Jump to content

Computer hacked - help!


Tofer

Recommended Posts

6 hours ago, Tofer said:

I have a Sony Vaio which has an assist button, but it says I have no problems in the 'solution centre'. It recommended system tune up and when I tried to run that it froze up, so I shut down again.

 

Thank you for your offer of the SSD, but at the moment I'm more interested in getting my computer to work properly and not too concerned about it's speed right now. I will certainly consider this upgrade if / when I get this machine to someone to fix the software intrusion problems, or purchase a new machine.

Here is an example how to factory reset a Vaio. Your Vaio may be a different model and instead of F10 may be a different fn key. What's your exact model number? Any sticker underneath.

Backup your important info to USB hard drive or stick first.

It really sounds like you need a clean fresh install by this method though. Easy peasy.

It gets harder if you have no factory restore partition. Viao should have it.

 

  • Thanks 1
Link to comment
Share on other sites

8 hours ago, Tofer said:

What confuses me though is how they manage to re-establish their control of my machine after I have had the computer completely wiped clean and rebooted by a professional computer technician in the UK, twice, reset to an earlier date 3 times by me, all to no avail.

 

 

19 minutes ago, stud858 said:

 

Backup your important info to USB hard drive or stick first.

It really sounds like you need a clean fresh install by this method though. Easy peasy.

It gets harder if you have no factory restore partition. Viao should have it.

 

It seems he's already done a factory restore, twice, yet the issue persists, which would suggest there's some trojan / malware hiding amongst the backup files that have been subsequently restored.

  • Sad 1
Link to comment
Share on other sites

2 minutes ago, Stocky said:

 

It seems he's already done a factory restore, twice, yet the issue persists, which would suggest there's some trojan / malware hiding amongst the backup files that have been subsequently restored.

I think he's used a soft restore via windows. He needs to boot to the hidden restore partition on the hard drive. A hard factory reset. I didn't see any posts suggesting he's done that.

  • Like 2
Link to comment
Share on other sites

18 minutes ago, Tofer said:

What if I did try to save all my documents and photos to Cloud or similar, would their protection prevent any Trojans or malware or whatever demons passing across?

I would try to make sure that whatever data you uploaded to the cloud in the first instance was as clean as you could get it. I have been using the cloud for a couple of years now, there are hardly any personal files on any of my computers.

 

But to be completely honest I'm not sure what sort of antivirus/anti malware they would be running, but again I'm pretty sure they would have something to protect their servers so, in turn they would probably alert you if one of your files were corrupt.

 

Perhaps someone with better knowledge of this could answer you?

  • Thanks 1
Link to comment
Share on other sites

8 hours ago, Tofer said:

I have had the computer completely wiped clean and rebooted by a professional computer technician in the UK, twice,

7 minutes ago, stud858 said:

I think he's used a soft restore via windows. He needs to boot to the hidden restore partition on the hard drive. A hard factory reset. I didn't see any posts suggesting he's done that.

That sounds like a full factory reset to me, though admittedly not explicitly described as such.

 

.

Edited by Stocky
Link to comment
Share on other sites

1 minute ago, chrisinth said:

I would try to make sure that whatever data you uploaded to the cloud in the first instance was as clean as you could get it. I have been using the cloud for a couple of years now, there are hardly any personal files on any of my computers.

 

But to be completely honest I'm not sure what sort of antivirus/anti malware they would be running, but again I'm pretty sure they would have something to protect their servers so, in turn they would probably alert you if one of your files were corrupt.

 

Perhaps someone with better knowledge of this could answer you?

You need to copy all of what you want to backup on external backup first. Then wipe hard drive clean and reinstall fresh windows. 

Then the next step will come of checking the integrity of your backup later.

Do step 1 and 2 first.

Step 1. Backup important docs,photos etc.

Step 2 back to factory windows

Already discussed.

Step 3. Put back safe files. Still to discuss.

 

  • Like 1
  • Thanks 1
Link to comment
Share on other sites

2 minutes ago, Stocky said:

That sounds like a full factory reset to me, though admittedly not explicitly described as such.

 

.

Yes full factory reset just like out of the box. Unadulterated, uninfected fresh windows. The only way to be sure and get things done quickly.

Link to comment
Share on other sites

4 minutes ago, stud858 said:

I think he's used a soft restore via windows. He needs to boot to the hidden restore partition on the hard drive. A hard factory reset. I didn't see any posts suggesting he's done that.

Might be an idea if he went to Disk Management to make sure he has a recovery partition.

 

On W7 go to Control Panel\Administrative Tools\Computer Management\Disk Management (I think!).

 

He should see a similar display as that below; this was taken from a W10 confuser.

 

1358231211_diskman.jpg.e8f69c83849d41ccff04dd3d9818a0b0.jpg

Link to comment
Share on other sites

1 minute ago, chrisinth said:

Might be an idea if he went to Disk Management to make sure he has a recovery partition.

 

On W7 go to Control Panel\Administrative Tools\Computer Management\Disk Management (I think!).

 

He should see a similar display as that below; this was taken from a W10 confuser.

 

1358231211_diskman.jpg.e8f69c83849d41ccff04dd3d9818a0b0.jpg

Sometimes hidden, corrupted or hard to know what the partition has. No real need to know anyway.

 

Just Need to know model number. Find out which key to tap.

Tap the key on startup. Either the menu will show( factory restore possible) 

Or the menu won't show( no factory restore possible).

So the next big question. Look underside of laptop and look for model number. Or check manual.

Link to comment
Share on other sites

16 minutes ago, stud858 said:

Yes full factory reset just like out of the box. Unadulterated, uninfected fresh windows. The only way to be sure and get things done quickly.

As long as nothing nasty has got into the partition tables. This is why I suggested in an earlier post the only way to be (almost) sure you are starting with a clean disk is to remove all partitions on the disk and then format before continuing with a proper fresh install. Please note that this is only for a known infected computer; I wouldn't normally clean out the partitions just for a clean install.

 

Factory reset is the easy way to do it if available as long as you know the recovery partition hasn't been compromised. And by going down the reset path you will still need all your updates downloaded and likely be left with all the bloatware from a probable OEM from the manufacturer. So a proper fresh install for me would be the preferred course.

 

As the OP has stated, two times previously a professional has reinstalled. IMO not much chance of the manufacturer's recovery partition remaining but you never know.

 

At the end of the day using the reset is fine (if available). I probably complicate things by going the extra couple of steps.

Edited by chrisinth
Link to comment
Share on other sites

1 minute ago, chrisinth said:

As long as nothing nasty has got into the partition tables. This is why I suggested in an earlier post the only way to be (almost) sure you are starting with a clean disk is to remove all partitions on the disk and then format before continuing with a proper fresh install.

 

Factory reset is the easy way to do it if available as long as you know the recovery partition hasn't been compromised. And by going down the reset path you will still need all your updates downloaded and likely be left with all the bloatware from a probable OEM from the manufacturer. So a proper fresh install for me would be the preferred course.

 

As the OP has stated, two times previously a professional has reinstalled. IMO not much chance of the manufacturer's recovery partition remaining but you never know.

 

At the end of the day using the reset is fine (if available). I probably complicate things by going the extra couple of steps.

never heard of or experienced problems with factory partitions being infected. Corrupted possible, but infected, no.

Anyway even if possible, the steps remain the same.

If the factory partition windows were to fail then it needs a person with more experience than the op may have.

I.e. boot up a windows install CD or USB. Make sure boot type and sequence is correct. Format partitions, deal with drivers. Etc

Is there a Model number underside?

 

 

Link to comment
Share on other sites

10 minutes ago, Stocky said:

I consider this the quickest way to get things sorted!

 

https://blog.linuxmint.com/?p=3669

Does this install from within windows? Need to make bootable usb? Will it support drivers for viao

 

Actually im interested in this Linux  to put on my Acer windows tablet.

Do you think it has touch screen support for pc tablets? Will drivers be installed automatically?

Link to comment
Share on other sites

You need to do your own due diligence, there is plenty of support for Linux Mint, just search Linux Mint and the make and model number.

 

I wouldn't install from within Windows, rather create a bootable USB or DVD.

Link to comment
Share on other sites

On 2/4/2019 at 10:49 AM, TGIR said:

I hate to repeat myself so I'll try to be concise.  I posted to Facebook a recap of my computer travails yesterday.  If you're on Facebook there was a lengthy discussion about similar subjects.

 

Here's what I found out directly from Microsoft and Facebook while I was in the process of replacing my old laptop over the past three weeks......I bought a used one.......wouldn't charge the battery, junked it and bought a new one....had Windows 10 on it and I spent an entire day trying to set the GDmmmed thing up.  Finally went to Advice in Cha Am where I bought it and ordered a PC WITHOUT Win 10......Got a new one with Windows 8.1......only have a problem about every half hour or so when I get a BIG notice from Microsoft that my brand new computer has a chip that isn't supported by them anymore.......so I should buy a new one with Windows 10 and my problems will be solved.....thanks but no thanks......I could give a rats behind If I won't be getting their updates which F the whole computer up anyway.

 

O.K.  sorry, got carried away. Here's the deal, verified in writing on my new computer(s)..... Windows has all the info on your computer whether they need it or not.  They can arbitrarily update your computer whenever they want to.......if you're a Win 10 user.  Other users with Win 7 or 8 can try to stop them by making sure they are notified of updates and by instructing their computer not to install any updates without permission.  Google, you will find out if you are installing Google on a new machine, already tracks anything and everything you do on your Google enhanced computer.....they will even ask you what you want to track, or not track......although my secret super brain thinks they are going to keep doing it whether you want them to do it or not.....they'll just tell you they're not doing it and assume you, like the other 98% of us dumb asses will believe them.

 

In closing, I hope this made you feel better......personally, I have to go take a shower......yuk!  Just do some reading up on Win 10 before you go any further.......you CAN choose to use Win 7 or 8 which may be supported for a couple more years but personally I'll choose not to be supported at all, and buy a new computer when the one I have takes a dump I can't fix........I'd try Unix but at my age I'd rather have a daily rectal exam.......

 

You need help. Unfortunately, I'm nowhere near you, so can't do much.

Working through it backwards. You had Windows 10 Home. Not a good thing. Windows 10 Home is basically the first line of defence for the average consumer. It's not easy to defer Updates, so you are testing the Updates that they push out. When it all goes wrong you report back and they start fixing....

Windows 10 Pro users can defer Updates, so Home users test them and when all is assured, Windows 10 Pro users can install them at leisure.

The caveat is that you need to go into the Settings and set up the OS the way that you like it. 

 

Next, the Windows 8.1 device. It is fine and is supported, the problem is that you didn't know how to fix the issue.

I am actually running a Windows XP era device with Windows 10 Pro on it. So a Windows 8.1 device is virtually new in comparison. I would have it up and running in minutes.

 

Lastly the device that wouldn't charge....maybe it just needed a new battery or the adaptor was kaput. 

 

One thing about which you are right.....don't trust any of them. Set everything to Do Not Track and then supplement that with Browsers that block tracking together with lists publicly available that block other attempts at tracking.

 

 

Link to comment
Share on other sites

On 2/4/2019 at 5:17 AM, Tofer said:

I really appreciate all your advice.

 

But as I mentioned in the OP I am a technical dinosaur, and much of what is being stated is like a foreign language.

 

I will try again resetting to an earlier date and changing my email password, and all others, which is about the limit of my capabilities. But the problems tend to re-occur soon after.

 

How exactly are they getting into my computer is the real dilemma?

 

If anyone can recommend a technician who can fix everything I would happily revert to them for assistance.

 

Funny, I thought about visiting Krabi the other day... then your problems would be over.

 

I concur with the simple advice of changing the HDD to an SSD, as anything dodgy is likely stored on the HDD. Then clean installing to the new SSD. This is the least difficult path for you.

There is also the possibility that you have an infected BIOS. You can read more about it here; https://securelist.com/mybios-is-bios-infection-a-reality/36421/

 

To eliminate this possibility, you could re-flash the BIOS with one from the manufacturer.

 

For that you/we would need the exact model number of your laptop/PC.

 

So my advice would be to Flash the BIOS, fit an SSD and clean install the OS to it.

 

One more thing, your Home Router might be infected. So again, the full model number of that will be needed in order to ensure that you obtain the correct instructions to make sure than is also clear.

