Vista Tutorial - Infection Resolving Team

Just fixed my computer from some sort of lockdown virus;-

So today I tried to login nice and normally only to find after authenticating my computer locked everything down on me and blanked the screen. So, I done the old [ctrl] +[alt] +[del] and opened up the taskmgr. I then went to new task and tried to open command and was told it was protected. I then tried to open the explorer, again - protected.

After about an hour of messing around and reconfiguring things via offline command and start up repair I finally regained control.

Anyone know what caused this?

Fmjc001,
How is your computer set up again? You had told me when you first started posting in this thread that you had a pretty insane set-up for security precautions.
Can you plz inform me of those again and i think i will be able to help.
Also can you provide any more information on the so-called virus

Thanks
Ben

Yeah, My computer has what I would classify as inpenetratable
security precautions, obviously I was wrong. Now, i'm not sure if it was a virus or a hacker because my AV didn't detect anything whatsoever and neither did my firewall.


Security precautions;

• Elevation requires admin user-name and password on secure desktop
• 256-AES HDD Encryption
• Secpol + GP are set to the most restricted settings for every user account except mine. Most things in the secpol have been set to require admin membership for even basic things like shutdown.
• Anti-Virus, Anti-Spyware, Anti-Malware, Anti-Adware...basically every type of protection software is running on my PC.
• All passwords are at least 50 characters and contain upper & lower case letters, special characters and numbers. (Also expire every month)
• Some custom scripts, for example at logon of an admin - they are removed from the admin group unless they have my username.
• The build-in admin has had a name change and password of over 100 characters (mixed) and is disabled.
• You cant boot from anything other than the HDD without a secure password. (Well you can, but you would have to take my computer apart and that has not happened unless I was asleep or something...) *You cant boot into safe mode either without the password.

Well I think that's all.


Virus/hacker/whatever;

• Boots - OK.
• Logon - OK.
• Start something within one second of logon via taskmgr - OK.
• Start something a few seconds later including explorer - error
• I got a black screen instead of a desktop and when I tried to execute anything it told me it was write-protected.

Any ideas?

I totally agree with you. I dont see how this happened. I think it could have just been a glitch. If it happens again let me know and ill do exstensive research into this.
You must remember, computers can glitch sometimes. Maybe it just bypassed something at start-up. You seem like its undercontrol. I dont think it was a virus or anything though. That wouldnt make sense.
Ben

Yeah, Its all under control. I will be very vigilant for the next few years just in case...

Hey everyone,
Please help me raise awareness about this thread. Whenever someone posts a virus ect related problem, please refure them here so that we all can help them. It is a lost cause to have this is everyone just posts normally.
Thanks,
Ben

I have never used an anti virus software since last 2 yrs. Though i make use of Windows Defender and Malware-Bytes(sometimes). I do surf the internet, download all mess and free items which i like, but never came across a virus yet. Strange!
I have also tried clicking those free ad popups so that i can atleast see a virus on my computer but still nothing...

dinesh,
there are viruses that are "hidden".
Certain viruses, trojans, ect can lurk in the backround very easily and steal all different data and whatnot.
Maybe just try installing avast and run a scan and see if it can pick up anything.
I would like to know what those results would turn up
Let me know if ur gunna
Ben

If you don't have some real time protection going all the time and an AV monitoring and you surf a lot and download all types of freeware programs then I can almost guarantee you have SOME type of malware hidden in your system.

I second Airbot,
Certain hackers will go around for YEARS! planting non-executive viruses, worms, trojans, ect and the one day they will execute them all at once.
There are certain stories online about these and how the hacker had nearly infected over 3 million computers over a span of 4 years. They luckly cought him though before he executed them.
I would strongly suggest you download some sort of AV and AS and AM. Even if you have them shut off, NOT A GOOD IDEA, but if something does go wrong, you can quickly turn them on. And if you get some program like Avast, Spybot, and MalwayeBytes, they are lite programs so they wont bogg your computer down.

Let me know what your feel on this is,
Ben

Also, certain "newbie" hackers will check to see if you have AV and AS ect ect.
If they see you do they will just skip over your machiene. This also includes AV that is turned off. They will still see it installed and will back off. Remember i am talking about NEWBIE hackers, not novice or professional.

Let me know,
Ben