Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IS SOMEONE ON MY COMPUTER?!


  • Please log in to reply
10 replies to this topic

#1 †Sage†

†Sage†

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:32 AM

Posted 01 February 2009 - 08:55 PM

ok, yesterday i did a system cleanup and afterwords: i was getting random websites popping up on firefox, so i just decided to use opera. unfortunately, the problem persited: while opera had no popups, my wallpaper turned to the infamous "DANGEROUS SPYWARE ON COMPUTER, please install antivirus xp" and whatnot. i started freaking out, so looked around and decided to try the free version of malware bytes, dr. web, and my (paid for) copy of spyware S&D. i ran each multiple times, and had like 230 infections! forutnately, i removed them all and turned off system restore so the virus would not repair itself (don't worry, i have all of my valuable things bakced up). the background was gone, the false little x in a circle was gone, and my computer was up to speed again. i decided to reset it after about an hour or so of using it, jsut to see what would happen:

AND IT WAS ALL BACK

i tried to run more virus scans, but just as they started, my computer froze and would beep every time i tried to do anything. i restarted it and deleted all of the policies folders in the HKEYS. I thne unplugged it and went away for awhile. when i got back, i plugged it in, turned it on, and when i tried to start it up, it showed me my accounts, but administrator wasn't there, and at the bottom, it said "Turn off second computer" i seriously started freaking out; so i tried to go onto mmy ohter accoutn, and after it said loading personal settings, it immediately said LOGGING OUT and showed me the accoutns again! i restarted my computer and did the F8 thing, and tried last known configuration, but the same thing happened! I tried safe mode with command prompt, and it finally showed me the administrator, but when i clicked on it, it just showed me a black screen with SAFE MODE at the bottom.

WHAT IS GOING ON? if my computer is gone, then i have everything i need, but im out a comp and like 1K of money! plz help!
SageOfSARIA

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:32 PM

Posted 01 February 2009 - 11:53 PM

Hello. I suggest 2 options. Either a full wipe and reinstall or post a HJT log as you have many issues.
To run HJT.
Please follow this guide. go and do steps 6 and 7 ,, Preparation Guide For Use Before Using Hijackthis. Then go here HijackThis Logs and Virus/Trojan/Spyware/Malware Removal ,click New Topic,give it a relevant Title and post that complete log.

Let me know it it went OK !
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 †Sage†

†Sage†
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:32 AM

Posted 02 February 2009 - 11:34 AM

ok, but how? i cant even get on my computer! like i said, it always takes me straight back to the login screen

i was thinking about a system wipe. oh, and i think it disabled my eTrust and realtime monitor, so theres that...

if you know how i can get a HJT log, plz tell me!

one more thing: i know that he can get at my comp if it is turned off, but he definitely CAN NOT if its unplugged, right?

Edited by †Sage†, 02 February 2009 - 11:35 AM.

SageOfSARIA

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:32 PM

Posted 02 February 2009 - 12:23 PM

Ok, I'll have to look something up.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,736 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:32 PM

Posted 02 February 2009 - 12:45 PM

If you cannot bootup in normal or safe mode, then your options are limited. You may be able to use a Windows XP bootable Floppy Disk to boot from a diskette instead of your hard drive. If your hard drive's boot sector or Windows' basic boot files have been corrupted, this disk will circumvent the problem and boot you into Windows. If you don't have an emergency boot floppy, you may be able to use one created on another PC running Windows XP but there's no guarantee that it will boot your machine.

"Resolving Boot Issues with a Boot Floppy Disk".
"How to obtain Windows XP Setup boot disks" and select the download that's appropriate for your Operating System. The Setup boot disks are available so that you can run the Setup program on computers that cannot use a bootable CD-ROM.

Another option is to create a Bootable CD:
Bootable CD FAQs
How To Boot your Computer from a Bootable CD or DVD
How to Create a Bootable Windows XP Setup Disk on a Preinstalled/Preloaded Windows System
Creating A Windows XP Recovery Console CD Image

You can try doing a "Repair Install with Recovery Console". The Recovery Console is a Windows utility that provides a DOS-like command line from which you can run some repair programs. If you have a Microsoft Windows CD-ROM, you can get to the Recovery Console by booting from that CD and pressing any key when you told to 'Press any key to boot from CD'. At the 'Welcome to Setup' screen, press r for Repair.

"Langa Letter: XP's No-Reformat, Nondestructive Total-Rebuild Option"
"How to perform a Repair/Reinstall" (with screenshots).
"How to install and use the Windows XP Recovery Console"

If you don't have your XP CD you can download an ISO of the Recovery Console files:
Recovery Console ISO file
NTFS4FreeDos ISO
XP Recovery Console zip file

Burn it as an image to a disk to get a bootable CD which will startup the Recovery Console for troubleshooting and fixing purposes. This is especially useful for those with OEM systems with factory restore partitions or disks but no original installation CD. If you are not sure how to burn an image, please read How to write a CD/DVD image or ISO.

