Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

So over my head now. Whole network infection if seems


  • This topic is locked This topic is locked
16 replies to this topic

#1 Ajmarks

Ajmarks

  • Members
  • 116 posts
  • OFFLINE
  •  
  • Local time:09:34 PM

Posted 05 September 2013 - 07:49 PM

Okay I'm not really sure where to begin. Basically I've got 4 computers and an iPhone 5. At one point all of these were hijacked by...something. Ironically it all started when I installed Kaspersky internet Security I had purchased at Office Depot after running avg/malwarebytes/superantispyware for years with little problem!

I had a phone that was being remotely controlled (no its not jailbroken, it was up to date with 6.1.4 and only two weeks old actually). And ya, I know, iPhones can't be hacked or infected *rolls eyes* I say tell that to my phone and the sleepless night I had watching settings and password literally change before my eyes. I think the phone is fixed now after I had it hard reset (like super reset more than factory restore) at the apple store. Still don't trust it but I think it's the cleanest of my hardware. I have some logs and diagnostics but no idea how to read those...and it's kinda not the point of this post. I'm here for the computers...plural...times 4 :(

I've scanned and dds'ed and hijacked logged and revouninstalled and frankly tried many things from this site that I'm convinced this is either a whole new breed of nasty, I've done something wrong along the way, or I made things way way worse. :(

Either way I've seen everything flagged from Trojans to backdoors to spyware to adware. Ive got more logs than I know what to do with and not a single computer I can actually verify is clean and safe to use. Hence the title... I should have posted here a month or two ago when this all started. But I underestimated whatever pit of hell this infection crawled out of. So I'm gonna start fresh- your wish is my command. I just need to know- from an expert- how to fix this and when I can trust my tech again.

So here are they system details and current issues:
1) a dell desktop dimension pc which is connected directly to modem and wireless printer. Runs xp and pretty much got nothing on it after one of the two hard drives crashed a while back (thank god for Dropbox backup the week before!). This one wont let me download files from the Internet including windows updates in safe mode and I have to run it in safe mode because when I log in regularly it logs me right back out. I'm an admin but I still have to click "run as admin" in safe mode to get things to work but truthfully they don't really work.
2) an hp pavilion laptop running windows 7. Actually reinstalled windows 7 from CD a week or so ago. Still problems. Currently runs very very slow. Also, can't connect to Internet. even though it says intel wifi adapter is working and picks up my secure network, I'm never actually given a chance to put in a password. Hitmanpro said I had a backdoor something or other right before all this...now all my attempts to scan come up clean. But it sure doesn't seem clean... Just did a system restore tonight so ill see if that helps I guess.
3) dell laptop running windows 7. This was the source of whatever this is I suspect because it was what I watch Internet tv on and thats the only thing I used it for. Initial scans said it was most infected- Trojans backdoors toolbars you name it. I think inhad the fbi virus about 4-6 months ago but thought i got rid of it...maybe this is all from that. i can no longer even pretend to guess whats going on!! I reinstalled windows from Cd about 2 weeks ago. Been scared to turn it on since after the reinstallation gave me clean scans. so as far as I know...it was at one point clean/good at pretending.
4) hp net book running xp. Was clean then somehow it wasn't. Not really sure anything is noticeably wrong cause its always been Kinda slow, but it was what I was using when I decided to play DIY tech goddess and started fixing/researching all the other stuff and now I think it is down for the count too after some scans gave iffy results. Haven't touched it in several weeks for fear of making things worse.

So as you can see...I'm royally fu....fundamentally in trouble here! Any brave experts up for a true challenge? I'd be eternally grateful and will bake you my always raved about cupcakes in whatever flavor your tech heart desires if someone will just please make this stop- I feel like I'm going crazy here in some man vs machine nightmarescape! Not sure if there is like a one computer limit but I will take any help I can get right now! This has taken over my life and I just need my sanity and technology back...even if its one byte at a time!!


Edited by hamluis, 06 September 2013 - 06:13 AM.
No logs, moved from MRL to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Ajmarks

Ajmarks
  • Topic Starter

  • Members
  • 116 posts
  • OFFLINE
  •  
  • Local time:09:34 PM

Posted 10 September 2013 - 09:57 AM

hmmm no reponse, 93 views, and almost 5 days. I would post logs but I'm not sure what to post...as mentioned above I gotz logz out my earz!

I'm sorta ready to just dban everythign (tech guy @ work just mentioend this program) and reinstall...but even THAT i'm not sure how to do or if it will actually help.

 

I need help. My tech @ home...all of it...is basically useless and I keep falling further and further behind in work and personal life because of this (can't complete work @ home because can't reinstall/install needed programs, can't pay bills online or order items I need for my house because I don't know my computer is clean enough to use my cc; can't forget about all this and watch TV because I don't have cable and my TV comes from the internet; etc.). Add to that I'm going through cancer treatment and all this buildign stress is NOT good for me (TMI? well i figure gives a sense for why I am so desperate. I swear there is a special place in hell for some of these hacker/virus creators!)

 

Someone please....



#3 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,753 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:34 PM

Posted 10 September 2013 - 06:40 PM

It looks fairly complicated so I suggest...

