Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

help


  • Please log in to reply
3 replies to this topic

#1 jerry763ed

jerry763ed

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:22 AM

Posted 05 January 2013 - 02:28 PM

hi everyone im new here. there is this one hacker that i feel that he is tracing my internet browsing history because it is following me on some website. he once knew my ip for example its 51.x.x.90 the last set digit only changes on my ip the hacker like saying that he is using cookie monster on me do u think its true might be misleading me this person had been fooling for long time. is there anything i can do so that i can get off with his hacking.

Edited by bloopie, 05 January 2013 - 04:01 PM.
Mod Edit: Moved from Antivirus to Aii. ~bloopie


BC AdBot (Login to Remove)

 


#2 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:02:22 AM

Posted 05 January 2013 - 04:22 PM

Hi jerry763ed, and welcome to Bleeping Computer!

My name is bloopie and I'll be helping you with your problems as best I can! :thumbup2:

==========

Are you using a firewall on this computer? A good incoming firewall solution will help you track the IP's that may try to gain access to your computer. Also, if you think you've been hacked, it might be a good idea to go to a known clean computer and change your passwords just in case. :thumbup2:

Aside from that, I'd like to get some logs to see the state of your machine:

==========

Step :step1:

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

==========

Step :step2:

Now, I normally don't recommend using Super Anti Spyware, but as you mention you think he's using a cookie tracker...SAS will find and remove those cookies to make it more difficult in the future (if you really do have a hacker).

Please download SUPERAntiSpyware Free and follow these instructions for performing a scan.

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • Be sure to update the definitions before scanning by selecting "Check for Updates".
    If you encounter any problems while downloading the updates, manually download them from here.
  • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY) under Select Scan Type.
To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.

==========

Step :step3:

And finally, a rootkit scanner:

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    Posted Image

  • Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    Posted Image
  • Click Start Scan and allow the scan process to run


    Posted Image

  • If threats are detected select Skip or Cure (if available) for all of them unless otherwise instructed.
    ***Do NOT select Delete!
  • Click Continue


    Posted Image

  • Click Reboot computer
  • Please zip the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and attach it to your reply

==========

In your next reply, please include the following:

  • The MBAM log
  • The SAS log
  • The TDSSKiller log
bloopie

#3 jerry763ed

jerry763ed
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:22 AM

Posted 06 January 2013 - 01:28 AM

thank you for the reply yes i have a firewall and i am currently using mc afee 2013, what about the ip address do u think he can no longer be able to trace it and keep on following.

#4 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:02:22 AM

Posted 06 January 2013 - 01:18 PM

Hi again,:)

If you have incoming firewall protection, you should be able to see who's been trying to get in by viewing the traffic on the connection through the Mcafee firewall interface. I haven't ever used that program, so I'm not sure of how to find the firewall traffic. If you can find a trace of the hack, you can have the firewall block it.

You can further protection by changing your router password (if you're using a router).

But I still would like to see the logs from the tools I asked for...you're aren't getting any safer just talking about it. :wink:

bloopie




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users