Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

shutting out remote connection


  • Please log in to reply
7 replies to this topic

#1 Nathan71667

Nathan71667

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 21 February 2015 - 11:54 AM

I have a machine with a remote connection that should not be there. Is there a way to shut it out?

Also I have the log file from event viewer of the activity on the machine. Is it possible to track this connection to it's source with the log file information?


Edited by hamluis, 21 February 2015 - 03:01 PM.
Moved from Win 7 to Networking - Hamluis.


BC AdBot (Login to Remove)

 


#2 Nathan71667

Nathan71667
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 21 February 2015 - 11:56 AM

A little secondary info. I'm teamviewering this machine and I'm watching this connected person attempt to shut me out of the machine and attempting to shut the machine down while I'm looking at him doing it. It's seems to be some remote desktop connection of some kind..



#3 OldPhil

OldPhil

    Doppleganger


  • Members
  • 4,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Long Island New York
  • Local time:06:41 AM

Posted 21 February 2015 - 12:33 PM

This may help you out worth a try!

 

http://www.bleepingcomputer.com/download/glasswire/


Honesty & Integrity Above All!


#4 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:04:41 AM

Posted 22 February 2015 - 06:49 PM

Sounds like you have been hacked.  Backorfice or other utility is being used. 

 

http://en.wikipedia.org/wiki/Back_Orifice

 

The only true way to clean the machine from a hacker is to format and reinstall.  Anything short of that will leave back doors into your system.  Question you need to answer is what did you NOT do that left you vulnerable to this hacker.  No MS patches allowed to run?  No AV or software firewall?  No router between you and the internet?  Using emule or torrents?



#5 Nathan71667

Nathan71667
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 23 February 2015 - 10:40 PM

Sounds like you have been hacked.  Backorfice or other utility is being used. 

 

http://en.wikipedia.org/wiki/Back_Orifice

 

The only true way to clean the machine from a hacker is to format and reinstall.  Anything short of that will leave back doors into your system.  Question you need to answer is what did you NOT do that left you vulnerable to this hacker.  No MS patches allowed to run?  No AV or software firewall?  No router between you and the internet?  Using emule or torrents?

Friends machine. You can bet nothing but the windows 7 firewall and avast running. After I put that in there. I am seeing tons of windows live mesh activity in the user profile. He says he doesn't use windows live anything. I've even seen some windows live logons in the log files. ? Possilbe entry point with desktop sharing? Kind of a moot point right now. House fire the next morning and all the laptops and electronics that didn't burn got the fire hose.. So.. Problem solved



#6 CaveDweller2

CaveDweller2

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:41 AM

Posted 24 February 2015 - 12:01 AM

That seems a little extreme to fix a computer problem lol. Hope everyone made it out safe and they are all OK.


Hope this helps thumbup.gif

Associate in Applied Science - Network Systems Management - Trident Technical College


#7 Nathan71667

Nathan71667
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 24 February 2015 - 10:02 AM

That seems a little extreme to fix a computer problem lol. Hope everyone made it out safe and they are all OK.

they thought they lost the cat. 7 hours later that sucker  cashed in some of it's 9 lives and came out of the apartment. I don't know how. I saw the film. This was no small stove only fire. Full gut. That cat has it's own angels.



#8 CaveDweller2

CaveDweller2

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:41 AM

Posted 24 February 2015 - 10:56 AM

Yikes. damn cats lol


Hope this helps thumbup.gif

Associate in Applied Science - Network Systems Management - Trident Technical College





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users