You can start a new topic in the Windows XP forum if you need assistance with this.

Important Note: If this is a virus/Trojan related issue, you should know that some types of malware can result in a system so badly damaged that a Repair Install will NOT help!. Reinstalling Windows without first wiping the entire hard drive with a repartition and/or format will not remove the infection. The reinstall will only overwrite the Windows files. Any malware on the system will still be there afterwards. Starting over by wiping your drive, reformatting, and performing a clean install of the OS removes everything and is the safest action. Please read:Should you decide to follow this advice and reformat, these links include step-by-step instructions with screenshots:
"XP Clean Install Interactive Setup"
"How to reformat your computer in case of a severe malware infection"
"Reformat & Clean Install Windows XP"

Note: If your using an IBM, HP, Compaq or Dell machine, you may not have an original XP CD Disk. By policy Microsoft no longer allows OEM manufactures to include the original Windows XP CD-ROM on computers sold with Windows preinstalled. Instead, most computers manufactured and sold by OEM vendors come with a vendor-specific Recovery Disk or Recovery Partition for performing a clean "factory restore".
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 †Sage†

†Sage†
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:32 AM

Posted 02 February 2009 - 03:43 PM

@_@ confusing...

alright, well, for the ISO, would i put it on a disk on my other comp, then transfer it, cuz like i said:

I CANNOT GET IN
SageOfSARIA

#7 †Sage†

†Sage†
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:32 AM

Posted 02 February 2009 - 05:40 PM

ok, update: i just tried to restart the computer, but this time i unplugged my router so that it had no internet.

this didnt do much, as i still had the same problem: it would say turn off second computer, didnt have administrator, and wouldnt let me log in

HOWEVER

when i tried to go into safe mode with command prompt, it didnt ask to turn off second computer, and it showed me the administartor accoutn
same as last time

BUT, when i went into CP instead of just showing me a black screen, i was automatically kicked out of the account.

anything actually new here? or should i just wipe the thing clean?
SageOfSARIA

#8 †Sage†

†Sage†
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:32 AM

Posted 02 February 2009 - 10:10 PM

also, is this maybe taht guy from russia on thwe homepage?

just wonderin.... but i doubt it lol

Edited by †Sage†, 03 February 2009 - 08:53 AM.

SageOfSARIA

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,736 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:32 PM

Posted 03 February 2009 - 11:42 AM

for the ISO, would i put it on a disk on my other comp, then transfer it,

Yes.

or should i just wipe the thing clean?

Your decision as to what action to take should be made by reading and asking yourself the questions presented in the "When should I re-format?" and What Do I Do? links I previously provided. As I already said, in some instances an infection may have caused so much damage to your system that it cannot be completely cleaned or repaired. Wiping your drive, reformatting, and performing a clean install of the OS or doing a factory restore removes everything and is the safest action but I cannot make that decision for you.

Reformatting a hard disk deletes all data. If you decide to reformat, you can back up all your important documents, data files and photos. The safest practice is not to backup any autorun.ini or .exe files because they may be infected. Some types of malware may disguise itself by adding and hiding its extension to the existing extension of files so be sure you take a close look at the full name. After reformatting, as a precaution, make sure you scan these files with your anti-virus prior to copying them back to your hard drive.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 †Sage†

†Sage†
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:32 AM

Posted 03 February 2009 - 04:41 PM

thank you very much. im not of a computer genius, and it took me awhile to scribe what you said up top, but i think im just going to reformat. all of my needed things are already backed up onto my other computers (no autorun.ini or exe files, just pictures :D) and i actually wanted a clean system anyway.

just one question:

how do i reformat my system? do i have to get apro to do it? Thank you :D
SageOfSARIA

#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,736 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:32 PM

Posted 03 February 2009 - 10:08 PM

That's the decision I would have made if this were my system.

Some types of malware can result in a system so badly damaged that a Repair Install will NOT help!. Reinstalling Windows without first wiping the entire hard drive with a repartition and/or format will not remove the infection. The reinstall will only overwrite the Windows files. Any malware on the system will still be there afterwards. Starting over by wiping your drive, reformatting, and performing a clean install of the OS or doing a factory restore removes everything and is the safest action.

In case you need help with this, please review:These links include step-by-step instructions with screenshots:Don't forget you will have to go to Microsoft Update and apply all Windows security patches after reformatting.
Also see How to keep your Windows XP activation after clean install.

Note: If your using an IBM, HP, Compaq or Dell machine, you may not have an original XP CD Disk. By policy Microsoft no longer allows OEM manufactures to include the original Windows XP CD-ROM on computers sold with Windows preinstalled. Instead, most computers manufactured and sold by OEM vendors come with a vendor-specific Recovery Disk or Recovery Partition for performing a clean "factory restore" that will reformat your hard drive, remove all data and restore the computer to the state it was in when you first purchased it.

If you need additional assistance with reformatting, you can start a new topic in the Windows XP Home and Professional forum.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users