Re: TROJAN that won't go away
From: GTS (x)
Date: 05/17/05
- Previous message: Malke: "Re: anti virus software recomindations"
- In reply to: Malke: "Re: TROJAN that won't go away"
- Next in thread: GTS: "Re: TROJAN that won't go away"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 17 May 2005 10:50:49 -0400
Malke,
I don't clear the RP's until cleanup is completed and I have done several
test reboots and complete application and network testing. I sometimes
service PC's with 20 plus Viruses/Trojans and 1200 or more parasite items.
Because System Restore essentially builds a Delta, I'm not totally confident
that the 'create new/delete all but last' is foolproof, though it is
probably adequate. (I like to nail every subtle remnant including the types
that some specialized tools like Bazooka tend to turn up after other tools
report clean.) Microsoft recommends the disable/reenable approach, but
their tech net documentation on System Restore is dated and contains some
inaccuracies.
(One of these days I plan to do some testing on the issue by backing up the
completely cleaned machine and doing a System Restore and reexamination.
Will share the results.)
-- "Malke" <invalid@not-real.com> wrote in message news:OWOtAcoWFHA.2448@TK2MSFTNGP12.phx.gbl... > David H. Lipman wrote: > >> From: "GTS" <x> >> >> | Malke, >> | >> | Are you completely confident that removing all but the last RP >> | after >> | cleanup, as contrasted to disabling and re-enabling SR, is effective >> | to >> | purge all parasites I tend to do the latter but have seen >> | differing opinions. >> | -- >> >> If you understand the concepts and understand the risks, use the >> method you feel comfortable with. >> > Thanks, Dave. We are in total agreement. I like to leave a System > Restore point until I'm quite sure everything is fine so as to have a > fallback position - although usually if things are That Hosed, the > fallback position isn't necessarily useful :-). Then I like to make a > new clean point and get rid of the old ones. But if the OP likes to be > really, really sure he could always just disable/enable SR once he > knows everything is OK. > > Malke > -- > Elephant Boy Computers > www.elephantboycomputers.com > "Don't Panic!" > MS-MVP Windows - Shell/User
- Previous message: Malke: "Re: anti virus software recomindations"
- In reply to: Malke: "Re: TROJAN that won't go away"
- Next in thread: GTS: "Re: TROJAN that won't go away"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
