viruses and spyware

viruses and spyware
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
viruses and spyware Kabouter 03-12-2007
---> Re: viruses and spyware Nick Domukhovsk...03-13-2007
Posted by =?Utf-8?B?S2Fib3V0ZXI=?= on March 12, 2007, 11:34 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Can anybody point me in the direction of or give me the links to virus and
spyware removal programs please just removed one but want to be prepared in
the future. Thanks

Posted by Nick Domukhovsky on March 13, 2007, 2:43 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Kabouter =D0=BF=D0=B8=D1=88=D0=B5=D1=82:
> Can anybody point me in the direction of or give me the links to virus =
and=20
> spyware removal programs please just removed one but want to be prepare=
d in=20
> the future. Thanks
In present, all of the "viruses" (this is not real viruses, which
infected executable files in old systems) can be removed manual with use
of autoruns utility from sysinternals suite:
http://www.microsoft.com/technet/sysinternals/default.mspx
Simply look for suspicious entries, then try to remove it (in most cases
malware will try to restore it registry entries, so you'll need to deny
access to local system for writing in registry entry you find, after
removing, rebooting and deleting malware files you can restore original
registry entries).







--=20
With best regards
Nickolay Domukhovsky, MCSA


Posted by David H. Lipman on March 13, 2007, 4:52 pm
If you were  Registered and logged in, you could reply and use other advanced thread options


| In present, all of the "viruses" (this is not real viruses, which
| infected executable files in old systems) can be removed manual with use
| of autoruns utility from sysinternals suite:
| http://www.microsoft.com/technet/sysinternals/default.mspx
| Simply look for suspicious entries, then try to remove it (in most cases
| malware will try to restore it registry entries, so you'll need to deny
| access to local system for writing in registry entry you find, after
| removing, rebooting and deleting malware files you can restore original
| registry entries).
|

This is a FALSE statement and bad information.

First you must differentiate between viral and non-viral malware. Non-viral
malware in the
form of SOME Trojans may be ablr to stopped from loaded but will not be removed
by this
methodology. There are many ways that Malware can be loaded by the OS that
auto-runs will
miss. Additionally the malware may be multi-facted and may more than one
loading approach
with one protecting the other such that the malware can NOT be removed. A good
example
would be a Klone or Conhook Trojan.

Second is if the malware is indeed a virus. There are different typoe of
viruses from Boot
Sector Infectors to Internet worms to file infectors. Therea re many viruses in
the wild
that will spread by infecting other files. I can tell you how many times I have
come
accross a IRCBot or IRC Trojan that is infected with the Parite virus.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Posted by Nick Domukhovsky on March 14, 2007, 1:13 am
If you were  Registered and logged in, you could reply and use other advanced thread options
> This is a FALSE statement and bad information.
>
> First you must differentiate between viral and non-viral malware. Non-viral
malware in the
> form of SOME Trojans may be ablr to stopped from loaded but will not be
removed by this
> methodology. There are many ways that Malware can be loaded by the OS that
auto-runs will
> miss. Additionally the malware may be multi-facted and may more than one
loading approach
> with one protecting the other such that the malware can NOT be removed. A
good example
> would be a Klone or Conhook Trojan.
>
> Second is if the malware is indeed a virus. There are different typoe of
viruses from Boot
> Sector Infectors to Internet worms to file infectors. Therea re many viruses
in the wild
> that will spread by infecting other files. I can tell you how many times I
have come
> accross a IRCBot or IRC Trojan that is infected with the Parite virus.
>

Maybe. But I didn't saw a real virus (that is - malware, which infect
executable files) for a last 10 years. Only malware which placed itself
in various locations and uses various registry entries ti start itself.



--
With best regards
Nickolay Domukhovsky, MCSA

Posted by David H. Lipman on March 14, 2007, 5:04 pm
If you were  Registered and logged in, you could reply and use other advanced thread options


| Maybe. But I didn't saw a real virus (that is - malware, which infect
| executable files) for a last 10 years. Only malware which placed itself
| in various locations and uses various registry entries ti start itself.
|

Maybe YOU haven't....
Just a week ago or so I was looking at a Win64 file infecting virus.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Similar ThreadsPosted
Spyware vs. viruses October 28, 2005, 10:24 pm
USB & Viruses? October 1, 2005, 2:56 pm
several viruses January 3, 2006, 12:15 pm
Viruses and hijackthis July 29, 2005, 6:33 am
May help others Popups and Malware and Viruses November 25, 2005, 2:23 am
permanent solution to viruses July 10, 2006, 6:26 am
BitDefender found 2 viruses, but cannot get rid of them, jelp. October 14, 2006, 8:23 am
Re: Removing viruses from another hard drive. August 13, 2007, 6:12 am
Removing viruses from another hard drive. August 13, 2007, 4:10 am
Secure Auditor also checks viruses! April 19, 2008, 3:02 am

The site map in XML format XML site map

Contact Us | Privacy Policy