Very O.T. * Hackers n such

[todwic]

Sorry Moderators, but there are great many learned folks on this board, a lot of which know thier ways around a key board better than I know my own refrigerator, and I need some help.

Long story short: someone got angry at someone I know that uses my computer as much or more than I do. They have retaliated by either throwing a virus at me (Norten symtech sez no), or hacked thier loathsome way into the sanctity of my computer. My Email is sending mails that I didn't send (all of them about screen savers), I'm losing icons on my desktop, SDRAM is gone after I open up a couple of programs (256 + an add on RAM chip thingy = a bunch of them suckers), and a plethera of little things which add up to irk me to no end.

My questions

1. Hack or virus?
2. I D/L'ed the newest update for norton, if virus, now what?
3. If hacker, how do I get him out, and keep him out, and reverse damage?
4. How can I prevent this in the future?
5. Yes it's petty, but: How do I get even?

I'm a speedbump on the information superhighway, and know even less about computers. Please, any 411 will do.

Moderators, would you please let this hang for a couple of days before you move/delete it?

[justin]

Todd, sounds like somebody put a trojan into your system,get a firewall ASAP,and only connect to the internet when needed. Thats about all I can say. Zonealarm is free and makes a good firewall. If you gwt Zonealarm Pro it will cost you. Do a search on MSN.com for it

[adrian jaye]

Quote:

Originally posted by todwic

Bummer ! sorry to hear that.

My questions

1. Hack or virus?
2. 
   
   agree with previous reply, someones put on or you've exposed yourself to a trojan horse.
   
   I D/L'ed the newest update for norton, if virus, now what?
3. 
   
   ermmm, run it. ?
   
   I use Nortons 2002, it auto-updates itself, I never surf without it.
   saved me a lot of grief.
   
   well, if you've got a trojan (or other virus), you'll need to identify it and then clean it. running nortons "should" find it, unless its hiding somewhere, when you install Noronts it asks you to make an emergency disk (this is or should be virus free) booting from cold to such a floppy should in theroy find your virus.
   
   I'd still say that if you've got an update, that should find any stuff.
   
   failing that you "may" need to scratch and re-load your PC from scratch. this is the bit were you find you had'nt made any back-ups (been there dobne that)
   
   If hacker, how do I get him out, and keep him out, and reverse damage?
4. 
   
   another program which hackers use, is called "back orrifice", I have a link on my website and a dwownload of a trojan finder progra, which will look and clean your PC of such a program (go to my website and check the anti-virus pages - details in the signature)
   
   How can I prevent this in the future?
5. Yes it's petty, but: How do I get even?

I'm a speedbump on the information superhighway, and know even less about computers. Please, any 411 will do.

Moderators, would you please let this hang for a couple of days before you move/delete it?

again I'd agree with previous suggestion, Zonealarm is great and free

HTH

holla back if ya need to

laters

[/B]

[adrian jaye]

sorry website is

www.playback.demon.co.uk

[ImClueless]

ok, heres the scoop guy,

1. Its a virus. Uninstall norton. Reinstall it and update the virus definitions and run a scan. It will catch it.

2. Dont worry about a fire wall. Cost versus gain is very little. The number one way you can stop viruses is so simple , yet no one does it.

If you use XP, go to your networks. Right click on the network you use to connect to the internet (if your broadband it will most likely say LAN/INTERNET) after you right click. Click on the properties tag.

You will see some protocols with check marks next to them. Unclick the one that says "FILE and PRINTER SHARING FOR MICROSOFT NETWORKS"

Then reboot. That will stop 99 percent of viruses.. If you want to get this guy back. email me at lonelliott3@cox.net and we can discuss several methods from "a little mad" to "holy ****"

[ImClueless]

I am broad band connected. No firewall , run norton once a week and never had a virus. ANd i download probably 10 gigs of games and songs and **** a week. Im telling you, file sharing is how they get in...

[Scott R]

Firewall is an excellent idea; try "Sygate Pro" from Sygate technologies. Anyone one without one is asking to be attacked, or welcomes it. At least get it for the ability to track inbound and outbound connections from your machine. They are cheap an offer a piece of mind.

I would guess that you have one of the "glitch" virus series, here is a link to Trend Micro's site explaining how the "male ware" string of infections work.

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_GLITCH.A&VSect=T

I do this for a living, sorry to get to geeky on this forum. If you had a firewall log you could guess the time of entry and figure out from whom the payload was delivered, then it would be payback time.

[todwic]

Woman tells me that I can't put in a firewall because we have cable. Tho I think she may be full of excretal matter, I don't know enuff to say so. So how 'bout it?

[SoCal Driver]

What? Gesh all these years I've had cable and have been running firewalls you mean to tell me I can't????

DOES NOT COMPUTE!

[adrian jaye]

Todwic,
a couple of points

1> ues a firewall, there great, and can be used on cables. In fact would not use cable without one.

2> I use file sharing programs "kazahh" and had no problems what so ever

3> I use Nortons 2002, again its great, go with one of the earlier replies about uninstalling and then re-installing.

4> re-taliation: three words DONT DONT DONT, as its illegal, when you get found out, then you'll be in bigger isht, your ISP will dump you and as it breaks the terms of your TOS you could be caught and fined. If you know the prat thats done it and 100% proofed, then just name and shame the to55ser

hiope this helps

Ade

[overkill]

HA HA HA!!! Dude, it not a trojan. Dude, trojan is a program that SECRETLY keeps a port or two open on your machine that hacker can use to get into your machine hence the name a TROJAN HORSE! You plain out have an ugly virus. Those emails that it is sending out probably contains a replica of it's self so that when the person that gets the email runs it,... you guessed it! It disguises it self an email about screen savers,... why? Probably because "I love you!" was taken? Who ever is in your mailing list needs to know not to open these emails. If I were you I would try and gather as much info as possible then format your machine and start out clean. How do you prevent this from happening again? DONT LET ANYONE USE YOUR MACHINE!!! I have been using a cable modem for the LONGEST time WITHOUT a firewall or any security messures what so ever and I have NEVER had any problems! All those antivirus programs that display info about hackers that potentially tried to hack you,... dont you think the programers may have done that on purpose to maybe make you think that your trying to be hacked so you continue to use their software? I mean if you checked on it every so often and saw no attempts, wouldnt you ask yourself,... "what the hell am I using the software if no even tries to hack me?". Dude, your computer is the very tip of a needle IN DUMP TRUCK OF NEEDLES. The only way he could even get to your computer is through your IP and Im pretty sure your friend didnt hand it over. Most ISP's have dynamic IP's anyway so even if he did find it he only has a certain period of time before it changes and loses your PC IN A WORLD OF PC's!!! You can disconnect you modem periodically to force the ISP to give you a new IP seeing that some of them will let you keep your IP for up to a couple of days. If your friend is disrespecting you and your machine like that then kick him off.

[Kandid]

overkill is right, I have been using cable for a while without firewall and didn't had any problems whatsoever. My PC runs 24/7 and only time I almost got a virus is from email which Norton 2003 got right away. The other huge security hole is Internet Explorer, so try to use Opera. Unfortunately the only way to get the PC 100% clean of the viruses is to reformat it and reinstall OS. Anyway it’s a good thing to do every once in a while.

If you want to try to clean your machine up, do what ImClueless said uninstall – reinstall – update – scan the whole hard drive. Reboot, repeat. Try to connect to the Internet as little as possible, don’t open email program or web browser. Then get another antivirus like AVP and check with it as well (http://www.kaspersky.com/ one antivirus can’t get all the viruses). Then if everything is clean uninstall AVP. Check for programs that start with the system. Go to task manager and see if any of the processes have taken too much memory or processor time.

Firewalls are good if you are running some kind of web server or firewall guarding LAN but they don’t make any sense on home pc. Also if you have NT based system like NT4/Win2k/XP check that you don’t have IIS running which is a huge security hole as well. Might as well to convert to NTFS system if you haven’t done it yet.

[Goku]

If you think it's a virus, just goto housecall.antivirus.com It's a FREE online program from Trend Micro that will scan your computer. A lot of virus' now a days disable norton and McAfee first thing. I work for Dell and I'm pretty familiar with stuff like this. Also there is a good possibility about someone spoofing your email addy. But be safe and use housecall to double check

[Sternn]

Dude, you have the klez virus like someone said earlier. You can get it via email or p2p networks (been downloading MP3's lately ). Anyway, go to the Symantec website and read about it and download the removal tool.

http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.h@mm.html

And don't worry about a firewall on a dial-up - it will slow you down and besides, no one can hack a 56k connection without you noticing the huge drop in speed which would basically kill your connection. However, if you use XP turning on the built in firewall is different, since it doesn't use any resources but merely shuts off ports (in this case keeping you from spamming your friends).

Read the article, check the things they tell you to see if your infected (I'm guessing you are) and then download and run the removal tool. All done.

-Sternn (sr. Network Engineer/MCSE/Microsoft Beta Tester/Guy with a 944S)

[Sternn]

Oh, one thing, what is the exact email that is being sent? Can you get a friend who contacted you to send you a copy or read off the title and some of the body? There are a few other virii that have the same effect, and the exact strain can be isolated if you know the contents of the email payload. If you can tell me more about the email, I can tell you the exact virus you have and how to remove it.

-S

[todwic]

Quote:

Originally posted by FR Wilk
Todwic, the virus is not on your computer. Your email address is in the address book of the guy with the virus.

The virus picks 2 names from his address book. Sends the email to one guy while claiming it comes from the second guy. The guy with the virus is not even mentioned in the email.

I just had someone tell me I sent him the W32.Klez.H@mm Virus on an email account that was cancelled over 2 years ago. Neat trick....... The defunct email address is still in someone's address book.


FR Wilk
http://944dme.tripod.com
http://early944.tripod.com
________________________________________________
_

OMG. That is EXACTLY what has happened!!! The guy sent me a email, and I forwared it back to him with several choice words, some not so nice. (He called my wife the "C" word, among others. I'm planning a road trip to St. Luis this summer, consequently) And HE said I sent him the virus! Several correspondences were exchanged and I started getting returns from people that I haven't talked to in eons, telling me that I was a fag and other stuff. The messages my addy sent were things like "I've found love, where have you been?" and stuff. They all say that they have a screensaver to download, and wontcha please look at em. My mom tried to dl the savers and nothing happens. I emailed everyone on my list and tell them not to open any attch. from me, etc etc.

[todwic]

I went to Symatec and tried the virus check, but it won't run. I D/L'd the newest Norton, and it doesn't want to run on my machine. I'm gonna try the Kapersky thing, and Sternn, I could forward the email to you, I think I still have one. I really don't know what to look for, I drill holes in the ground and then fill them back up, my last computer was an abacus, and I eat wild animals. Hi tech is not my forte.

[Magnus_944]

Backup important data.
format HD
install windows, a firewall and a good antivirus program.
install all other programs.

//Magnus

[adrian jaye]

Quote:

Originally posted by Magnus_944
Backup important data.
format HD
install windows, a firewall and a good antivirus program.
install all other programs.

//Magnus

I'd agree with that BTW sternn, like your dancing lady icon KEWL !