Hacked Vista

I'll re-explain this. I've NEVER seen ANY problem like this and EVERYONE has NOTHING to say about it.

The details are necessary.

Problem 1)

I purchased Vista Home Premium at Walmart. I inserted the DVD into the CD/DVD-ROM and it failed to recognize the DVD. I re-inserted 10 or 20 times trying to get it to work but it still failed.

My roommate who is a hacker and computer programmer offered to copy and burn the ORIGINAL VISTA CD to a BLANK DVD-R.

I inserted the BURNED DVD OF ORIGINAL VERSION and it always works. Never fails.

I then tried to get my CD/DVDROM to recognize the ORIGINAL DVD again. I tried and tried and then it worked just like that. I even managed to install from THE ORIGINAL CD from the desktop AND from booting from the CD-ROM.

Then the ORIGINAL DVD stopped working again. The CD-ROM does not recognize that the DVD is there.

BUT IT DID...MORE THAN ONCE FROM THE DESKTOP AND FROM BOOTING FROM THE CDROM.

The original purchased DVD works on EVERY PC that I try it on. 4 different PC's and it works.

It isn't the original vista DVD - That's not the problem.

I've tested my CD/DVD ROM with EVERY TYPE OF DVD AND CD THAT I HAVE. Purchased movies, purchased software programs, old CD's and DVD's from a long time ago - burned DVD's and CD's, EVERYTHING. THEY ALL WORK.

So the problem isn't my CD-ROM either.

If my CD-ROM was unable to recognize the ORIGINAL VISTA DVD that I PURCHASED than it would of never read it multiple times, I would of never been able to use the ORIGINAL VISTA CD from the desktop AND from boot-up.

So it's not my hardware. It's not the CD. It's not my CD-ROM.

There is something blocking access to it...something hidden...something deep. Has to be. There is no other explanation for it. I think my roommate has done something.

He's into hacking and in college for computer programming.

Problem 2 further confirms my suspicions.


Problem 2:

I've used the BURNED version of the original VISTA (I'll call it BurnedDVD) over 10 times after a full format of my whole hard drive using 2 different programs and it always goes the same way. No real problems.

Then, yesterday, I did something different.

I cleared my BIOS by removing the pins and used a different format program - dban bootnuke.

After clearing the bios I got a "Checksum error: Defaults not loaded" Or something similar to that.

I inserted DBAN bootnuke BOOTCD after clearing my bios, restarted, and formated the whole hard drive again.

I then inserted the BurnedDVD as I always did after the other 10+ formats.

Installed.

Same CD.
Same HD.
Same CDKEY.

Difference: Different program to format that uses a linux based thing and I cleared my BIOS.

When my windows starts it gives me a "You must activate" and FORCED me to connect to the internet BEFORE I enter vista. No clock, no desktop, no icons, no start menu, NOTHING.

JUST A BLANK BLUE SCREEN BACKGROUND WITH AN OLDSCHOOL LOOKING INTERFACE ON A WINDOW GIVING ME 4 OPTIONS

1) Activate windows now
2) Continue with reduced functionality
3) Show me other ways to activate
4) Re-Enter CD KEY.

I chose to continue using reduced functionality and the only thing it allowed me to do was enter into Internet Explorer. Same blank blue background with no desktop or anything. Just Internet Explorer. I couldn't do anything else which was odd to me....JUST IE? WTF?

So I was forced to SETUP AN INTERNET CONNECTION AND CONNECT TO THE INTERNET BEFORE I COULD ENTER WINDOWS.

That has never happened before so there was something that happened with this format.

During each 10+ formats the only thing I received about windows activation was AFTER I entered into my desktop with the "You have xx days to activate windows" message.

SO THE PROBLEM IS WHY IS THIS HAPPENING AFTER I CLEARED MY BIOS AND USED DBAN? CLEARING THE BIOS SHOULDN'T OF CHANGED ANYTHING WITH THE INSTALLATION UNLESS THERE WAS SOMETHING IN MY BIOS....

AND DBAN DOES THE SAME THING DRIVE SCRUBBER 3.0 AND ACTIVE KILLDISK VERSION 2 DOES....

EXCEPT DBAN USES A LINUX THING WHEN IT BOOTS FROM CD.

and I'VE NEVER heard (so far from my postings) OF ANYONE who has been forced to setup an internet connection and connect to the internet BEFORE THEY EVEN ENTER INTO WINDOWS.

I did manage to boot into safe mode and access windows though...but not in regular mode...even with all the services disabled in diagnostic mode. It just read "This service is disabled" on the error screen with some additional info on it.

The thing that rouses suspicion is that it's never happened before and that clearing my bios shouldn't have caused it unless there was something NOT RIGHT going on with my bios.

AND THE OTHER ODD THING IS THAT ON THE BOTTOM RIGHT CORNER I SEE Windows Build 6000. This copy of windows is not genuine"

I'VE NEVER, EVER SEEN THAT BEFORE AND IT'S THE SAME DVD, SAME SYSTEM, SAME HD, SAME CD KEY.

WHY DID THIS ONLY SHOW AFTER THE BIOS CLEAR AND DBAN FORMAT IT HAD TO OFF BEEN SOMETHING ON MY HD OR HIDDEN IN MY BIOS THAT WAS CAUSING IT TO NOT DISPLAY BEFORE....

AND WHY IS IT NOT GENUINE? COULD THIS BE CAUSED BY THE DVD BEING A BURNED COPY OF THE ORIGINAL? PROBABLY...BUT THAT DOESN'T EXPLAIN WHY IT'S JUST NOW BEING DISPLAYED...

My Guesses

- The burnedDVD of the ORIGINALDVD is modified.

- My BIOS had something in it.

- There was something hidden on my HD that was being used by the Modified BurnedDVD DURING INSTALLATION...and DBAN removed it which prompted the new-never-seen-before-forced-activation-before-you-enter-windows screen.

- There was something in my BIOS that the Modifed BurnedDVD was using during installation....

I say "Modified" because I believe my roommate has done something to it. He's into hacking and in college for computer programming as I said. He would know how to do it and HE KNOWS THAT I KEEP MY PC ON LOCKDOWN...so he would try to bypass detection in ANYWAY possible.

- The combination of DBAN and clearing the bios STOPPED A HACKED INSTALLATION...so it OUTSMARTED THE DEFENSE and FORCED ME TO CONNECT TO THE INTERNET BEFORE I COULD ENTER INTO MY DESKTOP...THEN DOWNLOADED SOMETHING OTHER THAN ACTIVATION AND EXECUTED IT DURING ACTIVATION....THEN ENTERED INTO WINDOWS.

I guess what I'm looking for is confirmation, suggestions, and possible solutions other than purchasing a new version of windows. What could of caused the new forced-activation screen other than a hacked bios or hacked hard drive

Would else could cause the original purchased version of windows to not be recognized by the cd-rom? (It worked more than once so it isn't because it's not supported format...)

 

Hi cd08 I know it can be frustrating but why not keep it to one forum.

 

So, in short, what you are saying is that:

1) you bought a legit Windows Vista install disc from Walmart, but your optical disc drive could not read it.

2) then, you gave the Vista install disc to your roommate, who according to you is a hacker and the kind of untrustworthy guy you would suspect of trying to crack your system, and then you installed from media that he provided?

That was not smart, to say the least. If you don't trust someone, then don't let them screw around with your system and your installation media! Your system is not in much of a "lockdown" if you regularly let people that you suspect of wanting to attack your system play around with your installation media for chrissakes. From this point on, the problem certainly exists between keyboard and chair.

That said, it sounds to me like you did not buy a new computer, just the Vista disc. That means you have an old optical disc drive. And one that obviously is not working quite like it should. And yes, it can be a hardware problem, even though the disc sometimes works and sometimes doesn't, and even though other discs seem to work fine. That's how optical drives that develop reading problems go: they read some discs fine, some other discs only sometimes, and some discs they can never read. And then, ultimately, they stop reading anything at all. That's the point where people generally admit the drive was at fault and not poorly burned discs or something.

My number one suspicion is that you have a failing optical disc drive. If the Windows install disc works in other computers, then that adds to the suspicion. The Windows install disc itself could be faulty, too.

Not all computer problems are security problems, but paranoia can make people forget that. If you have problems with a computer, do not always first attribute them to hacking or malware.

Have you done anything to confirm the burned disc your hacker friend made isn't modified? Have you confirmed it has been tampered with? If you haven't, then it's all just a big guesswork.

As for the "forced activation screen" and Vista telling you it's not genuine, it's difficult to say. If you've installed multiple times, Vista's activation might get suspicious and require immediate activation. I say "might", because I honestly don't know how the activation works in cases like yours where you've installed from the same media numerous times in a (I assume) relatively short period of time. The "not genuine" warning may be a) a mistake, those happen or b) a sign that your Windows really is not genuine due to invalid key or bad installation media or c) something else.

Suggestion 1: acquire a different optical disc drive that is known to be in working condition, stuff that into your PC and try and see if it can reliably read the original Vista disc you purchased. If it can, then that's your problem right there - failing optical disc drive. If it can't, well, then that'll require more thinking.

Suggestion 2: in the future, do not let people you do not trust tamper with your system or its installation media. Doing so is beyond stupid.

Suggestion 3: why don't you ask this hacker friend of yours if he did anything to your system, the installation media, and so on? Drill him a little. Maybe he'll admit to doing something, in which case you can drill him more (or even threaten criminal prosecution ) and maybe he won't, in which case the situation doesn't really change.

Issues like this are difficult to resolve without being physically present and being able to look at what's really going on.

 

I'm getting these messages from an award winning top tanked security suite package that is in the top 5 on every Internet Security Software review site that I've read....

"Desktop Window Manager is trying to take a screenshot"

"Windows Explorer is trying to take a screenshot"

"Consent UI for Administrator priviledges is trying to take a screenshot"

Nothing found on the highest scan settings.

