My objection is that in this case, we have no idea what the infection is. If we knew the computer had been subjected to a specific kind of infection or infections, that necessitated reformatting, then a definite statement could be made. Or if we knew a massive attack had occurred which had placed ten or twenty or more pieces of malware on the machine, reformatting would be adviseable. But it appears that the computer has been infected with some sort of adware trying to sell a worthless product. That sort of infection can often ge completely removed. We also know the computer rreboots often. But that does not mean that a reformat is necessary. Reboots may be caused by poorly designed malware and do not necessarily mean that the machine must be reformatted. I once saw a tech disinfect a machine that had been attacked by a malicious web site and that had over twenty pieces of malware from the attack. It was a long job and I wouldn't have bothered having the tech spend the time or spending the money. I would have just had the tech reformat the computer. but the owner of the computer had certain specific reasons she didn't want this done and the tech successfully disinfected the computer. I know this because the person used a credit card after disinfection and nothing adverse happened as a result. Also, the machine was shown to be clean by two reputable programs and no symptoms of infection were present. I'm not saying that reformatting should or should not be done in the instance we are discussing. I'm saying that I don't think it is good procedure to give such definite directive advice. What I would advise is to have a good tech look at the machine if you are not competent to determine what the infection or infections are and how serious they are but I wouldn't advocate a specific course of action beyond that. Consider the Sasser worm from a number of years ago. It caused Windows XP machines to reboot every few minutes but it was not very difficult to remove. I've looked up discussions on Internet forums on many infections where the infection was removed by using antimalware programs and/or hijack this or manual removal. I am far from convinced that a machine must be reformatted as the result of many infections. Then, on the other hand, there are times when it should be.
Gene----- Original Message ----- From: "Ch.B." <chr1s64@xxxxxx>
To: <accesscomp@xxxxxxxxxxxxx> Sent: Monday, December 14, 2009 1:56 PM Subject: [accesscomp] Re: windows security issue
Yes, if it is a simple virus or just some spyware thing, you can normallyeasily isolate it. Trojans or some of the harder to come by suckers you justnever know how far they ate onto your system yet. If it ends up with machines shutting off and such, than it stops being funny. Time to nuke. --- Happy chanukah everyone! Chanuka Sameach! -----Original Message----- From: accesscomp-bounce@xxxxxxxxxxxxx [mailto:accesscomp-bounce@xxxxxxxxxxxxx] On Behalf Of Gene Sent: Monday, December 14, 2009 8:46 PM To: accesscomp@xxxxxxxxxxxxx Subject: [accesscomp] Re: windows security issue However, there are some infections that are simply what they are and don't put all sorts of other malware on the machine. A really knowledgeable person concerning malware may well be able to uninfect the machine and not need to reformat and reinstall everything. It depends what the machine is infected with and how many infections are on the machine. Lots of users become infected at one time or another with this or that piece of malware and the malware is removed with no lasting bad effects. Gene----- Original Message ----- From: "Ch.B." <chr1s64@xxxxxx>To: <accesscomp@xxxxxxxxxxxxx> Sent: Monday, December 14, 2009 1:06 PM Subject: [accesscomp] Re: windows security issueOh, ok, thanks for the tip. I stayed away from that list until now, as Ithought it was strictly related to stuff about programming and such, whichI never got into.yet..lol --- Happy chanukah everyone! Chanuka Sameach! From: accesscomp-bounce@xxxxxxxxxxxxx [mailto:accesscomp-bounce@xxxxxxxxxxxxx] On Behalf Of Scott Granados Sent: Monday, December 14, 2009 7:57 PM To: accesscomp@xxxxxxxxxxxxx Subject: [accesscomp] Re: windows security issue Totally agreed, nothing ever replaces safe computing practices. BTW, if you're in to unattended installs you might join the blind sysadmins group. THere's a discussion on this very stopic going on and some fairly good clue.----- Original Message -----From: Ch.B. <mailto:chr1s64@xxxxxx> To: accesscomp@xxxxxxxxxxxxx Sent: Monday, December 14, 2009 10:53 AM Subject: [accesscomp] Re: windows security issue True that. I have to find a good unattended install for windows 7 still, since I went to the new OS some months ago. With xp I did all on my own, now last time I had to get someone to put in the serials for me and the initial settings until I was able to get the screenreader going. Big problem is also that with a lot of software companies that distribute anti virus and malware software, they lull people into a false sense of security where they think 'oh I have so and so installed on my system, so I can just go hog wild clicking away on stuff'. Common sense, in my opinion is still the best, anti virus measures out there lol --- Happy chanukah everyone! Chanuka Sameach! From: accesscomp-bounce@xxxxxxxxxxxxx [mailto:accesscomp-bounce@xxxxxxxxxxxxx] On Behalf Of Scott Granados Sent: Monday, December 14, 2009 7:41 PM To: accesscomp@xxxxxxxxxxxxx Subject: [accesscomp] Re: windows security issueI totally agree. That's part of the way these bad guys get machines is by creating fake PC scanns that they claim return your PC to the state it wasnew. The only time I've gotten a virus is when someone let one loose in a company I was working for and they didn't have proper IPS installed. What