PDA

View Full Version : Some-one help About 17 people are hacking MY PC!!??


200 ponies
17 Jul 2006, 21:36
I all started about last week... There i was came home from school, i sat infront on the computer and check my virus scanner. (which i hardly do :( ) and it had a "backdoor passage" so people can easily get onto my pc, and about 17 were hacking it!!! Please someone help!

Kelster23
17 Jul 2006, 21:49
Try putting up a firewall... I don't know, I've never even heard of a 'backdoor passage'.

AndrewTaylor
17 Jul 2006, 22:30
I've never even heard of a 'backdoor passage'.
It's a trojan, usually, which opens a port on your computer and listens. People can connect to it much as they'd connect to an online game or something you hosted, only it gives them rather more power once they do.

If you can find it, delete it. The virus scan ought to be able to tell you where it is or even delete it for you.

evilworm2
18 Jul 2006, 01:40
Donīt do anything suggested before but reinstall your OS. You never know...

MtlAngelus
18 Jul 2006, 04:30
Unplug the network cable, delete the file, run another scan, and if things still get nasty, re-install OS.

bonz
18 Jul 2006, 07:06
a "backdoor passage" [...] 17 were hacking
Hmm...
Could it be that the galleon full of beer has already been emptied and now the teamsters are searching for more?

WormOfFire
18 Jul 2006, 09:00
Hmm...
Could it be that the galleon full of beer has already been emptied and now the teamsters are searching for more?
You're still using this joke with beer don't you,but that's fun though...heh

Alien King
18 Jul 2006, 09:08
Donīt do anything suggested before but reinstall your OS. You never know...

No. Do not do that until you have tried everything else.

Locate and (if possible) delete the file. If you can't delete it, turn your PC off, unplug the network cable and boot into safe mode. Find it again and delete.

If it still keeps coming back, search your computer for any files created in the last xdays (depending when you first got the problem). Check through the results and inspect any suspicious results. Then delete it.


Hmm...
Could it be that the galleon full of beer has already been emptied and now the teamsters are searching for more?

*runs away carrying beer barrel*

MrBunsy
18 Jul 2006, 09:27
Unplug the network cable
I'd like to place emphasis on this. If hardware doesn't allow internet access, software can't do squat. You can almost certainly fix it off-line.

Plasma
18 Jul 2006, 12:21
Donīt do anything suggested before but reinstall your OS. You never know...
That should really be the last thing to do!

Star Worms
18 Jul 2006, 12:28
Indeed - unplug the network cable first. No internet connection means they can't use your pc. Failing that, get BT wireless broadband:rolleyes:

Cyclaws
18 Jul 2006, 15:06
If you're in need of Antivirus software you can get Avast Home Edition (http://www.avast.com/) for free. If you're worried about going online, I suggest downloading it from a library or friend.

After you've got it sorted, keep Avast (or any alternative so long as it's good), and make sure you have a firewall and that it's up to date.

200 ponies
18 Jul 2006, 16:52
If you're in need of Antivirus software you can get Avast Home Edition (http://www.avast.com/) for free. If you're worried about going online, I suggest downloading it from a library or friend.

After you've got it sorted, keep Avast (or any alternative so long as it's good), and make sure you have a firewall and that it's up to date.
cheerz hope it'll help

bonz
18 Jul 2006, 18:19
I use this: http://free.grisoft.com/doc/1
(As I have seen, they also have an antispyware tool now.)

I also suggest these:
http://www.safer-networking.org
http://www.lavasoftusa.com

Scan your computer thoroughly with the latest versions and set up a software firewall.
(e.g. http://www.zonelabs.com)

Then go update your Windows OS with the latest service pack and/or hotfixes.

evilworm2
19 Jul 2006, 16:19
Guys.

