Has my friend been hacked?


Recommended Posts

Now first off, this really is from a friend, none of this 'hiding behind a story' macho-crap here.

He seems to think he may have been hacked. The symptoms are:

At 12pm his homepage gets reset to http://global-finder.com

25 registry keys are hijacked at the same time.

He has Zonealarm, AVG 6 and Ad-Aware. Ad-Aware picks up the hijacked keys - I've attached the Ad-Aware log file.

I have suggested he checks that all three programs are updated and running the most recent version. I've also suggested that he either upgrade to or repair his installation of IE6 - but to be honest, I'm not sure if this'll help.

If anyones got any suggestions he'd be very grateful.

spyware.htm

Link to comment
Share on other sites

Okay, solved.

I did a search around the net for him, (To be honest, I thought he'd already done this) and came across a few other instances of what appears to be a trojan, formerly known as CoolWebSearch.

Anyhow, should anyone else be searching neowin for the same problem here's the URL you'll need to remove it

http://www.spywareinfo.com/~merijn/cwschronicles.html

It gains entry through a code vulnerabity in IE (Wow! Thats a big shock </sarcasm>) - so the morale of the story really is to keep all your operating system upto date.

Thanks, Phil.

Link to comment
Share on other sites

He seems to think he may have been hacked.

No, but his computer may have been cracked by a browser hijacking program written by some script kiddie or worse. :x

For more info on this common word abuse or misuse check the entries on 'hack' and 'hacker' and also 'cracker' in the Jargon File (link is in my sig).

Link to comment
Share on other sites

Well your friend should get spybot search and destroy, it will clean those baddies out and it has a neat immunize feature to keep IE from loading those pesky things to start with, thats why I use Opera Browser, I don't have to worry about any of that crap..and also, is your friend a user of warez? That is a common problem with warez, you get more than what you bargained for...... :woot:

Link to comment
Share on other sites

  • 2 weeks later...
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.