When in C:\dell?

B

Brian Heston

New member
Local time
2:33 PM
Messages
5
I know this isn't based on windows7. But, just had to inquire here. I recently was hacked and set my system back to the factory condition. My computer is a dell. Specs:
Inspirion 545S
Processor- Pentium dual-core ES300 @ 2.60GHz
Memory- 6.00 GB
Op Sys- 64bit
Running WIndows 7.
And also downloaded and am running "Windows Sercurity Essential".
I have the firewall and virus protection on and up to date.

I recently went into my C:\dir. Just to see what I have (cause the hacker(s) took over privledges and all. Please review searh and if you can help that would be great.
Directory of C:\
07/16/2011 12:14 AM <DIR> dell
01/25/2010 02:17 PM <DIR> Drivers
01/25/2010 12:32 PM <DIR> Intel
07/16/2011 05:46 AM <DIR> PerfLogs
07/18/2011 10:23 PM <DIR> Program Files
07/16/2011 07:08 PM <DIR> Program Files (x86)
07/20/2011 08:31 PM <DIR> System Volume Information
07/15/2011 11:18 PM <DIR> Users
07/19/2011 05:10 AM <DIR> WINDOWS
0 File(s) 0 bytes
10 Dir(s) 701,327,736,832 bytes free

Directory of C:\dell
07/16/2011 12:14 AM <DIR> .
07/16/2011 12:14 AM <DIR> ..
01/25/2010 02:18 PM <DIR> CAE
01/25/2010 12:34 PM 66 dell.cae
01/25/2010 02:18 PM 29,936 dscstart64.exe
01/25/2010 02:21 PM <DIR> postvpe
2 File(s) 30,002 bytes
4 Dir(s) 701,337,407,488 bytes free

Directory of C:\WINDOWS
07/19/2011 05:10 AM <DIR> .
07/19/2011 05:10 AM <DIR> ..
07/14/2009 01:32 AM <DIR> addins
07/13/2009 11:20 PM <DIR> AppCompat
07/16/2011 03:29 PM <DIR> AppPatch
11/20/2010 09:24 AM 71,168 bfsvc.exe
07/14/2009 01:32 AM <DIR> Boot
07/14/2009 01:32 AM <DIR> Branding
01/25/2010 02:21 PM 12 csup.txt
07/14/2009 01:32 AM <DIR> Cursors
07/16/2011 01:19 AM <DIR> debug
07/14/2009 01:32 AM <DIR> diagnostics
07/14/2009 01:37 AM <DIR> DigitalLocker
01/25/2010 12:40 PM 31,419 DirectX.log
07/14/2009 01:32 AM <DIR> Downloaded Program File
01/25/2010 12:48 PM 2,027 DtcInstall.log
07/16/2011 03:30 PM <DIR> ehome
07/14/2009 01:37 AM <DIR> en-US
07/16/2011 07:54 AM 1,945 epplauncher.mif
11/20/2010 09:24 AM 2,872,320 explorer.exe
07/13/2009 09:39 PM 15,360 fveupdate.exe
07/14/2009 03:50 AM <DIR> Globalization
07/14/2009 01:37 AM <DIR> Help
07/13/2009 09:39 PM 733,696 HelpPane.exe
07/13/2009 09:39 PM 16,896 hh.exe
06/10/2009 04:30 PM 48,265 HomePremium.xml
07/16/2011 04:53 AM 2,921 IE9_main.log
07/14/2009 01:37 AM <DIR> IME
07/21/2011 07:58 AM <DIR> inf
07/14/2009 01:32 AM <DIR> L2Schemas
07/13/2009 10:34 PM <DIR> LiveKernelReports
07/16/2011 03:50 PM <DIR> Logs
07/16/2011 12:48 AM 444,004,727 MEMORY.DMP
07/13/2009 07:06 PM 43,131 mib.bin
07/19/2011 05:43 AM <DIR> Microsoft.NET
07/16/2011 12:48 AM <DIR> Minidump
07/13/2009 10:34 PM <DIR> ModemLogs
06/10/2009 04:36 PM 1,405 msdfmap.ini
07/13/2009 09:39 PM 193,536 notepad.exe
07/14/2009 01:32 AM <DIR> Offline Web Pages
07/15/2011 01:15 PM <DIR> Panther
07/14/2009 01:32 AM <DIR> Performance
07/17/2011 04:22 PM 17,168 PFRO.log
07/13/2009 11:20 PM <DIR> PLA
07/16/2011 05:19 AM <DIR> PolicyDefinitions
07/21/2011 10:23 AM <DIR> Prefetch
07/13/2009 09:39 PM 427,008 regedit.exe
07/13/2009 11:20 PM <DIR> Registration
07/17/2011 05:55 PM <DIR> rescache
07/14/2009 01:32 AM <DIR> Resources
07/13/2009 10:35 PM <DIR> SchCache
07/14/2009 01:32 AM <DIR> schemas
07/13/2009 11:20 PM <DIR> security
07/14/2009 12:45 AM <DIR> ServiceProfiles
07/16/2011 03:30 PM <DIR> servicing
01/25/2010 02:16 PM <DIR> Setup
07/21/2011 07:54 AM 22,308 setupact.log
07/14/2009 12:51 AM 0 setuperr.log
07/14/2009 03:45 AM <DIR> ShellNew
07/15/2011 12:14 PM <DIR> SMINST
07/16/2011 12:33 AM <DIR> SoftwareDistribution
07/14/2009 01:37 AM <DIR> Speech
11/20/2010 09:25 AM 67,072 splwow64.exe
06/10/2009 04:31 PM 48,201 Starter.xml
07/13/2009 10:36 PM <DIR> system
06/10/2009 05:08 PM 219 system.ini
07/21/2011 07:58 AM <DIR> System32
07/16/2011 07:08 PM <DIR> SysWOW64
07/19/2011 05:13 AM 38 tabled32.ini
07/14/2009 12:57 AM <DIR> TAPI
07/20/2011 05:58 PM <DIR> Tasks
07/21/2011 10:23 AM <DIR> Temp
07/13/2009 10:34 PM <DIR> tracing
01/25/2010 02:28 PM 1,313 TSSysprep.log
06/10/2009 05:41 PM 94,784 twain.dll
07/14/2009 01:32 AM <DIR> twain_32
11/20/2010 08:21 AM 51,200 twain_32.dll
06/10/2009 05:41 PM 49,680 twunk_16.exe
07/13/2009 09:14 PM 31,232 twunk_32.exe
07/13/2009 11:20 PM <DIR> Vss
07/10/2009 05:13 PM <DIR> Web
07/14/2009 01:09 AM 403 win.ini
07/21/2011 02:56 AM 1,347,626 WindowsUpdate.log
07/13/2009 09:14 PM 9,728 winhlp32.exe
07/19/2011 04:43 AM <DIR> winsxs
06/10/2009 04:52 PM 316,640 WMSysPr9.prx
07/13/2009 09:39 PM 10,240 write.exe
01/25/2010 12:39 PM 20 ¼ùM
34 File(s) 450,533,708 bytes
54 Dir(s) 701,327,548,416 bytes free



