OT. Microsoft Says Recovery from Malware Becoming Impossible !

Microsoft Says Recovery from Malware Becoming Impossible !

In a rare discussion about the severity of the Windows malware scourge,
a Microsoft security official said businesses should consider investing
in an automated process to wipe hard drives and reinstall operating
systems as a practical way to recover from malware infestation.

"When you are dealing with rootkits and some advanced spyware programs,
the only solution is to rebuild from scratch. In some cases, there
really is no way to recover without nuking the systems from orbit," Mike
Danseglio, program manager in the Security Solutions group at Microsoft,
said in a presentation at the InfoSec World conference...

http://umeshsoft.blogspot.com/

It's not really news to those in the know but these rootkits will be the
bane of the computing world in no time. (Ask Sony customers what they
think of rootkits!) I would think however that tools that scan drives
when they are offline should be able to "root" these rootkits. Still,
more trash to give computer users headaches.

John

John:

I have gotten used to the idea already and learned to cope with it. As
always: *Safe Hex* goes a long way and the rest is plain awareness for the
personal user. In business one will have to use more stringent methods.

Harry.


"John John" wrote in message
...
Microsoft Says Recovery from Malware Becoming Impossible !

In a rare discussion about the severity of the Windows malware scourge,
a Microsoft security official said businesses should consider investing
in an automated process to wipe hard drives and reinstall operating
systems as a practical way to recover from malware infestation.

"When you are dealing with rootkits and some advanced spyware programs,
the only solution is to rebuild from scratch. In some cases, there
really is no way to recover without nuking the systems from orbit," Mike
Danseglio, program manager in the Security Solutions group at Microsoft,
said in a presentation at the InfoSec World conference...

http://umeshsoft.blogspot.com/

It's not really news to those in the know but these rootkits will be the
bane of the computing world in no time. (Ask Sony customers what they
think of rootkits!) I would think however that tools that scan drives
when they are offline should be able to "root" these rootkits. Still,
more trash to give computer users headaches.

John

All the more reason to have 'full disk' backups on a seperate HD (preferably
removable). And, the set of backups should contain, at least, one
'pristine' copy of the OS and installed software. BTW, www.sysinternals.com
offers a free Rootkit Revealer app......doesn't remove anything, but, does
point you in the right direction. If nothing else, you would know when to
use one of earlier said backups :-).
Heirloom, old and backups are best

"webster72n" wrote in message
...

John:

I have gotten used to the idea already and learned to cope with it. As
always: *Safe Hex* goes a long way and the rest is plain awareness for the
personal user. In business one will have to use more stringent methods.

Harry.


"John John" wrote in message
...
Microsoft Says Recovery from Malware Becoming Impossible !

In a rare discussion about the severity of the Windows malware scourge,
a Microsoft security official said businesses should consider investing
in an automated process to wipe hard drives and reinstall operating
systems as a practical way to recover from malware infestation.

"When you are dealing with rootkits and some advanced spyware programs,
the only solution is to rebuild from scratch. In some cases, there
really is no way to recover without nuking the systems from orbit," Mike
Danseglio, program manager in the Security Solutions group at Microsoft,
said in a presentation at the InfoSec World conference...

http://umeshsoft.blogspot.com/

It's not really news to those in the know but these rootkits will be the
bane of the computing world in no time. (Ask Sony customers what they
think of rootkits!) I would think however that tools that scan drives
when they are offline should be able to "root" these rootkits. Still,
more trash to give computer users headaches.

John

No question about that, H, back-up is essential and preferrably the way you
suggest.
In the end we are going "to lick this thing", one way or another?

Harry.


"Heirloom" wrote in message
...
All the more reason to have 'full disk' backups on a seperate HD
(preferably
removable). And, the set of backups should contain, at least, one
'pristine' copy of the OS and installed software. BTW,
www.sysinternals.com
offers a free Rootkit Revealer app......doesn't remove anything, but, does
point you in the right direction. If nothing else, you would know when to
use one of earlier said backups :-).
Heirloom, old and backups are best

"webster72n" wrote in message
...

