|
|
21-04-2008, 06:49 AM
|
#1 |
|
Guest
Posts: n/a
|
Advanced Malware Cleaning
Educational viewing!
Mark Russinovich - Advanced Malware Cleaning http://www.microsoft.com/emea/spotli...px?videoid=359 |
|
|
21-04-2008, 04:47 PM
|
#2 |
|
Guest
Posts: n/a
|
Re: Advanced Malware Cleaning
No thanks, I'll give it a miss.
Till I hear what nasties Silverlight has to offer. "Kayman" <kaymanDeleteThis@operamail.com> wrote in message news:fuglvg$mv6$1@aioe.org... > Educational viewing! > Mark Russinovich - Advanced Malware Cleaning > http://www.microsoft.com/emea/spotli...px?videoid=359 |
|
|
|
22-04-2008, 06:57 AM
|
#3 |
|
Guest
Posts: n/a
|
Re: Advanced Malware Cleaning
Kayman wrote:
>Educational viewing! >Mark Russinovich - Advanced Malware Cleaning >http://www.microsoft.com/emea/spotli...px?videoid=359 It is definitely worth the time watching this - even if you are already familiar with techniques for eliminating malware. Mark Russinovich is one of the primary contributors at Sysinternals (he now works for M$). The only drawback to watching this is having to install M$ Silverlight in order to view it. |
|
|
|
22-04-2008, 06:58 AM
|
#4 |
|
Guest
Posts: n/a
|
Re: Advanced Malware Cleaning
Andy Walker wrote:
> Kayman wrote: > >>Educational viewing! >>Mark Russinovich - Advanced Malware Cleaning >>http://www.microsoft.com/emea/spotli...px?videoid=359 > > It is definitely worth the time watching this - even if you are > already familiar with techniques for eliminating malware. Mark > Russinovich is one of the primary contributors at Sysinternals (he now > works for M$). The only drawback to watching this is having to > install M$ Silverlight in order to view it. They really need to put dates on these webcasts or video archives. I remember seeing this one about 2 years ago. I found the webcast link to another of Russinovich's meetings (audio only with slideshow): http://www.microsoft.com/events/Even...taSvcParams%5E Notice the date: June 07, 2005. So almost 3 years old. That one is named SEC425. The link above is named SEC309. So if the naming is sequential, the link above is to an even older meeting. A list of Mark's webcasts is at: http://technet.microsoft.com/en-us/s.../bb963887.aspx Alas, no datestamps. Information is always time sensitive, especially anything that purports to be newsy in nature. |
|
|
|
22-04-2008, 06:58 AM
|
#5 |
|
Guest
Posts: n/a
|
Re: Advanced Malware Cleaning
VanguardLH wrote:
>Andy Walker wrote: > >> Kayman wrote: >> >>>Educational viewing! >>>Mark Russinovich - Advanced Malware Cleaning >>>http://www.microsoft.com/emea/spotli...px?videoid=359 >> >> It is definitely worth the time watching this - even if you are >> already familiar with techniques for eliminating malware. Mark >> Russinovich is one of the primary contributors at Sysinternals (he now >> works for M$). The only drawback to watching this is having to >> install M$ Silverlight in order to view it. > >They really need to put dates on these webcasts or video archives. I >remember seeing this one about 2 years ago. > >I found the webcast link to another of Russinovich's meetings (audio >only with slideshow): > >http://www.microsoft.com/events/Even...taSvcParams%5E > >Notice the date: June 07, 2005. So almost 3 years old. That one is >named SEC425. The link above is named SEC309. So if the naming is >sequential, the link above is to an even older meeting. > >A list of Mark's webcasts is at: > >http://technet.microsoft.com/en-us/s.../bb963887.aspx > >Alas, no datestamps. Information is always time sensitive, especially >anything that purports to be newsy in nature. I think this one is newer as he discuses SpySheriff. It's probably from 2007 and the primary benefit I see in it is that he describes the useful features in many of the Sysinternal utilities. All the techniques described are as valid in 2008 as they were in 2007. You are right though; they should provide dates. |
|
|
|
22-04-2008, 06:58 AM
|
#6 |
|
Guest
Posts: n/a
|
Re: Advanced Malware Cleaning
Andy Walker wrote:
