Jump to content
Sign in to follow this  
seremina

Hacker Attack!

Recommended Posts

seremina, while I think your Comodo fire wall and Xdrive Desktop are keeping this person at bay....are you able to see the IP# that is attacking you?

If you can (even if you can't), you need to report this attack to your ISP as soon as possible! They can monitor the attacks and help to get the person's computer off line.

 

I think you mean Comodo Firewall and DriveSentry. Xdrive is a virtual drive I use. The Desktop I have is Aston Shell. :)

 

How do I see the person's IP#? I'd love to know how, so I can write it down and have it reported to Cogeco. I can have Ian make the call for me since he can hear.

 

Law, okay. Thank you very much. I'll be back with any results I get. I hope I get SOMETHING to write down in my notebook. I'm in a fixy mood, go figure.

Share this post


Link to post
Share on other sites

I think you mean Comodo Firewall and DriveSentry.

Yes, that's what I meant :blushing:

 

I've never used either of those programs so I'm not sure how to you to look for an IP#, unless there is a 'log' viewer of some type.

Share this post


Link to post
Share on other sites

Yes, that's what I meant :blushing:

 

I've never used either of those programs so I'm not sure how to you to look for an IP#, unless there is a 'log' viewer of some type.

 

Both have logs. I just don't know what to look for in the logs. Heh. :huh: I'm just as embarrassed as you are.

Share this post


Link to post
Share on other sites

I'm glad you recieved help quicker than when they are overwhelmed. Do know essexboy lives in England, so responses may be somewhat out of syc.

You sure have difficulties when trying to run things, even HJT help programs, but I have seen that before. Sometimes the HJT cleaning take a lot of effort by both.

 

Hope you don't mind a interested lurker trying to learn.

Share this post


Link to post
Share on other sites

Seremina, I have a router, brand new in the box that is not wireless. To connect to it you need an ethernet cable running from it to your computer. I am going to send you a Personal Message, if you respond I'll ship the router to you. No charge. ;)

 

:geezer:

Share this post


Link to post
Share on other sites

Seremina, I have a router, brand new in the box that is not wireless. To connect to it you need an ethernet cable running from it to your computer. I am going to send you a Personal Message, if you respond I'll ship the router to you. No charge. ;)

 

:geezer:

 

:wub: Aww... I just don't know what to say, other than I'm crying. This is the nicest thing anybody's ever done for me. I've responded to you. Routers have come a long way... I had no idea they were capable of not being wireless anymore. My old router is this blue and black clunky Linksys Wiress-B 2.4 GHz 802.11b Broadband Router. Its got 4 ports. With all the trouble I had with this old thing, I had to use an antique hub that's got 20 ports.

Share this post


Link to post
Share on other sites

You're quite welcome hon'! It's just sitting here collecting dust in the box and I've already got it ready to send you. You will owe me nothing, just promise to use it. ;)

 

 

:geezer:

Share this post


Link to post
Share on other sites

As I said a router is suggested everywhere, pcpitstop is great help & will help you getting a router set up. A PM is getting serious help, they believe in. The pros are helping. It is now how difficult & time.

Share this post


Link to post
Share on other sites

You are very rude. I have stopped using a router because I kept getting pirated bandwidth. Its more insecure than my current setup! Even after encrypting the poo out of it, it was still insecure and pirated bandwidth resulted.

 

As for F5, that is the refresh function. F8 is the Safe Mode menu option. As I said, Windows REFUSES to go into Safe Mode.

 

I am starting to get angry but I will say nothing personally to you.

 

I tried this list of online scans, with their failures...

 

Bitdefender...requires IE. Cannot scan with it with Opera.

Panda...requires IE. Cannot scan with it with Opera.

Trendmicro HouseCall...requires IE. Cannot scan with it with Opera.

Symantec...requires IE. Cannot scan with it with Opera.

 

I have already mentioned that the only browser that does not crash at this time, is Opera.

 

IE/Avant crashes.

Firefox crashes.

Flock crashes.

Opera doesn't.

 

 

Sorry it wasn't ment to be rude. It was just a suggestion that I thought would help the situation. Hope you are able to get the situation taken care of.

Share this post


Link to post
Share on other sites

You're quite welcome hon'! It's just sitting here collecting dust in the box and I've already got it ready to send you. You will owe me nothing, just promise to use it. ;)

:geezer:

 

I will use it; don't worry. I have no reason to avoid using it since its not wireless. Its the wireless part that was causing piracy problems with my old router. How many ports does it have? I'm so excited about it I kinda wish it could appear in front of me out of thin air! [giggles]

 

Law,

 

I'm glad you guys would help me set up the router. I'm also glad I'm getting help. Its soo nice to see the modem behaving more normally.

 

Shogan,

 

"Get a router and be done with it" sounds rude, though. Have you ever considered saying it differently? You could've even asked why I was avoiding using one. Apparently, I didn't know how much they updated over the years. My old router is probably a dinosaur and my hub is far worse. You should see this hub... its nearly the size of my desk! :blink: I never meant to be mean to you. I was just getting flustered and no matter what, I DO get easily offended. I've always been a sensitive gal.

 

Ruby,

 

I'm doing some safe free scans, besides my usual scans. I used A Squared and I couldn't believe what all it found. I had to go through the lis since there were so many false positives. But I did find some true positives and got rid of them. Superantispyware is one of those on my list that I'll be using. I have to put the installs on another hard drive just to have the room for them and so they won't be touched by the main hard drive's goonies from the hacker. Regardless, though, there's SOME scans that won't work due to the damage done.

 

The intrusions are continuing but now I'm not so sure they're trying to come IN. Ian looked the firewall log over and he thinks they're trying to go OUT. How is it possible for a hacker to make me constantly ping somewhere? Ian's helped me figure out our IP address, so through logic, we know what the two IP addresses are from the hacker. This is getting complicated. :mrsgreen: But yes, the computer is getting cleaner. Its just taking a while to clean it and to get it to behave completely normal. Its normalising very slowly. Heh. Its funny I have to use a roundabout way to get into my directory.

Share this post


Link to post
Share on other sites

Just to continue with the router thought,

 

I already TRIED the router route for YEARS and I'm fed up with it. Its NOT more secure. I've have less problems withOUT it than WITH it. I don't see how anybody can tell me its more secure. Furthermore, its impossible to disable the wireless off it. A router is ONLY for wireless connectivity!

Um,

 

Posted Image

Posted Image

 

Not only is it very easy to disable, it also has a very easy to use GUI. Quite contrary to your little rant above. Only reason I have a router with wireless capability (and disabled) is that the price was right when I bought it. And the comment about a router is "only for wireless", please tell me what all of these are,

 

http://www.newegg.com/Store/SubCategory.as...e=Wired-Routers

 

As for fixing your problem, Bruce's advice was the best. Backup what you need and reformat and re0install everything. Things don't just up and relocate themselves, someone has to have done it. In this case I wouldn't even be attempting to "fix" it, I would have already done a complete re-install.

Share this post


Link to post
Share on other sites

Just to continue with the router thought,

Um,

 

Posted Image

Posted Image

 

Not only is it very easy to disable, it also has a very easy to use GUI. Quite contrary to your little rant above. Only reason I have a router with wireless capability (and disabled) is that the price was right when I bought it.

 

As for fixing your problem, Bruce's advice was the best. Backup what you need and reformat and re0install everything. Things don't just up and relocate themselves, someone has to have done it. In this case I wouldn't even be attempting to "fix" it, I would have already done a complete re-install.

 

Umm...trying to prove me wrong when I know what I'm talking about, is not exactly polite. My router is so old, it does NOT have a GUI. You have to configure it using a DOS-like shell thingie and the code doesn't look like DOS. My tech friend had to deal with it and I've watched him work with interest. A friend here is getting me a new non-wireless router so I have a proper one. So please be nice and stop acting like a bad cop. It really wasn't necessary. :)

 

For the moment, guys, I'm stuck. The "This is not a Win32 application" message no longer just shows up on my F drive. Now it shows up on C. So now I can't install nor start any other scans. I'm still trying, though. I'd rather the reformat be last resort because I want time to backup everything...which'll require buying a USB hard drive. I can't afford that either but Ian's going to ask for his vacation pay instead of taking a vacation, just so we can afford the USB hard drive. He's as scared as I am about having to reformat. He's also fed up with Windows. When we do the reformat, he just wants Ubuntu Linux on here. I don't blame him. [sighs] I'm not flustered, but sure am disheartened. This has been my roughest week to date.

Share this post


Link to post
Share on other sites

I'd rather the reformat be last resort because I want time to backup everything..

No time like the present. I wouldn't even allow that computer to be connected to the internet. I certainly hope you haven't done any online banking or such since this started. If you have I would be getting on the phone with all concerned parties, and getting any and all card numbers/passwords/etc changed immediately.

 

which'll require buying a USB hard drive. I can't afford that either but Ian's going to ask for his vacation pay instead of taking a vacation, just so we can afford the USB hard drive.

Nice idea but if you have a cd/dvd burner, a stack of disks is a whole lot cheaper.

Share this post


Link to post
Share on other sites

No time like the present. I wouldn't even allow that computer to be connected to the internet. I certainly hope you haven't done any online banking or such since this started. If you have I would be getting on the phone with all concerned parties, and getting any and all card numbers/passwords/etc changed immediately.

Nice idea but if you have a cd/dvd burner, a stack of disks is a whole lot cheaper.

 

Why would the banking and passwords be a concern? We do banking, Paypaling, Ebaying, iOffering/Sales on iOffer, Neopeting, WoWing, Sword of the New World'ing, researching, studying, emailing, you get the idea. We do a LOT on this computer.

 

I appreciate a cheaper alternative, but how do you backup stuff onto CDs? Anything more than 700 MB and the Nero software complains. If we were to total up how much we have, I'd estimate it at 100+ GB. That's gonna take 100 or so discs even if I knew how! I mean... :blink: frightening.

Share this post


Link to post
Share on other sites

Why would the banking and passwords be a concern? We do banking, Paypaling, Ebaying, iOffering/Sales on iOffer, Neopeting, WoWing, Sword of the New World'ing, researching, studying, emailing, you get the idea. We do a LOT on this computer.

Based on some of the the things you have said, it sounds like whoever this person is, they have almost complete control over your computer. If this person does have that much control over your computer you can bet that by now he has all of your banking/Paypal/ebay information to make you life a living hell. Or have you not heard about identity theft? I think I would be very concerned.

 

I appreciate a cheaper alternative, but how do you backup stuff onto CDs? Anything more than 700 MB and the Nero software complains. If we were to total up how much we have, I'd estimate it at 100+ GB.

Then stop at 700MB. You don't say where the burner is also a dvd burner or not, if its not then a new burner and a stack of disks is still cheaper than a new external hard drive.

 

Might want to consider when you finally get this all cleaned up to either partition the hard drive (20-30GB for Windows and any apps that must go on C; and everything else on the other, and yes you can install programs to a partition other than the Windows one), or another hard drive just for stoarge purposes. That way if something like this happens again (or Windows decides to take a dump for whatever reason) then you only need to reformat and re-install Windows and any apps that were on C. Sure beats having to back up a couple of 100 GB of stuff.

Share this post


Link to post
Share on other sites

Based on some of the the things you have said, it sounds like whoever this person is, they have almost complete control over your computer. If this person does have that much control over your computer you can bet that by now he has all of your banking/Paypal/ebay information to make you life a living hell. Or have you not heard about identity theft? I think I would be very concerned.

Then stop at 700MB. You don't say where the burner is also a dvd burner or not, if its not then a new burner and a stack of disks is still cheaper than a new external hard drive.

 

Might want to consider when you finally get this all cleaned up to either partition the hard drive (20-30GB for Windows and any apps that must go on C; and everything else on the other, and yes you can install programs to a partition other than the Windows one), or another hard drive just for stoarge purposes. That way if something like this happens again (or Windows decides to take a dump for whatever reason) then you only need to reformat and re-install Windows and any apps that were on C. Sure beats having to back up a couple of 100 GB of stuff.

