Computer Support Forum

Likelihood that i was hacked or am being hacked?

Question: Likelihood that i was hacked or am being hacked?

Hi guys,
 
Last night i my mouse/screen froze up suddenly for about 5 seconds randomly and then i noticed my internet seemed a bit slower.
 
Call me paranoid but for some reason i started worrying about a hacker, did some research and now i am petrified.
 
I'm running Windows 7 and i did scans with Malware Bytes, Super Anti Spyware and boot time scan with Avast which all showed clean.
 
After i restarted my router/computer things returned to normal. I have Windows firewall running and i am behind a router.
 
The reason i am concerned is that i hadn't patched my Windows 7 OS security updates in ages (have done so now), and i know hackers can exploit these.
 
My question is, would a hacker hack my PC directly and is it possible to view my files remotely without installing malware or a RAT?
 
In other words, what are the chances someone had exploited my PC, took my files but after i restarted they were gone because there was no RAT installed?
 
Please forgive me if this is a dumb question..

Relevance 100%
Preferred Solution: Likelihood that i was hacked or am being hacked?

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: Likelihood that i was hacked or am being hacked?

Hi ionblue The chances that you were hacked are really slow. It happens on every system and device that sometime, a process crashes, slowing down the whole system and that rebooting it allows it to restart normally. There's nothing wrong with that. This situation is way too common and the possibilities are way too broad to say that you were hacked. In my opinion, you just encountered a random crash, slowness and restarting your system allowed it to restart properly. Simple as that.

7 more replies
Relevance 83.64%

Hello TechGuys,

In the last 48 hours I've been through a lot because of this.
My hosting nearly got suspended and my friends are really mad.

Below are the required log files. Really looking forward to your assistance.

Thanks in advanced,
t_kio

Here's my TSG SysInfo result:

Code:

Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft Windows 7 Ultimate , 64 bit
Processor: AMD Athlon(tm) II X4 630 Processor, AMD64 Family 16 Model 5 Stepping 2
Processor Count: 4
RAM: 4095 Mb
Graphics Card: ATI Radeon HD 5570, 1024 Mb
Hard Drives: C: Total - 200004 MB, Free - 110180 MB; D: Total - 20010 MB, Free - 18031 MB; E: Total - 256922 MB, Free - 649 MB; F: Total - 476898 MB, Free - 510 MB; G: Total - 476953 MB, Free - 44626 MB; H: Total - 476945 MB, Free - 834 MB;
Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD, 770-C45 (MS-7599), 1.0, To be filled by O.E.M.
Antivirus: AntiVir Desktop, Updated and Enabled

Here's the hijackthis.log:

Code:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:25:09, on 21/07/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spotmau\Data Recovery Kit\DRtray.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\Genie-Soft\GBMPro8\GBMAgent.exe
C:\Program Files (x86)\Free Download Manager\fdm.exe
C:\PROGRA~2\DUMETE~1\DUMeter.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\... Read more

More replies
Relevance 82.82%

I am posting this as follow up to previous post..
 
Please help as I know I was hacked on windows xp computer. Now I have the windows 8. The security logs earlier said someone was scanning for the account without password. I am not sure how this guest account is enabled in the text files generated. One more thing. My Norton internet addition toolbar has been acting weird. I always enable it, then it gives me prompt to reenable it again and again. While posting this website said that the website is down 11/18/2015 around 12:00 to 12:18 am PST. Also there are lots of strange things going on. It could be from a person in same home too. Please help.
 
*************************************************************************

Answer:Hacked previously,Am I still Hacked or what(contd to post logs)

Norton Internet security always gets enable prompt on the google chrome. And also in the addition.txt, the guest account is saying limited enabled, Now after posting and in few minutes, when I am on useraccounts, it says that the guest account is off. I am not too sure why my laptop stays on when I get up in morning, I am not too sure whether my laptop didn't turn off.

2 more replies
Relevance 81.18%

Was just recently informed that my debit card was used in over 4 different states. Going to bank tomorrow to sort that out. But just recently saw that my facebook was signed into from Japan. I'm assuming they have most of my info. and would appreciate someone that could help me get rid of whatever they got on my computer. Tried to start malwarebytes to start. No luck. Thank you soo much for your time.

Answer:Debit Card hacked, Facebook Hacked, etc.

Hello,Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.Orange Blossom

10 more replies
Relevance 78.31%

My WoW account was recently hacked into. After dealing with blizzard i had my password changed and my account restored. The hacker then hacked my account again and this time changed my Battle.net address along with the password. He also attempted to steal my hotmail at this point in time. I then began to look for keyloggers and viruses with hijackthis and various virus programs including Spybot, Kaspersky, Microsoft Security Essentials, and MalwareBytes. I deleted a bunch of toolbars using hijackthis and am stumbling across various files that i am unsure of. I do not want to mess up my new computer so i am going to stop deleting things until further notice.

Answer:My WoW account was hacked along with my email. am i still hacked?

Hello,Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

1 more replies
Relevance 78.31%

1st off let me say THANK YOU in advance for , (1) having this cool site so as to help ppl like me that are not computer savvy. And (2) for actually HELPING us!!!
And now for my question/problem . Is someone trying to hack my system? Or worse, has someone already HACKED MY SYSTEM ? Today Norton security pops up an alert. So as I am reviewing my Alerts from the last 2 days , I see the following ( notice the date the 7th of march. The list is repeated several times on the 8th as well )
&#65279;Category: Firewall - Network and Connections
Date & Time,Risk,Activity,Status,Recommended Action,Category
2013-03-07 22:35:54,Info,"Protecting your connection to a newly detected network on adapter \"Teredo Tunneling Pseudo-Interface\" (IP address: fe80::ffff:ffff:fffd%5).",Detected,No Action Required,Firewall - Network and Connections
Protecting your connection to a newly detected network on adapter "Teredo Tunneling Pseudo-Interface" (IP address: fe80::ffff:ffff:fffd%5).
&#65279;Category: Firewall - Network and Connections
Date & Time,Risk,Activity,Status,Recommended Action,Subnet Identifier
2013-03-07 22:28:09,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,127.0.0.0/255.0.0.0
Your computer is currently protected from the local network. To allow all the computers on this network to communicate with your computer, in the <b>Actions</b> panel, click <b>Trust</b>. To block al... Read more

Answer:Solved: my network: HACKED OR NO HACKED?

6 more replies
Relevance 72.16%

I was hacked on previous laptop on windows xp. Now I changed my intenet provider and also have resinstalled windows 8 on another 2nd laptop for windows 8. But I believe I am still being hacked. In previous experience, with windows XP, I had traced an internal IP(Say in shared rental situation) and caught incoming connection on zonealarm. But the person reversed the zonealarm attacks saying going from me to other computers(WIn xp). And also, I had put a text file on windows XP of the internal IP Address putting title unauthorized access,and when I opened it few days later, it rather had my internal IP Address(192.168.XX .XXX.).. while going to one of the foreign address, it opened up the pic of shared rent person. But on another time, I found a virtual switch on laptop of another shared rent person in other room. Now I have windows 8. I am not broadcasting my SSID but still have problems of strange things happening.Here is the netstat command. I am not that computer savy at present and please need help as I believe I am still being hacked and my identity and financial accounts may be in danger. Please help guide. I do have the norton internet security installed and live in ca.Proto  Local Address          Foreign Address        StateTCP    192.168.1.101:50487    r3:https               ESTABLISHEDTCP    192.168.1.101:50491    ... Read more

Answer:Hacked previously,Am I still Hacked or what

Hi,
 
Thats not real useful, need alittle more info.  Need to post a FRST log as a starting point. You can start at step 6 in this link below. Download, install FRST and post its log in your reply and we will go from there: Usually only online once or twice per day so you may not get a reply back from me until the following day.
 
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

2 more replies
Relevance 58.22%

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 19:31:19, on 2009.09.25.Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v7.00 (7.00.6002.18005)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\AVG\AVG8\avgtray.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Windows\system32\conime.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Sof... Read more

Answer:I Might Been Hacked?

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

4 more replies
Relevance 58.22%

Things to know: I have a cable/router issue that freezes my internet about every 40 seconds/I have 2 hard drivesIt all started when I noticed a few of my desktop icons were re-arranged without my own doing. While I found this quite odd, Vista has been pretty crappy in general. Then I noticed my firefox browser was constantly freezing. Usually my internet connection freezes but this was the first time my actual firefox browser was constantly freezing without a "Not Working" tag from programs such as Adobe. Just plain Google.Then I checked my Facebook log in page and thought this is interesting, the homepage's main language is not English but Thai! Considering I don't speak/read Thai this was quite alarming. I did a system restore to factory default (just C Drive) and I figured my problems are solved. Today I was installing the Orange Box from Steam (counterstrike company) and decided to install only one game out of the five or so I could choose. Oddly enough I'm told that 2/5 games have finished installing when it wasn't even on the install menu!Once again my internet browser "froze" for a bit, this has never happened till recently within 5 years of owning this computer.Am I hacked or just paranoid?Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:31:38 PM, on 3/3/2006Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16982)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm... Read more

Answer:So I think I'm hacked...

Woke up this morning, desktop resolution changed again...Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:39:11 AM, on 3/4/2006Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16982)Boot mode: NormalRunning processes:C:\Windows\Explorer.EXEC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\RtHDVCpl.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Windows\System32\SysMonitor.exeC:\Acer\Empowering Technology\eDataSecurity\eDSloader.exeC:\Program Files\DivX\DivX Update\DivXUpdate.exeC:\Program Files\Logitech\SetPointP\SetPoint.exeC:\Users\Junker\AppData\Local\Google\Update\GoogleUpdate.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\DAEMON Tools Lite\DTLite.exeC:\Program Files\Steam\steam.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXEC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Acer\Empowering Technology\eRecovery\ERAGENT.EXEC:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXEC:\Windows\system32\wuauclt.exeC:\Program Files\Trend Micro\HijackThis\HijackT... Read more

6 more replies
Relevance 58.22%

This is my hijackthis log file. Any help would be appreciated. Thanks in advance.Logfile of Trend Micro HijackThis v2.0.3 (BETA)Scan saved at 12:43:05 PM, on 4/2/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\COMODO\COMODO Internet Security\cmdagent.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exeC:\Program Files\DriveHQ\DriveHQ FileManager\DHQFMSvc.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\LogMeIn\x86\RaMaint.exeC:\Program Files\LogMeIn\x86\LogMeIn.exeC:\Program Files\LogMeIn\x86\LMIGuardian.exeC:\WINDOWS\Explorer.EXEC:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exeC:\Program Files\ATI Techn... Read more

Answer:I think my pc was hacked

Hello and and Welcome to BleepingcomputerPlease note we are very busy, so if I don't hear from you within 5 days the topic will be closed, If you have sinceresolved your issues I would appreciate if you would let me no so I can close this topic.Download random's system information tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)Please download GMER from one of the following locations, and save it to your desktop:Main MirrorThis version will download a randomly named file (Recommended)Zip MirrorThis version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs, as this process may crash your computer.Temporarily disable any real-time active protection so your security program drivers will not conflict with gmer's driver.Double click on Gmer to run it.Allow the gmer.sys driver to load if asked.You may see a rootkit warning window, If you do, click No.Untick the following boxes on the right side of the Gmer screen.SectionsIAT/EATFilesShow AllClick on and wait for the scan to finish.If you see a rootkit warning window, click OK.Push and save the logfile to your desktop.Copy and Paste the content... Read more

2 more replies
Relevance 58.22%

Hi, as requested here are the logsDDS (Ver_09-07-30.01) - NTFSx86 Run by paul at 17:01:32.71 on 14/09/2009Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.5.0_17Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1299 [GMT 1:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\cisvc.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\nHancer\nHancerService.exeC:\WINDOWS\system32\HPZipm12.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\PROGRA~1\AVG\AVG8\avgemc.exeC:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\PROGRA~1\AVG\AVG8\avgnsx.exeC:\Program Files\AVG\AVG8\avgcsrvx.exeC:\Program Files\AVG\AVG8\avgcsrvx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\Program Files\Analog Devices\SoundMAX\Smax4.exeC:\Program F... Read more

Answer:pc been hacked i think

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Pleaseinclude a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand corner o... Read more

31 more replies
Relevance 58.22%
Question: Hacked....

