Focus on Microsoft
RE: More along the lines of malware disinfection Mar 20 2008 01:12PM
Monahan, Jim (MONAHAJ ccf org)
This has been a really great thread, folks!

With regard to the question of not knowing whether or not you have any
modified files remaining on the system, you might be interested in the
following URLs, which have been following and dissecting a newer method
of getting malware on to a machine... simply embed it into a Flash "ad":

http://msmvps.com/blogs/spywaresucks/default.aspx

http://www.bluetack.co.uk/forums/index.php?s=ba964b70addd94e94cce765b5a6

9103b&showtopic=18064&st=0&p=86387&

And an excellent paper, written in 2001 by SANS senior faculty member
Lenny Zeltser, with a pretty thorough discussion and break down of what
just one piece of malware can do to a system.
http://www.zeltser.com/reverse-malware-paper/

And if you're really going to re-use the same hard drive for a new
installation (assuming you've saved the data and now want to wipe the
drive clean with fdisk), don't forget to:

fdisk /mbr
http://support.microsoft.com/kb/69013

Jim Monahan

P Please consider the environment before printing this e-mail

Cleveland Clinic is ranked one of the top hospitals
in America by U.S. News & World Report (2007).
Visit us online at http://www.clevelandclinic.org for
a complete listing of our services, staff and
locations.

Confidentiality Note: This message is intended for use
only by the individual or entity to which it is addressed
and may contain information that is privileged,
confidential, and exempt from disclosure under applicable
law. If the reader of this message is not the intended
recipient or the employee or agent responsible for
delivering the message to the intended recipient, you are
hereby notified that any dissemination, distribution or
copying of this communication is strictly prohibited. If
you have received this communication in error, please
contact the sender immediately and destroy the material in
its entirety, whether electronic or hard copy. Thank you.

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus