http://www.infosecblog.org/2008/04/subpoena-in-a-civil-case/ Mon, 06 Feb 2012 07:04:18 +0000 hourly 1 http://wordpress.org/?v=3.3.1 http://www.infosecblog.org/2008/04/subpoena-in-a-civil-case/comment-page-1/#comment-254 Roger Tue, 15 Apr 2008 20:07:13 +0000 http://www.infosecblog.org/2008/04/subpoena-in-a-civil-case/#comment-254 when I ran my sample through virustotal, and from what I remember looking at the links in the sans diary entry, most of the detections were heuristic. The only virus name I saw was Trojan-Downloader.Win32.DlRhifrem.A. Virus cleaning has changed. Most of the time, you aren't going to get virus XYZ and find easy to follow instructions on cleaning, or better yet a clean tool like the AVERT Stinger. With the hundreds of thousands of variants that are out there, its impossible to treat every variant as a major event. Most people would tell you to be absolutely sure a computer is clean you must reload it. I must admit I still have a tendency to try to clean it by hand. If I'm not called upon too often, it can be entertaining. I generally use sysinternals tools to clean manually. hijackthis may still be useful. Then wrap things up with a full system scan using a free online scan from a trustworthy vendor. when I ran my sample through virustotal, and from what I remember looking at the links in the sans diary entry, most of the detections were heuristic. The only virus name I saw was Trojan-Downloader.Win32.DlRhifrem.A.
Virus cleaning has changed. Most of the time, you aren’t going to get virus XYZ and find easy to follow instructions on cleaning, or better yet a clean tool like the AVERT Stinger. With the hundreds of thousands of variants that are out there, its impossible to treat every variant as a major event.
Most people would tell you to be absolutely sure a computer is clean you must reload it. I must admit I still have a tendency to try to clean it by hand. If I’m not called upon too often, it can be entertaining.
I generally use sysinternals tools to clean manually. hijackthis may still be useful. Then wrap things up with a full system scan using a free online scan from a trustworthy vendor.

]]> http://www.infosecblog.org/2008/04/subpoena-in-a-civil-case/comment-page-1/#comment-253 Anon Tue, 15 Apr 2008 16:37:56 +0000 http://www.infosecblog.org/2008/04/subpoena-in-a-civil-case/#comment-253 Does anyone know what virus is released by the link in this e-mail? One of my users clicked on it and it make IE crash on https pages. McAfee Virus Scan seems not to find anything after running a full scan. Someone let me know what virus it is if you know... Thanks! Does anyone know what virus is released by the link in this e-mail? One of my users clicked on it and it make IE crash on https pages. McAfee Virus Scan seems not to find anything after running a full scan. Someone let me know what virus it is if you know…
Thanks!

]]>