Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Someone hacked into my PC

  • 11-03-2005 8:44am
    #1
    Closed Accounts Posts: 31


    Hello

    Someone hacked into my PC yesterday and started to download all my stuff and filled up my pc with junk.

    I am sure they left a program in my PC as I dont have control of setting my homepage.

    Also it keeps trying to connect onto the Internet by prompting me that there is spyware on my PC and I need to connect onto the Internet.

    I used Lavasoft and Norton to do full scans and it found nothing.

    Anybody got similar problems or know how to solve them?

    Thanks
    Wildchild


Comments

  • Closed Accounts Posts: 8,264 ✭✭✭RicardoSmith


    Are you running a firewall like Zone Alarm? Run SPYBOT and AVG aswell. Nortons useless. Build a AVG recovery disk from another machine and boot from that.


  • Registered Users, Registered Users 2 Posts: 8,225 ✭✭✭Ciaran500


    How do you know you have been hacked and they download some of your stuff?

    It sounds like a spyware has taken over. Get Spybot S&D and Hijack This. When you run Hijack this take a log and post it here.

    http://security.kolla.de/
    http://www.spywareinfo.com/~merijn/downloads.html


  • Closed Accounts Posts: 6,601 ✭✭✭Kali


    Disconnect from the internet, now. Get a friend/colleague to download the necessary software (windows service packs, spybot etc.). Install and run them offline.

    Check the AppInit_DLLs key in hkey_local_machine/software/microsoft/windows nt/currentversion/windows

    If that key has a value then note the filename mentioned and then delete the value (not the key)... search your computer for that filename then... and try to rename it... if you can't boot into safe mode and try then.


  • Registered Users, Registered Users 2 Posts: 1,560 ✭✭✭Boro


    Like Kali said, disconnect from the internet now(physically remove the cable).
    Get these programs from someone elses computer and install them on yours:
      AVG 7 Free Edition
      Ad-Aware SE
      Spybot S&D
      Hijack This
      Zone Alarm

      Probably better off booting into safe mode and then running those. Be careful with HijackThis. Its great for removing BHO's though.


    • Closed Accounts Posts: 31 wildchild


      Thanks for all the help

      A prompt screen now appears saying two of my ports have been have been hacked into and I need to download antispyware software, I cancelled it.

      My default home page is hotoffers.com and I cant get rid of it, also I dont have access to any other pages because they redirect me.

      I ran spybot S&D 1.3 and it has two items there I click fix problem adn delete them but when I run it again the two show up again and it is still on my PC.

      Thanks
      Wildchild


    • Advertisement
    • Closed Accounts Posts: 8,264 ✭✭✭RicardoSmith


      You need to run all the tools suggested and run them a few times.


    • Registered Users, Registered Users 2 Posts: 7,482 ✭✭✭RE*AC*TOR


      run adaware as well. no one hacked into your pc - you just downloaded some malware. It installed a browser hijack. Make sure Sbybot and adaware are updated versions (ie not 6 months old). Once you get it fixed, install a firewall (ZoneAlarm or Kerio Personal), and stop using Internet Explorer - use firefox (or opera) instead.


    • Registered Users, Registered Users 2 Posts: 21,264 ✭✭✭✭Hobbes


      If you get the latest version of ad-aware/spybot they can run scans on bootup to kill the stuff. But sounds like your hurting bad. Some of the trojan crap will stop IE from downloading antispyware. Get firefox.

      The "2 ports..blah" sounds more like an advert.


    • Registered Users, Registered Users 2 Posts: 6,949 ✭✭✭SouperComputer


      dont forget if you are using WinXP or (god forbid) ME, to boot into safe mode, but also diasble system restore as some nasties tend to hide there


    • Closed Accounts Posts: 231 ✭✭Lydesia


      dont forget if you are using WinXP or (god forbid) ME, to boot into safe mode, but also diasble system restore as some nasties tend to hide there

      Is it recommended to turn system restore off anyway? even if your computer has no spy/malware problems?


    • Advertisement
    • Closed Accounts Posts: 244 ✭✭osmethod


      As well as the above suggestions downlaod MS Antispyware....

      It has a real-time protection engine which can alert you in future of potential problems.

      osmethod


    • Registered Users, Registered Users 2 Posts: 1,509 ✭✭✭ElNino


      osmethod wrote:
      As well as the above suggestions downlaod MS Antispyware....

      It has a real-time protection engine which can alert you in future of potential problems.

      osmethod

      I would second that. I have been cleaning up some PCs this week and it found stuff that the other two didn't find. However you do need Win 2000 or XP and IE6 to run it though so old PCs may be problematic. Typical Microsoft :(


    • Registered Users, Registered Users 2 Posts: 68,317 ✭✭✭✭seamus


      Lydesia wrote:
      Is it recommended to turn system restore off anyway? even if your computer has no spy/malware problems?
      Not really. More than once, system restore has saved me after installing some driver, patch or upgrade my system didn't like. Ideally, you would prevent your system becoming infected so that you don't need to go to all this hassle in the first place, and you can leave system restore on.


