Am I paranoid or was I hacked?

Discussion in 'Software' started by Learning As I Go, Dec 20, 2004.

  1. Learning As I Go

    Learning As I Go Sergeant

    I had major problems with my computer this morning.

    Dell Dimension 2400, Intel celeron 2.4Ghz, 256MB RAM, Windows XP HE SP2.

    After booting up this morning the system crashed repeatedly. It would last anywhere from 15 mins. to 5 mins. before crashing. I tried to scan with Avast in both normal and safe modes, but it took to long - and the system would crash 1/3 of the way through.

    The reason I think I may have been hacked is: A couple of days ago, I posted here for help about another forum I belong to. It had been hacked and was being held for ransom. Someone eventually interviened and hacked the site back, and now everything is pretty much back to normal.

    Last night, when I logged onto MG, I was denied access. It said I had maxed out my log on attempts and I was locked out due to wrong user name/password. I thought this was a fluke and repeated the process a couple of more times. No avail.

    I waited the 15 mins. and logged back on with no problems.

    This morning there was a note from MG in my e-mail. It explained my lock-out and gave an IP address. I do not know how to check my IP adress other than Zone Alarm. It gives my destination address for blocked programs. The two addresses do not match.

    I finally got the computer to stay on long enough to do a system restore. I updated all my protection programs, and re-booted. Then, I ran scans with everything I've got. Everything was negative.

    The computer is fine now, and has been running a couple/few hours with no problems.

    Was I hacked? Was this a fluke? If I was hacked or do have a problem, does anyone have a suggestion as to what else I should check.

    HJT is not an option yet. I am on dial-up, and last I checked HJT was 6.4 MB. It would take at least a couple of hours to download. I do have dll informant, so if there is something I should look for, it is fairly easy to run.

    Thanks,

    LAIGo
     
    Learning As I Go, Dec 20, 2004
    #1
  2. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Dunno if DLL Informant would give you any useful information, what you would need in conjunction with Avast is a few of these installed and updated


    you should be able to get your IP address from either going to Start > Programs and bringing up the Command Window and typing ipconfig /all or go here http://www.ipaddressworld.com/ ( helpful if your behind a router.. which I know your not ) as you are on DUN it common for you to have a new IP address on each new dialup.

    Ad-Aware
    http://www.majorgeeks.com/download506.html

    a2 .... this is a complementry trojan, dialer and keylogger finder and can be used in conjunction with your AV
    http://www.majorgeeks.com/download.php?det=4281

    SpywareBlaster ( it wont get rid of spyware but will help stop alot of it being loaded in the first place.. not good after the fact but will help in future )
    http://www.majorgeeks.com/download2859.html


    now I know you are on dialup but these are worth getting as soon as you can so you can be abit more tooled-up in the fight against spyware.

    Now as to wether you were hacked.... it could be coincidence that your PC crashed, did you install or update anything? on saying that the hacker of your forum did have the member names of users there so its not inconcievable that they did try to access your account here, but the Admins of MGs would have a better idea if this type of thing happens occasionally ( that blocked signin by a member thats a regular ) I doubt he/she would be bothered to follow you around as they were after the forum owners to try and get $$ from them.

    you may want to check through ZAs Program Control > Programs list as to whats asking for net access and see if anything you dont recognise is there then do search on net for answers to what that .exe is.
     
    DavidGP, Dec 20, 2004
    #2
  3. Learning As I Go

    Learning As I Go Sergeant

    Had all you listed and then some, except a2. I will look into that ASAP.

    I made no changes during the entire time I mentioned. With the exception of an unsuccessful update to CWshredder from 2.10 to 2.11.

    I check ZA alot, and in the other post (Great site hacked....), I mentioned the only thing that looked out of the ordinary. But it was successfully blocked.

    All my ZA logs show the same destination IP, so I'm not sure if it changes, but it's good to know it can. I'll use the program you mentioned over the course of a couple of days and see if the IP changes.

    Thanks for the advice,

    So far everything is fine.

    LAIGo :)
     
    Learning As I Go, Dec 20, 2004
    #3
  4. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Yeah the unsuccessful update to CWshredder may have not helped, I installed an updated SiSoft SANDA yesterday to test and my PC slowed to a crawl, uninstalled it an now ok ( btw I do use Everest normally for finding out about PC hardware/software info ) so goes to show software and updates can work differently on different PCs.

    yeah each time you re-dial up just check your IP to see if it changes, I know when I was on DUN mine changed each time I dialed-up.

    a2 is a good app :)
     
    DavidGP, Dec 20, 2004
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds