Re: Antivirus 2008
- From: "NeilH" <neil@xxxxxxxxx>
- Date: Mon, 8 Sep 2008 08:36:19 +0100
Sounds to me like a good backup is required!!
"Alan C" <nospam@xxxxxxxxx> wrote in message
news:%23GXZffREJHA.4040@xxxxxxxxxxxxxxxxxxxxxxx
Although the pc in question is a on a small network(assumption correct),it
is used by the financial controller. It therefore has software/data (e.g.data
payroll) and some proprietary programs that are not on the server. The
is safe, but flattening the pc would mean not just reinstalling the OS andspent
programs but booking the 3rd party guys to come and reconfigure their
software. Last time (hdd failure) this cost more than the pc was worth and
took over a week.
OK, special case. We all know how frequent they are. That is why I've
the last two days sweating blood to ensure the malware is removed fully,and
didn't just wipe it.the
For the record, I mentioned the '70's start to illustrate my cynicism at
obviously banal replies that are inevitable. Also wordy, 'stating theover.
obvious' posts can appear to be extremely patronizing, even when not
intended.
I use these ng's for clues and ideas, not necessarily for cures. Rant
"Kerry Brown" <kerry@xxxxxxxxxxxxxxxxxxx*a*m> wrote in messageAt
news:O51R2gQEJHA.1272@xxxxxxxxxxxxxxxxxxxxxxx
I'm sorry if you think I was patronizing. I also started in IT in the
70's, although I don't know what this has to do with the conversation.
athe very least my experience has taught me that there are many different
points of view regarding computer security and that my view may differ
from others. I have learned that I need to be open to other points of
view. There is no one right answer when it comes to computer security.
These newsgroups are read by many thousands of people who may not have
your experience and knowledge. Many people will find these posts through
programsearch engine. They need to know that even though an anti-malware
may seem to remove some malware the possibility exists that the computer
restoringis not "clean".
Once a computer is owned by someone else (infected) the only way to be
100% certain the infection is gone is to flatten and rebuild the system
from known good media. This could mean starting from scratch or
repairedfrom a known good backup. A good part of my business is dealing with
malware infections. I have learned that an infected system can be
tobut not definitively cleaned by any other other method. It is up to you
thisdecide how much of a risk this is. As you posted this in a server
newsgroup I assume the computer in question is part of a network. If
chanceis the case then by cleaning an infected computer you are taking a
network.that the computer may not be fully cleaned and may compromise the
wayBalancing the time and resources used between mitigating that risk and
fixing the infected computer is a decision only you can make. For me, if
the computer is part of a network that a business relies on, the best
cleanto fix a malware infection is to flatten the computer and restore a
aimage. There shouldn't be any important data on the computer so this is
workquick and easy fix. If the computer is not part of a network, or good
network policies have not been implemented, then other solutions may
sometimesbetter. I am sometimes called in to fix things when something goes wrong
due to good network policies not being implemented. Like you, I
payresort to cleaning an infected system as the customer does not want to
imagefor the proper fix, which is not quick and easy because there is no
startedavailable and company data is not stored on a server. This doesn't mean
this is the best solution or that I don't inform the customer of the
potential risks of this solution. The important thing to understand is
that is is a compromise and not the best solution.
--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/
http://vistahelpca.blogspot.com/
"Alan C" <nospam@xxxxxxxxx> wrote in message
news:ua9zUAQEJHA.3604@xxxxxxxxxxxxxxxxxxxxxxx
You don't seem to understand that I know what I am doing, having
tellin IT in the mid 1970's. Admittedly there is still a learning curve as
OS's, etc, evolve, hence my questions to these ng's.
And I don't appreciate the patronizing attitude of some posters.
The pc in question is now clean.
"Kerry Brown" <kerry@xxxxxxxxxxxxxxxxxxx*a*m> wrote in message
news:uaW$6fPEJHA.3288@xxxxxxxxxxxxxxxxxxxxxxx
You still don't seem to understand what everyone has been trying to
beyou. Once a system has been infected there is no way of knowing if it
has been cleaned/repaired except doing a full format and rebuild. You
have been able to fix the symptoms that you noticed. There may still
accessible.other left over problems or the computer may still be infected.
--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/
http://vistahelpca.blogspot.com/
"Alan C" <nospam@xxxxxxxxx> wrote in message
news:%23Zn6XNNEJHA.1456@xxxxxxxxxxxxxxxxxxxxxxx
For information and enlightenment:
I fixed the problem, it turned out to be a winsock corruption.
reinstalling tcp was the answer.
"Alan C" <nospam@xxxxxxxxx> wrote in message
news:uq4O1rAEJHA.1460@xxxxxxxxxxxxxxxxxxxxxxx
One XPPro workstn was infected by the antivirus 2008 trojan, which I
have managed to clean.
One problem remains: I cannot browse any server (2003) shares via
network places or explorer, although all mapped drives are
When I try to browse to the server, - '\\our_srv\' only one share is
shown - 'userdata' - and this appears as an empty folder.
I know that the trojan affects the local policies, which I've reset,
but cannot find anything that would cause the above.
Any help, suggestions, guidance would be gratefully received.
P.S. I'm not sure if this is the correct ng. Hope it is.
.
- References:
- Antivirus 2008
- From: Alan C
- Re: Antivirus 2008
- From: Alan C
- Re: Antivirus 2008
- From: Kerry Brown
- Re: Antivirus 2008
- From: Alan C
- Re: Antivirus 2008
- From: Kerry Brown
- Re: Antivirus 2008
- From: Alan C
- Antivirus 2008
- Prev by Date: Windows 2003 Enterprise - 16 Way
- Next by Date: failing to login the recovery console
- Previous by thread: Re: Antivirus 2008
- Next by thread: Re: Antivirus 2008
- Index(es):
Relevant Pages
|
