Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 228
  • Last Modified:

Have I been hacked?

Hope someone can help me.

Yesterday I discovered a new internet dial-up which I had not put on to the computer. It was to another ISP, not my own. Had the user name of 'newdefaultuser' with a fifteen letter encrypted password. I dialled it, and got online. I phoned the ISP's helpline, but they couldn't help me. I have since deleted this, but haven't got a clue how it got on to my computer in the first place.

Also, I was filling out name and email details on a web site the other day - my computer normally remembers my details on most sites like this. This time it had my name stored, but also someone else's name. This person does not have access to my pc.

I run Win98 SE. Have Norton AV and use Black Ice firewall. I get all available updates of all three. I have been in several sites over the last few days to check my security and all sites came up with the same answer - that my computer is running in stealth mode.

These two things are worrying me. Have I been hacked? If so, how can I find out? Norton hasn't found anything. If a trojan has been left on my machine, how can I trace it and delete it? Or should I reformat?

Thank you for any help you can offer.

1 Solution
u ran an application which installed the new dialup
If you are positive that you did not add the account, and the name is not family or friend (you said "This person does not have access to my pc" not that you don't know them) then you may wnat to back-up what you can. In Norton and Mcafee, there are "Excluded" files and folders, and most anyone can add files and folders to that excluded list, so when you scan, they get skipped. I do not recommend BlickIce to anyone after I was hacked, stealth mode and all. ZoneAlarm is better. http://www.securityfocus.com/archive/1/275710 http://www.securityfocus.com/bid/4025/solution/ is probly what led to my exposure. Again that was some time ago. The thing that is great about 9x machines security wise, is that they don't have that much to let a person control the PC.
This is the logic I don't like about BID: This person does not have access to my pc.- you see it's and IDS 1st, can a firewall second. Zonealarm ehhh this isn't helping you.

What was the account to MSN? AOL? something else? Was the username someone you know? Disable File and Print sharing, can set permissions on your registry. Are you running any RemoteControl software like VNC? Do you use mIRC ver 5.91? Disable the Netbios service.
Instructions For Removal Of File/Print Sharing
To check to see if File/Print Sharing is active on your computer:
Right-click on the icon label Network Neighborhood.
Highlight Properties and left-click.
You should see a button labeled "File and Print Sharing". Left-click this
A window will appear showing two check boxes
I want to be able to give others access to my files.
I want to be able to allow others to print to my printer(s).
If either of these boxes are checked, you computer is acting as a server

To keep up with trojan's norton and Mcafee usually do a good job, but if you want to be sure, use TDS3 ohh now 4.

Again the best thing to do, espically if your not sure about how this happened, is backup what you need, say to some cd-r's and then scan them too before you reformat and reinstall 98.

two other utilities can also assist you with evaluating the security of your machine.  the first is superscan, this is a windows scanner which you can use to scan your own machine. it is available from


I would suggest using the 1.st port list scan form the options.  then do a local scan of your pc.  this will show all listening ports.

If there are ports you do not think should be in a listening state you can then use fport.exe, this is a command line utility that you run and it shows you all of the ports that are listeng and there associated program.

This should give you a good start.
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.


As gikam said, it seems that you ran a program that created that new dialup.  

I heard some stories like that, you go to a web site, the website shows you a message asking permission to run something, if you accept it does what it is supposed to do but also add the new dialup.  The next time you try to connect to the internet, it uses the new dial up.

what's the catch here? ISP and telephone fees.  Find out where is that isp, how much they charge, ask your phone company if they have had a problem like that before

I'm not trying to scare you , but this things can/have happened

yea did you see what number it was dialing. i have seen people surf the web and a banner or something pops up and installs a new dial up thing which it is really a 900 number that you get charged like $1.50 per minute. so you might want to see if you can find out what number was dialed to see if you will get charged a bunch for it.
LizzzzzzAuthor Commented:
Thanks everyone for your help.

I've written down the phone number, so I'll check out what they charge. I hadn't heard of that happening before, but I'll be keeping a closer check on who I'm dialing from now on.

Thanks again,
you stole my points

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now