Solved Did I Get Hacked or Something?

Status
Not open for further replies.
L

lateralus

New Member
Ok guys, have a real issue here. Today I turned on my laptop and downloaded and tried to install Skype. Now, since I run VISTA (64-bit) the User Account Control screen came up when I ran the .exe and there is a strange "RA Media Server" password box that appears now. I never have created any password for my account so I have no idea what password Vista is asking for. This same password box comes up when I try to perform any action that requires User Account Control, so I basically can't do anything. The only thing I can think of is that I somehow got hacked since I haven't done anything since yesterday. Can someone give me advice on what to do? Thanks so much.

img0103qu3.jpg
 
Last edited:

My Computer

System One

Hi lateralus,

Check your network options, see if you have any unfamiliar network connections. Boot into safe mode and run an extensive malware scan with an Antivirus program. Did you download the program from the source?
 

My Computer

System One

  • Manufacturer/Model
    Airbot 2.0
    CPU
    Core i7 920 (D0) @ 4Ghz, 26c idle- 65c full load on air
    Motherboard
    Asus P6X58D Premium -Sata 6Gb/s - USB 3.0
    Memory
    12GB Corsair Dominator -CMD12GX3M6A1600C8
    Graphics Card(s)
    EVGA Nvidia GTX 480 -Fermi
    Sound Card
    ASUS Xonar D2X
    Monitor(s) Displays
    LG 24" Flatron W2453V-PF Full HD 1080p 2ms response time
    Screen Resolution
    1920x1080@60hz
    Hard Drives
    1 OCZ Vertex2 180GB SSD
    1 TB Samsung Spinpoint F1 7200RPM 32MB cache
    2 500GB WD Caviar Blacks 7200RPM 32MB cache (WD5001AALS)

    Pioneer DVD Burner DVR-S18M
    PSU
    Corsair HX1000W
    Case
    Cooler Master HAF 932
    Cooling
    Case Fans -3 230mm, 1 140mm/CPU - Tuniq Tower 120 Extreme
    Keyboard
    Logitech Wireless MK700
    Mouse
    Logitech Wireless MK700
    Internet Speed
    100 MBPS DL 30.17Mbps UL 0.98Mbps
    Other Info
    Windows 7
    Processor-7.7 RAM- 7.9 Graphics-7.9 Gaming Graphics- 7.9 HDD- 7.8

    W.E.I final score= 7.7

    Windows Vista=5.9
Hi airbot,

Well I downloaded the .exe from Skype's website so I can't imagine there would be any breach of security from them. However, I do have antivirus software installed so that's why I'm baffled as how to this could have occurred since I literally got this laptop a week ago.

EDIT:

I should also add that for some reason when I created my account when I was setting up Vista, that it automatically did not make the account "Administrator" so I am on as a Standard User. I'm not sure if this means much though.
 
Last edited:

My Computer

System One

Whoa! Yeah, that's some sort of malware. I just typed in RA Media Server in yahoo, just the search page, not clicking any link and got this.

boo.JPG


Tried to pull a drive by download on me. My Avast network shield went up. So yeah..I would go in safe mode without networking and run a full scan with any AV you have and some antispyware program. A few that are good are spybot sd, malwarebytes. Either that or if you don't have anything really to lose by doing a reinstall then that's always something to consider. I don't know why you would get this from the skype source except maybe it wasn't from the source.:confused: But I would have an active AV monitoring when online and scan the downloads before executing them.
 

My Computer

System One

  • Manufacturer/Model
    Airbot 2.0
    CPU
    Core i7 920 (D0) @ 4Ghz, 26c idle- 65c full load on air
    Motherboard
    Asus P6X58D Premium -Sata 6Gb/s - USB 3.0
    Memory
    12GB Corsair Dominator -CMD12GX3M6A1600C8
    Graphics Card(s)
    EVGA Nvidia GTX 480 -Fermi
    Sound Card
    ASUS Xonar D2X
    Monitor(s) Displays
    LG 24" Flatron W2453V-PF Full HD 1080p 2ms response time
    Screen Resolution
    1920x1080@60hz
    Hard Drives
    1 OCZ Vertex2 180GB SSD
    1 TB Samsung Spinpoint F1 7200RPM 32MB cache
    2 500GB WD Caviar Blacks 7200RPM 32MB cache (WD5001AALS)

    Pioneer DVD Burner DVR-S18M
    PSU
    Corsair HX1000W
    Case
    Cooler Master HAF 932
    Cooling
    Case Fans -3 230mm, 1 140mm/CPU - Tuniq Tower 120 Extreme
    Keyboard
    Logitech Wireless MK700
    Mouse
    Logitech Wireless MK700
    Internet Speed
    100 MBPS DL 30.17Mbps UL 0.98Mbps
    Other Info
    Windows 7
    Processor-7.7 RAM- 7.9 Graphics-7.9 Gaming Graphics- 7.9 HDD- 7.8

    W.E.I final score= 7.7

    Windows Vista=5.9
Cool, thanks for checking Airbot. I'm doing a scan with McAfee since that's what came with this computer but I'm surprised it did not catch any malware since it was supposedly up-to-date. If it doesn't find anything should I just reformat?
 

My Computer

System One

If it doesn't catch anything I would suggest using a different AV and a couple antispyware programs. I'm just sayin that I just looked up ra media service and Avast stopped a hacking attempt so.. I would try everything possible before having to reformat and reinstall.


And the hack attempt was from afreecodec.com but I would wonder as to this ra media service.


Do you like Tool?
 

My Computer

System One

  • Manufacturer/Model
    Airbot 2.0
    CPU
    Core i7 920 (D0) @ 4Ghz, 26c idle- 65c full load on air
    Motherboard
    Asus P6X58D Premium -Sata 6Gb/s - USB 3.0
    Memory
    12GB Corsair Dominator -CMD12GX3M6A1600C8
    Graphics Card(s)
    EVGA Nvidia GTX 480 -Fermi
    Sound Card
    ASUS Xonar D2X
    Monitor(s) Displays
    LG 24" Flatron W2453V-PF Full HD 1080p 2ms response time
    Screen Resolution
    1920x1080@60hz
    Hard Drives
    1 OCZ Vertex2 180GB SSD
    1 TB Samsung Spinpoint F1 7200RPM 32MB cache
    2 500GB WD Caviar Blacks 7200RPM 32MB cache (WD5001AALS)

    Pioneer DVD Burner DVR-S18M
    PSU
    Corsair HX1000W
    Case
    Cooler Master HAF 932
    Cooling
    Case Fans -3 230mm, 1 140mm/CPU - Tuniq Tower 120 Extreme
    Keyboard
    Logitech Wireless MK700
    Mouse
    Logitech Wireless MK700
    Internet Speed
    100 MBPS DL 30.17Mbps UL 0.98Mbps
    Other Info
    Windows 7
    Processor-7.7 RAM- 7.9 Graphics-7.9 Gaming Graphics- 7.9 HDD- 7.8

    W.E.I final score= 7.7

    Windows Vista=5.9
Airbot said:
Whoa! Yeah, that's some sort of malware. I just typed in RA Media Server in yahoo, just the search page, not clicking any link and got this.

View attachment 9243


Tried to pull a drive by download on me. My Avast network shield went up. So yeah..I would go in safe mode without networking and run a full scan with any AV you have and some antispyware program. A few that are good are spybot sd, malwarebytes. Either that or if you don't have anything really to lose by doing a reinstall then that's always something to consider. I don't know why you would get this from the skype source except maybe it wasn't from the source.:confused: But I would have an active AV monitoring when online and scan the downloads before executing them.
Click to expand...


What serach words did you use to determine the program he had was malware?

'cause when I typed in "RA Media Server" there wasn't anything on that page suggesting it was malware; got the same results using Google. Am i using the wrong search engine(s)? Did you read your image you posted?

