Question:
Someone has hijacked my internet connection?
howard
2012-09-16 08:32:41 UTC
A while ago I had a fake Antivirus program that installed itself on my PC which is running Vista Home Premium. The fake Anti Virus would not let me use my computer flashing Virus warnings on screen each time I tried to open any documents or files etc making the machine unusable and asking me to pay to register the fake program to remove the fake virus. I got rid of it by deleting suspicious files and disabling it in safe mode from the auto start entries. Since then someone is clearly using my internet connection as my usage is over 7GB a month were as it used to be under 3GB, it also runs slowly and Windows security centre will not work anymore so I cannot use the firewall, windows defender or install any other security software.
My question is this. How can I repair windows security centre and stop the hijacked Internet connection? Is there a way of doing it without a complete reinstall of windows?
I have tried running Spybot and Spyware cease but none of them find anything but there is clearly something still in the system.
Many Thanks in advance for any help.
Eight answers:
Techno
2012-09-16 08:45:00 UTC
Secure your connection...

http://www.pcworld.com/article/130330/article.html



The key words here are SAFE MODE with Networking!!!



Download, (if you can't get on-line, have a friend download and copy to disc/flash for transfer) install, update and then in SAFE MODE* run full scans with these programs...



** http://www.malwarebytes.org

http://www.superantispyware.com

http://dl.surfright.nl/HitmanPro36.exe



**Note: Malwarebytes should be run in 'Normal Mode' unless that isn't possible!



*** Important, when downloaded/installed/updated disconnect from the internet ***



Then re-start.



If you can't run a scan, go into the scanner's folder and re-name the .exe file to something like 'MyFile.exe' and try in safe mode again. Some malware prevent the execution of anti spy/mal/virus scans by blocking them by name.



Try running a couple of on-line scans to be sure...

http://housecall.trendmicro.com/uk/

http://go.eset.com/us/online-scanner



You should consider getting a good Anti-Virus program.

Try one of these free ones...



http://www.avast.com/free-antivirus-download



http://www.free-av.com/en/download/1/avira_antivir_personal__free_antivirus.html (Avria)



http://download.cnet.com/AVG-Anti-Virus-Free-Edition-2011/3000-2239_4-10320142.html



http://windows.microsoft.com/en-GB/windows/products/security-essentials (MSE)



***Never use more than one, active, anti-virus program at any one time***



*Note: On start up (before Windows loads) keep tapping either F5 or F8 (be aware that some manufacturers use F8 for system recovery!) then use arrow keys to highlight 'Safe Mode with networking' and hit Enter/Return, click on an Administrator account, enter the password (if you don't know it, there probably isn't one so leave it blank) and hit Enter/Return.



©Techno
sewrobb
2012-09-16 08:50:27 UTC
Your very vague on detail as to how this really happened.



A program cannot install it's self unless you assist it ie opening an attachment in a email from someone you don't know.



If you picked it up on the internet then your AV and firewall would have stopped getting on in the first place and quarantined it.



If your using a wireless connection and it is locked then it can't be piggybacked.



No one can use your internet if your hardwired.



To be honest there is more to this than meets the eye. As I said a program cannot install it's self without your help to start with.



If it is in such a mess then your only option is to do a complete reinstall of Vista.
2012-09-18 09:02:26 UTC
A friend asked me to fix this, awhile back. It should try to prevent you from accessing many webpages that could help you.

Here's a guide: Run 12+ tabs in Google Chrome (Faster, any should work though) and try to get into this page as fast as possible with all of them: http://security.symantec.com/nbrt/npe.aspx

and download/run ASAP. It's free, and will fix such issues.

You may lose some cached files it's infected; nothing too serious.

Good luck on CPU Repair: Impossible.

Edit: Until you fix this, you're likely in a Botnet.

As far as the Internet Usage goes.
?
2012-09-17 01:42:02 UTC
You have not removed the infection, simply deleting one or two files might get rid of popups but the machine is still compromised. the ONLY true way to do this im afraid is to do a full reinstall and reformat of the computer from clean install CDs other than that you cannot guarantee getting rid of the problem. Plus bear in mind as you now know your computer is being used without your concent you could be held responsible for anything they do through your computer. Backup your data and do the reinstal its a pain but only way.
2016-05-18 05:49:05 UTC
There is actually a special paint you can get to aid in the spread of signals outside the home, unfortunately it's not cheap. A better soultion is just to use some form of wireless encryption and a software firewall.
Antoni
2012-09-16 09:10:31 UTC
1. Restart your PC and as it's starting keep TAPPING the F8 key.

2. When the menu pops up select "Safe Mode with Networking" from the menu.



Download and do a scan with the following programs, anything they might find... let them remove it:



Malwarebytes: http://www.malwarebytes.org/products/malwarebytes_free/

Hitman Pro: http://www.surfright.nl/en

TDSSkiller: http://support.kaspersky.com/faq/?qid=208283363



Make sure your DNS settings are automatic and windows HOSTS file are default, you can follow these articles on how to do this:



http://windows.microsoft.com/en-US/windows7/Change-TCP-IP-settings

http://www.trishtech.com/security/restore_windows_hosts_file_back_to_default.php



You also need to make sure that your browsers proxy connection settings have not been altered by malware, please follow this video on this:



http://www.youtube.com/watch?v=-hwTHCQQyy0



In order to get your firewall working again etc... you may have to reset the file and registry permissions set in your registry and then re-enable default windows services that might be shut off by certain malware... you can do this by following this article and downloading the windows service reset tool... when running this tool make sure all browsers are shut down first:



http://answers.microsoft.com/en-us/windows/forum/windows_7-security/how-to-reset-all-user-permissions-to-default/9da312d2-c99b-4283-a275-e74d93dcc366



http://www.scottroyalty.me/blog/reset-all-services-for-windows/



-hope this helps!!
?
2012-09-16 08:39:40 UTC
The samething happened to me yesterday they deleted everything on my computer. I had to just to reset my computer to a earlier time and I installed another spyware on my computer. That fixed everything.
2012-09-16 08:35:28 UTC
Call your internet provider


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...