LOGIN  .  SIGNUP   .  SUPPORT 
HOME / MESSAGE BOARDS / GENERAL DISCUSSIONS

General Discussions

Signup   Message Boards Home   Newest Posts   My Favorite Boards   My Threads
Page 1 of 1
Signup or Login to Post
Viruses
 
zico291  posted on Aug 19, 2010 4:11:18 AM - Report post

Current rank: 1 Star. Next Rank at 100 Posts.
Send a message to zico291
ELITE
Is it possible to take viruses out of infected files?
 
Matri  posted on Aug 19, 2010 5:23:24 AM - Report post

Current rank: 1.5 Stars. Next Rank at 500 Posts.
Send a message to Matri
ELITE
Usually, the AV should be able to do this.
 
HonestGamer  posted on Aug 19, 2010 6:03:48 AM - Report post

Moderator
Send a message to HonestGamer
MODERATOR
Well seeing how complex recent viruses have become, the probability of removing infection from a file is very less.

So you need good knowledge regarding reverse engineering to do so. There is no AV in my experience that has done so, it woul either delete the file, or just quarantine it.

 
saurabhfzd  posted on Aug 19, 2010 6:37:09 AM - Report post

Current rank: 3 Stars. Next Rank at 4000 Posts.
Send a message to saurabhfzd
ELITE
quote:
originally posted by HonestGamer

Well seeing how complex recent viruses have become, the probability of removing infection from a file is very less.

So you need good knowledge regarding reverse engineering to do so. There is no AV in my experience that has done so, it woul either delete the file, or just quarantine it.

u're right..most AV's either delete or quarantine the infected file only, in some very rare instances have i come across a file being cleansed and not deleted or quarantined. it probably requires some very serious knowledge of programming to be able to do it.

 
zico291  posted on Aug 19, 2010 10:11:28 AM - Report post

Current rank: 1 Star. Next Rank at 100 Posts.
Send a message to zico291
ELITE
Ok, Thanks for all the replies
 
Neo7  posted on Aug 19, 2010 11:00:29 AM - Report post

Moderator
Send a message to Neo7
MODERATOR
Part of this needs some proper explanation of malware terminology:

In terms of malware, a virus refers to writing a sequence of code into the body of a file. This portion of the virus is then encrypted as to prevent the user from seeing the code inside and usually with a one-way key unlocker embedded on top of the code to decrypted the code for execution when the file is launched. On top of that, most viruses compress the files so that the added code does not make the file larger.

Can the disinfection process be done? It can though there are different viruses out there which require different and even more complex disinfection. The most deadly of all viruses are the polymorphic viruses which change the encryption and decryption key every time the virus writes itself to new files on your computer (which usually becomes way too much trouble to disinfect and should just be nuked and reformatted).

Of course Trojan Horses and Worms are much different than Viruses and these two cannot be disinfected (and those two are usually the ones that infect people). Worms are completely standalone programs that run without any user input required (this automation gives them their notorious ability to spread like wildfire). Trojan Horses are simply programs that were designed to maim and damage from the start. In this way, there really are no "files" to disinfect from these two because both were designed to bad things without any use for writing itself to other files (leaving the only choice to delete them).

 
zico291  posted on Aug 21, 2010 4:16:04 AM - Report post

Current rank: 1 Star. Next Rank at 100 Posts.
Send a message to zico291
ELITE
thanks
 
Matri  posted on Aug 23, 2010 6:02:48 AM - Report post

Current rank: 1.5 Stars. Next Rank at 500 Posts.
Send a message to Matri
ELITE
Basically, what it all boils down to is: You better have a clean backup or you're screwed.
Page 1 of 1
  Post Reply
 
All times are (GMT -06:00) Central Time (US & Canada). Current time is 2:53:05 AM