Virus & Spyware

Last reply by 12-04-2015 Unsolved
Start a Discussion
2 Bronze
2 Bronze
13176

Terrible hack, worst ive ever had, now I'm at a loss...

latitude e6500 2.93ghz core duo 8gb ram (my favorite laptop) - strange driver download while trying to go vga to rca (helping a friend) Several more "updates" followed, incl a dell cert idk if its thee dell cert.. i got upset backed up my stuff and went to reinstall with vistaBuis got a msg "hardware not compatible" but enough is there that my legit 7  dvd (downloaded & crypto oked from www.microsoft.com/.../windows7with my coa )can take over. i want the dell oem vista to help fix whats wrong but it wont finish, I'm currently on my Toshiba c655 s5130 (P-of-S!) with 1.5 ghz and 3gb ram (why its made for win64 ill never understand) because its got windows 10 &  latest updates as a sell point because i was trying to sell it.... no takers, but lucky me I'm on it because of my dells probs  (my Lenovo thinkpad is also starting this process)-  downloaded drivers, more came reinstalled but when it was done everything was different, NO features, wouldn't update, wouldn't validate unless i put my coa in a second time, terrible grafix, antient vers of IE and when i got google chrome my account was signed into by a macintosh and unix 0-0... i think i was the unix....because when i went to longhorn recovery via my dvd, though it says clearly windows 7 in the repair menu, the recovery utility states that its not windows 7 after looking around in the files its gotta be win7pe as only the very base elements are there, in this *** pe, networks go in circles, i have a drive named \\.\" in which C:\ and \\C:\ differ. using hiren's 15.2 i can use MBER to see several rootkits one is " ?/..../....windows/system32.. and rootkit revealer used like 5x in a row breaks it  (1 handler type bsod) most of the time enough to let me dig thru whats really going on: the constant X: A:B: :R: along with the cbdand e drives (that shift in dos) the floppy drive  with 200mb of inaccessible junk (my dell has no floppy) it flashes something about a PXE after my bios splash so fast i can only read PXE and no stack tried dban, tried nukedisk,  read  registry enough to know my zip and exe files are being handled locally in shell one of six, so i ask you these questions of four: 1 can i save my HD its 3 weeks new, 2 how bad is my network bad? 3 is my Toshiba w/10 &cloud probably not as okay as i think?4 is this  thing in my bios ? this dell is my favorite lappytop please say i can fix it, its aging and just outta warranty but i don't make nearly what i did 6 years ago =[

I'm no programmer or engineer, i work full time outside the field, I'm a hobbiest i fix the stuff that should be going to recycle 4 or 5 brokens make 1 decent and with a stripped down legit xp or Ubuntu if no coa, work well, and give them to the very poor so they can enjoy what i do so much, i  do repairs for friends for a hug and handshake, and sell the broken stuff that i buy from ebay. ...so you can be detailed but don't blow me away =] 

I'm not an engineer or programmer, I'm a hobbyist, with a full time job outside the field, i give what i cant sell back to those without. means..its rewarding

---------------------------------------------Current best Desktop optiplex 990 sff Current Laptop Lattitude - e6420 (both remade from scrap on my bench)------------------------------

Replies (2)
2 Bronze
2 Bronze
261

little update, i was messing around spoofed computer name to be 'NT4.0' spoofed it in a different location as 'windows' named my workgroup 'ubuntu', also in user acct controls turned family safety features and guest acct on, couldn't create another so i  saved which required a reboot strangely,  and in the profile select it showed my acct and guest acct.... i clicked in between the 2 accounts and it required a password....  tried again, same. i was busting out my camera (i have pics) when the 3rd time gave me access, i saw that allusers is a profile full of another install under it,  defaultuser is empty yet default has those features my account should have, saw mypictures in the documents of allusers things, there was 100's of files in driverstore many with $- wildcard type names that's when i noticed windows fax and scan  were busy trying to print what I noticed media player was trying to play enhanced content......  eyes widened by all of this i went into user added network protocols and started clicking delete and pressing enter before i lost the rights, there were hundreds of user added protocols....  turned off any and all sharing in network and sharing center.. put a few drivers on with a usb stick, incl setup to flash bios which required a reboot no more pxe stack ***  after post....i.funniest thing was that my hd had 0 of 0gb available idk if its winPE anymore...im happy my bios flashed clean....so now its been configuring settings for an hour, i guess ill let it resume while i say g'ni cya tmrw

I'm not an engineer or programmer, I'm a hobbyist, with a full time job outside the field, i give what i cant sell back to those without. means..its rewarding

---------------------------------------------Current best Desktop optiplex 990 sff Current Laptop Lattitude - e6420 (both remade from scrap on my bench)------------------------------

7 Plutonium
261

Let me preface this by saying it's very difficult to read-through and comprehend exactly what your problem is.   Assuming it's a malware attack:

Be advised that one-on-one Malware Analysis/Removal is no longer done at the Dell Forums.  

Please follow the directions at http://spywarehammer.com/simplemachinesforum/index.php?topic=12262.0 to register and post the requested DDS logs at spywarehammer.com ; there are expert helpers there who can "walk you through" procedures to analyze your system, and clean-up the infection.   All help provided there is FREE.   If you decide to go for help there, please wait for a response, and do NOT attempt to run any other scans/removers on your own --- do exactly what they instruct you to do, no more, no less.

Good luck!

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 10 Pro (64-bit), Windows Defender, MBAM4 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, WinPatrol PLUS, SAS (on-demand scanner), uBlock Origin, Microsoft EDGE, Firefox, Pale Moon.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

Latest Solutions
Top Contributor