Jump to content
Posted 17 June 2009 - 04:59 PM
Posted 18 June 2009 - 01:38 AM
Posted 18 June 2009 - 02:02 AM
Posted 18 June 2009 - 02:04 AM
Posted 18 June 2009 - 02:13 AM
Posted 18 June 2009 - 06:28 AM
If you're running XP, please run ATF cleaner according to the following instructions. If you're using Vista, please skip this step and continue with step 2.
Please download ATF Cleaner by Atribune & save it to your desktop.
Please download Malwarebytes Anti-Malware and save it to your desktop.
MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable security programs or permit them to allow the changes.
I would like to hear how this went.
If you were able t run MalwareBytes, please post the report of the results.
If you were not able to do anything, let me know.
Posted 18 June 2009 - 06:46 PM
Posted 19 June 2009 - 03:22 AM
Backdoor Trojans are the most dangerous and most widespread type of Trojan. They provide the author or "master" of the Trojan with remote "administrative" access and control to the infected machines. Unlike legitimate remote administration utilities, backdooors install, launch and run invisibly, without the consent or knowledge of the user. Once installed, backdoor Trojans can be instructed to send, receive, execute and delete files, harvest confidential data from the computer, log activity on the computer and more. In other words, take over the control of your computer.
Disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.
In addition to the backdoor Trojan that has been identified, your computer has other infections as well. Although we can attempt to clean this machine, we cannot guarantee that it will be secure afterwards. Your best and safest course of action is a reformat and reinstallation of the Windows operating system.
You have two options now, and how we proceed here, will depend on which choice you make. If you want to attempt to clean the machine, we can, but you will not know if the trojan left an entry to your machine which we can't identify. The other choice would be to reformat and reinstall your operating system. I'll post a couple of links to help you with the changing of your passwords, and if you want to reinstall, instructions for that. This decision depends to some degree on what the computer is used for.
Finally, you should be aware that even if we successfully remove these infections from your computer, some parts of the computer's system may be altered by the removal process itself, which could prevent it from ever regaining its former stability or full functionality without a reformat.
Please read these for more information:
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall
If you have any questions, please ask.
Please post back to let me know what you've decided.[/b]
SAS,may take a long time to scan
Please download and scan with SUPERAntiSpyware Free
SAS Errors or Network Correction:
- If you get a message like SuperAntiSpyware.exe is not a valid Win32 application then try renaming SuperAntiSpyware.exe to SAS.EXE and see if it will run. This error message often occurs due to malware trying to block the installation.
- If you get an error message like The System Administrator has set policies to prevent this installation then see this possible fix which will help for some versions of Windows http://www.superantispyware.com/supportfaq...lay.html?faq=50
- At this point if you run into any problems where your internet connection appears to be broken, perform the below sub steps otherwise skip to the next main step about getting the log from SUPERAntiSpyware:[list]
- Click on the Repairs Tab.
- Click on Repair broken Network Connection (WinSock LSP Chain)
- and then click on Perform Repair
Please run a BitDefender Online Scan
You will need to use Internet Explorer with Active X enabled for this scan.
Please post the following:
Posted 19 June 2009 - 07:05 PM
Posted 20 June 2009 - 06:26 AM
Posted 21 June 2009 - 08:07 AM
An ounce of prevention is worth a pound of cureSpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript
0 members, 0 guests, 0 anonymous users