Hacked Computer

[unionrdr]

This is what I would do:
A. Get your data saved to another hard drive (e.g., 1TB external USB, $60 shipped). Or buy a new primary one.
B. Install Windows from scratch. Unless you use a new primary drive, overwrite everything on that existing hard drive
C. Install a good virus program. Malwarebytes is good to have alongside.
D. Copy the data back
E. Enjoy your "new" system

That idiot brake light could be low brake level fluid, a stuck floater, or even a loose wire in that circuit. Could also have to do with the ABS system if you have one.

Nice lookin hard drive for the price. Too bad it isn't made to fit my "portable media drive" in the front of my tower. Gunna search the site for one. Windows vista disc has a recovery something or other on it. Just gotta find it.
**So much for ading the site to my favorits folders. Can't add anymore since I saved bleepingcomputer.com on temp desk top. Another on the to do list...makes me feel like Samuel Jackson's character in Jurassic Park. "Please! Dammit! I hate this hacker crap!".

 

[unionrdr]

Well,since he was stubborn enough to be so thorough in his dirty deeds,I can be just as stubborn,exhausting every other means of recovery before admiting defeat & wiping the drive. Still waiting for the response team on bleepingcomputer.com to responde with what to do next. But I gotta say,you guys have been very helpfull in your efforts to help me. Looking back,I'm not sure what I should've done first. Comp warned me not to reboot,or I'd loose the various files. But I dood it anyway. Big mistake. But on the other hand,I didn't know about vipre security scanner or Rkill,etc before Newsman started helping me,& you guys chimed in. Anyway,my point being I'm still not sure if bleepingcomputer's program to restore desktop,etc was better to do first,or vipre? Viper scans every single line of programming. Then cleans or quarentines them. The program on bleeping computer restores & removes,but not as thoroughly as vipre.And Idk if vipre could/would restore your desktop like bleepingcomputer's program does? It seems to look for the hidden files to restore them. But not every single one. 3rd party stuff seems to be on you to fix.
So I'm stuck waiting to get past e-check,b-day money gone. Need that external hard drive that retro-fits to USB 2.0,which I think I may have. USB 3.0 nowadays,I'm assuming for newer computers? I'm basically waiting for the response team on bleepingcomputer to look at the log files I posted from what the programs I've used so far tell them I could try next...

 

[plankbr]

Try this: In my extensive years of technology (computers being the easiest working in a large enterprise), malware or some viruses nowadays seem to specifically target the local profile, meaning all other profiles besides your own are not targeted. That being said, try creating a new profile from the control panel and give that profile Administrative privileges. Log off your current account and log on to the newly created account. See if the issues still remain. If not, then use this as your permanent profile and start copying over the contents of the 'old' profile (my docs, favorites, etc...) and see if that does the trick. If this proves successful and you feel you have copied over every bit of data you deem important, then simply delete the old, affected profile. problem solved (hopefully).

 

[MarcusKillion]

No worries, my friend! That's just the geek in me. As the link says, they make copies of all the shortcuts into a hidden directory then delete the original shortcuts. Now, either go buy a portable hard drive and/or sign up for a cloud storage backup! That way, you can keep all your important things in at least two different places! I keep all my pictures on three different external hard drives.

Exactly , backup . the most important thing you can do everyday . I use CrashPlan . Very good . After researching many I found it had the features needed and a price that was good . Unlimited space and i can allow my friends to backup to mine for free. So far I have backed up 399.3 GB and still going strong .

 

[IslandLizard]

I was just reviewing the problem again. New day, new thoughts

I gather you're on this machine right now. So it's functioning.
Do you have access to all your documents and the ones you were looking for? Or are they or some still missing or hidden?
If you can't see them now, you won't be able to copy them to an external/second drive.

It may be wisest to get a new primary drive. That will replace the one you have now. You can get one in the same price range, like $55 for 1TB at NewEgg. There's always something on special there. The central idea is, leave the current drive as is without wiping, modifying, or overwriting.
You'd never know, a few months from now you may want something that's still on there. Not all your files are stored in the My Documents folder.

Really, it would be helpful to have a savvy friend to assist or do this for you.

Bleeping is a good site with very helpful people, like HBT. They will have you run programs and post the results. They'll get ticked off if you change the recipe or hop schedule.
I'm sure you can get the thing working as it should with all traces of viruses and malware removed.

 

[Owly055]

You can access Windows files from a Linux installation on the same system. Control panel in Windows will allow you to shrink your partition if your Linux install won't. The file manager in Linux Dolphin or Konqueror will allow you to access files on the Windows partition in administrator mode.

H.W.

( 15 years on SUSE Linux )..... IT'S STABLE AND RELIABLE..... unlike Windows!!

I don't know how it happened,but my desktop & files are all gone. They're in memory,but access is denied? My book was almost done,but now I got a temporary desktop from windows. My wife's partition on the hardrive had something go wrong with services,bad logon failure,taking out mine as well? Anyone know how to use adminastrative tools to get it all back? I'm not very good with all the stuff in that little event log window. There's no button to fix or restore logged errors??? File backup won't work either. Some kind of denial. Please help me get back my files for my book,pics,etc!! *Malwarebytes found a malware program that hijacked my start up menu file. The files I'm missing are in memory,but I can't acess them. How to fix start up menu file??

 

[Rick91981]

When a virus is stubborn like this, there is often a rootkit that keeps it from being removed easily. Download and run TDSSKiller and see if it picks anything up. That program specifically targets rootkits. If it finds and removes something, then run Malwarebytes again.

The folks at bleepingcomputer will probably have you run combofix which is a great program, but highly aggressive. Backup everything you can before running it.

 

[unionrdr]

Well,I feel so violated,I don't know what to say. I doubt I'll get car through e-check needing new exhaust,etc to pass. Idk if I have enough money to do that,let alone pay for the stickers. I can't pay for anything new atm,let alone the external drive,clouds,etc. I'm in safe mode with networking now. Malwarebyte's rootkit beta didn't finnd anything. My life has been ruined by the electric company's new policies & some ****** I don't even know,let alone did anything to to diserve this. I don't know what to do at this point. May have to try the new profile thing. But that damn Vafmusic2 toolbar will have to go if I can find it. It's in my partion somwhere,but I don't use it. The kids do. I had vipre clean all the files,including Vafmusic2. But the malwarebytes I just finished running in safe mode shows it as hit again. Might have to say goodby to y'all till I can solve this. But keeping him out will be tough,from what I keep seeing. Vipre went through every line of code in my computer. More programs hit. Many lines of code for windows & IE have "_none_ in the program lines again where "_en-us_" is in some lines. I'm just plain stuck till I can get some money again. Can't even afford to do my taxes. My whole life is screwed nearly beyond my ability to fix it at this point.

 

[LLBeanJ]

Well,I feel so violated,I don't know what to say. I doubt I'll get car through e-check needing new exhaust,etc to pass. Idk if I have enough money to do that,let alone pay for the stickers. I can't pay for anything new atm,let alone the external drive,clouds,etc. I'm in safe mode with networking now. Malwarebyte's rootkit beta didn't finnd anything. My life has been ruined by the electric company's new policies & some ****** I don't even know,let alone did anything to to diserve this. I don't know what to do at this point. May have to try the new profile thing. But that damn Vafmusic2 toolbar will have to go if I can find it. It's in my partion somwhere,but I don't use it. The kids do. I had vipre clean all the files,including Vafmusic2. But the malwarebytes I just finished running in safe mode shows it as hit again. Might have to say goodby to y'all till I can solve this. But keeping him out will be tough,from what I keep seeing. Vipre went through every line of code in my computer. More programs hit. Many lines of code for windows & IE have "_none_ in the program lines again where "_en-us_" is in some lines. I'm just plain stuck till I can get some money again. Can't even afford to do my taxes. My whole life is screwed nearly beyond my ability to fix it at this point.

Sorry to hear of your troubles, bud. I'm an IT guy and I have several older Dell towers at work that I've pulled out of commission over the past year or so doing nothing but collecting dust. If you're interested, PM me your name and shipping address and I'll ship you one at no charge to you, with the hard drive formatted and loaded with a fresh copy of Windows and all the requisite drivers. It may not be a new hot rod, but it will be plug and play and you'll have something to keep you connected for awhile. I can also throw in a small USB thumb drive if you need it to copy your files over from your old system. Just let me know if you're interested and I'd be happy to do it.

 

[krackin]

Thank you for making the offer to unionrdr.

 

[IslandLizard]

Sorry to hear of your troubles, bud. I'm an IT guy and I have several older Dell towers at work that I've pulled out of commission over the past year or so doing nothing but collecting dust. If you're interested, PM me your name and shipping address and I'll ship you one at no charge to you, with the hard drive formatted and loaded with a fresh copy of Windows and all the requisite drivers. It may not be a new hot rod, but it will be plug and play and you'll have something to keep you connected for awhile. I can also throw in a small USB thumb drive if you need it to copy your files over from your old system. Just let me know if you're interested and I'd be happy to do it.

Awesome offer! You're the best.

 

[hoppyhoppyhippo]

Can I make a potential suggestion for my folks who want to get a computer fixed or something else. you can try posting on craigslist looking for computer help and offer to barter. Someone may be willing to do it for homebrew or something els.e

 

[unionrdr]

Thanks for the offers guys. I may wind up taking llbeanj or newsman up on the thumb drive thing. I got bumped back to like page 7 on bleepingcomputer. Bumped it asking if they're doing anything to solve it. I didn't know that about combofix. So it looks like I'll need backup either way? I should've guessed that'd be the case. My son's big lap top & a thumb drive might be needed at this point either way. I just wondered too if I wrote down the key code for BS2 if they'd let me dowmpload an update & use my original keycode To get it working again? Gotta do something...

 

[DrunkleJon]

Thanks for the offers guys. I may wind up taking llbeanj or newsman up on the thumb drive thing. I got bumped back to like page 7 on bleepingcomputer. Bumped it asking if they're doing anything to solve it. I didn't know that about combofix. So it looks like I'll need backup either way? I should've guessed that'd be the case. My son's big lap top & a thumb drive might be needed at this point either way. I just wondered too if I wrote down the key code for BS2 if they'd let me dowmpload an update & use my original keycode To get it working again? Gotta do something...

You should be able to install BS on a new install or different computer. If you have trouble just send them an email and they should help. Believe me, people have to reinstall their workstations enough that most programs will let you do so.

 

[unionrdr]

Good to know. I'll try to save the files part of the program & see if I can load'em in on the re-install,if it comes to that. Newsman's gonna send me a thumb drive I feel I can use with son's laptop to fix it. Unless bleepingcomputer comes up with something else I can do?!

 

[Homercidal]

I've reinstalled BS2 several times using the same code from the email they sent. I know the support is good about getting your code to you as well, so you won't have any problems installing it fresh.

 

[unionrdr]

Thanks. I'm going to save my BS2 files & all that stuff in the folder. Several corrupted/MIA files. Over the weekend I think I got the last 2 threat lines taken care of by vipre. Gotta save all the log files as well when I get the thumb drive. Plus some of the kids important stuff,if the mem space is available on the thumb drive.

 

[LLBeanJ]

Glad to hear you're on your way to getting it worked out. I've also got a few spare hard drives lying around (nothing special, probably 80 GB), so if you would like one so that you can leave your old one with all the files intact, let me know and I'll send one your way.

 

[unionrdr]

I'm trying to find out how big my hard drive is. On the computer page,it says drive C has 110GB free of 288GB. Drive D has 3.01GB free of 9.71GB? System page says 2GB of RAM memory?

 

[flars]

Try this PC cleaner. Offered by the company I have my anti-virus program from. It may pick up some items other cleaners couldn't get to.

http://www.f-secure.com/en/web/home_us/online-scanner?ecid=4465&pcid=4465

 

[Owly055]

I'm a bit baffled at the dead silence my suggestion received........ If you install Linux on the system it will NOT wipe the windows installation, but install on it's own partition or drive. With the Linux installation, you are absolutely immune to whatever took Windows down AND you can directly access files on the Windows partition. It's cheap, and it works. a linux install disk is very cheap. I have Linux on it's own partition on every windows computer I own...... and can access Windows files with no problem. You simply find the files, and copy them to a DVD or portable hard disk. You can then wipe the Windows partition completely........virus and all using Fdisk on the Linux install disk, and start over with a new Windows install. As long as you try to operate from within Windows, your virus or your virus checker will cause problems.......... Get outside Windows, and you will have no problems.

From the reaction my suggestion received (none), one would have thought I'd suggested something obscene!

H.W.

 

[Newsman]

Owly055 -- OP has already expressed that he's, personally open to Linux, but his family members aren't.

 

[unionrdr]

Thanks,I'll concider it. Only problem is,it leaves no files on your computer. So I take it it means it creats no log files? And the linux thing sounds interesting,but I have 3 family partitions already,plus backup (expressed as D drive). Not sure if I have room for it & run everything? Plus maybe enough $$ to get through e-check by 31st. So no more money to spend atm...

 

[LLBeanJ]

I'm trying to find out how big my hard drive is. On the computer page,it says drive C has 110GB free of 288GB. Drive D has 3.01GB free of 9.71GB? System page says 2GB of RAM memory?

You have one 320 GB physical drive partitioned into 2 logical drives: C & D

 

[unionrdr]

Ah,OK. Thanks for the explaination. Makes that 1T external hard drive look better all the time! Wish I had the $$ to have gotten it over the weekend when it was $10 off with coupon code. Something went wrong with my bank website personal codes & such a little bit ago from a text I got from them. You can well imagine the sick feeling that went through me. Thank GOD what little I have left is still there. Just a glitch from the hijackthis thing. I don't EVER wanna feel like that again!!!

 

[unionrdr]

Mediafire e-mailed me that they want the URL for the file so they can review it for terms of service violations. How the hell do I know where he sent "1cooldudeme.exe or 1cooldudeme <1>.exe"? Or would they mean the vipre file log? Damn thing doesn't save one I can find. I have a lot of files for what's been used to pull his stuff out,etc. But a lot are .dll's & the like. I asked them to clarify what exactly it is they want? I tried a 2nd time to explain that they are MY files He stole,once again giving the .exe file names used.

 

[Owly055]

Thanks,I'll concider it. Only problem is,it leaves no files on your computer. So I take it it means it creats no log files? And the linux thing sounds interesting,but I have 3 family partitions already,plus backup (expressed as D drive). Not sure if I have room for it & run everything? Plus maybe enough $$ to get through e-check by 31st. So no more money to spend atm...

The answer is simple.. Buy a USB drive, and install Linux on that........ salvage all the files you need, and then Fdisk the main drive and start over............

The best distro out there as far as I'm concerned is SUSE, and I'd recommend selecting KDE instead of Gnome..... It's easier to work with. The Konqueror file browser will not be automatically installed, but will be available to install during the installation or afterwards. It is the most versatile file browser / internet browser as far as I'm concerned....My choice hands down.

Find someone locally who knows Linux...... I'm in Montana, so I feel fairly "safe" ;-). It's a learning curve and this is probably not the time to be climbing that learning curve.


H.W.

 

[unionrdr]

I'm glad this thread will survive. I can't save links for some reason,or load youtube videos on here. Photobucket still works normally at least. I had to open "open office" as administrator to get past write error the normal way to write some more of my book. "save as.." still seems to be working in open office.
Anyway,I think you're right about the learning curve involving linux. Never worked with it before. Besides having been a long time since I've done a wipe & re-install. Not of these proportions anyway. Need to figure out just what exactly to save besides documents,pictures,files for programs I use & all that. What works & what's MIA/messed up besides....?...

 

[Owly055]

I'm glad this thread will survive. I can't save links for some reason,or load youtube videos on here. Photoshop still works normally at least. I had to open "open office" as administrator to get past write error the normal way to write some more of my book. "save as.." still seems to be working in open office.
Anyway,I think you're right about the learning curve involving linux. Never worked with it before. Besides having been a long time since I've done a wipe & re-install. Not of these proportions anyway. Need to figure out just what exactly to save besides documents,pictures,files for programs I use & all that. What works & what's MIA/messed up besides....?...

Windows has made it extremely difficult to save emails and bookmarks and address books.... Those and a few other things you don't want to lose are generally buried deeply in the windows directory.... I presume you use IE and Outlook Express.......... It once was easy, but in the more recent versions I've dealt with, they have eliminated the easy way of doing things. I use Firefox and Thunderbird......... though I haven't used Windows except for a single mission critical application for many years now.......... It may be better in the newer versions again.... I don't know. It was so bad for awhile that people sold software just for that purpose.

Newer versions of windows save your old windows stuff in a directory when you do a new install.........This is NOT a blessing if you are infected, as the infection remains. My rule with Windows is to do an Fdisk....... Which is a capability that no longer comes with a windows install disk. Fdisk wipes the partitions out completely and prevents anything from before from corrupting your new install. All Linux installations have Fdisk as far as I know....... It's part of the installation process. I normally use one of these when I want to wipe a Windows disk, and reinstall Windows for someone. In the Linux installation you just accept their default settings and go.........It will preserve your Windows installation, and install a boot manager. If you reinstall Windows, however, it will render the Linux installation inaccessible. There is a way to edit the boot sector, and restore it, but I usually just run another linux install...... I've never lost anything on a Linux install in many years of running it as my primary OS.

H.W.

 

[DrunkleJon]

I'm glad this thread will survive. I can't save links for some reason,or load youtube videos on here. Photoshop still works normally at least. I had to open "open office" as administrator to get past write error the normal way to write some more of my book. "save as.." still seems to be working in open office.
Anyway,I think you're right about the learning curve involving linux. Never worked with it before. Besides having been a long time since I've done a wipe & re-install. Not of these proportions anyway. Need to figure out just what exactly to save besides documents,pictures,files for programs I use & all that. What works & what's MIA/messed up besides....?...

My suggestion is to backup all files you want to keep (documents pictures, music, etc). Be sure to export your beersmith recipes and most browsers have an export feature that works well if you are using the same program in your reinstall.

I just last week reinstalled my laptop. You do not really have to be all that crazy about reinstalling. Most manufacturers have a recovery partition already installed. Under start menu/manufacturer name there is usually a recovery program. Well, that or when you first boot up use the option (F-8?) to choose what to boot to and one option is often the recovery partition which will allow you to do a full wipe/reinstall/return to factory.

I must reiterate though, when you get it back up and running create a new power user or regular account and only use the admin one when you really need it.