Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Stargrasper]

It appears as if the alerts are coming from Whalesdev. It only seemed like it was from B12 because my scanner was terminating Whalesdev.

Do you know what about Whalesdev is causing the problem?  The only thing on the page of particular note is the embedded IRC client.

*sigh*
I wish people didn't make viruses.
or try and hack.
or be dicks in general.

all I can do is wish you luck. it seems that everyone else here has a better PC knowledge than me.

People will do these things.  They're just trying to make money.  If you had the chance to make that much money, you'd probably take it.

People here have strong computer knowledge because DF is an ASCII game.  That kind of thing is going to attract this kind of audience as its core playerbase.  Of course, if you've made it this far, becoming a strong computer user is easy; learn the standard tech support process and pay attention to how we fix things.  You'll learn fast.

[optimumtact]

Don't panic, it looks like you have something thats trying to drive traffic towards certain sites

http://www.robtex.com/ip/77.247.179.135.html
These are the sites coming off 77.247.179.135
http://www.robtex.com/ip/91.197.128.225.html
and again for 91.197.128.225

These look like dodgy domain names (barring the fact they're hosted in the netherlands and the ukraine and it sounds like you do have something running that's malicious. You should use the Task Manager and see if you can identify anything that looks out of place. I think your best bet at this point would be to boot into safemode and run a full scan with your a/v. As in safemode most processes won't start and so the av should have a better chance of finding it.

edit: looking at those port numbers thats definitely not standard behaviour, IE should only be connecting on port 80 or 8080(in some cases).
You might also want to think about getting malware bytes anti malware as well (as that specifically targets certain types of malware (such as that which might attempt to hijack the browser)) the free version will let you run a scan so do that in safe mode as well.

[Stargrasper]

You know, just because it looks like it hasn't been mentioned in this particular thread...

If you have a virus/worm/etc that you simply can't remove, a fairly surefire way to kill it is to format (whip) the whole machine (or relevant partitions) and reinstall everything.  Just start over from scratch.  Mind this is a last resort desperation tactic.  You backup everything important and then make absolutely certain your backed up data is clean before you transfer it back to the machine.

This does a great job of temporarily defeating a cracker, but doesn't stop them from cracking your computer all over again.  You'll have to be careful.

[Angel Of Death]

No malicious objects have been found. And the hacking messages don't pop up unless I go on Whalesdev... Maybe Whales has been hacked?

[Stargrasper]

No malicious objects have been found. And the hacking messages don't pop up unless I go on Whalesdev... Maybe Whales has been hacked?

Possible.  Report it to Symantec and McAfee to look into.  We'll find out soon enough what's happening.

[Angel Of Death]

No malicious objects have been found. And the hacking messages don't pop up unless I go on Whalesdev... Maybe Whales has been hacked?

Possible.  Report it to Symantec and McAfee to look into.  We'll find out soon enough what's happening.

How do I do that?

[Angel Of Death]

must. resist. TEMPTATION!
greatorder has become a hacker!

AoD plays some Anti-Hacker music!

Greatorder gains heart!

Greatorder questions his beliefs

The hackomaton has been enlightened! Your anti-hacker ranks are swelling!

[Angel Of Death]

Shit. It happened again. And the only websites up were B12 and Youtube.

[Stargrasper]

Virus removal steps:

• Malware Scan
• Virus Scan
• The Same in Safe Mode
• Muck around with techie tools in Safe Mode
• System Restore
• Format & reinstall

Skip #4 if too difficult.

You have done all of these except the last, right?

[bombzero]

SO... not that i would EVER suggest anything at all illegal... you could find a friend of your who know how to hack and have him back trace it and shut down whoever it is hacking you...

i would do it but... well i generally dont care about others enough to put my computer at risk.. sorry.

[celebrinborn]

Norton Internet Security 2012 is first.

I refuse to use anything beginning with Norton. The infernal piece of crap that is Norton has caused me so many computer issues before.

Also, Malwarebytes keeps on saying something like "Blocked a potentially malicious [something] (random numbers) from Internet Explorer. I've only got Bay12 up. Could this be something sinister or is it just Malwarebytes dicking up?

[EDIT] Here's the log from the IP blocking

2012/01/04 22:43:34 +1030   ACOMP   A.Dude   IP-BLOCK   91.211.117.70 (Type: outgoing, Port: 54053, Process: iexplore.exe)
2012/01/04 22:51:39 +1030   ACOMP   A.Dude   IP-BLOCK   91.197.128.225 (Type: outgoing, Port: 54328, Process: iexplore.exe)
2012/01/04 22:51:39 +1030   ACOMP   A.Dude   IP-BLOCK   91.197.128.225 (Type: outgoing, Port: 54329, Process: iexplore.exe)
2012/01/04 22:51:39 +1030   ACOMP   A.Dude   IP-BLOCK   91.197.128.225 (Type: outgoing, Port: 54330, Process: iexplore.exe)

Norton broke my last computer and would not allow me to uninstall it. I've had fewer problems with actual viruses than with Norton.

[Stargrasper]

Norton Internet Security 2012 is first.

I refuse to use anything beginning with Norton. The infernal piece of crap that is Norton has caused me so many computer issues before.

Also, Malwarebytes keeps on saying something like "Blocked a potentially malicious [something] (random numbers) from Internet Explorer. I've only got Bay12 up. Could this be something sinister or is it just Malwarebytes dicking up?

[EDIT] Here's the log from the IP blocking

2012/01/04 22:43:34 +1030   ACOMP   A.Dude   IP-BLOCK   91.211.117.70 (Type: outgoing, Port: 54053, Process: iexplore.exe)
2012/01/04 22:51:39 +1030   ACOMP   A.Dude   IP-BLOCK   91.197.128.225 (Type: outgoing, Port: 54328, Process: iexplore.exe)
2012/01/04 22:51:39 +1030   ACOMP   A.Dude   IP-BLOCK   91.197.128.225 (Type: outgoing, Port: 54329, Process: iexplore.exe)
2012/01/04 22:51:39 +1030   ACOMP   A.Dude   IP-BLOCK   91.197.128.225 (Type: outgoing, Port: 54330, Process: iexplore.exe)

Norton broke my last computer and would not allow me to uninstall it. I've had fewer problems with actual viruses than with Norton.

Everyone has problems with Norton.  There's a reason most of us refuse to use it and have a hard time because it comes with practically every Windows computer.  You know, you actually need a special tool to remove Norton.  You can get it from MajorGeeks.  Speaking of which, it probably has tools that would help Angel of Death.  I desperately need to complete another chapter worth of homework before midnight, but when I finish, I'll glance over the site for you.

[eerr]

Norton is heavier than the majority of viruses.

[optimumtact]

Spoiler (click to show/hide)

SO... not that i would EVER suggest anything at all illegal... you could find a friend of your who know how to hack and have him back trace it and shut down whoever it is hacking you...

i would do it but... well i generally dont care about others enough to put my computer at risk.. sorry.

Is this a "I backtraced it" joke because it's not as easy as your making it out to be.

[Stargrasper]

Spoiler (click to show/hide)

SO... not that i would EVER suggest anything at all illegal... you could find a friend of your who know how to hack and have him back trace it and shut down whoever it is hacking you...

i would do it but... well i generally dont care about others enough to put my computer at risk.. sorry.

Is this a "I backtraced it" joke because it's not as easy as your making it out to be.

Let him dream.  Personally, I find it funny that people don't understand what crackers can and can't do easily.