quick qestion vbs/generic infected laptop

Attention: Your computer is severely infected with Win32\ what is now called, a cocktail infection. This is an infection that is comprised of many different types of viruses and other malware, to damage your computer, and use it as a zombie for its backdoor network. In other words, your computer is under control of a hacker, and regaining control is now next to impossible.

The first component is a backdoor trojan, which is a type of trojan that communicates with a hacker: to transfer personal information about you, use your computer to help perform a denial-of-service attack, redirect your internet searches in order to make money off of your browsing habits, and can be a keylogger to steal personal identifiable information to help rob your identity.

The second component is a rootkit, which is a type of malware to take control over your computer at administrator access, having full permission to modify all of your device drivers, and allowing itself to hide all the malware on the system. In other words, it is a hackers way of taking control of your computer, and hiding in the dark at the same time. This is a prime initiative of hackers to help keep access to your computer, robbing all of your personal information, and using your computer to send spam across the internet.

The third component is a file infector, which is a type of virus to purposely damage as many files as possible, in order to keep control of your system, so you have as little access as possible.

Not only has your system been compromised severely, it is also highly damaged, and if you do not commit to my suggested removal method below, then your computer may not function anymore.

If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable. Do NOT change passwords or do any transactions while using the infected computer because the attacker may get the new passwords and transaction information. (If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connecting again.) Banking and credit card institutions should be notified to apprise them of your situation (possible security breach). To protect your information that may have been compromised, I recommend reading these references:

• How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
  
• What Should I Do If I've Become A Victim Of Identity Theft?
  
• Identity Theft Victims Guide - What to do
  

Removal method:

It is recommended to do a reformat and reinstall of your operating system. The experts in the Advanced Malware Analysts security community believe that once infected with such a piece of malware, the best course of action would be a reformat and clean reinstall of the OS. This is something I don't like to recommend normally, but in most cases it is the best solution for your safety.

I recommend the following articles to read:

• When should I re-format? How should I reinstall?
  
• Help: I Got Hacked. Now What Do I Do?
  
• Help: I Got Hacked. Now What Do I Do? Part II
  
• Where to draw the line? When to recommend a format and reinstall?
  

Guides for format and reinstall:

How to reformat and reinstall your Operating System

How to reformat and reinstall your Operating System - the easy way

However, if you do not have the resources to reinstall your computer's OS and would like me to attempt to clean it, I will be happy to do so. But please consider carefully before deciding against a reformat.
If you do make that decision, I will do my best to help you clean the computer of any infections, but you must understand that once a machine has been taken over by this type of malware, I cannot guarantee that it will be 100% secure even after disinfection or that the removal will be successful.

Please let me know what you have decided to do in your next post. Should you have any questions, please feel free to ask.

Thank you for your advice. I think we have decided to replace my sons laptop. His laptop was vista which we legally upgraded to windows 7. As I understand it to do reinstall it would mean back to vista then upgrade to windows 7 (as it was an upgrade not stand alone windows 7). Which seams a lot of work but still thinking about what to do. His laptop is not being used at all.
Could I ask you one question ? We have a home pc and another laptop are they safe ? Both run fine no pop ups, no miss direction. Fairly fast, all windows updates regularly installed. Both have the following installed
1) AVG
2)COMODO
3)Malwareby Anti-Malware
4)Spybot search and destroy
the above are all updated regularly and all the scans come back clear.
We do not have file sharing between all the pcs nor do we share printer. Can I hope that only my sons laptop has this virus. Thank you again Fruitree

Hello.
If you have the CD for Windows 7, or an Windows 7 image, then either can be used. Just format the drive, wipe it completely and re-install the 7 OS, that shouldn't need to go through downgrading.

The other machines should be fine.

so sorry to have to ask again, while going through your GeekPolice how to improve your security guide (as im totaly paranoid now)
I changed my AVG to Avira ran a scan and got the following TR/ATRAPS.Gen


The file 'C:\Windows.old (No Longer Needed)\Windows\Temp\tmp0_302603461953.bk.old'
contained a virus or unwanted program 'TR/ATRAPS.Gen' [trojan]
Action(s) taken:
The file was moved to the quarantine directory under the name '4b0d2b5c.qua'.

I have updated Malware run scan = clean Spybot search destroy = 2 cookies removed

Is our pc ok? our sons laptop has nothing on it But ours = online banking credit cards etc!
Please advise im banging my head against a wall right now
Thank you Fruitree

Yeah it's fine, it was only a temp file in an old archive.

Thank you Belahzur for your help and advice. I think I am going to reformat my sons Laptop. So my question is
Can we back up his Itunes music files and photo files and pos docs. or are these files infected to ?
We ran his laptop, and its running really well, fast not slow, no crashes, no miss directions, so far everything is updating fine. we put AVG back on which is
still showing clean scans. (Although I know this cant be relied on.) My sons laptop is not used for anything financial at all. So still at a bit of a cross road as to replacing laptop. If you say his files are ok to back up then a reformat may be the way to go.
thanks again fruitree

Nope, just about everything is infected when a machine is infected with Rammnit.

Sorry, but it's totally game over when Rammnit hits.

So have reformatted my sons laptop and did a new install from upgrade disc. Yes you were right, the windows 7 upgrade disc worked fine and my key was still valid. So if you are happy with the following please show my thread as closed.
My sons laptop now has the following :
Microsoft security essentials
Malwarebytes
Comodo
+ firefox +WOT

Did a full system scan with Microsoft result clean
Did a Eset online scan result clean
Are we all clear now and is the above enough protection ?
I will be donating to GeekPolice thank you again fruitree

Sounds like a good line of protection.

1 thing I would look into installing is Google Chrome. They have a better security line using built in sandboxing software, like it's own little firewall.