worm? virus?

  • Thread starter Thread starter shepetie
  • Start date Start date
Anna said:
....





Leonard:
I fully understand that as I've indicated in the initial opening of
my post.
But it *is* conceivable that even with a malware infestation
corrupting the OS, a Repair install *might* return the system to a
functional state if only for a brief moment of time allowing the user
to then (hopefully) remove the malware. Obviously the nature of the
malware infestation (assuming that *is* the root cause of the
problem(s) being experienced) will play a role here in determining
whether a Repair install of the OS will be successful or not.
In any event it would seem the OP is just about at the end of her
"tether" with regard to this situation so while I freely admit my
suggested course-of-action is iffy at best, I thought it was worth a
shot given the situation.
Anna
Click to expand...

I'd have to agree with you, Anna. If it works, great. If not, well,
nothing was lost in trying it, especially when a point of diminishing
returns is looming it's definitely worth a try before going through the
pain of a rebuild. It may not help either, but I'll also sometimes
recommend a chkdsk run too; on rare occasions it'll get things working
again at least temporarily if the malware trashed the tables. If not,
again, nothing was lost in the attempt.
It's too bad backing up data has to be an extra cost with macines
today. They all get the software, sometimes even imaging software, but
not the second drive or better yet an external drive, to back up TO.
Some have recovery partitions but they're never well documented for the
newbie and seldom used too. It takes having to rebuild from scratch a
few times for most to become believers. C'est le vie.

Twayne`
 
Leonard said:
No, actually it is not conceivable with contemporary malware.
Click to expand...

LOL! Contemporary malware? Where'd that come from? How'd you decide
the problem is "contemporary malware"? What if it's not; THEN it's
concievable, I guess?

Leonard, I've noticed your bit of macho prejudices before and I suggest
you at least think about the things you say first. I know, you probably
think if it's being used now, it's contemporary too, right? That's a
little redundant though.

....
 
Leonard:
I fully understand that as I've indicated in the initial opening of my post.

But it *is* conceivable that even with a malware infestation corrupting the
OS, a Repair install *might* return the system to a functional state if only
for a brief moment of time allowing the user to then (hopefully) remove the
malware. Obviously the nature of the malware infestation (assuming that *is*
the root cause of the problem(s) being experienced) will play a role herein
determining whether a Repair install of the OS will be successful or not.

In any event it would seem the OP is just about at the end of her "tether"
with regard to this situation so while I freely admit my suggested
course-of-action is iffy at best, I thought it was worth a shot given the
situation.
Anna
Click to expand...

Might fix it versus will fix it... Might versus will...

I'll choose will every time. (some retrictions apply)

I predict if the might choice is taken and it looks like it is
working, it will soon fall apart or more problems will come up that
have not been encountered yet.

Then the "will fix it for sure" choice will be taken along with wishes
it was taken before.

Say... what happened to the housemate?
 
From: "Anna" <[email protected]>




| Leonard:
| I fully understand that as I've indicated in the initial opening of my post.

| But it *is* conceivable that even with a malware infestation corrupting the
| OS, a Repair install *might* return the system to a functional state if only
| for a brief moment of time allowing the user to then (hopefully) remove the
| malware. Obviously the nature of the malware infestation (assuming that *is*
| the root cause of the problem(s) being experienced) will play a role here in
| determining whether a Repair install of the OS will be successful or not.

| In any event it would seem the OP is just about at the end of her "tether"
| with regard to this situation so while I freely admit my suggested
| course-of-action is iffy at best, I thought it was worth a shot given the
| situation.
| Anna

It is more likely to exacerbate the problem.
 
From: "Twayne" <[email protected]>


| LOL! Contemporary malware? Where'd that come from? How'd you decide
| the problem is "contemporary malware"? What if it's not; THEN it's
| concievable, I guess?

| Leonard, I've noticed your bit of macho prejudices before and I suggest
| you at least think about the things you say first. I know, you probably
| think if it's being used now, it's contemporary too, right? That's a
| little redundant though.

| ...


Actually, it is a good terminology.

Contemporary malware is different from 5 years ago. It is more complex, makes more
modifications to the OS and uses greater ammounts of obfuscation techniques.
 