 

How do I check that this person might've invaded the banking/Paypal/Ebay stuff? I've heard of identity theft but I thought the loser had to get your information through you telling them or them spying on you at the library or spying on you at the bank, other physical stuff. How can identify theft happen on your computer? I assumed most identity theft is done physically, not on a computer nor online. I'm having a hard-enough time wrapping my head around the concept that this guy has any control over my computer.

 

The CD Burner is not a DVD Burner. DVD Burners weren't standard at the time we got this computer. I'm still cheesed off they didn't give us a Windows XP OS disc and a Windows XP Recover Disc and just stuck an emergency partition on the C drive, called D and put Windows XP stuff on it. From what I've been learning, though, you can't recover Windows XP through that route. Is that correct?

 

I like your idea. It would save us from having to put stuff on discs for next time, let alone an external hard drive. Though, wouldn't a partition be in as much danger as the rest of the drive? It seems like its common sense that that would happen but I appreciate the knowledge you're sharing.

Share this post


Link to post
Share on other sites

I've heard of identity theft but I thought the loser had to get your information through you telling them or them spying on you at the library or spying on you at the bank, other physical stuff. How can identify theft happen on your computer?

Google key logger. ;) You would be surprised how easy it is for someone to get that information.

 

I'm having a hard-enough time wrapping my head around the concept that this guy has any control over my computer.

Unless it is someone you know, the average joe just doesn't get DDoS attacks. And botnet (Google that one too) have better things to do than worry about one computer disappearing from their network.

Share this post


Link to post
Share on other sites

Google key logger. ;) You would be surprised how easy it is for someone to get that information.

Unless it is someone you know, the average joe just doesn't get DDoS attacks. And botnet (Google that one too) have better things to do than worry about one computer disappearing from their network.

 

Thank you. I'll look up the information and get started on backups. This is gonna be grueling. I'm fortunate the firewall is keeping me alive on the internet and I hope its keeping the idiot out long enough for me to get all this done. I can't believe how much harder it is to do scans and stuff now. I can't even play my Duck Doom Deluxe game to take my frustration out on some flying ducks.

 

I've traced the two IPs but the location sometimes changes depending on which site I use to look them/him up. I'm waiting for Ian to get home; he'll have the two IPs reported. I'm gonna hate to give him bad news about the reformat... I was hoping to get to save the computer so I could avoid all that. I'll have to wait until after his company's Christmas party [tonight] is over to give him the bad news. I don't want his mood spoiled for the party.

 

Thanks, everyone. Keep the replies coming. I need all the encouragement and strength I can get.

Share this post


Link to post
Share on other sites

I'm fortunate the firewall is keeping me alive on the internet

Might want to take a real good look at your firewall logs and make sure that there isn't any unwanted outbound traffic.

Share this post


Link to post
Share on other sites

Might want to take a real good look at your firewall logs and make sure that there isn't any unwanted outbound traffic.

 

Just the outbound intrusions. I thought of something...I input the two IP addresses for permanent blocking rather than just them being denied and now the intrusions have stopped. I don't know why I didn't think of that earlier. I wonder if this means some of the trouble is gone?

Share this post


Link to post
Share on other sites

Just the outbound intrusions. I thought of something...I input the two IP addresses for permanent blocking rather than just them being denied and now the intrusions have stopped. I don't know why I didn't think of that earlier. I wonder if this means some of the trouble is gone?

 

I'm back. Finally. Here's what happened thus far...

 

I have my internet back because the ISP changed their policies and no longer allow up to 10 people to be connected to one modem unless they all live in the same apartment. So now the other tenants will have to get their own Internet service and modem through Cogeco. What a hassle. Ugh. In any case, now that I'm online, I can run practically anything from the Ubuntu Linux LiveCD... but there are some issues.

