benjamine6 Posted May 25, 2015 Share Posted May 25, 2015 Okay, I don't know exactly what happened anymore. But there is one thing for sure, Someone gained remote access to my computer, I was just browsing on facebook, Typing a few buddies then BAM! A command prompt window opens then a lot of programs begin to install. It said something like RMACCESS or something like that. And it said something about big file sizes transfering and bull. I don't know what the heck is going on. And i need someone's help. What should i do!? I'm typing this from another computer. UPDATE: It's having a BSOD wepage. a fake one. Something is very wrong here.. :'(. Someone help! Link to comment Share on other sites More sharing options...
xendrome Posted May 25, 2015 Share Posted May 25, 2015 1: Don't type out a forum post like the one you previously had all in CAPS and bypassing the swear filter. 2: Disconnect the PC from the internet totally, then download Malwarebytes onto a USB thumb drive and go install it on tha tsystem, and probably run Windows Defender or whatever is already on it, for starters. Link to comment Share on other sites More sharing options...
xendrome Posted May 25, 2015 Share Posted May 25, 2015 On your EDIT: sounds like you need to seek someone professional who can help or just wipe/reload the system. +theblazingangel and kozukumi 2 Share Link to comment Share on other sites More sharing options...
Brandon H Supervisor Posted May 25, 2015 Supervisor Share Posted May 25, 2015 yeah I would nuke it from orbit at this point. with how bad it sounds there's no telling if there's not several back doors hidden on that computer now grab any personal documents/pics ect from the computer with a linux live cd then format that computer and reinstall. it's really the only truly safe way with that bad of an infection astropheed 1 Share Link to comment Share on other sites More sharing options...
Jase Posted May 25, 2015 Share Posted May 25, 2015 what happens when you look in task manager? anything interestingly new show up in the processes tab? have you tried disconnecting from the internet and running a virus and malware scan? Link to comment Share on other sites More sharing options...
benjamine6 Posted May 25, 2015 Author Share Posted May 25, 2015 I know how to reinstall windows, I have a reinstallation disc. But for some reason, I am just unconfortable and i think the motherboard is going to kill itself... IDK why, Link to comment Share on other sites More sharing options...
xendrome Posted May 25, 2015 Share Posted May 25, 2015 I know how to reinstall windows, I have a reinstallation disc. But for some reason, I am just unconfortable and i think the motherboard is going to kill itself... IDK why, sigh +theblazingangel, articuno1au and Raa 3 Share Link to comment Share on other sites More sharing options...
+Frank B. Subscriber² Posted May 25, 2015 Subscriber² Share Posted May 25, 2015 I know how to reinstall windows, I have a reinstallation disc. But for some reason, I am just unconfortable and i think the motherboard is going to kill itself... IDK why, Just do it already. After backing up your personal files, that is. It's easier than trying to repair your messed up installation. Jase 1 Share Link to comment Share on other sites More sharing options...
Jase Posted May 25, 2015 Share Posted May 25, 2015 so what happens when you disconnect your pc from the internet? does the remote access continue? Link to comment Share on other sites More sharing options...
benjamine6 Posted May 25, 2015 Author Share Posted May 25, 2015 UPDATE: I looked on google images and found a BSOD webpage image that looks JUST LIKE the one i encountered. Has anyone seen this before? Link to comment Share on other sites More sharing options...
zhangm Supervisor Posted May 25, 2015 Supervisor Share Posted May 25, 2015 UPDATE: I looked on google images and found a BSOD webpage image that looks JUST LIKE the one i encountered. Has anyone seen this before?https://www.neowin.net/forum/index.php?app=core&module=attach§ion=attach&attach_rel_module=post&attach_id=373058''>855-399-8171-BSOD-ErrorG +theblazingangel and Jase 2 Share Link to comment Share on other sites More sharing options...
Jase Posted May 25, 2015 Share Posted May 25, 2015 (edited) looks fake as, is it just an fullscreen website scaring you into thinking it's an actual BSOD? tried ctrl w? edit: I love how they spelt "technicianss" - that is clear proof this is a FAKE! Osiris 1 Share Link to comment Share on other sites More sharing options...
benjamine6 Posted May 25, 2015 Author Share Posted May 25, 2015 Just do it already. After backing up your personal files, that is. It's easier than trying to repair your messed up installation. It's too late for backing up. I pretty much lost everything at this point. Windows won't get past the boot animation. It sticks there. looks fake as, is it just an fullscreen website scaring you into thinking it's an actual BSOD? tried ctrl w? I knew it was fake from the beginning. It just wouldn't go away. I tried everything i could. Link to comment Share on other sites More sharing options...
link6155 Posted May 25, 2015 Share Posted May 25, 2015 It's too late for backing up. I pretty much lost everything at this point. Windows won't get past the boot animation. It sticks there. You can do this: http://www.howtogeek.com/howto/windows-vista/use-ubuntu-live-cd-to-backup-files-from-your-dead-windows-computer/ Use Ubuntu or some other Linux distro to browse for files from the Windows partition and back it up to some external drive. As for the BSOD screen, that's clearly fake. The phone number is not Microsoft, probably someone trying to scam you. +theblazingangel 1 Share Link to comment Share on other sites More sharing options...
benjamine6 Posted May 25, 2015 Author Share Posted May 25, 2015 So the verdict pretty much is that i have to wipe the hard drive. But i'm not sure if it will even boot to the media, either. Link to comment Share on other sites More sharing options...
