Malware: Is Cleaning Enough?

A program manager in Microsoft's security group said recently that companies should have a mechanism for completely replacing the software on an infected system rather than attempting to clean it. According to the malware they've examined, much of it persists despite numerous cleaning attempts, making complete re-installation the only effective method of restoring a PC to its original state.

Well, let's be honest: This is nothing new. Once a system has been compromised, it is, and always has been, extremely difficult to determine all of the components the malware has installed. It becomes even harder the longer the malware has been in place, due to the nature of today's bots, which often contain automatic updating or add-in mechanisms.

The question now becomes whether or not you can trust your AV program's report on whether it can remove the malware it has discovered. The safest bet is no, but in reality it greatly depends on the malware that's been found. Microsoft Certified Professional Magazine Online | Column: Malware: Is Cleaning Enough?

Linked by shanmuga Monday, 8th May 2006 1:37AM