Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Sudden Infection - Help!


  • Please log in to reply
2 replies to this topic

#1 Anyhoo

Anyhoo

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:19 AM

Posted 07 May 2009 - 02:32 AM

Here is the issue for which I require assistance:

Yesterday I was browsing the internet, and at one point my computer became very slow and unresponsive. I believe IE was installing something on my PC at this point, but totally without my permission and knowledge. Pretty soon a red "X" icon appeared in my system tray and started displaying all kinds of messages that my computer was infected and I needed to run a spyware program. At the same time all kinds of processes (Spyware, of course) was spawning, which I killed from the "Task Manager" as quickly as I could, but at this point my system was compromised, so I shut down the PC and rebooted, hoping that it was just a temporary infection. No such luck. When I rebooted, I found that the Desktop and Task bar would not display, and that the Task Manager was disabled. Later the desktop changed from the normal blue background to a strange colored pattern. Everytime I reboot after that into my main User Account (I am running Windows XP with multiple user accounts), the colored pattern appears and I can do nothing. Strangely, I can log on to another account of the same computer, which does not show the task bar and desktop, but the Task Manager is NOT disabled for this other user account, so I was able to start Explorer manually to see the desktop and taskbar.

So the problem I have is how to "fix" what is wrong with the PC, mainly on the main user account. The problem appears to be in the HKCU in the registry of that one account, and I cannot do anything on the PC if I try to login under that account.
I tried doing a "System Restore" from the secondary account to a point before all of this happened, but that apparently just restored HKCU in the registry for the secondary account, not for all accounts on the computer, so the same issue remained.

I hope this made sense. You guys have helped in the past, and I hope you can help me again. Thanks in advance.

Edited by Anyhoo, 07 May 2009 - 02:35 AM.


BC AdBot (Login to Remove)

 


#2 Anyhoo

Anyhoo
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:19 AM

Posted 07 May 2009 - 12:36 PM

Please can someone here give me a direction of what I should do to fix this. I have HiJackThis and I can post the logs they show, but I am waiting for someone to give me some feedback. To repeat, an infection of my PC has mainly infected the primary user account of the PC, but I am able to access the same PC using a different account, which is not infected (or minimally affected - the desktop for this second user account will not display automatically). So the primary damage seems to be localized to the HKCU section of the registry for that one user account. Just tell me what to do and I will follow all instructions. I really don't know how to proceed on my own to correct this.

Thanks

#3 Anyhoo

Anyhoo
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:19 AM

Posted 07 May 2009 - 05:40 PM

Am I not getting any replies to my problem because you guys are all tied up on other problems, or have I not stated my problem properly in order to get a response?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users