officertango
asked on
bad case of malware/trojan
I have a computer that is infected with some form of malware/trojan. It came from an email and the user click on it. I believe this form of malware/spyware. What the malware/trojan did is transfer fund from bank account out. I spoke to the antivirus company and they now have definition file to protect it, but it was undetected. Since than I have taken the computer offline. Has anyone ran into this and what they have done?
thanks
thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
"That is the only way to get it 100% clean."
That is a demonstrably incorrect statement. There are known variants of malware that will survive a hard drive format reinstall and continue infecting the new OS.
The "nuclear" option is always a method of last resort and available if needed.
With that said, why not spend 30-45 minutes using known successful methods in an attempt to get the system clean and functional again?
That is a demonstrably incorrect statement. There are known variants of malware that will survive a hard drive format reinstall and continue infecting the new OS.
The "nuclear" option is always a method of last resort and available if needed.
With that said, why not spend 30-45 minutes using known successful methods in an attempt to get the system clean and functional again?
Please inform me of one that can withstand a format. I'll install it and see if your correct.
I am sorry I should have been more specific
Before fomatting the HD:
* Boot your system into MS-DOS with a bootable disk or floppy.
* Type fdisk /mbr and press ENTER
* Restart
which normally happens anyways when your doing a clean format.
Before fomatting the HD:
* Boot your system into MS-DOS with a bootable disk or floppy.
* Type fdisk /mbr and press ENTER
* Restart
which normally happens anyways when your doing a clean format.
officertango,
I'm going to bow out of this question and avoid further useless discussion.
The infection you are dealing with is well over a year old and is primarily caused by users who don't keep their OS and applications fully patched and updated.
There are any number to specialized tools that will clean this for you. In addition to what I've mentioned above, you can also try MSRT from Microsoft (http://www.microsoft.com/security/pc-security/malware-removal.aspx)
You probably already know this, but you might want to check the profiles of those offering you advice (just click on the Expert name at each comment).
EE doesn't really censor comments/suggestions that are posted, so it is up to you to determine the knowledge/experience levels of those offering advice.
/unsubscribed
I'm going to bow out of this question and avoid further useless discussion.
The infection you are dealing with is well over a year old and is primarily caused by users who don't keep their OS and applications fully patched and updated.
There are any number to specialized tools that will clean this for you. In addition to what I've mentioned above, you can also try MSRT from Microsoft (http://www.microsoft.com/security/pc-security/malware-removal.aspx)
You probably already know this, but you might want to check the profiles of those offering you advice (just click on the Expert name at each comment).
EE doesn't really censor comments/suggestions that are posted, so it is up to you to determine the knowledge/experience levels of those offering advice.
/unsubscribed
Never under estimate the human brain....
Virus scan persist after formating the hard drive and recreating the MBR
http://www.globalnet-iti.com/innovations/blog/1st-virus-that-infects-a-computer-s-bios-is-discovered/
Storing the malicious code inside the BIOS ROM could actually become more than just a problem for security software, giv[en] the fact that even if antivirus detect(s) and clean(s) the MBR infection,
Virus scan persist after formating the hard drive and recreating the MBR
http://www.globalnet-iti.com/innovations/blog/1st-virus-that-infects-a-computer-s-bios-is-discovered/
Storing the malicious code inside the BIOS ROM could actually become more than just a problem for security software, giv[en] the fact that even if antivirus detect(s) and clean(s) the MBR infection,
Thanks xeroxzerox for this update info of new virus for my knowledge.
Frankly I already apologized if what I said came off wrong.
Both younghv and myself are correct.
You can clean it utilizing many tools that do it. If it is a simple malware infection that more than likely will not reappear and doesn't take a week of tracing and posting logs.
If it is something that keeps coming back then formatting the hard drive and MBR is a next step.
For the rare occasion your BIOS is infected. Reflashing the BIOS may work but you would want to contact your manufacturer or purchase a new MB.
Both younghv and myself are correct.
You can clean it utilizing many tools that do it. If it is a simple malware infection that more than likely will not reappear and doesn't take a week of tracing and posting logs.
If it is something that keeps coming back then formatting the hard drive and MBR is a next step.
For the rare occasion your BIOS is infected. Reflashing the BIOS may work but you would want to contact your manufacturer or purchase a new MB.
ASKER
Wow, i thought a simple format the hard drive and reinstall the OS does all the trick. I guess not???
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
na
The hours spent trying to remove it and it possibly never be completely gone could be better spent backing up the user's data, reformat the machine (unwanted software defintaly gone), update the OS with all updates and restore the data if you believe the data is clean.
That is the only way to get it 100% clean.