BleepingComputer.com: I have never seen anything like this....

Jump to content

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

I have never seen anything like this.... 5 computers down and counting....

#1 User is offline   boboliman 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 38
  • Joined: 07-December 10
  • Gender:Male
  • Location:Virginia

  Posted 03 January 2011 - 07:34 PM

I need help badly, as a particularly insideous strain of malware has totalled 5 of my systems.

Let me begin with the Dell 1735 Studio laptop, 500 GB HD, 4GB RAM, running Win 7 32bit (upgraded from Vista 32).

Symptoms and anomalies:

FireFox hacked
LM host file altered
Windows Firewall altered
Task Scheduler packed with tons of triggered events I've never seen
Services installed and enabled that should not be
Bogus certificates installed
Security policies altered and locked out of files
Windows drivers perfectly replaced with hacked copies
Cannot update any AV
When I put a CD into the drive, if there was certain scanner software on the disk, the system would disable the drive until you rebooted
All data on the hard disc looks fine in Win 7, but there is a copy of all files in DOS where the data is split into separate directories and have a .lnk appendage
All AV programs install fine, but when I go into the registry, they are disabled and misconfigured.
The registry is so packed with remote monitoring setings and hacks it is incredible...
This goes on and on...
So I salvaged what data I could, put it all on a removable hard drive and did a low level format of the Dell with a program from the disk manufacturer (WD) and wiped out the MBR and the complete partition. I took out the battery and scanned the HD and memory or anything with Kaspersky for DOS from a DOS boot disk and even ran a UNIX boot disk with Kasperky on it, and it came up clear.
I reinserted the battery, setup the BIOS and reinstalled the OS.All this time, I am not connected to the Internet, but to update Kaspersky.
Upon first boot up, the system is just as bad as when I began!!! I could not believe this thing had flashed itself into the BIOS, but it did. It seeems when you install an OS, it writes itself into the new OS from the BIOS. So I have flashed the BIOS to it's latest version, took out the battery, wiped the hard disk, reinstalled the original OS (Vista 32) before I upgraded to Win 7 and it is still here. I am at my wits end. I will be patient and learn as much as I can about the different viruses and malware, and await your help. This is gonna be fun...

Boboliman

#2 User is offline   jublast84 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 3
  • Joined: 03-January 11

Posted 03 January 2011 - 07:40 PM

i have a dell inspiron 530 and im having the same problem so if some one help you please help me

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users