Tech Support Forum - View Single Post

mas_pogi · 06-29-2009, 10:58 AM

hi.

Welcome to TSF

You may wish to subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

---------------------------------------------------------------------------

I am sorry to inform you that one or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

-------------------------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.
-------------------------------------------------------------------------------------------------------------------

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

----------------------------------------------------------------------------------------------------------

Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1
Link 2
Link 3

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. You can find instructions HERE.
Double click on Combo-Fix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

-------------------------------------------------------------------------

Please explain why this computer has no antivirus program installed and running. This is an open invitation for infection.

It can take as little as eight seconds to infect an unprotected computer.

Let me know in your next reply.

Mark

06-29-2009, 10:58 AM	#2 (permalink)
mas_pogi Analyst, Security Team Join Date: Apr 2008 Location: Tokyo, JP Posts: 1,476 OS: Vista, Linux Mint	Re: Search Redirects hi. Welcome to TSF You may wish to subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe. --------------------------------------------------------------------------- I am sorry to inform you that one or more of the identified infections is a backdoor trojan. This allows hackers to remotely control your computer, steal critical system information and download and execute files. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation. How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud? ------------------------------------------------------------------------- Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate. Please stay with me until given the 'all clear' even if symptoms seemingly abate. Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper. ------------------------------------------------------------------------------------------------------------------- Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix. It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence. ---------------------------------------------------------------------------------------------------------- Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop. Link 1 Link 2 Link 3 Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. You can find instructions HERE. Double click on Combo-Fix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: Click on Yes, to continue scanning for malware. When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply. ------------------------------------------------------------------------- Please explain why this computer has no antivirus program installed and running. This is an open invitation for infection. It can take as little as eight seconds** to infect an unprotected computer. Let me know in your next reply. Mark __________________ To accomplish great things, we must not only act, but also dream; not only plan, but also believe. If I have been helping you and do not reply within 24 hours, please send me a message. I'm a member of U.N.I.T.E and A.S.A.P