>VanguardLH wrote: > >>Andy Walker wrote: >> >>> Kayman wrote: >>> >>>>Educational viewing! >>>>Mark Russinovich - Advanced Malware Cleaning >>>>http://www.microsoft.com/emea/spotli...px?videoid=359 >>> >>> It is definitely worth the time watching this - even if you are >>> already familiar with techniques for eliminating malware. Mark >>> Russinovich is one of the primary contributors at Sysinternals (he now >>> works for M$). The only drawback to watching this is having to >>> install M$ Silverlight in order to view it. >> >>They really need to put dates on these webcasts or video archives. I >>remember seeing this one about 2 years ago. >> >>I found the webcast link to another of Russinovich's meetings (audio >>only with slideshow): >> >>http://www.microsoft.com/events/Even...taSvcParams%5E >> >>Notice the date: June 07, 2005. So almost 3 years old. That one is >>named SEC425. The link above is named SEC309. So if the naming is >>sequential, the link above is to an even older meeting. >> >>A list of Mark's webcasts is at: >> >>http://technet.microsoft.com/en-us/s.../bb963887.aspx >> >>Alas, no datestamps. Information is always time sensitive, especially >>anything that purports to be newsy in nature. > >I think this one is newer as he discuses SpySheriff. It's probably >from 2007 and the primary benefit I see in it is that he describes the >useful features in many of the Sysinternal utilities. All the >techniques described are as valid in 2008 as they were in 2007. > >You are right though; they should provide dates. Damn how time flies! It's more than likely from 2006 because SpySeriff came out in Dec 2005. At any rate, the information is still good. |
|
|
|
22-04-2008, 07:57 AM
|
#7 |
|
Guest
Posts: n/a
|
Re: Advanced Malware Cleaning
On Mon, 21 Apr 2008 19:30:09 +1000, Potblak wrote:
> No thanks, I'll give it a miss. > Till I hear what nasties Silverlight has to offer. I found Silverlight to be harmless  |
|
|
|
22-04-2008, 07:57 AM
|
#8 |
|
Guest
Posts: n/a
|
Re: Advanced Malware Cleaning
On Mon, 21 Apr 2008 19:03:28 -0400, Andy Walker wrote:
> Kayman wrote: > >>Educational viewing! >>Mark Russinovich - Advanced Malware Cleaning >>http://www.microsoft.com/emea/spotli...px?videoid=359 > > It is definitely worth the time watching this - even if you are > already familiar with techniques for eliminating malware. Mark > Russinovich is one of the primary contributors at Sysinternals (he now > works for M$). Yes, it teaches you to apply AutoRuns and ProcessExplorer more efficiently. The the rootkit presentation is especially very enlightening. > The only drawback to watching this is having to install M$ Silverlight > in order to view it. I found Silverlight to be harmless |
|
|
|
23-04-2008, 10:49 AM
|
#9 |
|
Guest
Posts: n/a
|
Re: Advanced Malware Cleaning
Andy Walker wrote:
> Kayman wrote: > >> Educational viewing! >> Mark Russinovich - Advanced Malware Cleaning >> http://www.microsoft.com/emea/spotli...px?videoid=359 > > It is definitely worth the time watching this - even if you are > already familiar with techniques for eliminating malware. Mark > Russinovich is one of the primary contributors at Sysinternals (he now > works for M$). The only drawback to watching this is having to > install M$ Silverlight in order to view it. think i'll wait 'till someone puts it on youtube... i need a better reason than a single video in order to justify exposing my browser to a new attack vector (even if i do have whitelisting and sandboxing working in my favour)... -- "it's not the right time to be sober now the idiots have taken over spreading like a social cancer, is there an answer?" |
|
|
|
23-04-2008, 10:49 AM
|
#10 |
|
Guest
Posts: n/a
|
Re: Advanced Malware Cleaning
kurt wismer wrote:
>Andy Walker wrote: >> Kayman wrote: >> >>> Educational viewing! >>> Mark Russinovich - Advanced Malware Cleaning >>> http://www.microsoft.com/emea/spotli...px?videoid=359 >> >> It is definitely worth the time watching this - even if you are >> already familiar with techniques for eliminating malware. Mark >> Russinovich is one of the primary contributors at Sysinternals (he now >> works for M$). The only drawback to watching this is having to >> install M$ Silverlight in order to view it. > >think i'll wait 'till someone puts it on youtube... i need a better >reason than a single video in order to justify exposing my browser to a >new attack vector (even if i do have whitelisting and sandboxing working >in my favour)... The funny thing is, I watched it on my Vista Business laptop, and it did not download the Silverlight add-in but instead asked me "do you want to activate Silverlight". It appears that M$ must have added Silverlight in one of its automatic updates (I allow automatic update and installation on that particular machine). I've been closing that annoying pop-up on the M$ site for what seems like months to avoid loading it and don't have any intention of loading it on any of my other Windows machines. |
|
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
