Overclock.net › Forums › Software, Programming and Coding › Networking & Security › How do i stop a hacker?
New Posts  All Forums:Forum Nav:

How do i stop a hacker? - Page 2

post #11 of 48
Go to Control Panel>System and Security>System. Then click advanced system settings. Go to the Remote tab and uncheck "Allow Remote Assistance connections to this computer" and click "Don't allow connections to this computer"

Hopefully this will help
post #12 of 48
Quote:
Originally Posted by SeanWebster View Post
Go to Control Panel>System and Security>System. Then click advanced system settings. Go to the Remote tab and uncheck "Allow Remote Assistance connections to this computer" and click "Don't allow connections to this computer"

Hopefully this will help
The attacker is not using RDP as the user can see what is going on, which is not the case with RDP.
It is more likely VNC.
Change the ports you allow connections on, check the logs, change all of the passwords and go ahead and reimage your computer...
For sale
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-920 Asus P6T Deluxe Asus GTX460 TOP 768mb G Skill ECO 1600 CAS7 1.35V 
Hard DriveOptical DriveOSMonitor
2x Vertex 60 GB raid[0] Asus DVDRW W7,Ubuntu 2 xAsus VH236H 
KeyboardPowerCaseMouse Pad
Razer Ultra X3 1000W HAF 932 My Desk 
  hide details  
Reply
For sale
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-920 Asus P6T Deluxe Asus GTX460 TOP 768mb G Skill ECO 1600 CAS7 1.35V 
Hard DriveOptical DriveOSMonitor
2x Vertex 60 GB raid[0] Asus DVDRW W7,Ubuntu 2 xAsus VH236H 
KeyboardPowerCaseMouse Pad
Razer Ultra X3 1000W HAF 932 My Desk 
  hide details  
Reply
post #13 of 48
oops. didn't realize that sry.
post #14 of 48
Quote:
Originally Posted by Onions View Post
check for changes... turn on the pc with internet unplugged and poke around. See iyou see anyhting installed that shouldnt be...

my bro had the same thing happen to his pc only the guy went through his on our network and isntalled it onto my pc. Got into my hotmail, found thigs he shouldnt have, posted it on 4chan, then got the police involved XD it evolved very rapidly and can be a pain. Its nto worth the risk tho if you dont find anyhting reinstall the os
What did you do? :-P
post #15 of 48
Check your running processes, check for anything you don't recognise and make a note of it, google it to make sure its nothing important if not then add it to your firewall block list to stop it from beable to start again.

Can also try a netstat in command prompt to get a IP and and port to block too, but the IP is likely to change because he's most likely using proxies etc, but the port shouldn't change because the program will be listening on that port for him to login.

But i would recommend not using a admin account on windows it's bad drills, the hacker can normally only do what the user account can do unless he's good and knows how to escalate privileges, which if you know he's in your system i doubt he can do this.

What firewall and anti-virus are you using? Have you checked to see if he's added himself any rules into it?

Failing any of this just re image and start again listening the all the good advice give above from all the other posts.
Prometheus
(14 items)
 
  
Reply
Prometheus
(14 items)
 
  
Reply
post #16 of 48
You first close up the hole where they got thru before cleaning your pc. Download Wireshark. Install it. Then run Netstat to see the connections. Then do some packet capturing.

Also run Autoruns. tick the hide ms legal entries and verify the signatures. Then press refresh. All the non verified entries should be treated as suspicious.

If you can run hijack and OTL and post the log it would be of great help. We can work from there. But you need to patch the hole up first otherwise its going to happen again
post #17 of 48
I LOL'd

...but seriously. after you clean everything up scan your network and patch holes in your sec-urity (cwhatiddithere) . http://www.securityinnovation.com/se...Scanners15.htm
Zardoz
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 950 @ 4.21 (HT/On) #3043A793 Rampage III GENE NVIDIA Geforce GTX 560 Ti MSI TFII @ Stock G.SKILL Ripjaws Series 8GB DDR3 1600 
Hard DriveOptical DriveOSMonitor
Intel X25-M SSD 80GB [x2] Raid 0 + Seagate 1TB Pioneer BR-Drive Win7 Ultimate 64bit Acer B273hu 
PowerCase
GE-M800A-d1 Gigabyte LIAN LI PC-A04B mATX 
  hide details  
Reply
Zardoz
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 950 @ 4.21 (HT/On) #3043A793 Rampage III GENE NVIDIA Geforce GTX 560 Ti MSI TFII @ Stock G.SKILL Ripjaws Series 8GB DDR3 1600 
Hard DriveOptical DriveOSMonitor
Intel X25-M SSD 80GB [x2] Raid 0 + Seagate 1TB Pioneer BR-Drive Win7 Ultimate 64bit Acer B273hu 
PowerCase
GE-M800A-d1 Gigabyte LIAN LI PC-A04B mATX 
  hide details  
Reply
post #18 of 48
Also, something important to bring up;
Hamachi basically creates a VPN with all the features of direct connection access to a computer via LAN. It is *VERY* important to ONLY allow (and disable all other) ports that are needed for the service you are attempting to use on Hamachi. In this case, enable the minecraft server and client ports; maybe port 80, and disable everything else. Of course, first you should clean both systems and ensure that there is no longer access available to the outside world.
    
CPUMotherboardGraphicsRAM
Core i7 920 D0 4.2ghz HT (1.3625v) Asus R3E 2xGTX 460 (non SLi, no overclock) 6x2gb G.skill @ 6-8-6-24-1T 
Hard DriveOptical DriveOSMonitor
WD-VR 300GBx1, 2xWD 1tb,2x60gb Agility Some crappy combo burner... Arch x64 3xDell U2410f rev A02 
KeyboardPowerCaseMouse
X-Armor U9BL TT Toughpower 1200w (NTB more efficient) Mountain Mods Pinnacle 24 CYO Roccat Kone (R.I.P. A4Tech x7) 
Mouse Pad
Steelpad Experience I-1 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Core i7 920 D0 4.2ghz HT (1.3625v) Asus R3E 2xGTX 460 (non SLi, no overclock) 6x2gb G.skill @ 6-8-6-24-1T 
Hard DriveOptical DriveOSMonitor
WD-VR 300GBx1, 2xWD 1tb,2x60gb Agility Some crappy combo burner... Arch x64 3xDell U2410f rev A02 
KeyboardPowerCaseMouse
X-Armor U9BL TT Toughpower 1200w (NTB more efficient) Mountain Mods Pinnacle 24 CYO Roccat Kone (R.I.P. A4Tech x7) 
Mouse Pad
Steelpad Experience I-1 
  hide details  
Reply
post #19 of 48
Don't sweat the small stuff. If you want to sleep at night patch the security holes in the router and backup, re-up the os. Nothing like that fresh install smell..
post #20 of 48
See, my computer is within my DMZ, but I have most of my ports closed via the router and my computer. I don't use a firewall on my PC, never needed to. Never had anyone hack my machine.
    
CPUMotherboardGraphicsRAM
Intel i5 2500 @ 4,004GHz (1.202v) Asus P8P67-PRO B3 Leadtek GTX260 65nm 896MB 700|1430|1100 4GB DDR3 Muskin 1686MHz 
Hard DriveOptical DriveOSMonitor
2xWD CB 250GB, 2x SG 320GB, 1xSS F1 1TB Pioneer DVD-RW Windows 7 Professional 64bit Samsung 2032BW 20" 1680x1050 16:10 
KeyboardPowerCaseMouse
Razer Lycosa CoolerMaster GX 550W Coolermaster Storm Sniper Razer DeathAdder 
Mouse Pad
Razer Goliathus 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel i5 2500 @ 4,004GHz (1.202v) Asus P8P67-PRO B3 Leadtek GTX260 65nm 896MB 700|1430|1100 4GB DDR3 Muskin 1686MHz 
Hard DriveOptical DriveOSMonitor
2xWD CB 250GB, 2x SG 320GB, 1xSS F1 1TB Pioneer DVD-RW Windows 7 Professional 64bit Samsung 2032BW 20" 1680x1050 16:10 
KeyboardPowerCaseMouse
Razer Lycosa CoolerMaster GX 550W Coolermaster Storm Sniper Razer DeathAdder 
Mouse Pad
Razer Goliathus 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › How do i stop a hacker?