psydT0ne Posted June 25, 2009 Share Posted June 25, 2009 So you don't believe that malware jumps from one account to another? Quote Link to comment Share on other sites More sharing options...
barry99705 Posted June 25, 2009 Share Posted June 25, 2009 So you don't believe that malware jumps from one account to another? Or does other nasty system wide things? I've found that about 90% of the time within a month of "cleaning" a machine of internet bugs, they come back. The only good way is reformat and reinstall. Quote Link to comment Share on other sites More sharing options...
digip Posted June 25, 2009 Share Posted June 25, 2009 So you don't believe that malware jumps from one account to another? I didn't say that malware doesn't jump to other accounts, but if the machine is set up from day one with no access between the accounts and files, hence other accounts are limited and not admin level access to the machine, it can't write to the other accounts when you remove those rights. If the malware circumvents the machine at the system level, say like a meterpreter or metasploit attack that has FULL access to everything, well, its pretty much game over at that point. Live disc boot and backup files, format and reinstall, then a restore is about the only option left when that happens. But if the malware was isolated to one users account, or not able to circumvent up to the administrators account, then create a new one, move the files you need, delete the old acocunt. I've done this for people in the past with minor system problems from malware and just general corrupted registry issues. Quote Link to comment Share on other sites More sharing options...
psydT0ne Posted June 25, 2009 Share Posted June 25, 2009 I kinda see merit in what your doing, but I couldn't offer that option with a clear conscience Quote Link to comment Share on other sites More sharing options...
digip Posted June 25, 2009 Share Posted June 25, 2009 I kinda see merit in what your doing, but I couldn't offer that option with a clear conscience Its an option, but I admit, one option that may not work in every case. Depends on what malware it was and how far its hooks got into the system. Quote Link to comment Share on other sites More sharing options...
psydT0ne Posted June 26, 2009 Share Posted June 26, 2009 Its an option, but I admit, one option that may not work in every case. Depends on what malware it was and how far its hooks got into the system. I would probably depend on the system (mission critical or not) and the clients attitude. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.