Hacked Computer

Homebrew Talk - Beer, Wine, Mead, & Cider Brewing Discussion Forum

Help Support Homebrew Talk - Beer, Wine, Mead, & Cider Brewing Discussion Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
Browser "About internet explorer" In the window coming down from the gear symbol says"IE9.0.8112.16421,update version: 9.0.8,(KB2719177)". I looked for KB 27119177 & it couldn't find it? WTF? Will try fix option again...
 
It must be hidden somewhere it's not supposed to be. Nothing works. The fix is just the uninstall IE9 page. They want all personal files saved on a seperate drive,which I don't have. I just can't get this version of IE9.0.8 to come up anywhere else?...
 
I have not taken the time to go through and read the whole thread. Ensure your data is backed up, preferable in a few different plances(recommended at least 3, with one off site(online, a friends house, etc.) Then I would run combofix if you have not already. http://www.bleepingcomputer.com/download/combofix/

If combofix is not catching the OS corruption that the malware software caused I would recommend reinstalling. You may be able to fix it with out doing that, but you may also spend hours and hours working on it while a backup/reinstall will fix it in a shorter period of time.

http://www.windowsreinstall.com/ has step by step on how to do the main part of the reinstall for all versions of windows, with pictures.

From there you would need drivers, which vary from system to system and we would need more details on that.

I know for most this is not an ideal solution and I understand if you choose not to take this path.


Combofix itself is often a last ditch effort, as it digs through a lot of the system to try to repair it and can cause damage itself due to this and should be used sparingly and only if all data is backed up.
 
link in post #124 doesn't work. Just get blank page. always happens with literally ANYTHING that has to do with fixing this thing. Never saw such BS in my friggin life. Nothing works. Even if after a couple hours of cussin & I finally get the page,it can't find whatever & can't work or finish for some dumb reason. That fix it link should work,but page won't pop in.
 
Nashbrewer said:
I have not taken the time to go through and read the whole thread. [...]
Click to expand...

I don't blame you!

This debacle has been going on for over 10 days, just saying. I think everyone but a few have unsubscribed or are ignoring the banter.

If the OP can rebuild IE8/IE9, as StPug is helping him to do by walking through the steps, and everything works as it should then the OP's computer virus problem is mostly solved.

Keep those fingers crossed!

If that fails, post #115 outlines a procedure I recommend. After saving (backing up) his "personal data" the OP has the option to reimage to factory-new. That should take care of all drivers too.
 
I have NOTHING to back anything up to until that thumb drive gets here. Back up & restore dosen't work. No record of IE9 in updates to uninstall. Many of the links simply DO NOT WORK! This thing really is messed up that bad! It's not me so much as this pos not responding as it should. I know how to click on links & follow instructions. They just simply don't work,won't load or won't complete successfully. I defy any neigh-sayers to come over here & try it. Trust me,it ain't me so much as this thing just plain won't work anywhere for anything. Till the back up stuff gets here,I got nuthin. Bleeping computer bot asked for more files,but bumped me back to page 6 a lil bit ago.
I wouldn't touch combofix with a 20' poll. Does more harm then good. Everything else takes money & resources I simply do not have. Sorry if you kids & well healed folk can't understand that. I say kids because I have kids 20 & 30 something. Even my wife's mad at me for drawing bad karma. WTGDF?? I'm not stupid,just not up on systems like these that're 100 x's more complicated than in the 80's. Not my fault the SOB won't do what I tell it too that you tell me too. It's not my fault...:(
 
plankbr said:
Try booting in safe mode 1st and running malwarebytes from there. That should catch the rest that aren't residing in memory during normal mode operation. Do a complete system scan also.
Click to expand...

+1

I've not read the whole thread, but serious +1 on this; it's how I start *ANY* computer cleanup brought to me from work or churchmember or whatever. Reboot in SAFE mode after you've got a copy of MALWAREBYTES from another computer download.

SAFE MODE is also what I'd do first to save MY DOCUMENTS to the external drive when you get it.
 
You can start copying your files (backing up) to Google Drive... 15GB per account. I doubt you have that much data (documents, pix, etc.) you want to keep. And if you do, that 4 or 8GB flashdrive ain't enough by itself.

Alternatively you can burn CDs or DVDs with that data.

There is no need to copy (or backup) programs, windows files, temp browser files etc.

You do want:
  • All personal documents and files of each user on that computer
  • Personal documents and files stored elsewhere
 
Take it easy, Chief. Nobody's blaming you. Obviously, you're frustrated and that's perfectly understandable.

I think those of us that work with computers for a living may take a lot of our own knowledge that the average user doesn't possess for granted, in that we forget that non-geeks may be a bit intimidated at the idea of blowing away their OS and reinstalling. However, my experience with trying to unfark these sorts of issues is pretty much what you're experiencing; nothing you try works and the usability of the system just gets worse with everything you try. Once you've been through this a time or two, you quickly learn that if a breach/infection/corruption can't be fixed in 30 minutes to an hour, you'll be far better off and less time wasted to just write it off as unresolvably hosed and accept the fact that drastic measures are going to be required. It's for that reason that so many of us had advised you to nuke the thing and start with a fresh OS install.

If it were me I'd shut the thing down and go back to it when I had the means available to back it up and rebuild it. Don't worry about the reinstall, you have an entire team of qualified folks right here that will help you through it. And the good news is that things tend to work in a predictable manner when coming off a fresh install, as opposed to what you're dealing with now trying to save something that is hopelessly beyond saving.
 
LLBeanJ said:
Take it easy, Chief. Nobody's blaming you. Obviously, you're frustrated and that's perfectly understandable.

I think those of us that work with computers for a living may take a lot of our own knowledge that the average user doesn't possess for granted, in that we forget that non-geeks may be a bit intimidated at the idea of blowing away their OS and reinstalling. However, my experience with trying to unfark these sorts of issues is pretty much what you're experiencing; nothing you try works and the usability of the system just gets worse with everything you try. Once you've been through this a time or two, you quickly learn that if a breach/infection/corruption can't be fixed in 30 minutes to an hour, you'll be far better off and less time wasted to just write it off as unresolvably hosed and accept the fact that drastic measures are going to be required. It's for that reason that so many of us had advised you to nuke the thing and start with a fresh OS install.

If it were me I'd shut the thing down and go back to it when I had the means available to back it up and rebuild it. Don't worry about the reinstall, you have an entire team of qualified folks right here that will help you through it. And the good news is that things tend to work in a predictable manner when coming off a fresh install, as opposed to what you're dealing with now trying to save something that is hopelessly beyond saving.
Click to expand...

Honestly, imo this is the most sensible approach you can take. I have been in charge of multiple computer labs with over 120 total machines plus supported other faculty members, who like the OP, were not so technically savvy with their personal machines. You will drive yourself crazy trying to put a desktop machine back into a stable state after it has been infected to the degree the OPs apparently has. My advice is to wait until you have the equipment and knowledge (and you're getting a lot of good FREE support in this thread) to backup any data you want to keep and then make a plan on how you are going to backup, wipe, reinstall your OS and applications, and restore your data.

Hopefully the one thing that will benefit you and everyone reading this thread in the future is that you have to assume the worst and plan for it. Making multiple regular backups is a good, but not in itself sufficient, first step.
 
Homercidal said:
Does anyone want to suggest a teamviewer session to log into his computer and have an actual look at it?
Click to expand...

I don't know if it would do much good now. By his descriptions of what he's up against, I doubt any of us would be able to do much with it. Sounds like the deepest, darkest bowels of the registry are occupied by some nasty chit. I was thinking that any one of us could log in with a Remote Desktop connection once he has reinstalled Windows to help him resolve in any lingering issues related to the reinstall.