I guess I have a couple questions.
If there is any backdoor program to get in or remotely logon.
Where would they most likely place them?

I kept the file sharing ON for "Home/Work"
Will this make my computer vulnerble to outside sources?

I have file sharing shut off in my control panel for the "Public".

WHen I set it computer back to the factory condition. It booted back up with the windows 7 loaded.

Any insight to what I can have to do in my computer to ensure that it is not able to be invaded again would be helpful. I am not dumb with computers. And, I am no expert in this area as well.

Is there another program or settings that I need to look at?

Thanks for at least getting to this sentence. That means you do care and read this.

Brian H
 

My Computer

OS
Windows 7, 64bit
How are you connecting to the internet, wired or wirelessly?
 

My Computer

Computer Manufacturer/Model Number
Custom built
OS
Windows 7 Ultimate 64 bit
CPU
AMD Phenom II X4 965 Black Edition
Motherboard
Gigabyte GA-MA790X-DS4
Memory
GSkill 4 X 2 GB PC 8500
Graphics Card(s)
XFX Radeon HD 6790 D
Sound Card
On board RealTek HD
Monitor(s) Displays
Dual monitors:Samsung SyncMaster S20B300
Screen Resolution
1600 X 900
Hard Drives
Seagate Barracuda 1TB (primary)
Seagate Barracuda 2 X 320 GB
PSU
Ultra X4 750 watt fully modular
Case
Thermaltake Overseer RX 1 full tower
Cooling
Core-Contact 92 mm CPU Cooler
Keyboard
Logitech G510
Mouse
Razor DeathAdder
Internet Speed
50/5 Mbps UL/DL
Other Info
Optical: Super Muliti DVD burner w/lightscribe, Hauppauge WinTV HVR-1800
Are you sure you were hacked? Most people who claim to be hacked actually just had some malware take over the system. As to how to avoid it, use good common computing practices, and have good AV software installed.

Chances are, if you did a full restore from disc, you wiped away any malware that had been present on the system.
 

My Computer

OS
Windows 7 Ultimate x64 SP1
CPU
Intel Core i7-2600
Motherboard
Gigabyte GA-P67A-UD3P-B3
Memory
12 GB Patriot Extreme DDR3-1333
Graphics Card(s)
Nvidia GTX 470
Monitor(s) Displays
Dell UltraSharp 2209WA
Hard Drives
OCZ Agility3 240 GB, WD5001AALS, WD7501AALS
PSU
OCZ ModStream 700W
Case
CoolerMaster HAF 912 Advanced
Cooling
CoolerMaster Hyper 212 Plus
Deacon Frost

DeaconFrost said:
Are you sure you were hacked? Most people who claim to be hacked actually just had some malware take over the system. As to how to avoid it, use good common computing practices, and have good AV software installed.

