Have I been hacked?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hello, I have just done a clean install with Win XP and SP2. Everything was
going fine. Then I had a crash (restart) affect my system. I checked the
"Event Viewer" and noticed a number of processes started - including "remote
acces" just before the crash took place. I ran my Spyware and it found around
5 entries, which I then removed.

Have I been hacked? What else can I do? I noticed that SP2 firewall is
configured to "except" remote access.

Thank you kindly for any help you may be able to offer.

Chris
 
1) Download the following three items...

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend Pattern File.
http://www.trendmicro.com/download/pattern.asp

Adaware SE (free personal version v1.05)
http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download Sysclean.com and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt277.zip

Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.

2) Update Adaware with the latest definitions.
3) Disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) Re-enable System Restore and re-apply any System Restore preferences,
(e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) Create a new Restore point

* * * Please report your results ! * * *

Dave



| Hello, I have just done a clean install with Win XP and SP2. Everything was
| going fine. Then I had a crash (restart) affect my system. I checked the
| "Event Viewer" and noticed a number of processes started - including "remote
| acces" just before the crash took place. I ran my Spyware and it found around
| 5 entries, which I then removed.
|
| Have I been hacked? What else can I do? I noticed that SP2 firewall is
| configured to "except" remote access.
|
| Thank you kindly for any help you may be able to offer.
|
| Chris
 
Back
Top