Question
Thread display: Collapse - |
All Answers
Start or search
Create a new discussion
If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.
Malware removal (SmokeLoader)
first of all thanks for offering your help in these forums, this is great!
Over Christmas, my Laptop got infected with a Smoke Loader Trojan and I can't get rid of it. Hence I am thankful for any advice!
Ok, I try to get it sorted and provide the history:
In order to burn an mp4 video file to DVD, I plugged my external WD hard drive into my mothers Laptop (a quite old Acer Aspire notebook). As the DVD failed to be played on her player I aimed to convert the file into a suitable format on my laptop using the VLC player. My system is a Lenovo Yoga Thinkpad P40 (no dvd player, hence the HDD) with Windows10 Pro.
After converting the video file, my Laptop showed symptoms like fully occupied CPU and a lot of jumping windows services in the task manager, symptoms that I afterwards also detected on the spreader laptop. I took both laptops from the net and tried to get rid of the malware that was identified as SmokeLoader by 2 antimalware softwares (
What I tried so far did not help:
1) Checking the system with Avira AntiVir, McAfee and Malwarebytes (in windows normal and safe mode)
--> I could quarantine the malware, but upon clearing the laptop crashed during restart (guess an escape mechanism of the trojan)
2) Restore the laptop using a restoration time point before infection --> failed
3) Restoring the laptop with and without deleting personal data
--> Malware still there on the restored Windows system
Is there another thing to consider before formatting the hard drive and running a clean install? I don't have the key of my windows distribution and don't want to reconnect the laptop to the internet or USB sources, so a readout from the laptop is no option (or is it?).
Regarding the HDD, is there a way to remove the malware? Can professional IT services provide a guaranteed removal of such malware in order to prevent reinfection or should it be trash-binned? As there is some non-backupped data on it I would prefer a professional rescue.
Sorry for the long post and many thanks in advance! Please let me know if more information is required!
Best wishes,
Chris