Hey guys , Hows it goin?

Anyway... Im not sure if you guys could help me, but i thought it couldnt hurt to ask

Today (1/7/04)
My clans website was hacked (i run the site, full access , cpanel, ftp, ect)

www.seekndestroy.net

I've deleted the index.php and .html they placed on my site, but now if i link to ANY valid folder on my site, it redirects to thier site.

I mean if you go to www.seekndestroy.net/asdfawerh4hq324hq
It will give you an error , but if you go to an empty directory www.seekndestroy.net/test it redireccts

Ive checked cpanel redirects, and our domain host IS pointing to the right address, and nothing suspcious... Any help would be greatly appricated Thanks guys
:Edit:
... tryed the empty dir again, and it isnt redirecting, this is a good thing, but now im lost... im running phpnuke and ive checked the index.php and its clean, ,i even replaced it with a clean index.php from the www.phpnuke.com site . Ill have to look into this more. there is no index.htm/html file , and the .php is clean, ,im kinda lost....... Any ideas would be appreciated

:Edit:
Ok..... fixed the main addresss ,but the site is located at www.seekndestroy.net/home and it still redirects..... and i still cant find a bad index file, is there another file that loads prior to a index file? thnx
:edit: (once again)

Ok... i've come to the conclution that its the sql that is relinking the site. Mainly bcecuae if i change my password to a false pass in my phpnuke config.php... Read more

Answer:Hacked....

I don't have any answers for you but I went to your site ---

Very Cool!

Steve
 

1 more replies
Relevance 58.22%

My AIM got hacked and whoever did it made it so i can't sign on and i lost my buddylist. What happened?
 

Answer:I got hacked can someone help me please?

are you just using aim? or do u have aol as ur isp?
 

2 more replies
Relevance 58.22%

Hi there my problem is i think my msn live account has been hacked it was running fine all day then i had to reboots my pc.Then when i when to log into msn it says my password or information is wrong.Now i have tryed everything like checking the time ect triple checking that i put my details in correct i tryed resetting my password but i couldnt remember my secret questions answer as i have had my email addy for about 7 years.When i try to send the reset my password details to an alternate email addy it dosent giv me a list to select from the only option is to send it to my exsisting email addy(whch i cant do).I cant login windows live too.I have tryed every possible thing known i must have spent like 2 days trying to solve this my only sugetion is i have been hacked.But how i have had my email addy for years i never gave my passwords or anything to anyone i run kaspersky avp an spybot everyday so no virus or spyware has done this i have tryed everything.Im pulling my hair out what i have left anyways.This serious as i have lots ove important details an emails in my inbox.PLZZZZ HELP. many thx I think ile jus use the last resort an slap my pc in the face with a format even tho it probably wount do nish all still someting to do
 

Answer:Have i been hacked??

7 more replies
Relevance 58.22%
Question: Am i hacked??

Hey buddies..

Just want to ask that,last day i recieved an email from pal..which has got some images.

when i checked the message details..it said that it has been sent to someone else id..

The message details include only my friends id as he is the sender ,,and an another id ,

which i have seen for the first time in my life...

The account is on gmail..

and i use orkut too with it..

So am i hacked..or its just technolgy going crazy?
 

Answer:Am i hacked??

Check the original mail file/properties/details and it will show if maybe your friend
Bcc'd or To: someone else.
 

