next »

[sravana]

my PC is under attack
how to protect my self ...........
the attacker is hacked my yahoo a/c and he is  accessing my pc remotely 
plz try to help me out  and iam unable to run task manger and right click also
but iam suer my PC is under attack plz help me

[Hackuin]

Sravana,
Don't get panic.
First thing, breaking into your messenger is another thing and breaking into your PC is other thing, If he/she has managed to get remote access to PC then he/she might have set the key-logger to get your messenger password or there is pretty much nothing left when he can access your PC remotly.

Anyways, what do you exactly mean by "accessing my pc remotely"? still, here are the thing, which may be helpful to you.

1. Check for startup services. (RUN --> "MSCONFIG") and check start up services.
2. Disable un-necessary running services or remove the suspected services.
3. Use a decent firewall, I recommend you to get "Live One Care" which is available for trail version of 90 days.
4. Give a complete scan, it is well effective firewall/anti-virus program for windows OS.

Note:
The common way is to get the back-door work is make a backdoor servers port in a listening mode and, check for common back-door ports. Scan you system either by port-bunny or Nmap.
Also, you can use Netstat for current active ports and to whom they are connected to.
For enabling/disabling Task manager, use either registry or use Microsoft Management Console (MMC) [ start --> run --> "MMC"]

[d3c0d3r]

HM NICE INFO

[ÄŋőήŷMŎǙŜ]

to enable task manager, registry editor  just download the below uploaded by me and read the text file before using

Code:

http://www.mediafire.com/download.php?fvzwnyznhng

[Sm4rt_Hax0r]

Congrats!!! for being attacked!

If I would be you, I would not rack my brains over this and get back up of my data... Do debug, format and re-install the stupid windows...
Enjoy

[sravana]

10x 4 ur advice ,
n i learn positiveness from u........
"If I would be you, I would not rack my brains over this and get back up of my data... Do debug, format and re-install the stupid windows..." these words make me to think and do further things........... 

[shadowwwclone™]

I really agree wid u Sm4rt_Hax0r

[hellboy]

What a smart answer... "Reinstall windows"... Don't take it as an offend, but its like when someone asks you for a medicine for cold and you suggest Ice cream.

Lol. The last time i formatted my PC is 1 year back and that too for installing a fresh copy of windows 7 when i switched from XP.

Next time when someone approaches you for a help removing keylogger, first suggest them to install a HIPS to prevent keylogger from sending logs temporarily.
Next ask them to run a malware scan using MBAM or SAS in safe mode. If they can't install an anti-malware, just ask them to rename the installer.

If the keylogger still proves to be FUD, then lookup for any suspicious files in startup folder and upload a sample to your AV vendor. Let them analyse it and reply back.

But most of the conventional keyloggers can't go beyond malware scan.

Reinstalling OS is the first chance for noobs, but it should be the extreme thing for us.

[ÄŋőήŷMŎǙŜ]

run the hijackthis and post the report here, we can try to solve your problems

[VIPS]

hi sravana,
ok, first of all, get a good and updated antivirus and completely scan and fix the virus issues.
Not being able to open task manager and right click are the issues caused by changes in the registry.
to fix them, copy the following code in a notepad and save the file with a ".reg" extension. After saving, simply launch the file.

Code:

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoViewContextMenu"=dword:00000001

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=-

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=-

This will fix the right click and task manager problem.
Even i recommend having a firewall which can block the connection between your pc and the attacker.
Finally, about the yahoo account. When both av and firewall are installed on your pc, then go to yahoo.com and simply follow the instructions in 'change your password'. Please dont keep the password similar to previous one. Also, it should not be a weak password.
This may explain what is weak and what is strong password.

Code:

http://onemansblog.com/2007/03/26/how-id-hack-your-weak-passwords/

I hope i helped u in some way.

[charan177]

k frnd since ur system attacked out 65535 some of ur ports are connected to his computer do netstat -n with out opening anything the port which is listening its his computer ip so note tht ip n report to any andhra hacker dnt live him simply ,now to protect pc simply use lockdown2000 fire wall it blocks un necessary data goning out ,or
as other said follow msconfig method    all the best

[Black-Cobra]

k frnd since ur system attacked out 65535 some of ur ports are connected to his computer do netstat -n with out opening anything the port which is listening its his computer ip so note tht ip n report to any andhra hacker dnt live him simply ,now to protect pc simply use lockdown2000 fire wall it blocks un necessary data goning out ,or
as other said follow msconfig method    all the best

charan, there are keyloggers that do not send the data directly to attacker. But it will send the data to any website configured at port 80 and accepting the data. Just a hint, explore more about POST method.

I also want to add here that I do not agree with the statement of hellboy that keylogger do not get beyond of malwares. I dont want to show off here but my keylogger is UD by all AV/malwares/ except dr web. But how may users use it. The point is if AV have the signature in the database , its detected otherwise not. Think of completely encrypted app which unload the AV drivers(sys) and then inject its dll in the AV process to bypass it. I know its very difficult but no impossible