 

1. I can't seem to run the Virus Scanner that's offered by Ubuntu unless I'm root. Whatever that means.

 

2. Java has an issue, even when I'm using Firefox here on Ubuntu. This version of Firefox is 2.06, which I don't like...already had to whitelist Trend Micro Housecall and its still going nowhere...

 

3. I switched from the Aston Shell to the Explorer Shell so I could move some stuff and apparently I should've just done the move with Ubuntu...'cause now nothing in Windows works. It just says "____ is not a Win32 application" regardless of what I double-click on. Ugh. Is there a way for me to swap the shells manually? If so, what files do I swap?

 

4. I'm backing up stuff and I borrowed a WinXP CD from a friend. It looks like I may have to do a Repair Install. When I insert the disc, is the Repair Install [not formatting anything yet] obvious, or weirdly named?

 

I can't think of anymore questions. I'll be patiently waiting and responding as often as I can. There's not much I can do unless I can find scanners that don't require me to be root and don't require Java. I tried using Wine for running my Windows-based scanners but I can't seem to get Wine to work right. I'm confuzzled. :h3lp:

Share this post


Link to post
Share on other sites

So it does get a wee weird. Why do I press Enter instead of R when I want a repair install? I know the page is saying you get a repair install by pressing Enter, but the naming can certainly throw somebody off. I appreciate this tutorial. Makes it very simple and nothing gets formatted. Very nice! :clap: Yay!

Share this post


Link to post
Share on other sites

Sorry that I came in very late at this discussion. Heh... B)

 

I would not recommend a repair install of Windows XP, as it may not actually fix any problems that you are facing. Instead, perform a clean installation.

 

About backing up, you only need to set aside a small amount of space (say, 10 GiB) on your hard drive for installing Windows XP, so don't panic.

 

You will find this tool helpful: http://gparted-livecd.tuxfamily.org/

 

Part I - Shrinking the current partition

 

1. Download the disc image (gparted-livecd-0.3.4-11.iso) and burn it to a CD-R/CD-RW (since you have Nero you may use it to accomplish this).

2. Defragment your system drive (usually C:) if possible (you need at least 20% free space to defragment) before proceeding.

3. Insert the GParted LiveCD into your CD-ROM drive and restart the computer. Hit the Enter key to proceed where applicable.

4. In the GParted GUI, right click on the partition that you wish to shrink and select Resize/Move. You can identify the correct partition by looking at its size and free space information (it should be marked with a boot flag as well).

5. To shrink the partition by 10 GiB, subtract 1024 from the original size (in MiB) and enter the value in the New Size field. Click the Resize/Move button when you're done.

6. Click the Apply button to write the changes to disk. Confirm by clicking on Apply again.

7. Wait until the operation completes. Then, remove the CD from its drive. Click on the Power button. Select Reboot and click OK to restart the computer.

8. Windows will check the disk for errors before starting up. Do not cancel the operation.

 

Part II - Performing a clean installation of Windows

Notes:

1. Remember not to delete any partitions during the Windows XP Setup. Create a new partition using the unallocated space. Then, choose to install Windows XP onto the newly created partition.

2. Format the partition as NTFS. Do not choose the (Quick) option.

3. Write down your Windows XP Home Product Key on a piece of paper. You will need it during the latter part of the installation. You can obtain the Product Key from your COA sticker. (Warning: Do not make the mistake of using your friend's Product Key!)

4. Make sure that you're using the right type of media to install Windows XP. For example, never use a Retail disc for an OEM license. You can identify your license type by looking at the COA sticker.

1. When the disk check is complete, insert the Windows XP installation disc and restart the computer.

2. You may refer to this page for detailed instructions for performing a clean installation of Windows XP: http://www.winsupersite.com/showcase/windowsxp_sg_clean.asp

 

Phew, that was a very long post. :surrender:

I certainly hope it helps!

 

Edit:

 

Oops, you might want to resize the new partition after you've completed the installation. Moving the files and formatting the old partition... Setting the boot flag and restoring the bootloader on the new partition... That is all a lot of work. Heh...

 

My conclusion: Don't do it! It would be too much trouble =P

Edited by teohhanhui

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...