A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.telecom.broadband (UK broadband)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.telecom.broadband (UK broadband) (uk.telecom.broadband) Discussion of broadband services, technology and equipment as provided in the UK. Discussions of specific services based on ADSL, cable modems or other broadband technology are also on-topic. Advertising is not allowed.

Hacked In Half an Hour



 
 
Thread Tools Display Modes
  #1  
Old November 21st 04, 12:40 PM posted to uk.telecom.broadband
Gelf
external usenet poster
 
Posts: 8
Default Hacked In Half an Hour

A cautionary tale:
I finally had time to set up my new Demon Home500 ADSL yesterday.
Things didn't go too well initially with the modem/router I was using,
so I messed about with various settings, including turning Sygate off
(!) temporarily.

Still no joy, so I resorted to the supplied Alcatel USB modem. For
once I (foolishly) follwed the instructions and turned off my
anti-virus prog prior to installation.

Eventually I got things running after a call to Demon tech support
(0871, but at least they answer straight away!) - I'd just got host
name and ADSL login confused.

So then I was up and running but suddenly the whole PC seemed to slow
down and internet access was like dial up. I looked at the LAN monitor
and vast amounts of data were going out and not much coming in.

So I re-enabled Sygate rapid and discovered a nasty little Trojan (or
was it a worm?) trying to dial out. It was called iexplore32cb.exe in
the system32 folder.

I hadn't been on any dodgy sites - just Google and some tech support
sites.
So watch out! It doesn't take long to get hacked when you are
unprotected! All in less than half an hour.

I think it also shows the value of a software firewall, which others
were saying wasn't necessary in this NG recently. At least it shows if
something is trying to phone home and the name of the program.

Gelf
  #2  
Old November 21st 04, 01:09 PM posted to uk.telecom.broadband
Ade65
external usenet poster
 
Posts: 15
Default Hacked In Half an Hour

Gelf wrote:
I hadn't been on any dodgy sites - just Google and some tech support
sites.
So watch out! It doesn't take long to get hacked when you are
unprotected! All in less than half an hour.


Is you PC fully patched?
Because if it was not then you did well lasting half an hour. Better than
the average in fact.
http://news.zdnet.com/2100-1009_22-5313402.html


  #3  
Old November 21st 04, 02:50 PM posted to uk.telecom.broadband
Vigil
external usenet poster
 
Posts: 8
Default Hacked In Half an Hour

You had best reformat.

--

..

  #4  
Old November 21st 04, 03:18 PM posted to uk.telecom.broadband
Gelf
external usenet poster
 
Posts: 8
Default Hacked In Half an Hour

On Sun, 21 Nov 2004 14:50:38 +0000, Vigil wrote:

You had best reformat.

Why? I have deleted the executable from a DOS boot disk. Do you know
some more about this Trojan?
Gelf
  #5  
Old November 21st 04, 03:41 PM posted to uk.telecom.broadband
cw
external usenet poster
 
Posts: 323
Default Hacked In Half an Hour

Gelf wrote in news:[email protected]
4ax.com:

Why? I have deleted the executable from a DOS boot disk. Do you know
some more about this Trojan?


Run Adaware, Spybot S&D and if you're up to it HiJackThis. Trojans these
days mostly consist of more than one file. Many have a hidden and
obfuscated "dropper" which launches different processes. If you kill the
process it has launched and delete that executable then it just makes
another one.

On one hand, most of them can be gotten rid of with some work if you know
what you're doing. Sometimes they break things though and it is more
effective to give up and start again.

I personally have found a combination of the above three programs and
Avast! Antivirus normally cleans off any machine (one exception recently
which I think was because the user had been trying to delete stuff himself
and deleted the wrong thing..)

--
Colin
*Drop DEAD from the email address to reply*
  #6  
Old November 21st 04, 07:37 PM posted to uk.telecom.broadband
Mark McIntyre
external usenet poster
 
Posts: 1,835
Default Hacked In Half an Hour

On Sun, 21 Nov 2004 15:18:54 +0000, Gelf wrote:

On Sun, 21 Nov 2004 14:50:38 +0000, Vigil wrote:

You had best reformat.

Why? I have deleted the executable from a DOS boot disk. Do you know
some more about this Trojan?


The previous poster was just being facetious. Either that or he's one
of the zealots. Ignore him.


  #7  
Old November 24th 04, 01:23 AM posted to uk.telecom.broadband
Vigil
external usenet poster
 
Posts: 8
Default Hacked In Half an Hour

On Sun, 21 Nov 2004 15:18:54 +0000, Gelf wrote:

You had best reformat.

Why?


It's the only way to be sure :-)

--

..

  #8  
Old November 24th 04, 11:00 AM posted to uk.telecom.broadband
Somebody
external usenet poster
 
Posts: 16
Default Hacked In Half an Hour

Vigil wrote:
On Sun, 21 Nov 2004 15:18:54 +0000, Gelf wrote:


You had best reformat.


Why?



It's the only way to be sure :-)


This is true.

If you had a Trojan on your system, any kind of additional malicious
software could have been secretly installed on your PC before you
removed the Trojan.

This new software may not show up in AV scans.

Therefore, it is recommended that to be sure of a clean system, reformat
and reinstall the OS.
 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Has my router been hacked? uk.telecom.broadband (UK broadband) 12 September 26th 04 10:50 PM
Disconnecting 3 to 4 time per hour !! John Steele uk.telecom.broadband (UK broadband) 0 July 8th 03 11:34 AM


All times are GMT +1. The time now is 05:24 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright 2004-2020 BroadbanterBanter.
The comments are property of their posters.