We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

New Very Nasty Malware/Rootkits ????

Options
GunJack
GunJack Posts: 11,827 Forumite
Part of the Furniture 10,000 Posts Name Dropper Photogenic
Guys,

this week, I've had the first pc I haven't been able to clean - having to recommend a complete wipe and re-install. The thing is, I've now come across a second one which is exhibiting similar symptoms, and wondered if anyone else has seen a recent increase in very nasty, hard to remove malware, rootkits, whatever ???

I've tried mbam, combofix, hitman and dr.web, and on the first machine dr.web found a lot but couldn't cure it. The second machine combofix found lots and deleted it, same with hitman, and I've currently got a full dr.web scan running. On both machines mbam had it's update disabled.

Anyone got any ideas/similar experiences ??????
......Gettin' There, Wherever There is......

I have a dodgy "i" key, so ignore spelling errors due to "i" issues, ...I blame Apple :D
«1345

Comments

  • busenbust
    busenbust Posts: 4,782 Forumite
    Nothing attacking me here! :D Out of interest, this machine -- which browser was being used ?? IE/FF/
  • Drone31
    Drone31 Posts: 59 Forumite
    Part of the Furniture 10 Posts Combo Breaker
    Yep I've always been very savvy with regard to this, to a point I rarely worry as I know how to avoid infection in the first place - a while ago however, my laptop was infeceted with malware due to an unfortunate blunder on my part, and I found it utterly impossible to remove. It was the first time in around five years I haven't been able to remove something.

    I ended up formatting (which I do regularly anyway; every six months give or take) and reinstalling.

    I literally tried everything. I was all over the registry, looking at values, running all kinds of software, and I just couldn't shift it. The people behind these things are definitely gaining ground on the most popular "anti" software developers around.
  • busenbust
    busenbust Posts: 4,782 Forumite
    Drone31 wrote: »
    Yep I've always been very savvy with regard to this, to a point I rarely worry as I know how to avoid infection in the first place - a while ago however, my laptop was infeceted with malware due to an unfortunate blunder on my part, and I found it utterly impossible to remove. It was the first time in around five years I haven't been able to remove something.

    I ended up formatting (which I do regularly anyway; every six months give or take) and reinstalling.

    I literally tried everything. I was all over the registry, looking at values, running all kinds of software, and I just couldn't shift it. The people behind these things are definitely gaining ground on the most popular "anti" software developers around.
    wow! what's your current security setup?? and welcome to mse !:)
  • Drone31
    Drone31 Posts: 59 Forumite
    Part of the Furniture 10 Posts Combo Breaker
    busenbust wrote: »
    wow! what's your current security setup?? and welcome to mse !:)

    Thank you

    I run an independant hardware firewall, and a lot of insanely complicated manual scripting, which tends to keep out the nasties. I've developed a lot of it myself - which is why I tend to do a lot of formatting, as I have a tendency to make things not work at the push of a button, but what does work is hugely effective :j
  • GunJack
    GunJack Posts: 11,827 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    In both of these cases, they've been using both browsers.

    The first pc I'd not seen before, but they had been using mcCrapafee.

    The second I'm a bit miffed about 'coz I'd sorted it out, put my usual security suite on and left detailed instructions on how to use it, but they'd let the (grown-up) kids and grandkids onto it to click and download pretty much anything they wanted :mad: That, coupled with NOT using the security suite as directed has led to this situation....

    Neither client are tech-savvy, but it's a bit concerning that that's two in a week that are so bad :(
    ......Gettin' There, Wherever There is......

    I have a dodgy "i" key, so ignore spelling errors due to "i" issues, ...I blame Apple :D
  • busenbust
    busenbust Posts: 4,782 Forumite
    Drone31 wrote: »
    Thank you

    I run an independant hardware firewall, and a lot of insanely complicated manual scripting, which tends to keep out the nasties. I've developed a lot of it myself - which is why I tend to do a lot of formatting, as I have a tendency to make things not work at the push of a button, but what does work is hugely effective :j
    thanks. this is mine atm:

    Originally Posted by busenbust viewpost.gif
    erm , IMO, I would not touch IE with a 500ft bargepole!:rotfl:Go with FF or Chrome or Opera or anything other than IE. Security? this is what I use: Avast+Windows Defender+ MBAM + NoScript (the latter makes browsing bomb-proof, but not idiot-proof :rotfl:)

    HTH.
  • busenbust
    busenbust Posts: 4,782 Forumite
    GunJack wrote: »
    In both of these cases, they've been using both browsers.

    The first pc I'd not seen before, but they had been using mcCrapafee.

    The second I'm a bit miffed about 'coz I'd sorted it out, put my usual security suite on and left detailed instructions on how to use it, but they'd let the (grown-up) kids and grandkids onto it to click and download pretty much anything they wanted :mad: That, coupled with NOT using the security suite as directed has led to this situation....

    Neither client are tech-savvy, but it's a bit concerning that that's two in a week that are so bad :(

    was the virus/malware infection identical on both machines ??
  • Drone31
    Drone31 Posts: 59 Forumite
    Part of the Furniture 10 Posts Combo Breaker
    GunJack wrote: »
    In both of these cases, they've been using both browsers.

    The first pc I'd not seen before, but they had been using mcCrapafee.

    The second I'm a bit miffed about 'coz I'd sorted it out, put my usual security suite on and left detailed instructions on how to use it, but they'd let the (grown-up) kids and grandkids onto it to click and download pretty much anything they wanted :mad: That, coupled with NOT using the security suite as directed has led to this situation....

    Neither client are tech-savvy, but it's a bit concerning that that's two in a week that are so bad :(

    What's it doing to the machines inparticular? Is it the usual browser redirecting, startup/service items appearing etc?
  • 23n1th
    23n1th Posts: 1,523 Forumite
    GunJack when people post about this sort of infection I point people to this website however most people ignore it but they are very good. http://www.geekstogo.com/forum/ they are experts and are trained at getting rid of the real nasties.
  • busenbust
    busenbust Posts: 4,782 Forumite
    23n1th wrote: »
    GunJack when people post about this sort of infection I point people to this website however most people ignore it but they are very good. http://www.geekstogo.com/forum/ they are experts and are trained at getting rid of the real nasties.
    wow! looks comprehensive enough!
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.7K Banking & Borrowing
  • 253K Reduce Debt & Boost Income
  • 453.4K Spending & Discounts
  • 243.7K Work, Benefits & Business
  • 598.5K Mortgages, Homes & Bills
  • 176.8K Life & Family
  • 256.9K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.