|
Scanning network shares sounds like a good idea at first - the scanner needs
to be installed only on a single machine and one person can do the scan. To
simply remove installers, this isn't a bad idea at all, so Spybot-S&D allows
to add network shares as well in it's Directories setting.
But scanning for and removing files on other computers can be dangerous as
well. Most threats are not only files, but also linked by registry entries -
removing just the files would cause the 'cleaned' Windows to produce a lot
of errors. But while those messages may be harmless (and remote registry
cleaning could at least be added for NT/2000/XP), there's an even worse
case - some threats need to be removed by using API calls. Removing LSP
hijackers by just deleting their file will disable the network access of
the cleaned machine, and repairing LSPs by fixing the registry isn't fail-safe
either.
That is why an anti-spyware tool needs to be run on each machine. We are
developing a client/server scanning system that will work in network
environments.
|