Re: Trojan horse Downloader.Generic.ML
From: Roger Wilco (yesman_at_yourservice.invalid)
Date: 06/17/05
- Next message: Ron Reaugh: "Re: Trojan horse Downloader.Generic.ML"
- Previous message: Jim Byrd: "Re: Trojan horse Downloader.Generic.ML"
- In reply to: Ron Reaugh: "Re: Trojan horse Downloader.Generic.ML"
- Next in thread: Ron Reaugh: "Re: Trojan horse Downloader.Generic.ML"
- Reply: Ron Reaugh: "Re: Trojan horse Downloader.Generic.ML"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 17 Jun 2005 17:12:45 -0400
"Ron Reaugh" <ron-reaugh@worldnet.att.net> wrote in message
news:6Qose.971923$w62.283287@bgtnsc05-news.ops.worldnet.att.net...
>
> "Chris Salter" <chriss@hotmail.com> wrote in message
> news:1118911488.22165.0@spandrell.news.uk.clara.net...
> > Ron Reaugh wrote:
> >
> > > Recommended by who?
> >
> > Cert & Microsoft. Google it.
>
> Google what exactly?
>
> > >Are you saying that all this virus checkers and
> > > cleaners/disinfectors are frauds as that can't possibly work
reliably??
> >
> > ? His text didn't even hint at them being frauds. Can't work
reliably
> > when compromised yes.
>
> Define "compromised"?
I would define a compromised system as one that has an ongoing or
repeatable security breach. Ongoing as in an active trojan, and
repeatable as in a trapdoor that allows the attacker to re-enter the
system after you thought you had secured it.
> > Your flawed logic maybe. The real logic would dicate that you would
> > reinstall windows, recover executable data from a known good backup,
>
> Define "known good"!
Backups made before any malware could have had access to it or from a
read only media so that malware couldn't have had such access. An
install CD with slipstreamed patches and copies of the original
application software could qualify - but this is highly subjective
because 'known good" isn't always good in practice.
> >and
> > restore the data from a recent backup. At this point the data is
still
> > untrust worthy so you would have to test it, check it etc etc.
>
> That's the catch 22. If one's virus checkers weren't up to detecting
it
> before/at the fact then why be confident that "test it, check it etc
etc."
> has any meaning.
Maybe now they have added detection for that which has affected tha data
store.
> Fixing the sytem in place is the much more reasonable route. That of
course
> assumes that there are competent and effective tools to help one do
that.
The best tools are the ones that help you to prevent having to use
recovery tools.
> The conclusion one might draw from what you and a few others have been
> saying is that no such tools exist?
Exactly - no tools exist to fix unknown problems.
- Next message: Ron Reaugh: "Re: Trojan horse Downloader.Generic.ML"
- Previous message: Jim Byrd: "Re: Trojan horse Downloader.Generic.ML"
- In reply to: Ron Reaugh: "Re: Trojan horse Downloader.Generic.ML"
- Next in thread: Ron Reaugh: "Re: Trojan horse Downloader.Generic.ML"
- Reply: Ron Reaugh: "Re: Trojan horse Downloader.Generic.ML"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