If someone is able to install a backdoor on your computer he/she is able to do more things not so obvious. Call me a paranoid but reinstalling the OS is the best thing you can do in this case. There a rootkits that can never be found by any 'security software' since they are manipulating your OS in a way that this kind of software can not detect it because your OS prevents it from detecting it.

Removing:
There is a body of opinion that holds this to be forbiddingly impractical. Even if the nature and composition of a rootkit is known, the time and effort of a system administrator with the necessary skills or experience would be better spent re-installing the operating system from scratch. "I suppose traditional rootkits could be made to be as hard to remove as possible even when found, but I doubt this is much incentive for that, because the typical reaction of an experienced sysadmin on finding a rooted system is to save the data files, then reformat. This is so even if the rootkit is very well known and can be removed 100%."

http://en.wikipedia.org/wiki/Rootkit

Alien King, Plasma and Starworms please read this article, think about it and never post this crap again.

Cyclaws
19 Jul 2006, 16:37
When someone is able to install a backdor on your computer he/she is able to do more things not so obvious. Call me a paranoid but reinstalling the OS is the best thing you can do in this case. There a rootkits that can never be found by any 'security software' since they are manipulating your OS in a way that this kind of software can not detect it because your OS prevents it from detecting it.
I agree to an extent, however it is worth trying security software first, because if it does find and delete the problem, then the reinstall is a waste of time. For some people reinstalling an OS isn't something that can be done causually, backups need to be made, various disks need to be found. It's a lot easier to remove the problem.

evilworm2
19 Jul 2006, 16:41
It's a lot easier to remove the problem.

Not, if you donīt know the problem.

Cyclaws
19 Jul 2006, 16:42
Not, if you donīt know the problem.
But if you, or some security software does, walla! Gone in 5 minutes.

FutureWorm
19 Jul 2006, 16:42
Alien King, Plasma and Starworms please read this article, think about it and never post this crap again.
Them's fightin' words.

Especially considering how you've only been around for six months.

evilworm2
19 Jul 2006, 16:45
Them's fightin' words.
Especially considering how you've only been around for six months.

And? Maybe my knowledge of computer security is more substantiated than the one of 100 fellow forumers altogether. Whatīs the thing about the time i am hanging around here? Yes. you guessed it. There is no coherence.

FutureWorm
19 Jul 2006, 16:47
It doesn't excuse the fact that your post was hopelessly ignorant, and that you're picking fights with senior forumers.

Depending on the severity of the viruses, an OS reinstall might be necessary, but if a virus scan can take care of it then an OS wipe is unnecessary.

MrBunsy
19 Jul 2006, 16:48
And? Maybe my knowledge of computer security is more substantiated than the one of 100 fellow forumers altogether. Whatīs the thing about the time i am hanging around here? Yes. you guessed it. There is no coherence.
What makes you think it's a root kit anyway?

FutureWorm
19 Jul 2006, 16:49
What makes you think it's a root kit anyway?
Oh yeah, I was wondering that too.

Alien King
19 Jul 2006, 16:49
Guys.

When someone is able to install a backdor on your computer he/she is able to do more things not so obvious. Call me a paranoid but reinstalling the OS is the best thing you can do in this case. There a rootkits that can never be found by any 'security software' since they are manipulating your OS in a way that this kind of software can not detect it because your OS prevents it from detecting it.

There is a body of opinion that holds this to be forbiddingly impractical. Even if the nature and composition of a rootkit is known, the time and effort of a system administrator with the necessary skills or experience would be better spent re-installing the operating system from scratch. "I suppose traditional rootkits could be made to be as hard to remove as possible even when found, but I doubt this is much incentive for that, because the typical reaction of an experienced sysadmin on finding a rooted system is to save the data files, then reformat. This is so even if the rootkit is very well known and can be removed 100%."

http://en.wikipedia.org/wiki/Rootkit

Alien King, Plasma and Starworms please read this article, think about it and never post this crap again.

An OS reinstall is not that easy. Especially if you need to do what Cyclaws has mentioned. I find that after an OS reinstall, the computer has a habit of slowing down, stuff doesn't load quite right. Drivers also need to be installed again. Often a complete format is needed to get everything working properly again, and that is really inconvinient.

The odds are the trojan hasn't altered your OS. I've never had any problem with these things and a OS reinstall has never been necessary for me because of these things. Wouldn't it be much easier to fix the problem without a reinstall using the suggested methods?

Evilworm, if an OS reinstall is what you always jump to, then quite often your wasting your time.

An OS reinstall is the last method of removing a problem (apart from a HDD format). If the suggested methods don't work and the problem persists, then you reinstall your OS.


And? Maybe my knowledge of computer security is more substantiated than the one of 100 fellow forumers altogether. Whatīs the thing about the time i am hanging around here? Yes. you guessed it. There is no coherence.

Not likely. But entirely possible depending on the 100 forumers you pick.

evilworm2
19 Jul 2006, 16:50
What makes you think it's a root kit anyway?

When someone is able to install a backdoor on your computer he/she is able to do more things not so obvious.

FutureWorm
19 Jul 2006, 16:51
And why couldn't it just be a trojan?

MrBunsy
19 Jul 2006, 16:51
When someone is able to install a backdoor on your computer he/she is able to do more things not so obvious.
Pffft. Yes, but I don't think it would be the same guy who let his virus get detected.

evilworm2
19 Jul 2006, 16:52
Pffft. Yes, but I don't think it would be the same guy who let his virus get detected.

Gamesmanship?

Alien King
19 Jul 2006, 16:53
Gamesmanship?

What? If it means what I think, then no.

MrBunsy
19 Jul 2006, 16:55
What does it mean?

Alien King
19 Jul 2006, 16:56
What does it mean?

I think it means that he's trying to give the person some sort of chance, or let them believe they have a chance. That isn't actually explained very well or not very accurate. I need time for that.

evilworm2
19 Jul 2006, 16:57
It doesn't excuse the fact that your post was hopelessly ignorant, and that you're picking fights with senior forumers.

Ignorant? Why? And i never wanted to pick a fight with any of the guys here.
I am peaceful. ;)

Depending on the severity of the viruses, an OS reinstall might be necessary, but if a virus scan can take care of it then an OS wipe is unnecessary.

It may remove the virus, but not the other malicious software which probably was installed too.

Alien King
19 Jul 2006, 17:01
Ignorant? Why? And i never wanted to pick a fight with any of the guys here.

You answer that.
Alien King, Plasma and Starworms please read this article, think about it and never post this crap again.


It may remove the virus, but not the other malicious software which probably was installed too.

Do you read the other suggestions? http://forum.team17.co.uk/showpost.php?p=516074&postcount=8
search your computer for any files created in the last xdays (depending when you first got the problem). Check through the results and inspect any suspicious results. Then delete it.

And, if it still doesn't work, then you reinstall the OS.
An OS reinstall and format are your last resort. Never your first.

MrBunsy
19 Jul 2006, 17:02
Theres quite a high chance there isn't a root kit, so there's nothing lost by trying to remove the virus. If you do succeed, you've saved yourself the bother of re-installing your OS.

200 ponies
19 Jul 2006, 17:05
They took over completely now so i had 2 reload my whole pc this is a lesson i wont forget (if u dont have an antivirus your pc is doomed)

Alien King
19 Jul 2006, 17:06
They took over completely now so i had 2 reload my whole pc this is a lesson i wont forget (if u dont have an antivirus your pc is doomed)

Did you try any of the suggested methods before that happend?

evilworm2
19 Jul 2006, 17:06
I said all i wanted to say. No more posts from me here.
And i recommend that all you guys read the wikipedia article (http://en.wikipedia.org/wiki/Rootkit) i was linking on in a previous post.

Take care!

MrBunsy
19 Jul 2006, 17:06
(if u dont have an antivirus your pc is doomed)Well, with a good firewall and spyware protection you're normally okay.

You did have a firewall right?

200 ponies
19 Jul 2006, 17:09
Well, with a good firewall and spyware protection you're normally okay.

You did have a firewall right?
i didnt then cuz i was stupid XD (wait i still am!)

Alien King
19 Jul 2006, 17:09
You did have a firewall right?

An essential piece of software. With a good firewall and virus checker you should be fine. Spyware and Adware scanners are also useful.

MrBunsy
19 Jul 2006, 17:12
An essential piece of software.Hardware's better ;)

Personnally, I'd rank spyware as more of a pest to your average user as a virus these days. Purely my own speculation and experience though.

Cyclaws
19 Jul 2006, 17:14
i didnt then cuz i was stupid XD (wait i still am!)

If you're using Windows XP, at least have the XP Service Pack 2 firewall enabled. If you don't have XP, I suggest ZoneAlarm. (http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp?dc=12bms&ctry=US&lang=en&lid=dbtopnav_zass)

Get yourself the Anti-Virus I suggest earlier, too.

EDIT: Common sense is also very good. If you think a website is likely to have viruses, don't visit it. Don't get me wrong though, I know it's not usually obvious which sites do and don't have viruses.

Alien King
19 Jul 2006, 17:14
Hardware's better ;)

Personnally, I'd rank spyware as more of a pest to your average user as a virus these days. Purely my own speculation and experience though.

Which is why it's good to get rid of it. Pests are irritating, therefore you remove them.

I have a router, which acts enough like a firewall for me not to bother turning mine on. I probably should turn it on, but it gets to be irritating.

MrBunsy
19 Jul 2006, 17:17
ZoneAlarm. (http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp?dc=12bms&ctry=US&lang=en&lid=dbtopnav_zass)*shudder* It's mildly better than Norton, but I'd never recommend zonealarm.

Iguana
19 Jul 2006, 18:42
Especially considering how you've only been around for six months.
Yeah, I bet the amount of time spent on the forum is a perfect indicator of someone's usefulness and intelligence.
It doesn't excuse the fact that your post was hopelessly ignorant, and that you're picking fights with senior forumers. "picking fights" on the internet is always stupid, regardless of the user's post count and join date. Now, I'm not taking sides here, but whether "evilworm2" was right or wrong, I really can't stand such elitism.

Now so this won't be completely offtopic. Hell, if all fails, backup some of your vital files and just format + reinstall your OS. I don't really know much about this.

Liketyspli
19 Jul 2006, 21:09
1. Get Hitman Pro
2. Run Hitman Pro
3. Disconnect from Internet
4. Run Hitman Pro again.
5. Run Virus Scanner.

Doesnt work? then theres only one option left: Format.

Cyclaws
19 Jul 2006, 22:07
1. Get Hitman Pro
2. Run Hitman Pro
3. Disconnect from Internet
4. Run Hitman Pro again.
5. Run Virus Scanner.

Doesnt work? then theres only one option left: Format.
Or, if possible, find the file and delete it.

Alien King
19 Jul 2006, 22:15
Doesnt work? then theres only one option left: Format.

It would be so nice if people just read through the thread.

pilot62
19 Jul 2006, 23:17
Here here!

You could always try to get rid of whatever it is in the registry. Last time I had a virus there were loads of new registry enries with names like 'disable installation warning' and the like. They weren't got rid of even after the files had been deleted.

You'd need to be careful though, because one slp and your buggered.

Pickleworm
20 Jul 2006, 04:10
Most of the posts in this thread have merit... you should be making backups of irreplaceable/hard to replace data on a regular basis (such as school/work things, game saves. I wasn't doing this and had a hard-drive failure and it sucked), but will come in handy if something like this happens.

The first step, unless you are running on a work computer or something that absolutlely has to remain completley secure, would probably be to run a virus/spyware scan and see if that assists in any way. If it doesn't, then reinstall the OS. If it happens to fix anything, continue cautiously using your computer for a month or two, and see if you notice and symptoms of the problem returning. If the problem wasn't fixed, then you should re-install your OS (with all your lovely backups that you have been meticulously keeping).

I know I'm basically regurgitating what has already been said, but I'm trying to keep the helpful post/spam ratio up there.

Always remember: Team17 is a place for friends : )

AndrewTaylor
20 Jul 2006, 19:56
Hardware's better ;)

Personnally, I'd rank spyware as more of a pest to your average user as a virus these days. Purely my own speculation and experience though.
Viruses tend to be more of a hassle to other people -- they're often responsible for spam.

MrBunsy
20 Jul 2006, 21:12
That's true, I'd forgotten about that.

wormthingy
21 Jul 2006, 12:21
erm.. how about this...
http://movies.apple.com/movies/us/apple/getamac_ads1/viruses_480x376.mov
just a little suggestion :p

and about deleting virusses...
i dont think looking for them manually will do you any good.. a virus can take any form, there are even little images of 1x1 pixels of a few bytes that format your harddisk.. i would suggest using a virus scanner like AVG, and not to use the usual search tool in windows.

oh and by the way, do you happen to have the ip adresses of thjose who tried to hack you, i have had some experience with hacking my self..(our school server went "fizzzzz" got me 1 year of non-computer life :(...

Alien King
21 Jul 2006, 13:32
and about deleting virusses...
i dont think looking for them manually will do you any good.. a virus can take any form, there are even little images of 1x1 pixels of a few bytes that format your harddisk.. i would suggest using a virus scanner like AVG, and not to use the usual search tool in windows.

Wouldn't that image be a little bit strange?
The method of searching is used after you use the virus scanner (like AVG)but if the virus still keeps coming back.

wormthingy
21 Jul 2006, 17:52
then i'd say he's screwed!
good luck re-installing buddy :)

Alien King
21 Jul 2006, 18:01
then i'd say he's screwed!
good luck re-installing buddy :)

What ?

bonz
21 Jul 2006, 19:48
a virus can take any form, there are even little images of 1x1 pixels of a few bytes that format your harddisk
Turning on your file extensions can work miracles. :rolleyes:

MrBunsy
21 Jul 2006, 22:20
First thing I do when I use another computer - put the refresh rate up as high as possible and turn on file exentions. I can't beleive XP had them off as default!

Alien King
21 Jul 2006, 22:21
First thing I do when I use another computer - put the refresh rate up as high as possible and turn on file exentions. I can't beleive XP had them off as default!

It prevents idiots or people oblivious to such things from accidently removing the file extension when renaming files.

MrBunsy
21 Jul 2006, 22:22
It prevents idiots or people oblivious to such things from accidently removing the file extension when renaming files.
But it also makes viruses very easy to hide! Simply give an execuatble file the same icon as the default text file! Such idiots will mess up their computers anyway, screw 'em :)

bonz
21 Jul 2006, 22:26
First thing I do after setting up a WinXP system is using this:
http://www.xp-antispy.org

wormthingy
21 Jul 2006, 22:42
so that would mean most windows users are idiots or people oblivious... hm.. interesting

Turning on your file extensions can work miracles.
i am talking about a picture with an extension, as .png, a compression the whole thing.
not an .exe with the filename "blahblahblah.png.exe" nut "blahblahblah.png" a non executable.
when you open it you even see the little bugger. and while you open it it sends out a format command in the background. (another reason why winxp isnt very safely, it allows processes to hide from the user. like an app that calls to microsoft every once in a while)
it is pretty easy to build. there even are apps out there who can build those scripts into images for you

First thing I do after setting up a WinXP system is using this:
http://www.xp-antispy.org
lol! when i visited the first thing i saw was a little tux in the left bar, i quote: "feel free, linux"...
xp-antispyware :p