Overclock.net › Forums › Software, Programming and Coding › Networking & Security › I just got hacked!!! Help
New Posts  All Forums:Forum Nav:

I just got hacked!!! Help - Page 3

post #21 of 33
Scan your PC using hitman pro.

What security software are you running? I would suggest you to "ESET Smart Security" as its one of the best no-headache security solution available.
post #22 of 33
Tried ComboFix, Malwarebytes, your favorite AV program in safe mode with no results ?

Nuke the drive.
    
CPUMotherboardGraphicsRAM
AMD Phenom II x6 1055T [3.932GHz, 2.56GHz NB] ASUS M4A89GTD PRO/USB3 GTX 960 G1 4GB 1500MHz / 8000MHz (+65mV) Kingston HyperX 2x4 GB @ 1493MHz 8-8-8-27-1T 
Hard DriveHard DriveOptical DriveCooling
WD Caviar Blue 500GB 7200 RPM 16MB Samsung 850 EVO 120GB LG RW Noctua NH-D14 
OSMonitorMonitorKeyboard
Windows 7 Ultimate x64 37" FHD TV (Native 1080p) LG 22MP47 1080p - IPS Generic Genius Keyboard 
PowerCaseMouseMouse Pad
SilverStone Strider (SST-ST75F-P) 750W Modular,... Thermaltake SopranoRS (Side Panel Off) Redragon M601 Centrophorus Razer Goliathus Control (M) 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
AMD Phenom II x6 1055T [3.932GHz, 2.56GHz NB] ASUS M4A89GTD PRO/USB3 GTX 960 G1 4GB 1500MHz / 8000MHz (+65mV) Kingston HyperX 2x4 GB @ 1493MHz 8-8-8-27-1T 
Hard DriveHard DriveOptical DriveCooling
WD Caviar Blue 500GB 7200 RPM 16MB Samsung 850 EVO 120GB LG RW Noctua NH-D14 
OSMonitorMonitorKeyboard
Windows 7 Ultimate x64 37" FHD TV (Native 1080p) LG 22MP47 1080p - IPS Generic Genius Keyboard 
PowerCaseMouseMouse Pad
SilverStone Strider (SST-ST75F-P) 750W Modular,... Thermaltake SopranoRS (Side Panel Off) Redragon M601 Centrophorus Razer Goliathus Control (M) 
  hide details  
Reply
post #23 of 33
The problem with VNC services, is that they are legit programs that arn't flagged by AV.

Backup your files, firefox passwords, format it and start over.
Webcrawler
(17 items)
 
  
CPUMotherboardGraphicsRAM
i5 3570k ASRock Z75 Pro3 Sapphire 7870 XT Boost Corsair Vengeance, DDR3 1600Mhz 
Hard DriveHard DriveOSMonitor
SpinPoint F1 1TB 64GB M4 SSD Windows 8.1 SyncMaster P2050 
MonitorKeyboardPowerMouse
Dell U2312HM Sidewinder X4 Be Quiet! Pure Power CM L8 430w Zowie FK 
AudioAudio
Xonar DG Sennheiser HD 555 
  hide details  
Reply
Webcrawler
(17 items)
 
  
CPUMotherboardGraphicsRAM
i5 3570k ASRock Z75 Pro3 Sapphire 7870 XT Boost Corsair Vengeance, DDR3 1600Mhz 
Hard DriveHard DriveOSMonitor
SpinPoint F1 1TB 64GB M4 SSD Windows 8.1 SyncMaster P2050 
MonitorKeyboardPowerMouse
Dell U2312HM Sidewinder X4 Be Quiet! Pure Power CM L8 430w Zowie FK 
AudioAudio
Xonar DG Sennheiser HD 555 
  hide details  
Reply
post #24 of 33
Quote:
Originally Posted by XAslanX View Post

You've got a RAT (remote administration tool) virus, grab Avira Rescue System and run a scan OFFLINE http://www.avira.com/en/download/product/avira-rescue-system USB instructions: https://www.avira.com/en/support-for-home-knowledgebase-detail/kbid/655

Yup definitely sounds like a RAT.
Whoever is doing it must be an idiot to actually remote control the computer via mouse.

You can use TDSSKiller for finding rootkits
http://usa.kaspersky.com/downloads/TDSSKiller

As XAslanX said use Avira as it's probably the best I've seen for catching RATS.
You can also use ESET SysRescue http://support.eset.com/kb3509/

It probably came from something torrented (One of the most popular way to distribute a RAT)
Possibly came from a Java Drive-By too.
    
CPUMotherboardGraphicsRAM
Intel 6700k Asus Z170-A EVGA GTX 1080 SC 32GB Corsair Vengeance LPX 
Hard DriveHard DriveHard DriveHard Drive
Kingston HyperX 3K 120GB (OS) Kingston HyperX 3K 240GB (Storage) Seagate 1TB (Media)  Seagate 2TB (Media) 
Optical DriveCoolingOSMonitor
LG WH16NS40 BluRay Noctua NH-D15s Windows 10 Pro 64bit ASUS VG248QE 24" 
KeyboardPowerCaseMouse
Magicforce 68 Corsair TX850M Fractal Design R4 Logitech G600 
Mouse PadAudioAudioOther
Steelseries Qck Klipsch ICONs / 12" Dayton Sub SMSL SA-50 SMSL SD-793II 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel 6700k Asus Z170-A EVGA GTX 1080 SC 32GB Corsair Vengeance LPX 
Hard DriveHard DriveHard DriveHard Drive
Kingston HyperX 3K 120GB (OS) Kingston HyperX 3K 240GB (Storage) Seagate 1TB (Media)  Seagate 2TB (Media) 
Optical DriveCoolingOSMonitor
LG WH16NS40 BluRay Noctua NH-D15s Windows 10 Pro 64bit ASUS VG248QE 24" 
KeyboardPowerCaseMouse
Magicforce 68 Corsair TX850M Fractal Design R4 Logitech G600 
Mouse PadAudioAudioOther
Steelseries Qck Klipsch ICONs / 12" Dayton Sub SMSL SA-50 SMSL SD-793II 
  hide details  
Reply
post #25 of 33
As a I.T. Support Technician with an MSP (Managed Service Provider), I suggest that you do the following:

Take your PC offline. DO NOT CONNECT IT TO ANY NETWORKS.
Backup all of you important data to an external USB drive.
Completely nuke your current OS. Don't reinstall over, don't revert back. Completely wipe.
Fresh install your OS.

The data that's on your USB drive, take it to another PC and do a full scan with multiple malicous scanners (ADW, malwarebytes, hitman pro, super anti spyware, etc) to insure there is no infection.

Don't waste your time trying to fix a compromised OS.

Once you done all that, research everything about PC and internet security. You could have the best AV, firewall, sandbox, keylogger and all that, but it won't help you if you don't educate yourself.
Kylo RED
(16 items)
 
  
CPUMotherboardGraphicsRAM
AMD Ryzen 1600X 6c/12t MSI B350 Tomahawk PNY GTX 980 Reference Gskill Ripjaws 2x8GB DDR4 2800mhz 
Hard DriveHard DriveCoolingCooling
Samsung 840 pro 128GB  Seagate 3TB HDD Custom Water Cooled Loop [Apogee XL, D5 Pump, E... Deepcool RF RGB 120MM Fans x6 
OSMonitorKeyboardPower
Windows 10 Pro 27" Qnix QX2710 Evolution II 2560x1440 Corsair K70 MX Red SeaSonic X Series 760w 80plus Gold 
CaseMouseMouse PadAudio
Fractal Design Define S Corsair Glaive Corsair MM200 XL Plantronics RIG 500HD 7.1 SURROUND 
  hide details  
Reply
Kylo RED
(16 items)
 
  
CPUMotherboardGraphicsRAM
AMD Ryzen 1600X 6c/12t MSI B350 Tomahawk PNY GTX 980 Reference Gskill Ripjaws 2x8GB DDR4 2800mhz 
Hard DriveHard DriveCoolingCooling
Samsung 840 pro 128GB  Seagate 3TB HDD Custom Water Cooled Loop [Apogee XL, D5 Pump, E... Deepcool RF RGB 120MM Fans x6 
OSMonitorKeyboardPower
Windows 10 Pro 27" Qnix QX2710 Evolution II 2560x1440 Corsair K70 MX Red SeaSonic X Series 760w 80plus Gold 
CaseMouseMouse PadAudio
Fractal Design Define S Corsair Glaive Corsair MM200 XL Plantronics RIG 500HD 7.1 SURROUND 
  hide details  
Reply
post #26 of 33
Thread Starter 
made another usb with avira and tried on my media center. I got gui loaded.
Now trying on infected pc and cannot pass this..
 
HTPC / SERVER
(12 items)
 
 
CPUMotherboardGraphicsRAM
intel 4670k Gigabyte Z87X-UD3H MSI 750 Ti G.SKILL Ripjaws X Series 8GB 2133 
Hard DriveHard DriveCoolingOS
Samsung EVO 120Gb Seagate Barracuda 7200.12 500 Corsair h70 Windows 7 Pro 
MonitorKeyboardPowerCase
Asus VW266H 1920x1200 Logitech G-15 CORSAIR HX750 Antec 900 
Mouse
Logitech Performance MX 
CPUMotherboardGraphicsRAM
amd a10-7850k asus a88mx-a APU corsair vengeance 
Hard DriveCoolingOSMonitor
Corsair C300 stock Windows 7 Sharp 60" LCD 
KeyboardPowerCaseOther
Logitech K400r Corsair CX430M old temp Asus USB-AC53 
  hide details  
Reply
 
HTPC / SERVER
(12 items)
 
 
CPUMotherboardGraphicsRAM
intel 4670k Gigabyte Z87X-UD3H MSI 750 Ti G.SKILL Ripjaws X Series 8GB 2133 
Hard DriveHard DriveCoolingOS
Samsung EVO 120Gb Seagate Barracuda 7200.12 500 Corsair h70 Windows 7 Pro 
MonitorKeyboardPowerCase
Asus VW266H 1920x1200 Logitech G-15 CORSAIR HX750 Antec 900 
Mouse
Logitech Performance MX 
CPUMotherboardGraphicsRAM
amd a10-7850k asus a88mx-a APU corsair vengeance 
Hard DriveCoolingOSMonitor
Corsair C300 stock Windows 7 Sharp 60" LCD 
KeyboardPowerCaseOther
Logitech K400r Corsair CX430M old temp Asus USB-AC53 
  hide details  
Reply
post #27 of 33
Hmm.

Try another USB port?
    
CPUMotherboardGraphicsRAM
Intel 6700k Asus Z170-A EVGA GTX 1080 SC 32GB Corsair Vengeance LPX 
Hard DriveHard DriveHard DriveHard Drive
Kingston HyperX 3K 120GB (OS) Kingston HyperX 3K 240GB (Storage) Seagate 1TB (Media)  Seagate 2TB (Media) 
Optical DriveCoolingOSMonitor
LG WH16NS40 BluRay Noctua NH-D15s Windows 10 Pro 64bit ASUS VG248QE 24" 
KeyboardPowerCaseMouse
Magicforce 68 Corsair TX850M Fractal Design R4 Logitech G600 
Mouse PadAudioAudioOther
Steelseries Qck Klipsch ICONs / 12" Dayton Sub SMSL SA-50 SMSL SD-793II 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel 6700k Asus Z170-A EVGA GTX 1080 SC 32GB Corsair Vengeance LPX 
Hard DriveHard DriveHard DriveHard Drive
Kingston HyperX 3K 120GB (OS) Kingston HyperX 3K 240GB (Storage) Seagate 1TB (Media)  Seagate 2TB (Media) 
Optical DriveCoolingOSMonitor
LG WH16NS40 BluRay Noctua NH-D15s Windows 10 Pro 64bit ASUS VG248QE 24" 
KeyboardPowerCaseMouse
Magicforce 68 Corsair TX850M Fractal Design R4 Logitech G600 
Mouse PadAudioAudioOther
Steelseries Qck Klipsch ICONs / 12" Dayton Sub SMSL SA-50 SMSL SD-793II 
  hide details  
Reply
post #28 of 33
Thread Starter 
another port did not help
 
HTPC / SERVER
(12 items)
 
 
CPUMotherboardGraphicsRAM
intel 4670k Gigabyte Z87X-UD3H MSI 750 Ti G.SKILL Ripjaws X Series 8GB 2133 
Hard DriveHard DriveCoolingOS
Samsung EVO 120Gb Seagate Barracuda 7200.12 500 Corsair h70 Windows 7 Pro 
MonitorKeyboardPowerCase
Asus VW266H 1920x1200 Logitech G-15 CORSAIR HX750 Antec 900 
Mouse
Logitech Performance MX 
CPUMotherboardGraphicsRAM
amd a10-7850k asus a88mx-a APU corsair vengeance 
Hard DriveCoolingOSMonitor
Corsair C300 stock Windows 7 Sharp 60" LCD 
KeyboardPowerCaseOther
Logitech K400r Corsair CX430M old temp Asus USB-AC53 
  hide details  
Reply
 
HTPC / SERVER
(12 items)
 
 
CPUMotherboardGraphicsRAM
intel 4670k Gigabyte Z87X-UD3H MSI 750 Ti G.SKILL Ripjaws X Series 8GB 2133 
Hard DriveHard DriveCoolingOS
Samsung EVO 120Gb Seagate Barracuda 7200.12 500 Corsair h70 Windows 7 Pro 
MonitorKeyboardPowerCase
Asus VW266H 1920x1200 Logitech G-15 CORSAIR HX750 Antec 900 
Mouse
Logitech Performance MX 
CPUMotherboardGraphicsRAM
amd a10-7850k asus a88mx-a APU corsair vengeance 
Hard DriveCoolingOSMonitor
Corsair C300 stock Windows 7 Sharp 60" LCD 
KeyboardPowerCaseOther
Logitech K400r Corsair CX430M old temp Asus USB-AC53 
  hide details  
Reply
post #29 of 33
Quote:
Originally Posted by ASSSETS View Post

made another usb with avira and tried on my media center. I got gui loaded.
Now trying on infected pc and cannot pass this..

That is an issue with Debian and nvidia. Take the card out of the system and boot with the onboard video.

http://forums.debian.net/viewtopic.php?f=17&t=119612
post #30 of 33
Get your photos and trusted documents off that computer and reformat. I wouldn't mess with any scan software at all. If I had a minor issue, maybe I would attempt to fix it with scanning software. But, this is far from a minor issue.

I would also see if my Internet provider could change my IP address. I'm not sure if they do that or not. I would also check to see if my Router is up to date and doesn't have any know security holes, which a lot of older routers do.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › I just got hacked!!! Help