Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Help! Something VERY strange happened to my computer.
21 March 2011 | Mene

Posted on 03/21/2011 8:56:33 PM PDT by MeneMeneTekelUpharsin

Very strange. Suddenly my computer is unilaterally running Utility Man and Narrator and trying to search for files and enter things all by itself. What kind of shenanigans is this? Can anyone explain. Shouldn't have a virus based on activity at all. Deleted utilman.exe and narrator from System32 folder. Still having weird things happening but attempts to access system stopped.


TOPICS: Computers/Internet
KEYWORDS: computer; hack; virus
Can anyone help or explain?
1 posted on 03/21/2011 8:56:37 PM PDT by MeneMeneTekelUpharsin
[ Post Reply | Private Reply | View Replies]

To: MeneMeneTekelUpharsin

Sounds like a hi-jack.

Others .. Much smarter than myself will have to explain.


2 posted on 03/21/2011 9:04:38 PM PDT by freejohn
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeneMeneTekelUpharsin

http://www.abovetopsecret.com/forum/thread36827/pg1


3 posted on 03/21/2011 9:05:11 PM PDT by OL Hickory (Jesus and the American soldier-1 died for your soul/1 died for your freedom)
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeneMeneTekelUpharsin

Is your antivirus program up-to-date?


4 posted on 03/21/2011 9:05:26 PM PDT by Paleo Conservative
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeneMeneTekelUpharsin

If it were me, I would go offline and run an antivirus scan. What should be and what is are often two very different things. It sounds like someone is in your system going through your stuff.


5 posted on 03/21/2011 9:05:35 PM PDT by scott7278 ("...I have not changed Congress and how it operates the way I would have liked..." - BHO)
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeneMeneTekelUpharsin

restart your computer in safe mode with networking capability. Download and install “Malwarebytes” and run it.


6 posted on 03/21/2011 9:06:57 PM PDT by wolfpat (Not to know what has been transacted in former times is to be always a child. -- Cicero)
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeneMeneTekelUpharsin

If your computer is doing uncommanded things... it’s a pretty sure sign that somebody has rooted your computer and is driving it from somewhere else.

If that’s the case... disconnect any physical or wireless internet connections... make sure you have a good backup of your personal data... and wipe it.


7 posted on 03/21/2011 9:09:58 PM PDT by Ramius (Personally, I give us... one chance in three. More tea?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeneMeneTekelUpharsin

What system are you running?


8 posted on 03/21/2011 9:10:50 PM PDT by Ramius (Personally, I give us... one chance in three. More tea?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeneMeneTekelUpharsin

Sounds like a hijack.

This doesn’t happen when the internet is off does it?


9 posted on 03/21/2011 9:11:22 PM PDT by GeronL (The Right to Life came before the Right to Happiness)
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeneMeneTekelUpharsin

Are you using a wireless router without a password/WEP?


10 posted on 03/21/2011 9:12:32 PM PDT by GeronL (The Right to Life came before the Right to Happiness)
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeneMeneTekelUpharsin

Congrats. You are a newly initiated member of a bot net. All your bytes are belong to us.

BWAHAHAHAHA!


11 posted on 03/21/2011 9:13:01 PM PDT by mamelukesabre (Si Vis Pacem Para Bellum (If you want peace prepare for war))
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeneMeneTekelUpharsin

If its wibndows:

The first thing I try is to do a System restore.

Get to know your task manager well and what’s running.

After a restore try a scan with MalwareBytes and a trial copy ESETNOD32 anti-virus.

If it loads with boot then you shall have to try a diff approach that may even require you turning off system restore.


12 posted on 03/21/2011 9:13:17 PM PDT by NoLibZone (Impeach Obama & try him for treason / Homosexuals reject diversity / Unions finally caught for theft)
[ Post Reply | Private Reply | To 1 | View Replies]

To: NoLibZone

Run Hijackthis ( free) to see what’s running.

Don’t act on anything unless you know what you ask Hijackthis to stop.

It does offer a registry backup prior to action which you should run.


13 posted on 03/21/2011 9:16:24 PM PDT by NoLibZone (Impeach Obama & try him for treason / Homosexuals reject diversity / Unions finally caught for theft)
[ Post Reply | Private Reply | To 12 | View Replies]

To: MeneMeneTekelUpharsin

Use System Restore. Unless the hijacker is of the variety that disables System Restore, it is the best way to go back before the problem.
Otherwise, like another guy said already, you’ll have to re-install your operating system.


14 posted on 03/21/2011 9:18:01 PM PDT by Migraine (Diversity is great... ...until it happens to YOU.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeneMeneTekelUpharsin

Curiously, your computer posted this thread without your knowledge or approval.


15 posted on 03/21/2011 9:20:15 PM PDT by Lazamataz (The Democrat Party is Communist. The Republican Party is Socialist. The Tea Party is Capitalist.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeneMeneTekelUpharsin

Before you do a system restore,be sure to disconnect your internet connection.


16 posted on 03/21/2011 9:20:47 PM PDT by Nooseman (mutt)
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeneMeneTekelUpharsin

Zer0’s fault.


17 posted on 03/21/2011 9:24:49 PM PDT by Paladin2
[ Post Reply | Private Reply | To 1 | View Replies]

To: Lazamataz

Very funny.


18 posted on 03/21/2011 9:32:23 PM PDT by MeneMeneTekelUpharsin (Freedom is the freedom to discipline yourself so others don't have to do it for you.)
[ Post Reply | Private Reply | To 15 | View Replies]

To: Ramius

Windows XP


19 posted on 03/21/2011 9:32:47 PM PDT by MeneMeneTekelUpharsin (Freedom is the freedom to discipline yourself so others don't have to do it for you.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: MeneMeneTekelUpharsin
Have you recently visited a site that had *nekkid wimins* on it?............Just asking.
20 posted on 03/21/2011 9:37:43 PM PDT by The Cajun
[ Post Reply | Private Reply | To 19 | View Replies]

To: MeneMeneTekelUpharsin

When I see ANYTHING suspicious going on, the first thing I do is slam (okay, I push) my modem’s ‘standby’ button to disconnect from the internet. Then I bring up and run ‘Window Washer’. Case closed, every time.

(I do have two AV programs running simultaneously: Webrrot and Norton.)

Good luck.


21 posted on 03/21/2011 9:46:01 PM PDT by Lancey Howard
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeneMeneTekelUpharsin

Time to wipe and rebuild. Go with Win 7 next.

That’s my .02


22 posted on 03/21/2011 9:48:45 PM PDT by Ramius (Personally, I give us... one chance in three. More tea?)
[ Post Reply | Private Reply | To 19 | View Replies]

To: Lancey Howard

While all you experts are on line, here’s one more. My PC has the White Smoke virus. Malwarebytes doesn’t wipe it. I guess my next step is UGH! Format & reinstall. System Restore didn’t do it, since the virus came shortly after installation. Any suggestions?


23 posted on 03/21/2011 10:03:02 PM PDT by cliff630
[ Post Reply | Private Reply | To 21 | View Replies]

To: cliff630

boot linux from the cd, install a virus cleaner e.g. clamav, mount the windows partition, and scan it from linux


24 posted on 03/21/2011 10:08:54 PM PDT by HiTech RedNeck (Hawk)
[ Post Reply | Private Reply | To 23 | View Replies]

To: MeneMeneTekelUpharsin
Yes--and I felt very guilty laughing as hard as I did! Gotta give it to Laz--he's cold, but darn funny!

Anyway--hope you get your problem fixed SOON!

And--feel stupid asking this--but if you turn off your computer (I just got WiFi), can an intruder get into it?

25 posted on 03/21/2011 10:27:00 PM PDT by milagro
[ Post Reply | Private Reply | To 18 | View Replies]

To: milagro
And--feel stupid asking this--but if you turn off your computer (I just got WiFi), can an intruder get into it?

*rolls eyes* *shakes head*

Yes, but he'd have to break into your house, and be equipped with a screwdriver in order to get the side cover off...

If your computer is off... your computer is OFF. ; )

26 posted on 03/21/2011 10:38:35 PM PDT by roamer_1 (Globalism is just Socialism in a business suit.)
[ Post Reply | Private Reply | To 25 | View Replies]

To: cliff630

Sorry, I’m no expert.
I just know what works for me on my antique computer.


27 posted on 03/21/2011 10:41:29 PM PDT by Lancey Howard
[ Post Reply | Private Reply | To 23 | View Replies]

To: cliff630

What are you running for anti-virus?


28 posted on 03/21/2011 10:42:24 PM PDT by roamer_1 (Globalism is just Socialism in a business suit.)
[ Post Reply | Private Reply | To 23 | View Replies]

To: MeneMeneTekelUpharsin

Pull the pin on that thermite block and leave the room quickly.
Don’t forget your coffee cup.


29 posted on 03/22/2011 12:31:42 AM PDT by MadJack ("Patience is bitter, but its fruit is sweet." (Afghan proverb))
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeneMeneTekelUpharsin
Attempt post 24’s result.
30 posted on 03/22/2011 1:53:37 AM PDT by allmost
[ Post Reply | Private Reply | To 1 | View Replies]

To: HiTech RedNeck
boot Linux from the CD, install a virus cleaner e.g. clamav, mount the windows partition, and scan it from Linux

Cliff - All in all, that is very wise advice. Basically take over your hard drive from outside and clean it up. Unfortunately, the average PC user around here would faint once the Linux OS booted.

