I just got this machine and started to bring it up. Machine came with NIS free for 60 days so I activated ASAP to provide some protection as I was loading new apps. I then loaded Malwarebytes Pro so real time protection was activated very quickly. I also loaded Spywareblaster & updated the database and enabled everything. I always load Mozilla Firefox very early on and security add ons; no script, adblocker plus, WOT as I find it very useful to avoid nasty sites and ghostery.
I wanted to load advanced uninstaller as it works on 64 bit apps as well as 32 bit. I screwed up and loaded advanced installer in error first but quickly uninstalled. Both of these apps seem to have a decent reputation but I may have loaded one from CNN site. CNN seems to be a horrendous distributor of malicious software attached to legit app downloads. I am extremely careful to remove check marks to add extra apps and I really believe I didn’t miss any unless they had it in the middle of the license agreement. Much later things were still going well and I made a purchase from EBay and paid through PayPal. Around this time a new windows popped up that included “driverdiv.net” in the URL of the popup. It appeared my security software didn’t allow it to completely bring up the fake window to suck you into one of many fraudulent traps. Checking my security software Norton NIS looked fine but when I checked Security in Control Panel it indicated Windows defender and NIS were not running.
I think my entire system has been infected with the driverdiv malware. In no scrip the second script listed to allow to run is driverdiv.net in most of the sites. I think my system is doomed.
Since I only started loading software on this new machine I am considering wiping the entire drive clean and starting over but would have to leave the Recovery Partition D to reload everything.
Am I at risk if I wipe everything except the Recovery Partition D or will the recovery partition re-infect everything?
Do I have to worry at all about the BIOS and if so what can I do to make sure I can bring this machine back up clean of any malware.
Interesting that Malwarebytes, Norton NIS & now 360 scans have all been clean. Scans with SuperAntiSpyware have only shown tracking cookies.