Help
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
HP Pavillion custom - Vista Home Premium SP1, used to be Norton 2009, 10G ram, AMD Phenom 4 core/eMachine WinXPSP3, Norton, AMD 3100/emachine T????: NOT net worked/sharing, net access through NetGear WPN824v3: All current definitions and firmware except last machine.
This starts week #4 of fighting something that has has my computer in a network within itself with "root" claiming to be the Domain Controller and thus limiting my abilities as Admin. About 4 weeks back I got nailed with the W32.Virut.CF nasty and the problems haven't stopped. I've gone as far as changing modems, unplugging and resetting the router before each use, taking all computers except this off line, taking out the CMOS battery/ram//all cards/cpu/trying restore/trying the restore desks and wiping the drive all to no avail. If I delete anything it's restored within minutes, sometimes seconds. I resorted to doing a del *.* on C which left me with a few directories protected by root. I'm not familiar with shells, encryption techniques, schemas, group policies (global & local), objects, permissions, ASP NET, Python, all of the secret pipeline protocols that are established in stealth mode or editing the registry based on what should or should not be there. IE has been redirected rendering it useless and I can't seem to install anything as it's changed installers or hidden it in root. At the suggestion of a friend, I am booting from an EeeBuntu Linux disk which is using a ramdrive or I would have no access at all. After doing the simple del *.* and reviewing, I found my system is locked under something called MEDIA and then to a root that has no name and on the restore drive I see the files Hal-Lock, Hal ?? (a text file) and ipod = which seems to be a self extracting package . I know some of this is Linux based and it's been a great learning experience, but I need to get the machines corrected, sealed with a security program that works and back on line. Any help is appreciated!
This starts week #4 of fighting something that has has my computer in a network within itself with "root" claiming to be the Domain Controller and thus limiting my abilities as Admin. About 4 weeks back I got nailed with the W32.Virut.CF nasty and the problems haven't stopped. I've gone as far as changing modems, unplugging and resetting the router before each use, taking all computers except this off line, taking out the CMOS battery/ram//all cards/cpu/trying restore/trying the restore desks and wiping the drive all to no avail. If I delete anything it's restored within minutes, sometimes seconds. I resorted to doing a del *.* on C which left me with a few directories protected by root. I'm not familiar with shells, encryption techniques, schemas, group policies (global & local), objects, permissions, ASP NET, Python, all of the secret pipeline protocols that are established in stealth mode or editing the registry based on what should or should not be there. IE has been redirected rendering it useless and I can't seem to install anything as it's changed installers or hidden it in root. At the suggestion of a friend, I am booting from an EeeBuntu Linux disk which is using a ramdrive or I would have no access at all. After doing the simple del *.* and reviewing, I found my system is locked under something called MEDIA and then to a root that has no name and on the restore drive I see the files Hal-Lock, Hal ?? (a text file) and ipod = which seems to be a self extracting package . I know some of this is Linux based and it's been a great learning experience, but I need to get the machines corrected, sealed with a security program that works and back on line. Any help is appreciated!
This post has been edited by E10: 16 November 2009 - 03:43 PM
Back to top
