Backdoor to PC left by manufacturer?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Someday over half a year ago, I found my computer was controlled by somebody
because my mouse would move without my intension and programs were
interrupted unexpectively. Therefore I started a thourogh check of my
computer (it is a Windows_XP system).The first thing I did was to unplug the
connection of my ADSL modem aned disble it in the BIOS. Then I enterred the
system with Safe mode and change the setting of the explore to show all
documents including system documents and found some suspicious things in my
computer, such as a "SystemVolumeinformation" with a whole set of restore
documnet in it and a file named "MontepointRemoteContol" and another named
"tracking". ButI disable the system restore function just when I installed
the system. they should not be there!! And then another folder named
"Recycler", the official name should be Recycled and they both existed.
When I try to enter the folder of "SystemVolumeInformation", it told me that
I didn't have the authority of entering this. This is absolutely unreasonable
since I ever enter this for over a hundred time without any barrier.
Then I found over five hundreds of system tracking documents and lots of
program documents in the folder of "Recycler" by using a program named
ONcoming or something. I just delete all the document. Just maybe five
minites later, both the folder reappearred. It is radiculous since the
connection had been unplugged and I didn't installed any wireless netcard and
anything similar.How could this happened?
Then the war between me and maybe any sort of hackers began. I installed
addtionally two hard disks(three totally), another net card, sound card and
VGA card and disable all appliance on the main board. It was useless at all.
Then I format and then lower-level format each hard disks, reinstall all
system program, it just didn't work!!! I was still under his control!!
I found some two G of my hard disk volume just desappeared. I assumed that
he installed another system and maybe something like VMware and then took the
authority of my computer.
When I finished re-installing the system again I found quite a lot of
hardware that just not exited physically like a PNP mode mouse, keyboard,
co-processor and hard disk. I then found even my bios or cmos was controlled
since when I set the first boot devise to CD-Rom, non floppy dick, report no
FDD to win95,disbled the FDC and all these were corrected to the opposite I
enterred the Cmos setting again!! How could all these happened when I am not
using any wireless hardware!! Even I set the jumper of the mainboad to let it
lost any electricity and when I set the CMOS digits and then re-enter it, all
back again.
Is this a wireless backdoor of the PC? Who will leave the backdoor to the
PC???
Appreciate any form of help with a solution that works. Thanks indeed.
I am a MBA and ever a department manager of Fortune 500 company. I don't
need to get any money by doing this.
 
Someday over half a year ago, I found my computer was controlled by somebody
because my mouse would move without my intension and programs were
interrupted unexpectively. Therefore I started a thourogh check of my
computer (it is a Windows_XP system).The first thing I did was to unplug the
connection of my ADSL modem aned disble it in the BIOS. Then I enterred the
system with Safe mode and change the setting of the explore to show all
documents including system documents and found some suspicious things in my
computer, such as a "SystemVolumeinformation" with a whole set of restore
documnet in it and a file named "MontepointRemoteContol" and another named
"tracking". ButI disable the system restore function just when I installed
the system. they should not be there!! And then another folder named
"Recycler", the official name should be Recycled and they both existed.
When I try to enter the folder of "SystemVolumeInformation", it told me that
I didn't have the authority of entering this. This is absolutely unreasonable
since I ever enter this for over a hundred time without any barrier.
Then I found over five hundreds of system tracking documents and lots of
program documents in the folder of "Recycler" by using a program named
ONcoming or something. I just delete all the document. Just maybe five
minites later, both the folder reappearred. It is radiculous since the
connection had been unplugged and I didn't installed any wireless netcard and
anything similar.How could this happened?
Then the war between me and maybe any sort of hackers began. I installed
addtionally two hard disks(three totally), another net card, sound card and
VGA card and disable all appliance on the main board. It was useless at all.
Then I format and then lower-level format each hard disks, reinstall all
system program, it just didn't work!!! I was still under his control!!
I found some two G of my hard disk volume just desappeared. I assumed that
he installed another system and maybe something like VMware and then took the
authority of my computer.
When I finished re-installing the system again I found quite a lot of
hardware that just not exited physically like a PNP mode mouse, keyboard,
co-processor and hard disk. I then found even my bios or cmos was controlled
since when I set the first boot devise to CD-Rom, non floppy dick, report no
FDD to win95,disbled the FDC and all these were corrected to the opposite I
enterred the Cmos setting again!! How could all these happened when I am not
using any wireless hardware!! Even I set the jumper of the mainboad to let it
lost any electricity and when I set the CMOS digits and then re-enter it, all
back again.
Is this a wireless backdoor of the PC? Who will leave the backdoor to the
PC???
Appreciate any form of help with a solution that works. Thanks indeed.
I am a MBA and ever a department manager of Fortune 500 company. I don't
need to get any money by doing this.

\System Volume Information\ folders are created whether or not System
Restore is active. "Owner" permissions override admin permissions. These
folders are owned by the system, hence the access denied status. Add your
account as co-owner and you can access them.

Turning System Restore off removes all data except disk layout information
from a volume's folder. I have no idea why you had so many files in there.
Perhaps you turned system restore off but it somehow became enabled again?
Double check in System Properties that System Restore is indeed turned off
for *all* partitions.

Recycler is the normal name for the Recycle Bin when NTFS is the file
system of choice. It is normal for the folder to reappear if it's been
deleted. Since this is a system folder, System File Protection replaces
this necessary folder if it is removed. The reappearance has nothing to do
with network or internet connections.

No idea about the Recycled folder or the tracking files you're finding.
Norton Protected Bin installed? The protected bin is maintained separately
from Windows' Recycling Bin. Protected Bin has a way of sneaking in -
installed automatically if "typical" or "full" install is performed. Check
Symantec tech documents for more details if Symantec/Norton anything has
ever been installed.

For the tracking items? Any "change logging" software used such as fully
system backup, synching software, or similar that might explain these?

Well, that's the "explain-ables" in your list.

There may be hardware and volume errors (disk errors or partition errors to
explain the missing GB on the hard disks). Certainly possible with all the
hardware changes but can't tell without firsthand access to the system.

I'm not saying that you don't have malware (a trojan, RAT, rootkit,
whatever) doing bad things on your system. I also can't say, based on this
information, that you do. Hopefully and at the very least I took a few
worry items off of your list. For the rest:

MVP Malke maintains a great page that outlines effective procedures for
malware cleanup:

http://www.elephantboycomputers.com/page2.html#Removing_Malware
 
Back
Top