Help please - trojans, malware.

foreright · 6 Sep 2008 at 08:04

Could you guys give me some advice. My son has arrived home with a variety of malware pop-ups on his laptop after trying to DL a film (he tells me)
As yet I don't know what they are and intend dealing with them today and will most probarly be back later for more advice.
In the meantime if I want to DL to his laptop AV and Malware removal software, I shall have to link his laptop to my broadband.
I am not too au fait with what might happen. I would not allow him to connect as he usually does to my router in case any infections network to my Pc (is that a possiblilty) Therefor I will disconnect my PC and connect his laptop solely to my router to allow any DL's needed. Can any problem he has on laptop corrupt my router or is it harmless. Please advise as I cannot start to help him till I connect him to the net.

Dolph · 6 Sep 2008 at 08:23

a virus can't infect a router unless it's got some really funky software in it, and it would have to have a huge library for all the different routers.... So no, your router is perfectly safe. Make sure any other PC's on the LAN are fully up to date with virus software etc just in case, or alternatively unplug them until you've got the laptop clean.

ThundyCat · 6 Sep 2008 at 09:31

Download this ,update,run clean then reboot.

http://www.malwarebytes.org/

Download ad-aware and Spybot search and destroy.

foreright · 6 Sep 2008 at 11:16

As his laptop is a company one it appears that he cannot boot into safe mode as he hasn't the administrators rights. I asume that, as it won't accept his password that he uses in Windows. Will the spyware / malware software do the job if run in windows or is there another way into safe mode. Cheers

eXor · 6 Sep 2008 at 12:02

foreright said:
My son has arrived home with a variety of malware pop-ups on his laptop after trying to DL a film

foreright said:
As his laptop is a company one

Pray that the company doesn't find out!

Malware could theoretically corrupt your router, but this is unlikely. If your router has a common, easy-to-guess ip address like 192.168.1.1 and a weak password, malware could get in and alter some settings, like DNS. If you have UPnP turned on, it doesn't even need to guess the password. You don't really have to connect to the net to get the removal software onto the laptop.

1. You could boot from a Live CD which contains the removal software. If the laptop is not set to boot from CD first, then you would need to go into the BIOS and change the boot order. If the BIOS is password protected then you are out of luck. ( Some have a manufacturer master password which you can use to bypass the existing one. Or clear the CMOS to return to factory defaults, but not recommended since it is a company laptop. )

2. You could burn the removal software onto a cd, boot up the laptop and just copy to the hard drive. Most removal software need administrator rights to run, though. So it probably wouldn't work.