 

I'm here from time to time, so can look into your progress. But it's fair to say that you have too many cooks on this thread. ????

  • Thanks 1
Link to comment
Share on other sites

Many thanks again for all your input and advice. Although I must say I'm getting rather confused by it all at this point. I will definitely need some help and will try to find that locally.

 

I couldn't say whether the reboots were soft or hard according to your definitions, just that a computer expert was asked to sort my problems. He managed to do it all and retain my files. Perhaps there lies the problem if the files are infected.

 

I cannot download my files at present, as the Trojan / malware is trying to delete everything I try to open. Yesterday I booted up for the first time and found the computer to be ok with defender switched on and no intrusion into my files. Then my screen froze when I tried to run scans and checks so I logged off, and as soon as I logged on again it was back to the compromised scenario.

 

The computer model number is Sony Vaio - PCG-71311M. 

 

 

Link to comment
Share on other sites

14 hours ago, stud858 said:

Sometimes hidden, corrupted or hard to know what the partition has. No real need to know anyway.

 

Just Need to know model number. Find out which key to tap.

Tap the key on startup. Either the menu will show( factory restore possible) 

Or the menu won't show( no factory restore possible).

So the next big question. Look underside of laptop and look for model number. Or check manual.

Model number Sony Vaio - PCG-71311M. 

 

Thanks.

Link to comment
Share on other sites

Your own files are unlikely to be infected with anything, but it is possible. Not something I would worry about too much though.

 

You should be able to boot the PC from a bootable USB key and that should allow you to access your files and back them up. Even without a bootable key if your PC starts at all you should be able to easily copy your files to a backup without opening them (using Windows Explorer). In fact I would avoid opening any file until this is sorted out.

Start the PC, do not run any checks, do not open any files or programmes apart from Windows Explorer. Then just copy the entire contents of your documents and pictures and media folders (and anywhere else where you may have stored your data) to some external storage. Make this a priority as it will make your data safe.

Then look at restoring the system using the built-in Sony software (if any) or reinstalling Windows afresh.

  • Thanks 1
Link to comment
Share on other sites

43 minutes ago, Tofer said:

Model number Sony Vaio - PCG-71311M. 

 

Thanks.

Ok. Cheers, before going on. Are you happy that you've backed up your very important files?

If you keep tapping f8 while the computer starts and immediately after you press the power on button. You will have the option menu appear to allow Safe mode.

Best choose that to do backup.

Be aware that computer must be properly shut down first and not just in sleep or hibernation mode to recognise f8 key press

Let me know you have completed backup because the next step wipes everything.

Link to comment
Share on other sites

3 hours ago, stud858 said:

Ok. Cheers, before going on. Are you happy that you've backed up your very important files?

If you keep tapping f8 while the computer starts and immediately after you press the power on button. You will have the option menu appear to allow Safe mode.

Best choose that to do backup.

Be aware that computer must be properly shut down first and not just in sleep or hibernation mode to recognise f8 key press

Let me know you have completed backup because the next step wipes everything.

 

The OP did mention that he cannot obtain access to the files in order to clear them.

So you should make clear that you want him to go into Safe Mode in order to try to copy them in the first instance.

 

All of this is 'moot' if there is no Restore Partition, so you should check to see if the Recovery process is working before moving forward, otherwise the time would be better spent swapping to SSD and clean installing to it.

 

 

Link to comment
Share on other sites

It takes literally 10 seconds to turn the computer on, tap the F10 key or "alt" key plus F10 key together to get to recovery process going. These are the usual keys for viao. The rest of the process takes up to an hour and just requires answering a few simple questions or  selections.It's only hope the op has to do it by himself it seems. It's worth persuing. Sure the recovery partition may not be there but until tried you'll never know.

 

I haven't heard back if the op has tried the above. 

 

As for the backups, how is the op doing with that? Could you boot into safe mode? Does the computer run stable enough to copy your files to USB?

 

 

 

 

Link to comment
Share on other sites

7 hours ago, stud858 said:

It takes literally 10 seconds to turn the computer on, tap the F10 key or "alt" key plus F10 key together to get to recovery process going. These are the usual keys for viao. The rest of the process takes up to an hour and just requires answering a few simple questions or  selections.It's only hope the op has to do it by himself it seems. It's worth persuing. Sure the recovery partition may not be there but until tried you'll never know.

