Re: POSSIBLE HACK...PLEASE, PLEASE HELP!

Thanks, Root Kit.

A response from the other site regarding my HJ logs said he thinks I'm
actually pretty clean at the time. No malware.

So now I'm thinking my issue is with ZA. Maybe I'll hold off on
reformatting/reinstalling. ?? Will try to figure out what would be
comparable to ZA in regards to security and try a new program.

I took off all personal data from my computer and backed everything up. I
do have the recovery disk if needed.

Thanks again.



"Root Kit" wrote:

On Sun, 20 Jul 2008 16:30:00 -0700, Annie
<Annie@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

Three days ago, I had RoadRunner (cable internet connection) hooked up. The
tech turned off both my firewalls and DIDN'T tell me! (Shame on me for not
checking) Just a few minutes ago, while I was surfing, all my programs
opened up, one by one.

There could be more reasons for such behavior.

Was my computer hacked and did someone get all my personal information?!

Impossible to tell from a distance.

I'm running my virus program right now. What else should I do? Please help.
I'm a nervous wreck right now!

Okay, let's sum up....

After reading through the entire thread I find no hard evidence that
you have been hacked, but it's impossible to tell from a distance. The
results from Spybot indicate that there are areas in which your
security could improve, though.

If you still feel uncomfortable, I suggest 2 options:

1) Take your computer to someone trustworthy who knows what he's doing
- and I'm not talking about the "tech guy" next door.

2) Revert your machine to a known clean state. This ultimately means
reinstalling from a restore media or eventually flatten and rebuild.
Unless you can get in contact with a very skilled person who is able
to declare your machine "clean", this unfortunately is the only way to
make sure you got rid of the nasty if your machine was in fact
compromised. All this "try this" and "try that" is senseless and may
only remove the symptom.

In either case first make sure to have backups of your important data
and have notes of your usernames and passwords for mails etc. in a
safe place. Also make sure to have all your license codes etc. ready
in case you need to re-install something.

Also, if you do suspect your router may have been hacked, hard reset
it and do the basic router securing (maybe get someone to help you do
it):

* change the default admin password
* make sure any administration access from the WAN side is turned off
* make sure UPnP is turned off
* encrypt your wireless connection with at least WPA and a long random
pass phrase


Then for the future you also need to educate yourself about safe hex.
The most important security measures being:

* Keep your system patched (this is true for both the OS as well as
applications you've installed).

* Use a restricted user account for daily use and use only the admin
account for what it was intended (software installation, configuration
changes and the like)

* Don't run or install software unless you fully trust it. Do not
install software from dubious sources.

* Use robust software and stay away from IE and OE unless you're
running Vista and can run IE in protected mode.

* Don't blindly open / run e-mail attachments.

* Don't click links in e-mails without thoroughly checking them.

* Turn the windows firewall on and stay away from 3rd party firewall
illusionware.

* Configure your router as described already

* Be skeptical and implement common sense.

Such precautions will keep you safe from the vast majority of
problems. There is no such thing as 100% security. You can add a good
anti-malware product as an extra level of protection, but anti-malware
is not something you should ever rely on. No anti-malware can protect
you from yourself.

.

Relevant Pages

  • Re: POSSIBLE HACK...PLEASE, PLEASE HELP!
    ... Just called BrightHouse and they had to reset my router. ... I think my computer is clean according to HJT ... comparable to ZA in regards to security and try a new program. ... Don't run or install software unless you fully trust it. ...
    (microsoft.public.security)
  • Re: POSSIBLE HACK...PLEASE, PLEASE HELP!
    ... The most important security measures being: ... Don't run or install software unless you fully trust it. ... Turn the windows firewall on and stay away from 3rd party firewall ... anti-malware product as an extra level of protection, ...
    (microsoft.public.security)
  • Re: [Full-disclosure] Your neighbors security is critical to your security
    ... I certainly don't want a certrally controlled internet with someone looking over it. ... She would clean her house day and night, inside and out, ... asked what she could do so that her house would finally be clean. ... The same holds true with technology security. ...
    (Full-Disclosure)
  • Re: pornography
    ... www.safer-networking.org will clean and immunize you against ... about 500 known evil sites and against homepage hijacking. ... Explorer/Internet Options in the privacy and security tabs ... You can find updates at: ...
    (microsoft.public.security.virus)
  • Re: How to Protect yourself from malware! (This item is NOT SPAM)
    ... I know I am being mean to b_nice aka root kit but what goes around ... Government and its Department of Homeland Security especially in regards to ... in tracking and secure mode and someone fell for the bait but the fool hacker ... Have you ever considered that a site purporting to help 'clean' a users ...
    (microsoft.public.security)