 

Please follow the instructions in THIS GUIDE starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it HERE. Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#4 Ajmarks

Ajmarks
  • Topic Starter

  • Members
  • 116 posts
  • OFFLINE
  •  
  • Local time:09:34 PM

Posted 16 September 2013 - 12:50 PM

Thanks Broni.

 

I just wanted to post to say I am working on following the steps you gave me. Been a bad cancer week so I've not had a lot of energy and with 4 computers- its a process. Anyway, I am working on getting what I need together to repost in the other forum.

 

Out of curiosity- will I have to wait ANOTHER 5 days after posting that post or is this wait time included as well?



#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,753 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:34 PM

Posted 16 September 2013 - 06:28 PM

I can't predict how busy malware guys are.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#6 Ajmarks

Ajmarks
  • Topic Starter

  • Members
  • 116 posts
  • OFFLINE
  •  
  • Local time:09:34 PM

Posted 16 September 2013 - 10:23 PM

I keep trying to post in the forum you suggested and get the "you don't have permission to do that" message. I've tried posting with a link, a hyperlink, all attachments, no attachments. Can't get it to let me make a new topic. Thoughts?

 

FWIW...here are the logs I was trying to include....

 

Logs removed. ~ OB


Edited by Orange Blossom, 17 September 2013 - 11:29 PM.


#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,753 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:34 PM

Posted 16 September 2013 - 10:30 PM

DDS logs are not allowed in this forum.

Please edit your reply and remove them.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#8 Ajmarks

Ajmarks
  • Topic Starter

  • Members
  • 116 posts
  • OFFLINE
  •  
  • Local time:09:34 PM

Posted 16 September 2013 - 10:36 PM

Okay...I'll remove them here...but that doesn't actually address my issue of NOT being able to post (or post anything period) in the forum you sent me to :( what gives?!?

#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,753 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:34 PM

Posted 16 September 2013 - 10:41 PM

Oh...that's the problem.

Let me report it to the staff people.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,753 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:34 PM

Posted 16 September 2013 - 10:42 PM

Leave DDS logs alone here for now.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#11 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,041 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:03:34 PM

Posted 16 September 2013 - 11:57 PM

Hello,

 

I was going to prune off extra posts and move the logs to the log forum for you since that is actually the forum you originally posted in.  However, I see that you have logs from multiple computers posted here.  That will greatly confuse things.

 

First, have you isolated each of the computers?   If not, you need to do so.  Otherwise, the computers will keep infecting each other.

 

Next, one topic per computer.  Since you were able to post in that forum initially, I'm not certain why you are not able to do so now.

 

Please create a fresh topic for each compromised computer.  Include in each topic a link to this one and state that you were referred to the log forum.  Also, please include in the title something that will let the team know that each topic concerns a different computer.  Eg. Computer 1, Computer 2.  If you are not able to post with the logs, post without the logs and state that you are not able to create the post with the logs - something is preventing you.

 

Once you have created the new topics, please post back here stating that you have done so.

 

Orange Blossom ~ forum moderator.


Edited by Orange Blossom, 17 September 2013 - 12:00 AM.

Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.


Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Internet Security, NoScript Firefox ext.

animinionsmalltext.gif

 


#12 Ajmarks

Ajmarks
  • Topic Starter

  • Members
  • 116 posts
  • OFFLINE
  •  
  • Local time:09:34 PM

Posted 17 September 2013 - 05:51 AM

What do you mean isolated the computers? They all use the same wifi router but aren't actually a network like sharing files or anything. They share a printer but only because it too is on wifi. I don't have a "homegroup" or anything like that I know about. Is there more I need to do to "isolate" these?

Thanks for helping me start to sort all this out...ill get working on those seperate posts and report back here when done. Busy work day for me so might take a day or two :)

#13 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,728 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:03:34 PM

Posted 17 September 2013 - 08:55 AM

Hi Ajmarks.

Just letting you know that the problem preventing you from posting in the log forum was due to a site protection system getting a little overexcited. The problem has now been fixed. . . please let us know if you are still unable to post.

Thanks and sorry for the trouble.

~Blade
Forum Administrator

animinionsmalltext.gif
If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!


#14 Ajmarks

Ajmarks
  • Topic Starter

  • Members
  • 116 posts
  • OFFLINE
  •  
  • Local time:09:34 PM

Posted 17 September 2013 - 08:57 AM

Thanks Blade! I'll work on getting the seperate posts/logs/attach files posted today and tonight :)



#15 Ajmarks

Ajmarks
  • Topic Starter

  • Members
  • 116 posts
  • OFFLINE
  •  
  • Local time:09:34 PM

Posted 17 September 2013 - 08:31 PM

Seperate posts done and all logs were able to attach :)

 

Also, FWIW in checking that my post showed up correctly I stumbled upon this post...seems like A LOT of the stuff that happened on my computers (including the weird desktop.ini files in all my folders!!) Not sure if this is helpful but thought since it was soo similar it might be relevant. Haven't done anything suggested here though since I had my own post already and I am trying to be patient :)
http://www.bleepingcomputer.com/forums/t/506405/unknown-undetected-virus-now-created-authorized-user-permissions/






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users