1 more replies
Relevance 58.22%
Question: I've been hacked

i have also been hacked...
by
www.tinyurl.com
i cannot open facebook homepage from my computer but can access from any other computer i dont know what to do.....i am a facebook addict plz help
 

Answer:I've been hacked

12 more replies
Relevance 58.22%
Question: Hacked

I swore that I was too smart for this to happen but I responded to a supposed Microsoft Hotmail email saying that I had to give certain information or hotmail would shut down. Of course, I checked it out with Microsoft before I filled in the info and it all looked bona fide. However, I am unable to access email, and friends have been getting emails from me with dire circumstances which require that they send money to Spain where I am supposedly starving and passportless. Jeez! If anyone can help me out of this, I have another email address which is **edited out**. The 'c' might be capitalized. Thanks for any help or condolences.
 

Answer:Hacked

Email Spoofing

Email Spoofing

How do Spammers Harvest Email Addresses

Seems like you volunteered to receive spam?

You can't do much about it, at least not with the actual account. The following links are to give you all the facts about email spoofing and how it is achieved, along with advice on how to avoid it, or at least limit it.
 

3 more replies
Relevance 58.22%
Question: WOW hacked

My wow account has been hacked below is my logs can anybody see anything Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:05:17 AM, on 12/31/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\RUNDLL32.EXEC:\WINDOWS\RTHDCPL.EXEC:\Program Files\Search Guard PlusU\sgpUpdaters.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Program Files\Electronic Arts\EADM\Core.exeC:\Program Files\Curse\CurseClient.exeC:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exeC:\Program Files\Application Updater\ApplicationUpdater.exeC:\WINDOWS\system32\FsUsbExService.ExeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exeC:\WINDOWS\system32\nvsvc32.exeC:\Progr... Read more

Answer:WOW hacked

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No inp... Read more

2 more replies
Relevance 58.22%
Question: I'm being hacked

I was sharing a couple things I had made to my friends, via posting it on a forum, and it seems some extremely stupid people find it entertaining to ping\DDOS(or whatever people call it now) my servers\me. I was running a webserver(Apache), mySql server, IRC server (UnrealIRCD) and a Flash Media Interactive Server, and while I was at school today I wanted to show my friends something i had made when I noticed I couldn't connect to my website, well I could but it was loading at an extremely slow speed. So now I'm at home and I completely removed my port-forwards, and shutdown my server. Although I am still experiencing a slow connection to the internet. What steps should I take and how can I protect myself a little more?
 

Answer:I'm being hacked

16 more replies
Relevance 58.22%

HI and thank you for any possible help..ok where do i start?...my 9 yr old son told me via a online line game i was hacking his mums computer...and im not im afraid i dont have patients or the brains to lean or know how too...but then a couple of days after that my pc started to change..now i think she has someone hacking me...i think she got my pc ID of his gmail account to which i have just deleted it today(if it not the place they started to hack me from too bad i guess)1st the txt size changed after i re booted my pc...i re booted it cause it was acting stubborn ...stubborn? what do i mean...i dont know really? it was a hot day i just got home out of the darn hot sun and wanted to use the pc wasnt doing as it should so re booted...now i find that today when i clicked on firefox to bring up my home page it said something like "a proxy is blocking you from doing so"...proxy? i dont use one(once did but it stopped working or something so pressed the option not to use it ages ago) no i see there was one...so i clicked the option not to use it...done... i thought...it happened again with the message when opening a new page...un clicked the box again...that happened a few times...then i saw it doing this >>>"localhost, 127.0.0.1, *update.microsoft.com,*windowsupdate.com,download.microsoft.com,codecs.microsoft.com,activex.microsoft.com,liveupdate.symantecliveupdate.com,liveupdate.symantec.com,download.mcafee.com,*.phobos.apple.com,update.adobe.com" ... Read more

Answer:i think im being hacked

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 58.22%
Question: Hacked ?

I'm sure I am being hacked, I keep getting unusual problems(blue screens.auto reboots etc) No new s/w has been installed prior to these problems. I have tried to use spyware but that hangs at a certain point of searching !!! Apart from disabling my internet connection, what can I do ?
 

Answer:Hacked ?

16 more replies
Relevance 58.22%

hello, I am having a problem staying online I keep getting disconnected from the internet, so I called my isp and he scanned the line and told me that their is something wrong, he said it's either malware or a hacker, I have tried formating my hdd in another pc, and then reinstalling window's xp on it, I still am having this problem, and even as I type this message I have been disconected 5 time's, I have ran avg,malware byte's, and bit defender, nothing work's please help me

Tech Support Guy System Info Utility version 1.0.0.2 OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz, x86 Family 15 Model 4 Stepping 9 Processor Count: 2 RAM: 501 Mb Graphics Card: Hard Drives: C: Total - 76316 MB, Free - 72392 MB; Motherboard: LENOVO, LENOVO Antivirus: None
 

Answer:being hacked please help me

16 more replies
Relevance 58.22%
Question: Am I hacked?

I have a Dell Inspiron e1505 laptop. First, I have to say the battery is completely dead just in case that has anything to do with anything. I was just on this last night and all was fine; I go to get on today and it's claiming no connectivity. This has done this before so, I'd run the repair and no problems. This time it's claiming I have an unrecognizable ip address which is now showing all zeros when I run repair. The hourglass is constantly flickering and on as though something is running but nothing is due to no Internet. I am on my daughter's iPad right now.
 

More replies
Relevance 58.22%

I'm running Windows ME and have a cable modem for internet use. I have Norton Antivirus 2002 and I run it every evening without fail. I also have BlackIce Defender firewall installed and a few weeks ago downloaded PestPatrol.

A few days ago I received an email from my ISP postmaster saying my email to an "unknown to me" address was not deliverable. It had an attachment that I did not open. I deleted the email completely and then ran my virus scan which came up clean.

Last night I was trying to use Yahoo Messenger and kept getting a ypager error that said to restart my computer and start over and then it shut down Messenger. This happened everytime I tried to click on Message and when I tried to access Preferences. Out of frustration, I uninstalled Messenger and downloaded a new one. Same thing. So I decided to defrag my system and try again. Same results. Also, I was sending an email on my ISP account and when I typed one letter, it did an autofill with an address I don't recognize nor do I have in my address book.

I am at work now and logged into Yahoo Messenger with no problem. And I'm using it with no problems. I don't know if this is all connected, but I'm wondering if I've been hacked and if so, how do I detect and get rid of??

HELP!!!!
 

Answer:Have I been hacked?

Just some ideas...
Doublecheck your system with symantec's and housecall online
virus scans :

http://housecall.antivirus.com/housecall/start_corp.asp

http://security2.norton.com/ssc/home.asp?j=1&langid=us&venid=sym&plfid=20&pkj=RUDEGIJPUVGCWETOMGM

Download Trojan Hunter (it has a free trial period) and try with
this also.
 

3 more replies
Relevance 58.22%
Question: Hacked!

My computer was hacked recently and a "Network Neighborhood" icon was placed on my desktop. Windows Explorer revealed that a number of files have been placed on my hard drive with various directories and sub-directories.

I have tried to delete the icon and the files and have been unable to do it. When one of the files are clicked, a pop-up window comes up asking for a password.

How do I remove these files? I am on cable and have Nortons' Personal Firewall.
 

Answer:Hacked!

Duplicate post, see security forum for follow-ups.
 

1 more replies
Relevance 58.22%

Ok guys, have a real issue here. Today I turned on my laptop and downloaded and tried to install Skype. Now, since I run VISTA (64-bit) the User Account Control screen came up when I ran the .exe and there is a strange "RA Media Server" password box that appears now. I never have created any password for my account so I have no idea what password Vista is asking for. This same password box comes up when I try to perform any action that requires User Account Control, so I basically can't do anything. The only thing I can think of is that I somehow got hacked since I haven't done anything since yesterday. Can someone give me advice on what to do? Thanks so much.

Answer:Did I Get Hacked or Something?

Hi lateralus,

Check your network options, see if you have any unfamiliar network connections. Boot into safe mode and run an extensive malware scan with an Antivirus program. Did you download the program from the source?

14 more replies
Relevance 58.22%

When I display the file security tab ( right click on file > properties > security tab) then, under "Group or user names" I see, on 2 lines, the item "Account Unknown(S-1-5-21-4286123312-2729574813-374...). I've not seen this account item before and my immediate concern is that my system has been hacked and compromised.

