wipe
and re-image.

However note "re-image". Something that most enterprises practice while most individuals
do not.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


From: Dustin Cook on
"The Central Scrutinizer" <gcisko(a)hotmail.com> wrote in
news:hnmfq4$lql$1(a)speranza.aioe.org:

> And in a corporate environment where you do not have time to manually
> remove the big bad virus or malware? Then what?

That depends on the situation. I'd be asking myself in the corporate
environment how this machine was compromised in the first place and take
steps to prevent that from happening again. Being as it is a corporate
computer and shouldn't have user personal data or anything on it, I'd
resort to a known clean image. I should have one readily available if it's
a corp machine.

In any event, before wiping and reloading; I'd want to know how the machine
was compromised, it's important. :)


IMO, taking a wipe and reload approach to all situations is akin to using a
shotgun for target shooting.



--
"Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh.. nudge
this boulder right down a cliff." - Goblin Warrior

From: The Central Scrutinizer on
OK. I am mainly talking about the corp environment not the home environment.

:-)

Home-wise, I manually fix problems when they arise because it is in my best
interest to
try to do so.

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:hnmg9c0523(a)news3.newsguy.com...
> From: "The Central Scrutinizer" <gcisko(a)hotmail.com>
>
> | And in a corporate environment where you do not have time to manually
> remove
> | the big bad virus or malware? Then what?
>
> In a corporate environment that follows a strict IA compliance it would be
> a complete wipe
> and re-image.
>
> However note "re-image". Something that most enterprises practice while
> most individuals
> do not.
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
>
>