On Fri, 29 Sep 2006 09:34:42 -0400, Ted Zieglar
"Don't work while the malware is active, duh... which is
what's wrong with "use your av" and especially "use online scanner"."
Oh...so you don't think people should scan their computers when they
suspect they have a virus? That's not what I read in the product manuals.
Firstly, I think folks should have their av set up so that incoming
material is scanned *before* the material can run. It's not only less
effective to "do a full system scan every now and then to see if I'm
infected", it's also dangerous - you may trigger a strikeback.
I do think people should scan thier computers when they suspect they
have "a virus" (and they should suspect malware, possibly multiple,
whenever ill-defined problems arise).
But for this to be safe and effective, the malware should not be
running at the time, and that rules out convienient Windows-based av.
If you're in Windows, you're prolly running the malware.
As to online scanners, well... consider this...
You suspect you're infected, so you go to an online scanning site.
You click Yes, when prompted to run an ActiveX control.
You stay online while the site drops and runs this control.
You stay online while the av scans all your files.
You expect to see the HD activity LED flashing away for hours.
You expect the scanner to touch all your files.
You expect to see plenty of traffic to and from the web site.
You're told the system is now clean, and all is well.
Then you figure out the site you went to was IP address a.b.c.d,
whereas the real online scanning site should be w.x.y.z
I'll leave you to join the dots...
As to product manuals, remember the vendor-vision factor, i.e. "if we
don't have it, you don't need it" or "if we can't do it, let's pretend
it can't be done". It's the naked emperor syndrome.
------------ ----- --- -- - - - -
Drugs are usually safe. Inject? (Y/n)