8 replies to this topic

[Eagleeye]

Good morning everyone,

Back on April 2nd, during a normal SAS quick scan, it detected the presence of the Trojan, gen Sirefef. My computer did not display any unusual behavior beforehand, etc...so needless to say...I was rather surprised to find I had acquired this nasty piece of junk!

This trojan managed to disable the Web Shield and Mail Scanner functions in my Avast AV (free version), as well as, make it impossible for me to even access the Internet, regardless of whether I used IE8 or FF.

Although, SAS removed it & rebooted the computer, I ended up having to haul this machine to a repair shop and shell out $123 just to fix it so I could get on the Internet again.

Going by what is in the article on the top of this page entitled, "How did I get infected...". I have everything on my computer updated and in as secure a condition as possible.

My question: Should a trojan infection like this occur again at some future time, is there any way to obtain help here...instead of having to once again expend boo-koo $$$ at a repair shop?

Thank you for your time and any recommendations!

[Eagleeye]

EDIT: Forgot to mention, this trojan also managed to remove the ipsec.sys driver.

[Maurice Naggar]

Hello Eagleeye,

Yes, you can get at least 3 types of help here.

• Option 1 —— Free Expert advice in the Malware Removal Forum
  
• Option 2 —— MBAM PRO customer -- Contact Support via email
  
• Option 3 —— Premium, Fee-Based Support

My fellow colleagues can fill you in on those details.

I would suggest that you follow safer computer-internet-usage practices and be sure you have a multi-layer defense to keep out malwares.
Don't do dodgy downloads and stay away from torrents' sites. Definitely don't do peer-to-peer filesharing.
Don't be too quick to click links without checking /judging whether link is safe.
Be wary of unsolicited emails with attachments you did not expect. Even from someone you know.
Use a "standard"-user level account instead of an administrator-level login when logged in for day-to-day use.

Keep your Windows and all your application apps up-to-date to reduce security risk exposure.
A lot of infections are made easier if you have outdated Java runtime, or Adobe applet apps (Flash Player / Shockwave/Adobe Reader) that are out of date.
Keep those always patched. Use Secunia's OSI on a regular monthly basis to check for security updates !

Scan any USB-flash drive with antivirus first, if it is from anyone else before using. The same principle applies if you get any file via email.
Scan them first before opening.

• Configure your Antivirus software to check for updates daily, at a time in which you are sure the computer will be on.
  
• Check in at Windows Update and install any Critical Updates offered.
  
• Make certain that Automatic Updates is enabled.
  How to configure and use Automatic Updates in Windows
  http://support.microsoft.com/kb/306525
  
• Check on other update issues as well, visit Secunia Online Software Inspector (OSI)
  See How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector
  
• Download, install, and keep updated Spyware Blaster (free): http://www.javacools...areblaster.html (all Protections should be enabled at all times)
  
• I'd recommend that you get and use MVP Mike Burgess' custom hosts file http://mvps.org/winhelp2002/hosts.htm
  See the FAQ page http://mvps.org/winh...02/hostsfaq.htm
  That would help to keep your browser away from known spyware/malware sites.
  
• Make regular backups of your system to removable media: DVD, USB external hard drive, etc.
  Having a total image backup of your system stored on DVD/CD is highly important.
  Get and make use of imaging-backup utilities and save them to offline media. That way you have something to fall back to if another disaster hits.
  Examples of image backup software: Acronis True Image, or the free (for personal use) Macrium Reflect http://www.macrium.com/reflectfree.asp
  or Paragon Backup & Recovery http://www.paragon-s...e/download.html
  
  
  On some regular schedule, it is a good idea to do an online scan for viruses and malware. Here is a very short list of sites where this may be done:
  
  ESET Online Scanner
  
  Panda ActiveScan
  
  Trend Micro Housecall
  
  F-Secure Online Scanner
  
• See Six tips to help you stay safer online
  
• Never, ever download free games, free tools, videos, mutli-media files or anything free unless you can be absolutely sure the source is safe !
  Consider using Web of Trust WOT add-on for your browser(s)
  http://www.mywot.com/en/download
  http://www.mywot.com/en/faq/add-on

In short, be aware & more safety-educated. Follow safer practices.

[Eagleeye]

Thanks very much for the edification, Maurice!

Nearly all of your recommendations are practices which I adhere to. One question: You mentioned that Secunia program for checking for updates. I presently have the FileHippo Update Checker. Is that program as good as the Secunia program you referred to, or should I change to Secunia?

One other item you mentioned is one I do not really understand; the part about making regular backups to a USB or CD/DVD drive. How do I accomplish that, and how many gigabytes are required to to this?

Best regards, (and apologies for my lack of simple knowledge about these things).

[Maurice Naggar]

I haven't used the FileHippo update checker, so I cannot comment.

For backups: I really mean (at minimum) disk-image-mirror backups. The space required is dependent on how large your system is.
I would expect a 1 TB to 2 TB external USB drive will suffice. Do some serious price comparisons. You can likely find a 1 TB near $100 - $110 or less
You may even want to consider a 2 TB drive

I mentioned 3 software apps that you may consider to for doing these backups.
Macrium Reflect, Paragon, & Acronis True Image.
If you have Windows 7, it has a native backup that is quite capable.
Also, the manufacturers of the external USB drives will usually have applets that you can use.

With a clean/recent mirror-image backup you can "restore" your HDD from it and recover from a real disaster in minutes and do it on your own, as opposed to it taking days to clean & recover.
The basics are to have offline-storage & the tool for backup.

[Eagleeye]

Hi again Maurice,

My hard drive is only 40 GB. I have two USB flash drives...one is a 4 GB, the other an 8 GB. According to the "Properties" section for the C drive...it indicates something like 16.3 GB of the drive is in use. So, I'm guessing I'd have to go and expend a considerable sum of $$ to acquire a flash drive with enough room to hold that much backup data.

As I live on a very limited fixed disability income now, I will just have to forego acquiring the needed item(s).

Thanks again for all your advice though!

[Maurice Naggar]

The Macium Reflect software is free and if I remember correctly, it can do a backup to your local HDD (even though that is not the ideal).
Paragon is also sometimes available for free also. See my earlier links.
You can make do without external hard drives (just barely).

Note: Since this topic really is not about MBAM product, I am moving this topic to PC Help section.

P.S.S. Eagleeye,
Since your hard drive is only 40 GB, then an external hard-drive (hard drive and not a USB-flash) of much less than 1 TB would fit your needs, and thus cost less than what I had stated.

Edited by Maurice Naggar, 13 April 2012 - 10:50 AM.

[Eagleeye]

I appreciate your time and help Maurice!

[Maurice Naggar]

You're welcome.