-
April 26th, 2007, 07:30 PM
#1
who or what hit the computer?
got a win2k machine at i use for surfing the net, after a week away am back to find no documents in the 'my documents' folder, no browser bookmarks(both firefox and IE), half the programs installed don't work, the checked entries in spyware blaster unchecked. what hit me? or who hit me? is it spyware or a net trophy hunter who did this? i have sygate firewall and avast installed, both remained functional? any remedies?
-
April 26th, 2007, 07:35 PM
#2
Hmmmm,
Have you looked at your user profiles?
-
April 26th, 2007, 08:20 PM
#3
Like Nihil is indicating, it sounds like your profile got muffed up. I'm also assuming that Sygate firewall and Avast were installed via the Administrative account which is why they are still working.
Unless your profile is backed up somewhere, I think you're going to have to clean this mess up the hard way. (sorry, I'm at work so I can't really explain too much right now).
The object of war is not to die for your country but to make the other bastard die for his - George Patton
-
April 26th, 2007, 08:41 PM
#4
Sorry, I didn't answer the other part of your question.
My personal thinking is that this is some sort of "natural disaster" rather than an attack. I would expect an attacker to plant rootkits, trojans and whatever. This is just too obvious in my opinion?
You might like to look at your system logs for anything unusual.
-
April 27th, 2007, 03:17 AM
#5
half the programs installed don't work
What happens when you try to run one of the affected programs? Do you get an error message?
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
-HST
-
April 27th, 2007, 12:29 PM
#6
Take a look at the following. Unless the profile has been deleted, you should be able to recover ok. I've had this happen when logging into local accounts or domain accounts with the same name. One profile gets named "user.domain" and one is just "user". Well, somewhere along the line the user.domain account got corrupt and it fell back to just the user profile.
http://www.lockergnome.com/nexus/it/...-user-profile/
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
April 27th, 2007, 12:44 PM
#7
Hi phish~
owor says he is using Windows 2000. Your link is for XP......................this is the Microsoft KB article for Win 2000:
http://support.microsoft.com/kb/314045
Cheers
-
April 27th, 2007, 01:04 PM
#8
Ah... thanks for correcting me.
I'm just waking up and I had not had my coffee.
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
April 27th, 2007, 02:36 PM
#9
Junior Member
files gone..
One possibilty, although it is pretty unlikely:
The DOS command "rmdir" removes directories; it will wipe everything out of your My Documents; whatever you consider "work files" will be gone. I found out the hard way, when I did it to myself by mistake. I had backups, so I didn't lose anything.
Perhaps he had a mischievous little brother or something that opened a DOS window and did it to him as a prank.
Like I said, probably not, but you wouldn't know it if it happened.
Just a possibilty.
MCP MCP+I MCSA MCSE(NT4/W2K) CCNA CCA VH-PIRTS CEH
==================
"If you don't know how your systems can be attacked by hackers, you can't implement good security, and you shouldn't be running, developing, programming and supporting systems. Period".
-
April 27th, 2007, 07:13 PM
#10
thanks people, but this has got to be malware of somekind, another pc in the house suffered the same thing after a flash disk was used to transfer files to it from the first one attacked, it lost its record of music files played in media player, the my documents folder was empty, it told the users(my younger brothers) they don't have permission to shutdown their pc(another win2k machine), they have no start button,now this can't be mischief from within the house, my siblings only play games and listen to music. oh, all log files have only records of events after the incident.
Similar Threads
-
By ai0070 in forum Miscellaneous Security Discussions
Replies: 6
Last Post: October 18th, 2004, 11:21 PM
-
By foxdie in forum AntiVirus Discussions
Replies: 11
Last Post: April 4th, 2004, 02:52 AM
-
By gore in forum Operating Systems
Replies: 3
Last Post: March 7th, 2004, 08:02 AM
-
By ali1 in forum The Security Tutorials Forum
Replies: 27
Last Post: January 1st, 2004, 11:59 AM
-
Replies: 1
Last Post: July 15th, 2002, 03:46 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|