quick qestion vbs/generic infected laptop

View previous topic View next topic Go down

Re: quick qestion vbs/generic infected laptop

Post by Belahzur on 18th April 2011, 10:34 pm

Attention: Your computer is severely infected with Win32\ what is now called, a cocktail infection. This is an infection that is comprised of many different types of viruses and other malware, to damage your computer, and use it as a zombie for its backdoor network. In other words, your computer is under control of a hacker, and regaining control is now next to impossible.

The first component is a [You must be registered and logged in to see this link.], which is a type of trojan that communicates with a hacker: to transfer personal information about you, use your computer to help perform a denial-of-service attack, redirect your internet searches in order to make money off of your browsing habits, and can be a keylogger to steal personal identifiable information to help rob your identity.

The second component is a [You must be registered and logged in to see this link.], which is a type of malware to take control over your computer at administrator access, having full permission to modify all of your device drivers, and allowing itself to hide all the malware on the system. In other words, it is a hackers way of taking control of your computer, and hiding in the dark at the same time. This is a prime initiative of hackers to help keep access to your computer, robbing all of your personal information, and using your computer to send spam across the internet.

The third component is a [You must be registered and logged in to see this link.], which is a type of virus to purposely damage as many files as possible, in order to keep control of your system, so you have as little access as possible.

Not only has your system been compromised severely, it is also highly damaged, and if you do not commit to my suggested removal method below, then your computer may not function anymore.

If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable. Do NOT change passwords or do any transactions while using the infected computer because the attacker may get the new passwords and transaction information. (If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connecting again.) Banking and credit card institutions should be notified to apprise them of your situation (possible security breach). To protect your information that may have been compromised, I recommend reading these references:




Removal method:

It is recommended to do a reformat and reinstall of your operating system. The experts in the [You must be registered and logged in to see this link.] security community believe that once infected with such a piece of malware, the best course of action would be a reformat and clean reinstall of the OS. This is something I don't like to recommend normally, but in most cases it is the best solution for your safety.

I recommend the following articles to read:


Guides for format and reinstall:

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

However, if you do not have the resources to reinstall your computer's OS and would like me to attempt to clean it, I will be happy to do so. But please consider carefully before deciding against a reformat.
If you do make that decision, I will do my best to help you clean the computer of any infections, but you must understand that once a machine has been taken over by this type of malware, I cannot guarantee that it will be 100% secure even after disinfection or that the removal will be successful.

Please let me know what you have decided to do in your next post. Should you have any questions, please feel free to ask.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: quick qestion vbs/generic infected laptop

Post by fruitree on 19th April 2011, 9:10 pm

Thank you for your advice. I think we have decided to replace my sons laptop. His laptop was vista which we legally upgraded to windows 7. As I understand it to do reinstall it would mean back to vista then upgrade to windows 7 (as it was an upgrade not stand alone windows 7). Which seams a lot of work but still thinking about what to do. His laptop is not being used at all.
Could I ask you one question ? We have a home pc and another laptop are they safe ? Both run fine no pop ups, no miss direction. Fairly fast, all windows updates regularly installed. Both have the following installed
1) AVG
2)COMODO
3)Malwareby Anti-Malware
4)Spybot search and destroy
the above are all updated regularly and all the scans come back clear.
We do not have file sharing between all the pcs nor do we share printer. Can I hope that only my sons laptop has this virus. Thank you again Fruitree

fruitree
Novice
Novice

Posts Posts : 24
Joined Joined : 2010-04-20
Gender Gender : Female
OS OS : windows 7
Protection Protection : Avg
Points Points : 24606
# Likes # Likes : 0

View user profile

Back to top Go down

Re: quick qestion vbs/generic infected laptop

Post by Belahzur on 20th April 2011, 9:38 pm

Hello.
If you have the CD for Windows 7, or an Windows 7 image, then either can be used. Just format the drive, wipe it completely and re-install the 7 OS, that shouldn't need to go through downgrading.

The other machines should be fine.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

home pc

Post by fruitree on 21st April 2011, 9:09 pm

so sorry to have to ask again, while going through your GeekPolice how to improve your security guide (as im totaly paranoid now)
I changed my AVG to Avira ran a scan and got the following TR/ATRAPS.Gen


The file 'C:\Windows.old (No Longer Needed)\Windows\Temp\tmp0_302603461953.bk.old'
contained a virus or unwanted program 'TR/ATRAPS.Gen' [trojan]
Action(s) taken:
The file was moved to the quarantine directory under the name '4b0d2b5c.qua'.

I have updated Malware run scan = clean Spybot search destroy = 2 cookies removed

Is our pc ok? our sons laptop has nothing on it But ours = online banking credit cards etc!
Please advise im banging my head against a wall right now
Thank you Fruitree

fruitree
Novice
Novice

Posts Posts : 24
Joined Joined : 2010-04-20
Gender Gender : Female
OS OS : windows 7
Protection Protection : Avg
Points Points : 24606
# Likes # Likes : 0

View user profile

Back to top Go down

Re: quick qestion vbs/generic infected laptop

Post by Belahzur on 21st April 2011, 11:58 pm

Yeah it's fine, it was only a temp file in an old archive.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

one last question I hope

Post by fruitree on 24th April 2011, 8:35 pm

Thank you Belahzur for your help and advice. I think I am going to reformat my sons Laptop. So my question is
Can we back up his Itunes music files and photo files and pos docs. or are these files infected to ?
We ran his laptop, and its running really well, fast not slow, no crashes, no miss directions, so far everything is updating fine. we put AVG back on which is
still showing clean scans. (Although I know this cant be relied on.) My sons laptop is not used for anything financial at all. So still at a bit of a cross road as to replacing laptop. If you say his files are ok to back up then a reformat may be the way to go.
thanks again fruitree

fruitree
Novice
Novice

Posts Posts : 24
Joined Joined : 2010-04-20
Gender Gender : Female
OS OS : windows 7
Protection Protection : Avg
Points Points : 24606
# Likes # Likes : 0

View user profile

Back to top Go down

Re: quick qestion vbs/generic infected laptop

Post by Belahzur on 25th April 2011, 6:48 pm

Nope, just about everything is infected when a machine is infected with Rammnit.

Sorry, but it's totally game over when Rammnit hits.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Thank you

Post by fruitree on 2nd May 2011, 11:51 pm

So have reformatted my sons laptop and did a new install from upgrade disc. Yes you were right, the windows 7 upgrade disc worked fine and my key was still valid. So if you are happy with the following please show my thread as closed.
My sons laptop now has the following :
Microsoft security essentials
Malwarebytes
Comodo
+ firefox +WOT

Did a full system scan with Microsoft result clean
Did a Eset online scan result clean
Are we all clear now and is the above enough protection ?
I will be donating to GeekPolice thank you again fruitree


fruitree
Novice
Novice

Posts Posts : 24
Joined Joined : 2010-04-20
Gender Gender : Female
OS OS : windows 7
Protection Protection : Avg
Points Points : 24606
# Likes # Likes : 0

View user profile

Back to top Go down

Re: quick qestion vbs/generic infected laptop

Post by Belahzur on 3rd May 2011, 1:09 am

Sounds like a good line of protection.

1 thing I would look into installing is Google Chrome. They have a better security line using built in sandboxing software, like it's own little firewall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum