Computer hijacked

Tech Talk: Discuss gaming or computer issues here! We will provide answers to general setup questions, configuration problems and support for determining common problems mostly related to bugs.

Moderators: Paul.nz, ViPER, Hottieshottie

Post Reply
Paul.nz
General
General
Posts: 866
Joined: Sun Oct 07, 2007 11:09 pm
Location: run and hide
Contact:

Computer hijacked

Post by Paul.nz »

Today my pc got hijacked from a site which brought up a webpage and it couldn't be closed etc.I couldn't get into the task manager to turn it off etc.It even put rubbish into the windows start area (not the system configuration area.).So as soon as i restarted it popped back up.
In safe mode i found the trogen but windows 7 being windows 7 wont allow users to delete it.Lucky i have tune up utilities and that managed to delete it.Moveonboot is a free program which can be used to delete any file,simply run the program and on boot the program deletes it before windows starts.
BEWARE this exe file come through a webpage and was undetected from my antivirus.Ultimatly i was ummm looking for movies to borrow and going to the not so nice sites.It wasn't in a file or anything so could easily hit other people.
It come up with a page with a link to pay to unlock it.....yea right like i would do that.

This managed to get through avg free edition which was updated a few days ago so it is new and a pain in the ass.If people dont know much about computers they WILL NOT be able to recover it easily.Make sure you update your antivirus and if you havn't backed up before backup now,it is a good practise.
FireCracker
Division Commander
Division Commander
Posts: 190
Joined: Mon Sep 27, 2010 8:21 pm

Re: Computer hijacked

Post by FireCracker »

Let me guess... you were using Internet Explorer when this happened??

I have had similar happen in the past when using IE on search engines, etc.

I switched to Firefox a few years ago and don't worry about those kinds of exploits anymore.

Only use IE on sites you know and trust.
Paul.nz
General
General
Posts: 866
Joined: Sun Oct 07, 2007 11:09 pm
Location: run and hide
Contact:

Re: Computer hijacked

Post by Paul.nz »

Nope i use firefox and i didn't download anything.I just went to a website and it uploaded it to my pc through the cache and managed to run the exe and put bits all over the place.Once i got rid of the main file i could remove the others to stop it happening again.I installed zone alarm for a few weeks to monitor what is trying to run or access the internet but i am confident i have got rid of it all.I wont let the buggers beat me.
FireCracker
Division Commander
Division Commander
Posts: 190
Joined: Mon Sep 27, 2010 8:21 pm

Re: Computer hijacked

Post by FireCracker »

Do you have an ActiveX control extension installed in FF? If so, get rid of it. That's generally how those auto install bugs exploit your system.

In Firefox, you have to install the extension to have ActiveX control. (so if you have installed it for some reason.. remove it!!)

IE comes with it by default and must be disabled.
Paul.nz
General
General
Posts: 866
Joined: Sun Oct 07, 2007 11:09 pm
Location: run and hide
Contact:

Re: Computer hijacked

Post by Paul.nz »

Howdy i just checked and couldn't find anything.I found and deleted the files and run scans and cleaners.I installed zonealarm so i can monitor what is trying to access the net and block it.Everything seams ok now.I tracked down what it was and it was a virus which was around in 2011.The newer version of it is the one which zips your files and without a password you will not get anything back.
Post Reply