 

I haven't heard back if the op has tried the above. 

 

As for the backups, how is the op doing with that? Could you boot into safe mode? Does the computer run stable enough to copy your files to USB?

 

 

 

 

 

 

That's what I just wrote. That he should test the Factory Restore procedure in the first instance.

If it works, he can cancel it and then move to copying off his data. If it doesn't, remove HDD, replace with SSD and clean install.

 

Though of course there remains the possibility that a Factory Restore is not the answer.

Link to comment
Share on other sites

Hi Tofer

It might be worth trying Malwarebytes free trial  https://www.malwarebytes.com/mwb-download/thankyou/

run a full scan, if it finds something it will automatically delete it. Then restart your system.

 

If that fails then you might need to do a full recovery, some system recovery gives you an option to keep all your files such as pictures and documents you've saved on your hard drive. Here's some instructions for recovery on windows 7

https://neosmart.net/wiki/system-recovery-options/#System_Recovery_Options_in_Windows_7

  • Thanks 1
Link to comment
Share on other sites

On 2/5/2019 at 11:01 AM, Tofer said:

I have an iPad and a, so called, smart phone, but they don't have SD slots, DVD or USB ports to connect anything. 

 

I have a lot of files on my laptop both documents and photos, and I wouldn't have the first idea about how to save them across to an iPad. You will probably suggest Microsoft cloud or something similar, BUT..., can I trust those remote facilities as much as my own hardware? Will my compromised machine pass on the same problems I have now via that facility?

 

You can probably surmise that I'm nervous as hell about trusting any technology now.

 

You can get various apps (Documents by Readdle or Good Reader and many others) that will allow you to transfer all your files easily via WiFi/network from your computer to your iPad. Alternatively, yes the Microsoft / Google / Apple clouds are pretty safe, backed up and maintained by pros.  

  • Thanks 1
Link to comment
Share on other sites

Thanks for the latest advice.

 

I started this morning with the recommendation to boot up with the F10 / alt function keys - no joy.

 

The Windows boot manager screen that opens up immediately I switch on does not allow me to do anything, e.g. Escape or use the F8 function noted therein. The only way I can move on to boot up is to accept the preselected 'windows 7' OS by clicking enter.

 

I managed to download the malware trial recommend by Elad, and the scan identified 48 threats, which I then quarantined.

 

Upon restarting I got the same 'windows boot manager screen, no response to the F10 key, then a 'check disc c screen already with a note stating "disc checking has been cancelled". Also the same auto deleting messages as before.

 

Restarted in 'safe mode' and inserted USB memory stick, got message "folder access denied". So I shut down the computer again and restarted it. Still had the windows boot manager screen up first but then when all up and running it appears to be without the previous issues. However this has happened previously, so until I log off and restart again I'm not confident everything is sorted.

 

During this respite from the problems I've managed to save across all my photos and document files - hallelujah!

 

I have yet to try to restart again, but will try resetting to an earlier date etc. before I shut down.

 

I will let you know how I get on in due course, but I need to attend to other things this pm. In Krabi tomorrow, so will try to find the SSD unit there. Any particular brand recommended / compatible for my Sony Vaio?

Edited by Tofer
Link to comment
Share on other sites

On 2/6/2019 at 10:27 AM, stud858 said:

Ok. Cheers, before going on. Are you happy that you've backed up your very important files?

If you keep tapping f8 while the computer starts and immediately after you press the power on button. You will have the option menu appear to allow Safe mode.

Best choose that to do backup.

Be aware that computer must be properly shut down first and not just in sleep or hibernation mode to recognise f8 key press

Let me know you have completed backup because the next step wipes everything.

 

On 2/6/2019 at 10:27 AM, stud858 said:

Ok. Cheers, before going on. Are you happy that you've backed up your very important files?

If you keep tapping f8 while the computer starts and immediately after you press the power on button. You will have the option menu appear to allow Safe mode.

Best choose that to do backup.

Be aware that computer must be properly shut down first and not just in sleep or hibernation mode to recognise f8 key press

Let me know you have completed backup because the next step wipes everything.

