my computer is hacked and weird files found on my machine what do i do?

Originally posted by sixswornsermon
reply to post by PhoenixOD

 

x2 for Hiren's boot CD. Excellent tool.

x3. I agree as well.

reply to post by nineix


Also, just to inject a little more paranoia into this site:



Don't think that just because you run Linux you are invulnerable to attack!

ETA : reply not meant for previous poster.

Originally posted by nineix

I worked information systems for well over a decade, and not once, have I EVER absolutely HAD to format/wipe a system due to compromise.

For the sake of economy in time, I've wiped, but, if you want to take the time, and would rather not wipe your system, there really is not excuse or reason to wipe your system.

Wiping a system is unnecessary.

Agreed.

And until these people have seen their mouse cursor take off and Task Manager start up by itself and start locking you out of processes...

None of these people have ever been "hacked"...

My friends and I have been "hacking" each others' systems for over 15 years now since back when Back Orifice was the next big thing.

Things have come a long way, but Ethernet always stays the same.

If you know what you are doing, you never have to wipe a system. It's just that good software is so good at blocking you out of any way to fix it yourself, a lot of times people give up and say screw it. That is half the reason I tell everyone to buy an external HD to back-up their info to.

Not everyone can save their last 5 years of info... and take the "easy" way out. Even though the "Easy" way out is shooting the horse instead of fixing his broken leg.

reply to post by YouAreLiedTo


I remember COTDC days, sub7 etc....

Used to be so much fun to infect a buddies machine on LAN, upload the text to speech engine, and watch them shi@t their pants when the computer starts talking to them hahahaha!

What are the new RATs? I know of blackshade, what else is out there now?

Originally posted by YouAreLiedTo

Originally posted by nineix

I worked information systems for well over a decade, and not once, have I EVER absolutely HAD to format/wipe a system due to compromise.

For the sake of economy in time, I've wiped, but, if you want to take the time, and would rather not wipe your system, there really is not excuse or reason to wipe your system.

Wiping a system is unnecessary.

Agreed.

And until these people have seen their mouse cursor take off and Task Manager start up by itself and start locking you out of processes...

None of these people have ever been "hacked"...

My friends and I have been "hacking" each others' systems for over 15 years now since back when Back Orifice was the next big thing.

Things have come a long way, but Ethernet always stays the same.

If you know what you are doing, you never have to wipe a system. It's just that good software is so good at blocking you out of any way to fix it yourself, a lot of times people give up and say screw it. That is half the reason I tell everyone to buy an external HD to back-up their info to.

Not everyone can save their last 5 years of info... and take the "easy" way out. Even though the "Easy" way out is shooting the horse instead of fixing his broken leg.

That's fair enough mate if you know what you're doing, not everyone does.

It wouldn't be fair if you took your car to a mechanic and he said "pfft, can't you fix it yourself you idiot"

Originally posted by Mister_Bit
That's fair enough mate if you know what you're doing, not everyone does.

It wouldn't be fair if you took your car to a mechanic and he said "pfft, can't you fix it yourself you idiot"

I never did. I offered some info on the first steps to take back on page 1.

I even said that it is a good idea for people to use an EHD to back-up their files to once a week that is safe from infection in a worst-case-scenario.

I never tried to insult anyone, and I am sorry if it came off that way.

I was simply saying people over-use the term "hack" almost abusively on this site.

As for the question on the newer RAS/RATs... I don't condone hacking nor do I participate in it. Ever since I worked for the DoD I have hung-up my spurs.

Besides, you shouldn't need a program in the first place.

I'll be more than happy to help someone fix a problem though...

reply to post by Mister_Bit


I typed out a whole step by step as soon as this was posted, but by the time I submitted, though on page 1, all the ignorant people did the quick draw and already convinced the OP to wipe.

The OP asked for help, and help is indeed here, but, OP evidently wasn't patient enough to wait for the knowledge base to come curb side.

reply to post by YouAreLiedTo


Just asking out of a passing curiosity. I have no desire or plans to participate in illegal activities.

You were the one who brought up BO.

No fun at all

reply to post by sixswornsermon


I remember BO. Weren't the guys made it called Chaos Cows or something like that? Ahh, too long ago.

Edit: Cult of the Dead Cow.

reply to post by nineix


Cult of the Dead Cow.

Oh the wonderment in the early days of the internet.

reply to post by sixswornsermon


With Infosec options and layers of fun preventive nanny programs, I'm surprised anyone gets bugs these days.

Of course, no matter the level of complexity of any information system, one component in every system maintains a universal level of vulnerability to compromise, and that component is the user of the system.

press the right people shaped button, and you can own the network.

reply to post by nineix


True. The biggest threat to security is in between the chair and the keyboard usually.

Originally posted by sixswornsermon
reply to post by nineix

 

True. The biggest threat to security is in between the chair and the keyboard usually.

1) I second that.

2) Stop surfing on porn sites without online security

3) Don't download videos

4) No Java or Flash Scripts ( that will exclude you from 90% of all websites including ats)

5) Work your machine as a ghost or boot directly from a usb stick

6) It wasn't me, i was too busy dodging interpol

7) Take a good hard look at what your surfing habits have been and do not repeat them

Oh yes, for those not in the know:

ATS Computer Security Bible (or something like that)

reply to post by nineix


Good thread, thanks for sharing.

reply to post by sixswornsermon


Ahh brings back memories lol. I had a legitimate reason for playing about with RATS as i needed to know how to provide support against those types of infections.

I dont know what the latest ones are these days but DarkMoon was the most advanced i ever saw. Its a shame Megasecurity.org has not added any new program listings for ages. That used to be the best resource for finding out about RATS and trojans. Its still useful for finding out about the older stuff though.

reply to post by PhoenixOD


If you can get Admin creds, legitimate tools like LC5 (L0ftcrack) can crawl all the domain servers for every user login pass combo on the network.
A quick check and it looks like LC6 may now be available. L0ftcrack password Auditing and recovery

There's a number of industry forensic tools, sniffers, scanners, and other packages used in penetration testing that are all quite nifty.

Encryption tools like Blowfish can be really nasty too. One client I serviced never wanted to shell out for the billable hours to secure their network, and sure enough, some yahoo tried taking the business hostage by encrypting a large number of important assets on one of the file servers.
Getting the files back wasn't a problem what with just restoring that backups, but, this happened a few times before client settled on a security solution with IDS. Granted it was the cheapest solution, but, something is better than just relying on 2k Server security, and a few policies.

Please note, I mention these for use in the course of legitimate corporate network security endeavors and concerns; not condoning Black Hat operations.

Ah, I've been away from the comm closets and the racks for awhile. I'm starting to feel outdated.

reply to post by nineix


Thanks nineix , id forgotten all about L0phtCrack its so long since i played with all that stuff. Its great to know they are still going strong

Im strictly white hat these days too

reply to post by PhoenixOD




Of course, if you spend a frequent bit of time going in and out of metropolitan office buildings, elevator 'hacking' comes in handy.
Doesn't work on all elevators, and only if you manage to catch an elevator alone, but, pushing DOOR CLOSE at the same time you press the floor you want to go to will, in some elevator systems, skip all the intermediary floors, going straight to your floor, up, or down, leaving anyone waiting on the other floors, waiting.

Of course if someone gets in the car with you and presses another button before or after you try this, it won't work, and you wind up stopping on every floor with a call waiting. Ugh.

Exact same thing happened to me awhile back!!!!!

I had a few months off work and spent most of my days surfing the net, one day my GF was looking through my lappy and found a file full of porn hidden in my work folder....

Needless to say I was shocked, the only explanation I had was that someone must of hacked the device and was downloading porn to incriminate me at some stage in the future.

Luckily for me she found it and we were able to delete the file