|
|
13 Nov 2002, 09:34
|
#1
|
=Ž
Join Date: Oct 2000
Location: Canada
Posts: 252
|
hacker on my comp as we speak
*** Looking up 24.247.247.134
(DNS) Resolved 24.247.247.134 to 24.247.247.134.bay.mi.chartermi.net (24.247.247.134)
he sent in a trojan and was playing with my comp for awhile, now hes trying to DOS attack me (not working so far)
if anyone can help me protect myself or pay him back would be much appreciated
__________________
"Never fear, I is here"
|
|
|
13 Nov 2002, 09:37
|
#2
|
Good Son
Join Date: May 2001
Location: Finland
Posts: 3,991
|
I'm @ school atmo, so I cannot do anything for you, sorry.
Hopefully someone can. If you lived in Finland though, I could have the police dep. check on it (mommy works there, mommy mommy!), but I doubt you do.
__________________
"Oh, wretched race of a day, children of chance and misery, why do ye compel me to say to you what it were most expedient for you not to hear? What is best of all is for ever beyond your reach: not to be born, not to be, to be nothing. The second best for you, however, is soon to die". Silenus, tutor to Dionysos, speaking to King Midas.
|
|
|
13 Nov 2002, 09:38
|
#3
|
It was a Stupid Dream
Join Date: Jun 2002
Location: Winchester, UK
Posts: 2,077
|
Re: hacker on my comp as we speak
Quote:
Originally posted by Steve_G
*** Looking up 24.247.247.134
(DNS) Resolved 24.247.247.134 to 24.247.247.134.bay.mi.chartermi.net (24.247.247.134)
he sent in a trojan and was playing with my comp for awhile, now hes trying to DOS attack me (not working so far)
if anyone can help me protect myself or pay him back would be much appreciated
|
if your on windows NT/2000/XP
open up the command window
type "net send 24.247.247.134 you are an annoying prick and deserve to go to hell, i ****ed your mum 20 times last week, she likes it up the rear end"
or something similar
if they are on NT/2000/XP expect attacks to stop in the case they know they have been rumbled, or continue more vigerously if they like thier mum
and if they can read this
HELLO MR HACK0R!!
|
|
|
13 Nov 2002, 10:02
|
#4
|
Guest
|
Greetz hacky gitt0r
I seriously doubt anyone would bother hacking my Win 95 /6 years old/ 233Mhz Pentium 1 computer
|
|
|
13 Nov 2002, 10:07
|
#5
|
Guest
|
*chills out and gives all hax0rs the finger from behind nice, safe firewall*
|
|
|
13 Nov 2002, 10:30
|
#6
|
=Ž
Join Date: Oct 2000
Location: Canada
Posts: 252
|
im on a firewall tho, your not as safe as you think
funny thing is the guy deleted my firewall logs AFTER i already snagged his IP and spammed it around lol
__________________
"Never fear, I is here"
|
|
|
13 Nov 2002, 10:34
|
#7
|
Miles Teg
Join Date: Nov 2001
Location: Dom City
Posts: 5,192
|
his IP doesnt exist atm .. cant ping him with 5mb of data per second
|
|
|
13 Nov 2002, 10:35
|
#8
|
=Ž
Join Date: Oct 2000
Location: Canada
Posts: 252
|
btw im pretty sure its someone from PA
__________________
"Never fear, I is here"
|
|
|
13 Nov 2002, 10:37
|
#9
|
Miles Teg
Join Date: Nov 2001
Location: Dom City
Posts: 5,192
|
Quote:
Originally posted by Steve_G
btw im pretty sure its someone from PA
|
i dont really care but can you give me the correct IP ?
i will abuse my netconnection from teh uni
|
|
|
13 Nov 2002, 10:39
|
#10
|
=Ž
Join Date: Oct 2000
Location: Canada
Posts: 252
|
Quote:
Originally posted by Knight Theamion
i dont really care but can you give me the correct IP ?
i will abuse my netconnection from teh uni
|
that is the correct IP, hes used it to try and send me virus's for the last few days
obviously hes no longer connected
__________________
"Never fear, I is here"
|
|
|
13 Nov 2002, 10:44
|
#11
|
Guest
|
How can someone send you a trojan?
you must have been sily and clicked an attachment
|
|
|
13 Nov 2002, 10:46
|
#12
|
Child Eating Zombie Clown
Join Date: Apr 2001
Posts: 1,450
|
Or use outlook, which auto-open attachments.
What do YOU think?
__________________
Mirai - An Astral Being From Outer Space
Die You Bitch Minister of Insanity - "Timete Nostrum Piscem Furoris"
My fellow Americans, I'm pleased to tell you today that I've signed legislation that will outlaw Russia forever, we begin bombing in 5 minutes - President Ronald Reagan, in a radio check where he did not realize the microphone was on and the station broadcasting
|
|
|
13 Nov 2002, 10:47
|
#13
|
Registered User
Join Date: Jun 2000
Posts: 8,476
|
what makes you think youve been hacked?
|
|
|
13 Nov 2002, 10:49
|
#14
|
=Ž
Join Date: Oct 2000
Location: Canada
Posts: 252
|
Quote:
Originally posted by Nodrog
what makes you think youve been hacked?
|
someone closing my programs, opening up porn, playing with cd-rom drive, then opening a chat on my desktop with his name as master and mine as slave while he told me i was a fag
not to mention about 50 failed attempts that showed up on my firewall logs (until he deleted them)
enough?
__________________
"Never fear, I is here"
|
|
|
13 Nov 2002, 10:52
|
#15
|
=Ž
Join Date: Oct 2000
Location: Canada
Posts: 252
|
Quote:
Originally posted by ŠiSCoRPoRaTioN
How can someone send you a trojan?
you must have been sily and clicked an attachment
|
i didnt think it was possible either, but thats what it said on my firewall, im no expert so i was just repeating what it said
non cleanable virus found on kernal32.dll :/
__________________
"Never fear, I is here"
Last edited by Steve_G; 13 Nov 2002 at 10:59.
|
|
|
13 Nov 2002, 11:16
|
#16
|
Rawr rawr
Join Date: Dec 2000
Location: Upside down
Posts: 5,300
|
uninstal the TCP/IP stack in your network options!!!!
That will keep him at at bay!
__________________
"Yay"
|
|
|
13 Nov 2002, 11:20
|
#17
|
Angry Young Man
Join Date: Jul 2002
Location: Mister Cacciatore's down on Sullivan Street
Posts: 7,518
|
hackers really are fags.
__________________
Believe in me, cause i don't believe in anything
And i wanna be someone, to believe, to believe in
|
|
|
13 Nov 2002, 11:24
|
#18
|
Guest
|
Why don't you just unplug the goddamn modem, essentially severing his links over the internet with you?
|
|
|
13 Nov 2002, 11:30
|
#19
|
=Ž
Join Date: Oct 2000
Location: Canada
Posts: 252
|
Quote:
Originally posted by Ghosteh
Why don't you just unplug the goddamn modem, essentially severing his links over the internet with you?
|
i did, but im on a static IP and theres now a virus on my kernal32.dll :/
__________________
"Never fear, I is here"
|
|
|
13 Nov 2002, 11:35
|
#20
|
Guest
|
Any idea on what the virus does?
|
|
|
13 Nov 2002, 11:41
|
#21
|
Guest
|
Hurry! Call 911!
This seems to be a truly 1337 hackzor! He probably wants to steal your secret documents.
|
|
|
13 Nov 2002, 11:45
|
#22
|
Guest
|
Quote:
Originally posted by RiCo
He probably wants to steal your secret documents.
|
I know I would. I want to know the secret of Steve_G's leetness.
|
|
|
13 Nov 2002, 11:47
|
#23
|
It was a Stupid Dream
Join Date: Jun 2002
Location: Winchester, UK
Posts: 2,077
|
find out which port he is using
then block it
or tell me his IP and i will do the same bus **** around with his kernel
"OH NOES MEH 1337 HAX0RING MACHOINE WONT START UP!!!1122"
|
|
|
13 Nov 2002, 11:50
|
#24
|
Guest
|
Quote:
Originally posted by Starbucks
find out which port he is using
then block it
or tell me his IP and i will do the same bus **** around with his kernel
"OH NOES MEH 1337 HAX0RING MACHOINE WONT START UP!!!1122"
|
Steve doesn't know what a spoofer is
|
|
|
13 Nov 2002, 12:09
|
#25
|
Guest
|
Quote:
Originally posted by RiCo
|
If it isn't the old beta layabouts
I'm surprised you guys are still here, what with the last round of PA and all
|
|
|
13 Nov 2002, 13:38
|
#26
|
Pretend Faggot
Join Date: Apr 2002
Location: Illinois
Posts: 494
|
You weren't 'hacked', you were retarded and either:
a) ran a program some strange person or friend sent you
b) used outlook and downloaded attachments
c) yeah........
you can download virus software too you dense ****
try to be less retarded next time k?
__________________
<^>
[ ripper ] I told u I was hardcore
|
|
|
13 Nov 2002, 13:39
|
#27
|
=Ž
Join Date: Oct 2000
Location: Canada
Posts: 252
|
i coulda downloaded something yes, anyone can
but thats not the point you ****en retard, the point is now i have a trojan on my kernel32.dll and dunno how the **** to get it off
__________________
"Never fear, I is here"
|
|
|
13 Nov 2002, 13:42
|
#28
|
Registered User
Join Date: Oct 2001
Location: England
Posts: 752
|
Format and reinstall.
__________________
<Bobzy> It's Jammers rockstargame kid
<Bobzy> Jammers is > the rest of GD/PA at it though.
|
|
|
13 Nov 2002, 13:44
|
#29
|
Registered User
Join Date: Jun 2000
Posts: 8,476
|
download a virus checker. Mcafee does a free one I think
www.mcafee.com
www.norton.com
etc
|
|
|
13 Nov 2002, 13:51
|
#30
|
=Ž
Join Date: Oct 2000
Location: Canada
Posts: 252
|
ive already used many checkers, the problem is it cant be cleaned cause the files always in use, when i tried to do a scan from boot disk the proggy i was given was out of date :/
cant replace the file with a clean version as its always in use etc
__________________
"Never fear, I is here"
|
|
|
13 Nov 2002, 13:57
|
#31
|
Forever Delayed
Join Date: Sep 2000
Location: www.netgamers.org
Posts: 1,475
|
Rule #1 When Your System Is Compromised
DISCONNECT
Turn off your modem, pull out your network cable.
Then close the holes.
Find out how they got in.
Posting "help I'm being backed" is quite, quite silly.
M.
__________________
Firefly Oper and General l4m3r - "I Do Stuff"
O2 Rip-off campaign
<vampy> plus i hate people ... i despise humanity as a whole
pablissimo "I'm still geting over the fact you just posted a pic of your own vomit"
|
|
|
13 Nov 2002, 13:58
|
#32
|
Pretend Faggot
Join Date: Apr 2002
Location: Illinois
Posts: 494
|
some people just shouldnt be allowed to use computers...... there would be lots less worm spreadage that way
__________________
<^>
[ ripper ] I told u I was hardcore
|
|
|
13 Nov 2002, 13:59
|
#33
|
Forever Delayed
Join Date: Sep 2000
Location: www.netgamers.org
Posts: 1,475
|
Quote:
Originally posted by Steve_G
but thats not the point you ****en retard
|
He's trying to help you. Don't be abusive, else people will cease to like you, and stop helping you.
M.
__________________
Firefly Oper and General l4m3r - "I Do Stuff"
O2 Rip-off campaign
<vampy> plus i hate people ... i despise humanity as a whole
pablissimo "I'm still geting over the fact you just posted a pic of your own vomit"
|
|
|
13 Nov 2002, 14:00
|
#34
|
=Ž
Join Date: Oct 2000
Location: Canada
Posts: 252
|
Re: Rule #1 When Your System Is Compromised
Quote:
Originally posted by Mong
DISCONNECT
Turn off your modem, pull out your network cable.
Then close the holes.
Find out how they got in.
Posting "help I'm being backed" is quite, quite silly.
M.
|
i did turn it off at the time, came on after i turned on firewall disabling all non used ports
__________________
"Never fear, I is here"
|
|
|
13 Nov 2002, 14:01
|
#35
|
Guest
|
remove you wee lil plug fromthe pc, boot up in DOS mode, or from a windows CD, then reisntall the entire bunch
oh, and
haha, yer fked
|
|
|
13 Nov 2002, 14:02
|
#36
|
=Ž
Join Date: Oct 2000
Location: Canada
Posts: 252
|
Quote:
Originally posted by Mong
He's trying to help you. Don't be abusive, else people will cease to like you, and stop helping you.
M.
|
how is calling me a retard trying to help me
hes done nothing productive this thread, so kindly get back on topic
__________________
"Never fear, I is here"
|
|
|
13 Nov 2002, 14:03
|
#37
|
=Ž
Join Date: Oct 2000
Location: Canada
Posts: 252
|
Quote:
Originally posted by meaple
some people just shouldnt be allowed to use computers...... there would be lots less worm spreadage that way
|
some poeple shouldnt be allowed to use computers just because the net would be better without there presence...well you disconnect yet? no..damn
__________________
"Never fear, I is here"
|
|
|
13 Nov 2002, 14:03
|
#38
|
Guest
|
Quote:
Originally posted by Steve_G
i did, but im on a static IP and theres now a virus on my kernal32.dll :/
|
ermm....is kernal32.dll a genuine system file ?
I would suggest deleteing the kernal32.dll.....unless you've made a typo several times. Kernel32.dll is the file you should be worried about.
|
|
|
13 Nov 2002, 14:11
|
#39
|
First Disciple of Aldur
Join Date: Jul 2000
Location: The Vale of Aldur
Posts: 1,470
|
Quote:
Originally posted by Cocaine
ermm....is kernal32.dll a genuine system file ?
I would suggest deleteing the kernal32.dll.....unless you've made a typo several times. Kernel32.dll is the file you should be worried about.
|
To clarify what Cocaine said: that file doesn't exist in a standard install of windows, hence, get rid of it.
__________________
Yeah.
|
|
|
13 Nov 2002, 14:19
|
#40
|
Forever Delayed
Join Date: Sep 2000
Location: www.netgamers.org
Posts: 1,475
|
Quote:
Originally posted by Steve_G
how is calling me a retard trying to help me
hes done nothing productive this thread, so kindly get back on topic
|
Ah, I missed his final "comment". He does make a point though - even if it is a bit offensive!
M.
__________________
Firefly Oper and General l4m3r - "I Do Stuff"
O2 Rip-off campaign
<vampy> plus i hate people ... i despise humanity as a whole
pablissimo "I'm still geting over the fact you just posted a pic of your own vomit"
|
|
|
13 Nov 2002, 14:21
|
#41
|
Good Son
Join Date: May 2001
Location: Finland
Posts: 3,991
|
Quote:
Originally posted by Belgarath The Sorcerer
To clarify what Cocaine said: that file doesn't exist in a standard install of windows, hence, get rid of it.
|
I think SG is trying to say kernel.
__________________
"Oh, wretched race of a day, children of chance and misery, why do ye compel me to say to you what it were most expedient for you not to hear? What is best of all is for ever beyond your reach: not to be born, not to be, to be nothing. The second best for you, however, is soon to die". Silenus, tutor to Dionysos, speaking to King Midas.
|
|
|
13 Nov 2002, 14:24
|
#42
|
Guest
|
Quote:
Originally posted by Tietäjä
I think SG is trying to say kernel.
|
we'll have to wait till it wakes up
|
|
|
13 Nov 2002, 14:31
|
#43
|
Guest
|
Quote:
Originally posted by Steve_G
i did, but im on a static IP and theres now a virus on my kernal32.dll :/
|
If you are shure it's kernal32.dll you can dump it, or to be on the safe side, rename it.
if it IS a system critical file you can rename it back. but I am 99% shure it's a name just made to look like a system critical file (Namely kernel32.dll which is quite important ).
When you've stopped the trojan from running in this way go get yourself a decent antivirus program.
There would be no need to format and reinstall if you act calm and in the right way.
- Rename the file when offline!
If your on a win9X machine use dos mode, not a dos box.
- If your on a win2K or XP machine boot from your install cd and use the command prompt from there.
In both cases, chances are the file will not be in use, so you will be able to rename it.
- Then get online again, and get a free trial for a well known anti virus company, McAffee and Norton come to mind as I have had excelent experiances at work with them.
- When you downloaded the file again go offline, just disconnect the cable or something so your shure you are not online.
Try to install the anti virus and do a FULL ALL FILES system scan, that might take a long while, but you'll need it to be shure it's not hiding any backup copy's of itself somewhere.
- I'm guessing you'll be fine from there on as the anti virus software will identify the virus. Write down the name and do a search for it on http://securityresponse.symantec.com.../vinfodb.html/
the virus database from the guys who build Norton anti virus.
Then follow there advice on what the virus does, and how you can be shure that it's gone.
Good luck
Greets Krewl
P.S. I see I wrote virus everywhere instead of trojan, but you'll get my point. (Just so all you l33t ppl outhere don't go flaimiing away cause off a small mistake. I'm to lazy to clean it up)
|
|
|
13 Nov 2002, 14:31
|
#44
|
Guest
|
Quote:
Originally posted by Iniluki
get to work you slob!
|
I am on my lunch break Idi
|
|
|
13 Nov 2002, 14:33
|
#45
|
First Disciple of Aldur
Join Date: Jul 2000
Location: The Vale of Aldur
Posts: 1,470
|
I think we could do with knowing what version of Windows Steve_G is running.
__________________
Yeah.
|
|
|
13 Nov 2002, 14:36
|
#46
|
=Ž
Join Date: Oct 2000
Location: Canada
Posts: 252
|
win xp
and it seems a trial version of norton 2003 did the trick when several other proggies and sites failed
THATS RIGHT IM NOW VIRUS FREE WEEHAA
thanks everyone for your help =)
__________________
"Never fear, I is here"
|
|
|
13 Nov 2002, 14:37
|
#47
|
Guest
|
Quote:
Originally posted by Steve_G
win xp
and it seems a trial version of norton 2003 did the trick when several other proggies and sites failed
THATS RIGHT IM NOW VIRUS FREE WEEHAA
thanks everyone for your help =)
|
just out of curiosity, was it kernal or kernel ?
|
|
|
13 Nov 2002, 14:38
|
#48
|
Guest
|
Quote:
Originally posted by Steve_G
win xp
and it seems a trial version of norton 2003 did the trick when several other proggies and sites failed
THATS RIGHT IM NOW VIRUS FREE WEEHAA
thanks everyone for your help =)
|
Or are you...
You'll never know for sure
|
|
|
13 Nov 2002, 14:41
|
#49
|
First Disciple of Aldur
Join Date: Jul 2000
Location: The Vale of Aldur
Posts: 1,470
|
Quote:
Originally posted by Steve_G
win xp
and it seems a trial version of norton 2003 did the trick when several other proggies and sites failed
|
That's good :=)
I suggest you go here: http://www.techspot.com/guides-os.shtml and have a read over the winxp guides, you may find it helps you secure your system, and even give it a little performance boost as well.
__________________
Yeah.
|
|
|
13 Nov 2002, 14:43
|
#50
|
=Ž
Join Date: Oct 2000
Location: Canada
Posts: 252
|
Quote:
Originally posted by Cocaine
just out of curiosity, was it kernal or kernel ?
|
kernel32.dll
i messed it up a bunch on these forums and other one, but they pointed out id better get the spelling straight, did there but apperently didnt here heh
__________________
"Never fear, I is here"
|
|
|
|
All times are GMT +1. The time now is 12:57.
| |