Fresh Install Hacker Still Trying To Break In and Making Threats

[Guest]

[Rodney Peterson]

I decided to go with a new thread since I did a fresh install this morning-reinstalled Comodo and set it to pretty high security levels-right now my GMail accounts are constantly redirecting to an unopenable URL (too large for Google) (Update: rather bizarrely this redirect problem only exists with Firefox, not Internet Explorer and is definitely malicious.)

These are new threats by Mr. X sent via text message this morning:

New trojan htk2 suprize 4 u scumbag

Retard that all u no how 2 say that it ur gettin new remote axcess toolbar

And there's this from last night:

Hairy asswipe ur m o r o n think u more smart than bot install on MY SONY VAIO not chance scumbag (referring to MY computer)

(Expletive deleted) gps traker know every time u disable bluetooth ha ha ha m o r o n u think i cant do zero day exploit watch me (expletive deleted)

Restart ur disable 3party drivern win soc interface ha h, ha ur (expletive deleted) asswipe

(Old Thread, Same Catergory): Possible For Hacker To Commandeer Comodo DNS Servers?)

Also please note: I was signed out of this account somehow and had a very difficult time getting back in.

Edited: I deleted the comments that didn't have to do with computer hacking that were related to real world crimes as this person is stalking us both electronically and physically in the interest of making this more on topic with the purpose of the forum and less personal in nature-also to make it more palatable for people who read the thread. If, by chance, the rest of it interests you it can be found here along with my contact information:

www.myspace.com/370392338

[Rodney Peterson]

Apparently IPhone has been broken into and the password changed-it is now disabled even after connecting to ITunes as per the phone's instructions. Now what?

Edited to add: Even though its disabed I keep getting calls apparently from the same number in Ethiopia.

The computer itself is working fine at the moment but I did roughly three or four fresh installs yesterday to accomplish that-and I can't seem to find the option to boot from recovery discs anymore either.

[languy99]

your computer needs major work. The only true way to protect you would be to start from scratch. I would unplug it from the net, take out the hard drive. Reflash the bios to make sure it's clean. Get a bootable AV and boot from that, use as many bootable AV as needed to clean out the hard drive. Reinstall Comodo and set everything to max. Like I said I highly recommend taking it to a shop.

[Rodney Peterson]

It's under three year extended warranty from Sony until February 25, 2012. But what is it I'm supposed to tell them?

What are you saying? That this many reinstalls are damaging or something else is going on even though its working fine?

[Rodney Peterson]

I got a private message I tried to reply to about downloading Comodo VPN. I did, but it wouldn't let me log in. I'm interested in trying this again to see if it works with the fresh install. Last time it kept disconnecting the computer connection immediately.

[jay2007tech]

I THINK I FOUND A SOLUTION FOR YOU BUT WILL TAKE SOME TIME

READ YOU PM

gps traker know every time u disable bluetooth

I can see it pissed them off when you disabled bluetooth, so we're one the right track.  I guessing when bluetooth was disabled, you were fine for a while.  Then your attacker found another way

Apparently IPhone has been broken into and the password changed-it is now disabled even after connecting to ITunes as per the phone's instructions. Now what?

your attack was able to monitor your changing of the iphone password

gps traker know every time u disable bluetooth

This is not true, that's a half-assed scare tactic

=============================================
=============================================

can you run "prevx"
http://info.prevx.com/downloadcsi.asp
install it, change settings and increase  "heuristics" to maximum)
then run scan,  choose deep scan
what ever it finds you'll have to manually delete,  if you can't FIND IT, write the location of it (put the mouse over it so it will show the complete locate of it.  Write it on paper and save it for monday for me
When we're done with prevx, we'll "uninstall it"




=======================================
P.S. The only alternative suggestion that can work is this
As much as I hate to say this, but I think your going to have to stop using windows and use linux
I would recommend ubuntu  <---It's the closest to windows based as your going to get and as about as simple as it gets
http://www.ubuntu.com/getubuntu/download

Windows trojans and such will be useless agaist linux, It will require a different set of skills to attack linux and it won't simple either.  Your attacker will also have to learn a whole new set of commands and jargon too .  I promise your attacker will be really pissed and if your attacker wants to try and attack linux, It will require alot of studying, so it should give you a nice break .  

===========================

[Rodney Peterson]

Thanks to those of you who have helped, are trying to help and are still helping-very much. The computer is fine right now, just downloaded 81 Windows updates-but maybe a dozen failed. I'm being advised now to download another file that apparently has to do with the other files failing.

I finally restored the IPhone but every bit of data and everything else that was on it is gone. However, surprisingly it still works since it was first generation and is on an AT&T pick your plan and not a long tern contract.

I have some of what sound like angry messages I'm guessing from the Ethiopia phone number so there might be something in the attacks related to that.

[Rodney Peterson]

He's trying a bunch of other things-this is the second time I'm typing this after a reboot.

They include freezing the mouse but I'm able to get around it. The HP computer was destroyed by a rapidly moving and uncontrollable cursor-I get a bunch of Firewall messages that have to do with the Synaptics touch device and if I allow them the problem stops. (Still have the external mouse from the HP and have to use it when this happens.)

Also a bunch of pages are loading slowly as if a virus is also loading so I often have to find a different way in to them (Google, etc.)

[jay2007tech]

He's trying a bunch of other things

Good, Then were on the right track

Basicly, your attacker is contrentrating on your mouse and keyboard (basicly your attacker wants to control these as well as monitor it,  You know this because the mouse is freezing and among other thing.

Let's close this other gap (based on above)

GET THIS IMMEDIATELY before your infected again,  it's a anti-keylogger,  It's good for 15 days, but I'll send you an activation key for it (it's legit)  <-- in a few days.      This anti-logger doesn't rely on signitures and is best among the industry and is used by banks
http://www.zemana.com/download.aspx?product=ZAL

Also a bunch of pages are loading slowly as if a virus is also loading so I often have to find a different way in to them (Google, etc.)

Disconnect the power cord to the router (about 10 seconds) then plug it back in.

[Rodney Peterson]

I will have to try that a little later the computer is once again useless and is being reformatted. It used to be able to be reformatted with recovery discs but this a s s h o l e did something to destroy that option. It takes about an hour to reinstall everything from scratch. I tried everything to avoid doing so with no results.

I certainly hope there are people reading this forum who take an interest based on all this in putting Mr. X back in prison-again-where he belongs.

Let's try the VPN thing again a little later after the reboot.

[Rodney Peterson]

I'm back but unable to log in through the computer-this is from my newly restored and freshly wiped IPhone. Firewall has blocked 82 intrusion attempts I would estimate roughly 50 of those are windows operating system intrusion attempts all from this IP: 72.9.241.58 it looks like that one gave up for a while and other IPs are having a go at the same thing among them: 208.71.113.221, 89.138.127.201, 202.73.10.67, 91.62.31.55, 84.108.5.5 and a bunch of others.

[Rodney Peterson]

Just tried to get the zemana anti logger not supported on windows 64 bit systems. Again typing from iPhone really lucky it still works I never updated it because I was afraid it would brick without an AT&T contract-was led to believe that anyway.

[panic]

I certainly hope there are people reading this forum who take an interest based on all this in putting Mr. X back in prison-again-where he belongs.

If it is in connection with an alleged breach of law, please do not name individuals on these forums.

If you were smart, you would not name them in public as it could leave you open to prosecution.

Ewen :-(

P.S. I will be editing all publicly accessible posts containing this individuals name.

[Rodney Peterson]

I understand your position and the companies position-sorry this whole thing has been very frustrating and frightening at times among other things. There are some active investigations so I'm not worried about the legal things he could try to do to me since there's a lot of evidence of things he's done and is doing.

I very much appreciate the help from people in this forum. I think I've learned more about computer security here than anywhere else and certainly more than most average people will ever need to know.

[Rodney Peterson]

Looking at the firewall log of what is now 538 intrusion attempts probably in a little over an hour most on windows operating system I see they are listed as type 10, type 3, type 13 and type 1 to me but they all seem to be sent as type 3-any idea what any of that means?

[Tags:]