Cosc 4765 Cleaning up.. So… The Windows machine has been infected/comprised or just “acting funny”. How to clean it up. Hope you have backups…

Slides:



Advertisements
Similar presentations
Presented by Jamie Leben IT-Works Computer Services
Advertisements

Basic Computer Cleanup Larry James ResNet Manager.
Putting It All Together 1.  Maintaining a Hard Drive Ch 4 Lab  Hardware cleaning tips ▪ Microsoft Tips Microsoft Tips ▪ Computer Hope Tips Computer.
Computer Maintenance & Safety Spring Internet Safety Keeping your computer safe What is a computer virus? A computer program that can copy itself.
Introduction to InfoSec – Recitation 13 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
Computer Referbishment The Demonstration. To Do… Virus Protection Schedule A Full System Scan Install Service Pack 3 Clean Up Tools Drive Formatting Install.
Installing SAS 9.3 Raymond R. Balise Health Research and Policy.
By Joshua T. I. Towers $13.3 billion was the direct cost of malware for business in 2006 “direct costs are defined as labor costs to analyze, repair.
Chapter 9 A Installing Linux. Synopsis What is needed. How to access the BIOS and boot a CD/DVD. How to repartition the hard drive. The Linux installation.
Chapter 8 Damage Control How to remove viruses and spyware infections.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
COMPUTER BACKUP A disaster will happen to you one day…an accidentally deleted file, a new program that caused problems or a virus that wreaked havoc, wiping.
KEEP YOUR COMPUTE SAFE AND HOW TO FIX IT 1. OBJECTIVE Keep your computer safe. -Not about spam, phishing or browser hijacks Designed for the non-geek.
Physical Cleaning Disconnect Power Open the Case.
Basic Computer Maintenance Basic Computer Maintenance Clean and Cool Deleting Temporary Files Scandisk Backup Your Data How to.
Utility Programs  A type of system software that is used to solve a particular problem is called utility program. Many operating system provides different.
How to maintain your computer
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
eScan Total Security Suite with Cloud Security
Laptop Survival and Management Help Desk Services Pat Valiquette Mark Miller Campus tools – Fall 2006.
With Microsoft Windows 7© 2012 Pearson Education, Inc. Publishing as Prentice Hall1 PowerPoint Presentation to Accompany GO! with Microsoft ® Windows 7.
Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.
Protecting Your Computer & Your Information
Computer Basics.  Be sure to check with your school’s Network Administrator and/or Handbook before you make changes to your school computer.
Malware: Defenses. Kinds of malware Viruses  Macro Viruses  Memory-resident viruses  File infector viruses  Boot Viruses  Trojan Horses  Hoaxes.
Staying Safe. Files can be added to a computer by:- when users are copying files from a USB stick or CD/DVD - downloading files from the Internet - opening.
Keeping your computer current and trouble free Aaron Robertson.
Get the best performance out of your PC By Matthew Pinch.
Malware Fighting Spyware, Viruses, and Malware Ch 4.
Spyware Sue Scott Technology Librarian. What is Spyware Malware – (Malicious Software) A general term to encompass unwanted software on a personal computer.
Basic Computer Cleanup Larry James ResNet Manager.
Computer Update March Just a Bit of an Update Equipment Security.
CH 6 Configuring Server Hardware and power options.
Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.
PC Maintenance How to keep your computer healthy.
Utility Programs Lesson Objective: Understanding the functions of an operating system. Learning Outcome: Answer some basic questions on operating systems.
Administrator Protect against Malware by: Brittany Slisher and Gary Asciutto.
To proceed onto the next stage of the install please Agree to the terms and conditions and select next.
Please Note: Information contained in this document is considered LENOVO CONFIDENTIAL For Lenovo Internal Use Only Do Not Copy or Distribute!! For Lenovo.
Securely wiping hard drives The easy way with Live Distros! By Carl Weisheit.
A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly, but erroneously.
Attack Plan Alex. Introduction This presents a step-by-step attack plan to clean up an infected computer This presents a step-by-step attack plan to clean.
Transferring Data and Applications from XP to Vista Robert Petrilak April 2008.
Viruses Hackers Backups Stuxnet Portfolio Computer viruses are small programs or scripts that can negatively affect the health of your computer. A.
Basic Computer Maintenance Clean and Cool Deleting Temporary Files Scandisk Backup Your Data How to run scandisk? Click on Start-Programs-Accessories-
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Protecting Your Computing Devices Antivirus, Anti-Spyware, Ad blocking, Antitheft and OS Maintenance.
Keeping Computers Clean: Optimizing PC Performance.
SIR Area2 Computers & Technology Dean Steichen Sept
Matthew Glenn AP2 Techno for Tanzania This presentation will cover the different utilities on a computer.
Page 1 of 38 Lenovo Confidential Lenovo Confidential Lenovo Confidential Lenovo Confidential Lenovo Confidential Please Note: Information contained in.
W elcome to our Presentation. Presentation Topic Virus.
 How to install and Activate Kaspersky Endpoint Security 10  How to block usb drives and CD/DVD drives  How to manually update Virus definition  How.
Software - Utilities Objectives Understand what is meant by utility software and application software Look at common utilities – Security – Disk organisation.
Panayiotis Christodoulou.  I have problems in Windows after installing new software  How do I fix illegal operations?  My computer is running slow.
COMPUTER VIRUSES By James Robins. THE IMPACT OF VIRUSES By James 2.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Protecting Your PC. Malware Virus Trojan Spyware Worm Rootkit Browser Hijacker With or Without AV software, ALL computers that have access to the internet.
John Samuels October, Why Now?  Vista Problems  New Features  >4GB Memory Support  Experience.
Running Windows Securely and Efficiently By Gary Esworthy.
Speeding Up Your PC Roger Libman. Typical Repair Orders.
Computer Security Keeping you and your computer safe in the digital world.
For more information on Rouge, visit:
A+ Guide to Managing and Maintaining Your PC, 7e
Welcome © GTM Software. Welcome © GTM Software.
A+ Guide to Managing and Maintaining Your PC, 7e
oad or wrong installation or Call
Basic Troubleshooting Techniques
PC Troubleshooting & Recovery
Basic Computer Maintenance
Presentation transcript:

