Hi all,

I've just discovered a serious problem with one of the computers I am
responsible for, and I need help fixing it. I'm hoping someone here can help
me out.

It appears a cruel and evil person has uploaded a great deal of games,
music, movies, adult content, and more onto my machine via the net. I
discovered this using a virus checker because my machine was running dog slow
and I was getting out of memory errors. It seems the problem files are
hidden in an invisible folder.

I need to know how I can view invisible folders. Once I view it, I will
delete the folder.

Once these files are gone, will that cure the problem? That is, will the
miscreant likely leave me alone? Or, do I need to take more proactive steps
to ensure this doesn't happen again? If there is some way to track this
fiend down please let me know -- I want to turn him in. Script kiddies are
such a drain on the gene pool.

My net connection was running painfully slow. I am assuming this is because
the cracker told all his buddies where to go to find the stuff he had stashed
away, and they were hogging the connection.

I am hoping, once the folder is gone, the memory errors will go away and the
net connection will speed back up. Is this a reasonable expectation?

If anyone has any advice on how to clear this up, I would appreciate hearing
it. Any tips on how to protect myself from this sort of thing again would
also be warmly accepted.

ThrowawayName wrote:

> Hi all,
>
> I've just discovered a serious problem with one of the computers I am
> responsible for, and I need help fixing it. I'm hoping someone here
> can help me out.
>
> It appears a cruel and evil person has uploaded a great deal of games,
> music, movies, adult content, and more onto my machine via the net. I
> discovered this using a virus checker because my machine was running
> dog slow
> and I was getting out of memory errors. It seems the problem files
> are hidden in an invisible folder.
>
> I need to know how I can view invisible folders. Once I view it, I
> will delete the folder.
>
> Once these files are gone, will that cure the problem? That is, will
> the
> miscreant likely leave me alone? Or, do I need to take more proactive
> steps
> to ensure this doesn't happen again? If there is some way to track
> this
> fiend down please let me know -- I want to turn him in. Script
> kiddies are such a drain on the gene pool.
>
> My net connection was running painfully slow. I am assuming this is
> because the cracker told all his buddies where to go to find the stuff
> he had stashed away, and they were hogging the connection.
>
> I am hoping, once the folder is gone, the memory errors will go away
> and the
> net connection will speed back up. Is this a reasonable expectation?
>
> If anyone has any advice on how to clear this up, I would appreciate
> hearing
> it. Any tips on how to protect myself from this sort of thing again
> would also be warmly accepted.

The smartest thing to do (and the least time-consuming) if your computer
has been truly compromised is to back up any data, format the hard
drive, and clean-install Windows. After installing Windows, before you
connect to the Internet make sure you have:

1. Service Pack 2 installed and the Windows Firewall or a third-party
firewall on.

2. A current version (not earlier than 2004) full-featured antivirus
installed.

3. Then connect to the Internet, update your av and apply any Windows
security updates from Windows Update.

Practice Safe Hex:
http://www.aumha.org/a/parasite.htm
http://www.claymania.com/safe-hex.html

Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User

"ThrowawayName" <ThrowawayName@discussions.microsoft.com> wrote in
message news:F2181612-A6D5-4C0B-9E8E-3D599443E701@microsoft.com
> Hi all,
>
> I've just discovered a serious problem with one of the computers I am
> responsible for, and I need help fixing it. I'm hoping someone here
> can help me out.
>
> It appears a cruel and evil person has uploaded a great deal of games,
> music, movies, adult content, and more onto my machine via the net. I
> discovered this using a virus checker because my machine was running
> dog slow and I was getting out of memory errors. It seems the
> problem files are hidden in an invisible folder.
>
> I need to know how I can view invisible folders. Once I view it, I
> will delete the folder.
>
> Once these files are gone, will that cure the problem? That is, will
> the miscreant likely leave me alone? Or, do I need to take more
> proactive steps to ensure this doesn't happen again? If there is
> some way to track this fiend down please let me know -- I want to
> turn him in. Script kiddies are such a drain on the gene pool.
>
> My net connection was running painfully slow. I am assuming this is
> because the cracker told all his buddies where to go to find the
> stuff he had stashed away, and they were hogging the connection.
>
> I am hoping, once the folder is gone, the memory errors will go away
> and the net connection will speed back up. Is this a reasonable
> expectation?
>
> If anyone has any advice on how to clear this up, I would appreciate
> hearing it. Any tips on how to protect myself from this sort of
> thing again would also be warmly accepted.

First eliminate any spyware.
What You Should Know About Spyware
http://www.microsoft.com/athome/secu...ssoftware.mspx

CAUTION!!!!! Removing some spyware can damage the Winsock stack and you may
not be able to connect to the Internet. Before you try to remove spyware,
download a copy of LSP-Fix - a free program to repair damaged Winsock 2
stacks AFTER you remove the software (all Windows versions)
http://www.cexx.org/lspfix.htm
Winsockfix for W95, W98, ME, NT, 2000, XP
http://www.tacktech.com/pub/winsockfix/WinsockFix.zip
Directions here: http://www.tacktech.com/display.cfm?ttid=257
WinXP:
Get WinSockxpFix
http://www.spychecker.com/program/winsockxpfix.html
How to Reset Internet Protocol (TCP/IP) in Windows XP
http://support.microsoft.com/kb/299357
In WinXP SP2: You can fix Winsock by going to Start | Run and typing
CMD
In the command window type
netsh winsock reset

See
Dealing with Unwanted Spyware and Parasites
http://mvps.org/winhelp2002/unwanted.htm
Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/data/tshoot.htm
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine.blogspot.com

--
Frank Saunders, MS-MVP OE
Please respond in Newsgroup only. Do not send email
http://www.fjsmjs.com
Protect your PC
http://www.microsoft.com./athome/sec...t/default.aspx
http://defendingyourmachine.blogspot.com/