Advanced Hacker attak

Hi im attacked by some hackers but now i dont know how to defend. i used a lot of firewalls (outpost,COMODO, KIS) but they all has been beated now im using your Comodo but they hacked me one more time i dont know how they can so easy beat your and my defense+ in paranoid mode and firewall on costum policy mode

Hire are my network security policy
http://img196.imageshack.us/img196/8977/beztytuuned.jpg (tlen is communicator program used in poland)

Welcome to the forum.

It would help to know why you believe you have been attacked. Also, perhaps you could provide some evidence of such and occurrence.

Hello
i can post hire log from Hijack
link: wklej.org - wklej Resources and Information.
and some h after
wklej.org - wklej Resources and Information.

also i have Leaved message on my deskop “if u will get hire leave something on deskop”… and now i cant make new acc in system because my defaut conf for deskop are deleted… or somethig else that showing me only blue screen(i can ctr alt del any log out from new acc) also 2-3 days ago somethig deleted my Wow i dont thing it was some program or miss click because i was have 3 coppy of it and there was only deleted files thet are need to run game + on my last win my paint notepad and wordpad showed me error with correctness(word form translator) of application system32 and after 3-4h my pc got completed crashed…

its cant be virus because i reinstaled windows 2-4 times in week (also with full format)

Did you scan for rootkit’s ? try to scan with GMER and see if it finds “rootkit activity”…
You can download it here:

http://www.gmer.net/#files

Ye i scaned but he didnt find anything

Can you follow this and see if those scan’s turn up with anything ?

i think its didnt help because all of this programs didnt find any infection.

Can you please tell me again what problems you are still having with your system then ?

i fuc*ed with some people and now they destroying my system all time i dont know how they geting access to my PC because most of my ports are blocked and i dont downloading any Shi.y programs .

What’s destroying then ?
How are you in contact with them ?

You install your pc again is that offline, and is CIS the next thing you install ? and after that you update your OS with all patches available ?

-Well they they deleting most of my files that are need to run program or ever instal anything in noramal mode.
-i can contact to them with communicator or making any txt file on my deskop.
-After i install OS im installing most of programs that i use, firewall and Anty Virus are last that i install (all of it im doing offline), i dont update my OS because when i last time done it he showed me blue screen.

Well i would make the operating procedure a bit different.

Clean OS install - offline
Clean CIS install - offline
Configure CIS to use the ProActive Profile and set things to your desired levels.
Patch the OS to the current releases.

Make sure you use the latest versions from the applications you use, like PDF readers Flash Plugins etc…
You can use Secunia PSI to check for “old” software versions you can find it here:

In you second log is see some strange files, do you have any idea where this comes from ?
C:\Users\Goto\Downloads\d8fmyzly.exe

Are you having contact with them over D:\Programy\Teamspeak2_RC2\TeamSpeak.exe
or D:\Programy\Tlen.pl\tlen.exe

If you stay away from them are you staying clean ? If so they are abusing some hole in this software or over the website your visiting… does that WOW use Java ?

I dont think WoW(World of warcraft) use any java script.
And ever if im staying away from them they still are attacking my pc :/.
Today i will reinstall my OS and i will tell you when something strage will start doing with my PC

Hello!

Simply, stop communicating with those guys. If you do, you’re making it easier for them. Assuming that you’re not using a static IP-address, go to http://whatismyipaddress.com and check your IP-address. Unplug your network cable for a few minutes, and then plug it back in. Go to http://whatismyipaddress.com to verify that your IP-address has been changed. If you stay away from them, they can’t get your new IP-address, and therefore not hack you, UNLESS they have installed some kind of malware on your computer.

Like mentioned, update your OS every month and run something like Secunia Personal every week, to check for vulnerabilities in your program, and update them if possible.

He uses this program: http://tlen.pl/

For my unlucky my ip is static but i think my admin can changle it for me.
Secura has find some big Hole in my system About Secunia Research | Flexera but i cant install it “this update is no to use for this system” :/.

I seriously recommend to update your Windows as part of making your system less vulnerable. When I mean serious I mean don’t want to hear but’s and no’s… :P0l >:-D :a0 ;D

You said you don’t want to because you had a BSOD once. That is not enough to convince me you shouldn’t update Windows. Strictly speaking you don’t have a reproducible problem; for all we know it may have been caused by another program you had installed back then when it happened. One BSOD is really the lousiest argument I have ever heard for not keeping your system safe by updating Windows.

Install the Windows updates and see how things go. Windows will make a system restore point before installing them. So you should be good to go.

oke im on new OS i allready installed all of Windows updates so lets see how things will work now… :slight_smile:

Keep us posted…:-TU

Hey
I think they got me again but now they dont destroying my OS now they watch what im doing and some time click some button and turn off some process (normaly my OS use 30% of my ram but some times there down to 22% and i dont think its going like this with out any “help”) i got all MS Updates.
What should i do. Is deleting “trusted aplication” will do something :)or instaling some UPD & TCP monitor 88).

If that happens use “Stop All Activities” on the Firewall Summary screen.
This should stop all network activity from there on, see if that stops the behavior.