WARNING:In the last few days there have been threts made to people via msn messanger. Apparently While people have been chatting a brief message is written "Im Mr. Hacker, you do as i say or we will wipe your hard drive" Even if you do as they say your hard drive WILL BE HACKED! So turn off your computer immidiatly!!! I will keep you posted if i hear of anymore about this! If you have witnessed this and know of anyways to stop it or to patch or prevent it please post it here

quote:

---

Originally posted by slick00000
WARNING:In the last few days there have been threts made to people via msn messanger. Apparently While people have been chatting a brief message is written "Im Mr. Hacker, you do as i say or we will wipe your hard drive" Even if you do as they say your hard drive WILL BE HACKED! So turn off your computer immidiatly!!! I will keep you posted if i hear of anymore about this! If you have witnessed this and know of anyways to stop it or to patch or prevent it please post it here

---

quote:

---

Originally posted by slick00000
WARNING:In the last few days there have been threts made to people via msn messanger. Apparently While people have been chatting a brief message is written "Im Mr. Hacker, you do as i say or we will wipe your hard drive" Even if you do as they say your hard drive WILL BE HACKED! So turn off your computer immidiatly!!! I will keep you posted if i hear of anymore about this! If you have witnessed this and know of anyways to stop it or to patch or prevent it please post it here

---

quote:

---

Originally posted by val3006
there was somekind of program atached to the message

---

Erm, if you didn't click, and you didn't accept, your safe. :-\

I haven't heard anything about this, nor have I heard it getting done to anyone. Do you know if someone is SAYING this or there is a VIRUS spreading around that IMs your contacts with a message like that?

Its obviosuly a virus that just says it, Its not somebody writing.

just make your power cord nice and accessible so you can yank it out

I've had something like this happen to me before, a hacker/virus got into my computer, reset it and got it to tasks (probably format my hard drive) when it started up again. When i noticed the MS-Dos text all over the screen, i went to the power board and turned off the power to the system. When i turned it back on, it loaded windows fine.

I haven't heard about anything like this, maybe it is just a chain letter thing, or maybe they're even just trying to scare you... They won't be able to do anything to your computer, unless you accept something, or unless they get your IP somehow... They could get your IP by simply starting a webcam conversation with them... So don't do anything like this.

It is possible that this message is only triggered if your computer is infected with a trojan. It is programed to relay an IM adddress (as well as perhaps more infomation) back to a server and in responce the server sends an automated message back to the MSN client outlaying a threat. If you respond its likely the serevr will give you more infomation.
Or it could just be an empty threat sent by an automated serevr that crawls for MSN addresses from user to user.

Daniel says:
Im Mr. Hacker, you do as i say or we will wipe your hard drive
Daniel says:
Im Mr. Hacker, you do as i say or we will wipe your hard drive
Daniel says:
Im Mr. Hacker, you do as i say or we will wipe your hard drive
Daniel says:
Im Mr. Hacker, you do as i say or we will wipe your hard drive
Daniel says:
Im Mr. Hacker, you do as i say or we will wipe your hard drive
Daniel says:
Im Mr. Hacker, you do as i say or we will wipe your hard drive
Daniel says:
Im Mr. Hacker, you do as i say or we will wipe your hard drive
segosa says:
LMAO
segosa says:
IM SCARED!1
Daniel says:
!@!

You guys are paranoid over nothing. One message CANNOT enable someone to hack you unless you are ALREADY vulnerable to some sort of exploit. You don't need your power cable next to you, jeez.

quote:

---

Originally posted by Fergy
I've had something like this happen to me before, a hacker/virus got into my computer, reset it and got it to tasks (probably format my hard drive) when it started up again. When i noticed the MS-Dos text all over the screen, i went to the power board and turned off the power to the system. When i turned it back on, it loaded windows fine.

---

, he/she wont get past the triple defense

quote:

---

Originally posted by brian
Erm, if you didn't click, and you didn't accept, your safe. :-\

---

quote:

---

Originally posted by DJeX

quote:

---

Originally posted by brian
Erm, if you didn't click, and you didn't accept, your safe. :-\

---

Heh not really, if you reply to his message he can use a Packet sniffer to get your IP, and if you have no firewall or protection of some sort he can get in.

---

quote:

---

Originally posted by DJeX

quote:

---

Originally posted by brian
Erm, if you didn't click, and you didn't accept, your safe. :-\

---

Heh not really, if you reply to his message he can use a Packet sniffer to get your IP, and if you have no firewall or protection of some sort he can get in.

---

quote:

---

Originally posted by Shawn

besides, unless you use sp0 or something you're fine.

---

quote:

---

Originally posted by segosa

For starters, everything is routed THROUGH the messenger servers UNLESS you have "allow msn messenger to connect directly to your contacts" (though don't know if this option is there anymore)

---

quote:

---

Originally posted by segosa
"if you have no firewall or protection of some sort he can get in"

Bullshit.

---

quote:

---

Originally posted by Anubis

quote:

---

Originally posted by segosa

For starters, everything is routed THROUGH the messenger servers UNLESS you have "allow msn messenger to connect directly to your contacts" (though don't know if this option is there anymore)

---

No this option isn't there any more for two reasons;
1) MS didn't want a ton of bandwidth being sent through their servers
2) Ip2Ip transfers are generally quicker, so it was switched to this.

This is enabled by default and there is no option to change it. If you go to the Main Messenger Window > Tools > Options > Connection, you can see if you are connected directly to the .NET Messenger Service. If you are this means you have either a direct connection to the internet, or one that is through a uPnP router\NAT. If it is direct all connections made (like file transfers, audio and video chat) are sent directly to your contact, and this means if any of these connections are made they can get your IP address.

quote:

---

Originally posted by segosa
"if you have no firewall or protection of some sort he can get in"

Bullshit.

---

It is true that most of the time having a decent firewall up and running will not help if you're already infected, but it really depends on a hackers method of exploiting users. For example some firewalls are designed to block remote attempts to connect to trojans using advanced detection, even if you have allowed the infected program to use the internet.
Also in the case of vulnerable windows programs, firewalls can help block attempts to remotely connect to software by closing and hiding ports and blocking attempts to connect that are obviously malicious.
Firewalls can help, but if the method of exploiting your computer was advanced enough and taken care of, then it won't be of much use.

Edit: Why don't you just find the address out of the person who sent it and report it to MSN support?

---

if that happend to me id get all firewalls and everything up and then say BRING IT ON

Firewalls don't matter, theres always an open port, if there wasn't you couldn't connect to anything.

Edit: No I am not telling anyone which one it is.

Speaking about hacking, i today was hacked, but i know for an absolute 100% fact no body could hack me, my password is set to high, my secret question is unguessable as is my password, and i told no one.

Now ill probably get replys "well you must have told someone/someone was looking over your shoulder/it couldnt of been very safe" But i assure you, im very careful.

Im just wondering, is there actually any genuine msn hackers these days? who actually use programs to hack? I always thought it was never possible but, i guess im wrong. If there isnt, im stumped.

Yea it's possible to hack msn accounts by useing exploits. But most expliots have been fixed.

no offense but, 99% of people who say they've been hacked either made a mistake of their own (did something by accident. eg: deleting an important Windows file, deleted other stuff), entered their password wrong (so they thought someone changed it), experienced behaviour which they don't know about (and thus call it "I'm hacked", while all it was was a fluke or bug in Windows or what not)...

0,99% of people actually downloaded and executed a malicious file which made them vulnerable to outsiders. But because this requires the outsider to be very l33t, this is also rare (considering all the billions who never get "hacked")

0,01% of people are really getting hack. But I can assure you that this is extremely rare!


(note: figures are not to be taken literally, they are just here to proof the point)

quote:

---

Originally posted by CookieRevised

no offense but, 99% of people who say they've been hacked either made a mistake of their own (did something by accident. eg: deleting an important Windows file, deleted other stuff), entered their password wrong (so they thought someone changed it), experienced behaviour which they don't know about (and thus call it "I'm hacked", while all it was was a fluke or bug in Windows or what not)...

0,99% of people actually downloaded and executed a malicious file which made them vulnerable to outsiders. But because this requires the outsider to be very l33t, this is also rare (considering all the billions who never get "hacked")

0,01% of people are really getting hack. But I can assure you that this is extremely rare!


(note: figures are not to be taken literally, they are just here to proof the point)

---

quote:

---

Originally posted by CookieRevised
no offense but, 99% of people who say they've been hacked either made a mistake of their own (did something by accident. eg: deleting an important Windows file, deleted other stuff), entered their password wrong (so they thought someone changed it), experienced behaviour which they don't know about (and thus call it "I'm hacked", while all it was was a fluke or bug in Windows or what not)...

0,99% of people actually downloaded and executed a malicious file which made them vulnerable to outsiders. But because this requires the outsider to be very l33t, this is also rare (considering all the billions who never get "hacked")

0,01% of people are really getting hack. But I can assure you that this is extremely rare!


(note: figures are not to be taken literally, they are just here to proof the point)

---

i think it;s just like that program find who blocked u , that start to send with each conversation a message saying : did u know that you can find who blocked you on http://www.``.com "

so it's just a message, and not a real virus that will delete your PC and it's not from your pc, but your contact's one

quote:

---

Originally posted by LittleK

I dont mess around with my messenger files, nore do i download malicious files. Im very safe with what i do, believe me. Yeah you may be right, maybe i did mess around, but how it explains that "You have signed into msn messenger at another location" pops up, whilst not having WM or any other version of messenger running, and bare in mind it did this twice , to me, doesnt seem like a faulty installation

---

quote:

---

Originally posted by Curtis
Firewalls don't matter, theres always an open port, if there wasn't you couldn't connect to anything.

Edit: No I am not telling anyone which one it is.

---

quote:

---

Originally posted by LittleK

Im just wondering, is there actually any genuine msn hackers these days? who actually use programs to hack? I always thought it was never possible but, i guess im wrong. If there isnt, im stumped.

---

quote:

---

Originally posted by CookieRevised
f you have XP, press ctrl-alt-del and list all your processes sorted on the username column (click on the column header). Easiest way is to make a screenshot (or couple of screenshots so they are all visible)...

---

As I told her on IRC, she's clean.

Here you go segosa, My HijackThis:

Logfile of HijackThis v1.99.1
Scan saved at 19:14:08, on 05/09/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\MessengerDiscovery\msgdiscoveryx.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\mIRC\mirc.exe
C:\Documents and Settings\My PC\My Documents\My Downloads\hijackthis.exe
C:\Program Files\Messenger\msmsgs.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [MessengerDiscovery] C:\Program Files\MessengerDiscovery\msgdiscoveryx.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/inst...e/autocomplete.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Access Remote PC Service (RpcSvr) - www.access-remote-pc.com - C:\Program Files\Access Remote PC\rpcsetup.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe