Solved Help, somebody is using microsoft C++ 2008 to hack into my pc

[Jimmy390]

Microsoft visual C++ 2008 + dial connection = pc hack

I am a college student, living in an apartment

I am using asus laptop K42j series and an internet connection, flash disk smart bro (SMART telecom: isp in the philippines)

The first week after I bought the "Broadband" (but its setup is in dialup connection) the connection was fast and unencrypted, after a few weeks the connection drops a little thus I encrypted it from the advanced firewall settings, until I begin to re-install my windows-7 Home premium because of my paranoia of a hacker hacking my pc.

After 3 months of not knowing, I only noticed today (10-16-2011) that somebody is using microsoft visual C++ 2008 to bypass my firewall settings and to connect to this dial-up usb broadband

I also deleted some files in the C:\Windows\Installer pertaining to microsoft visual C++ which I never installed in this pc, used CCleaner to clean up registry keys made by the microsoft visual C++

 

[logicearth]

...You cannot be serious. First off, the "encryption" provided by Windows Firewall is only for IPsec connections not all network connections. Second, MS Virtual C++ is a resource for applications, a collection of pre-built code libraries. Applications that make use of them supply a redistribution of it. It is as harmless as anything else. Its not a hacker.

 

[Jimmy390]

thank you for the reply

 

[profdlp]

Can you give us a little more detail about the problem, like how you discovered the intrusion, what flagged C++ as being involved, etc?

 

[Jimmy390]

The moment I reinstalled windows 7, there is already files in the temp folder including ones with the C++ and the windows installer, luckily ccleaner with me..

In the C:\Windows\Installer folder, there are files that are in there, but I never installed any of it, there are also files that belong to the windows 7 installer, the thing troubled me is that the files in the Installer folder has the majority of Microsoft C++ (right click>>>properties>>>detailes tab) which I never Installed, ofcourse I got security update for Microsoft Visual C++ after when I updated my windows after the day I installed it

certain dlls i the services.msc also has addresses to C:\Users\(user name)\appdata\Local\Temp

Before I reinstalled my pc, I do get numerous updates from Java and adobe reader with the latest version already installed

I do not have a copy or name of the files because I have deleted them already, but I do remember that my files in the hard disk before I reinstalled for the first time becomes shared with another Account Unknown after a week even after I kept on modifying security in the Internet options and Home group advanced sharing settings

there are also entries in my disk like C:\Application Data\Application Data\Application Data.......\Application Data...
(don't know what it is)

 

[logicearth]

Okay...I don't know how to put this...but currently the only threat to your computer right now...is yourself.

 

[Jimmy390]

thank you for the information

 

[bigcitycat]

If your router is putting out a wireless signal and your living in an apartment. You should change your wireless encryption to wpa2 if you haven't already. Wep is very easy to break.

 

[Wishmaster]

Its not always MS or you installing it. And certainly notjhing outside, but rather applications you are installing.

Many applications will install/re-install C++ as it is required for them to run properly.
You may see different variations of it in the Add/remove programs sections.
32bit, 64bit etc ...

While deleting the temp files is perfectly harmless, as they are just temporary files, removing or un-installing it may break certain applications which require it.


This is all perfectly normal, and nothing to be alarmed about.

 

[Jimmy390]

thank you for the information

 

[Corrine]

there are also entries in my disk like C:\Application Data\Application Data\Application Data.......\Application Data...
(don't know what it is)

The Application Directory is used to store user-specific data. Most software, but not all, will create a subfolder within that directory for information related to that program.

 

[Jimmy390]

I got paranoid and reinstalled 3 the windows 3 times because I think I got a malware inside my laptop. I read the other threads from the forum about the firewalls, anti viruses and other stuff and the thing that did it is the microsoft essentials with the help of comodo firewall.

steps that I did:
first reinstall, tried if my sharing settings will changed, it got changed..
second reinstall, install windows via upgrade, sharing settings also got changed..
third reinstall, install windows via f8 safe mode core drivers, settings did not change..

after windows installation, I installed comodo firewall before the installation of laptop drivers..
furthermore, I never thought windows 7 had microsoft security essentials (personal antivirus/antimalware in genuine windows)

thank you sir, ma'am for the giving me information about the files that I mentioned
also, I got files with the filename mjcxxx.dll (mjc222.dll, mjc22.dll, mjc333.dll, ... , mjc99.dll) in my system32 within the second reinstallation, I don't know what are those files. I also forgot to mention from my last post that my windows updates automatically updates even if I set the update to "Notify...", and one svc host eat up to 40MB physical memory.

 

[Corazon]

You've said it yourself so you won't mind me repeating it...You really are paranoid...that's not good. You're wasting a lot of time chasing ghosts. Everything you've described is normal and typical behavior for Windows, and I mean everything.

Why are you so worried about being hacked? Do you have military secrets or access codes to a million-dollar Swiss bank account or something?

Consider this. Many of us have been running Windows for years without ever catching a virus, simply by using common sense and following basic precautions (install a good free AV, keep your browser etc. up to date, take the time to configure things correctly, don't visit shady websites etc.).

Whenever there's a new virus or other malware gaining the attention of popular media, they make a big deal out of it and sometimes so-called experts will come up with doomsday predictions and warnings that do nothing but scare PC users who aren't technically competent. But on a day-by-day basis, unless you're simply stupid (I mean the general 'you') you're very unlikely to have a major problem anytime soon.

Stop reinstalling so much and trying to fix problems that aren't there. Just enjoy your computer.

It's true that we Windows folks can run into weird and bizarre issues anytime but usually that's just Windows itself, a harmless bug, a wrong setting, things we're here to help fix when they happen. Not everything unexpected is automatically OH NOES OMG AN INFECTION I'M GONNA LOSE ALL MY DATA WTF.

So take it easy, darn it!!

 

[Jacee]

Upload those .dll files to http://www.virscan.org/ and have them scanned for malware.