| Forum Home | ||||
| PC World Chat | ||||
| Thread ID: 116973 | 2011-03-28 08:10:00 | Anyone ever seen a hacking in progress | Speedy Gonzales (78) | PC World Chat |
| Post ID | Timestamp | Content | User | ||
| 1189992 | 2011-03-28 08:10:00 | I'm in the Microsoft Answers forum and someone's PC was crashing with STOP: 0x000000F4 . I thought it maybe malware, because it would crash on startup . So got him to get teamviewer . Logged in checked task manager, it had 4-5 hidden cmd . exes running . I knew something was odd, since I couldn't see the command prompt windows . And at least 20 gibberish looking file names were running . Checked startup with ccleaner, yup sure enough the names were here . Downloaded trojan remover, did a scan it was a RAT (remote access trojan) . Which was running while I was in the system . Pretty freaky . Killed the processes in task manager, within 10 minutes they came back . Got rid of the Norton rubbish (once again it failed), told the guy to get rid of Utorrent and Frostwire . Finally managed to do all the checks in TR, then rebooted . |
Speedy Gonzales (78) | ||
| 1189993 | 2011-03-28 08:36:00 | That could be fun ;) I wonder if the person who was hacking all of a sudden realized that it wasn't the Normal user "kicking them out". Well done. |
wainuitech (129) | ||
| 1189994 | 2011-03-28 08:40:00 | lol well would have after the reboot. I was watching task manager after I had killed the processes, and seeing them pop up again soon after lol | Speedy Gonzales (78) | ||
| 1189995 | 2011-03-28 08:42:00 | Our server at work got hammered over the christmas break with someone or some bot trying to login to it. I traced the ip it was coming from and was able to open a remote desktop connection to it. Only got the server 2003 login screen and tried a few passwords but no luck. Got our ISP to block the ip to stop it. :pf1mobmini: |
CYaBro (73) | ||
| 1189996 | 2011-03-28 09:12:00 | Chances of it being an actual person are pretty low, it will be a bot. | Alex B (15479) | ||
| 1189997 | 2011-03-28 09:13:00 | Yer not too sure. Whatever it was started up again and tried to carry on lol. Epic fail | Speedy Gonzales (78) | ||
| 1189998 | 2011-03-28 18:55:00 | I have been sitting NEXT to a guy hacking (Network testing, nothing illegal :D) I have seen the results although it must be a lot more freaky seeing it happen when you have no control over it. 1st thing to disable for the guy using the RAT should have been taskmgr :p |
The Error Guy (14052) | ||
| 1189999 | 2011-03-28 19:55:00 | Chances of it being an actual person are pretty low, it will be a bot. +1 |
mikebartnz (21) | ||
| 1190000 | 2011-03-28 21:40:00 | I have been sitting NEXT to a guy hacking (Network testing, nothing illegal :D) I have seen the results although it must be a lot more freaky seeing it happen when you have no control over it. 1st thing to disable for the guy using the RAT should have been taskmgr :p lol true well I told the guy to boot into safe mode / networking so I could log in. What did he do, boot into windows normally. task manager still opened. didn't think it would. But once TR found it, that was the end of that Just had to reboot to kill it. |
Speedy Gonzales (78) | ||
| 1 | |||||