Makerere University

Enter a keyword or two into the search box above and click search..

Reinstalling Your Compromised Computer

You are here

Home

By Kyomuhendo Esther Diana

Reinstalling a compromised computer should be done with great care and thoroughness hence a very long hectic process but it is the best way to find everything the attacker left behind on your device. We shall go over this process in 4 stages;

  1. Before doing a reinstall, a user ought to make sure these are done;
  • Change passwords: Passwords to all systems that were used at the time the device was compromised should be changed immediately. Especially the bank and credit card sites, emails, and online stores as attackers may have installed keylogger on your PC.
    • NOTE: these passwords should be changed from a different PC. If not, please change the passwords after the install is done.
  • Back up data files: make sure you have a working backup of al files you want to keep. These usually involve documents but not APPLICATIONS like Microsoft office, iTunes, etc.
  • Gather installation CDs/DVDs and procedures: Have a ready operating system install media and for all applications and installation guides. Some computers don’t come with operating system installation media but with a “recovery” method either as a disc or a special partition on the hard drive to recover the PC to a factory default.

 

  1. Performing the reinstall
  • Isolate the computer: Remove all external devices and discs connected to the PC or even disconnect it from all networks.
  • Reinstall the Operating system: Use the appropriate method to install the OS. Could be by CD/DVD.
  • Turn on the operating system’s firewall: Enable the firewall of the operating system if it is inbuilt. If it is not inbuilt, install a firewall at this stage. Make sure the new firewalls password is changed immediately after installing it.
  • Install operating system updates: Connect to a network with the firewall enabled and run the operating system’s native software update tool. Do not the PC for any other online activity at this point.
  • Install an anti-virus software: after this, run an update check to make sure the software is up-to-date. Do not turn off any scanning function of your anti-virus.
  • Reinstall applications: Refrain from installing applications from unknown sources. Many applications provided on the web contain malware that may have caused the compromise initially.

 

  1. Recovering from your backup
  • Make sure the anti-virus software is still enabled
  • Run an anti-virus scan on each of the backup media, this will get any viruses that may have infected your systems.
  • Copy the documents to your hard drive, only copy files that have been scanned and not infected.

NOTE: When rebuilding your PC, check that the device is fully patched before restoring all of your data files. After everything is restored, run a thorough scan, using as many scanning tools available, to ensure all of the files are clean.

  1. Keep your PC safe.
  • Keep your operating system and applications updated by turning on automatic update features where available and run update checks regularly.
  • Keep firewalls and anti-virus software enabled, it only takes a click for an attacker to fully compromise a system.
  • Learn and practice good cyber security.

Read more from [source]

 

 

Category: 
Security