Actually, now that I've written that, assuming it's even possible to make a Teamviewer or RDC connection to it in its current state, it might not be a bad idea to give it a try when his thumb drive shows up to help him find all of his files that need to be saved before he deploys the nukes.
 
stpug suggested the remote desktop bit,had to go into safe mode with networking to download it. Msg from him now. Hold on...
 
OK,well,that was just gettin' interesting when his appoinment showed up. gotta wait a couple hours to reconnect on his end. this should be interesting to watch later. He thinks that IE problems are at the root of the problems. From what I've seen,I think that may be a big part of it. But still...so many windows things enabled that aren't available or stopped?...Just have to wait & see...
 
unionrdr said:
OK,well,that was just gettin' interesting when his appoinment showed up. gotta wait a couple hours to reconnect on his end. this should be interesting to watch later. He thinks that IE problems are at the root of the problems. From what I've seen,I think that may be a big part of it. But still...so many windows things enabled that aren't available or stopped?...Just have to wait & see...
Click to expand...

Well, hopefully, he can make some headway. The problem, though, is after something like this even if you manage to make all the symptoms go away, you never know what's still lurking just below the surface and these things have a nasty ability to pop back up later to make your life miserable again. If that were my system, after all you've described that you've been through, there is no way in hell I'd trust it until I wiped it clean and rebuilt it.
 
Uh,yeah,that's pretty close to what I have in mind atm. Fix as much as possible so more programs & functions work right again. Then that's just that much more that'll be savable to disc & thumb drive. I have one cd/dvd to save my book stuff on. Thumb drive for the rest. Kids stuff better be minimal,or this could get tight. One son has a thumb drive,idk what size,other son a laptop. Just have to see what we can put together.
Just wanna see how much he can fix first. That'll make things a lot easier to my understanding?...
 
I would NOT wipe that disk. No way. I don't know how you all use your computers, but I just can't tolerate losing anything I've done.

I'd get another drive and install the new OS on it. That way you don't lose anything at all. You could leave the current drive outside the computer and get an external USB drive enclosure ( < $20) to snap it into, and plug it into the USB port if you want to get any files off of it. You could also just install the original drive in your case as a second "D" drive, but don't put it in there until you've installed the new OS. You just can't run any programs from the ("D:") drive.

A new hard drive would run you about $50. If you don't have that, you can definitely get someone's spent drive for free and reformat. I've got 25 years of them because I've NEVER thrown one away, I just keep them in case there's something I forgot to copy over - and that's happened a bunch of times.
 
I've re-installed twice before,but the system was no where near as big as it is now. A couple folks on here have offered drives. But mine's 320GB,their's like 80GB or so. No where near the size I have or need for this family. No money to spend & thimb drive not here yet. I like the idea you suggest,but no cash to do it right now. Too many things at once.
 
LLBeanJ said:
I don't know if it would do much good now. By his descriptions of what he's up against, I doubt any of us would be able to do much with it. Sounds like the deepest, darkest bowels of the registry are occupied by some nasty chit. I was thinking that any one of us could log in with a Remote Desktop connection once he has reinstalled Windows to help him resolve in any lingering issues related to the reinstall.

Actually, now that I've written that, assuming it's even possible to make a Teamviewer or RDC connection to it in its current state, it might not be a bad idea to give it a try when his thumb drive shows up to help him find all of his files that need to be saved before he deploys the nukes.
Click to expand...

Yes, I agree that a wipe and re-install is the best option here at this point. But I hoped the remote session would allow someone more computer savvy to at least find and move the data to a backup location. After that, it isn't too hard to install Windows from the boot disc or recovery partition.

But I think it's absolutely imperative that all attempts be made to get the data off the drive.

I think at this point we are up to discussing backup options and drive options for re-install. Does the OP even know what HDD types his computer supports?

An 80GB drive isn't that nice as a System Drive these days, but it might make a good size for a backup device.
 
Earlier on the OP said:
On the computer page,it says drive C has 110GB free of 288GB.​

That means there's 178GB of total data between Windows, installed programs, pagefile, possibly hibernation file, user and system data, and personal files.

