Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Our network has been hacked. Are they into Apple Stuff and PS3 too?

13 Jul 2012   #1

Windows 7 Home 64 Bit
Our network has been hacked. Are they into Apple Stuff and PS3 too?

Hello there:

This is a very long story but the short of this is that our network was hacked by a seriously bad Trojan. All of our computers were (are) infected. The Trojan calls out to an external server, downloads windows NT and changes the boot to their network. Unbelievably I have been battling this demon for over two years and have lost a tower and two laptops. I now have two more brand new infected laptops. Here's my question: They are in my PS3 right? How, if I have 2 new computers, with a new router and modem, and virus protection on all my computers are they able to get the new computers to call out to the server and download all this malicious software all over again? Can the PS3 system I have call out to them somehow? How about my apple products like my IPhones and my IPads? They have compromised our I tunes accounts and have copied all of the music from our computers. They have all of our info. I seriously think this dude just likes the challenge because we have actually been on my computers at the same time. These active voyeurs mirror my desktop and change settings while I try to stop them. The first thing they do is connect to a network projector and various other input devices, then they download tons of malicious software and steal our bandwidth. I'm sure they are hacking others from our system. What in the world can I do to prevent this from happening again? Toss the PS3? What about the Apple products? The windows platform is full of holes so they get in there easy when they try, but what is calling out to them if I have new computers? PLEASE HELP.

My System SpecsSystem Spec
13 Jul 2012   #2
Microsoft MVP

Windows 7 Ult. x64


This doesn't like hacking per se, rather a backdoor trojan. A couple of questions:

1. Are all your operating systems genuine and updated?
2. What anti-virus protection do you have on your devices?
3. Do you use passwords on all your accounts, and your router?
4. Is your firewall enabled?
5. Have you checked to see that the malware isn't residing on any of these devices, and any backup storage devices?

Unplug every device from your network, and then run this on all the Windows 7 computers:

Windows Defender Offline

Report back on what it finds.

My System SpecsSystem Spec
13 Jul 2012   #3

Windows 7 Home 64 Bit

Good Evening:

First I will answer your questions:

All of my computers are running Windows 7 and are as updated as they can be. One is brand new out of the box 1 week with updates installed. The other is 3 months old and has stopped updating because this is what these programs do. They stop you from updating and change your settings so that you can't access the program to update your system.

I have Macafee installed on one and Trend Micro on the other. Both virus programs have been totally disabled and they are running "fake" programs that appear to be scanning your system when you try to initiate. "this Trojan or hacker has written programs that appear as they should but they have minor glitches that give them away. For example, one of my computers had a delay when I would hit the windows security panel. I would click on it and immediately for a split second I could see the red warnings all over my status screen, then immediately a duplicate page pops up that says my computer is clean and that all settings are good. There seems to be one of these "fake" pages for every virus program out there because I have used PC-Tools, Macafee, Defender, Trend Micro, and a few others.

Of course, we have passwords for everything. Multiple password changes. We have changed routers twice, we change the passwords with AT&T several times and it doesnt help because all of the malicious software is already is in our computers. It calls out to a server, hundreds of device drivers have been downloaded to our machines, hundreds of files have been downloaded to my computer that is one week old. My BIOS has been altered. My computer boots to a server somewhere in Internet land. I can't get into the BIOS to change the boot drive because the settings are greyed out and are unclickable.

I have checked and the Malware Is on my computers. There is tons of it. I have deep cleaned and completely restored two computers to get rid of this and those computers are now in the garbage. This is a battle here, I clean my computers, I buy a new router, I move to a new home and start my Internet service all over again. The malware is so deep within my computers that I have tossed three computers away. I took these computers to Micro-Center and those technicians declared my machines clean. Needless to say, this Trojan, or hacker or whatever still is able to get passed all the firewalls, all the passwords and has me logging into his server when I boot my computer.

Now, I understand that you are helping me here and I want help. But please answer my original question:

If I throw away another two computers - and get a new router, and change to comcast from AT&T: Is it possible that they have altered my PS3 in some way that if I connect it to my new account they will get back in?? What about my apple products? This team of hackers has already downloaded all of my music and my photos and my videos to their server. If I change my apple passwords again, is there any way that this malware has altered my IPads and IPhones so they can get back in to another new account???

Don't get me wrong here. This is not my first time at this rodeo. I have completely formatted the hardrive and reinstalled the software on some of my computers in this battle, I have enlisted virus protection companies, I have sent my machines in for service. Now I have 2 relatively brand new laptops and it is back - at my new house - on my brand new laptop.

There are multiple users listed in the file permissions.
I can not change my user account settings.
My network is currently a public network and I can not change it to home.
My file permissions have been changed, I do not have permission to delete files.
I need permission from Mr. Trusted Installer to access or delete files.
My computer has a key logger, a remote display, and starts up by itself
My computer boots to \Device\HarddiskVolume2
My system Locale is en-us;English. NOT en_us as is supposed to be.
My clock settings are inaccessible.
I have an additional 'virtual' mini port WiFi adapter that has appeared out of no where and my computer connects to it wirelessly when we are sleeping and the hard drive burns at lightening speed all night.
My computers environment variables list my operating system as Windows NT.
The domain is WORKGROUP
The Logon Server is \\ClassicStyle-PC
There are 58 Hotfixes installed and 19 programs have access to the Internet.
All of the logs have been disabled so I can't see when a warning goes off.
There are hundreds of services and processes in my task manager that I can not identify or stop from starting. I am unable to stop certain services or processes.
My BIOS settings have been changed and I do not have permission to change them back.
When I format my hard drive and reinstall back to factory settings - it stops nothing because my systems settings have been changed.
I need a Linux intervention.

I'm hoping to return these 2 computers to the stores I bought them. If not, (I know)
Maybe I will reformat and reinstall again using Linux.

My questions:
Do I need to toss the PS3, the 2 Apple IPads, the 3 IPhones, and the Wii?
Can they get into my home network and download the malware on my virus protected, firewalled-computers again using these alternative devices?
How are they finding me? Or how am I calling them?
Can the PS3 Ping? How about the Wii?
If my computers are clean, can these other devices give them access to my computers?

P.S. I am going to try again using your advice if I can't return to the manufacturers.

Thanks, until nextime.

My System SpecsSystem Spec

14 Jul 2012   #4

Windows 7 Ultimate x64

Quote   Quote: Originally Posted by ClassicStyle View Post
The Logon Server is \\ClassicStyle-PC
I think it would be a good idea to talk to the person that manages that server. I'm pretty sure they would know what's going on.
My System SpecsSystem Spec
14 Jul 2012   #5
Microsoft MVP

Windows 7 Ult. x64

There are multiple users listed in the file permissions.
Linux isn't the solution friend. How many users exactly are accessing your network? What are they downloading from the internet? I think thats where your problem may be.

Think about it : you throw away old computers and router, but still have malware? Common denominator = users.

My System SpecsSystem Spec
14 Jul 2012   #6

Microsoft Community Contributor Award Recipient

Microsoft Windows 7 Home Premium 64-bits 7601 Multiprocessor Free Service Pack 1

Most likely all computers have visited same website and installed the malware. Malware doesn't jump from one pc to another one if fully patched. Unless you run some exe on the network for example what has malware in it. I think that malware is phoning home and installing remote display, keylogger and a lot more.

Try this: What is Windows Defender Offline?

We recommend that you download Windows Defender Offline and create the CD, DVD, or USB flash drive on a PC that isn't infected with malware—the malware can interfere with the media creation.
My System SpecsSystem Spec
14 Jul 2012   #7

Windows 7 Home 64 Bit
You've got it.

Today I have 2 computers on the network. Both have had their BIOS systems compromised. The hard drives have been partitioned and new directories have been installed. The BIOS settings have been altered so that the computers boot to an installed diskette directory on a server. how do I completely restore the BIOS on a dell computer? The BIOS settings have been altered and pressing F12 brings me to the BIOS but the commands to change the boot order have been erased.

Step one 1- I'm in the Bios. How do I reorder the boot? Right now all I see on the screen is this

Set Boot Priority (Blacked Out)
1st Boot. Diskette
2nd Boot. Hardrive
3rd Boot USB
4th Boot. Cd/dVd
5th Boot. Network

What are the commands on a dell to reorder the bios? I should be able to reorder this list by moving each device up and down in the order? The help function has been altered so it gives no key strokes to follow or directions for reordering the boot.

Tell me how to reorder the devices in the boot order.

I'm working on my end as well.


My System SpecsSystem Spec
14 Jul 2012   #8
Microsoft MVP

Windows 7 Ult. x64

Try the PageUp, PageDwn or + and - keys.
My System SpecsSystem Spec
14 Jul 2012   #9

Windows 7 Home 64 Bit

Ok, now, I've figured out how to re-order the boot and I put it in the following order

1st. DVD/CD
2nd USB
3rd Hard drive
4th Diskette
5th Network.

Now, I need to figure out what else to change in the BIOS. ANY SUGGESTIONS?
My System SpecsSystem Spec
14 Jul 2012   #10
Microsoft MVP

Windows 7 Ult. x64

That depends on what you are trying to do. Are you trying to boot from a DVD?
My System SpecsSystem Spec

 Our network has been hacked. Are they into Apple Stuff and PS3 too?

Thread Tools

Similar help and support threads
Thread Forum
Network Adapter Drivers hacked help
I scan my laptop daily for any virus and one day it found 200 viruses after that my anti virus asked me to delete them or no and i deleted them then it said you need to restart for the computer to take effect then i restarted my laptop and i saw that skype cannot go online and i checked my network...

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:36.
Twitter Facebook Google+