who or what hit the computer?
Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: who or what hit the computer?

  1. #1
    Junior Member
    Join Date
    May 2004
    Posts
    20

    who or what hit the computer?

    got a win2k machine at i use for surfing the net, after a week away am back to find no documents in the 'my documents' folder, no browser bookmarks(both firefox and IE), half the programs installed don't work, the checked entries in spyware blaster unchecked. what hit me? or who hit me? is it spyware or a net trophy hunter who did this? i have sygate firewall and avast installed, both remained functional? any remedies?

  2. #2
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hmmmm,

    Have you looked at your user profiles?
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #3
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    Location
    New Jersey
    Posts
    718
    Like Nihil is indicating, it sounds like your profile got muffed up. I'm also assuming that Sygate firewall and Avast were installed via the Administrative account which is why they are still working.
    Unless your profile is backed up somewhere, I think you're going to have to clean this mess up the hard way. (sorry, I'm at work so I can't really explain too much right now).
    The object of war is not to die for your country but to make the other bastard die for his - George Patton

  4. #4
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Sorry, I didn't answer the other part of your question.

    My personal thinking is that this is some sort of "natural disaster" rather than an attack. I would expect an attacker to plant rootkits, trojans and whatever. This is just too obvious in my opinion?

    You might like to look at your system logs for anything unusual.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  5. #5
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188
    half the programs installed don't work
    What happens when you try to run one of the affected programs? Do you get an error message?
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  6. #6
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    Take a look at the following. Unless the profile has been deleted, you should be able to recover ok. I've had this happen when logging into local accounts or domain accounts with the same name. One profile gets named "user.domain" and one is just "user". Well, somewhere along the line the user.domain account got corrupt and it fell back to just the user profile.

    http://www.lockergnome.com/nexus/it/...-user-profile/
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  7. #7
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hi phish~

    owor says he is using Windows 2000. Your link is for XP......................this is the Microsoft KB article for Win 2000:

    http://support.microsoft.com/kb/314045

    Cheers
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  8. #8
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    Ah... thanks for correcting me.
    I'm just waking up and I had not had my coffee.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  9. #9
    Junior Member eyeccd's Avatar
    Join Date
    Jan 2003
    Location
    Cleveland OH
    Posts
    2

    Exclamation files gone..

    One possibilty, although it is pretty unlikely:

    The DOS command "rmdir" removes directories; it will wipe everything out of your My Documents; whatever you consider "work files" will be gone. I found out the hard way, when I did it to myself by mistake. I had backups, so I didn't lose anything.

    Perhaps he had a mischievous little brother or something that opened a DOS window and did it to him as a prank.

    Like I said, probably not, but you wouldn't know it if it happened.

    Just a possibilty.
    MCP MCP+I MCSA MCSE(NT4/W2K) CCNA CCA VH-PIRTS CEH
    ==================
    "If you don't know how your systems can be attacked by hackers, you can't implement good security, and you shouldn't be running, developing, programming and supporting systems. Period".

  10. #10
    Junior Member
    Join Date
    May 2004
    Posts
    20
    thanks people, but this has got to be malware of somekind, another pc in the house suffered the same thing after a flash disk was used to transfer files to it from the first one attacked, it lost its record of music files played in media player, the my documents folder was empty, it told the users(my younger brothers) they don't have permission to shutdown their pc(another win2k machine), they have no start button,now this can't be mischief from within the house, my siblings only play games and listen to music. oh, all log files have only records of events after the incident.

Similar Threads

  1. how to finger a user via telnet
    By ai0070 in forum Miscellaneous Security Discussions
    Replies: 6
    Last Post: October 18th, 2004, 11:21 PM
  2. The Bulgarian and Soviet Virus Factories
    By foxdie in forum AntiVirus Discussions
    Replies: 11
    Last Post: April 4th, 2004, 01:52 AM
  3. The history of the Mac line of Operating systems
    By gore in forum Operating Systems
    Replies: 3
    Last Post: March 7th, 2004, 07:02 AM
  4. 4 steps to making your computer immortal online.
    By ali1 in forum The Security Tutorials Forum
    Replies: 27
    Last Post: January 1st, 2004, 10:59 AM
  5. Replies: 1
    Last Post: July 15th, 2002, 03:46 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides