Quick test if your Windows pc has been hacked.

akwfleaspirit

member

Activity: 163

Merit: 10

Quote from: yntro on December 16, 2013, 03:57:50 PM

Quote from: akwfleaspirit on December 16, 2013, 03:48:42 PM

Quote from: yntro on December 16, 2013, 02:49:42 PM

It would be easier for me to re-install windows for meh then do this things Cheesy

I tried to list exactly what I did but a short version that is probably the same might be
1) Create a non admin user
2) Log out then log into the non admin
3) Log out of the non admin and back into the regular account
4) Look at start button.

You're right though, it's not likely anyone would take those steps.

The end. I hope.

Well yeah even if you found out that you are hacked you still need to re-install Cheesy

It could be reduced to two steps.

1) Create a non admin user. Log out then log into the non admin.
2) Log out of the non admin and back into the regular account. Look at start button.

Or even one step.

1) Create a non admin user. Log out then log into the non admin. Log out of the non admin and back into the regular account. Look at start button.

\How's that?

Anyway I think I caused some confusion by not being clear that these steps are only meant for one virus that probably only a few people have on their computers. I think I might have given the impression that I meant it to test for all viruses.

So far the only thing that has been detected in files from that computer is Trojan-Dropper.Win32.Injector.jnzz and only 4 out of 49 antiviruses call it malware. Maybe in coming weeks some more interesting malware will pop up on a scan of those files.

yntro

full member

Activity: 154

Merit: 100

Quote from: akwfleaspirit on December 16, 2013, 03:48:42 PM

Quote from: yntro on December 16, 2013, 02:49:42 PM

It would be easier for me to re-install windows for meh then do this things Cheesy

I tried to list exactly what I did but a short version that is probably the same might be
1) Create a non admin user
2) Log out then log into the non admin
3) Log out of the non admin and back into the regular account
4) Look at start button.

You're right though, it's not likely anyone would take those steps.

The end. I hope.

Well yeah even if you found out that you are hacked you still need to re-install Cheesy

akwfleaspirit

member

Activity: 163

Merit: 10

Quote from: yntro on December 16, 2013, 02:49:42 PM

It would be easier for me to re-install windows for meh then do this things Cheesy

I tried to list exactly what I did but a short version that is probably the same might be
1) Create a non admin user
2) Log out then log into the non admin
3) Log out of the non admin and back into the regular account
4) Look at start button.

You're right though, it's not likely anyone would take those steps.

The end. I hope.

yntro

full member

Activity: 154

Merit: 100

It would be easier for me to re-install windows for meh then do this things Cheesy

akwfleaspirit

member

Activity: 163

Merit: 10

Hacker's browser
109.120.153.223 - - "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0"

akwfleaspirit

member

Activity: 163

Merit: 10

Quote from: caminilegroup on December 16, 2013, 12:01:13 PM

Now your just bashing the ones who are helping and trying to understand what the hell you wrote as far as a "test"

BTW, your "test" makes no sense from an I.T.'s point of view, and is a waste of time.

Telling me to move on, the time I spent typing that to try and help you I should charge you my hourly rate but I'm afraid you couldn't afford it.

Also, saying it wasn't detected till the 11th, so your anti virus wouldn't catch it. I update my offline scanner's daily, it's not hard to click update.

I'm done, go troll somewhere else, maybe the newbie section, they seem gullible enough.

please go
thank you

caminilegroup

newbie

Activity: 42

Merit: 0

Now your just bashing the ones who are helping and trying to understand what the hell you wrote as far as a "test"

BTW, your "test" makes no sense from an I.T.'s point of view, and is a waste of time.

Telling me to move on, the time I spent typing that to try and help you I should charge you my hourly rate but I'm afraid you couldn't afford it.

Also, saying it wasn't detected till the 11th, so your anti virus wouldn't catch it. I update my offline scanner's daily, it's not hard to click update.

I'm done, go troll somewhere else, maybe the newbie section, they seem gullible enough.

akwfleaspirit

member

Activity: 163

Merit: 10

Quote from: caminilegroup on December 16, 2013, 10:20:14 AM

I use Avira as a complete offline scanner. Avira rescue cd is on a small linux distro making it completely offline.

Avast has the boot scan, and I haven't heard any complaints.

I have at least 4 different offline scanners on my multiboot drive.

Any kind of scanning is great if the virus was detected already by the company that scans. The virus or trojan mentioned above was not discovered until Dec 11.

https://www.virustotal.com/en/file/44fb2ae318a305108f9aba468e9a58d90aa695998cfeba9e951073edd69717fe/analysis/

Even if that one is not actually a virus, still a scanner only finds old news. It's important but it's not everything.

akwfleaspirit

member

Activity: 163

Merit: 10

Quote from: caminilegroup on December 16, 2013, 10:11:06 AM

By saying your not smart enough to understand what I wrote, I am inclined to believe you are trolling instead.

Believe whatever you want. Please move on. This is like kindergarten.

akwfleaspirit

member

Activity: 163

Merit: 10

Quote from: sgk on December 16, 2013, 12:57:30 AM

Quote from: akwfleaspirit on December 15, 2013, 02:00:36 AM

What source do you want?

We just wanted to know if there is any article on the internet (apart from your posts) that can verify your claim that the Start Button color change is related to PC being hacked.

Start button has never changed in all the time I used a computer until it was hacked. When the computer was hacked there were several slight changes in the computer. I just googled black start button virus and the results did not match my experience.

As far as "verifying my claim". I've given what information I have. If you want information I have then ask. If you want information from google verifying it then look to google.

caminilegroup

newbie

Activity: 42

Merit: 0

I use Avira as a complete offline scanner. Avira rescue cd is on a small linux distro making it completely offline.

Avast has the boot scan, and I haven't heard any complaints.

I have at least 4 different offline scanners on my multiboot drive.

ajax3592

full member

Activity: 210

Merit: 100

Crypto News & Tutorials - Coinramble.com

Quote from: caminilegroup on December 16, 2013, 10:11:06 AM

The problem with a virus is that when you do a scan in windows it can not detect it sometimes if it already manifested into the system files.

You need to do the offline scan, it removes all the variables of the virus fooling the anti virus software.

By saying your not smart enough to understand what I wrote, I am inclined to believe you are trolling instead.

There are people in this form that will help, a lot in the I.T. industry, but once you are identified as a troll all bets are off.

Agree, have heard from many IT guys that offline virus scan such as boot scan in Avast detects hidden viruses.
Which program do you suggest for it.

caminilegroup

newbie

Activity: 42

Merit: 0

The problem with a virus is that when you do a scan in windows it can not detect it sometimes if it already manifested into the system files.

You need to do the offline scan, it removes all the variables of the virus fooling the anti virus software.

By saying your not smart enough to understand what I wrote, I am inclined to believe you are trolling instead.

There are people in this form that will help, a lot in the I.T. industry, but once you are identified as a troll all bets are off.

sgk

legendary

Activity: 1470

Merit: 1002

!! HODL !!

Quote from: akwfleaspirit on December 15, 2013, 02:00:36 AM

What source do you want?

We just wanted to know if there is any article on the internet (apart from your posts) that can verify your claim that the Start Button color change is related to PC being hacked.

akwfleaspirit

member

Activity: 163

Merit: 10

Quote from: caminilegroup on December 15, 2013, 10:24:59 PM

Continued...

After virus scan is complete and viruses are removed it is now time to backup your files.

Doing this outside windows prevents trojans from hopping a ride.

Once you have everything backed up, format c: and reinstall windows. I recommend upgrading to 7 if possible due to EOL for xp is April 14, 2014.

And last but not least, anti virus, get it, keep it up to date.

So what did you do to piss this guy off, as the ip you provided came from mother Russia.

etc

Sorry, I pretend to be smart but I can't follow all that shit. In the morning I'll reread it and do it since you sound smart.

I don't know if I specifically pissed someone off. I harassed a character fireball on this forum because he runs a crooked exchange, and he came to mind but if you read his posts he is generally a civilized type. He might have done it but I doubt it.

More likely. I got into bitcoins earlier this year but only a few weeks ago I started going bananas with weird coins, dozens of them, going to alot of off the wall flybynightish coin sites. It seems likely because of the timing and because that seemed to interest the hacker, that they are related.

I just scanned the files I saved with Zone antivirus and it detected Trojan-Dropper.Win32.Injector.jnzz while nothing was detected a few days ago. But it was in WiseCare365.exe so it might be a false positive. I use all of the Wise products and they are a major company. I'll keep scanning regularly. I looked online and saw Kaspersky discovered that trojan, so if it is the culprit there is some balance. Russia has some of the lowest scum as well as some of the most brilliant and decent people.

caminilegroup

newbie

Activity: 42

Merit: 0

Continued...

After virus scan is complete and viruses are removed it is now time to backup your files.

I recommend parted magic, but you can use whatever flavor of linux you want for this.

Go here and download parted magic http://www.majorgeeks.com/files/details/parted_magic.html

Once that is downloaded, you can either use the same flash drive or another if you have one. If your flash drive is big enough >4GB I recommend this.

http://www.pendrivelinux.com/yumi-multiboot-usb-creator/

I have a 32GB Flash drive with several linux distros, sever distros, parted magic, anti virus, Hiren's boot cd for mini xp

Either route, if using unetboot follow the previous steps and just select parted magic iso.

Once booted into parted magic, plug in an external drive and copy your documents from your main drive to the external.

Doing this outside windows prevents trojans from hopping a ride.

Once you have everything backed up, format c: and reinstall windows. I recommend upgrading to 7 if possible due to EOL for xp is April 14, 2014.

And last but not least, anti virus, get it, keep it up to date.

So what did you do to piss this guy off, as the ip you provided came from mother Russia.

http://blogs.e-rockford.com/applesauce/files/2013/09/vladimir_putin.jpg

caminilegroup

newbie

Activity: 42

Merit: 0

Have you thought to mabey do some of the following?

1. Identify the problem & fix the problem.
2. Take steps to not allow said problem to happen again.

If you are wondering what I am talking about.

Computer A. is infected with an unknown virus, it is running Windows XP SP3 (I hope SP3), with obviously no anti virus software and no firewall protection.

Diagnose.

Shutdown computer A. immediately. Go to http://www.avira.com/en/download/product/avira-rescue-system and download the rescue cd from a known clean computer.

Goto http://unetbootin.sourceforge.net/ and download the windows binary.

Place a flash drive at least 1 GB in size in known clean computer and format it as a fat32, quick format will do.

Run unetbootin and click diskimage, and the button with the "..." on it. Locate the avira rescue cd iso and open it.

Make sure the drive is set to the flash drive and click ok.

Once complete, eject flash drive.

Put said flash drive in infect computer and boot from it, scan computer and remove viruses.

To be continued.

I am a sysadmin by the way, I do this shit for a living.

akwfleaspirit

member

Activity: 163

Merit: 10

Quote from: Haidang1796 on December 15, 2013, 06:20:47 PM

I'm pretty sure that mine isn't being hacked Grin

Almost everyone is sure. Most are right. Some not.

Haidang1796

member

Activity: 84

Merit: 10

I'm pretty sure that mine isn't being hacked Grin

akwfleaspirit

member

Activity: 163

Merit: 10

Quote from: nate008 on December 15, 2013, 10:43:27 AM

So , you're telling me that you're going through all those steps each time you use your computer to check if your virus free?

-delete-

I do it when it seems prudent. I'll probably create a non admin user on every Windows pc I have from now on and log in and out of that at least every few weeks.

I'm not telling anyone else to do it.

Topic: Quick test if your Windows pc has been hacked. (Read 3685 times)