Re: Trojan horse Downloader.Generic.ML
From: Jason Edwards (none1_at_invalid.invalid)
Date: Thu, 16 Jun 2005 11:21:31 +0100
"Ron Reaugh" <email@example.com> wrote in message
> "Roger Wilco" <firstname.lastname@example.org> wrote in message
> > "Ron Reaugh" <email@example.com> wrote in message
> > news:G23se.firstname.lastname@example.org...
> > > > If I were you I'd wipe the drive and reinstall the operating system.
> > >
> > > Clueless!
> > >
> > > > There is no other way to be sure that your system isn't compromised.
> > >
> > > Now you've established your credentials.
> > As much as I'd like to disagree with Jason about such a drastic measure,
> > it IS the recommended procedure when a compromise has taken place.
> Recommended by who?
There was a Microsoft technet article giving just this advice but I've not
been able to find it.
> Are you saying that all this virus checkers and
> cleaners/disinfectors are frauds as that can't possibly work reliably??
> so then I know how to build an app that can detect any infection...I
> that such had already been done. Start with an app that does somekind of
> fancy encrypted CRC of all the relevant files on a HD and then it keeps an
> encrypted database of same for later comparison...I didn't say it was
Ok so why don't virus scanners use this method?
> Clean install isn't a rational/reasonable option.
It doesn't take very long with drive imaging software and an external USB
2.0 hard drive.
There are other methods.
> The same logic would
> suggest that any backups be burned immediately....just NO.