Internet slow as hell, sites hacked. Can anyone help??

Status
Not open for further replies.
MyOwnDemon

MyOwnDemon

Face Rocker
Jan 28, 2007
3,529
27
48
Iowa
www.sitestomp.com
Where do I begin...

Last week I noticed my internet connection had slowed to a crawl. I get time out errors, sites don't load, etc. It takes forever to load anything and I am getting extremely frustrated. I ran anti-spyware programs, etc. Nothing was found. So, I called my ISP and they reset my router from their end and checked the line and said it was fine.

My computer itself runs fine, it's just my internet connection. Now, I also noticed 90% of my websites are listed as harmful sites in google (awesome!) which would explain why my businesses have took a huge nosedive. These leaves me to believe I got infected from my own websites. Ironic.

I can't even get into my FTP to delete my websites and reupload them. Yes, the password works (I changed it just to be safe), but the connection is so slow I just time out.

Short of reinstalling windows (looking for my installation disks now), can anyone help? I have posted a HiJackthis log at Internet running extremely slow

Wickedfire has helped me in the past with things like this, so I'm hoping someone can help me now. I am really at my wit's end - I've spent the last 48 hours trying to fix this and get everything back on track but I can't find anything at all wrong on my comp. Thanks :)
 


I've tried AVG-Antivirus, Malware Byte's Antimalware, CCleaner, and Spybot Search & Destroy. I've used them all in normal mode and safe mode. I've turned off system restore. I've looked in Run->MSconfig->Proccesses and disabled everything that wasn't a microsoft service.

I've done everything I can think of and my internet just keeps timing out, plus all my websites are infected and listed as bad in google which is really pissing me off because it messes with my income. I have no problem purging every single file on my host and just reuploading everything but I can't even use my FTP w/o timing out...
 
Is it only http traffic your having issues with? (you mention you can't access your FTP but not sure if that was related) What about messengers/torrents/etc? Try pinging a website that won't load next time it happens, if you get a response then its worth trying another browser.

Out of interest, what do you have on your websites that makes Google decide they are harmful? Hasn't happened to me yet but the levels of my shadyness seem to be rising..

EDIT: My bad, read your second post and I see the FTP problem is related. Is there another PC in your house you can use to test it on? If your using wireless right now you could try an ethernet connection - if G and N routers are in signal of each other it is known to cause problems, plus there could be other "new" interference in range aswell.
 
MyOwnDemon said:
I've tried AVG-Antivirus, Malware Byte's Antimalware, CCleaner, and Spybot Search & Destroy. I've used them all in normal mode and safe mode. I've turned off system restore. I've looked in Run->MSconfig->Proccesses and disabled everything that wasn't a microsoft service.
Click to expand...
I am not an expert but I suggest you scan your system with Kaspersky (Or even Nod32 for faster scan, Both offer trial versions I guess, at least Nod32) to find out if your system is infected or not.

BTW, Did you recently install any new software? You could try comparing the date of the start of the problem and the date of the software installation, and then uninstall any software program you think is causing the trouble.
 
Try removing all the pedo photos. Once they're gone, the FBI's tracer won't run any more and your PC will be good as new!
 
Wireless is turned off and password changed. Thats one of the first things I did. I thought maybe my new neighbors might be leeching, but they're not. It's been turned off for days and still running slow.

Both http and ftp running like shit. AIM seems to be working for the moment, not sure how long it will stay up. I'm thinking I might have gotten infected with a backdoor dialer or something thats hogging my connection, but no idea how to check for this? I'm guessing there might be a run -> cmd command I can use?

CitizenSmig - There was an iframe on some of my websites from some .cn site, that was most liking infecting people with malware. I am checking my sites 1 by 1, but as of right now I can't get into my ftp.
 
MyOwnDemon said:
Both http and ftp running like shit. AIM seems to be working for the moment, not sure how long it will stay up. I'm thinking I might have gotten infected with a backdoor dialer or something thats hogging my connection, but no idea how to check for this? I'm guessing there might be a run -> cmd command I can use?
.
Click to expand...

Try closing anything that may use any bandwidth at all and use ' netstat -a -f' in command prompt, that will show you any active connections. If that doesn't help you could download Wireshark (i think it was called, please correct me if I'm wrong) which monitors all connection data within a GUI environment.
 
Maybe it is just me, but I am a big fan of reformatting whenever I get these kinds of things. I have seen malware that will crawl your computer and replace links in html files or auto "bundle" itself with exe files on your machine. Not to mention usb speaders.. Also ftp is not in any way shape or form secure, passwords are sent in plain text and many ftp clients store usernames/passwords in plain text format.
 
Since my ftp is shot, I called my host to see if they would purge my files from their end and they said they won't, even after I verified all my information. 1and1 has the absolute worst customer service in fucking existence. This is not the first time I've had my sites on their hosting hacked. I'm never, ever using them again. Period. I've started the cancellation.

It appears the hackers got in through wordpress, and from there proceeded to infect all my sites. So, now I'm screwed in google. My sites are listed as malicious, and business is now going in the shitter since my business design site is listed as bad.

Who needs a drink?
 
I was facing a similar situation in the past too. Turned out to be a DNS issue. Call your ISP and ask them to look into it ASAP. Threaten to break their bones if they don't..DICKROLL THEM IF THEY REFUSE TO COMPLY!
 
Status
Not open for further replies.
Top Bottom
Back