Computer Tips -Tech Info

OK, I mentioned that I infested a virtual machine with the current WMF 0-day exploit. First I should probably clarify. An exploit is a means of getting in to a system. The payload is the software that is installed. In the case of my experience there was a long list of pests installed. Given that the exploit enables any software to be installed, your experience may be different. That’s the first thing I want to make clear, depending on where and when you were affected you may see vastly different malware.

The second thing I want to make clear is that the best solution for a badly infested system is to clean the hard drive and reinstall. Remote access trojans and keyloggers are many and varied and it’s entirely possible that many (or at least one) will be missed in the cleaning process. That much said, a cleaning of this image is what I did. (Although after I’m done looking at it, it will be replaced with it’s clean copy.)

The next series of articles will deal with the problems I ran into trying to clean the system. I’ll try to keep them in continuous order, but won’t be giving “part x” names for the most part. As we speak the image is booting up with full networking and I’m keeping an eye on it to so if it’s really clean. It appears that the infestation is over, but I don’t trust it yet.

Popularity: 1% [?]

   Send article as PDF   

• Windows lost administrator password rundown.... I've done one or two mentions in the past of ways to recover/reset lost windows passwords and thought it was probably time for another "brain dump/web research dump" of things that I've run across. This is not just for lost administrator passwords, but could apply to a lost user account......
• Microsoft working to ensure Windows Validation works with Firefox I've got to say, I'm impressed that this is happening. From the IEblog... The core of my team’s job is to make IE7 and Windows Vista so compelling so that people choose our products. The people who work on Windows want you to have a good experience, whether you use......
• Cleaning up after WMF Exploit - summary Can I say enough times that after a bad trojan infestation you should format and reinstall? I've cleaned up the infested image that I "sacrificed" to the WMF exploit and as I've said you're pestware install will likely be somewhat different. An exploit is just the road, the spyware and......

• Bringing a Container Garden Inside If you have a container garden that you’ve been carefully tending all summer long, it’s time to start thinking about what you plan to do with it for the rest of the year. Depending on the types of plants you have, you may be able to enjoy them all year......
• Teaching Teen Moneymakers Not to Spend it All at Once Guiding money-making teens down the path to financial stability is much easier if they have had some experience with handling money in their early teen years, but even if they have had absolutely no responsibilities up to this point all is not lost. If your teen has not previously been......
• Does The CatGenie Self Cleaning Litter Box Really Work If you are like other cat people you like the idea of a self cleaning, self flushing cat box but you're probably wondering if it really works. No one really enjoys dealing with cat litter, as this is a daily chore when you have a cat, and it's not only......

Similar Posts

• Cleaning up after WMF Exploit – summary
• WMF zero-day exploit first hand experience
• Cleaning up after WMF exploit – is it clean?
• Task manager has been disabled by your administrator
• Spyware, viral cleanup disabling system restore

This entry was posted on Thursday, December 29th, 2005 at 10:58 am and is filed under Computers, Security, Tech Support, Viruses, Windows. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.