Jase Posted May 25, 2015 Share Posted May 25, 2015 So the verdict pretty much is that i have to wipe the hard drive. But i'm not sure if it will even boot to the media, either. whoa slow down.. why would you need to do that? are you sure your files are ruined? what virus scanner do you have? It's too late for backing up. I pretty much lost everything at this point. Windows won't get past the boot animation. It sticks there. I knew it was fake from the beginning. It just wouldn't go away. I tried everything i could. what have you tried? link6155 1 Share Link to comment Share on other sites More sharing options...
Brandon H Supervisor Posted May 25, 2015 Supervisor Share Posted May 25, 2015 So the verdict pretty much is that i have to wipe the hard drive. But i'm not sure if it will even boot to the media, either. you should still be able to boot media. the infection can't effect booting from other media Link to comment Share on other sites More sharing options...
InconspicuousDuck Posted May 25, 2015 Share Posted May 25, 2015 It's too late for backing up. I pretty much lost everything at this point. Windows won't get past the boot animation. It sticks there. I knew it was fake from the beginning. It just wouldn't go away. I tried everything i could. As the others said. Slow down! You'll be OK, but just don't make any silly decisions. 1. Make a linux live USB/DVD on another computer. 2. Boot using the infected computer into the linux USB/DVD WITHOUT booting into Windows (the virus can't affect the live USB/dvd). Don't install it! You should be able to see your Windows partition and files using the file manager. Remember t 3. Copy/upload your most important files to a safe place. 4. Once that's done, wipe your whole hard drive and start over from scratch. Link to comment Share on other sites More sharing options...
kozukumi Posted May 25, 2015 Share Posted May 25, 2015 Boot from your install media (DVD or USB stick or whatever you have to hand). On the drive selection screen press Shift+F10 to open a command prompt. Type in diskpart to run the Microsoft disk management tool. Then follow the instructions at http://knowledge.seagate.com/articles/en_US/FAQ/005929en?language=en_US to wipe the drives and do a clean install. Link to comment Share on other sites More sharing options...
Jase Posted May 25, 2015 Share Posted May 25, 2015 I don't understand why he even needs to wipe the HDD, can't he just run a Virus scanner & Malware scanner.. this seems like a very miniature virus.. a simple scan & quarantine should be able to resolve this.. I don't think a format is necessary, where did he/she state that the infection had gone so far to the point that the computer is unusable? Link to comment Share on other sites More sharing options...
benjamine6 Posted May 25, 2015 Author Share Posted May 25, 2015 Well. I only have one device to put stuff on. And that is full of school projects. Link to comment Share on other sites More sharing options...
Jase Posted May 25, 2015 Share Posted May 25, 2015 then use cloud backup, Dropbox Onedrive..etc. Link to comment Share on other sites More sharing options...
+Warwagon MVC Posted May 25, 2015 MVC Share Posted May 25, 2015 Judging by what happened sounds to me like he got hit by some sort of vulnerability, maybe through malvertizing.. For future reference make sure you keep your Java (f you have it) and Flash and Adobe Reader current on your system. Also install all the Windows update. This is a prime example why sandboxie is amazing. Once you reinstall Windows using your disc it's going to be seriously missing updates. Hopefully that CD contains Service pack 1. After you reinstall Windows do not go surfing the internet until ALLLLLLLL of your Windows updates are done. fusi0n 1 Share Link to comment Share on other sites More sharing options...
Dark_Dayz Posted May 25, 2015 Share Posted May 25, 2015 Boot to safe mode, install malwarebytes, run, reboot, run malwarebytes root kit scanner, profit. Jase 1 Share Link to comment Share on other sites More sharing options...
Dermot Posted May 25, 2015 Share Posted May 25, 2015 this is the exact same way scareware works, it launches a fullscreen ie screen with a fake message with scrollbars and script and menus disabled. you need to reboot in safemode to access your msconfig and remove the malware from starting with the pc you then need to find the file and remove it, checking the fake processes location will tell you that. these malware/scareware instances don't go about destroying your data, if a hacker wanted to hack you he wouldn't go to such details to warn you of it. Link to comment Share on other sites More sharing options...
Recommended Posts