Jump to content

Remaining concerns


Recommended Posts

Hi all,

 

So, :filtered: night and I made a colossal :filtered:-up and installed some software​ but did it manually around my sandbox and then just assigned it safe as well. He seemed straight and I let my guards down and trusted him ... :filtered: but okay.. I was gone 10 mins. and cave back to a machine running overdrive, I spotted webs already massively spreading and I had zero control of anything able to go online so I pulled the LAN from the socket actually, and it started to ease back a bit. I am the command line guy and not very strong on in depth GUI but I figured I would try to monitor app manager and fix times of start / stop and see if I could spot something acting suspicious and just match the company with with the tag and try by eliminating one by one... I hit a gryplaur.exe that seemed off,and didn't really think it trough, cause when I blocked it, :filtered: got crazy and when I soon after began being denied making changes to register I thought it best to run. My plan was to run for the linux distro on the other side, so I pulled out and then I wasn't really sure if to try and safeboot me back in or just remotely try and extract the data my concerns was about. But when I tried to boot back into Grub and was presented with some "root" access is delayed, please wait boxes that did :filtered: and just idled everything I got svared. Never seen that, ever. I waited, tried some things but nothing. Then I panicked, rushed to try if so could access any data somehow. Kudos to Microsoft for their DRT supplied bootkit that I knew nothing about but was able to get me accessing data from a safe drive.

 

I have moved the data heavy stuff and tried to collect it into smaller "piles" that are easy to handle if needed, slowly trying to isolate the windows root and was now lucky to isolate enough to just 4pass the entire partition. I really wish I hadnt, cause why kill it again and again when only the gained is the huge wait this is bound to give.

 

How should have acted, and how you reckon I am standing​ now?

What worries me most, is the linux part. I would never have guessed or thought it would spread across a boot separation, but why the :filtered: not. It is still only a software solution doing HWs works​ I suppose.

What do you think I can expect my linux distro ? Should I learn this one and burn it all to be safe, or what are your views?

Sorry for me probably writing like a crazy guy, I do that when a little out of it. Thanks so much guys, hoping the best. Cheers :)

Link to comment
Share on other sites

My first though would be some kind of root kit?

Probably would have run a Linux live cd and accessed the drive and transfered the data using that.

 

I see from your specs you have several partitions; might be time to re-evaluate them - maybe start from scratch with smaller partitions for the different OS's have a shared drive for storage and raid (Raid 1) that drive.

Complete clean install of both windows and linux and start again.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...