On Wed, 26 May 2010, Thane Sherrington wrote:
Have you tried using an MD5 hash on the files in the Windows folder and
subfolders and compared it to a known good hash to try to find infections?
I've been playing with that.
Nope, so far I've been pretty lucky by sorting by date changed and seeing
if files show up with modified dates that don't make sense. Allows a
quick visual infection scan in the various folders that hold dll, exe and
sys files.
Christopher Fisk
--
Jayne: "Go hwong-tong [Enough of this nonsense]. No trouble now, little
crazy person... we're going for a nice shuttle ride..."
--"Serenity"