Advice to all - Listen to Cliff, but you are going to need to find a linux-friendly friend to walk you through this

31 posted on 03/22/2011 4:02:37 AM PDT by Dustoff45 (The current POTUS is so temporary that FR does not even show his name in their dictionary)
[ Post Reply | Private Reply | To 24 | View Replies]

To: The Cajun

Thanks to everyone for your help. Ran Malwarebytes on the computer and found malware. Killed it. Did System Restore as well (I knew that). Running fine so far. Chewed kids out. One of them.....


32 posted on 03/22/2011 6:46:56 AM PDT by MeneMeneTekelUpharsin (Freedom is the freedom to discipline yourself so others don't have to do it for you.)
[ Post Reply | Private Reply | To 20 | View Replies]

To: roamer_1
As my dear late husband always promised he would put on my headstone:

"I KNEW THAT"

(not!):>)

33 posted on 03/22/2011 12:09:13 PM PDT by milagro
[ Post Reply | Private Reply | To 26 | View Replies]

To: MeneMeneTekelUpharsin


34 posted on 03/22/2011 12:20:42 PM PDT by JoeProBono (A closed mouth gathers no feet - Visualize)
[ Post Reply | Private Reply | To 1 | View Replies]

To: JoeProBono

bttt


35 posted on 03/22/2011 12:21:50 PM PDT by ConservativeMan55
[ Post Reply | Private Reply | To 34 | View Replies]

To: OL Hickory
I love that list. I once got a hit from a nonsecure NORAD server. I think it was the Santa Claus tracking program!!!
36 posted on 03/22/2011 12:24:06 PM PDT by mad_as_he$$
[ Post Reply | Private Reply | To 3 | View Replies]

To: The Cajun

There are nekkid wimins on teh Interwebz? Dang!


37 posted on 03/22/2011 12:26:32 PM PDT by Constitution Day
[ Post Reply | Private Reply | To 20 | View Replies]

To: cliff630

There is no recovery from white smoke!!!1

They put it in at the wafer fab, once you let it out you are screwed.

komando.com


38 posted on 03/22/2011 12:26:45 PM PDT by mad_as_he$$
[ Post Reply | Private Reply | To 23 | View Replies]

To: MeneMeneTekelUpharsin

Have you seen any messages about your computer having the greatest enthusiasm for the mission?


39 posted on 03/22/2011 12:28:00 PM PDT by tacticalogic
[ Post Reply | Private Reply | To 1 | View Replies]

To: Constitution Day
There are nekkid wimins on teh Interwebz? Dang!

Rumor has it as they frolic around, they can cause all kinds of computer mischief :^)

Just got through looking at a relatives HP Inspirion (under a year old). Hard drive bit the bullet, told him to return for warranty repair and take patience pills as needed (Knowing HP *speedy* repair).

40 posted on 03/22/2011 7:37:40 PM PDT by The Cajun
[ Post Reply | Private Reply | To 37 | View Replies]

To: MeneMeneTekelUpharsin
Really like Malwarebytes, recommend it to all my relatives even though they have good up to date anti-virus/firewall software. It'll find things that the *paid for* programs will miss.
41 posted on 03/22/2011 7:45:35 PM PDT by The Cajun
[ Post Reply | Private Reply | To 32 | View Replies]

To: MeneMeneTekelUpharsin

While we are on the subject, what do you all think of Kaspersky?

I ‘like’ it but once I found out it was a “Russian” program I got a gnawing feeling that I am locking the horses out of the barn.....


42 posted on 03/22/2011 7:54:58 PM PDT by xrmusn ((6/98) "The difference between genius and stupidity is that genius has its limits")
[ Post Reply | Private Reply | To 1 | View Replies]

To: mad_as_he$$
You Say "There is no recovery";

Aren't you talking about Odumba??

43 posted on 03/23/2011 10:11:29 AM PDT by cliff630
[ Post Reply | Private Reply | To 38 | View Replies]

To: HiTech RedNeck
Yes, I remember the old days; Ritchie & friends @ Bell labs with their O/S
(writen in C) which has grown into Linux and C++. Those were the good old days MS DOS and (DR DOS 7, the ultimate. No viruses in those days.
Access to all the old programming languages. Remember SNOBOL? How about the famous ELIZA. Do you remember the language it written in.
Hint Many (((((()))))) (error!!

Yes, we are always facing trade offs. eg. Speed vs Comfort,

44 posted on 03/23/2011 10:38:07 AM PDT by cliff630
[ Post Reply | Private Reply | To 24 | View Replies]

To: cliff630

;-)


45 posted on 03/23/2011 11:23:42 AM PDT by mad_as_he$$
[ Post Reply | Private Reply | To 43 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson