Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

A Complicated Issue with Possibly Compromised Data


  • Please log in to reply
No replies to this topic

#1 LittleGreenDots

LittleGreenDots

  • Members
  • 444 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Metro Detroit Area
  • Local time:11:26 PM

Posted 31 January 2018 - 03:54 PM

I have a complicated problem and am requesting some suggested solutions, if there are any.

I've experienced nagging and persistent computer issues for a few years now.  Two or so years ago my computer was hacked and I was busy with family matters at the time and could not address issues right away.  The initial problem was files disappearing entirely from my hard drive.  I teach guitar and had thousands of music files on my hard drive.  What was stolen was very selective, all rock/blues materials gone but my classical and fingerstyle files were left intact.  Another item stolen was the key to some software I had stored.  I get periodic messages from Corel that I am using illegal software and I have to go through a procedure to verify my software is legit.  This happens every three months or so.

I've had this computer in the shop numerous times (Toshiba running Windows 7) and have submitted here for virus/malware testing.  Nothing ever shows up...except the problems do reoccur almost immediately after being tested.  Clearly my infection, or whatever you call it, is something that can't be detected easily with the various tools used to find these problems.  

A computer programmer friend thinks I might have a keylogger connected to the computer.  I have similar issues on three different laptops.  I ran a test of the ports that have established links through netstat -ano and one of the ports that had a constant link was a port that is associated with a program called Laplink, used to transfer data between computers.  

I am most concerned with only one as it contains my entire life's work and if this problem can be transmitted to different computers and external hard drives, than just about everything I've ever done could have compromised.  My friend tells me to destroy all my externals and remove the hard drive from the machine and have it reformatted with a low level process.

I am trying to figure out some way I can keep the data and monitor it somehow to see if anything buried in the files tries to call home.  I have a spare desktop computer that will run all my software and I was thinking of installing it (the software) and then transferring the possibly compromised data to it and at least have access to the files for printing.   I would not transfer files FROM this computer.  I don't know if it is possible but I am wondering if I can run all the programs in a VM and find a program that will record if anything other than the software and windows tries to call home.  I am an avid photography enthusiast with over 200,000 photos and I can't just delete them:  I have no idea if any were infected or if any backdoor programs were hidden among them.  Most all of these photos are stored on external HDs and have been exposed to the possibly infected computers over the past two years.  

As for my future work, I have purchased a MacBook and will be performing an industrial strength disk cleaning (similar to the one Hilary Clinton used on her email drives) and installing Linux.  I just don't have warm fuzzy feelings about Windows.  Yes, I know that both Linux and Mac have viruses, too.

I know whoever hacked me was most interested in my music files (all my teaching materials, heavy on rock and blues in content.)  I don't keep a lot of photos on my computer and do transfer to them external hard drives, where they are stored.  

Any suggestions on a solution to my problem?



BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users