I told you guys something was up. Now I just have to figure out how this is possible when no rootkit scanners are detecting patched files and the software itself isn't detecting injections so as I said before - it is the VISTA that is already patched/injected.

And where it's saving the screenshots too.

 

find one of the dedicated sites to help you remove whatever malware might be running

 

If the Vista source itself has been maliciously modified then it's highly unlikely you'll find the problem by running any scanner from within Windows.The best chance will be to use something like UBCD4Win which enables you to run AM tools from it's own OS.

I suggest you run a scan with Rootkitty,once from within Windows then from UBCD4Win and compare the results.Also there are numerous other AV/AS tools such as Avira,A2 and KasperskyVRT you can run.Ultimately you should try and obtain a clean Vista CD and reinstall after securely wiping the drive with DBAN to be 100% certain that you'll have no more issues.

Oh and choose your friends more carefully in future!

 

Just curious to know what is this top ranked security suite?

 

No offense, but I still think this is most likely a case of failing optical drive + unhealthy paranoia mixed with not understanding how software and hardware work.

Is there a reason why you couldn't say the security suite is Kaspersky Internet Security 2010?

I don't know anything about Kaspersky IS 2010, and I don't know why it gives warnings about screenshots, and how reliable it is as far as such warnings are concerned.

I looked around a little, and you seem to have a lot of problems with your system.

First, in November, you were having problems with AIM, and thought that people were accessing your files through AIM exploits. Turns out that you had configured your security software so tightly that it was breaking AIM. You thought something was wrong, and you were, and I quote "almost sure that someone is using the new or old AIM exploits or other vista exploits to gain access to my files or accounts" but no proof of any kind was found.
Link: http://forum.kaspersky.com/index.php?showtopic=90285&st=0&p=794604&#entry794604

Then, in December, you thought the FBI was monitoring your computer, or, and I quote, a "superhacker." Turns out it was IPv6 ip addresses and nothing more.
Link: http://forum.kaspersky.com/index.php?showtopic=93860&st=0&p=817015&#entry817015

Then, still in December, you were having fun with hidden objects being detected by Kaspersky in safe mode. Turns out it's probably just a Kaspersky false positive.
Link: http://forum.kaspersky.com/index.php?showtopic=96702&st=0&p=834984&#entry834984

Then, in May, you were having trouble again, thinking you had a rootkit in your most likely pirated version of Windows Vista. "Faxcoolwarez" ring a bell? Now, would this happen to be the same version your "hacker roommate" gave you?
Link: http://forum.kaspersky.com/index.php?showtopic=118153&st=0&p=990531&#entry990531

Are you all starting to see where this is going?

My suggestions, again:

1) Stop using pirated software. It is illegal.

2) Try and switch your optical drive that can't read the original Vista disc you bought to another drive, and see if that can read the original disc. If it can, you have a failing optical drive.

3) Either read a lot less security forums, or a lot more. As it is, you seem extremely worried that you're being hacked left and right, but do not understand how software or hardware works well enough to perform any meaningful analysis. You need to calm down, and stop thinking that everything you see means you're being hacked/rooted/owned/sold into slavery. Also, you need to use your head more - don't trust people you don't trust (in other words, if you think someone is a hacker and likely to try to hack your system, don't just install from some media he gives you!), and don't install pirated software, and don't change settings in security software without knowing, really knowing, what they do.

4) Find a clean, legal installation media, and install from that.

 

U r a detective.

 

That tends to put a different perspective on things.

 

WOW! IMO this is borderline unhealthy! Life is too short to have that much paranoia

 

Hi cd08, you have multiple threads open at Sysinternals also - slow down .

Wipe you hard disk, have a legit install and secure it, take an image.

 

Then take a few breaths and see your Doctor.

 

Couldnt have put it better myself.

 

you mate have a dvd reader issue
how was the manufacter ?
and why to crack an OS ?
you will end up buying a new one

 

cdo8:

First of all, and I'm not joking about this, you really should probably see a mental health specialist. Some of the stuff you're saying is quite frankly paranoid, and not in a good way.

Now that that's out of the way...

Don't trust warez. Period. Almost every single binary patch used to crack it also installs some sort of malware. Most cracked software isn't so much infected as infested, positively pigged with malicious crap. If you need free security software there's...

- Comodo Internet Security: absolutely free and performs extremely well in tests. In ethical terms Comodo Group is a little dubious, so I don't use this any more, but apparently their software is quite trustworthy.

- PCTools Firewall + Threatfire + Avast or Antivir: PCTools Firewall has a pretty good HIPS thrown in, and Threatfire is supposed to be one of the best behavior blockers out there. Avast is a good free antivirus with good generic detection and lots of regularly updated definitions; Antivir is supposed to have some of the best detection rates among antiviruses, free or nonfree.

- Online Armor Free or Outpost Free + Avast or Antivir: OA Free and Outpost Free are free firewalls with HIPS, and very reputable.

None of these will slow your computer down either. Comodo and the PCTools software in particular are very light.