Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I have never seen anything like this....


  • Please log in to reply
1 reply to this topic

#1 boboliman

boboliman

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia
  • Local time:01:48 PM

Posted 03 January 2011 - 07:34 PM

I need help badly, as a particularly insideous strain of malware has totalled 5 of my systems.

Let me begin with the Dell 1735 Studio laptop, 500 GB HD, 4GB RAM, running Win 7 32bit (upgraded from Vista 32).

Symptoms and anomalies:

FireFox hacked
LM host file altered
Windows Firewall altered
Task Scheduler packed with tons of triggered events I've never seen
Services installed and enabled that should not be
Bogus certificates installed
Security policies altered and locked out of files
Windows drivers perfectly replaced with hacked copies
Cannot update any AV
When I put a CD into the drive, if there was certain scanner software on the disk, the system would disable the drive until you rebooted
All data on the hard disc looks fine in Win 7, but there is a copy of all files in DOS where the data is split into separate directories and have a .lnk appendage
All AV programs install fine, but when I go into the registry, they are disabled and misconfigured.
The registry is so packed with remote monitoring setings and hacks it is incredible...
This goes on and on...
So I salvaged what data I could, put it all on a removable hard drive and did a low level format of the Dell with a program from the disk manufacturer (WD) and wiped out the MBR and the complete partition. I took out the battery and scanned the HD and memory or anything with Kaspersky for DOS from a DOS boot disk and even ran a UNIX boot disk with Kasperky on it, and it came up clear.
I reinserted the battery, setup the BIOS and reinstalled the OS.All this time, I am not connected to the Internet, but to update Kaspersky.
Upon first boot up, the system is just as bad as when I began!!! I could not believe this thing had flashed itself into the BIOS, but it did. It seeems when you install an OS, it writes itself into the new OS from the BIOS. So I have flashed the BIOS to it's latest version, took out the battery, wiped the hard disk, reinstalled the original OS (Vista 32) before I upgraded to Win 7 and it is still here. I am at my wits end. I will be patient and learn as much as I can about the different viruses and malware, and await your help. This is gonna be fun...

Boboliman

BC AdBot (Login to Remove)

 


#2 jublast84

jublast84

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:48 PM

Posted 03 January 2011 - 07:40 PM

i have a dell inspiron 530 and im having the same problem so if some one help you please help me




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users