Chances are, if you did a full restore from disc, you wiped away any malware that had been present on the system.
Click to expand...



Is there such a Malware that will bootup the computer after shutdown and pull your tax documents from a file and place them on your desktop? I was also showing the admin title with no privledges. And my Drives were flip/flopped C: to D:. Pretty good aye.

When I reset to factory mode the first time(did 3x). I investigated and in the Windows file there was a file labeled "Panther". Googled and found that it may be a backdoor program for them to get in. Plus, the fact I wouldnt think windows would use a name such as Panther. Deleted it and did factory re-boot again. Wasnt there anymore.

I restored to factory original from a safeboot mode and not Disk. I know probably not the safest way to do it. But, just got divorced and the Ex has the software. There is no way to get it.. I am in the process of getting ahold of Win 7 software and a new hard to load just in case. And also a external hd. But, dont have the funds to do it right. I am wanting to protect myself as good as possible right now.
 

My Computer

OS
Windows 7, 64bit
Many of us on WSF use Microsoft Security Essentials along with Malwarebytes and it seems a pretty effective combination for keeping malware and viruses at bay.

Both utilities are free so it's worth trying I would have thought.
 

My Computer

Computer Manufacturer/Model Number
HP Pavilion Elite 495UK
OS
Windows 7 Ultimate SP1 64-Bit
CPU
Intel Core i7 870 @ 2.93GHz
Motherboard
MSI 2A9C (CPU1)
Memory
8Gb Dual-Channel DDR3 @ 664MHz
Graphics Card(s)
nVidia GeForce GTX 460 1024MB dedicated RAM
Sound Card
Realtek HD Audio
Monitor(s) Displays
HP2310i
Screen Resolution
1920 x 1080
Hard Drives
1x1954GB Hitachi HDS22020ALA 330 (RAID), 1x1954GB Hitachi External for backup and storage
PSU
460W
Case
HP Elite
Cooling
Air cooled
Keyboard
Logitech K750 solar-powered keyboard
Mouse
Logitech Wireless M180 mouse
Internet Speed
2Mb
Other Info
Pure Avanti Flow Internet Radio with iPod Dock, 64Gb iPod, HP USB Speakers, Sony MDR-V500 Headphones, Sony Vaio F-Series Laptop
Not to add insult to injury, but is it possible your ex had someone come over and install something on your system? Aside from clicking on something you weren't supposed to, I don't know how else a backdoor app would have gotten on the system.
 

My Computer

OS
Windows 7 Ultimate x64 SP1
CPU
Intel Core i7-2600
Motherboard
Gigabyte GA-P67A-UD3P-B3
Memory
12 GB Patriot Extreme DDR3-1333
Graphics Card(s)
Nvidia GTX 470
Monitor(s) Displays
Dell UltraSharp 2209WA
Hard Drives
OCZ Agility3 240 GB, WD5001AALS, WD7501AALS
PSU
OCZ ModStream 700W
Case
CoolerMaster HAF 912 Advanced
Cooling
CoolerMaster Hyper 212 Plus
Seavixen - I have the Sercurity Essentials on there right now. ANd I will add the Malware here soon. Thank you for the input.

DeaconFrost- I am bitter about the divorce but, honestly she doesnt have a key to my place, that I know of. And I don't think it was her. It may have been something I clicked on.. I was always going for the free stuff and clicking just whatever. I also was a avid Facebooker. Bad and I think it may have infected me through there. I was also told by a friend (In security) that someone doesnt get hack -just because... There is usually a reason why you got hacked. Is this true? Or is there such hackers out there that do it for sport. I have pondered at who would do it and why. And really can't think of who-or-why would- honestly. Thanks for the replies and am still up for more advise and tips. To everyone* Please dont say google this or that. I have done as much research as I can through there and researched the Microsoft and Windows web searches.

I did look up (as much as provided) about sharing and shut that down. One answer I can not find is more on remote logon. If I don't use this at all. Is it safe to remove the program?

Again thank you for the help so far.

-B
 

My Computer

OS
Windows 7, 64bit
Brian Heston said:
...I was also told by a friend (In security) that someone doesnt get hack -just because... There is usually a reason why you got hacked. Is this true? Or is there such hackers out there that do it for sport. I have pondered at who would do it and why...
Click to expand...
There are people who do it just for the thrill of trying to get away with something, but the fact that there was apparent tampering with financial documents (your tax records) makes me think they were trying to get information about your bank accounts.
 

My Computer

Computer Manufacturer/Model Number
Self
OS
Main - Windows 7 Pro SP1 64-Bit; 2nd - Windows Server 2008 R2
CPU
Main - Core i7 2600K; 2nd - Core i7 920
Motherboard
Main - Asus P8Z68-V Pro/Gen3; 2nd - Gigabyte GA-EX58-UDR3
Memory
Main - 16GB Corsair Vengeance; 2nd - 12GB Corsair Vengeance
Graphics Card(s)
Main - XFX Radeon 6870 1GB; 2nd - XFX Radeon 4870 1GB
Sound Card
Both: Onboard Realtek Azalia
Monitor(s) Displays
Main - Hann 25" + I-INC 25" + Acer 23"; 2nd - Upgrading Soon
Screen Resolution
Main - 1920x1080 (All Three Monitors); 2nd - Upgrading Soon
Hard Drives
Main - (1) Crucial M4 128GB (Boot)
Main - (1) Seagate 2TB 64MB Cache (Data)
Main - (1) Seagate 2TB 64MB Cache (Data Backup)
2nd - (1) Intel X25-M SSD 80GB (Boot)
2nd - (3) Seagate 1TB 32MB Cache (Data Backup)
2nd - (1) Seagate 320GB (Because)
PSU
Main - OCZ 600W Modular; 2nd - OCZ 600W
Case
Main - Thermaltake Element G; 2nd - NZXT something or other
Cooling
Main - Corsair H80; 2nd - Prolimatech Megahalems
Keyboard
Main - Razer Reclusa; 2nd - Old MS Keyboard
Mouse
Main - Logitech MX Revolution; 2nd - Old MS Mouse
Internet Speed
20Mbps Time-Warner Cable
Good Luck with that.LOL

Well if they think they are going to get anything out of me... Good Luck with that one..lol. I also have credit monitoring for like 3 years from a work mishap with my personal info. SO, I feel better having at least something. Is there anyone else out there with input onb protecting and could answer my questions about the remote access files and sharing?

Brian
 

My Computer

OS
Windows 7, 64bit
Are you behind a router on your wired Internet connection? Routers will automatically stealth your system (if set up properly; the defaults usually do it) to make you virtually invisible to the outside world.
 

My Computer

Computer Manufacturer/Model Number
Self
OS
Main - Windows 7 Pro SP1 64-Bit; 2nd - Windows Server 2008 R2
CPU
Main - Core i7 2600K; 2nd - Core i7 920
Motherboard
Main - Asus P8Z68-V Pro/Gen3; 2nd - Gigabyte GA-EX58-UDR3
Memory
Main - 16GB Corsair Vengeance; 2nd - 12GB Corsair Vengeance
Graphics Card(s)
Main - XFX Radeon 6870 1GB; 2nd - XFX Radeon 4870 1GB
Sound Card
Both: Onboard Realtek Azalia
Monitor(s) Displays
Main - Hann 25" + I-INC 25" + Acer 23"; 2nd - Upgrading Soon
Screen Resolution
Main - 1920x1080 (All Three Monitors); 2nd - Upgrading Soon
Hard Drives
Main - (1) Crucial M4 128GB (Boot)
Main - (1) Seagate 2TB 64MB Cache (Data)
Main - (1) Seagate 2TB 64MB Cache (Data Backup)
2nd - (1) Intel X25-M SSD 80GB (Boot)
2nd - (3) Seagate 1TB 32MB Cache (Data Backup)
2nd - (1) Seagate 320GB (Because)
PSU
Main - OCZ 600W Modular; 2nd - OCZ 600W
Case
Main - Thermaltake Element G; 2nd - NZXT something or other
Cooling
Main - Corsair H80; 2nd - Prolimatech Megahalems
Keyboard
Main - Razer Reclusa; 2nd - Old MS Keyboard
Mouse
Main - Logitech MX Revolution; 2nd - Old MS Mouse
Internet Speed
20Mbps Time-Warner Cable
If you are worried about remote login, you can alsways just disable it, especially if you don't ever remotely connect to your computer from somewhere else. I generally only have that enabled on my servers, so I can RDP into them.
 

My Computer

OS
Windows 7 Ultimate x64 SP1
CPU
Intel Core i7-2600
Motherboard
Gigabyte GA-P67A-UD3P-B3
Memory
12 GB Patriot Extreme DDR3-1333
Graphics Card(s)
Nvidia GTX 470
Monitor(s) Displays
Dell UltraSharp 2209WA
Hard Drives
OCZ Agility3 240 GB, WD5001AALS, WD7501AALS
PSU
OCZ ModStream 700W
Case
CoolerMaster HAF 912 Advanced
Cooling
CoolerMaster Hyper 212 Plus
You must log in or register to reply here.
Back
Top