Totally Compromised System

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by efibacchus, Apr 9, 2007.

  1. efibacchus

    efibacchus Private E-2

    Just read the little article on why it is important to update windows. Summary- if you don't, and your system is compromised, you have to reformat your drive/s and start from scratch. You can't even trust any data from the compromised system.

    A little whine before the main course: Some folks changed to IE7 when microsoft told us to. Then like 2 weeks later came the security update. A fortnight is a loooong time to be using a vulnerable browser.

    So- my system is hosed, time for a fresh install anyhow.

    1) I suppose I'm going to have to use pen and paper to write down settings and such, instead of saving things to a disk? And just junk everything else?

    2) Way way back in the day when 98se was king, we would run a complex series of commands from fdisk before reformatting. What is the current equivalent with xp? I mean, if I'm going to go through all the bother of building from the ground up, I actually want the basement to be 100% as well.

    Thanks in advance for any info/advice/sympathy/mockery!
     
    efibacchus, Apr 9, 2007
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    While technically it is a true statement, it is totally blown out of proportion. In most cases cleaning a system is quite sufficient. With some nastier cases of malware including rootkits and some more professional types of keyloggers yes maybe you should reinstall, but I still believe this is the rare case.

    I guess it depends on your level of paranoia! ;)

    If you want to start from scratch:
    • delete your partitions first
    • then repartition
    • format
    • reinstall your OS
    • install protection software before connecting to the internet which means you have to have it already downloaded and on a clean CD to install from
    • connect to the internet and get ALL updates for your OS and other software
    • continue with addition steps mentioned here: How to Protect yourself from malware!
    Now in reality if you really want to truly be safe (for the really paranoid), throw away your hard disk and buy a new one. Then do the above on the new hard disk. :D
     
    chaslang, Apr 10, 2007
    #2
  3. efibacchus

    efibacchus Private E-2

    Thanks Chas. If one thought they might have a very clever rootkit, and avg rootkit finder already found nothing, what would you suggest to try next?
     
    efibacchus, Apr 10, 2007
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    First I would ask why someone thought they had a rootkit! What symptoms are they having? And did they have any recent infections and what were they? Typically when there is a rootkit, there are symptoms and possibly other visible issues and visible files that go along with it.

    Then I would suggest using a couple other scanners since no scanners are perfect. A few other tools are:

     
    chaslang, Apr 10, 2007
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds