|
Post by Jack Teems on Mar 20, 2013 14:26:55 GMT -5
An acquaintance bought a new Lenovo computer and had a "friend" transfer all his files to the new PC while he was on vacation. The "friend" was dismayed because his offer to build a computer at a cost of $200 more than the retail price of the Lenovo wasn't accepted, and the same "friend" charged him $200 for transferring the files to the Lenovo. Within a few days, the new computer doesn’t boot at all and he says he has a Trojan - at least that's what Lenovo tells him when they accessed his computer remotely. Lenovo tells him they will get rid of the Trojan for $499 (more than what he paid for the computer) and if he buys a new computer, it would also be infected within a week of the same Trojan because they suspect the source is the modem. He suspects this is something his "friend" planted in retaliation for not buying from him. All this sounds a bit bizaare to me.
|
|
drcard
Software Review Panel
Posts: 581
|
Post by drcard on Mar 20, 2013 18:59:44 GMT -5
Hi Jack, If it won't boot, then how could they tell if there is a virus? They would have to at least boot to the RAM like a recovery disc and have network access through the same modem that's infected? Is a virus in a modem possible? Yes, this is one of the worst. It is called a DNS changer Trojan. It redirects the browser to go to sites that the user did not intend to by giving wrong IP addresses. These different sites can contain all kinds of malware setup for drive by download. The Trojan takes over the modem by through a bogus driver update for the modem. Hence Levono's comments that the same modem would infect a new machine would be true as the Trojan resides in the modem's software. It is easy to find out if a PC is infected. The link below is a test link, which if you do not see the test link page (green page) after clicking it you are being redirected and are infected. www.dcwg.org/ Was it possible for "friend" implant the Trojan? Yes, if he had a copy of the infected driver update. Keeping a copy of an infected driver update to use to get back at some one for not using his services (which ultimately he did) is a far stretch. I think the "friend" got back by charging $200 to move files. I would use a boot disc that contains Anti-virus and root kit malware detection and removal software. I would unhook the modem and boot to the disc and remove all malware from the HDD. When the system boots up again (after repairs) try the test link first to see if the modem really is infected. If so then unhook the modem and get another before trying to go to any web pages.
|
|
|
Post by cenobytez on Apr 4, 2013 8:17:54 GMT -5
when all said and done, he could already have had the virus in his data files that his friend transferred from the old pc to the new one, and if there was not adequate protection on the new pc, he got infected. Got to agree with drcard, boot from an antivirus disc that boots itself(preferbly with linux( I have this option from Sophos), ensure the PC itself is clean, and then try with a new/different modem. ( could a factory reset on the modem work?)
|
|
|
Post by aaronsurin on Sept 10, 2013 5:53:04 GMT -5
Before applying the transfer we should check for virus. If you were run antivirus before you never get this problem. _____________________ Mobile Massage
|
|