Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

When to CLEAN vs when to DELETE a virus? 4

Status
Not open for further replies.
garymgordon

garymgordon

Programmer
Apr 5, 2000
307
0
0
US
I simply want to know the difference .. between the option of CLEAN or DELETE .. when a virus is present.

I have McAfee.

It asks do I want to clean or delete the file infected.

Can someone explain the difference and tell me ... if it is cleanable .. is that the better choice? Or should I always delete an infected file? Which is the better choice?

And, if I clean it .. what exactly is McAfee doing .. when it CLEANS the file? Is the file (after it is cleaned) .. now considered still a "good" file? Will it operate normally now .. after being cleaned? What exactly does McAfee do when it "CLEANS" an infected file?

I would love it if someone could tell me what this all means.

Thanks,
Gary


Gary M. Gordon, LLC
webmaster@garymgordon.com
Certified Web Developer ::
Application Programmer
 
Sort by date Sort by votes
I believe that the clean option (I don't use McAfee anymore, so...) lets McAfee try and disinfect the file without deleting it. If successful, you get to keep the file. If unable to clean it, McAfee will delete it.
 
Upvote 0 Downvote
Viral code in embedded in executable files to do malicious things in addition to what the file is supposed to do. Basic method is to add the code to the end of the existing code and change the entry point to start the program at the virus code which processes the bad stuff than goes to the original starting point to do the original stuff.
Cleaning involves changing the entry point and removing the virii code.
Cleaning should result in a file that contains the same code as the original and should work the same as the original.
Cleaning is probably a better choice for you since you won't have to reload from your original source.
But some get corrupted in such a way that the AV software can't fix it and they need to be deleted , then reloaded.

Ed Fair
Any advice I give is my best judgement based on my interpretation of the facts you supply. Help increase my knowledge by providing some feedback, good or bad, on any advice I have given.
 
Upvote 0 Downvote
Gary,

To decide which is better (clean vs delete) you need to look at what the file is.

If it is a file than came in an email, the answer should be delete it! Make the sender provide a clean one if it is somethign you need. However, if a coworker sent you an important document (and you know that is what it is) and it is time sensitive, it may be worth cleaning. Personally, I would say delete it anyway and put the burdon on them to clean it.

About the only time I use clean, is if I am working on a system that is infected and I am trying to make it work again. But I look for where the file is as a clue to what program it belongs to in case I might need to reinstall it later.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

iambob
  • Locked
  • Question
Avast Anti-Virus is.. a virus?! 3
Replies
5
Views
163
Oorde
Oorde
shivajiboss
  • Locked
  • Question
I am getting a problem while opening up my windows
Replies
1
Views
136
2ffat
2ffat
2ffat
  • Locked
  • News
Audacity is Spyware?
Replies
2
Views
122
2ffat
2ffat
ChrisOfOz
  • Locked
  • Question
Lenovo startup problem please any ideas? 2
Replies
10
Views
305
Yoko Littner
Yoko Littner
CDIV
  • Locked
  • Question
port 8080 monitoring -Trend micro deep security agent
Replies
0
Views
116
CDIV
CDIV

Part and Inventory Search

Sponsor

Back
Top