Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

need help


  • Please log in to reply
4 replies to this topic

#1 rangerray

rangerray

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Las Vegas, NV
  • Local time:12:14 PM

Posted 18 April 2012 - 06:33 AM

Need help, have hacker who has severely taken over my system. I am currently running Windows XP Home w/SP3. I need someone who can help me by assisting in clean up of my Registry. He hides in files S-1-5-18, S-1-5-19, S-1-5-19_Classes, S-1-5-20, S-1-5-20_Classes, S-1-5-21, And last S-1-5-21_Classes. He has given himself Permission, under Advance setting, where it says Inherited from, the S-1-5-18 sits there, instead of it saying not inherited. He has total accesss to whatever i am doing. I am keeping this short, because He'll find a way for me to delete this. He pops something up, I hit the X tab on top and then my page is deleted. I hope someone can help!

Mod Edit: Merged topic posted in XP ~ Hamluis.

Edited by hamluis, 18 April 2012 - 11:33 AM.
Merged topics.


BC AdBot (Login to Remove)

 


#2 rangerray

rangerray
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Las Vegas, NV
  • Local time:12:14 PM

Posted 18 April 2012 - 06:40 AM

I hope this is Ok, I'll pop in and add more, so I don't lose the whole page as before. I have reinstalled my operating system over 150 times in the last 6 months. I am talking Windows XP, XP Professional, Vista, 7, Ubuntu, Xubuntu. I have used over 20 hard drives, 8 different motherboards, Dell, AMD, HP, different type DVD Roms, rewriters, cd roms, etc. This hacker has to be hidding in my MBR on each different Hard drive. I have tried Erasing them, but it gives me a fake screen, making me believe that I am erasing. I hope this information helps. About 8 months ago, i let someone into my computer who i thought was Microsoft, since then my computers haven't been the same. I have two the hacker has changed my BIOS to set CMOS as cleared, instead of turning on at default. The other one is a virgin, I haven't done anything to it. I won't use this one til i am sure i have no unwanted guests.

Edited by rangerray, 18 April 2012 - 06:50 AM.


#3 rangerray

rangerray
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Las Vegas, NV
  • Local time:12:14 PM

Posted 18 April 2012 - 09:13 AM

Hello, i definately need help. I was following instruction for new computer operators, used TCP view, and found out that i am part of RIPE Network, for those who don't know, this is a overseas network site. I didn't know that myself, until i looked it up. This is a continuation to my hacker problem/S-1-5-21 files. Thank You!

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:14 PM

Posted 18 April 2012 - 11:04 AM

Please keep all info in one topic: http://www.bleepingcomputer.com/forums/topic450518.html/page__p__2669587__fromsearch__1#entry2669587

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,259 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:12:14 PM

Posted 18 April 2012 - 04:15 PM

You have made quite a number of incorrect assumptions; the information you have provided based on those assumptions gives no hint of any attack or infection of any sort.

For example, S-1-5-19, S-1-5-20, and the others are well-known, documented, and vital parts of every Windows install. They are identical across all versions of Windows and do not change simply by reinstalling. They are by no means an indication of successful or even attempted hacking attacks in any way, shape, or form. It is the equivalent, in physical-world terms, to saying that since your front door has a lock on it, you must have been robbed.

You also state that you've reinstalled various operating systems, even non-Windows operating systems, an obscene number of times on an absurdly large collection of hardware. As a rule, software is specific to a particular machine environment and are not portable across environment paradigms without extensive and difficult modification. The most successful example of a malicious program extending to affect more than one machine environment is the Stuxnet worm, which most agree must have been the strenuous effort of a wealthy government. To be blunt: it's almost a certainty that attacking your computer in the method you are perceiving is economically impractical for any adversary unless you happen to be storing nuclear weapons secrets or you have an on-going personal blood feud with Bill Gates.

RIPE is the Regional Internet Registry for Europe and the Middle East. What that means is that everyone on "the internet" in that region of the world is part of RIPE, because RIPE is "the internet" in those regions.

Edited by Andrew, 18 April 2012 - 04:18 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users