jpardee

Thanks for your responses and learned advice it is greatly appreciated!! I wanted to clarify how the recovery was initiated, the program used, the Operating system and the media type so I do not leave anything out and that others may benefit from this great website and the uber geeks that help out those of us in need. The recovery was made from a factory partition on the hard drive by pressing F11 at bootup. Program used to perform backups (prior to Recovery): Windows 7 Backup and Restore utility, from the Start Orb>Maintenance folder> Backup and Restore>set up backup>save backup on> Note: from here you select where the backup would be saved, Windows wants you to use an external drive but in this case I used Sony DVD-Rs. I could have made a system image (which would have included the Windows files, OS) using an external hard drive, I elected only to back up files to DVD-R. The real benefit of a large external drive would be to schedule backups as long as the external drive remained connected to the computer. OS used: Windows 7 Home Premium SP 1. Media used: Sony DVD-R discs. As I mentioned before we had copied pictures and documents to an external hard drive. I then scanned that external drive with Avira antivirus on one computer, with rootkits option ticked and it came up negative. I then attached it to another computer running an updated Panda Internet Security 2013 set to scan all file extensions and to delete any malware discovered. Panda IS 2013 uses the cloud, (probably their servers) it turned up negative. I then (after updating) ran Malwarebytes Pro version 1.51.0.1200 full scan and it turned up negative as well. I elected not to run the back-ups made on DVDs based on the chance there could be a backed up piece of malware on the discs. I went ahead and copied only photographs from the backed up Documents folder. I turned off system restore and scanned with Avira antivirus after it had been updated and it came out clean. I ran the scanner (after updating) for Malwarebytes and Superantispyware and it came up clean as well. I’m hoping for the best here after doing a recovery from the partition on the hard drive. I ran the Windows Malicious software removal tool it discovered and removed the DOS/Alureon infection. I rebooted and installed TDSSKiller, ran the scanner, it found and cured the Rootkit.Boot.pihar.c. All other scans by all the above mentioned anti-malware programs came back clean. If anyone has any constructive comments or advice I’m all ears. Thanks for everybody’s time and effort on an excellent community of anti-malware crusaders!!

Greetings all, does anyone know how to scan “backup and restore” discs (DVD) using the TDSSkiller program? (or really if this is even necessary) The discs were made on a windows 7 home edition machine just before we did a recovery of the machine. With TDSSKIller loaded on the machine I can scan the hard drive but I do not see how to scan these discs. The TDSSKiller program found a rootkit on the hard drive and cured it (after recovery) but I'm concerned the backed up data (made prior to recovery) on the discs maybe infected. Thanks for any advice.

Hello MrC ! looks like you are more than busy today. I met with my friend and he has decided to reformat and re-install. Soooo I know what I will be doing today. Thanks again for your time and also for the links to the dsl reports, I did read them. I am making a donation through PayPal in the hopes when I get everything re-installed and up and running maybe you or one of your colleagues could take a gander at a new DDS report and give me your blessing in the realm of uninfected computing.

Thank-you MrC. for taking the time to read and respond to my post . I agree, when it comes to some of these nasties probably better to reformat and reinstall to ensure the malware is removed . This computer has been disconnected from the Internet for over a week now. I will need to confer with the owner on Monday to see if he would like to go ahead with the cleaning. I will post back as soon as I meet with him. I have run Windows Back up and restore to a brand new hard drive and DVDs. Do you think there is a likelihood the malware has found its way to the backups as well? I ran the backups after the scanners (Malwarebytes, Superanitspyware, Avira AV, and online scanners, Bitdefender, TrendMicro and Panda) starting coming up clean. Thanks again for the help. Jake

Greetings fellow users! Can someone please look at this DDS and tell me with your expertise whether or not we are still infected and what I can do next to clean this machine. I have run updated versions of Malwarebytes, Superantispyware, Avira Antivirus and three of the free online scanners like Panda, Bitdefender and Eset. I have run disc cleanup and went into the browsers and deleted temporary Internet files as well. Initially this all started when I discovered on a buddy’s computer that his Norton’s anti-virus had been turned off and his Malwarebytes program was not operational. I uninstalled Nortons then downloaded Avira antivirus, ran the scanner and it located the TR/ATRAPS.Gen2 Trojan and moved it to quarantine. I then uninstalled the non-working Malwarebytes, updated it and ran the full scan, it located Trojan.Dropper.BCMiner which it reported it had quarantined and deleted successfully. After several days (2/3) Malwarebytes, Avira and Superantispyware are not detecting any infections but then when I ran Eset online scanner on June 8, 2012 it claims it found several Trojans these appeared to be located in Temporary Internet files (Internet Explorer) but most of the Trojans are located in C:\Users\ESH-001\DesktopGeek Squad Backup\Documents and settings\Administrator\Application Data\Sun\Java\Development\cache\6.0\18\13a2e652613d0d3e java/TrojanDownloader.OpenStream.NAC trojan, Eset claimed it cleaned by deleting. I’m concerned because this is his business computer. I have made backups to DVD and to an external hard drive using Windows Back-up and restore. We just need to know if we could still be infected or not and how to proceed from here. Thank-you very much for any help or advice you can give us!!! DDS.txt Torries.txt Attach.txt Torries.txt