Hacked
I think some1 broke into my system because some1 changed my administrator right to no right at all. Cant acces Taskmanager and configuration options.
Could some1 help me get rid of him and give me back my admin right :S This ain't fun anymore.
Also it could be a program because my bro is into downloading alot
Run a scan for trojans/virii and disconnect from the internet.
While offline, make sure your firewall blocks everything but the essentials from entering your computer (this INCLUDES ICMP (ping) requests).
Make sure no built-in accounts are running (Administrator, Guest, etc).
Recover your password locally using any of the various windows privilege escalation thingers people are always going on about.
And for fucks sake, tell your brother to take his shit off of your computer.
vytas wrote: should i be blocking port 80 too ?
unless you're running an HTTP server or something on that port, then yes, why not. make sure to just block INCOMING requests, though.
there's a great tool online called "nmapyourself". I forget where its hosted, but I'm sure you can find it with a few quick searches. you can use that to see what an intruder might see as he tries to assess your system.
if you block incoming ICMP pings, whether from within the firewall or the router (forgot to mention that, also check your router password strength and settings) then nmap is useless without the -P0 option. even with that, you should ideally be showing no ports or services on a scan.
lesserlightsofheaven wrote: Run a scan for trojans/virii and disconnect from the internet.
While offline, make sure your firewall blocks everything but the essentials from entering your computer (this INCLUDES ICMP (ping) requests).
Make sure no built-in accounts are running (Administrator, Guest, etc).
In other words… read my article. B)
Folk Theory wrote: Ophcrack? inzel wrote: LOphtcrack?
Nope, don't think so. Nice try but look here: http://ophcrack.sourceforge.net/
I've got a real pain in the ass trojan :S Ok i have no administrator rights on this computer right now. I had another acount wich still had administrator rights with a password. So i went to that acount wanted to change the rights of the other user but it said that it already had administrator right :o I logged in at this user again and wanted to login at the other acount with the password only it's changed.
What do i do know format my hard disk ? I terminated all procecces exept the ones needed to run windows. Or could some1 remote assist or hack my computer and change the rights back if you want that training please P.M. me for details.
Run SUPERAntiSpyware Run Nod32 Suggest scanning your windir first, and maybe through safe mode, without internet. Many trojans will re-download components of themselves if parts have been removed.
Without specifics, it's hard to tell you what to do, but yes, zephyr's article is a great one, and listen to lesser and fritz. They know what they're talking about.
if you dont have any admin access can you at least access the cmd prompt? if so do the system glitch open taskmanager type at xx:xx /interactive "cmd.exe" xx:xx bieng the time 1 minute after you type this cmd then close out the cmd box immediately after you type it and see job 1 added or similar
then end explorer.exe in the taskmgr wait 1 minute and a command prompt will pop up then type explorer.exe you should now see some system config options bieng done. wait till they finish and viola system access. now you can uninstall add admin accounts etc in a flash. then try removal techniques on that trojan
EDIT SORRY did not see task manager block well i guess then this wont work :/ but if you do somehow access it try it :/ sorry.