Cleaning up after WMF exploit – is it clean?



So, I’ve got most of the baddies cleaned out and I’m not getting popups anymore. No nags on boot, the boot process is quicker, but is it really clean? I found a few files (winlogon.exe, alg.exe in particular) that could be legitimate windows file names. Am I running the good one, or the trojan? That is exactly why a clean install is usually the best treatment for a badly infested system. Ultimately to trust this cleaned system a bit better I would need to. Watch it for signs of peculiar network ports open or peculiar processes…..


Replace the suspected system files with known good copies from the Windows install disc or similar source (sp2 install), etc. ultimately I don’t know how long it would take to really say you could “trust” the platform again until it was wiped clean and reinstalled. The best advice if you’re considering a clean up like this is to think of it as a temporary step to control the infestation and get important files off.

Also, I would need to run antivirus scans on and off for some time (with updates) to increase my confidence that it’s clean. Anti-Spyware scans would be good as well.

There is at least one of step that I have failed to document in this series so far… I’ll deal with that in the next article.

Related Posts

Blog Traffic Exchange Related Posts
  • Ooops... hard drive maker ships trojan on storage media Oooops... According to the Sunbelt blog a Japanese storage maker (I-O Data Device) has offered to exchange drives that were discovered to have been shipped out with the Tompai-A, a worm which would give a cracker backdoor access to a machine. It affects portable hard drive's in the companies HDP-U......
  • Version 2 of the WMF exploit vs Windows 98 SE Ok, I wasn't quite satisfied with the results of the tests against the first version of the WMF (Windows Metafile) zero day exploit that's now up to 4 or 5 days or so... Windows 98 is listed as being vulnerable, but there are no patches or workarounds currently available for......
  • Making sense of the different versions of Vista Microsoft Vista is now out, the next version of Windows, successor to XP. While Windows XP will continue to receive updates into 2014 there are many that might be eager to upgrade and move to the latest greatest. (Note to those: Service Pack one may be en route THIS calendar......
Blog Traffic Exchange Related Websites
  • Reformat Hard Drive And Install Windows 7 There are Two Main Types to reformat hard drive and install Windows 7 A reinstall allows you to keep all your software and personal settings. This method is of interest because you may unintentionally keep the actual glitch that you're attempting to completely eliminate. Our recommended Method: Do a full......
  • Stained Glass Windows Antiques -> Architectural and Garden -> Stained Glass Windows-> Pre-1900 Stained glass windows are more than just functional windows, they are works of art that can express exalted meanings or simply beautify a room. When you are shopping for antique stained glass, it’s important to understand the amount of time......
  • Guide to Gun Cleaning The first step to good gun cleaning is to scrub out the bore of your gun using the correct Phosphor bronze brush size, and use a bore solvent like Bor-Solv Supreme for the greatest possible results. This will remove all powder fouling and residue from the bore of your gun......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site