John:

I have gotten used to the idea already and learned to cope with it. As
always: *Safe Hex* goes a long way and the rest is plain awareness for
the
personal user. In business one will have to use more stringent methods.

Harry.


"John John" wrote in message
...
Microsoft Says Recovery from Malware Becoming Impossible !

In a rare discussion about the severity of the Windows malware scourge,
a Microsoft security official said businesses should consider investing
in an automated process to wipe hard drives and reinstall operating
systems as a practical way to recover from malware infestation.

"When you are dealing with rootkits and some advanced spyware programs,
the only solution is to rebuild from scratch. In some cases, there
really is no way to recover without nuking the systems from orbit,"
Mike
Danseglio, program manager in the Security Solutions group at
Microsoft,
said in a presentation at the InfoSec World conference...

http://umeshsoft.blogspot.com/

It's not really news to those in the know but these rootkits will be
the
bane of the computing world in no time. (Ask Sony customers what they
think of rootkits!) I would think however that tools that scan drives
when they are offline should be able to "root" these rootkits. Still,
more trash to give computer users headaches.

John

Hi, Heirloom. Greetings from the Buckeye State. Caught your comment about
backing up a system. Sounds like a monster external hard drive is the way to
go. But what app/program would make the whole process easy? I know this
topic has been covered before in these NGs, but just wanted to jump right in
now before I move on and forget about the whole thing. Joe Starin

"Heirloom" wrote in message
...
All the more reason to have 'full disk' backups on a seperate HD
(preferably removable). And, the set of backups should contain, at least,
one 'pristine' copy of the OS and installed software. BTW,
www.sysinternals.com offers a free Rootkit Revealer app......doesn't
remove anything, but, does point you in the right direction. If nothing
else, you would know when to use one of earlier said backups :-).
Heirloom, old and backups are best

"webster72n" wrote in message
...

John:

I have gotten used to the idea already and learned to cope with it. As
always: *Safe Hex* goes a long way and the rest is plain awareness for
the
personal user. In business one will have to use more stringent methods.

Harry.


"John John" wrote in message
...
Microsoft Says Recovery from Malware Becoming Impossible !

In a rare discussion about the severity of the Windows malware scourge,
a Microsoft security official said businesses should consider investing
in an automated process to wipe hard drives and reinstall operating
systems as a practical way to recover from malware infestation.

"When you are dealing with rootkits and some advanced spyware programs,
the only solution is to rebuild from scratch. In some cases, there
really is no way to recover without nuking the systems from orbit," Mike
Danseglio, program manager in the Security Solutions group at Microsoft,
said in a presentation at the InfoSec World conference...

http://umeshsoft.blogspot.com/

It's not really news to those in the know but these rootkits will be the
bane of the computing world in no time. (Ask Sony customers what they
think of rootkits!) I would think however that tools that scan drives
when they are offline should be able to "root" these rootkits. Still,
more trash to give computer users headaches.

John

Personally, I use Acronis True Image. I have tested it thoroughly and have
been quite pleased. There are those that swear by Norton Ghost.........you
know me and Norton, if it says Symantec or Norton on it....I don't want it.
And you don't really need a "monster" HD. I have four HD's.....2x80G in a
Raid 0 config, 1 x 80G for misc. data and 1 x 300G (partitioned to
accomodate the Raid and the data HD. (Acronis has three or four different
compression settings for the backups. I use no compression for my pristine
backup and minimal on the others). Plus I have a 'protected' section for my
pristine backup, that cannot be accessed by any Windows program except
Acronis. Just my humble thoughts..........YMMV.
Heirloom, old and it works for me

"Joe Starin" wrote in message
. net...
Hi, Heirloom. Greetings from the Buckeye State. Caught your comment about
backing up a system. Sounds like a monster external hard drive is the way
to go. But what app/program would make the whole process easy? I know this
topic has been covered before in these NGs, but just wanted to jump right
in now before I move on and forget about the whole thing. Joe Starin

"Heirloom" wrote in message
...
All the more reason to have 'full disk' backups on a seperate HD
(preferably removable). And, the set of backups should contain, at
least, one 'pristine' copy of the OS and installed software. BTW,
www.sysinternals.com offers a free Rootkit Revealer app......doesn't
remove anything, but, does point you in the right direction. If nothing
else, you would know when to use one of earlier said backups :-).
Heirloom, old and backups are best

"webster72n" wrote in message
...

John:

I have gotten used to the idea already and learned to cope with it. As
always: *Safe Hex* goes a long way and the rest is plain awareness for
the
personal user. In business one will have to use more stringent methods.

Harry.


"John John" wrote in message
...
Microsoft Says Recovery from Malware Becoming Impossible !

In a rare discussion about the severity of the Windows malware scourge,
a Microsoft security official said businesses should consider investing
in an automated process to wipe hard drives and reinstall operating
systems as a practical way to recover from malware infestation.

"When you are dealing with rootkits and some advanced spyware programs,
the only solution is to rebuild from scratch. In some cases, there
really is no way to recover without nuking the systems from orbit,"
Mike
Danseglio, program manager in the Security Solutions group at
Microsoft,
said in a presentation at the InfoSec World conference...

http://umeshsoft.blogspot.com/

It's not really news to those in the know but these rootkits will be
the
bane of the computing world in no time. (Ask Sony customers what they
think of rootkits!) I would think however that tools that scan drives
when they are offline should be able to "root" these rootkits. Still,
more trash to give computer users headaches.

John

Heirloom you are still around are you. I slip by here
regularly to see who is picking on you.

About backup - hope you are wrong about Norton. I build my
hard drive images on CDs with Ghost, I haven't restored
with it yet but build and test functions seem to work fine.
Matter of fact I built an image (on 5 CDs) just this
morning. I make 2 copies ever time I bild and image and am
confident I will be able to restore if needed. (Psst, watch
this.)
NORTON RULES!

Job says, "The power of hopeful thinking leads to
opportunities to excel."


"Heirloom" wrote in message
...
Personally, I use Acronis True Image. I have tested it
thoroughly and have
been quite pleased. There are those that swear by Norton
Ghost.........you
know me and Norton, if it says Symantec or Norton on
it....I don't want it.
And you don't really need a "monster" HD. I have four
HD's.....2x80G in a
Raid 0 config, 1 x 80G for misc. data and 1 x 300G
(partitioned to
accomodate the Raid and the data HD. (Acronis has three
or four different
compression settings for the backups. I use no
compression for my pristine
backup and minimal on the others). Plus I have a
'protected' section for my
pristine backup, that cannot be accessed by any Windows
program except
Acronis. Just my humble thoughts..........YMMV.
Heirloom, old and it works
for me

"Joe Starin" wrote in
message
. net...
Hi, Heirloom. Greetings from the Buckeye State. Caught
your comment about
backing up a system. Sounds like a monster external hard
drive is the way
to go. But what app/program would make the whole process
easy? I know this
topic has been covered before in these NGs, but just
wanted to jump right
in now before I move on and forget about the whole
thing. Joe Starin

"Heirloom" wrote in message
...
All the more reason to have 'full disk' backups on a
seperate HD
(preferably removable). And, the set of backups should
contain, at
least, one 'pristine' copy of the OS and installed
software. BTW,
www.sysinternals.com offers a free Rootkit Revealer
app......doesn't
remove anything, but, does point you in the right
direction. If nothing
else, you would know when to use one of earlier said
backups :-).
Heirloom, old and
backups are best

"webster72n" wrote in message
...

John:

I have gotten used to the idea already and learned to
cope with it. As
always: *Safe Hex* goes a long way and the rest is
plain awareness for
the
personal user. In business one will have to use more
stringent methods.

Harry.


"John John" wrote in message
...
Microsoft Says Recovery from Malware Becoming
Impossible !

In a rare discussion about the severity of the
Windows malware scourge,
a Microsoft security official said businesses should
consider investing
in an automated process to wipe hard drives and
reinstall operating
systems as a practical way to recover from malware
infestation.

"When you are dealing with rootkits and some advanced
spyware programs,
the only solution is to rebuild from scratch. In some
cases, there
really is no way to recover without nuking the
systems from orbit,"
Mike
Danseglio, program manager in the Security Solutions
group at
Microsoft,
said in a presentation at the InfoSec World
conference...

http://umeshsoft.blogspot.com/

It's not really news to those in the know but these
rootkits will be
the
bane of the computing world in no time. (Ask Sony
customers what they
think of rootkits!) I would think however that tools
that scan drives
when they are offline should be able to "root" these
rootkits. Still,
more trash to give computer users headaches.

John

Hey Job!!! You ol' cat hair! Just because I have sworn against all
things Norton doesn't mean there is not some good still out there! You know
you can't trust an old f*rt. I just happen to use and like Acronis, but, I
do know many folks that swear by Ghost.............
Heirloom, old and whatever crumbles your
cookie

"Job" wrote in message
...
Heirloom you are still around are you. I slip by here
regularly to see who is picking on you.

About backup - hope you are wrong about Norton. I build my
hard drive images on CDs with Ghost, I haven't restored
with it yet but build and test functions seem to work fine.
Matter of fact I built an image (on 5 CDs) just this
morning. I make 2 copies ever time I bild and image and am
confident I will be able to restore if needed. (Psst, watch
this.)
NORTON RULES!

Job says, "The power of hopeful thinking leads to
opportunities to excel."


"Heirloom" wrote in message
...
Personally, I use Acronis True Image. I have tested it
thoroughly and have
been quite pleased. There are those that swear by Norton
Ghost.........you
know me and Norton, if it says Symantec or Norton on
it....I don't want it.
And you don't really need a "monster" HD. I have four
HD's.....2x80G in a
Raid 0 config, 1 x 80G for misc. data and 1 x 300G
(partitioned to
accomodate the Raid and the data HD. (Acronis has three
or four different
compression settings for the backups. I use no
compression for my pristine
backup and minimal on the others). Plus I have a
'protected' section for my
pristine backup, that cannot be accessed by any Windows
program except
Acronis. Just my humble thoughts..........YMMV.
Heirloom, old and it works
for me

"Joe Starin" wrote in
message
. net...
Hi, Heirloom. Greetings from the Buckeye State. Caught
your comment about
backing up a system. Sounds like a monster external hard
drive is the way
to go. But what app/program would make the whole process
easy? I know this
topic has been covered before in these NGs, but just
wanted to jump right
in now before I move on and forget about the whole
thing. Joe Starin

"Heirloom" wrote in message
...
All the more reason to have 'full disk' backups on a
seperate HD
(preferably removable). And, the set of backups should
contain, at
least, one 'pristine' copy of the OS and installed
software. BTW,
www.sysinternals.com offers a free Rootkit Revealer
app......doesn't
remove anything, but, does point you in the right
direction. If nothing
else, you would know when to use one of earlier said
backups :-).
Heirloom, old and
backups are best

"webster72n" wrote in message
...

John:

I have gotten used to the idea already and learned to
cope with it. As
always: *Safe Hex* goes a long way and the rest is
plain awareness for
the
personal user. In business one will have to use more
stringent methods.

Harry.


"John John" wrote in message
...
Microsoft Says Recovery from Malware Becoming
Impossible !

In a rare discussion about the severity of the
Windows malware scourge,
a Microsoft security official said businesses should
consider investing
in an automated process to wipe hard drives and
reinstall operating
systems as a practical way to recover from malware
infestation.

"When you are dealing with rootkits and some advanced
spyware programs,
the only solution is to rebuild from scratch. In some
cases, there
really is no way to recover without nuking the
systems from orbit,"
Mike
Danseglio, program manager in the Security Solutions
group at
Microsoft,
said in a presentation at the InfoSec World
conference...

http://umeshsoft.blogspot.com/

It's not really news to those in the know but these
rootkits will be
the
bane of the computing world in no time. (Ask Sony
customers what they
think of rootkits!) I would think however that tools
that scan drives
when they are offline should be able to "root" these
rootkits. Still,
more trash to give computer users headaches.

John

Well young fellow, I don't swear by it and hope I never have
to swear at it.

Job says, "It's purt nigh spring here in Virginny!"


"Heirloom" wrote in message
...
Hey Job!!! You ol' cat hair! Just because I have sworn
against all
things Norton doesn't mean there is not some good still
out there! You know
you can't trust an old f*rt. I just happen to use and
like Acronis, but, I
do know many folks that swear by Ghost.............
Heirloom, old and whatever
crumbles your
cookie

"Job" wrote in message
...
Heirloom you are still around are you. I slip by here
regularly to see who is picking on you.

About backup - hope you are wrong about Norton. I build
my
hard drive images on CDs with Ghost, I haven't restored
with it yet but build and test functions seem to work
fine.
Matter of fact I built an image (on 5 CDs) just this
morning. I make 2 copies ever time I bild and image and
am
confident I will be able to restore if needed. (Psst,
watch
this.)
NORTON RULES!

Job says, "The power of hopeful thinking leads to
opportunities to excel."


"Heirloom" wrote in message
...
Personally, I use Acronis True Image. I have tested it
thoroughly and have
been quite pleased. There are those that swear by
Norton
Ghost.........you
know me and Norton, if it says Symantec or Norton on
it....I don't want it.
And you don't really need a "monster" HD. I have four
HD's.....2x80G in a
Raid 0 config, 1 x 80G for misc. data and 1 x 300G
(partitioned to
accomodate the Raid and the data HD. (Acronis has
three
or four different
compression settings for the backups. I use no
compression for my pristine
backup and minimal on the others). Plus I have a
'protected' section for my
pristine backup, that cannot be accessed by any Windows
program except
Acronis. Just my humble thoughts..........YMMV.
Heirloom, old and it
works
for me

"Joe Starin" wrote in
message

. net...
Hi, Heirloom. Greetings from the Buckeye State.
Caught
your comment about
backing up a system. Sounds like a monster external
hard
drive is the way
to go. But what app/program would make the whole
process
easy? I know this
topic has been covered before in these NGs, but just
wanted to jump right
in now before I move on and forget about the whole
thing. Joe Starin

"Heirloom" wrote in message
...
All the more reason to have 'full disk' backups on a
seperate HD
(preferably removable). And, the set of backups
should
contain, at
least, one 'pristine' copy of the OS and installed
software. BTW,
www.sysinternals.com offers a free Rootkit Revealer
app......doesn't
remove anything, but, does point you in the right
direction. If nothing
else, you would know when to use one of earlier said
backups :-).
Heirloom, old and
backups are best

"webster72n" wrote in
message
...

John:

I have gotten used to the idea already and learned
to
cope with it. As
always: *Safe Hex* goes a long way and the rest is
plain awareness for
the
personal user. In business one will have to use
more
stringent methods.

Harry.


"John John" wrote in
message
...
Microsoft Says Recovery from Malware Becoming
Impossible !

In a rare discussion about the severity of the
Windows malware scourge,
a Microsoft security official said businesses
should
consider investing
in an automated process to wipe hard drives and
reinstall operating
systems as a practical way to recover from malware
infestation.

"When you are dealing with rootkits and some
advanced
spyware programs,
the only solution is to rebuild from scratch. In
some
cases, there
really is no way to recover without nuking the
systems from orbit,"
Mike
Danseglio, program manager in the Security
Solutions
group at
Microsoft,
said in a presentation at the InfoSec World
conference...

http://umeshsoft.blogspot.com/

It's not really news to those in the know but
these
rootkits will be
the
bane of the computing world in no time. (Ask Sony
customers what they
think of rootkits!) I would think however that
tools
that scan drives
when they are offline should be able to "root"
these
rootkits. Still,
more trash to give computer users headaches.

John

Job says, "It's purt nigh spring here in Virginny!"
It's no doubt summer in Texas..........forecast 84 today and I have been
mowing for over two months.
Heirloom, old and can't take the heat (avoids
kitchens)

"Job" wrote in message
...
Well young fellow, I don't swear by it and hope I never have
to swear at it.

Job says, "It's purt nigh spring here in Virginny!"


"Heirloom" wrote in message
...
Hey Job!!! You ol' cat hair! Just because I have sworn
against all
things Norton doesn't mean there is not some good still
out there! You know
you can't trust an old f*rt. I just happen to use and
like Acronis, but, I
do know many folks that swear by Ghost.............
Heirloom, old and whatever
crumbles your
cookie

"Job" wrote in message
...
Heirloom you are still around are you. I slip by here
regularly to see who is picking on you.

About backup - hope you are wrong about Norton. I build
my
hard drive images on CDs with Ghost, I haven't restored
with it yet but build and test functions seem to work
fine.
Matter of fact I built an image (on 5 CDs) just this
morning. I make 2 copies ever time I bild and image and
am
confident I will be able to restore if needed. (Psst,
watch
this.)
NORTON RULES!

Job says, "The power of hopeful thinking leads to
opportunities to excel."


"Heirloom" wrote in message
...
Personally, I use Acronis True Image. I have tested it
thoroughly and have
been quite pleased. There are those that swear by
Norton
Ghost.........you
know me and Norton, if it says Symantec or Norton on
it....I don't want it.
And you don't really need a "monster" HD. I have four
HD's.....2x80G in a
Raid 0 config, 1 x 80G for misc. data and 1 x 300G
(partitioned to
accomodate the Raid and the data HD. (Acronis has
three
or four different
compression settings for the backups. I use no
compression for my pristine
backup and minimal on the others). Plus I have a
'protected' section for my
pristine backup, that cannot be accessed by any Windows
program except
Acronis. Just my humble thoughts..........YMMV.
Heirloom, old and it
works
for me

"Joe Starin" wrote in
message

. net...
Hi, Heirloom. Greetings from the Buckeye State.
Caught
your comment about
backing up a system. Sounds like a monster external
hard
drive is the way
to go. But what app/program would make the whole
process
easy? I know this
topic has been covered before in these NGs, but just
wanted to jump right
in now before I move on and forget about the whole
thing. Joe Starin

"Heirloom" wrote in message
...
All the more reason to have 'full disk' backups on a
seperate HD
(preferably removable). And, the set of backups
should
contain, at
least, one 'pristine' copy of the OS and installed
software. BTW,
www.sysinternals.com offers a free Rootkit Revealer
app......doesn't
remove anything, but, does point you in the right
direction. If nothing
else, you would know when to use one of earlier said
backups :-).
Heirloom, old and
backups are best

"webster72n" wrote in
message
...

John:

I have gotten used to the idea already and learned
to
cope with it. As
always: *Safe Hex* goes a long way and the rest is
plain awareness for
the
personal user. In business one will have to use
more
stringent methods.

Harry.


"John John" wrote in
message
...
Microsoft Says Recovery from Malware Becoming
Impossible !

In a rare discussion about the severity of the
Windows malware scourge,
a Microsoft security official said businesses
should
consider investing
in an automated process to wipe hard drives and
reinstall operating
systems as a practical way to recover from malware
infestation.

"When you are dealing with rootkits and some
advanced
spyware programs,
the only solution is to rebuild from scratch. In
some
cases, there
really is no way to recover without nuking the
systems from orbit,"
Mike
Danseglio, program manager in the Security
Solutions
group at
Microsoft,
said in a presentation at the InfoSec World
conference...

http://umeshsoft.blogspot.com/

It's not really news to those in the know but
these
rootkits will be
the
bane of the computing world in no time. (Ask Sony
customers what they
think of rootkits!) I would think however that
tools
that scan drives
when they are offline should be able to "root"
these
rootkits. Still,
more trash to give computer users headaches.

John