Page 2 of 2 FirstFirst 12
Results 21 to 22 of 22

Thread: (***) is not a valid win32 application...

  1. #21
    Jon Solberg
    Guest

    Re: (***) is not a valid win32 application...

    On 2009-10-20, cnicholls tstate.com
    <cnichollststate.com.40danb@DoNotSpam.com> wrote:

    > [...] Ohhh got a virus? got an issue? no problem i will just erase
    > everything and start over.... any idiot can reinstall windows!


    Almost correct: just idiots reinstall MS Windows.

    > If i can make an unusable pc work again without causing the user to
    > loose all the data they didnt remember to backup, my job is done.


    Sensible techs backup their users' data before reinstalling with a
    boot-CD or something similar.

    > You are right, I "cant know for sure" if malware is still there. If i
    > dont know its there and the pc is working normally and the owner is
    > happy, then does grandma really give a crap as long as she can send
    > email and browse the web?


    If grandma cares or not is not important. A compromised computer can
    be used to create loads of problems for _other_ people. For example:
    sending spam, participating in bot nets, used in denial-of-service
    attacks et c, ad infinitum. It's bad form putting a 'cleaned' computer
    you know has been compromised on the net.

    > Sure reinstalling a pc may be nothing to assure your piece of mind.


    More like reassuring other peoples' pieces of minds.

    > But to sally public, the last thing they want to hear is sorry. I hope
    > you had your crap backed up
    > All they want to here is, here you go its just fixed...
    > thatÂ’s a big deal to real person....


    Compromised machines are also a big for all people in the other
    end. This would not be a problem if people adhered to decent security
    policies. One of them is to reinstall and patch a machine _before_
    connecting it to _any_ net.

    --
    Jon Solberg (remove "nospam." from email address).

  2. #22
    Todd H.
    Guest

    Re: (***) is not a valid win32 application...

    cnicholls@tstate.com <cnichollststate.com.40danb@DoNotSpam.com>
    writes:

    > Its techs like you that give others a bad name....


    Not sure who you're replying to, but some facetime with the mirror may
    be appropriate.

    > Ohhh got a virus? got an issue? no problem i will just erase
    > everything and start over.... any idiot can reinstall windows!


    Um... Actually, the reinstalling windows part isn't that hard, but
    still out of most user's grasp. The finesse comes in pulling the data
    off the infected machine safely, and restoring it to the new system
    safely.

    But more to the point--that's teh RIGHT advice you're criticizing.

    Ask any (competent) computer security specialist what the correct
    course of action is for an incident (be it a network compromise,
    malware infection, etc). I can tell you what they won't say: they
    won't say "run tool X and tool Y, bend down jump around and pick a
    bale of cotton."

    They'll say "repartition, reformat, and reinstall the OS from original
    optical media."


    > I dont charge anything, so my goal is to help people out if i can, as
    > long as it doesnt take too long.
    >
    > If i can make an unusable pc work again without causing the user to
    > loose all the data they didnt remember to backup, my job is done.


    You do that by mounting the infected disk with a bootable distribution
    that's known good, copying the data off or taking an image of that
    disk, then flattening the crap out of the infected machine,
    reinstalling the OS, and restoring the data from the backup you
    created.

    > You are right, I "cant know for sure" if malware is still there. If i
    > dont know its there and the pc is working normally and the owner is
    > happy, then does grandma really give a crap as long as she can send
    > email and browse the web?


    She probably doesn't. She probably shouldn't care too much. But
    what if Grandma has gotten good enough at web surfing to do some
    online banking?

    Suddenly she (should) cares a LOT.

    > So when a single mom, or whoever says hey, i get these nasty popups and
    > my internet is so slow can you fix it? i say sure, pop in a usb drive
    > full of tools and in a hour or so of playing around, the popups are gone
    > and everything else operates as normal. She didnt have to try to tell me
    > where all her files are, I didnt have to save all the emails that are
    > important for her, i didnt need her to bring me all the windows, office,
    > and other cds to put back on...
    >
    > Sure reinstalling a pc may be nothing to assure your piece of mind.
    >
    > But to sally public, the last thing they want to hear is sorry. I hope
    > you had your crap backed up
    > All they want to here is, here you go its just fixed...
    > that.s a big deal to real person....


    Sally Public increasingly banks online. Sally Public has also been a
    target for litigation for file sharing. Sally Public might not like
    being part of a massive botnet used to host illegal pornography, or to
    DDoS or otherwise attack a .mil site. Sally has lots of reasons to
    care.

    So, unless you leave folks with the caveat "Oh, by the way, just in
    case I didn't get everything... you might want to access your
    investment accounts and bank accounts from some other computer,
    because that obfuscated repacked keylogger that might still be in
    there, I may have missed, and well, the FDIC won't help you for any
    losses from your eTrade investment account?"... you are the not
    leaving your customers/friends/relatives as protected as they might
    assume.

    Now it's true--there is a price point beyond which home consumers
    won't go. So the realities of the market are that lower end services
    can attempt to do "well enough" and use tools to clean up without a
    full install. But to do that responsibly, you do have to let people
    know the risk of not doing it right, and that there is a rather non 0
    risk that your tools didn't get everything. The level of obfuscation
    and signature evasion in modern rootkits is remarkable, and tools are
    having a harder time getting everything than they ever have.





Similar Threads

  1. Who is using the dotDefender (Application Security Firewall)?
    By wimvincken in forum alt.computer.security
    Replies: 0
    Last Post: 06-16-09, 06:39 PM
  2. Replies: 0
    Last Post: 03-27-09, 05:43 AM
  3. Replies: 0
    Last Post: 03-27-09, 05:33 AM
  4. Install says TCP Optimizer.exe is not a valid Win32 application
    By Sloop123 in forum Broadband Tweaks Help
    Replies: 4
    Last Post: 02-09-08, 06:10 PM
  5. database application share
    By omaralrayah in forum Networking Forum
    Replies: 1
    Last Post: 04-23-07, 02:36 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •