Cleaning up after WMF Exploit – summary



Can I say enough times that after a bad trojan infestation you should format and reinstall? I’ve cleaned up the infested image that I “sacrificed” to the WMF exploit and as I’ve said you’re pestware install will likely be somewhat different. An exploit is just the road, the spyware and viruses are the cars. Once the road is built, just about any car can use it…. Hopefully the series has been helpful on working through some of the problems with a system cleaning.


Do I currently “trust” the image? No. It would take several more hours of virus scanning, anti-spyware scanning (at least two anti-spyware programs, probably 2 antivirus programs), network sniffing, replacement of pristine certifiable Microsoft files (for the 2 or three items that could have been replaced by trojaned files.) And even after all that there is still some doubt.

Antivirus and spyware scanners only know about what they’ve seen. If there is a new sneaky trojan that trojaned explorer.exe in all the other mess, I might not replace it and it could lurk unfound for a long time, maybe acting as a keylogger. Or maybe a rootkit used somy of Sony’s tricks to hide itself and I haven’t done a scan that would identify that kind of file hiding. Your best bet is to format and reinstall – think of a cleanup as an opportunity to get your files out. An even better opportunity to get your files out would be a linux boot cd and external hard drive…..

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove Safety AntiSpyware | Safety AntiSpyware Removal Guide Safety Antispyware is a rogue antivirus application that will scan your computer and claim that many files are infected with viruses and need to be deleted. The main problem is that these claims are falsified. Not only do you likely not have a virus (other than this monstrosity), but the......
  • Workaround for the critical WMF zero-day exploit The Windows Meta File (WMF) zero-day (0-day) exploit is apparently, VERY nasty, no user intervention required (unless running firefox or opera). Just VISITING a malicous site (viewing a malicious email with image...) would be enough to get the system owned. It sounds as though a FULL reinstall is the best......
  • Hiding malware may evade antivirus Sans had an interesting malware analysis this morning about a blob that appeared to be ascii text (gibberish) that was retrieved by a piece of malware. It turns out that the ascii text was a cleverly encoded exe file (windows executable or program file.) It took several iterations of their......
Blog Traffic Exchange Related Websites
  • 9 Easy Ways to Green Your Home Greening up your home is actually a lot simpler than spending thousands on solar panels for your roof, and does not have to involve composting or growing all of your own food if you do not want it to. You do not have to be a hippy tree-hugger to want......
  • Spyware Elimination - How To Get Best Software To Remove Worst Spyware As soon as you go home you find a flyer on the porch. The exact set of shoes in the store was seen on the flyer. So the question here unanswered is how did they come to know? Is it a matter of coincidence? No, this is because of software......
  • World Wide Web Security Essentials Is Not A Real Spyware Remover. It Resembles The Functions And Looks World wide web Security Essentials is not a real spyware remover. It resembles the functions and looks of genuine spyware removal software but has no capacity to eliminate any virus, trojan or malware. Web Security Essentials is the newest addition to the growing list of rogue Antivirus programs. Internet Security......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

One Response to “Cleaning up after WMF Exploit – summary”

  1. The PC Doctor » Blog Archive » The effects of the WMF exploit Says:


    [...] Cleaning up after WMF exploit – summary  [...]


Switch to our mobile site