    • Closed Accounts Posts: 31 wildchild


      hey everyone

      You have been really helpful but I used spybot s&d and it found to viruses but when i scan it and fix it, it says it is fixed, but when I scan again they are there again.

      I'll give details of the actual virus later.

      But I know if I try to use the internet it redirects me to a page called hotoffers.com (a porn site)

      and I dont have access to the internet because it redirects me the whole time.

      Wildchild


    • Registered Users, Registered Users 2 Posts: 7,482 ✭✭✭RE*AC*TOR


      wildchild wrote:
      hey everyone

      You have been really helpful but I used spybot s&d and it found to viruses but when i scan it and fix it, it says it is fixed, but when I scan again they are there again.

      I'll give details of the actual virus later.

      But I know if I try to use the internet it redirects me to a page called hotoffers.com (a porn site)

      and I dont have access to the internet because it redirects me the whole time.

      Wildchild
      you need to run adaware AS WELL as spybot. Try to use firefox instead of internet explorer. If you can't download these yourself - get a friend to do it.


    • Moderators, Education Moderators, Technology & Internet Moderators, Regional South East Moderators Posts: 24,056 Mod ✭✭✭✭Sully


      OK after reading threw the topic, and from experience of fixing computers, I have a few pointers for you (some is a revised list earlier said). Failing to go by this will simply be your fault and you may not have a computer running at all by the end of the week (depending on the seriousness of it) and you may be expecting a nice bill from your ISP (if you’re a dialup user for the net, as its most likely dialing a foreign number).

      Here we go:-

      Your computer seems to be infected with (a lot) of Spyware, Viruses and Trojans. These will slow down your computer, damage files (including your whole hard drive), connect you to the internet in a different country (possibly a porn dialer, and you will be expecting large bills in the door if you leave it go ignored) and do lots of other harmful things to your PC. So, main question is: "What do I do to fix them?” Simple, just need patience and need to do what we (the experts in this case :P) tell you. Do all the following in Safe Mode, if you don’t know how, tell us what Operating System you run and we can help.

      1.) Disconnect the infected PC from the net, plug out the modem (if external) or plug out the telephone cable which connects to the back of your PC (if modem is internal). Do not connect to the internet again on that PC unless your sure to god it’s clean and working perfectly again!

      2.) You need 2 Spyware Cleaners. You need them up-to-date (both software and the definitions) so they can make sure you’re protected from the latest Spyware threats. They need to be run regularly (can be scheduled) and if your after doing a scan, found Spyware and cleaned it, run the scan again and again until its completely gone! I recommend doing this in Safe Mode and of course when you’re NOT ON THE INTERNET! Download these programs off a friend’s computer ONLY. Not yours. Two programs you need: Ad-Aware SE Personal (Get it at: http://download.com/3000-2144-10045910.html?part=69274&subj=dlpage&tag=button) and also Spybot Search and Destroy (Get it at: http://www.download.com/Spybot-Search-Destroy/3000-8022-10122137.html?part=dl-spybot&subj=dl&tag=but)
      If you’re on Windows 2000 OR Windows XP I highly recommend Microsoft’s Spyware Scanner. It offers 24hour protection, is much more reliable (in my opinion) then the other two programs mentioned above. Get it at: http://download.microsoft.com/download/8/1/5/815d2d60-49b5-44dc-ae35-fca2f2c6f0cc/MicrosoftAntiSpywareInstall.exe

      Spyware Definition: A technology that assists in gathering information about a person or organization without their knowledge. On the Internet, "Spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties." As such, Spyware is cause for public concern about privacy on the Internet.).

      2.) Get a Virus Scanner. This will monitor files and protect you from viruses/Trojans that you may get. It will fix files that where infected them, remove or quarantine them. I recommended the latest version of Grisoft's AVG Anti Virus V7 which can be got here: http://free.grisoft.com/softw/70free/setup/avg70free_308a468.exe - will do.)

      Virus Definition: A virus is software used to infect a computer. Virus code is usually buried within the code of another program. Once the program is executed the virus is activated and attaches copies of itself to other programs in the system. Infected programs copy the virus to other programs. The effects of a virus can range from harmless messages that appear on screen to destruction of data, either right away or on a set date. File attachments in e-mail messages are a common source of virus. One rule of thumb is to NEVER double click (execute) an attachment to an e-mail unless you are sure who it is from and that it is safe to do so.

