I think i have the answer to alot of peeps problems!

I think i have the answer to alot of peeps problems! but before i post what i ave i need to speak with admin of this site first. i have been doing research for the past 4 weeks night and day and its big! admin has my email please reply asap thanks

 

Must all be asleep right now!

 

Bump

 

1. That first post is so vague and devoid of information that it's hardly surprising that no one bit.

2. The fact that the first poster thinks he/she has to have admin approval before revealing this "answer to a lot of peeps problems" kinda smells like a day-old fish out of water.

3. This forum is not a haven for suckers or scammers. The regulars here are real computing experts, and scamming is not tolerated at all here. Go find another place to peddle your warez.

 

Wisewiz,
Thanks for your post, as that was what I was hoping for, a senior member replying with something along the lines of what I thought, hence my bump.

 

And you can always report posts like this by clicking on the little exclamation point in the top corner.

 

yes i am sorry for the vague post from a first time poster. i understand your points of view exactly. alittle history of why here! i have been working on my network here for the past 4 weeks since it was comprimised by someone,something,some company. anyhow how i got here was through numerous google searches and saw most posts with same type symptoms. it all started with a backdoor report from 1 of my spy/trojan alerts i think i caught it just in time or at first setup stage. i have been a member of various large boards but the past 4 years or so i have kept a low profile regarding public boards. i wanted to talk with admin of this board before posting maybe very contraversial* info. i am willing to post but would really prefer some sort of approval first. i will explain fully to admin before hand and show my info that i have acumulated. Sorry again for the lack of info in the first post SNOtwistR

 

Ok i have not heard from admins so i hope this helps spme people. it seems that its sp2 that is doing most of the problems. Let me start from the begining so you will have a grasp of how big this problem is. I came home one night and decided to do a adaware scan and it popped up saying i had backdoor egghead and it tried to fix but then the file was gone from my system, so i was snooping around looking at files and saw a few references to my reg file being edited. all of a sudden i had no control over my box yet i only have my nick as admin and guest account disabled. i had services starting up and i could not stop them. more searching and i started to see files associated with remote desktop and terminal server, then iis was installed and some test files upped and then deleted, so i thought. also my xp was now tablet windows hmmmm, well time for a format and reinstall. i even ran a utility called wipe by ibm. well after first reboot after monitor detection i again had tablet pc and sp2 installed again which is very strange since my xp cd is only sp1. More digging and found reference to a hidden partition that was installed while i was working on my pc without me knowing about this and even compressed with doublespace. Well i relized my network was comprimised so i pulled the network cable and i did more searching hex editing files and reading code which i am not very good at. then i found a log file that showed reference to a dll that pointed to a word SALEM and another that said SERGEY'S HOME PAGE . Well into google they went and still nothing, so i hacked some more files and found that it was terminal server going and when they would log off it would delete all references to log files and activity. Again i saw something wasn't right with my box so i pulled the plug again. Well i thought i am a smart guy i will out smart them by installing os2 warp server and use journal file system to make partitions and format the drive and installed os2. well that worked for a few days but i found all my hardware was really not being used with this os. So this time i wiped drives and reinstalled xp sp1 and no sooner after reboot i again had tablet pc and sp2 and all the admin rights showing but no power to do anything ... even regedits showed for me but reading another file it said to show me but not save changes. well this is going on 2 weeks so i thought what can i do and thought i will take out the hard drive and put in a new one and reinstall xp sp1 .. again tablet pc and sp2. how is this possible i thought, and the box still had no network accessiblity due to cable being unplugged. Well hack more files and i come across some references to my ati video card, 1394 pci card and printer port and saw they were uploading the files they needed to varify i had a fresh install again. So i thought i will try 2003 server and got the eval copy from m$ and installed that well they were right back in and i was stumped. i have read no info regarding this and i honestly think its M$ doing this as files are edited to meet their needs and who else would have the manpower or the knowledge to do so many different things to make sure nothing could be done on my end. now into the 5th week and been reading code everyday and have found that its releated to illegal copies of xp home or pro and that if i didn't catch it when i did it had a timer on it that would format the drive and start a win3.11 install ... i know its hard to believe but true or it would report that the hard drive was bad and unusable. It has more references to other problems and symptoms that fit alot of the problems i have read that people are having. So where am i at now, well i still can't do sp1 update from M$ and am trying to get rid of the partition which is very well hidden and made with fat12 again something i have never heard of and have been computing since cpm days. i think i have gotten rid of the peeps on my box with scanners and stuff and when i would see them i would tracer route or ping the crap out of them ...well not me but a buddy with axx to dual t3 lines. the open files that are opening ports show they are carrying "rat:miska" in svchost.dll and pass through m$ file checker and show the right dates but doing a right click and properties on them in the version after the regular stuff from m$ it shows special and some more code. No trojan or spyware see's them. i really need someone very good with reading code to help find a fix. i have few megs worth of files to hack. A list of files to check are in root MSdos.___ if you open with notepad you will see just the word format also io.sys has some references to the fat12 partitions and adding user rights even though i don't see any other users added or admin changed. Other files if you had no dos on box are in \windows\pchealth and if you open in word pad some of the .chm files you will start to see other references to other control over your box. Well thats my story and i have posted it here first. If anyone can help please get in touch with my or if i can help anyone, i am available SNOtwistR

 

Just a little followup and a snippet of some of the code, I originally was using a bad copy of xp not devilsown but a hacked eval copy from when xp went gold with corp hack files and a very private key which lasted till sp2 i also had alot(960gig) of warez on my network always online but in private irc server. Since then i have cleaned up my network of all stuff and even tossed out what ever burnt cd's/dvd's i had here and it was quite abit. all legal keys and still the probs. Also i found reference to salem which pointed to M$ head office. here is some code with fat12 info: sorry for posting such big posts if its taboo i will stop at a moments notice. Just trying to help peeps out like i have always done in the past.

Insert diskette for drive and press any key when ready

Your program caused a divide overflow error.
If the problem persists, contact your program vendor.
$ Windows has disabled direct disk access to protect your long filenames.
To override this protection, see the LOCK /? command for more information.

$ The system has been halted. Press Ctrl+Alt+Del to restart your computer.
$
You started your computer with a version of MS-DOS incompatible with this
version of Windows. Insert a Startup diskette matching this version of
Windows and then restart.

$ IOSYSMSGXMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPADMPAD
 H H è
 è
 ë? èû $ èò 1 ë KB ë èÛ < Ïë KB ë èà T Ïë KB ë è« l Ïë KB ë è“ „ Ïë KB ë è{ œ Ïë KB ë èc ´ Ïë KB ë èK Ì Ïë KB ë è3 ä Ïë KB ë è ü Ïë KB ë è 
ÏfPU.Ž
.‹. °
&†F < uR.ƒ. &‰f&ŒV‹Å&‹n&9F uBŒÀŽÅ‹ì‹nŽÐŒÄŽÀ.‹n œ.ÿ^ ‹ì&‹n &ŽV&‹f&ÆF .‰. ]fXƒÄÏ<
t&†F ë.;. r‹è&ÆF .‹. &€~ u°
&†F < t†<
t&ˆF .;. tƒíëÛú°ÿæ!桸p ŽØö @t+ÿŽÇ» ¸„Í/ŒÀÇt¸PW¸
˾¬
Àt³´Íëóôëý $` ÿ
@ h

ÿÿÿÿ  ( 

à h
ð  ÿÿÿÿ ÿÿÿÿÿNO NAME FAT12 º`
ÿ
@ h

ÿÿÿÿ  ( 

à h
ð  ÿÿÿÿ ÿÿÿÿÿNO NAME FAT12 P` ÿ
@ h

ÿÿÿÿ  ( 

à h
ð  ÿÿÿÿ ÿÿÿÿÿNO NAME FAT12 ÿÿÿÿ ÿ
@ h

ÿÿÿÿ  ( 

à h
ð  ÿÿÿÿ ÿÿÿÿÿNO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 ÿÿÿÿP 

  ø
ÿÿÿÿ  ( 

  ø
ÿÿÿÿ ÿ
NO NAME FAT12 é
 ÿ
À 
ÿÿ   A:\
$ ÿ p 
@ T`@`@` Ëü3ö‹þ.‹(‰òIƒ>ô t‹ôI¡–²ƒÀƒàð£Ù?´Áè+È¡ð=
w¸
£ð+ȸŽÀ&¡V0ƒÀƒàð£×P0Áè+ÈQWVè(^_Y£c—+È)òŽÁ¹?²ÙÑéó¥¸`PËW»Ž¿Ž+ÒÿŒŒM?E‰ƒÃ‹ƒøÿt +‹ð+Ç-– vÐW?Ç– ¹Ž+Îó¤_)‹=ëÊŽŒú _‰>ü Œþ ‹
¡
‰x
£z
¾üÁu¾e3ÀŽÀú&‰6<
&Œ>
û¸?´.ÙÁèŒÉÁŽÀ3ö‹þ.ŽÑ.‹îÑéó¥Éó¤.ŒÑ¡ .£ÏÁè.)ÑŒÀ.ðŽÀ.Ž ¾0 ‹þ¹P0.×+ÎÑéó¥.£çè…‹Çè0ŒÇø.‰>i—.‹c—.‰k—.‹"ã=.;c—w6+ö.Ž&ŽÇ+ÿ.Œ&‹Á¹ ;Èr‹È+ÁÁáó¥ŒÙ?Á ŽÙŒÁ?Á ŽÁ…ÀuÜ.Ž Œ.Çn!’Œp!¸p ŽØ€ €úŒÈŽÐ¼Âë û+ÀŽÀ¿ W¹€ ó«_¹ ¸CO«¸N «ƒÇ7âó.Å6Ó.‹(»p ¸.ÿÏ.‰Žg.Œ?g.Œã.£á.‰ß.‰Û&‹.£Ë&‹E.£Í&‹E.£×&‹E.£Ù.¡Ñ.£ÝƒÃ

 

Absolutely nobody is going to read your thread if you can't format it into something we can read without going cross-eyed.

 

Hello SNOtwistR,

The only one I know, able to help with such matters is Steve Gibson.
Please look here to see who is he and what is he doing.

regards

Stefan

 

I'd like to see him help someone out with something much simpler, like say, changing the picture on my desktop, and then I might trust him with some more complicated things, like say, how to defrag the hard drive.

Learn to put gas in the car, change a flat, and do an oil change, then we can move up to engine overhaul.

 

Unless I've mistranslated, I believe he is claiming that SP2 has somehow installed a hidden server on his system.

 

You are a better man than me. I couldn't get past the first sentence.

 

Me too......i mean now i am feeling......i just wasted my life.

 

I couldn't get to sleep last night. Extensive knowledge is essential, while a little knowledge is often just dangerous.

 

Worse than that Halo, he is using a hacked version of Windows XP and has Warez installed - in fact 960 Gig !! I suggest that this thread is closed since Warez is not supported here. I have reported this thread.

 

I've no problem with what he said.

He said he tossed the stuff.

 

Sorry, the line was too long and got truncated and I went cross-eyed too...

 

I hear ya.

I did a ctrl-f to find it, LOL.

What a mess.