Our network has been hacked. Are they into Apple Stuff and PS3 too?

If the network/machines are as far gone as you say, I think you would simply have to shut it all down by disconnecting all network connections and powering down the router and all machines (there is no reason to leave anything running in a compromised state). Then start working on one machine at a time to slowly rebuild the network.

The suggestion by Golden to run Windows Defender Offline is a great way to start on each machine. You might also consider clean reinstalls on the machines. Don't forget which machines have personal files that can't be replaced. Hopefully you've already got your personal data backed up to somewhere safe.


Reset your router back to factory condition and reconfigure it appropriately, changing default password and username (if allowed) and setting up wireless security. This may help in returning to factory (not sure it'll work with your brand/model):

• Disconnect all ethernet connections
• With the router powered on, press and hold the reset button on the router for 30 seconds
• Without releasing the reset button, unplug router and hold reset for another 30 seconds
• Plug the router back in while still holding the reset button another 30 seconds

Some comments on your prior post:

ClassicStyle said:

Today I have 2 computers on the network. Both have had their BIOS systems compromised. The hard drives have been partitioned and new directories have been installed. The BIOS settings have been altered so that the computers boot to an installed diskette directory on a server. how do I completely restore the BIOS on a dell computer? The BIOS settings have been altered and pressing F12 brings me to the BIOS but the commands to change the boot order have been erased.

Step one 1- I'm in the Bios. How do I reorder the boot? Right now all I see on the screen is this

Set Boot Priority (Blacked Out)
1st Boot. Diskette
2nd Boot. Hardrive
3rd Boot USB
4th Boot. Cd/dVd
5th Boot. Network

What are the commands on a dell to reorder the bios? I should be able to reorder this list by moving each device up and down in the order? The help function has been altered so it gives no key strokes to follow or directions for reordering the boot.

Tell me how to reorder the devices in the boot order.

I'm working on my end as well.


Thanks,

CS

That boot ordering doesn't look all that odd. Quite a few machines still in use that have that default order. The "1st Boot. Diskette" is likely a holdover from the days when floppy drives were commonly included on most machines. It's been many years since floppy drives were common yet I still see it referenced in the BIOS's of relatively new machines. The "1st Boot. Diskette" entry in your case is just being ignored; it's not being used to boot from a remote diskette.

It just so happens I'm working on someone's Dell machine right now and it's got the exact same boot order you describe above. Wasn't sure what you meant with "Set Boot Priority (Blacked Out)", but when I look at this Dell's BIOS screen I think I see what you mean: it's in black text whereas the rest of the options on the screen are in blue text. All that means is that there are no options to set for that line; only the blue items can be modified by the user. On this machine you change the boot order by using the up/down arrow keys to highlight the 1st Boot and pressing Enter. A dialog pops up for you to select the device you want for first boot (using arrow keys). Press Enter to make your selection and you'll see the list change appropriately. Then you do the same for 2nd Boot, 3rd Boot, and so on.

And this Dell's BIOS is a very basic one. Any help text that pops up is a simple restatement of the obvious (so it's basically useless).

I'm in full agreement with Golden about messing with the BIOS; don't mess with it if you're not 100% sure of what you're doing, and know how to recover if something goes wrong.

Can you give us screenshot or examples that can clarify this statement you made: "The hard drives have been partitioned and new directories have been installed." We would have to know more about what exactly happened to be able to help pinpoint the cause.

There is no reason to throw the machines out and buy new or switch to Linux or anything like that. They can be fixed.

Once I get my new network set up, with a new computer, with a new router and complete protection.....

Can connecting my apple products to the network pose any risk??

IPAD 2, IPHONES, IPODS. Can these be infected and pose a risk to my new network by calling out to the previous domain???

What about the PS3? What risks do I have to look for or clean out of this???

Thanks,

CS

ClassicStyle said:

Once I get my new network set up, with a new computer, with a new router and complete protection.....

Can connecting my apple products to the network pose any risk??

IPAD 2, IPHONES, IPODS. Can these be infected and pose a risk to my new network by calling out to the previous domain???

What about the PS3? What risks do I have to look for or clean out of this???

Thanks,

CS

Yes, the Apple stuff and PS3 pose a risk. Any device you connect can be a potential risk. If you're buying new computers/router in order to rectify this issue, why are you not buying new Apple devices and a new PS3?

Again, there is no reason whatsoever to resolve this by just throwing it all out and starting all over again with new equipment. If you really want to do that I'll pay for shipping and give you my address!

There is no such thing as "complete protection"; it's something you build in layers (router/firewall, software firewall, antivirus/antimalware, software updates/patches, safe computing, etc.) and you have to constantly work with it to keep it as effective as possible. But even doing that it's not "complete protection", as in 100% infallible.

Did you read my prior post about your Dell's BIOS?

ClassicStyle said:

This is where the problem starts every time I start my browser:

//g.msn.com/USCON/1.

That link looks like the default browser home page that Dell uses on the PC's they sell. Just tried it on an HP machine and a home built machine. Ends up taking you to //dell.msn.com/?pc=MDDC&OCID=DELLDHP and will install the Bing toolbar if you click OK.

Almost all of the OEM machines will use some brand related start page for the browser as a default home page. Nothing to worry about. Just don't use it and then change the home page to whatever you want.

Golden said:

24 posts and you still haven't done a scan to give us a clue what sort of malware your systems are infected with.....

So........once again......do an offline scan with Windows Defender Offline. Without that, its impossible to help you.

I too suggest that you do the scan. Most of the stuff you've described can be attributed to a properly working machine with a Windows OS. If you really want help you've got to give us something concrete to go on rather than speaking in generalities. Screenshots, scan results, something, anything specific.

No he is busy buying new computers and moving around the country. It's an expensive security practice but it is also highly ineffective so he has that going for him.