File has encrypted itself and locked me out?

Ok, there is a file on my computer which is not letting me access it. I have full control in the security permissions but its been encrypted with the built in encryption system and has locked me out.

My computers name is 0X01.

The user the file is encrypted to is 0X01$(0X01$@workgroup)

Now, either my computer has come to life and is encrypting files on me or my earlier post about someone hacking into my computer was correct.

The file happens to be my firewall so when the firewall tries to launch I get an access denied message.

I have tried to add my own account to the encryption list to try to give myself access but it is refusing to do it since I do not currently have access.

Any way to do anything? Maybe override the security settings or hack myself?

Thanks in advance.
Please hurry with replies, God knows whats going on :S

Just noticed, all the DLL files in the same folder are encrypted using the same user (0X01$)

Fmjc001 said:

Ok, there is a file on my computer which is not letting me access it. I have full control in the security permissions but its been encrypted with the built in encryption system and has locked me out.

My computers name is 0X01.

The user the file is encrypted to is 0X01$(0X01$@workgroup)

Now, either my computer has come to life and is encrypting files on me or my earlier post about someone hacking into my computer was correct.

The file happens to be my firewall so when the firewall tries to launch I get an access denied message.

I have tried to add my own account to the encryption list to try to give myself access but it is refusing to do it since I do not currently have access.

Any way to do anything? Maybe override the security settings or hack myself?

Thanks in advance.
Please hurry with replies, God knows whats going on :S

Click to expand...

I would try 4 things if it were me to resolve the problem:

1. Assuming its encrypted with EFS- and User password has been reset following a restore operation (this would result in user who encrypted with EFS from being able to access EFS encrypted files)- reset password to what it was, and unencrypt. You can then change password back, then re-encrypt using EFS.

2. Insert Windows Complete PC backup image and restore that image, and then restore file backup from a point before problem occured. Do not use a pc image or file backup created after issue occured.

3. (a)Scan/clean any malware (backdoor trojans/rootkits) @ Free ESET Online Antivirus Scanner Eset's NOD32 is probably the best antimalware program on the market, and allows password locking of settings which could otherwise be comprimised by third parties. (b)Invest in a good antimalware program, and use UAC. If you dont know what is trying to run, as a rule of thumb do not allow it to execute.

4. If you did not create a pc backup image, reinstall Windows ( backup User files-destructive reformat will result in all data being lost!) and see 3.(b) above.

Help/Hints for more secure system
Invest in a router/wireless router, use TKP WPA encryption, set a random alpha/numeric/symbol password/key that is different on the router than your pc log in password which should also be alpha/numeric and random. Block anonymous internet requests. Use MAC filtering on the router. Disable remote access to router. (this allows only the MAC addresses to access network connection even if key is comprimised. Router password would also have to be comprimised, and MAC filtering changed at a local level- i.e., ethernet connection to router, or through a networked/MAC computer. This also provides a hardware firewall).

Also, under advanced internet settings delete cookies, and then block all 3rd party cookies under security- I personally block all 1st/3rd party cookies and only allow those I want. This will help with tracking cookies, etc.

Do not use registry cleaners. If you are not 100% sure what exactly is being cleaned/deleted, then do not clean it. This more often than not results in O/S windows file curruption.

rive0108 said:

Fmjc001 said:

Ok, there is a file on my computer which is not letting me access it. I have full control in the security permissions but its been encrypted with the built in encryption system and has locked me out.

My computers name is 0X01.

The user the file is encrypted to is 0X01$(0X01$@workgroup)

Now, either my computer has come to life and is encrypting files on me or my earlier post about someone hacking into my computer was correct.

The file happens to be my firewall so when the firewall tries to launch I get an access denied message.

I have tried to add my own account to the encryption list to try to give myself access but it is refusing to do it since I do not currently have access.

Any way to do anything? Maybe override the security settings or hack myself?

Thanks in advance.
Please hurry with replies, God knows whats going on :S

Click to expand...

I would try 4 things if it were me to resolve the problem:

1. Assuming its encrypted with EFS- and User password has been reset- reset password to what it was, and unencrypt file.

2. Insert Windows Complete PC backup image and restore that image, and then restore file backup from a point before problem occured.

3. (a)Scan/clean any malware (backdoor trojans/rootkits) @ Free ESET Online Antivirus Scanner Eset's NOD32 is probably the best antimalware program on the market. (b)Invest in a good antimalware program, and use UAC. If you dont know what is trying to run, as a rule of thumb do not allow it to execute.

4. If you did not create a pc backup image, reinstall Windows and see 3.(b) above.

Help/Hints for more secure system
Invest in a router/wireless router, use TKP WPA encryption, set a random alpha/numeric/symbol password/key that is different on the router than your pc log in password which should also be alpha/numeric and random. Block anonymous internet requests. Use MAC filtering on the router. Disable remote access to router. (this allows only the MAC addresses to access network connection even if key is comprimised. Router password would also have to be comprimised, and MAC filtering changed at a local level- i.e., ethernet connection to router, or through a networked/MAC computer. This also provides a hardware firewall).

Also, under advanced internet settings delete cookies, and then block all 3rd party cookies under security- I personally block all 1st/3rd party cookies and only allow those I want. This will help with tracking cookies, etc.

Do not use registry cleaners. If you are not 100% sure what exactly is being cleaned/deleted, then do not clean it. This more often than not results in O/S windows file curruption.

Click to expand...

I have more than enough security on my system that how I dont understand whats going on here. The only thing that is no longer working is my firewall because its been encrypted.

For a hacker to neutrelise the firewall like that they would have to be able to get past it somehow in the first place...

Backdoor trojans/weak password can result in access to your system by third parties, firewall can have settings changed and user/system files encrypted.
From your previous posts it appears you have had malware and that your are using inferior antimalware programs that fail to offer adequate Vista protection (check the list of failed programs here:http://www.vistax64.com/system-security/172321-vista-sp1-antivirus-performance.html). Scan with nod32

rive0108 said:

Backdoor trojans/weak password can result in access to your system by third parties, firewall can have settings changed and files encrypted.
From your previous posts it appears you have had malware and that your are using inferior antimalware programs. Scan with nod32

Click to expand...

Please do not take this the wrong way, but I am not an idiot. That's why i'm posting here. I do not understand how someone has penetrated my security.

I know, I have about 7 anti-virus programs installed and about 4 anti-spyware and malware programs. I have done a pre-boot scan with avast. Im running out of ideas.

My passwords are far from weak and I have not detected any trojans.

To elevate something you need to retype my Username and Password and the secure desktop is enabled.

I do not understand how its happening, but no. My passwords are nice and strong

Im also the only admin on the system. The pre-built admin has been disabled, had a password change and is now called systemadminaccount which im guessing nobody will guess, its been like that since the day I installed the OS.

Im debating weither or not to attach some C4 to the base unit and run...

Fmjc001 said:

rive0108 said:

Backdoor trojans/weak password can result in access to your system by third parties, firewall can have settings changed and files encrypted.
From your previous posts it appears you have had malware and that your are using inferior antimalware programs. Scan with nod32

Click to expand...

Please do not take this the wrong way, but I am not an idiot. That's why i'm posting here. I do not understand how someone has penetrated my security.

I know, I have about 7 anti-virus programs installed and about 4 anti-spyware and malware programs. I have done a pre-boot scan with avast. Im running out of ideas.

My passwords are far from weak and I have not detected any trojans.



To elevate something you need to retype my Username and Password and the secure desktop is enabled.

I do not understand how its happening, but no. My passwords are nice and strong

Im also the only admin on the system. The pre-built admin has been disabled, had a password change and is now called systemadminaccount which im guessing nobody will guess, its been like that since the day I installed the OS.

Click to expand...

1. Alwil's Avast has failed Vista sp1 testing
Avast! (Alwil)
Status: FAIL
Failure reason: 19 wildlist misses, 1 false positive

2. Too many antimalware programs will not help you. Some will turn off/block other components and leave you wide open.

If you are running that many programs, I suspect your system is corrupted- thats compounded if you have been playing with registry cleaners (which I suspect you have)

rive0108 said:

Fmjc001 said:

rive0108 said:

Backdoor trojans/weak password can result in access to your system by third parties, firewall can have settings changed and files encrypted.
From your previous posts it appears you have had malware and that your are using inferior antimalware programs. Scan with nod32

Click to expand...

Please do not take this the wrong way, but I am not an idiot. That's why i'm posting here. I do not understand how someone has penetrated my security.

I know, I have about 7 anti-virus programs installed and about 4 anti-spyware and malware programs. I have done a pre-boot scan with avast. Im running out of ideas.

My passwords are far from weak and I have not detected any trojans.



To elevate something you need to retype my Username and Password and the secure desktop is enabled.

I do not understand how its happening, but no. My passwords are nice and strong

Im also the only admin on the system. The pre-built admin has been disabled, had a password change and is now called systemadminaccount which im guessing nobody will guess, its been like that since the day I installed the OS.

Click to expand...

1. Alwil's Avast has failed Vista sp1 testing
Avast! (Alwil)
Status: FAIL
Failure reason: 19 wildlist misses, 1 false positive

2. Too many antimalware programs will not help you. Some will turn off/block other components and leave you wide open.

Click to expand...

I guess its time to break out the C4...

Thanks for all your help rive0108, but I think im going to have to reinstall. I cant live with this.

Thanks for you help

Fmjc001 said:

Thanks for all your help rive0108, but I think im going to have to reinstall. I cant live with this.

Thanks for you help

Click to expand...

Thats what I would do. Good Luck

rive0108 said:

Fmjc001 said:

Thanks for all your help rive0108, but I think im going to have to reinstall. I cant live with this.

Thanks for you help

Click to expand...

Thats what I would do. Good Luck

Click to expand...

Thanks

ps- If you are looking for a good antimalware use NOD32 (smallest footprint/fastest scanning/most accurate) or the free AVG
Dont use registry cleaners- unless you know the function of all the entries it wants to "clean up" as this can result in windows corruption.

rive0108 said:

ps- If you are looking for a good antimalware use NOD32 (smallest footprint/fasted scanning/most accurate) or the free AVG
Dont use registry cleaners- unless you know the function of all the entries it wants to "clean up"

Click to expand...

Thanks for the tip