Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Laptop Hacked

  • 18-03-2016 8:53pm
    #1
    Registered Users, Registered Users 2 Posts: 452 ✭✭


    About 11:30am today i was on my laptop and i heard weird noises and wasnt sure want it was so i turned on the music and relised it was something talking it sounded like google translate in the background and i was like how is it playing becuase i shut down google at this stage.
    My girlfriend was beside me and then it said something directed to her and i then looked at my webcam and it was on and relised some is watching and talking to me and gpt really freaked out.
    I then disconnected the internet to my laptop and restarted it.
    I covered the webcam with tape and reconnect to the internet to see would they do it again but nothing. To keep on the safe spund i disconnected again and went on to my mobile internet to change passwords and noticed that they got one of my steam accounts and i dont no how becuase they would need my gmail for that and i never got aent conformation codes from steam that my passwords where being changed.
    I downloaded a bunnyhop script lastnight its for counter strike and that could be the way they got in so be careful if that stuff guys and what are your suggestions i do now i removed the scripts and ran malwarebytes and couple other things and they removed hijack trojans from my laptop will i just reinstall windows ?


Comments

  • Registered Users, Registered Users 2 Posts: 452 ✭✭LukeyKid


    Please i need help quick.


  • Registered Users, Registered Users 2 Posts: 10,381 ✭✭✭✭Allyall




  • Registered Users, Registered Users 2 Posts: 6,893 ✭✭✭allthedoyles


    shut-down and re-start tapping F8 and reverse back to last known good configuration


  • Registered Users, Registered Users 2 Posts: 452 ✭✭LukeyKid


    Thanks for the programs but with the thought of a key logger or something hiding in my PC so i wiped it but thanks for your comments and would it actually have worked if i was to do a system restore ?


  • Registered Users, Registered Users 2 Posts: 22,407 ✭✭✭✭endacl


    Your punctuation keys appear to be screwed as well...


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 452 ✭✭LukeyKid


    what you mean ?


  • Registered Users, Registered Users 2 Posts: 22,407 ✭✭✭✭endacl


    On second thoughts...

    :D


  • Registered Users, Registered Users 2 Posts: 452 ✭✭LukeyKid


    Im lost xD


  • Registered Users, Registered Users 2 Posts: 6,893 ✭✭✭allthedoyles


    So has the hacker been eliminated ?


  • Registered Users, Registered Users 2 Posts: 1,193 ✭✭✭liamo


    If your PC has been compromised it is simply untrusted at this point. No application you can run will give you a guarantee that the malware has been removed. You simply don't know what has been done to it. The ONLY safe option is to wipe it and reinstall your system from scratch.
    LukeyKid wrote: »
    what are your suggestions i do now i removed the scripts and ran malwarebytes and couple other things and they removed hijack trojans from my laptop will i just reinstall windows ?


  • Advertisement
  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    Can you give us a link to the script you downloaded? I can look to see if that was what caused the "hack", or maybe an ad on the website.


  • Registered Users, Registered Users 2 Posts: 452 ✭✭LukeyKid


    Well i have wiped the c drive i didn't want to wipe my other drive because of important files and stuff, and yes i no they could have planted something there too but i need to take that risk if they come back i will wipe everything.

    But as for my other drive i don't think they would plant something on it because there isn't a huge amount of files on it compared to the ridiculous amount of places something could be hidden on a C Drive.

    <snip>
    These are the 2 scripts i downloaded.

    Also what the best Anti Virus for Free or one that is worth paying for ?


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    LukeyKid wrote: »
    Well i have wiped the c drive i didn't want to wipe my other drive because of important files and stuff, and yes i no they could have planted something there too but i need to take that risk if they come back i will wipe everything.

    But as for my other drive i don't think they would plant something on it because there isn't a huge amount of files on it compared to the ridiculous amount of places something could be hidden on a C Drive.



    These are the 2 scripts i downloaded.

    Also what the best Anti Virus for Free or one that is worth paying for ?

    Whats the password for the rar file?


  • Registered Users, Registered Users 2 Posts: 6,956 ✭✭✭DopeTech


    LukeyKid wrote: »
    Also what the best Anti Virus for Free or one that is worth paying for ?

    Avast Free Antivirus
    Malwarebytes Free

    Install both of these and you should be fine. Just make sure to completely remove any other antivirus software you have first though or they will conflict and slow your machine right down until one is removed.


  • Registered Users, Registered Users 2 Posts: 4 arieljt


    Since the link in the first vid is password protected I only gave the second 'BhopScript' a few mins of analysis:
    The Bhopscript.exe is a RARSFX, the rest of the folders probably don't do anything.
    The files inside are M.exe (md5 bc9932d562808f046db8cf2d225b317e), which will usually sit in C:\users\{user}\appdata\local\temp\{random}.tmp\ and M.ex_. Guessing a the second is a stub file, anyway probably some dumb HF RAT tool which is uninteresting.

    Don't download and run stuff you don't know, don't bunnyhop in CS and instead spend some money on an antivirus.

    Cheers :)


  • Registered Users, Registered Users 2 Posts: 4 arieljt


    syklops wrote: »
    Whats the password for the rar file?

    found it - bV@;°ycQciNLt15x^$!@6CjcQ61kKhcR6K@&amp;*!g675cJgX.


  • Registered Users, Registered Users 2 Posts: 452 ✭✭LukeyKid


    FrostyJim wrote: »
    Avast Free Antivirus
    Malwarebytes Free

    Install both of these and you should be fine. Just make sure to completely remove any other antivirus software you have first though or they will conflict and slow your machine right down until one is removed.
    arieljt wrote: »
    Since the link in the first vid is password protected I only gave the second 'BhopScript' a few mins of analysis:
    The Bhopscript.exe is a RARSFX, the rest of the folders probably don't do anything.
    The files inside are M.exe (md5 bc9932d562808f046db8cf2d225b317e), which will usually sit in C:\users\{user}\appdata\local\temp\{random}.tmp\ and M.ex_. Guessing a the second is a stub file, anyway probably some dumb HF RAT tool which is uninteresting.

    Don't download and run stuff you don't know, don't bunnyhop in CS and instead spend some money on an antivirus.

    Cheers :)
    arieljt wrote: »
    found it - bV@;°ycQciNLt15x^$!@6CjcQ61kKhcR6K@&amp;*!g675cJgX.


    Im using them exact two avast and malwarebytes for now, and i no not to download stuff i'm not sure of but i really didn't expect my laptop to learn english after downloading them :p

    also the first bhop script i never got the password for it so i never used it, just making sure it somehow didnt come from that but i did use the second one and that was open on my PC for sometime.

    So ye didnt find anything inside the scripts, well trojan wise?

    And again thanks so much for helping :cool:


  • Moderators, Technology & Internet Moderators Posts: 11,017 Mod ✭✭✭✭yoyo


    Mod: I have removed the links to the infected applications. Do PM op if you would like the link for research purposes, for security I have snipped them


  • Registered Users, Registered Users 2 Posts: 452 ✭✭LukeyKid


    No worries.
    They took one of my steam accounts while they were on my computer but they added a group to my account and im the only member of it.

    In the actual Group description they have links to sites this being one.

    Ask for Url if you want it.. <i was to scared to look around this :P my pc being infected once this week is enough for me.. :P but its probably nothing.>


  • Registered Users, Registered Users 2 Posts: 1,917 ✭✭✭B00MSTICK


    Lukey I'd probably remove the link as you never know whats on there. People can PM you if they want to learn more perhaps.

    As the others have said I'd change all your passwords, run some scans, remove any important files/docs and put them on an external, then do a full wipe/reinstall.
    Hiding malware from most commercial AV is simple and there's no telling what they have stuck on your machine.

    Think you were lucky that the "hackers" seemed to be doing it for the lols rather than anything else.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 452 ✭✭LukeyKid


    B00MSTICK wrote: »
    Lukey I'd probably remove the link as you never know whats on there. People can PM you if they want to learn more perhaps.

    As the others have said I'd change all your passwords, run some scans, remove any important files/docs and put them on an external, then do a full wipe/reinstall.
    Hiding malware from most commercial AV is simple and there's no telling what they have stuck on your machine.

    Think you were lucky that the "hackers" seemed to be doing it for the lols rather than anything else.

    Yeah i think i'm going to do a clean wipe because i used the "Reset" feature on Win 10 and it seems to be very slow since, plus i'm having series trust issue with it i can stop look at the webcam and i'm just waiting for something to happen :( haha.. Sad Times.


Advertisement