Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
How can malware remain on PC after I format my HDD?
Message
<blockquote data-quote="Brahman" data-source="post: 993374" data-attributes="member: 11847"><p>What's your distro? How did you know that you have a remote access trojan on your linux distro? Do you have iptables switched on? ( like ubuntu have apps like ufw/gufw as the front end for iptable, which when switched on can block incoming connections not originated from your pc). What router do you have? Most low end internet service provider's supplied routers never gets updated and can become part of botnets. For the sake of safety, disconnect your LAN, switch off all iot devices, switch off your router, if possible reset and update firmware, reset your bios, boot from a dvd (don't use bootable usb) of your preffered linux distro, remove all partitions , recreate all partitions, then install your distro and if possible encrypt your drive ( I would prefer a distro with drive encryption capability, pop os provides an option to encrypt the entire drive), enable the iptable firewall after install. <a href="https://my.nextdns.io/" target="_blank">Use nextdns system wide</a> and use TLS Dns encryption ( you can edit "systemd-resolved" file to add ip address for Next dns, information is available on nextdns settings page, you can use "sudo gedit /etc/systemd/resolved.conf" command to get graphical editing of the system file.). You can alternatively use <a href="https://safing.io/portmaster/" target="_blank">Safing Portmaster</a> to control apps on your linux distro. Connect to the net only after doing these steps.</p><p>1.https://www.linux.com/topic/desktop/security-tools-check-viruses-and-malware-linux/</p></blockquote><p></p>
[QUOTE="Brahman, post: 993374, member: 11847"] What's your distro? How did you know that you have a remote access trojan on your linux distro? Do you have iptables switched on? ( like ubuntu have apps like ufw/gufw as the front end for iptable, which when switched on can block incoming connections not originated from your pc). What router do you have? Most low end internet service provider's supplied routers never gets updated and can become part of botnets. For the sake of safety, disconnect your LAN, switch off all iot devices, switch off your router, if possible reset and update firmware, reset your bios, boot from a dvd (don't use bootable usb) of your preffered linux distro, remove all partitions , recreate all partitions, then install your distro and if possible encrypt your drive ( I would prefer a distro with drive encryption capability, pop os provides an option to encrypt the entire drive), enable the iptable firewall after install. [URL='https://my.nextdns.io/']Use nextdns system wide[/URL] and use TLS Dns encryption ( you can edit "systemd-resolved" file to add ip address for Next dns, information is available on nextdns settings page, you can use "sudo gedit /etc/systemd/resolved.conf" command to get graphical editing of the system file.). You can alternatively use [URL='https://safing.io/portmaster/']Safing Portmaster[/URL] to control apps on your linux distro. Connect to the net only after doing these steps. 1.https://www.linux.com/topic/desktop/security-tools-check-viruses-and-malware-linux/ [/QUOTE]
Insert quotes…
Verification
Post reply
Top