I'm making a guess here that you're on a school network. If you're not, then this post is irrelevant. But if you are, make sure you're not sharing your hard drive. Surprisingly, a lot of college students do share their hard drive over the network, and it gives them problems similar to this.
You've been hacked AHHHHH! Quick unplug it!
Yeah if I were you i would unplug your computer or download a firewall! thats how you can trace a hacker just get a firewall
Yeah, to me it sounds like you're on a school network too. If you're sharing any files from your computer, you're open to someone finding a way in through NetBIOS. So check to see if you're sharing files. You might only have a couple programs running, but might have extra ports open. Go to command line and type netstat -an to find out what ports are open. The Recycle bin issue. Whenever I have a problem deleting something, such as a document, I'll usually bust out the command line and delete the file that way. Or just restart in safe mode and see if I can delete it then. And if you're on a Mac.... good luck, I can't help you there, lol. peace. PM me if you have any other questions.
From what you are saying, files are gone, logs are deleted and no traces of a trojan can be seen. Well maybe you have been hacked and the hacker was clever enough to delete his tracks before leaving your system.
Was your system left unnatended for a while? You don't have to use a network connection to delete files when you have physical access to the computer...
i'm guessin that checking what connections are open in dos won't work becuase this guy is using os x if i was you i would unplug my computer and turn off any file sharing. not unsharing any drives or folders but also disabling it in the network options. i don't know much about macs but i do know that a hacker can't do much harm if your not connected to the network so my advice is unplug your computer untill you figure out what is going on
To clear this up:
I have a firewall (Brickhouse(It's a gui for opperating the firewall in unix that ships with MACosX ))
I have checked for trojans,viruses and keyloggers.
I was on my computer when this happend and even if I was not my screen saver has a password and I ALWAYS start it when I leave the computer.
I'm on a home network with a dsl internet connection. (not sharing my harddrive or anything else for that matter)
My logs are gone. (deleted)
Some of my school papers are gone. (about 40 megs)
I unpluged my computer and changed all the passwords.
I'm wondering if an atacker leaves any other trace than what is stored in the logs?
Tried to check for rootkits ??
Will check for changed programs..
(don't know if it works on MacOsX though.. )
I'm currently at work so I'm not able to do anything untill I get home but If something runs under unix I can run it at home :D .
Thanks for all the help so far.
I'm still trying to figure out how someone got in :confused:
And i've closed all incoming trafic with the firewall, does that help?
If i were you, i would download the updates for the AV prog and other downloaded you need (firewall and stuff), then disconnect your modem then attack the problem while you are offline (well if i was that paranoid that wot i would do ;), but it is ok to be paranoid :))
Ok, later dudes...