Few searches to see if the redirects are gone.
They seem to be.
Few searches to see if the redirects are gone.
They seem to be.
Hi,
I have bad news I'm afraid.
One or more of the identified infections is a Backdoor Trojan.
OK since we are dealing with the aforementioned infection(s) I would be providing your good self with a disservice if I did not make you aware of the ramifications below:
This allows hackers to remotely control your computer, steal critical system information and Download and Execute files.
I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.
Although an attempt could be made to clean this machine, it could never be considered to be truly clean, secure, or trustworthy. We could not say definitively that unknown and unseen malware will have been removed, nor will your system be restored to its pre-infection state. We cannot remedy unknown changes the malware may likely have made in order to allow itself access, nor can we repair the damage it may possibly have caused to vital system files. Additionally, it is quite possible that changes made to the system by the malware may impact negatively on your computer during the removal process. In short, your system may never regain its former stability or its full functionality without a reformat. Therefore, your best and safest course of action is a reformat and reinstallation of the Windows Operating System, and that is the course we strongly recommend.
Please read these for more information:
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall
I can attempt to clean this machine but I can't guarantee that it will be at all secure afterwords.
Should you have any questions, please feel free to ask.
Hmm...
Well from the one article, adware and hijackers are low priority.. but at the same time, it already reinstalled itself once, so it'll probably be back again.
But then, I don't have the discs to reformat with. But it probably would be a better idea to do..
Ok, so HP has a built in reformat for the Windows partition of the PC.
Don't know if that'll get everything, but did it anyway. So it reset back to factory settings, deleted everything and reinstalled the programs.
Hi.
Unfortunately the back-door infections would have undoubtedly compromised your machine...Well from the one article, adware and hijackers are low priority.. but at the same time, it already reinstalled itself once, so it'll probably be back again.
You should be able to create a set of Recovery Discs using the HP Backup and Recovery Manager. I will also provide instructions below on how to create a independant System Repair Disc. How to use the aforementioned can be read here.But then, I don't have the discs to reformat with. But it probably would be a better idea to do..
A factory reset is defacto a reformat and reinstallation of the Windows Operating System. Doing such was the most prudent course of action and if one of my own machines was thus infected I would not hesitate to follow my own advice etc.Ok, so HP has a built in reformat for the Windows partition of the PC.
Don't know if that'll get everything, but did it anyway. So it reset back to factory settings, deleted everything and reinstalled the programs.
Create a Windows 7 System Repair Disc
Note: the below can only be done if your machine has a a type of CD/R or DVD/R optical drive installed. Also depending on the exact type of OEM your machine has you may be unable to actually create a SRD.
- Click on Start(Windows 7 Orb) >> Run...(or the Windows key and R together) to bring up the Run box. Then copy/paste the following command into the box and click on OK:
Code:recdisc.exe- Allow the UAC(User Account Control) prompt via selecting Yes.
- You should now see a menu like the below:-
- Put a blank rewriteble CD/DVD in your optical(CD/DVD) drive and then click on Create disc.
- Note: If a AutoPlay window pops up, just close it.
- When the SRD has been created you will see the below:-
Next:
- Now click on Close >> OK. Then eject/remove the disc from the drive.
- You now have a Windows 7 System Repair Disc.
I presume you are going to reinstall McAfee AntiVirus Plus, if not one of the freeware applications below are very good...
You will need to reinstall all Critical Updates also and there is also a Service Pack for Windows 7 now, namely Service Pack 1. Which should become available for download/installtion via Windows Update...
Keep your system updated:
Microsoft releases patches for Windows and other products regularly:
Update Interent Explorer:
- Click on Start(Windows 7 Orb) >> All Programs >> Windows Update.
- In the navigation pane, click Check for updates.
- After Windows Update has finished checking for updates, click View available updates.
- Click to select the check box for any found, then click Install.
- When completed Reboot(restart) your computer if not prompted to do so.
IE8 has been superseded by IE9, I strongly advise you download and install the new browser from here. This will increase overall security whist browsing online.
Be careful when opening attachments and downloading files:
Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
Never open emails from unknown senders.
Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.
Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.
Stop malicious scripts:
Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these scripts.
Avoid Peer to Peer software:
P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. My advice is avoid these types of software applications.
Hosts File:
A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your computer will look up the website's IP address before you can view the website.
Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.
Here are some Hosts files:
Only use one of the above!
Install WinPatrol:
WinPatrol alerts you about possible system hijacks, malware attacks and critical changes made to your computer without your permission.
Download it from here.
You can find information about how WinPatrol works here.
Next:
This is a very helpful/useful set of advice from Microsoft: Microsoft Safety & Security Center
Any questions? Feel free to ask, if not stay safe!
Alright, pretty much everything done except IE9's download links don't feel like working right now.
And the big thing was making sure that the factory reset was in itself a basic reformat. was worred that it might miss something hidden away somewhere.
Appreciate the help, now if you can just fix the bulging disc the Army gave me, we'll be in business!
Aye they do appear to be inactive for the moment, merely try at as later time etc.IE9's download links don't feel like working right now.
You're most welcome! Not a lot I can do about the latter I'm afraid, maybe a visit to a chiropractor or a physiotherapist may help.Appreciate the help, now if you can just fix the bulging disc the Army gave me, we'll be in business!
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.
Note: If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh set of DDS logs and a link to your previous thread.
If it has been less than three days since your last response and you need the thread re-opened, please send me or your helper a private message (pm). A valid, working link to the closed topic is required.
Posting Permissions
