Re: Klone Virus

"Gary S. Terhune" <grystnews@xxxxxxxx> wrote:

Thank you, again. I assumed that some of the scanners kill processes in
order to excise files, and PestPatrol, for example, creates a script that
runs at startup, in order to excise files before they load. But there are
layers upon layers to this whole business. I know some who suggest pretty
much always using Bart's for formal malware scanning, but I kind of figure
that's taking things a bit far.

Right, this is way to far (although it's the only reliable way to run any
scanner; but don't forget that you NEVER can prove the absence of malware)!

http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx
http://www.microsoft.com/technet/archive/community/columns/security/essays/10imlaws.mspx

A simple clean reinstall wiping all disks (by formatting them with NTFS)
cleans all those malware for sure*.
Any other means are just RIDICULOUS: "better be safe than sorry"!

You, and Joe Average too, can't clean a compromised system. Especially in
case of a Trojan it's NOT sufficient to remove the Trojan, you'll have to
find ALL the Greeks that swamped the system!

[braindead fullquote removed]

Stefan

* Don't forget to install XP Service Pack 2 BEFORE you connect the fresh
installed system to ANY network.
AND: create "restricted user" accounts for EVERY user of the system,
NEVER use the initially created "administrator" account for any work
except system administration.
Also consider to turn on SRP and allow execution only in %SystemRoot% and
beyond as well as %ProgramFiles% and beyond.

.

Relevant Pages

  • Re: sewing nylon or polyester
    ... seam (I couldn't resist the pun) that the four layers are caught. ... These make a mound, which is clean on one side and frayed on the other. ...
    (rec.crafts.textiles.needlework)
  • Re: my new sexy white unicycle
    ... I don't care if it's clean, so it'll look crappy and always be dirty). ... I have a yellow hub which I'd have to paint as well. ... three layers of paint, and two layers of shiny stuff. ...
    (rec.sport.unicycling)