Cosc 4765 Cleaning up.

So… The Windows machine has been infected/comprised or just “acting funny”. How to clean it up. Hope you have backups…

Reformat and reinstall. The only way to truly know it’s cleaned up and “secure” again. “I say we take off and nuke the entire site from orbit. It's the only way to be sure.” – Ripley, Movie: Aliens, 1986

Baring that… Disconnect it from the network – Hope you have several hours and this may not remove the infection anyway. Get a set of tools you can run on the machine to see if you can clean it up. – Put them on a none writable device USB device with a read-only switch is the best. The malware may infect your USB device and then you spend it to other machines.

How to attack it. Running in standard windows mode – May work, but the malware may prevent the tools from running – The malware is active and will attempt to defend itself. Can recreate itself via parasite like properties Running in windows safe mode – Press F8 as windows is booting, select safe mode – Better chance of cleaning off the malware, especially if it only running in the “user space” instead of kernel space

How to attack it (2) Find a live CD/DVD – Best chance of removing the malware, since it is not active at all. Linux Disk works best if you know what you delete from the windows file system. Remove the hard drive and plug it in as a USB drive to anther machine – Dangerous! May infect another windows machine, but … – If the malware is not active, then you can remove the it.

Tools Cleaners – Spybot Search and Destroy Can clean spyware and some rootkits, lots of other useful stuff in the advanced mode – Malwarebytes: Anti-Malware – Super AntiSpyware – If possible then get the current definition files as well Remember, no network!

Tools( 2) Rootkit finders. May not be possible to find rootkits while the system is live But you can try – Trend Micro RootKitBuster – Sophos Anti-Rootkit rootkit.html rootkit.html – Panda Anti-Rootkit – Down on the right side under free downloads

Tools (3) Not cleaners and you have to figure some things out. HiJackThis – – Displays all the things that will start up when the system is booted. Maybe able to remove them from startup – But, the malware maybe watching and just add it back!

Tools (4) Sysinternals Suite – – Process Explorer – RootkitRevealer – Just to name a few of the useful tools. – And just for fun, BlueScreenOfDeath screen saver.

Tools (5) More – Definitely, this is in no way a complete list.

Clean up. Once you think you have got it cleaned up – Time to dump the junk and clean up the registry. ATF Cleaner – Doc’s say Windows XP only, but I used on Vista and Win7 successfully. Cleans up cache and temp space. CCleaner – It can clean the registry Also clear cache and other areas of windows where junk may have been placed.

Wait it didn’t work!!! ? Off line cleaners – Boot to a live Disk so that the OS is not running, but more specifically the malware is not active. – Linux live CD/DVDs to delete files off the file system – Ultimate Boot CD for Windows – Create a live Windows XP disk to boot from, then clean up the hard drive (with many of the same tools that are on the CD/DVD/USB) – winPE for Windows Vista and 7 How to create Bootable USB with WinPE – usb-drive-with-rescue-tools-part-1/ usb-drive-with-rescue-tools-part-1/

Other things Malware – May have damaged your AV – Sometimes called “hollowed out”, it runs, but does NOTHING. May need to deinstall it and reinstall it – Check your MS updates are turned on – Firewall, Bit Defender, UAC, security settings, etc. “What doesn’t kill us, makes us stronger” – In computers, what weakens the computers security and it maybe even easier for the next malware.

Other things (2) Scan the whole computer one more time with AV and anti-Malware software – Until it comes back clean. Repeat until it says nothing found. Where else may you have spend this malware? – Other USB devices – Backups, etc. – Depends on how long your system has been infected. Take the time to scan everything with AV and Anti-Malware software.

Q A &

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.