      3.) Get a Firewall, im not great at recommending them but from what was said earlier, Zone Alarm seems the popular choice. It will monitor inbound and outbound access and let you know what’s lurking about - so you can decide which gets in and which gets out. You can get Zone Alarm at http://download.zonelabs.com/bin/free/1012_zl/zlsSetup_55_062_011.exe

      Firewall Definition: A program designed to monitor all internet access on a home PC, PC's on a network where several computers are linked etc. A firewall is like a "security guard". It monitors the Internet traffic coming to and fro from your PC and asks you who do you wish to let in, not let in etc. So, with a firewall, you get to control who gets access and stop un-authorized users/Trojans etc. getting access.

      4.) Get a nice program to monitor what’s been added to Internet Explorer. It’s called HijackThis ("HijackThis is a tool, that lists all installed browser add-on, buttons, and startup items and allows you to inspect, and optionally remove selected items. The program can create a backup of your original settings and also ignore selected items. Additional features include a simple list of all startup items, default start page, online updates and more. Intended for advanced users. ") and you can download it at http://www.snapfiles.com/dlnow/dlnow.dll?Inc=No&ID=106738

      Other recommendations: - It’s unlikely you where hacked by the description. A lot of this Spyware came by using Internet Explorer, or downloading un trustworthy files. To prevent this happening again, I really suggest you get Mozilla FireFox at http://download.mozilla.org/?product=firefox-1.0.1&os=win&lang=en-GB. It’s a web browser that’s faster, securer and a lot safer. It’s sinkable (meaning you can give it a new design), it’s got lot of built in features but its possible to install new ones etc.

      Hope this works. :) It’s a revised edition of what everyone else said with exact download links and extra info.

      - Sully


    • Registered Users, Registered Users 2 Posts: 2,523 ✭✭✭optiplexgx270


      Use this also. Its Microsofts new version of Adaware i've found it very good and has a service to monitor when your online and block malware downloads.

      http://www.microsoft.com/athome/security/spyware/software/default.mspx


    • Closed Accounts Posts: 31 wildchild


      Thanks for all the help.

      Im on my way of getting rid of this, I'll reply and tell you if I succeed in doing so.

      Thanks
      Wildchild


    • Closed Accounts Posts: 36,634 ✭✭✭✭Ruu_Old


      wildchild wrote:
      Thanks for all the help

      A prompt screen now appears saying two of my ports have been have been hacked into and I need to download antispyware software, I cancelled it.

      My default home page is hotoffers.com and I cant get rid of it, also I dont have access to any other pages because they redirect me.

      I ran spybot S&D 1.3 and it has two items there I click fix problem adn delete them but when I run it again the two show up again and it is still on my PC.

      Thanks
      Wildchild

      Make sure to "Immunize" after you fix the selected problems.


    • Moderators, Education Moderators, Technology & Internet Moderators, Regional South East Moderators Posts: 24,056 Mod ✭✭✭✭Sully


      Use this also. Its Microsofts new version of Adaware i've found it very good and has a service to monitor when your online and block malware downloads.

      http://www.microsoft.com/athome/security/spyware/software/default.mspx

      Said that about 15 mins previous to your post and it was also mentioned above.

      - Sully


    • Advertisement
    • Registered Users, Registered Users 2 Posts: 181 ✭✭(insert name)


      Sully04 wrote:
      To prevent this happening again, I really suggest you get Mozilla FireFox at http://download.mozilla.org/?product=firefox-1.0.1&os=win&lang=en-GB. It’s a web browser that’s faster, securer and a lot safer. It’s sinkable (meaning you can give it a new design), it’s got lot of built in features but its possible to install new ones etc.

      skinable maybe ?? ;)


    • Moderators, Education Moderators, Technology & Internet Moderators, Regional South East Moderators Posts: 24,056 Mod ✭✭✭✭Sully


      skinable maybe ?? ;)

      lmao. Yup. Didnt proof read it!

      - Sully


    • Closed Accounts Posts: 31 wildchild


      Thanks everyone

      Problem Solved I formatted the hard drive and reinstalled windows.

      When I ran spy bot it showed DSO Exploit and hacker intrusion, it showed a lot of registry keys.

      I updated the program and it could not fix the problem, so now I have a working PC that is clean, it was pain stakingly boring backing up my stuff.

      Anyway
      Thanks again!!

      Wildchild out


    • Registered Users, Registered Users 2 Posts: 8,225 ✭✭✭Ciaran500


      Make sure you update windows and get a good firewall and virus scanner to stop it happening again.


    • Closed Accounts Posts: 834 ✭✭✭dearg_doom


      I don't know if it's a fake pic or not, but last week there was a big fuss about FireFox having new security exploits

      here

      and more?

      O_o a bit more




      *licks Opera 8beta while using voice commands just for the craic*


    • Closed Accounts Posts: 136 ✭✭Besprechen


      i recommend spywareblaster as well, great little tool that works with IE and firefox and substantially decreases the amount of isntalled crap spybot and ad-aware picks up.


    Advertisement