Go Back   Computer Forums > General Computing > Cyber Safety and Computer Security
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 05-03-2009, 07:02 PM   #1
Beta Member
 
Join Date: May 2009
Posts: 5
Default really bad worm problem

so usually i don't open stuff that people give me, but last night i did like an idiot.

first off i just want to remind i'm going to sound retarded because i don't know anything about computers except how to use one.

so first he made little pop up messages to talk to me
he could see everything on my screen that i looked at, for instance he was like "is that a pic of your gf as your wallpaper?"
and when i opened my mcafee antivirus he saw and told me it wouldn't do anything, which it didn't.

he then turned my webcam on.... idk how but he did.

second i have a feeling he hacked into more because he knows where i live and whatnot my name age, i have a feeling he just hacked my facebook.

i turn off my internet so he can't go in but i hate this! when i turn my task manager on i see a chain of programs called crss.exe, dwm.exe, rundll32.exe, and there are three of those. i can't delete them and i don't know what to do :[

so if someone could help me that'd be really helpful, i have my laptop on next to me so if you guys need some further details i'll cooperate and whatnot
__________________

overeem is offline   Reply With Quote
Old 05-03-2009, 07:42 PM   #2
In Runtime
 
Join Date: Mar 2009
Posts: 171
Send a message via AIM to burn420 Send a message via Yahoo to burn420
Default Re: really bad worm problem

Sounds like a good trojan, or root-kit.... Though he is right Mcafee won't help much...
You could try Avast, they have a great anti-virus system.. If you choose to do a boot scan it will be more likely to remove it... Also Adaware AE would be a great one to get, as they do scan for root-kits.
If this still doesn't do anything for you, I would suggest something like a system restore, or TRK (Trinity Rescue Kit ), or some other live scanner...
__________________

__________________
http://tetralogica.com
burn420 is offline   Reply With Quote
Old 05-03-2009, 08:01 PM   #3
Beta Member
 
Join Date: May 2009
Posts: 5
Default Re: really bad worm problem

Quote:
Originally Posted by burn420 View Post
Sounds like a good trojan, or root-kit.... Though he is right Mcafee won't help much...
You could try Avast, they have a great anti-virus system.. If you choose to do a boot scan it will be more likely to remove it... Also Adaware AE would be a great one to get, as they do scan for root-kits.
If this still doesn't do anything for you, I would suggest something like a system restore, or TRK (Trinity Rescue Kit ), or some other live scanner...
the program is encrypted so would that stuff work?
overeem is offline   Reply With Quote
Old 05-03-2009, 08:14 PM   #4
Omnipotent One
 
Atomic Rooster's Avatar
 
Join Date: Apr 2006
Location: USA
Posts: 11,161
Send a message via AIM to Atomic Rooster Send a message via Yahoo to Atomic Rooster
Default Re: really bad worm problem

One of the best anti malware scanners you can get is Malwarebytes' Anti-Malware. Give that a shot to see if it can rid you of that proggy that was installed.

What operating system are you using?


It sounds like he may be exploiting the NetMeeting Remote Desktop Sharing service. In XP, click Start > Run. Type services.msc in the box and click OK. In the window that pops up, scroll down to NetMeeting Remote Desktop Sharing, right click it an select Properties. You can then stop the service and set it's Startup type to Disabled

Atomic Rooster is offline   Reply With Quote
Old 05-03-2009, 09:04 PM   #5
In Runtime
 
Join Date: Mar 2009
Posts: 171
Send a message via AIM to burn420 Send a message via Yahoo to burn420
Default Re: really bad worm problem

Atomic - Malwarebytes does not scan for root-kits... Plus they do not scan anything designed to infect 64bit systems... Nor does it run on 64bit OS's...

overreem - Sadly enough, most anti-virus products do not scan encrypted software... I would say Adaware may still be worth a try... Otherwise, Spyware Terminator might pick it up.. But outside of those two, System Restore is going to be the best way... Outside finding the file it's self and deleting it.. But if it is polymorphic, or anything similar, it could be spread out to many files..
__________________
http://tetralogica.com
burn420 is offline   Reply With Quote
Old 05-03-2009, 09:37 PM   #6
Omnipotent One
 
Atomic Rooster's Avatar
 
Join Date: Apr 2006
Location: USA
Posts: 11,161
Send a message via AIM to Atomic Rooster Send a message via Yahoo to Atomic Rooster
Default Re: really bad worm problem

Malwarebytes' Anti-Malware does scan for rootkits form what I understand, but as with most any scanner, it needs to be run in safe mode to get at them.

He could also run HijackThis and post the logfile here.
Atomic Rooster is offline   Reply With Quote
Old 05-03-2009, 10:56 PM   #7
In Runtime
 
Join Date: Mar 2009
Posts: 171
Send a message via AIM to burn420 Send a message via Yahoo to burn420
Default Re: really bad worm problem

HiJackThis... That is so outdated... Plus if he wants to post a summery, Spyware Terminator provides much better information then HiJackThis...

As for MalwareBytes, when I went to their site, they did not at all reference root-kits... They simply referenced spyware and malware... Though I wish it was for 64bit systems or at least compatible with them... I have wanted to at least test it out, for the kicks and giggles of it... but I only have 64bit vista...
__________________
http://tetralogica.com
burn420 is offline   Reply With Quote
Old 05-04-2009, 12:08 AM   #8
Omnipotent One
 
Atomic Rooster's Avatar
 
Join Date: Apr 2006
Location: USA
Posts: 11,161
Send a message via AIM to Atomic Rooster Send a message via Yahoo to Atomic Rooster
Default Re: really bad worm problem

HijackThis may be old, but it works and is still one of the most relied upon tools available.
Atomic Rooster is offline   Reply With Quote
Old 05-04-2009, 12:56 AM   #9
In Runtime
 
Join Date: Mar 2009
Posts: 171
Send a message via AIM to burn420 Send a message via Yahoo to burn420
Default Re: really bad worm problem

Your right it is... Personally though, I find it nearly useless on any windows system above 2k..
__________________
http://tetralogica.com
burn420 is offline   Reply With Quote
Old 05-04-2009, 01:36 AM   #10
Omnipotent One
 
Atomic Rooster's Avatar
 
Join Date: Apr 2006
Location: USA
Posts: 11,161
Send a message via AIM to Atomic Rooster Send a message via Yahoo to Atomic Rooster
Default Re: really bad worm problem

Of course you would.
__________________

Atomic Rooster is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 03:26 AM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0