Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Computer is/or was under super hack!!
New Posts  All Forums:Forum Nav:

Computer is/or was under super hack!! - Page 2

post #11 of 32
WPA2, wipe, AVG, good firewall will def make sure that this shouldn't happen again. Sorry this happened to you but def wipe the HD and do a fresh install. Changing your passwords was also a great idea, who knows what the intruder was able to extract if anything.
I'm Back
(19 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II X6 1055T @3.71 Asus M4A785TD-V EVO Gigabyte GTX 460 1GB 16 GB Corsair XMS 3 
Hard DriveHard DriveHard DriveHard Drive
Kingston V300 SSD Western Digital Caviar Samsung Spinpoint Western Digital Caviar black 
Optical DriveCoolingOSMonitor
Sony CD DVD R/WR Prolimatech Megahalems  Windows 7 x64 Samsung Smart TV 
MonitorKeyboardPowerCase
Hanns G POS Saitek Eclipse II Corsair 750 TX NZXT Source 210 
Mouse
Logitech G700S 
  hide details  
Reply
I'm Back
(19 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II X6 1055T @3.71 Asus M4A785TD-V EVO Gigabyte GTX 460 1GB 16 GB Corsair XMS 3 
Hard DriveHard DriveHard DriveHard Drive
Kingston V300 SSD Western Digital Caviar Samsung Spinpoint Western Digital Caviar black 
Optical DriveCoolingOSMonitor
Sony CD DVD R/WR Prolimatech Megahalems  Windows 7 x64 Samsung Smart TV 
MonitorKeyboardPowerCase
Hanns G POS Saitek Eclipse II Corsair 750 TX NZXT Source 210 
Mouse
Logitech G700S 
  hide details  
Reply
post #12 of 32
why do people ALWAYS say to reformat after you get a trojan?

You don't need to and there is still no evidence that it is a trojan or just a screwed up mouse. I have an optical mouse here that does exactly the same thing if used with anything other than a black mousemat.

Don't reformat. Download and install the free version of superantispyware from here. Update it and then disconnect from the network. Run a complete scan and let it remove all the files it finds. Reboot the computer AND the router. If it IS a trojan then whoever wrote it probably has your wan ip address. Reebooting the router will get you a new one.

That should get rid of it without reformatting.

and GET RID OF MCAFEE!
My System
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom 9600 BE Asus M3A32-MVP Deluxe Watercooled Saphire 1GB 3870 X2 4 GB DDR2 800 OCZ HTC Reaper 
Hard DriveOptical DriveOSMonitor
2 x WD 500GB SATA 2 2 x SATA DVD-RW Vista Ultimate 32" HD TFT on HDMI 
KeyboardPowerCaseMouse
Saitek Eclipse II Zalman 850 Watt Heatpipe cooled Gigabyte Mercury 3D Genius Navigator 525 
Mouse Pad
Desk 
  hide details  
Reply
My System
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom 9600 BE Asus M3A32-MVP Deluxe Watercooled Saphire 1GB 3870 X2 4 GB DDR2 800 OCZ HTC Reaper 
Hard DriveOptical DriveOSMonitor
2 x WD 500GB SATA 2 2 x SATA DVD-RW Vista Ultimate 32" HD TFT on HDMI 
KeyboardPowerCaseMouse
Saitek Eclipse II Zalman 850 Watt Heatpipe cooled Gigabyte Mercury 3D Genius Navigator 525 
Mouse Pad
Desk 
  hide details  
Reply
post #13 of 32
Sorry to say it, but I disagree with you. SuperAntiSpyware is a program I have never heard of, nor would I trust completely.

Get AVG, as mentioned before, and Probably Spybot Search and Destroy. Both of the aforementioned have very good reputations and have never given me in my 3+ years of use, any problems. I also use Firestarter in linux, and Zonealarm firewall, in conjunction with my router's built-in, as well.

Refer to this: Free Security Downloads to find reliable sources.

Reformatting your computer is the safest way to remove the trojan and be completely sure you got it. That doesn't mean it is the only option, but it is, and will remain, the most effective. You do have other options, many others. It's always fun to do a reformat though, then you can just find the programs you use most again, and you're all set.
Edited by Pap3r - 5/21/08 at 8:12pm
Mod
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q6600 G0 @ 3390MHz Asus P5Q XFX 8800GT Alpha Dog Edition 767/1833 2x1g OCZ Reaper DDR2 
Hard DriveOptical DriveOSMonitor
WD 160G SATA Light-on Lightscribe Drive Ubuntu Syncmaster 730B 
KeyboardPowerCaseMouse
G15 Rosewill 550w SLI TT Tsunami MX518 
Mouse Pad
None 
  hide details  
Reply
Mod
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q6600 G0 @ 3390MHz Asus P5Q XFX 8800GT Alpha Dog Edition 767/1833 2x1g OCZ Reaper DDR2 
Hard DriveOptical DriveOSMonitor
WD 160G SATA Light-on Lightscribe Drive Ubuntu Syncmaster 730B 
KeyboardPowerCaseMouse
G15 Rosewill 550w SLI TT Tsunami MX518 
Mouse Pad
None 
  hide details  
Reply
post #14 of 32
totally disagree.

For a start avg is only an antivirus and misses a host of other types of infection. Superantispyware is an anti malware program that has never failed to remove even the most stubborn infections. I have been using it for a couple of years now to remove trojans and malware from the several pc's i get in my shop every week.

I agree he should get an antivirus but don't go ruling out a good program just because YOU have never heard of it. And i disagree that he should get a free program. They are all limited in some way. In the end the best antivirus will be one you have to pay for. At the moment the best one on the market is the latest norton 2008 product, but they have only just managed to get back in the list after several years of failing the vb100 tests.

I have been repairing PC and removing virii from customers machines for nearly 20 years and this program is by far the best at removing this type of infection.

And don't get me started on S + D. You do know they started out by using a virus hoax to get people to buy it don't you?

Reformatting may be the "safest" way of removing infections but it should always be a last resort. Anybody who says it should be done first should go and work for PC World. They would love them as that is always their first line of defense.

Rant over...
Edited by magus.tsf - 5/20/08 at 9:16am
My System
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom 9600 BE Asus M3A32-MVP Deluxe Watercooled Saphire 1GB 3870 X2 4 GB DDR2 800 OCZ HTC Reaper 
Hard DriveOptical DriveOSMonitor
2 x WD 500GB SATA 2 2 x SATA DVD-RW Vista Ultimate 32" HD TFT on HDMI 
KeyboardPowerCaseMouse
Saitek Eclipse II Zalman 850 Watt Heatpipe cooled Gigabyte Mercury 3D Genius Navigator 525 
Mouse Pad
Desk 
  hide details  
Reply
My System
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom 9600 BE Asus M3A32-MVP Deluxe Watercooled Saphire 1GB 3870 X2 4 GB DDR2 800 OCZ HTC Reaper 
Hard DriveOptical DriveOSMonitor
2 x WD 500GB SATA 2 2 x SATA DVD-RW Vista Ultimate 32" HD TFT on HDMI 
KeyboardPowerCaseMouse
Saitek Eclipse II Zalman 850 Watt Heatpipe cooled Gigabyte Mercury 3D Genius Navigator 525 
Mouse Pad
Desk 
  hide details  
Reply
post #15 of 32
Thread Starter 
Ok this is what I did in the wee hours of the morning last night. Being that this is where I do a lot of my work and my entertainment from movies, music, games etc etc, I first tried other options instead of reformatting.

After taking in what everyone said. I un installed Mcafee, installed AVG. Did a full scan of the entire computer, and reset the router recently as of the latest posts.

Later I tried it an notice no more grinding halts where I could not move the mouse any where for over 10 seconds anymore. I still noticed some slight choppyness but that was my old mouse. Today I received my Logitech MX510 and have not had ANY problems.

I believe it was an attack but I have fixed it thanks to info from everyone, Plus rep for all. Thanks for the info and help!
Adventure
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX 8120 Asrock 970 Extreme 3 Cheap 5000 series 16gb 4x4 ddr3 1600 
Hard DriveOptical DriveOSMonitor
350gb SSD Sata III Samsung 22x DVD-RW Windows 7 Home Premium 64bit Asus Pro Art Monitor 23" 
KeyboardPowerCaseMouse
Logitech Standard Xigmatek 750w Modular NZXT Logitech MX530 Gray 
Mouse Pad
Standard 
  hide details  
Reply
Adventure
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX 8120 Asrock 970 Extreme 3 Cheap 5000 series 16gb 4x4 ddr3 1600 
Hard DriveOptical DriveOSMonitor
350gb SSD Sata III Samsung 22x DVD-RW Windows 7 Home Premium 64bit Asus Pro Art Monitor 23" 
KeyboardPowerCaseMouse
Logitech Standard Xigmatek 750w Modular NZXT Logitech MX530 Gray 
Mouse Pad
Standard 
  hide details  
Reply
post #16 of 32
Quote:
Originally Posted by Sgtoku View Post
Ok this is what I did in the wee hours of the morning last night. Being that this is where I do a lot of my work and my entertainment from movies, music, games etc etc, I first tried other options instead of reformatting.

After taking in what everyone said. I un installed Mcafee, installed AVG. Did a full scan of the entire computer, and reset the router recently as of the latest posts.

Later I tried it an notice no more grinding halts where I could not move the mouse any where for over 10 seconds anymore. I still noticed some slight choppyness but that was my old mouse. Today I received my Logitech MX510 and have not had ANY problems.

I believe it was an attack but I have fixed it thanks to info from everyone, Plus rep for all. Thanks for the info and help!
So your going to get all your stuff off now, and DBAN / Re-install right?

Don't trust scanning software, there will still be corrupted / compromised stuff, in addition you had and extremely horrible attack, so reformat is even more important.

With any Virus issues, the first step is to stop it, then back-up everything, and lastly reformat.

Annoying yes, however it is the only safe thing to do.

Yes, I am an IT guy, and though scanning is our first step, if after multiple scans it still shows issues, or appears to have issues (non-virus related) we recover what everything, and swap out their drive with a replacement.

Also, I second the issues with Mcafee, my workplace just switched to it from Norton, and have had tons of issues with it.
Edited by trueg50 - 5/20/08 at 6:25pm
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
post #17 of 32
trojans such as poisinivy (plenty of them) allow an attacker to do whatever he wants , this includes control your machine as if its through remote desktop, so yes you are infected, theres plenty of undetected ones so an antivirus might not save you, your gonna have to get a registry mon and file mon see whats being accessed (i didnt read whole thread so if you fixed it good for you), btw you didnt fix it by getting a new mouse, the attacker connects and disconnects to your machine, he cant be on 24/7, and theres plenty of undetectable custom trojans, dont depend on antiviruses too much
Edited by RSXHiTMAN - 5/21/08 at 1:38am
post #18 of 32
Reformat
post #19 of 32
Quote:
Originally Posted by sublime0 View Post
Reformat
I second that. I skimped out on reformatting on my Compaq in the early stages and more damage was done.

I thought I had removed the Trojan (it was the one that had a fake virus scanner pop up and made the home page that site). Anyways, after a few months of not having it, my computer slowed down a ton and the trojan hit again at full force.

I had to reformat and lost the majority of my files.
Rig
(15 items)
 
   
CPUMotherboardGraphicsRAM
i7 5820K MSI X99A SLI PLUS EVGA GTX 1070 FTW 4x8GB G.Skill Ripjaws  
Hard DriveHard DriveCoolingOS
Samsung 850 Pro Samsung 850 Evo Noctua NH-D15 Windows 10 
MonitorKeyboardPowerCase
Dell U2515H Happy Hacking Keyboard 2  EVGA Supernova 750 G2 Corsair 600Q 
MouseMouse PadAudio
Logitech G403 Steelseries QcK Mass M-Audio AV40 
CPUMotherboardGraphicsRAM
i7 930 @ 3.7 HT Gigabyte X58A-UD3R VisionTek 4870x2 3x4GB's G.Skill Ripjaws 1600 
Hard DriveOptical DriveOSMonitor
500GB AAKS, 2x 640GB AAKS, 2x 1TB Samsung SH-S203B Windows 7 Ultimate 64-bit Samsung 245BW 
KeyboardPowerCaseMouse
Happy Hacking Keyboard 2 Silverstone OP850 Antec 1200 [Three Nanoxia FX12] [Two San Ace 1011] Logitech G500 
Mouse Pad
Razer eXactMat 
CPUGraphicsRAMHard Drive
i7 3615QM GT 650M 16GB DDR3 256GB SSD 
OS
OS X Mountain Lion 
  hide details  
Reply
Rig
(15 items)
 
   
CPUMotherboardGraphicsRAM
i7 5820K MSI X99A SLI PLUS EVGA GTX 1070 FTW 4x8GB G.Skill Ripjaws  
Hard DriveHard DriveCoolingOS
Samsung 850 Pro Samsung 850 Evo Noctua NH-D15 Windows 10 
MonitorKeyboardPowerCase
Dell U2515H Happy Hacking Keyboard 2  EVGA Supernova 750 G2 Corsair 600Q 
MouseMouse PadAudio
Logitech G403 Steelseries QcK Mass M-Audio AV40 
CPUMotherboardGraphicsRAM
i7 930 @ 3.7 HT Gigabyte X58A-UD3R VisionTek 4870x2 3x4GB's G.Skill Ripjaws 1600 
Hard DriveOptical DriveOSMonitor
500GB AAKS, 2x 640GB AAKS, 2x 1TB Samsung SH-S203B Windows 7 Ultimate 64-bit Samsung 245BW 
KeyboardPowerCaseMouse
Happy Hacking Keyboard 2 Silverstone OP850 Antec 1200 [Three Nanoxia FX12] [Two San Ace 1011] Logitech G500 
Mouse Pad
Razer eXactMat 
CPUGraphicsRAMHard Drive
i7 3615QM GT 650M 16GB DDR3 256GB SSD 
OS
OS X Mountain Lion 
  hide details  
Reply
post #20 of 32
Either use Superantispyware which is a good program or just DBAN reinstall.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Computer is/or was under super hack!!