|
Posted by cquirke (MVP Windows shell/use on March 27, 2007, 7:56 am
If you were Registered and logged in, you could reply and use other advanced thread options >On Mon, 26 Mar 2007 22:25:35 +0200, "cquirke (MVP Windows shell/user)"
>>>On 24 Mar 2007 10:40:41 -0700, routeclothing@hotmail.co.uk wrote:
>>This is one of 200+ fake "antispyware" (f)utilities, and there are
>>tools that can clean it up.
>
>If it's the only thing...
Yup. There's no one malware per customer rule, and the risk profile
that let this one in may have let others in. OTOH, this malware per
se is not a RAT or trojan downloader, so it's reasonably bounded.
>>>>I have been told that other people I know have had it but they have
>>>>just simply wiped their hard drive,
>>>which is also the only reasonable thing to do in such situation
>>Rubbish.
>You'd wish.
I know...
>>>Backup your data files and re-install windows.
>>Bad advice, for drive-by malware infections.
>No. Giving "removal" tool advice without having access to a machine to
>verify it afterwards is bad advice.
If you don't have the skills to detect and clean, (and more to the
point, didn't have the skills to avoid clicking up a fake malware
alert) then you prolly don't have the skills to follow your advice,
either. So either way, it's "best effort, good luck".
>>See: http://cquirke.mvps.org/reinst.htm
>>The fallacy is not that malware can persist after attempts to detect
>>and clean it (though formal methods work pretty well).
>>The fallacy is that "just" wiping and re-installing Windows (thus
>>falling back to aun unpatched, exploitable state with no up-to-date
>>av) and restoring "data" backups (with the risk of restoring malware)
>>is something that will always lead to a system that stays clean.
>I should of course have used the proper term: Flatten and rebuild.
Same difference. You're rebuilding a duhfault install with duhfault
settings, no patches, no firewall in < XP SP2, and no updated av.
Just how long do you expect that state to stay clean?
Or do you think that being able to say "you were clean for the first
10 minutes after your first boot up" = Mission Accomplished?
I don't hear you ask about XP version, advise about firewalls or WiFi,
or mention anything about screening "backed up data" for malware.
There's no glib 2-line solution, but the difference is that following
your advice may not only fail to attain and maintain a clean state,
but may also leve the system in an unusable state, if there are
availability problems with OS CD, drivers, app installers etc.
"Just wipe and rebuild" is all very well in the rareified space of
pro-IT, with imaging facilities, all data off-system on a server
somewhere, pro-administered backups, and a docile/cowed user
population who just have to accept the collateral damage.
It's always been an unacceptably high-impact "solution" for consumers,
and if that's the best survivability this platform can offer, then
it's high time this platform had it's butt kicked.
>--------------- ----- ---- --- -- - - -
Tech Support: The guys who follow the
'Parade of New Products' with a shovel.
>--------------- ----- ---- --- -- - - -
| 
XML site map