Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hacked


  • Please log in to reply
8 replies to this topic

#1 LakeMaMa

LakeMaMa

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 08 June 2007 - 08:53 PM

I am not sure where to post this topic of having been hacked so before I go in to it, I would appreciate any guidance. Thanks, LakeMaMa

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,506 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:38 PM

Posted 08 June 2007 - 09:15 PM

If your post fits the description below, have at it. If a moderator thinks a post is more fitting in a different forum than it is posted in they will move it to a more apt forum.

Am I infected? What do I do?
Think you might be infected with a virus, spyware or worse. Don't know what to do or where to post? Start here and we'll help you figure it out. Or if you just want to vent about a PC invasion, then feel free to let it out! just keep it clean.
No HijackThis logs should be posted in this forum.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 LakeMaMa

LakeMaMa
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 08 June 2007 - 10:03 PM

Thank you, buddy, this has certainly been a nightmare. I am running XP PRO with Avast, Sygate Pro, Spyware Doctor and Spysweeper with an occasional Sybot sweep. One morning last week, I awoke to deleted shortcuts, entire programs and data missing from my C drive and the partitioned D drive. I called Sony, Microsoft and had a tech from he Geek squad up here. We checked the hard drive, of course, and ran everything under the sun. We found a time that things were modified but no footprints. We ran an undelete program from the desktop to see if we could see everything and we could but but with a deleted line through them. I could open files and Jpegs from this program. I was not comfortable using this software and really want to send the hard drive in to assure that the data, folders and programs will GO BACK to where they live without writing over a shadow. Microsoft was baffled. Believe that? They suggested that I had been hacked, to send the hard drive in, get a copy of the data and format. I am still wondering if this is a hacking or something else. I re-downloaded reg mechanic just to run it and it too sees the files, over 4,000 of them. Lots of dll's...so on. I definitely did not want to use that for repair knowing it would delete much and I would lose the pathways to the programs and files. I bought a new tower but I am afraid to transfer any of my data from the old one if I have been hit. How will I know that I am not putting the new one at risk? I am not convince of anything yet because no one really knows what happened and I was wondering what else I can run without writing over my files. Any thoughts anyone? Could this be simpler than it looks or am I in as much trouble as I think that I am in. Thanks for your help. LakeMaMa

#4 Shad0vvs

Shad0vvs

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Places
  • Local time:01:38 PM

Posted 08 June 2007 - 10:13 PM

I suggest you download Hijack this from: http://www.trendsecure.com/portal/en-US/th.../hijackthis.php
And then post your log in the Hijack this log's catagory. It could remove any hacking programs or other malware that may delete programs, ect from your computer.

If your worryed about hacking you could check to see if thats true by going to start, run and typing in 'CMD' and then typing 'netstat -b' and check if you arent familiar with any of those programs that are connecting to the internet.

#5 LakeMaMa

LakeMaMa
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 08 June 2007 - 10:33 PM

ShadOvvs, thank you. It wiped my HJT out too and I know I have to download this to my hard drive again and not to my desktop. Would this wipe out any already deleted files downloading HJT again to a place that they may reside but I cannot see them? So concerned about this.

#6 Shad0vvs

Shad0vvs

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Places
  • Local time:01:38 PM

Posted 08 June 2007 - 10:37 PM

Would this wipe out any already deleted files downloading HJT again to a place that they may reside but I cannot see them? So concerned about this.

Can you rephrase that? I can't understand it that much.

#7 rlprlp

rlprlp

  • Members
  • 198 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 08 June 2007 - 11:00 PM

Good responses, Shad0vvs. However, if I am not mistaken, the HJT team does not really care for that version (Trend Micro) of HJT. I believe that the preferred version can be found here:

http://www.bleepingcomputer.com/files/hijackthis.php

Good luck, LakeMaMa!

#8 LakeMaMa

LakeMaMa
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 08 June 2007 - 11:05 PM

Sorry for the cryptoquiz I am truly exhausted trying to rectify my situation for two weeks. What I am trying to say is that when I ran Get Back Data from desktop, I could see the files and could open many but they all had a line through them. If I peruse the registry, a C drive, a D drive I cannot see the files. They have been removed, deleted, moved, maybe, although we did not see a partition of files anywhere on the hard drive.

If I run any program on either drive that has all of my files really there but hidden, will I be overwriting them by downloading any program such as HJT to either drive with deleted files on them but files that can be recovered. We just cannot see them.

Edited by LakeMaMa, 08 June 2007 - 11:07 PM.


#9 Shad0vvs

Shad0vvs

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Places
  • Local time:01:38 PM

Posted 08 June 2007 - 11:23 PM

Well if something's hiding all your files there must be something harmful on your computer, try doing a Scan for anything thats harmful. In the meantime try going on my computer and checking the properties of c: to see if the files are accualy being deleted or just hidden. Follow the directions after the scan (If they give you any).




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users