Go Back   TechArena Community > Technology > Networking & Security
Become a Member!
Forgot your username/password?
Tags Active Topics RSS Search Mark Forums Read

Reply
 
Thread Tools Search this Thread
  #1  
Old 12-05-2010
Member
 
Join Date: May 2010
Posts: 2
forced to join a remote domain first time unannounced

How was I forced to join an anonymous remote domain without permission and without credentials/certificates?

I have secured my only home Win XP Pro SP3 PC to the best of my knowledge by going thru some registries and services.

But somehow a hacker or hackers was able to force me to join their remote anonymous domain.
I used netstat /a /o & found their IP address 208.116.56.20:4448 & 208.116.56.21:4448, but do not know who was the mysterious hacker(s) nor where they originated.

I also used wireshark and found several other hackers trying to PING my PC, probably used MTU.

What I found in my PC,

several services were missing
Alerter
Messenger
Computer Browser
Server
Workstation

some registries were also missing
HKLM\System\CCS\services\Browser\Parameters - Browser folder MISSING!

HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default
- Terminal Server Client folder MISSING! Plus I was unable to disconnect from the anonymous remote domain. I had to call the ISP to disconnect.

HKEY_USERS S-1-5-19 & S-1-5-19 CLASSES folders MISSING!


HKLM\System\CCS\Services\LanManServer\Parameters - LanManServer folder was missing temporarily but was later recovered intact using sfc/scannow

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explor er - Policies folder was missing temporarily but was later recovered intact using sfc/scannow

performed:
Start->Run and typed dcomcnfg.exe & clicked OK
Component Services -> Computer, but the window automatically closed.

the hackers were attempting to copy/move my document data from the desktop & from the data backup HDD (I saw a ~$)

I later found some of my documents contain a Macro Word Virus.

there were 3 unidentified users in the winlogon registry

there were also 4 unidentifed users under the IE folder.
I deleted the IE completely.
I completely disabled my modem by unplugging the DSL line and power line & turned off the modem & somehow a newly created IE folder appeared offline.

I finally got a DCOM error message when I bootup my PC stating my PC will be forced to shutdown in 1 min.

I also found out by using Combofix an executable file was created by someone on March 3 2010 - a virus

when I used GMER, several viruses were destroying all of the Windows NT files and the TCP/IP files.

I had to erase/wipe the HDD immediately. There was no way to recover the OS.

How do I avoid being hacked in again remotely?

I tried using a wireless router, but got bricked by a hidden virus

I tried several antivirus/firewall both free and paid versions, all are easily disabled.

I tried using the built-in admin password I created earlier, but somehow I was locked out.

I could try using a strong local admin password, but hackers know all of the tricks to crack & find them.

How do I protect my only home PC against these malicious anonymous remote hackers & I am the only first time admin using the PC?

I know that using the Internet/USB/PC - take them for granted.

This is not a joke & was a rude wakeup call for me.

I DO NOT want to go through this ever again. It was a pure horrifying PC nightmare! Its like turning my PC upside down.

Its just a game. Not anymore (whack, fade to black).

I am currently out of options.

I Request immediate assistance. URGENT.
Reply With Quote
  #2  
Old 13-05-2010
Member
 
Join Date: May 2008
Posts: 4,339
Re: forced to join a remote domain first time unannounced

1. Keep Your Firewall Turned On.

2. Keep all your software and your operating system up-to-date.

3. Keep your antivirus software up to date.

4. Keep your antispyware up to date Technology.

Connecting to the Internet can pose dangers to unwary computer users. Use a firewall to help Reduce Your Risk.

Installing a firewall Is Just The First Step Toward safe surfing online. You can continue to Improve Your computer's security by keeping "your software up to date, using antivirus software, antispyware software and using.
Reply With Quote
Reply

  TechArena Community > Technology > Networking & Security
Tags: , , , ,



Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads for: "forced to join a remote domain first time unannounced"
Thread Thread Starter Forum Replies Last Post
Remote Desktop in a Domain. Why doesn't putting a user in the domain group Remote allow remoting into a client? Muhammad Waqar Windows Security 3 11-03-2009 03:46 AM
Join computer to domain without domain admins right ridergroov Active Directory 2 09-10-2008 03:08 AM
Minimum security settings of computer accounts for allowing domain user account to join domain Manik Active Directory 1 18-08-2008 10:17 PM
Creating a domain account only used to join computers to a domain kyosang Active Directory 4 10-02-2007 02:41 AM
Delegate domain user permission to join domain BlackSunReyes Active Directory 3 25-04-2005 01:03 PM


All times are GMT +5.5. The time now is 01:04 PM.