Cleaning up after WMF Exploit – summary



Can I say enough times that after a bad trojan infestation you should format and reinstall? I’ve cleaned up the infested image that I “sacrificed” to the WMF exploit and as I’ve said you’re pestware install will likely be somewhat different. An exploit is just the road, the spyware and viruses are the cars. Once the road is built, just about any car can use it…. Hopefully the series has been helpful on working through some of the problems with a system cleaning.


Do I currently “trust” the image? No. It would take several more hours of virus scanning, anti-spyware scanning (at least two anti-spyware programs, probably 2 antivirus programs), network sniffing, replacement of pristine certifiable Microsoft files (for the 2 or three items that could have been replaced by trojaned files.) And even after all that there is still some doubt.

Antivirus and spyware scanners only know about what they’ve seen. If there is a new sneaky trojan that trojaned explorer.exe in all the other mess, I might not replace it and it could lurk unfound for a long time, maybe acting as a keylogger. Or maybe a rootkit used somy of Sony’s tricks to hide itself and I haven’t done a scan that would identify that kind of file hiding. Your best bet is to format and reinstall – think of a cleanup as an opportunity to get your files out. An even better opportunity to get your files out would be a linux boot cd and external hard drive…..

Related Posts

Blog Traffic Exchange Related Posts
  • WMF 0-day exploit There seems to be a 0-day exploit involving WMF (Windows Meta File's) according to SANS. Here's their lead-in Just when we thought that this will be another slow day, a link to a working unpatched exploit in, what looks like Windows Graphics Rendering Engine, has been posted to Bugtraq. It's......
  • Hiding malware may evade antivirus Sans had an interesting malware analysis this morning about a blob that appeared to be ascii text (gibberish) that was retrieved by a piece of malware. It turns out that the ascii text was a cleverly encoded exe file (windows executable or program file.) It took several iterations of their......
  • Grisoft AVG Antivirus and other antivirus alternatives Okay, so we know that having an antivirus scanner on a windows desktop is VERY necessary. Especially if it's a system that has any contact with the outside world. So, what to choose. Well, of course there's Symantec Norton Antivirus, there's McAfee and a few other less well known (Kaspersky,......
Blog Traffic Exchange Related Websites
  • Spyware Elimination - How To Get Best Software To Remove Worst Spyware As soon as you go home you find a flyer on the porch. The exact set of shoes in the store was seen on the flyer. So the question here unanswered is how did they come to know? Is it a matter of coincidence? No, this is because of software......
  • CA Security Comprehensive Internet Security & Data Protection CA Internet Security Suite Plus, an all-in-one security suite, gives you maximum protection against viruses, spyware, and other internet threats that can compromise your privacy and harm your PC. CA Internet Security Suite Plus Comprehensive Virus and Spyware Protection CA AntiVirus Plus keeps......
  • 10 Basic Tips for Securing Your Computer Today, most people have personal information, including financial information and family photos on their personal computer. All it takes is one virus or worm to destroy all of your information, making it vital to protect your computer. Protecting your computer is the best way to ensure all of your personal......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

One Response to “Cleaning up after WMF Exploit – summary”

  1. The PC Doctor » Blog Archive » The effects of the WMF exploit Says:


    [...] Cleaning up after WMF exploit – summary  [...]


Switch to our mobile site