General discussion

Locked

Home PC Security

By jeffrey.ho ·
I just recently had my home PC hacked. The hacker created a new user account and password protected my account and any sub accounts I had. I run Windows XP. Luckily, from the tricks of the trade I was able to regain access to my desktop through a security hole using the Windows installation disk. I was able to delete the new account the hacker created and I changed all the passwords.

I was also able to pull up the security log in event viewer, and saw that he logged into my PC almost every night for the past couple weeks.

I have 2 separate hard drives. One is the system drive, the other I basically use for extra storage. The system drive was infected with viruses planted by this hacker when I scanned it with Bitdefender Plus. My extra HD seemed to be ok. I decided to completely format my main HD. And reinstall Windows. I also purchased a Linksys Firewall Router to sit between my DSL and my PC.

Here is a question: After I installed the firewall router, I left my computer on that night. I checked the logs in the morning, and I could see that this hacker was again trying to access my computer. There was a bunch of failed audits due to bad passwords. I could tell he was trying, but from what I could see his attempts were unsuccessful...but, how is he even getting this far with my router installed? Isn't the purpose of the router to mask my actual IP address from the outside?

I then went out and purchased Zone Alarm's 2007 Security Suite because of how highly touted their software firewall is. After a night with this extra layer of protection, I did not see any attempted logins...so maybe this will work.

Does anyone have any suggestions or have experienced what I am going through? And, how come the router didn't stop this guy from again trying to access my PC? Lastly...should I reformat my extra storage HD I mentioned? It didn't seem like he messed with anything in there, and my anti-virus didn't detect anything unlike my main system HD...but, I just want to be 100% safe.

Any help would be appreciated...

jho

This conversation is currently closed to new comments.

9 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Do you have a hardware firewall?

by Dr Dij In reply to Home PC Security

They're dirt cheap, about $35, and no software to install, config via web browser. If so, no one can transmit to your PC except as requested. You can still get hacked by visiting a web page that loads activex, or uses an IE flaw tho.

I just don't trust software firewalls. What if it stops working for some reason, then 60 seconds later you're infected. If a hardware router stops working, you don't connect to the internet.

I'd get an image type backup software for about $50, such as ghost, and a USB hard drive, 300 gig or so is about $100. Backup your system drive to it. you can do a bare metal install from this if needed.

Zone alarm showed me a bunch of hack attempts till I got a broadband router. then they disappeared off ZA log. since they can't ping you. packet is simply dropped if not requested, because of the NAT - IP address to the hardware router is dift from address of router to the internet.

Collapse -

hardware router

by jeffrey.ho In reply to Do you have a hardware fi ...

Yes, I stated that I went out and purchased a Linksys Firewall Router. I also stated the night after I installed it, my security logs still showed he was attempting to log in although all attempt were unsuccessful due to bad passwords (obviously since I changed the passwords)

How did he get past my router? If he is coming through on an open port, isn't the router supposed to stop this?

jho

Collapse -

Did you modify any of the default settings?

by Dontknowwhatimdoing In reply to hardware router

Also, did you change the default admin password on the router? If you didn't, then you are still open to attack.

Collapse -

default settings

by jeffrey.ho In reply to Did you modify any of the ...

Yes, I changed the admin password on the router, and I did not change any default settings. I simply plugged and played...

I just don't understand how he was still able to get to the point of trying to enter a password again. He must still be getting through an open port, I just really the the router would have eliminated this.

jho

Collapse -

Dumb question

by Dontknowwhatimdoing In reply to default settings

Did you change the admin password before you cleaned your system? If you did, then maybe he had a keylogger that recorded it.

Collapse -

question

by jeffrey.ho In reply to Dumb question

No, after I reformatted...I changed the passwords.

jho

Collapse -

I don't remember the default settings

by Dontknowwhatimdoing In reply to question

so I'll look at one. It won't be until late today or tomorrow before I can get back to you though. Sorry.

Collapse -

Should have asked

by Dontknowwhatimdoing In reply to Home PC Security

What model # do you have?

Collapse -

I don't understand still

by Dr Dij In reply to Home PC Security

if you have a cable router, it should be doing address translation, all packets, including requests for login should be dropped, unless you've configured the router around this..

I.E. you've setup to login to your home PC from somewhere else. or you have a trojan remote control.

Back to Malware Forum
9 total posts (Page 1 of 1)  

Security Forums