B
B J W
I am trying to help a novice cope with his new PC, and yesterday, he
reported that he apparently had acquired a virus -- a downloader/Trojan,
according to his Norton Antivirus.
The instructions for removal provided by Norton for removal were obviously
written by an expert, to be implemented by an expert, and included scanning
in safe mode and a lot of registry editing. Among other things, Norton
wants to turn off System Restore temporarily -- I suppose to clear system
restore points which might include the trojan.
I decided to tell him, INSTEAD, to use system restore to take the computer
back to last week (when I know he did not have the virus infection) and then
to run a full system scan with Norton (in normal mode).
Am I right in supposing that this much simpler procedure will accomplish the
desired results in the circumstances, and probably many other similar
circumstances involving noxious ad-ware?
The trojan in question would have installed itself, I suppose, and system
restore would, in effect, uninstall it, removing the associated entries for
starting up the trojan from the registry.
I would appreciate comments on the risks associated with this approach,
including identifying circumstances in which it would not be appropriate.
Also, I am wondering whether a system restore can complete if, on the
reboot, you go to safe mode. I know you can start a system restore in safe
mode (and thank the Microsoft gods for that).
reported that he apparently had acquired a virus -- a downloader/Trojan,
according to his Norton Antivirus.
The instructions for removal provided by Norton for removal were obviously
written by an expert, to be implemented by an expert, and included scanning
in safe mode and a lot of registry editing. Among other things, Norton
wants to turn off System Restore temporarily -- I suppose to clear system
restore points which might include the trojan.
I decided to tell him, INSTEAD, to use system restore to take the computer
back to last week (when I know he did not have the virus infection) and then
to run a full system scan with Norton (in normal mode).
Am I right in supposing that this much simpler procedure will accomplish the
desired results in the circumstances, and probably many other similar
circumstances involving noxious ad-ware?
The trojan in question would have installed itself, I suppose, and system
restore would, in effect, uninstall it, removing the associated entries for
starting up the trojan from the registry.
I would appreciate comments on the risks associated with this approach,
including identifying circumstances in which it would not be appropriate.
Also, I am wondering whether a system restore can complete if, on the
reboot, you go to safe mode. I know you can start a system restore in safe
mode (and thank the Microsoft gods for that).