We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
Contact Forum Editor

Send an email to our Forum Editor:


PLEASE NOTE: Your name is used only to let the Forum Editor know who sent the message. Both your name and email address will not be used for any other purpose.

Tech Helproom


It's free to register, to post a question or to start / join a discussion


 

Help! I think the Trojans are on the verge of destroying my laptop!


Tibolticus

Likes # 0

Hi,

I have been told with good authority that this is the best place to come when your computer has suffered a major Trojan attack, this has most definately happened and I need help (thats if its not already too late!).

For about the past week it has been clear that my laptop is having serious issues. I was advised last week to get Malware Bytes after it became clear that I was under attack! I did this, ran it in safe mode (after having started to run it on the normal settings - in case thats relevant), and it seemed to clear it up.

However, in the past couple of days a bigger attack has happened which seems to have done some real damage. I'll list what has happened and then give the messages etc that have been popping up...

A number of functions, system areas seem to have been wiped, these include: ALL of the control panel items Personal folders in C drive any in built firewall and system check functions most desktop items

... very bad!

And the new weird things that the system is doing: An array of warning boxes have started appearing with messages reading, 'RAM memory reliability extremely low, this problem may cause system failure', 'hard drive clusters are partly damaged, segment load failure', 'critical error: Windows OS cant detect a free hard drive space, hard drive error'... There are some that seem even more weird/horrible... A box appears multiple times saying 'failed to save all the components for the file \System32\ ...(a figure follows here which is different for each box)... This file is corrupted or unreadable. This error may be caused by a PC hardware problem'... Another box with the title 'file indexation process failed' appears with some info and the option to 'resolve this issue' at the bottom... A new (and to my tech-dunce mind, suspicious), 'system check' function has appeared which starts up automatically whenever I turn the PC on and doesnt seem to allow me to shut it down...

I tried running Malware Bytes in SafeMode again but it only found two items and when I return to the normal mode the problem persists...

So I'm sure we can all agree my system is absolutely critically injured and quite possibly on the verge of death...

But, if whomever of you good people responding to this would agree that it has also destroyed all personal data then perhaps there is an opportunity to gut the system and start again? Of course, I have no idea how to do this...

I think I can get a copy of windows vista and can definately get the Office packages downloaded again if need be?

If its possible I would like help in wiping all threats from the system entirely, doing whatever I can to bring it back to life in one piece and then get whatever best options for protecting the thing installed so that I dont fall victim to this again! I would like to do all this without having to pay someone to come out and actually look at the laptop but I would be willing to pay for the best malware/spyware/antivirus packages you can recommend. But if you think I should get a pro to inspect it or just bin the thing then do tell me honestly - I can take it!!!

I am 1/2 way through a masters degree - I need a computer - but one that wont wipe my whole history again (I will really need that soon, thankfully I dont have any assignments right now and I havent started my dissertation, but if this had happened a few months from now it would have been a disaster!)

Sorry to have spoken at such length but I was told I should list all problems and clearly there are lots of them!

Thanks in advance for any assistance you can offer.

Tibolticus

Like this post
Secret-Squirrel

Likes # 0

I too have dealt with quite a few computers with this type of infection. In most cases a System Restore has been effective in deactivating the infection and returning the PC back to how it should be. The final step is to run a supplemental scan to mop up any (inactive) malware files that might remain.

In my experience, fixes such as those on Bleeping Computer and ComboFix etc are very effective in removing infected files but they're not so good at completely repairing a Registry that's been heavily modified by malware. This would seem to be the case with the OP's problem as numerous Windows features have been removed. A System Restore replaces the entire Registry with a good copy so in my opinion that's another good reason to try it as a Plan A.

Like this post
wee eddie

Likes # 0

I was about to add an almost identical comment to that of Secret-Squirrel.

You need to completely clear the Restore Points before you run your Anti Virus and Malwarebytes, as the infection may be hiding there as well.

I understand that you are keeping McAfee regularly updated but, which Version of McAfee do you have installed?

I would add CCleaner to your armoury and use it to clear the Registry of dross (remember to use the Back-up Function, that it offers, before hitting the Fix Button and put that Back-up File somewhere where it is simple to find ~ I think that My Docs is the most handy place) after you have run it's other scans.

Like this post
Tibolticus

Likes # 0

Thanks again to all for the second round of suggestions,

I went straight to trying the Secret Squirrel suggestion this time and it worked brilliantly! Extra thanks to Secret Squirrel.

I did go for a restore date a couple of weeks back which has taken me to a point where I suppose I am vulnerable again as I hadnt even reinstalled the latest McAfee I was using at that stage (although I do have it licensed for at least another couple of months so will be able to reinstate that easily).

But I know that the point just before that McAfee install was the beginnning of the problems so thought this best... I also will need to reinstall Malware Bytes (or better if you would like to recommend) - as this came after McAfee.

Anyway - hopefully as the final stage can you please tell me anything and everything I should download in terms of protection? I would prefer stuff that is free but I also want quality so will be willing to pay to some extent (particualrly if its a one of thing rather than an annual subscription). It would also be handy if you could explain a little about what the programmes you recoemmend do as I think I still have little understanding of the different types of protection I would need (e.g. is it the case that a programme for tackling Malware is different to anti-virus software. Also - are there any other types of protection the above doesnt cover? If so what is the issue and what are the problems that would deal with it?).

So, thanks again to you all and looking forward to hearing more of your ideas...

Tibolticus

Like this post
lotvic

Likes # 0

SpywareBlaster http://www.javacoolsoftware.com/spywareblaster.html It works alongside the other programs you have to help secure your system (get the free version, just means you have to do manual updates instead of getting notified when one is available)

Like this post
onthelimit1

Likes # 0

Just make sure you only have ONE antivirus programme installed. More than one anti malware is OK.

Like this post
Secret-Squirrel

Likes # 0

Tibolticus, firstly, thanks for returning with an update for us.

Yes, you'll need to download, install and update Malwarebytes again then run another scan ASAP. It has an excellent reputation and its detection rate and effectiveness in removing malware is normally second to none. The free version lacks any real-time protection so you'll need to manually run it regularly (or immediately if you notice something isn't right). You may want to consider the professional, paid-for version which does have real-time protection. It will run happily along side your regular AV software and shouldn't cause any conflicts.

Because of that nasty scare you had, and the fact that McAfee failed to block those pests or repair your PC, you may want to consider removing it and replacing it with something different. Removal is done via Control Panel -> Programs and Features. If it doesn't uninstall correctly then you can use the "McAfee Consumer Products Removal tool" - see here.

You may want to look at this report from AV-Test to help you decide what anti-virus software to use next. If you're looking for a free product then AVG Free 2012 would be a good choice. As you can see in the report, it out-performs McAfee by a fair bit. Despite being free, AVG offers a fairly comprehensive set of security features such as an e-mail scanner, web shield, and link scanner - things that are missing from some other free products. If you're looking for a paid-for AV solution then Kaspersky has always been a good performer.

I also noticed on the Virus Bulletin site that McAfee failed to get its "VB100" certification twice in the last six months.

If you do decide on AVG Free 2012, then go to the main program interface after installation and run a manual "Anti-Rootkit" scan and full scan ASAP.

Unfortunately, there's still no single AV product that's guaranteed to detect and remove 100% of all threats so you'll have to accept the industry average detection rate of roughly 95%.

Like this post
markd71

Likes # 0

Now that you're up & running again You should get the stuff for your masters backed up off site & make at least 2 hard copies to cd/dvd, virus's can attack hard disks and external drives but cannot change data on hard copies

Like this post
Tibolticus

Likes # 0

Thanks Guys,

Considering that you were the main saviour last time Secret Squirrel, I think I am going to follow your advise in particular to the letter. But thanks to all others for input - most appreciated.

Markd71 - thanks to you also. I have a couple of none tech spaz questions off the back of your excellent advice. Firstly - how do I check if this laptop is DVD/CD write capable? And if it is are there any good products out there that I can use for the writing?

Thanks again, Tibolticus

Like this post
Tibolticus

Likes # 0

So ran Malware Bytes again, it picked up two trojans under the name 'IPH Trojan Agent CPN' if that means anything? I also downloaded the free AVG. Qustion on that - it says that the premium version protects you with regards to online banking and the free one does not. I use HSBC and their secure key system but still a little vernous - would you regard online banking as dangerous without a premium antivirus package? Also, would I be better to download and start using Firebox instead of IE from a security perspective?

Thanks, Tibolticus

Like this post
rdave13

Likes # 0

Just a list of my personal preference and have used online banking for years, Windows firewall

Avast antivirus (free)

SuperAntiSpyware pro (one off payment)

MalwareBytesAntimalware (free). You could change to a one off payment to MBAM instead of SAS,

Spywareblaster, which is a blocker (free)

Trusteer Rapport (free)

That's it.

Like this post

Reply to this topic

This thread has been locked.



IDG UK Sites

Where to buy iPhone 6 and iPhone 6 Plus in the UK: Launch day price, deals and contracts

IDG UK Sites

Is Apple losing confidence in itself?

IDG UK Sites

Professional photo and video techniques for perfect colours

IDG UK Sites

How (and where) to buy an iPhone 6 or iPhone 6 Plus in the UK. Plus: What to do if you pre-ordered...