Yes, back up done. Thanks.

Link to comment
Share on other sites

Pressing of the F10 key or and with the alt key can be temperamental

Try a few more times. Be quick to start tapping away at the/those key/s. Try pressing and holding  down continuosly for 20 seconds And be sure the computer is booting from a complete shutdown. When you're in windows Pressing and holding the laptops power button down for 10 seconds will completely shut down. The screen should blank out suddenly during that 10 seconds for a complete shutdown. 

 

Once exhausted a few attempts of getting into factory restore we would have to come to the conclusion that factory restore partition didn't exist in the first place, has been deleted, or corrupted or it has been disabled in the disk management that was mentioned in a previous post.

it seems you will need personalised , face to face help.

The charge for reinstalling fresh windows shouldn't be more than a thousand baht at a computer store.

If you buy an SSD then you could get a discount on install.

SSD 250gb drive should be about 2 thousand baht.

 

It's a pity no factory restore menu could be accessed. It makes things super easy

 

Good luck.

 

 

 

 

Link to comment
Share on other sites

2 hours ago, stud858 said:

Pressing of the F10 key or and with the alt key can be temperamental

Try a few more times. Be quick to start tapping away at the/those key/s. Try pressing and holding  down continuosly for 20 seconds And be sure the computer is booting from a complete shutdown. When you're in windows Pressing and holding the laptops power button down for 10 seconds will completely shut down. The screen should blank out suddenly during that 10 seconds for a complete shutdown. 

 

Once exhausted a few attempts of getting into factory restore we would have to come to the conclusion that factory restore partition didn't exist in the first place, has been deleted, or corrupted or it has been disabled in the disk management that was mentioned in a previous post.

it seems you will need personalised , face to face help.

The charge for reinstalling fresh windows shouldn't be more than a thousand baht at a computer store.

If you buy an SSD then you could get a discount on install.

SSD 250gb drive should be about 2 thousand baht.

 

It's a pity no factory restore menu could be accessed. It makes things super easy

 

Good luck.

 

 

 

 

Thanks. I'll have another go and see if I can get it started.

Link to comment
Share on other sites

4 hours ago, Tofer said:

Thanks for the latest advice.

 

I started this morning with the recommendation to boot up with the F10 / alt function keys - no joy.

 

The Windows boot manager screen that opens up immediately I switch on does not allow me to do anything, e.g. Escape or use the F8 function noted therein. The only way I can move on to boot up is to accept the preselected 'windows 7' OS by clicking enter.

 

I managed to download the malware trial recommend by Elad, and the scan identified 48 threats, which I then quarantined.

 

Upon restarting I got the same 'windows boot manager screen, no response to the F10 key, then a 'check disc c screen already with a note stating "disc checking has been cancelled". Also the same auto deleting messages as before.

 

Restarted in 'safe mode' and inserted USB memory stick, got message "folder access denied". So I shut down the computer again and restarted it. Still had the windows boot manager screen up first but then when all up and running it appears to be without the previous issues. However this has happened previously, so until I log off and restart again I'm not confident everything is sorted.

 

During this respite from the problems I've managed to save across all my photos and document files - hallelujah!

 

I have yet to try to restart again, but will try resetting to an earlier date etc. before I shut down.

 

I will let you know how I get on in due course, but I need to attend to other things this pm. In Krabi tomorrow, so will try to find the SSD unit there. Any particular brand recommended / compatible for my Sony Vaio?

 

 

Order online if you can. The best consumer units currently are Samsung EVO 860 or Crucial MX500.

Online prices 1900 or less for a 250 GB SSD.

 

Crucial; https://www.invadeit.co.th/product/solid-state-drives-ssd/crucial/mx500-250gb-2-5inch-internal-ssd-ct250mx500ssd1-p034803/

 

Samsung; https://www.invadeit.co.th/product/solid-state-drives-ssd/samsung/ssd-860-evo-sata-iii-250gb-2-5inch-mz-76e250bw-p034249/

 

 

You can find them more cheaply, but I like the idea of buying from a reputable vendor.

 

Have you Windows 7 or Windows 10 currently installed? I don't remember.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.




×
×
  • Create New...