After finding adds and misdirects I checked and found a old Java script back door exploit in a Java cache. Java should have been updated but AVG had always been clean except for Jave cache.
As always I have used Gparted to copy the OS partition onto backup drives. After finding that MBRcheck reviled a non standard MBR In a panic I used /fixmbr which changed the MBR back to std win 7 and now back to normal OS operations. The MBR is now the same as a fresh install on a new drive so the MBR had changed at some point and now I have 3 drives with OS's that I can not trust and any pin drive that were in the OS. Its hard to regen the OS but its done, data is safe but now to clean up the mess !
Now the bottom line is I do not know what I had, nor how the MBR was changed or what it did to the backup's and the USB drives, but have to clean the mess some how to returned them to service. Now I am just not sure if a full format, disk wipe, or what would be good fix for the hard drives and then what to do for the pin drives. Can I still trust the drives after cleaning and Gparted for doing backup of a new clean install ?
Thanks to all that contribute to these great forums !
IMSAI 8080 and yes it was my first build and that dates me.
Edited by boopme, 30 July 2012 - 09:10 PM.