Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 24

Thread: I need desperate help... please?

  1. #11
    Senior Member
    Join Date
    Jan 2004
    Location
    Hawaii
    Posts
    350
    (*ponders*) AngelicKnight brought up an interesting points. There are many other AIM clients out there. I'm not quite sure if the security hole is Windows, AIM network, or AIM client. Might be interesting to try some of the others. If it is, indeed, the client, definitely go for an open source client, now. They have the lowest amount of security risks, because everyone sees them. Google AIM +client. A good one I know of is gAIM.
    Geek isn't just a four-letter word; it's a six-figure income.

  2. #12
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    I think that Cybr1d may have a point with the spyware............not the marketing kind but the professional eavesdropping sort.

    There was one being spammed a while back called "LoverSpy" which claimed to forward P2P conversations and e-mails. I believe that there are similar applications available on the market.

    Unfortunately AdAware and SpyBot do not detect these, at least not when I ran a test on LoverSpy. I reported it to McAfee, who say that their product now does. If they still do an online scan you might both try that, or get a trial of the full product.

    You also need a firewall that is blocking unauthorised outgoing connection attempts?

    Cheers

  3. #13
    Use Zone Alarm. If the scan and all that does not turn anything up. Reformat.

  4. #14
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,840
    nihil the reason why spybot or adaware wont catch them is because they're often installed physicaly by a user, and generaly the user will have the setup file either on a CD or on the PC (If downloaded). Most of them also run in stealth mode, so chances of you seeing it as a running process is next to none. When using public computers, I have the tendency to hold CTRL, SHIFT, ALT down, while going through all the keys on the keyboard. A program that i've used, you needed to press CTRL ALT SHIFT M to bring up a menu, which was password protected. If you press all those keys, and you see a menu or a password promt come up, then you def have something installed in your PC. Even if you dont see anything, do not disregard the chance of something being installed in there. Try TheCleaner, and run it on your PC. If nothing else works, then reformat your HDD. Would it be possible for you to put a screenshot of your running processes?



    ALSO: WHY ARE PEOPLE GETTING NEGGED? GO EVEN YOUR APs SOMEWHERE ELSE. I dont see anything wrong with axesterminated's post, so why the negs? If you have a grudge againts the person, THEN SAVE IT FOR SOME OTHER BLOODY TIME WHEN HE SCREWS UP! sheesh, people cannot even offer their help in this place without getting negged up the ass.

  5. #15
    Junior Member
    Join Date
    Apr 2002
    Posts
    2
    Run a sniffer on your machine while this is occuring and go through the collected data
    carefully.

    Don't just do a straight netstat, try something like this "netstat -nao 3 > temp.txt".
    This will run netstat every 3 seconds and log it to the file temp.txt.

    What type of network on you on ?

    Do you use Wireless ?

  6. #16
    Senior Member
    Join Date
    Aug 2001
    Posts
    267
    Is it possible the 'intruder' has compromised the AIM main system ?

    I have seen similar situations on chat rooms where 'intruders' monitor everyone's chat at the source.

    Have you registered a complaint with AIM ?

  7. #17
    Senior Member
    Join Date
    Nov 2003
    Posts
    247
    Compromising the AIM system is a huge feat now. In the olden days, the servers were centralized. Now, however, there are fewer servers and they only create the initial directions of the packets. IMs are sent directly between machines now. (Don't believe me? Send IMs with the Timestamp on, and then correlate that the outgoing packets on your machine. The IPs will match up every time.)

    If someone were to succeed in doing this, they would be able to shut down the system or completely screw up accounts, take over whatever they wanted. Someone who got into the system would probably have more interesting things to do than eavesdrop on one person's conversations.

    It seems most likely to me that its a keylogger, since it sounded like only one side of the conversation was being reported. The keylogger could easily be running on your system. Try taking a look at your running processes, and then take a look at the start-up processes (msconfig, here we come.)

    If that turns up nothing, then I'm not sure I know what's going on or what might work.

    Hope that helps...
    www.ADigitalPimp.com
    There is a ghost in the machine, and he is my friend.

  8. #18
    Senior Member
    Join Date
    Jun 2002
    Posts
    311
    a_person-

    Is your AV updated?

    You might want to check these sites out-

    Free trojan scan:
    http://trojanscan.com/

    AIM 5.2+ encryption certificate:
    http://www.aimencrypt.com/

  9. #19
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi,

    Cyber1d is correct in that this stuff is stealthy, it is also technically "legitimate" depending on how it is used, so countermeasures providers have to be a bit careful?

    Try: http://digilander.libero.it/zancart/winsonar/

    That might help you catch anything that kicks off in the background.

    Good luck

  10. #20
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    A long time ago, I once asked some one if they could get me a fire wall. There responce was,"what do you want one of those for". then they said do you use any of the chat clients or do you go to chat rooms. At that time i did frequent both chat rooms and IM. So i answered yes. The reply i got was ok have this. ( Norton Internet Security ).

    My point is this. If you use IM, of any flavour there is a direct link from someone to your computer. You may think you are talking to lushes lips from heaven. When in reality you are talking to, hairy assed hacker from hell.
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •