Comments on: Cleaning up after an infection, and then? http://blog.didierstevens.com/2006/08/12/cleaning-up-after-an-infection-and-then/ (blog 'DidierStevens) Fri, 21 Nov 2008 04:02:52 +0000 http://wordpress.org/?v=MU hourly 1 By: Didier Stevens http://blog.didierstevens.com/2006/08/12/cleaning-up-after-an-infection-and-then/#comment-36 Didier Stevens Wed, 16 Aug 2006 20:06:22 +0000 https://didierstevens.wordpress.com/2006/08/12/cleaning-up-after-an-infection-and-then/#comment-36 This is what I do at home, and it didn't happen over one night, but it evolved over many years. I've worked at companies that are even better prepared than that! But of course, I've seen worse also ;-) This is what I do at home, and it didn’t happen over one night, but it evolved over many years.
I’ve worked at companies that are even better prepared than that! But of course, I’ve seen worse also ;-)

]]> By: LonerVamp http://blog.didierstevens.com/2006/08/12/cleaning-up-after-an-infection-and-then/#comment-35 LonerVamp Mon, 14 Aug 2006 14:24:26 +0000 https://didierstevens.wordpress.com/2006/08/12/cleaning-up-after-an-infection-and-then/#comment-35 Just a few things. I like your post, and it illustrates that gone are the times when you can have a 'push-button' admin or even desktop guy. They need to be able to at least read through technical information on malware in order to determine the impact and 'cleanability.' I don't 100% trust my antivirus vendors, which is why I tend to read briefs from as many as I can, and I try to verify the malware variant myself through multiple fingerprints, if you will. I don't think many people will argue with your "prepared" list, but is that just your system(s) at home, or is your entire company prepared in that way? If so, I'd be mad impressed, and kudos to you! :) But therein lies the challenge for us admin types...we know what we need to do (let's assume we do and there aren't morons out there, for a minute) but that costs time, effort, user productivity, and in same indirect ways, happiness. That's a tough hill to climb to achieve agility, recoverability, and security like those steps you describe above. Well...at least it will keep us with jobs for a long time to come, no? :) Nice post though, I enjoy this stuff a lot! LonerVamp (new visitor) Just a few things. I like your post, and it illustrates that gone are the times when you can have a ‘push-button’ admin or even desktop guy. They need to be able to at least read through technical information on malware in order to determine the impact and ‘cleanability.’ I don’t 100% trust my antivirus vendors, which is why I tend to read briefs from as many as I can, and I try to verify the malware variant myself through multiple fingerprints, if you will.

I don’t think many people will argue with your “prepared” list, but is that just your system(s) at home, or is your entire company prepared in that way? If so, I’d be mad impressed, and kudos to you! :) But therein lies the challenge for us admin types…we know what we need to do (let’s assume we do and there aren’t morons out there, for a minute) but that costs time, effort, user productivity, and in same indirect ways, happiness. That’s a tough hill to climb to achieve agility, recoverability, and security like those steps you describe above.

Well…at least it will keep us with jobs for a long time to come, no? :)

Nice post though, I enjoy this stuff a lot!

LonerVamp (new visitor)

]]>