Program Alteration?

Discussion in 'other security issues & news' started by victory1995, Feb 13, 2009.

Thread Status:
Not open for further replies.
  1. victory1995

    victory1995 Registered Member

    Joined:
    Feb 10, 2009
    Posts:
    10
    Sometimes my anti-virus has asks to allow or deny an application that has been altered. When I click more info it says something about this:
    HOOKID0000000E and it says that its trying to hook onto something. What should I do?
     
  2. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.
    A little more info would be helpful.

    Your operating system. Anti-virus. An example of the program attempting to create the hook.
     
  3. victory1995

    victory1995 Registered Member

    Joined:
    Feb 10, 2009
    Posts:
    10
    My anti-virus is Shaw Secure.
    It says: "Attempt to write into the memory of another process by installing a global Windows messaging hook."
    Data: Hook ID 0000000E
    It's happening to EVERYTHING and it very noticibly started like a month ago. It happened the moment I tried to open ANYTHING and it added the hook without my permission. (Some of the other hooks were A,B,C,D, etc at the end)
    The risk score it displays is 0/100 (but I think my anti-virus is pretty bad).

    Oh and this started to happened awhile after my hacker friend was playing with my computer without me watching him for about 40minutes.
     
  4. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.

    With that little bit of information I would suggest a format and fresh install.

    Password protect it.

    Never let your friend(?) near it again.
     
  5. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,787
    Yeah, just reformat. With friends like that, who needs enemies eh? :eek:
     
  6. victory1995

    victory1995 Registered Member

    Joined:
    Feb 10, 2009
    Posts:
    10
    How do I reformat my computer? XD I'm a computer nub and I've already password protected it.
     
  7. victory1995

    victory1995 Registered Member

    Joined:
    Feb 10, 2009
    Posts:
    10
    XD How do I reformat? I already have it password protected.
    My system is Windows XP Proffesional.
     
  8. victory1995

    victory1995 Registered Member

    Joined:
    Feb 10, 2009
    Posts:
    10
    Nevermind. I just googled it. I don't wanna reformat my computer. Is there any other way? When my firend was playing, as i barged in, he was on a hacking website, it looked like a forum.
     
  9. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.
    Depending on your type of PC it may have a hidden recovery partition. You will have the option to hit a certain key(s) when you first turn the computer on. Follow the on screen prompts.

    Or you may have restore CDs. Start up the computer with the disk #1 in the drive. Unless the BIOS have been changed it should boot from the CD. Follow the on screen prompts to do a new install.

    Or you have an XP CD. Place it in the drive an boot it same as above.

    This will wipe out any saved information you have placed on the computer since you got it. Pics, music, etc. You should back them up prior to doing any of the above mentioned steps.
     
  10. victory1995

    victory1995 Registered Member

    Joined:
    Feb 10, 2009
    Posts:
    10
    Isn't there anything else I can do? Because I'm not the only one using them computer and they will be very pissed at me if i decide to reformat.
     
  11. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.
    You can run scans with several well known reputable Anti-spyware\anti-virus applications. Several good ones are mentioned here on the forums.

    Depending on the talent of your "hacker friend" they may or may not do the job.
     
  12. victory1995

    victory1995 Registered Member

    Joined:
    Feb 10, 2009
    Posts:
    10
    What does the hook do? What is the worst that could happen? Could my computer crash, be keylogged, be weak to all malware,viruses, and spyware or what?
    EDIT: Suddenly wwhen I was scanning today, the files scanned count went from 11k to 3k. Is this because of the hook? And would system restoring to a farther back date work?
     
    Last edited: Feb 16, 2009
  13. victory1995

    victory1995 Registered Member

    Joined:
    Feb 10, 2009
    Posts:
    10
  14. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.
    Yes. All of the above are possible.



    Only 11k? Are you doing a full scan? With what?
     
  15. victory1995

    victory1995 Registered Member

    Joined:
    Feb 10, 2009
    Posts:
    10
    The scan was nowhere near done and it was a full computer scan. I find it weid that a couple months ago, the scan found 200k files, but now it only finds 60k.I'm using Shaw Secure (The one that comes with the internet.)
     
  16. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.
    Not at all familiar with that AV.

    Have you tried scans with any other programs? In particular Anti-spyware scanners. Many good recommendations can be found in the Forums.

    There is no magic wand = quick fix.

    My suggestion is to have all users of the PC back-up their important data then do a fresh install. They may all be at risk.
     
  17. victory1995

    victory1995 Registered Member

    Joined:
    Feb 10, 2009
    Posts:
    10
    Would using system recovery help?
     
  18. colinp

    colinp Registered Member

    Joined:
    Feb 9, 2008
    Posts:
    41
    The OP uses Shaw cable, in Western Canada I believe, for his internet. Shaw Secure is a re-branded F-Secure.
    From the EULA
    "In order that Shaw may provide you this additional service Shaw has arranged for F-Secure to license to you use of their software."

    Colin
     
Loading...
Thread Status:
Not open for further replies.