Malware issues and password problems

- Prajesh SJB Rana, Kathmandu

Oct 14, 2015-

I have a 24” Intel based iMac (early 2009) running OS 10.9.5, which I have been using with no problems till now. A few days ago, while downloading Frostwire, I clicked on some link because of which the default homepage now shows Bing and the search window shows Trovi, and ads pop up whenever I search and open a new webpage. I tried through Safari preferences to reset this to the original configuration (duckduckgo and Google) and block pop-ups, but the system refuses. How can I correct this? Please help.

—Kiran R Baral

Hi Kiran,

The problem you’re facing is due to a malicious software that got downloaded and installed on your computer while you were installing Frostwire. It seems like it’s a software that’s bombarding you with advertisements (adware) but it may very well be a virus too. So my first suggestion would be to run a full system virus scan. You can get anti-virus software for Macs too, so try installing one of these antivirus software and scan your computer.

To get back to the original problem, many of these viruses, just like on a Windows browser, runs as an extension. An extension might be responsible for pushing Trovi as your search engine; go to Safari on your Menu bar and open up Preferences. On this window, navigate to Extensions and look for any extension that you might not have installed or might look suspicious; they’re usually named Omnibar or Searchme or something similar. Identify these extensions and uninstall them. After removing the extensions, navigate to General on the same window and change your Default Search Engine to anything you’d like and also change the Homepage option according to your preference. You can do this same trick for other browsers like Google Chrome and Mozilla Firefox too, if they’re infected as well. Hope this helped, Kiran.

I forgot my Windows administrator password and my CD-ROM does not work. I tried cracking the password many times through my standard Windows account, but in vain. I have lots of important files on my PC that I cannot lose. What should I do? Please help me!

—Sandeep777

Hi Sandeep,

Yours is a very common problem, but it’s a very difficult problem to troubleshoot nonetheless. It’s very difficult to get past your Windows password because it’s actually built to keep people from accessing your computer and it’s also built to ward off hack attempts. One way of resetting your Administrative password would be through the Windows Installation Disk, but since your CD drive is not working, you can create a bootable Windows installation on your flash drive. You will need a Windows 7 Installation Disk Image (iso), so maybe you can do this with the help of a friend’s computer that has a working DVD-Drive. There are many tools that help you create a bootable flash drive, so do a little research on that and create a bootable flash drive.

Boot into the Installation drive and navigate to Repair Your Computer option. This appears on the window after the language settings, below the Install button. The Repair Computer screen lists out all the Windows Installations you have on your computer, so select the one you want and open up Command Prompt from the following screen. Here, your Windows Installation might not be under the Drive

Letter C: so enter the command[bcdedit | find “osdevice” ](the square brackets are not part of the command, they’re just there to separate the command from the rest of the article. Please keep this in mind and don’t enter them while using Command Prompt). This command will tell you what your OS Device is, so note that down or keep it in mind. Now, for the sake of this article let’s say the osdrive is C:; this might be different for your computer so replace it with the commands that follow. Next enter [copy C:windowssystem32sethc.exe C: ]and [ copy C:windowssystem32md.exe C:windowssystem32sethc.exe ]. The second command will ask you if you want to override certain settings; type Yes and move on.

Now restart your computer in your original Windows and not the boot USB. On the log in screen, hit Shift five times and a Command Prompt window should appear. Here, enter the command [net user <username><newpassword>]. Replace <username> with the administrative username you used and <newpassword> with the new password you’d want the account to have. Close Command Prompt after this and log in with your new password. The final step is to not roll back all the changes that we made to the system32 folder. To do this, find the Command Prompt in your Start Menu and run it as Administrator. Run the command [copy c:sethc.exe c:windowssystem32sethc.exe]. This should do it; if it doesn’t, you can try to hack into your account. This will be a long process without guaranteed success but if you want to know more, I can send you more information on how to go about this.

If you’re open to the idea of installing a fresh installation of Windows, that could be an alternative too, if you don’t want to go through the troubleshooting process. Since Windows 7, if you install a new copy of Windows, the installation automatically creates a folder called Windows.old, which has all the files from your old installation (don’t format the drive while installing). You can even back up using a Live USB boot of a Linux Distribution.

Published: 14-10-2015 09:23

User's Feedback

Click here for your comments

Comment via Facebook

Don't have facebook account? Use this form to comment