I can tell you though is coming from the service provider background, you'd be shocked how many infected machines are out there. More frightening still is how many are out there and their users don't even know.:(----- Original Message -----From: Ch.B. <mailto:chr1s64@xxxxxx> To: accesscomp@xxxxxxxxxxxxx Sent: Monday, December 14, 2009 10:37 AM Subject: [accesscomp] Re: windows security issue Actually I have been virus free fort he last 10 years or so. The only times I did catch something was because I was lazy and neglected some stuff. I am actually one to clean install my three machines like once a year, regardless. because no matter what you do as far as maintenance, there is nothing as sweet and fast, as a freshely installed OS , smile --- Happy chanukah everyone! Chanuka Sameach! From: accesscomp-bounce@xxxxxxxxxxxxx [mailto:accesscomp-bounce@xxxxxxxxxxxxx] On Behalf Of Scott Granados Sent: Monday, December 14, 2009 7:29 PM To: accesscomp@xxxxxxxxxxxxx Subject: [accesscomp] Re: windows security issue No I agree with you I didn't think you were missing the point just wanted to hammer home the gravity of the situation. I'm with you, I kill the bugsright on the wire in hardware, none of this software based virus nonsense. Different paths to the same end but I like handling all the virus and worm/ intrusion problems on the wire before my computer is even touched. That or just don't run windows.;)----- Original Message -----From: Ch.B. <mailto:chr1s64@xxxxxx> To: accesscomp@xxxxxxxxxxxxx Sent: Monday, December 14, 2009 10:24 AM Subject: [accesscomp] Re: windows security issue I KNOW that. This was just a tip since he did not seem that keen on just going right ahead and nuking his system Me personally I NEVER run a compromised system. I was merely pointing out that a scan with his own software would be of no use, once something already got thru on his pc. --- Happy chanukah everyone! Chanuka Sameach! From: accesscomp-bounce@xxxxxxxxxxxxx [mailto:accesscomp-bounce@xxxxxxxxxxxxx] On Behalf Of Scott Granados Sent: Monday, December 14, 2009 7:11 PM To: accesscomp@xxxxxxxxxxxxx Subject: [accesscomp] Re: windows security issue I'd have to disagree here a little. These tools just don't reliably get rid of bugs. They do a pretty good job of keeping them out and cutting them off at the pass but once they get in your system you just can't trust the pc any further. Even using one of theonline scanners can be problematic because the virus redirects you to whatyou think is an online scanner and is actually a site running by the bad guy that looks the same but introduces yet more malware. If you take the route of scanning and not reformatting then never ever use a credit card from the pc again and assume everything you do from now on is being read by a bad guy. Do what you want but I just wouldn't trust it if you have a bug in thesystem. Would you have sex with an aids patient with full blown aids evenwith a condom? Likely not because there is still potentially risk, same here. To late for the rubber my friend.;) I don't mean to be crude just show you the gravity of the situation.----- Original Message -----From: Ch.B. <mailto:chr1s64@xxxxxx> To: accesscomp@xxxxxxxxxxxxx Sent: Monday, December 14, 2009 10:00 AM Subject: [accesscomp] Re: windows security issue Sounds to me that there really might be a virus, trojan or whatever that made it way onto your computer. Running a virus scan with softeware on your machine, may not help, since if the virus already bypassed your anti virus program it may not even go off now. I recommend a thorough scan using an online scanner like kaspersky or pc cillin from trendmicro. HTH --- Happy chanukah everyone! Chanuka Sameach! From: accesscomp-bounce@xxxxxxxxxxxxx [mailto:accesscomp-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew Godwin Sent: Monday, December 14, 2009 6:10 PM To: accesscomp@xxxxxxxxxxxxx Subject: [accesscomp] Re: windows security issue I agree, performing a disk reformat and reinstalling windows certainly will insure the threat is gone. However, that is quite a task. So, I would start by running a Virus scan with the antivirus software loadded on the computerand run a spyware scan with a program like SUPER Antispyware Free Edition.If that doesn't work you probably will need to consider performing the disk reformat and windows reinstall.----- Original Message -----From: Marcus Williams <mailto:marcus72@xxxxxxx> To: accesscomp@xxxxxxxxxxxxx Sent: Monday, December 14, 2009 11:47 AM Subject: [accesscomp] Re: windows security issue You're dealing with a user with little knowledge of computer operations. Can you outline the steps for this process? If not, can you tell me where to begin looking for the information?----- Original Message -----From: Scott Granados <mailto:gsgranados@xxxxxxxxxxx> To: accesscomp@xxxxxxxxxxxxx Sent: Monday, December 14, 2009 10:44 AM Subject: [accesscomp] Re: windows security issue Reformat your hard disk and reinstall windows. That's the only way to be certain you've gotten rid of the threat.----- Original Message -----From: Marcus Williams <mailto:marcus72@xxxxxxx> To: accesscomp@xxxxxxxxxxxxx Sent: Monday, December 14, 2009 8:18 AM Subject: [accesscomp] windows security issue Hi all, Recently, my computer started issuing warnings about infected or suspicious files. The warnings occur every few minutes even if I press the "cancel button" that is presented. By the way, the "cancel button" is the only choice I'm given; and still the warnings keep appearing, accompanied by the offer to buy some antimalware protection whose origins I can't locate. And just to pur insult on top of injury, my computer has started shutting down and restarting without input from me. Some help is really needed here! Marcus marcus72@xxxxxxx