He reset the password a couple times but whatever hit me kept changing it to fast to do anything.
So he set me up on a new drive C using the same ip, and added my old desktop as drive E so that I could get my files (at least thats generally how I understood it)
Anyways, I can login to the new setup just fine, yet when I navigate to E:user/admin/desktop to retrieve my files off the other drive the only thing I can find is one folder and inside that folder there are only a couple of random files. I'm missing 5 or so other main folders and 99.9% of the actual files from the one folder that actually shows.
I have tried running unhide.exe and nothing changed. I don't know what else to do or where to look for my files...
I ran microsoft security essentials on drive E and it found something it deemed 'high risk' so it quarantined it and deleted it.
MWB found nothing which I thought was strange.
I think there is one or more bad guys still on that drive..the day before this happened I saw something called dubrute.exe in my task manager running. I hoped that nights full anti v scan would take care of it but apparently not.
I attached the two requested files, though not sure if they provide what is needed due to the switching of the vps drives. I'm not sure how to get the reports made for drive E?
So to recap...I guess drive E is safe from infecting me since its not on the live server I dont know. I really need to find and get those missing old desktop files. I backup regularly to an external hd but had some important changes made just recently that were not saved yet.
I cannot access a folder that I think some good data is on E:/documentsandsettings i get access denied, dunno if that is relevant or not
Thanks for any help and advice