Which is the best way for removing viruses from a computer?

Let's take this situation:

Many computers "M" in a local network, infected by some viruses. These computers do not have any antiviral program installed.

Also there is one computer "C" with an antiviral program installed and updated. This computer is out of the network.

Which is the best way for removing the viruses? If I connect "C" to the LAN and perform a virus scaning, some files can not be cleaned in "M" because they are which are in use.

I thought in connecting the infected hard disks as slave in the "C" computer. However this is lot of work.

Is there any other way?

Originally posted by Doctor Luz
Which is the best way for removing viruses from a computer?

Let's take this situation:

Many computers "M" in a local network, infected by some viruses. These computers do not have any antiviral program installed.

Also there is one computer "C" with an antiviral program installed and updated. This computer is out of the network.

Which is the best way for removing the viruses? If I connect "C" to the LAN and perform a virus scaning, some files can not be cleaned in "M" because they are which are in use.

I thought in connecting the infected hard disks as slave in the "C" computer. However this is lot of work.

Is there any other way?

it depends on which package your using, some allow you to mount the drive (net share) and scan. But if you have files in use problems then the only way I can see is to physically do it eg: slave the disk.

Originally posted by Mick_2002
it depends on which package your using, some allow you to mount the drive (net share) and scan.

This cannot solve all potential problems. If comp is infected for ex. by some virus which lives like a process, Klez for ex. ... btw the most part of today exe-viruses do this. So U can find a exe of it , but it is in use but U cannot end this process from remote machine in common case. + Like minimum U need to have only network between your M-comp(with antivirus) and infected comp, and noone else. Every clear (and unsaved with antivirus comp) must be closed from a network because most part of today viruses can infect by network (nimda , etc...). And even not all antiviruses can kill Klez from the memory (means kill Klez process) when they are both running on the same machine. Some viruses do some special things to prevent deliting of it process.

Like result, If U got epidemy - the best solution is unplug comp from a network and check it then.


But if you have files in use problems then the only way I can see is to physically do it eg: slave the disk.

Seems the best solution.

Thank you for your replies.

I have decided to take my screwdriver and go on.

P.S: Dmitriy: How can you know the virus is Klez? :D

Originally posted by Doctor Luz
Thank you for your replies.

I have decided to take my screwdriver and go on.

P.S: Dmitriy: How can you know the virus is Klez? :D

Well, (1) I said : Klez for ex. , to show U that todays viruses can be so artfuly only.
(2) I work in Antivirus Software company , so I have at least basic knowledges about it.
(3) U can find enough description info at different online virus lists

So if someone tell U about symptoms on infected computer U can suppose with enough high probability about virus on it, especcially because ussualy at one time there are ~10 epidemy viruses in the world, and with high probability your computer can be infected by one of them at first chance, of course If your computer is infected by some virus which meets it the "animate nature" very rare - it is of course difficult to say about it.