A rough estimate, I'd say there could be at least 130GB of personal data involved.
It would be good to have someone take a look and see what's what more exactly, data wise.

EDIT: Forgot to make my point... With a little squeezing those 130GB of personal files could be copied to a newly created 3rd partition, there's 110GB of free space. I know that involves installing Minitool or something, and there's a chance good files are hiding in the deleted area. Only the OP can know what files are still useful and are worth retaining. Maybe it's way less than 130GB.

$50-60 for a 1TB internal drive (if the OP's 2006 system supports SATA) is the best deal around, brand new. The savings become negative or marginal for smaller drives, like 320GB or 500GB.

From what I remember, if the system supports 320GB (> 137GB barrier) it should support up to 2TB. So 1TB should be working.
 
Well, it's a wild guess. My experience is that many people have a TON of pictures, music, videos, etc. taking up space on their systems, while others simply have a TON of non-data data items like programs, browser cache, uninstall data, etc. IOW nothing they need or want. Only a good look-see will reveal.
 
Hopefully your system will run better for you now. As has been mentioned several times in this thread, malware/virii/etc can hide themselves very well and pop up at a later time, and even potentially inject themselves into system files. Malware tends to be more annoying but less invasive, whereas virii tend to be less annoying and more invasive and critical. Knowing if you have any remaining threats on your system is hard to determine - hell, manufacturers make a living at trying to do this and they frequently fail at the task :D

While your system might feel better for now, there is no guarantee that all threats have been removed. Your best bet is to make a full backup of your personal data on to a thumb drive and/or cloud service (someone mentioned google drive gives 50gb of space which is a ton for most purposes).

Your next decision will be when you want to reload your system. You can beat the threats to the punch by doing it sooner than later, or you can gamble until you start seeing inconsistencies in your system again. Safer is always better than sorry, BUT I've been known to recommend the gamble route until the first slightest sign of inconsistency at which point you make the plunge immediately. The choice is yours. If you have a good backup of your data then it's easier to play the gamble game.

Hopefully you can get back to some normal daily digital routine :D

Cheers! :mug:
 
Yeah stpug,I need to look at cloud drives & the like. BS2 has it's own,as you fixed during our remote session. You guys,this fella did things with files I not only didn't know what they were exactly,but made'em dance to the right tune. I am humbled & impressed. Matter of fact,BS said it could update if I wanted it to after he got the cloud link "error5: acess denied" thing out of it. I'll leave it to him to explain better. Let's just say it can be done/fixed. But he went deep into this bloody thing with some real-world skills. I'm thankful he got so far as to fix most of the problems. So many it seems about normal so far. Can't wait to back this chit up. I'm thinking of creating a restore point for D: drive. Can't hurt at this point?...someplace to start.
 
Tried to do new back up,ran for a bit then failed. "Config registry database is corrupted" (0x800703F1)? This is for drive D:. Dammit. I had high hopes for D: drive too. Needs more work I guess. continue cloud search...
 
unionrdr said:
Tried to do new back up,ran for a bit then failed. "Config registry database is corrupted" (0x800703F1)? This is for drive D:. Dammit. I had high hopes for D: drive too. Needs more work I guess. continue cloud search...
Click to expand...

This is most likely remnants from the malware that got into your system and probably has nothing to do with your D: drive. I'm sure there are several remaining invalid registry keys remaining on your system that will just linger like lost memories :D. While there are tools that can automate the cleaning of the registry, I have found most to be a little too heavy-handed. It's possible to rectify the registry to a state that will allow windows modules like 'backup' to run correctly again, but it could take a bit of work. It's also possible to find a use a 3rd party backup software - specifically a free and/or open-source backup software. One I'm familiar with is Cobian (freeware but not open-source), however I believe there may be a better alternative out there. Let's see if anyone else has a suggestion for a free/opensource simplified backup software to replace microsoft's backup utility.
 
