Cleaning up after WMF Exploit – summary



Can I say enough times that after a bad trojan infestation you should format and reinstall? I’ve cleaned up the infested image that I “sacrificed” to the WMF exploit and as I’ve said you’re pestware install will likely be somewhat different. An exploit is just the road, the spyware and viruses are the cars. Once the road is built, just about any car can use it…. Hopefully the series has been helpful on working through some of the problems with a system cleaning.


Do I currently “trust” the image? No. It would take several more hours of virus scanning, anti-spyware scanning (at least two anti-spyware programs, probably 2 antivirus programs), network sniffing, replacement of pristine certifiable Microsoft files (for the 2 or three items that could have been replaced by trojaned files.) And even after all that there is still some doubt.

Antivirus and spyware scanners only know about what they’ve seen. If there is a new sneaky trojan that trojaned explorer.exe in all the other mess, I might not replace it and it could lurk unfound for a long time, maybe acting as a keylogger. Or maybe a rootkit used somy of Sony’s tricks to hide itself and I haven’t done a scan that would identify that kind of file hiding. Your best bet is to format and reinstall – think of a cleanup as an opportunity to get your files out. An even better opportunity to get your files out would be a linux boot cd and external hard drive…..

Related Posts

Blog Traffic Exchange Related Posts
  • Workaround for the critical WMF zero-day exploit The Windows Meta File (WMF) zero-day (0-day) exploit is apparently, VERY nasty, no user intervention required (unless running firefox or opera). Just VISITING a malicous site (viewing a malicious email with image...) would be enough to get the system owned. It sounds as though a FULL reinstall is the best......
  • WMF 0-day exploit There seems to be a 0-day exploit involving WMF (Windows Meta File's) according to SANS. Here's their lead-in Just when we thought that this will be another slow day, a link to a working unpatched exploit in, what looks like Windows Graphics Rendering Engine, has been posted to Bugtraq. It's......
  • How to Remove Safety AntiSpyware | Safety AntiSpyware Removal Guide Safety Antispyware is a rogue antivirus application that will scan your computer and claim that many files are infected with viruses and need to be deleted. The main problem is that these claims are falsified. Not only do you likely not have a virus (other than this monstrosity), but the......
Blog Traffic Exchange Related Websites
  • 9 Easy Ways to Green Your Home Greening up your home is actually a lot simpler than spending thousands on solar panels for your roof, and does not have to involve composting or growing all of your own food if you do not want it to. You do not have to be a hippy tree-hugger to want......
  • Spyware Elimination - How To Get Best Software To Remove Worst Spyware As soon as you go home you find a flyer on the porch. The exact set of shoes in the store was seen on the flyer. So the question here unanswered is how did they come to know? Is it a matter of coincidence? No, this is because of software......
  • 10 Basic Tips for Securing Your Computer Today, most people have personal information, including financial information and family photos on their personal computer. All it takes is one virus or worm to destroy all of your information, making it vital to protect your computer. Protecting your computer is the best way to ensure all of your personal......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

One Response to “Cleaning up after WMF Exploit – summary”

  1. The PC Doctor » Blog Archive » The effects of the WMF exploit Says:


    [...] Cleaning up after WMF exploit – summary  [...]


Switch to our mobile site