TWO Computers messed up!

Networking/Security Forums -> General Security Discussion

Author: funkerama PostPosted: Tue Jan 18, 2011 9:04 pm    Post subject: TWO Computers messed up!
    ----
Originally posted in the forensics section, but I don't think it's the right place:

I'm working on two machines for the same guy. Here's the scenario:

1 machine is an Alienware, souped up gaming machine, the other is an HP Laptop, both running Vista Home Premier.

He said about a week ago he started noticing some funny-ness on both. He tried installing a wireless card in the Alienware (D-Link) and that's when he thinks it started.

I was able to uninstall the D-Link software and a few toolbars and was able to run MalwareBytes (quick scan) ok, but that's about it. When I try to do anything network related on the machine, it locks it up. Now it's to the point where I can't boot the machine in to normal mode 100%, it comes up, shows the Vista screen, then goes black with a mouse cursor. I can do a <ctl><alt><delete> and log him out and restart and stuff from there, but it won't ever boot up. Trying to boot to safe mode the system stops on the "crcdisk.sys" entry, sits for about 5 mins, then reboots and tries to boot normally.

On the laptop, it boots up fine, I can log in, but when I click on "Control Panel" or try to do anything network related, it locks up. I can bring up the Task Manager, but it too will lock up so I can't do anything. Some things still work, but with the locked up task manager, I can't do much since it is over all windows.

He was using a local ISP (Time Warner) directly attached to the modem with no router in between so he was *on* the INet, no NAT. Very silly, but it is what it is.

Could this be a virus that has infected both machines, or does it sound like a corrupt O/S or HW?

Baffled since it's 2 machines....

Thanks,

Funkerama

Author: ryansuttonLocation: San Francisco, California PostPosted: Wed Jan 19, 2011 9:36 am    Post subject: Re: TWO Computers messed up!
    ----
funkerama wrote:

Could this be a virus that has infected both machines, or does it sound like a corrupt O/S or HW?


It could be a virus, some viruses will try to spread through the network and infect other machines. MBAM is good but there are plenty of viruses and malware that MBAM doesn't detect. You should post a log in our hijackthis forums, the guys there are amazing at finding and removing malware.



Networking/Security Forums -> General Security Discussion


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group