Re: Trojan horse Downloader.Generic.ML

From: Jason Edwards (none1_at_invalid.invalid)
Date: 06/16/05 

Date: Thu, 16 Jun 2005 11:21:31 +0100

"Ron Reaugh" <ron-reaugh@worldnet.att.net> wrote in message
news:zf6se.966374$w62.792249@bgtnsc05-news.ops.worldnet.att.net...
>
> "Roger Wilco" <yesman@yourservice.invalid> wrote in message
> news:11b1icqfddeiu52@corp.supernews.com...
> >
> > "Ron Reaugh" <ron-reaugh@worldnet.att.net> wrote in message
> > news:G23se.965445$w62.820769@bgtnsc05-news.ops.worldnet.att.net...
> >
> > > > If I were you I'd wipe the drive and reinstall the operating system.
> > >
> > > Clueless!
> > >
> > > > There is no other way to be sure that your system isn't compromised.
> > >
> > > Now you've established your credentials.
> >
> > As much as I'd like to disagree with Jason about such a drastic measure,
> > it IS the recommended procedure when a compromise has taken place.
>
>
> Recommended by who?

There was a Microsoft technet article giving just this advice but I've not
been able to find it.

> Are you saying that all this virus checkers and
> cleaners/disinfectors are frauds as that can't possibly work reliably??
If
> so then I know how to build an app that can detect any infection...I
assumed
> that such had already been done. Start with an app that does somekind of
a
> fancy encrypted CRC of all the relevant files on a HD and then it keeps an
> encrypted database of same for later comparison...I didn't say it was
> pretty.

Ok so why don't virus scanners use this method?

>
> Clean install isn't a rational/reasonable option.

It doesn't take very long with drive imaging software and an external USB
2.0 hard drive.
There are other methods.

Jason

> The same logic would
> suggest that any backups be burned immediately....just NO.
>
>

Relevant Pages

  • Re: Trojan horse Downloader.Generic.ML
    ... >> As much as I'd like to disagree with Jason about such a drastic measure, ... > so then I know how to build an app that can detect any infection...I ... > fancy encrypted CRC of all the relevant files on a HD and then it keeps an ... It doesn't take very long with drive imaging software and an external USB ...
    (alt.computer.security)
  • Re: Trojan horse Downloader.Generic.ML
    ... > As much as I'd like to disagree with Jason about such a drastic measure, ... > it IS the recommended procedure when a compromise has taken place. ... so then I know how to build an app that can detect any infection...I assumed ...
    (comp.security.firewalls)
  • Re: Trojan horse Downloader.Generic.ML
    ... > As much as I'd like to disagree with Jason about such a drastic measure, ... > it IS the recommended procedure when a compromise has taken place. ... so then I know how to build an app that can detect any infection...I assumed ...
    (alt.computer.security)
  • Re: Automation of MS Word
    ... >> I have a VB.Net app that words just fine when automating ... if I install the app ... >> MS Office Small Business Edition 2003, ... >> Jason. ...
    (microsoft.public.dotnet.languages.vb)
  • Re: Remove Media Center app?
    ... Jason Tsang - Microsoft MVP ... Before this system, with MCE, I had separate apps for these functions, ... of the situations where they are trying to cover everything with one app. ... I do not see in Add/Remove Programs where I can remove the MC app. ...
    (microsoft.public.windows.mediacenter)