This starts week #4 of fighting something that has has my computer in a network within itself with "root" claiming to be the Domain Controller and thus limiting my abilities as Admin. About 4 weeks back I got nailed with the W32.Virut.CF nasty and the problems haven't stopped. I've gone as far as changing modems, unplugging and resetting the router before each use, taking all computers except this off line, taking out the CMOS battery/ram//all cards/cpu/trying restore/trying the restore desks and wiping the drive all to no avail. If I delete anything it's restored within minutes, sometimes seconds. I resorted to doing a del *.* on C which left me with a few directories protected by root. I'm not familiar with shells, encryption techniques, schemas, group policies (global & local), objects, permissions, ASP NET, Python, all of the secret pipeline protocols that are established in stealth mode or editing the registry based on what should or should not be there. IE has been redirected rendering it useless and I can't seem to install anything as it's changed installers or hidden it in root. At the suggestion of a friend, I am booting from an EeeBuntu Linux disk which is using a ramdrive or I would have no access at all. After doing the simple del *.* and reviewing, I found my system is locked under something called MEDIA and then to a root that has no name and on the restore drive I see the files Hal-Lock, Hal ?? (a text file) and ipod = which seems to be a self extracting package . I know some of this is Linux based and it's been a great learning experience, but I need to get the machines corrected, sealed with a security program that works and back on line. Any help is appreciated!
Edited by E10, 16 November 2009 - 03:43 PM.