Here's a free, simplified backup software that looks like it might do the job without much fuss:
http://www.aomeisoftware.com/download/adb/BackupperFull.exe

You can read more about it here, but I would use the link above to download the program if you decide you want it:
http://www.aomeitech.com/

I've never used this software but I have reviewed the webpage, and read reviews on this software and it seems like it might be just the ticket for a simplified backup process. I don't know if you've done this already or not, but I would ensure you have the equal amount of space on your D: drive that you have used on your C: drive. If you need help determining this just let us know.
 
If you want you can open a command prompt and use the following command to generate the available/free bytes:
fsutil volume diskfree c:

And then do the same thing for your D: drive:
fsutil volume diskfree d:

You can then right-click in the command prompt window, choose Edit - Select All.
Right-click on the window's titlebar and, choose Edit - Copy.
And then you can paste the results here in a post.

You should see something like this:
Code: 
Microsoft Windows [Version 6.3.9600]
(c) 2013 Microsoft Corporation. All rights reserved.

C:\Users\home>fsutil volume diskfree c:
Total # of free bytes        : 683142660096
Total # of bytes             : 999835037696
Total # of avail free bytes  : 683142660096

C:\Users\home>fsutil volume diskfree d:
Total # of free bytes        : 138759753728
Total # of bytes             : 500105216000
Total # of avail free bytes  : 138759753728

C:\Users\home>
 
I second the notion of not doing registry cleaning, and reiterate the idea that a second hard drive be introduced as the new system onto which Windows is installed, leaving the old drive inside the chassis but not the boot drive, for copying from then wiping. As for backups, I'd kinda recommend doing DOS XCOPY from each user's MyDocs (\documents and settings\username\my documents for XP or \users\username for Win7)
 
I'm using Google Chrome right now. I tried your suggestion in the start box thing. it says fsutil is not recognized as an internal or external command,operable program or batch file? By the way,I got that wavy red watermark under "fsutil" again,so spell checker is also working again! so that's something,at least...It also looks like I need to import the HDD viewer stuff to chrome as well. Resolution of fonts,etc could be a tad better by the look of things.
So dosxcopy is how I save users profiles? The thumb drive came in a lil while ago from newsman,so thanks there.
 
A general tip (to help avoid computer viruses) is to install VMware Player and the latest Ubuntu (or perhaps just make a USB stick install of Ubuntu).

This has two purposes:

1.) If the host is dirty, the virtual machine will most likely be clean.

2.) If the host is clean, "suspect sites" can be viewed from within the virtual machine.
 
For now I'd just copy files. The Ubuntu thing is for later (my $0.02). You need to get files copied if at all possible first.
 
Sorry but VMWare and Ubuntu only serve to confuse matters at this point.

If you're comfortable with working at the command prompt then Xcopy might be the ticket, but I don't really think this is a viable solution for you at this time. To keep things really simple, you could just copy/paste your data files over to your D: drive using the regular old windows file manager. I was suggesting the backup software above as a simple, automated way of creating a complete backup of your system. Alternatively, it can be used to only backup specific folders.

The other way of telling us your drive availability is to open 'This PC' or 'Computer' or 'My Computer', and right-click the C: drive and choose 'Properties'. It will show you used space and free space. The same can be done for the D: drive. This is just to figure out how much space is used on your C: drive to determine if your D: drive can hold a complete backup of your system, OR if the backup will need to be whittled down to fit.
 

Similar threads

F
bagel hack
Replies
29
Views
854
fluketamer
F
F
Beersmith3 lost data
Replies
5
Views
1K
fphredd
F
Yooper
Need help with moving Beersmith to a new (and old) computer
Replies
6
Views
2K
Oginme
Oginme
unionrdr
a series of unfortunate events
Replies
25
Views
1K
unionrdr
unionrdr
day_trippr
How To: BrewPi Over Bluetooth
9 10 11
Replies
413
Views
51K
day_trippr
day_trippr

Latest posts

Back
Top