Attempted hack and attacks

Discussion in 'other anti-malware software' started by MessiahMews, Aug 7, 2007.

Thread Status:
Not open for further replies.
  1. MessiahMews

    MessiahMews Registered Member

    Joined:
    Feb 28, 2006
    Posts:
    6
    Attempted hack and attacks

    My Symantec is giving me pop ups on hack attempts.

    Some of the risks are…

    Net BIOS MS PnP QueryResConflist BO
    http://www.symantec.com/avcenter/attack_sigs/s21260.html

    MS ASN1 Integer Overflow TCP

    MS ASN1 Integer Overflow TCP

    Severity: High

    This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

    MSRPC SrvSvc NetApi Buffer Overflow (2)

    The attacking computers are using IP spoofing. IPs are false.

    I think they are attempting a DOS attack. Like flooding my pc with requests until its knocked off. Like trying to knock EVERYTHING out of it

    A friend works for a government facility in the computer dept and he runs the IPs for me. And saw 70+ hackers attempting the attack and another time saw adult server node. He says from the looks of it, that they want to take over my computer to turn it into a zombie computer.

    My Symantec found this patch from a google search.
    Microsoft Windows XP 64-bit EditionSP1:
    Microsoft Upgrade Security Update for Windows XP 64-Bit Edition: KB828028
    http://www.microsoft.com/downloads/...7F-9318-4AD5-9C2C-0577118A1E68&displaylang=en

    WindowsXP-KB828028-ia64-ENU.exe
    And when I ran it, it said it wasn’t valid.

    This didn’t start happening until we had to go back to dialup, because of moving to an area without fast connections. Do they attack dial up users since there are so few left, so they can concentrate their attacks to just those users? We had DSL before.

    Do I have some sort of file on my computer that is calling these IPs to access my computer? Like is there a big HACK ME PLEASE on my computer? Like a hidden file or worm? I want to take the HACK ME sign down, if possible.
    We're getting satellite in a couple of days, so I'll be back up with a router too.

    I've done all my scans with Symantec, AdAware, PestPatrol, Ewido, and I have Spyware Blaster on here. I have Windows XP, Service Pack 2.

    Also my computer won't shut down. It always reboots, but wont' shut down.

    Thanks for any assistance.

    Here’s my hijack this log.

    ~Log removed per this announcement. -Ron~

    I would suggest if you want to post a log to go here. http://bfccomputerhelp.com/index.php?showtopic=323
     
    Last edited by a moderator: Aug 7, 2007
  2. leebob

    leebob Registered Member

    Joined:
    Jun 12, 2006
    Posts:
    6
    I don't know what version of Symantec you use, but I assume that you can "stealth" your ports so as to make them supposedly invisible, as it were, to potential hackers. You might try checking that under your options. Symantec should have something about it in the help box.
    It looks like you've got a good security lineup, so I don't know if that will help, but often enough the easiest answer works best.
     
  3. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    I am not a tech support person, but I do have a few questions.

    What firewall are you using? It looks like it is the Windows firewall only?

    I don't see Symantec listed on the active program list, although there are some registry entries that are linked to the Symantec file (and a few of those entries point to missing files).

    It is most likely that someone has "found" your connection port and is trying to attack your PC. I don't think the fact that it is a dialup versus DSL makes any difference (other than your IP address will be different).

    You probably should have someone in a tech support area (such as Castlecops) take a closer look at your log report.
     
Thread Status:
Not open for further replies.