I'm not saying the program isn't malware, but...???
 

My Computer

System One

  • Manufacturer/Model
    Custom Built
    CPU
    Intel Core 2 Quad Q6600 2.4GHz
    Motherboard
    Intel D975XBX2
    Memory
    Corsair TWIN2X4096-PC8500 (2x2GHz)
    Graphics Card(s)
    ATI Radeon HD 4890 (1GHz)
    Sound Card
    X-Fi Titanium - Fatality Pro Series
    Monitor(s) Displays
    hp w2207h (22" widescreen)
    Screen Resolution
    1680 x 1050
    Hard Drives
    One 750GB, 2x500GB Western Digital Caviar Black Hard Drives (32meg)
    PSU
    Antec Neo HE 550
    Case
    Antec P182
    Cooling
    Zalman CNPS9500 AT
    Keyboard
    Logitech Wireless Wave
    Mouse
    Logitech MX Revolution
    Internet Speed
    "High" Speed DSL? Is that like low speed FIOS?
    Other Info
    Q6600 B3 Revision OC to 3.0GHz
Yeah, I said....I was using Yahoo, not google. I have Avast running...I typed in RA Media Service...as soon as it went to the page I got an network access warning...afreecodec.com trying to hack in without clicking on anything. In the above post I said

And the hack attempt was from afreecodec.com but I would wonder as to this ra media service.
 

My Computer

System One

  • Manufacturer/Model
    Airbot 2.0
    CPU
    Core i7 920 (D0) @ 4Ghz, 26c idle- 65c full load on air
    Motherboard
    Asus P6X58D Premium -Sata 6Gb/s - USB 3.0
    Memory
    12GB Corsair Dominator -CMD12GX3M6A1600C8
    Graphics Card(s)
    EVGA Nvidia GTX 480 -Fermi
    Sound Card
    ASUS Xonar D2X
    Monitor(s) Displays
    LG 24" Flatron W2453V-PF Full HD 1080p 2ms response time
    Screen Resolution
    1920x1080@60hz
    Hard Drives
    1 OCZ Vertex2 180GB SSD
    1 TB Samsung Spinpoint F1 7200RPM 32MB cache
    2 500GB WD Caviar Blacks 7200RPM 32MB cache (WD5001AALS)

    Pioneer DVD Burner DVR-S18M
    PSU
    Corsair HX1000W
    Case
    Cooler Master HAF 932
    Cooling
    Case Fans -3 230mm, 1 140mm/CPU - Tuniq Tower 120 Extreme
    Keyboard
    Logitech Wireless MK700
    Mouse
    Logitech Wireless MK700
    Internet Speed
    100 MBPS DL 30.17Mbps UL 0.98Mbps
    Other Info
    Windows 7
    Processor-7.7 RAM- 7.9 Graphics-7.9 Gaming Graphics- 7.9 HDD- 7.8

    W.E.I final score= 7.7

    Windows Vista=5.9
@ lateralus

I would find out from the developer (skype?) if the added account is part of the program install.

My search results on "RA Media Server" shows it has something to to with media streaming; something I believe skype works or runs on, not sure, but it's worth saving yourself the headache of a Vista reinstall, and your know what to expect from the program. Can't hurt now, can it? :)
 

My Computer

System One

  • Manufacturer/Model
    Custom Built
    CPU
    Intel Core 2 Quad Q6600 2.4GHz
    Motherboard
    Intel D975XBX2
    Memory
    Corsair TWIN2X4096-PC8500 (2x2GHz)
    Graphics Card(s)
    ATI Radeon HD 4890 (1GHz)
    Sound Card
    X-Fi Titanium - Fatality Pro Series
    Monitor(s) Displays
    hp w2207h (22" widescreen)
    Screen Resolution
    1680 x 1050
    Hard Drives
    One 750GB, 2x500GB Western Digital Caviar Black Hard Drives (32meg)
    PSU
    Antec Neo HE 550
    Case
    Antec P182
    Cooling
    Zalman CNPS9500 AT
    Keyboard
    Logitech Wireless Wave
    Mouse
    Logitech MX Revolution
    Internet Speed
    "High" Speed DSL? Is that like low speed FIOS?
    Other Info
    Q6600 B3 Revision OC to 3.0GHz
I ended up using a PC restore to bring the laptop back to the factory defaults, so hopefully it doesn't happen again. Thanks again for the help, and yeah I love Tool. Guys are beasts. :D
 

My Computer

System One

sygnus21 said:
Airbot said:
Whoa! Yeah, that's some sort of malware. I just typed in RA Media Server in yahoo, just the search page, not clicking any link and got this.

View attachment 9243


Tried to pull a drive by download on me. My Avast network shield went up. So yeah..I would go in safe mode without networking and run a full scan with any AV you have and some antispyware program. A few that are good are spybot sd, malwarebytes. Either that or if you don't have anything really to lose by doing a reinstall then that's always something to consider. I don't know why you would get this from the skype source except maybe it wasn't from the source.:confused: But I would have an active AV monitoring when online and scan the downloads before executing them.
Click to expand...


What serach words did you use to determine the program he had was malware?

'cause when I typed in "RA Media Server" there wasn't anything on that page suggesting it was malware; got the same results using Google. Am i using the wrong search engine(s)? Did you read your image you posted?

I'm not saying the program isn't malware, but...???
Click to expand...

Airbot said:
Yeah, I said....I was using Yahoo, not google. I have Avast running...I typed in RA Media Service...as soon as it went to the page I got an network access warning...afreecodec.com trying to hack in without clicking on anything. In the above post I said

And the hack attempt was from afreecodec.com but I would wonder as to this ra media service.
Click to expand...

Whan I said "'cause when I typed in "RA Media Server" there wasn't anything on that page suggesting it was malware; got the same results using Google." I meant that I used both Yahoo and Google, that's why I ended the sentence with "got the same results using Google"
 

My Computer

System One

  • Manufacturer/Model
    Custom Built
    CPU
    Intel Core 2 Quad Q6600 2.4GHz
    Motherboard
    Intel D975XBX2
    Memory
    Corsair TWIN2X4096-PC8500 (2x2GHz)
    Graphics Card(s)
    ATI Radeon HD 4890 (1GHz)
    Sound Card
    X-Fi Titanium - Fatality Pro Series
    Monitor(s) Displays
    hp w2207h (22" widescreen)
    Screen Resolution
    1680 x 1050
    Hard Drives
    One 750GB, 2x500GB Western Digital Caviar Black Hard Drives (32meg)
    PSU
    Antec Neo HE 550
    Case
    Antec P182
    Cooling
    Zalman CNPS9500 AT
    Keyboard
    Logitech Wireless Wave
    Mouse
    Logitech MX Revolution
    Internet Speed
    "High" Speed DSL? Is that like low speed FIOS?
    Other Info
    Q6600 B3 Revision OC to 3.0GHz
Yes, I understand sygnus but what I suggested is to do a full extensive scan with an AV. I didn't say, Go and reinstall. What I meant was if he was that close to having a fresh install, if he didn't have anything to lose that was important, it wouldn't be horrible to reinstall. I should have stated it more clearly. I said do everything possible before it even comes to that. There's no harm in running scans for malware. And if he found an infection he could try to get rid of it first. Lateralus said he never had made any password or anything of the sort. The RA Media Service is highy suspicious showing up in all his UAC notices asking for a password. My dad has Skype. I've never seen any reference or use of ra media service in Skype. And I also said in the last post that the page I was on had afreecodec trying to hack my network.
 

My Computer

System One

  • Manufacturer/Model
    Airbot 2.0
    CPU
    Core i7 920 (D0) @ 4Ghz, 26c idle- 65c full load on air
    Motherboard
    Asus P6X58D Premium -Sata 6Gb/s - USB 3.0
    Memory
    12GB Corsair Dominator -CMD12GX3M6A1600C8
    Graphics Card(s)
    EVGA Nvidia GTX 480 -Fermi
    Sound Card
    ASUS Xonar D2X
    Monitor(s) Displays
    LG 24" Flatron W2453V-PF Full HD 1080p 2ms response time
    Screen Resolution
    1920x1080@60hz
    Hard Drives
    1 OCZ Vertex2 180GB SSD
    1 TB Samsung Spinpoint F1 7200RPM 32MB cache
    2 500GB WD Caviar Blacks 7200RPM 32MB cache (WD5001AALS)

    Pioneer DVD Burner DVR-S18M
    PSU
    Corsair HX1000W
    Case
    Cooler Master HAF 932
    Cooling
    Case Fans -3 230mm, 1 140mm/CPU - Tuniq Tower 120 Extreme
    Keyboard
    Logitech Wireless MK700
    Mouse
    Logitech Wireless MK700
    Internet Speed
    100 MBPS DL 30.17Mbps UL 0.98Mbps
    Other Info
    Windows 7
    Processor-7.7 RAM- 7.9 Graphics-7.9 Gaming Graphics- 7.9 HDD- 7.8

    W.E.I final score= 7.7

    Windows Vista=5.9
Lateralus,

Although I suggested do everything possible before you reinstall, I'm glad you got your problem fixed. If it really wasn't any loss to you, then that's all that matters, right? I would have a Antivirus program active at all times when online and you should always download from the source and scan any files you download with one or more security apps before you execute it. And yes, Tool Rocks!
 

My Computer

System One

  • Manufacturer/Model
    Airbot 2.0
    CPU
    Core i7 920 (D0) @ 4Ghz, 26c idle- 65c full load on air
    Motherboard
    Asus P6X58D Premium -Sata 6Gb/s - USB 3.0
    Memory
    12GB Corsair Dominator -CMD12GX3M6A1600C8
    Graphics Card(s)
    EVGA Nvidia GTX 480 -Fermi
    Sound Card
    ASUS Xonar D2X
    Monitor(s) Displays
    LG 24" Flatron W2453V-PF Full HD 1080p 2ms response time
    Screen Resolution
    1920x1080@60hz
    Hard Drives
    1 OCZ Vertex2 180GB SSD
    1 TB Samsung Spinpoint F1 7200RPM 32MB cache
    2 500GB WD Caviar Blacks 7200RPM 32MB cache (WD5001AALS)

    Pioneer DVD Burner DVR-S18M
    PSU
    Corsair HX1000W
    Case
    Cooler Master HAF 932
    Cooling
    Case Fans -3 230mm, 1 140mm/CPU - Tuniq Tower 120 Extreme
    Keyboard
    Logitech Wireless MK700
    Mouse
    Logitech Wireless MK700
    Internet Speed
    100 MBPS DL 30.17Mbps UL 0.98Mbps
    Other Info
    Windows 7
    Processor-7.7 RAM- 7.9 Graphics-7.9 Gaming Graphics- 7.9 HDD- 7.8

    W.E.I final score= 7.7

    Windows Vista=5.9
Airbot said:
Lateralus,

Although I suggested do everything possible before you reinstall, I'm glad you got your problem fixed. If it really wasn't any loss to you, then that's all that matters, right? I would have a Antivirus program active at all times when online and you should always download from the source and scan any files you download with one or more security apps before you execute it. And yes, Tool Rocks!
Click to expand...

Airbot,

When in doubt, I restore to a previous clean state using Farstone Driveclone Pro and reinstall all my apps, especially after reading this: On the sense and senselessness of Malware cleaning.
 

My Computer

System One

i have run into this same problem. the thing is that i want to reformat but i do not know how to and since it blocks me from installing anything on CD's it's really affecting everything. it's odd i got this because i have not even been on the internet with my computer.
 

My Computer

System One

Status
Not open for further replies.
Back
Top