Geswall > Uninstall & Untrusted files?

Discussion in 'other anti-malware software' started by Strachimir, Feb 23, 2010.

Thread Status:
Not open for further replies.
  1. Strachimir

    Strachimir Registered Member

    Joined:
    Feb 23, 2010
    Posts:
    4
    Hi Geswall lovers

    I use Geswall for about 2 mounts, now!
    The security it gives, is really amazing, but!!

    My 2 questions:

    1.
    Let’s say that I visit (on purpose) 20 malware sites, like I saw on some youtube videos!
    Geswall seems to allow those files to install on my system, etc, but puts them in some kind of straitjacket, so they can’t do anything bad.
    Those files are tracked and labelled “untrusted” by Geswall, like they should.

    Correct?

    Now, for some reason I don’t’ like the program anymore and I uninstall it.
    Are those same malware-files (on my system) free to infect again, the moment Geswall is uninstalled?

    2.
    A week ago and for the first time, I did a scan for untrusted files.
    It took some time and I was stunned by the amount of files showing, though??
    Can I just select all and delete?
    I do not think so!
    Should I be “a malware wizz-kid” to know what can be deleted and what can’t?

    That, is still a gray zone for me!! o_O

    Regards
    Strachimir
     
  2. MaB69

    MaB69 Registered Member

    Joined:
    Dec 9, 2005
    Posts:
    540
    Location:
    Paris
    Hi,

    Answer 1 : GeSwall manage restrictions to untrusted files using windows policy but ii you uninstall it then you fired the Keeper :p

    Answer2 : Anything accessed, modified or created by a threat gate is untrusted and added to this list and unless manually trusted you will delete many useful files like your mail containers, browser components and so on.

    Regards,

    MaB
     
  3. Strachimir

    Strachimir Registered Member

    Joined:
    Feb 23, 2010
    Posts:
    4
    Hi MaB69,


    Humm, is that good or bad?
    Are all the bad files gone, or become harmless? o_O

    So I'll better not touch them files?

    Regards
    Strachimir
     
  4. MaB69

    MaB69 Registered Member

    Joined:
    Dec 9, 2005
    Posts:
    540
    Location:
    Paris
    If you uninstall GeSWall then no restriction (the ones you set in GeSwall) will be applied on the files.

    And yes it could be dangerous to delete all untrusted without checking them before.

    Sorry english is not my native language :oops:

    MaB
     
  5. Strachimir

    Strachimir Registered Member

    Joined:
    Feb 23, 2010
    Posts:
    4
    In other words "uninstalling Geswall" = committing suicide on a PC!!!:blink:

    Regards
    Strachimir
     
  6. Strachimir

    Strachimir Registered Member

    Joined:
    Feb 23, 2010
    Posts:
    4
    Of course, the question is!!
    Why should we uninstall such an outstanding product?

    Strachimir
     
    Last edited: Feb 24, 2010
  7. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Don,t delete untrusted files unless you know what you are doing.

    Regarding un-install geswall and suicide, it,s totally wrong. You need to understand geswall,s restrictions. All un-trsuted registry enterries are no threat as they are just virtual and deleted themselves. GesWall denies file creation in aut-start locations by default so no un-trsuted files are created in auto-start locations. Services creation and driver loading is denied so no untrsuted drivers/ services. No files are allowed to be created in system 32 as well.

    So if you want to uninstall geswall you can do it safely. Just run a disk cleaner like CCleaner to delete all un-necessary and temp files. It will get rid of any static malicious files( if there are any). If you have an AV, you can run a thorough scan by that just to be more cautious. Then go ahead and uninstall geswall. If any files are even located on ur hard disk, most likely they will never be executed. Ofcourse I don,t mean that it is 100% safe.

    The only exception I can think of are the files created in root of partitions and disk with autorun.inf files. They will be a dnager if present after geswall un-install. ( Also one should know even when installed, geswall is poor against autorun.inf malware on USB drives, it,s weak point of geswall). A windows serach for autorun.inf files including hidden files can help to address this issue.

    Can some one let me know how DW handles autorun.inf file malware on system drives and USB sticks?

    Thanks
     
Loading...
Thread Status:
Not open for further replies.