RE: More along the lines of malware disinfection



This has been a really great thread, folks!

With regard to the question of not knowing whether or not you have any
modified files remaining on the system, you might be interested in the
following URLs, which have been following and dissecting a newer method
of getting malware on to a machine... simply embed it into a Flash "ad":

http://msmvps.com/blogs/spywaresucks/default.aspx

http://www.bluetack.co.uk/forums/index.php?s=ba964b70addd94e94cce765b5a6
9103b&showtopic=18064&st=0&p=86387&

And an excellent paper, written in 2001 by SANS senior faculty member
Lenny Zeltser, with a pretty thorough discussion and break down of what
just one piece of malware can do to a system.
http://www.zeltser.com/reverse-malware-paper/

And don't forget to:

fdisk /mbr

when you re-use the hard drive.
http://support.microsoft.com/kb/69013


Jim Monahan



===================================

P Please consider the environment before printing this e-mail

Cleveland Clinic is ranked one of the top hospitals
in America by U.S. News & World Report (2007).
Visit us online at http://www.clevelandclinic.org for
a complete listing of our services, staff and
locations.


Confidentiality Note: This message is intended for use
only by the individual or entity to which it is addressed
and may contain information that is privileged,
confidential, and exempt from disclosure under applicable
law. If the reader of this message is not the intended
recipient or the employee or agent responsible for
delivering the message to the intended recipient, you are
hereby notified that any dissemination, distribution or
copying of this communication is strictly prohibited. If
you have received this communication in error, please
contact the sender immediately and destroy the material in
its entirety, whether electronic or hard copy. Thank you.