Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Had Sirefef and then Zero Access, used RougeKiller, etc (see logs)


  • This topic is locked This topic is locked
112 replies to this topic

#106 amy_s.

amy_s.
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:01:54 AM

Posted 27 August 2013 - 12:07 PM

Gary, these things happen, thanks for your help.  I did a clean full install of Windows 7 and things look OK.  After Windows Updates, I installed Avast.  I have one last question -- with the particular malware that I had, what info is it likely the hackers obtained from my computer and are now in possession of? Thanks, Amy



BC AdBot (Login to Remove)

 


#107 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:54 PM

Posted 27 August 2013 - 01:40 PM

Hi Amy,

You have already reformatted but some of the below information is still relevant to you.

----------
 

Here are some thoughts I have put together for people who ask what they should do in light of the infection. Ultimately each user must decide for themselves what to do. Here are some things you might want to consider.
 
It is necessary for us to at least make you aware of the worse case scenario. This is because of the potential Backdoor Trojans bring with them, but it is not a determination on our part that your situation currently falls within this worse case scenario.

Ultimately it is a personal decision whether to reformat or not. What decision should you make to let you sleep well at night? It is different for different people. I will say whether rightly or wrongly most people decide to clean and not reformat, at least initially.

The only insight I can offer is how I evaluate the issue personally even though I have never had a Backdoor Trojan on my computer. One of the primary purposes for malicious software is to somehow separate you from your money. It seems reasonable to assume that a thief trying to take your money via a Backdoor Trojan will hit you hard, and quickly. Once your computer starts to act up and you become suspicious you have the opportunity to eliminate access to your computer and change the information taken, namely account and password information. The key to this, in my opinion, is whether or not you have noticed any irregularities in your banking or other financial institutions, or things like email and social network accounts (i.e. Facebook). If you have not seen any evidence of that then you may question whether your information has truly been stolen. If it seems it hasn't, and your critical information has been changed, it is reasonable to be more confident you are safe but you must stop short of claiming an absolute guarantee.

If, after careful consideration you decide not to reformat your computer it would be wise to continue monitoring your sensitive data and don't wait to address future symptoms on your computer which seem to be malware related.

The bottom line, the ONLY way to be absolutely sure to be rid of a Backdoor Trojan is to reformat. The decision is yours.


Let me know if you have any follow up questions or if there is anything else I can assist you with. When we conclude our time together I will provide some general information about computer safety.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#108 amy_s.

amy_s.
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:01:54 AM

Posted 29 August 2013 - 06:56 PM

Hi Gary, Thanks again for everything. I think I'm good to go -- just have one question, actually. I partitioned the hard drive into C with 50 GB, and D with 100 GB. As I install more and more applications on C, how much free space should I make sure to leave on C for best performance?
Amy

Edited by amy_s., 29 August 2013 - 07:30 PM.


#109 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:54 PM

Posted 29 August 2013 - 08:06 PM

That is up to debate but I think generally speaking 15%.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#110 amy_s.

amy_s.
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:01:54 AM

Posted 30 August 2013 - 11:34 AM

Thanks for everything Gary, I'm good to go.



#111 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:54 PM

Posted 30 August 2013 - 12:26 PM

Very well. I will close this topic but you may send me a Personal Message if something comes up.

Gary
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#112 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:54 PM

Posted 30 August 2013 - 12:26 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#113 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:54 PM

Posted 01 September 2013 - 08:27 PM

Hi Amy,

Here is some information for your consideration in your attempts to keep your computer clean.

===================================================

Lawrence Abrams, the founder of BleepingComputer.com, has developed an excellent tutorial which will provide you with the information you need to know to keep your computer secure and clean. Please take the time to read:In addition, here are some more links you might find of interest:I will leave this topic open for just a couple of days in case you have any further issues then it will be closed shortly thereafter.

Thank you for placing your trust in BleepingComputer. It was a pleasure serving you. OhMy_done.gif

Edited by Oh My, 01 September 2013 - 08:29 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users