DDOS Attack... Happened to me. What should i do?

From: sgopus (anonymous_at_discussions.microsoft.com)
Date: 07/10/04 

Date: Fri, 9 Jul 2004 15:54:11 -0700

Responses will be inline

shwserv (<- just appeared today)
ezSP_Px This maybe a driver for burning CD's
zlclient (<- that just appeared today...) This appears to
be Zonealarm, part of the firewall

hpgs2wnf (-< just appeared today)
smss
vsmonRM_SV Part of Norton Antivirus software
winlog Part of windows Operating system, log file

Have you installed the hijackthis program, and followed
the instructions??

>-----Original Message-----
>
>>-----Original Message-----
>>If you have a firewall, enable it, if you don't have one
>>get one and use it all the time. if you know who it is
>>report them to the cops.
>>
>>
>>
>>>-----Original Message-----
>>>LONG SOTRY... lol. Heres what happened:
>>>
>>>About 3 weeks ago, my AIM account was hacked. THe
>hacker
>>>started cursing at my friends and such. I changed my
>pass
>>>and he still got on! A virus,right? Well... yah. Key
>>>loggers (a lot of them), pass stealers, etc. After a
>>>while i caught him and IMd him telling him to stop. I
>>>then removed all the viruses i got from him (he used a
>>>program to hack). He actually gave in and said hed stop
>>>and that he was no real hacker and it was just a joke.
>I
>>>was relieved and was happy it was over.
>>>
>>>Week later... My internet says its connected, i can
>ping
>>>sites though a dos command, etc. But none of my apps
>can
>>>connect to the internet and basicly all my servers and
>>>stuff are messed up! It was the same hacker that was on
>>>my AIM account. How do i know? The hacker saw my friend
>>>on my buddylist and hacked his account also. Now we
>both
>>>have the SAME exact problems. what are the chances that
>>>we both just got the same problem on the same day? VERY
>>>little. Anywayz... I just learned about DDOS attacks
>and
>>>how people do them and why and what they do. I (right
>>>away) knew i had been DDOS attacked. I sent my computer
>>>to my friend whos a technical worker at a company and
>he
>>>solved it... Yay? Not exacly... Well, sort of. Problem
>>>solved. Everything working like brand new! My IP is
>back
>>>to normal (he also screwed up my IP) and my cpu works
>>>fine! Why did i post this? Well, ive noticed some odd
>>>things happening with my computer. I log on and it says
>>>someone is trying to log on to my computer and stuff
>like
>>>that and odd programs trying to connect. Why? I think
>>>thats his programs (his DDOS programs) How can i track
>>>whos DDOS attacking my computer and such. Most
>>>important... How do i stop this? Thanks!
>>>
>>>Sorry if this message is soooo long!
>>>.
>>>
>>.
>>
>
>Hes really good. He hasnt really left a single trace...
>Only a few actually. Says i signed on my computer with a
>different account when i never really did. Think that was
>him hacking my cpu. I have 2 firewalls up and running and
>they have never caught a thing. Hes good... I just cant
>stop him. I just got another attack about an hour ago.
>Cops cant do anything. I have no proof. Everyone keeps
>saying submit him to the cops. This is a really good
>idea, but i have no proof, so i cant. Oyah, and also...
>When he launches a attack, my IP changes to a weird
>random number... Says in IP address type Auto Configered
>or something.
>
>And when i turn on my computer, a service called IPSec
>runs. WHats that? Also, these services run:
>
>shwserv (<- just appeared today)
>ezSP_Px
>zlclient (<- that just appreared today...)
>hpgs2wnf (-< jsut appreared today)
>smss
>vsmonRM_SV
>winlog
>
>WHat are these? Thanks
>
>.
>

Relevant Pages

  • RE: web services address/firewall/proper config question/autodiscover
    ... communicator complains it cant find the web services.. ... info doesnt get populated.. ... External name lookups dont work from behind the firewall.. ... free/busy info from.. ...
    (microsoft.public.exchange.admin)
  • RE: Windows update errors
    ... Also, could you supply some information on what your firewall is, anti-virus, ... I just reformatted and i cant install any service packs / or even do ONE ... im at error Code 80072EFE and i need to fix it to update my ...
    (microsoft.public.windowsupdate)
  • New computer, which security software?
    ... recommend having loaded to avoid Virus's, Trojan's, unwanted Ads etc. ... The obvious missing piece of the puzzle is some form of Firewall, ... mentioned some form of Trojan monitor, cant remember what it was called. ...
    (alt.computer.security)
  • cant view secure pages, xp user
    ... view secure pages same Error Message. ... Firewall didnt work. ... but on install my computer crashes. ... >>but cant even download them as it says it has faild. ...
    (microsoft.public.windowsupdate)
  • Re: New computer, which security software?
    ... >My new PC arrived yesterday and I am trying to find out ... >recommend having loaded to avoid Virus's, Trojan's, ... >you think I should really employ the use of a firewall? ... although I cant be sure. ...
    (alt.computer.security)