Microsoft Windows XP Home Edition - Zenk - Security - Repository
Microsoft Windows XP Home Edition - Zenk - Security - Repository
Microsoft Windows XP Home Edition - Zenk - Security - Repository
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Microsoft</strong> <strong>Windows</strong> <strong>XP</strong> <strong>Home</strong> <strong>Edition</strong><br />
<strong>Security</strong> Implementation<br />
Version 1.4b Option 1<br />
If you do receive an alert, you need to investigate it every time. The alerts may<br />
provide you with the name of the virus. What you can do is go to the companies<br />
web site and get more information on the virus. It may tell you ways to clean up<br />
the virus and how to protect yourself for the future. If the alert suggests a<br />
heuristic scan, this means that the file doesn't match any virus in the signature<br />
file. This may be a perfectly acceptable file but you need to investigate to ensure<br />
that it is not corrupt or hiding any information. If you are still unsure on the<br />
warning you can contact the vender and send them the file so that they can<br />
investigate it themselves.<br />
Key<br />
Repairing<br />
fingerprint<br />
an infected<br />
= AF19 FA27<br />
system<br />
2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46<br />
If you feel that your system has been infected you need to perform some tasks to<br />
repair it. The first thing you need to do is to positively identify the infection. You<br />
do not want to restore a system or waste needless hours to find out that you<br />
really were not infected to begin with. If you have identified that you are infected,<br />
you need to isolate the infected computer. This means if you are connected to<br />
the Internet or a network than you pull the plug on the network or modem. Once<br />
you have done that you need to get the proper tools or utilities to clean your<br />
system. Some companies provide cleanup tools on their web site to assist you in<br />
your recovery process. A good collection of tools can be obtained for the<br />
Symantec Corporation 31 web site located at<br />
http://www.sarc.com/avcenter/tools.list.html. If there are no tools are available,<br />
then you will need to delete all the infected files and replace them with your<br />
backup copies. In extreme cases of infection you will need to reformat the disk,<br />
re-install your Operating System, restore all the applications, restore all your data<br />
from clean backups, re-install your antivirus software, and scan other computers<br />
on your network. As you can see it is extremely important to protect yourself<br />
from the beginning so that you are not forced to perform an extreme recovery<br />
case.<br />
VIII. Backup and Recovery<br />
As shown in previous sections backups are extremely important even in a home<br />
environment. Most users do not think to backup their data. They either feel that<br />
they won't crash or be infected, or that it is for corporations and companies only.<br />
This section will provide you with backup methods, media types, and some<br />
utilities.<br />
© SANS Institute 2003, Author retains full rights<br />
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46<br />
31 Symantec Corporation, http://www.symantec.com<br />
Page 30 of 53<br />
© SANS Institute 2003, As part of the Information <strong>Security</strong> Reading Room. Author retains full rights.