Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Worst infection I've ever encountered; Infostealer? System Security?


  • Please log in to reply
1 reply to this topic

#1 taperpowell

taperpowell

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:09 AM

Posted 04 November 2009 - 02:42 AM

It is very late, I am frustrated and bound to ramble at this point, but I will try to be coherent.

I had been having trouble with my PC after installing a Netgear wireless USB adapter that had somehow changed my login sequence. I fixed that last Saturday (10/31), and noticed I was running about 60+ processes in task manager. I turned the PC off, turned it on the next day (Sunday, 11/1) and noticed that the start menu bar at the bottom of the screen would not come up properly, it was just a small grey stripe. If I clicked and opened a toolbar, I could get it to come up, then I could close my toolbar. In task manager I was now only running about 30 or 35 processes, so I knew something was shutting them down. AVG was disabled. Symantec was disabled. SpyBot was disabled, AdAware was disabled, HiJack This was disabled. None of these programs will run when I click on them; the error says I'm not permissioned to run these programs or that Windows XP can't find them. I cannot turn system restore off or on, but errors that come up along the way seem to indicate that it is off, even though it says it is on and won't let me change it. Then I found I could no longer get to the internet with this machine. Booting up in safe mode, with or without networking, is no help. (I'm writing from another PC than the one I'm working on.) None of the tools I have to clean spyware/malware work with whatever it is that found my computer, and nothing I can think of can get around it. A program called RegCure that I found online and ran from the thumb drive found 820 problems after a scan, but fixed none of them, naturally...unless I would buy their fix.

I took the drive out of the PC and connected it to another computer as the slave so I could scan it with Symantec. It turned up a handful of trojan horses that it didn't even name, but uncovered a couple instances of Infostealer.Gampass and deleted those. After a couple clean scans I put the drive back into the PC it came from, set up as master again, and it will boot but still has all the problems I mentioned above. After spending several hours on the internet and reading several forum postings that sound similar to mine, but not quite the same exactly, I wonder if I have what they've been calling System Security or System Security 2009. Most people with that do mention that they can at least post a HiJack This log, but I can't even do that. Also, I'm not getting popups or menacing messages, just a lot of locked up programs. I tried installing Malwarebytes from a thumb drive, but got the vbalsgrid6.ocx error...it wouldn't run. I am not trained in PC maintenance, but since they've given me that responsibility where I work I've picked up a few things over the years; I think I'm a fairly savvy computer user, but I'm in way over my head with this issue. I'm tired, I'm angry, and I want to find the people who write viruses and hurt them for stealing my ability to use a device I bought and paid for (my computer) and stealing so much of my time trying to fix it. I know I'm not supposed to include malicious statements in my post, but I can't be the only one who feels this way. It is so unfair, and of course I picture them sitting back in their little huts in the woods somewhere, drinking horrid cheap beer and laughing diabolically as they think of poor fools like me the world over who suffer from their clever but evil cyberattacks. I could have been spending this evening with my daughter instead of my PC. It's just idiotic, mean-spirited and wrong; obviously people smart enough to write a bit of code that disables a computer could harness that ability to do something constructive with it, if they only would.

Well, I'm exhausted, but now that I've explained the problem and vented a little, when I wake I hope to find that someone in this wide world can help me. I must not be the only one. Also, I know I'm supposed to give you error logs as well as a description of the problem, but I don't know how to get those to you, so you'll have to walk me through even that much before I can post them here for you to see. There must be a place the PC keeps such logs, but again, since I've also lost the ability to connect to the internet, I'm going to have to somehow copy an error log to a thumb drive and move it to another computer before I can post it.

--taperpowell

BC AdBot (Login to Remove)

 


#2 Jackatwo

Jackatwo

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Melbourne Australia
  • Local time:08:09 AM

Posted 28 November 2009 - 09:27 AM

Since this has not been answered for some time I hope I am not pushing my luck to answer you with the following
out of curiosity what are you logging in as ??? Guest, or user?
and have you tried to make a new user with admin privledges by going through your control panel, user account. New user ?? make sure you give your self full privledges
if not try it and then come back here with your HJT log and hopefully one of the admins will get back to you
sorry for butting in admins but it has been 3 weeks :thumbsup:

Edited by Jackatwo, 28 November 2009 - 09:29 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users