<below>
---
Leonard Grey
Errare humanum est
From: "Twayne" <[email protected]>



| LOL! Contemporary malware? Where'd that come from? How'd you decide
| the problem is "contemporary malware"? What if it's not; THEN it's
| concievable, I guess?

| Leonard, I've noticed your bit of macho prejudices before and I suggest
| you at least think about the things you say first. I know, you probably
| think if it's being used now, it's contemporary too, right? That's a
| little redundant though.

| ...


Actually, it is a good terminology.

Contemporary malware is different from 5 years ago. It is more complex, makes more
modifications to the OS and uses greater ammounts of obfuscation techniques.
Click to expand...
Yes, that's what I had in mind. Most malware writers have learned to
survive a re-install.

[Twayne is actually in my KF so I don't see his posts unless they are
part of a reply, inwhich case I just ignore him.]

Leonard
 
From: "Anna" <[email protected]>
| Leonard:
| I fully understand that as I've indicated in the initial opening of my
post.

| But it *is* conceivable that even with a malware infestation corrupting
the
| OS, a Repair install *might* return the system to a functional state if
only
| for a brief moment of time allowing the user to then (hopefully) remove
the
| malware. Obviously the nature of the malware infestation (assuming that
*is*
| the root cause of the problem(s) being experienced) will play a role
here in
| determining whether a Repair install of the OS will be successful or
not.

| In any event it would seem the OP is just about at the end of her
"tether"
| with regard to this situation so while I freely admit my suggested
| course-of-action is iffy at best, I thought it was worth a shot given
the
| situation.
| Anna
Click to expand...


David H. Lipman said:
It is more likely to exacerbate the problem.
Click to expand...


David:
We have undertaken scores of Repair installs of the XP OS in cases where it
appeared a malware infestation of one kind or another was responsible for
causing a dysfunctional system and where prior attempts to remove the
malware were unsuccessful.

In a *significant* number of cases the Repair install was successful in
returning the system to a bootable, functional state without further ado. In
a number of cases further anti-malware processes were necessary but it was
apparent that these processes were successful *only* because the Repair
install itself had been successful.

Did the Repair install frequently fail? Of course it did. Naturally (as I've
always tried to point out), assuming the user has access to the data, he/she
should always attempt to copy whatever data is important to them *prior* to
undertaking a Repair install of the OS. Admittedly there's always the
possibility of further data corruption/loss resulting from a failed Repair
install, although the danger in such has been (perhaps surprisingly) rather
minimal in my experience after undertaking hundreds of XP Repair installs
over the years.

In any event, since it appeared the OP had pretty much come to the "end of
her rope" and it appeared that the problem would not be resolved other than
fresh-installing the OS, I thought (and still think) that as a last resort a
Repair install of the OS was worth a shot.
Anna
 
From: "Anna" <[email protected]>


| David:
| We have undertaken scores of Repair installs of the XP OS in cases where it
| appeared a malware infestation of one kind or another was responsible for
| causing a dysfunctional system and where prior attempts to remove the
| malware were unsuccessful.

| In a *significant* number of cases the Repair install was successful in
| returning the system to a bootable, functional state without further ado. In
| a number of cases further anti-malware processes were necessary but it was
| apparent that these processes were successful *only* because the Repair
| install itself had been successful.

| Did the Repair install frequently fail? Of course it did. Naturally (as I've
| always tried to point out), assuming the user has access to the data, he/she
| should always attempt to copy whatever data is important to them *prior* to
| undertaking a Repair install of the OS. Admittedly there's always the
| possibility of further data corruption/loss resulting from a failed Repair
| install, although the danger in such has been (perhaps surprisingly) rather
| minimal in my experience after undertaking hundreds of XP Repair installs
| over the years.

| In any event, since it appeared the OP had pretty much come to the "end of
| her rope" and it appeared that the problem would not be resolved other than
| fresh-installing the OS, I thought (and still think) that as a last resort a
| Repair install of the OS was worth a shot.
| Anna

A repair-install is that tact of a corrupted OS where a malware infection is not the case.
A repair-install makes assumptions that some modifications are deliberate and won't be
fixed. It will make corrections on most of the kernel to bring it to working order.
However in many cases where malware has modified many aspects of OS modules such an action
can ceate unexpected side effects and make problems worse.

In the case of a malware infection where problem still lnger, you can't prove that the OS
is still not compramised then the best action would be to wipe and re-install not try
band-aide approaches.
 
Back
Top