If I try to remove/delete the account then I get the message:

You can't remove Account Unknown(S-1-5-21...)because this object is inheriting permissions from its parent. To remove Account Unknown(S-1-5-21...), you must prevent this object from inheriting permissions. Turn off the option for inheriting permissions, and then try removing Account Unknown(S-1-5-21...) again.

Does anyone recognize if this account might be valid or have I indeed been hacked?

Thanks,

Ian

Answer:have I been hacked?

Hello ian00bell,
Have a look at this post, it may help you with your problem.

Unknown Account

Good luck and post your results.

2 more replies
Relevance 58.22%

Hello, I recently downloaded a file on which AVG listed as a Malware. After that, Windows explorer went crazy and started not responding an back again, and then i finally closed AVG and deleted the file myself. After that, i ran a full scan but they didn't find anything. Now the thing is, after two days, i was downloading something from usenet, and unzbin said that i exceeded maximum connections, even though i didn't. So, just to make sure i changed my password and waited a whole day. I started downloading, it was fine for a few seconds, and then it exceeded maximum connections again. So i'm thinking someone hacked into my computer through the virus, and is using my usenet account. Now how do i get rid of this someone? Or how do i know for sure if there is someone? I'm getting paranoid. My credit card is linked to the usenet account, so i just can't take any risk. Please help me. Thanks, Alex.

Answer:I think i got hacked.

Usenet is quite often related to piracy.
Given the fact you disregarded the warnings of "hey this is a bad file",
normally means you are used to the false positives from key generators.
Just remember hackers are hackers (whether they re from the piracy side or not)

On the other hand is there any way you can look and see were the last few ips you connected to usenet was from?(much like you can with gmail)

4 more replies
Relevance 58.22%
Question: hacked

ex girlfriend has the erie ability to now when i'm on the comp and where i've been surfin, and emailing info.
even knows when guests come over visiting in my home.
got curious an found a piece a paper with my network connection details in her home.
is this possible? crazy woman...lol
also discovered a short cut on her comp to my email.

IP address
Gateway
subnet
i'm behind a wired modem with wireless capabilities.
what do i need to do to resecure my computer and life.

thanks in advance for all the help.

Answer:hacked

Why were you in her home if she's your ex?
As for securing your network. Change the passphrase on your router and change the password on your email.
Do a virus scan and malware scan.

9 more replies
Relevance 58.22%
Question: I have been hacked

Started my PC this morning and my WIN7 Pro login password had been changed, with the hint changed also to: ha ha .

I do not do anything online to provoke malicious behavior from ppl, how did they get in?? I am running MS security essentials on this PC as well. The only use this particular PC has is for watching TV channels online. That's it, nothing more.

Furthermore, I only plug my router in when I am home, leaving no connection availible for most the average day.

I am really boggled here, any advice or idea's on how this happened would be appreciated.
-Del

Answer:I have been hacked

Does anyone else have access to your PC, who could have changed the password and hint?

6 more replies
Relevance 58.22%
Question: Hacked

Okay, so I recently suspected my network of being hacked, then I got messages in the form of a .txt file and, well now I am sure its hacked. I tried tracing the txt file to see were it is coming from, but i keep getting my little brother's computer, and i know its not him because well, his 5. Any help?

Answer:Hacked

check the firewall settings in control panel

9 more replies
Relevance 58.22%

I've dealt with spyware for the past 10 years, I'm no stranger to it. And yet, I've never been so stumped in my life.About a week ago I did a fresh installation of Windows 7. This computer does not have a CD-drive installed, and so I used my own created ISO to install it over Windows XP SP3 Professional.Since that time, my World of Warcraft account and the email associated with it have been repeatedly and repeatedly hacked. Just about every night. Every night I log in to see that A. My account's password has been changed.B. My email password has been changed (I can still access it via my other merged email)C. My email is no longer attributed to my account.I've managed to recover, lock, and unlock the account many times in the past week, sending in various information such as my security question and even a fully filled-out recovery form with an ID scan attached.And every time I get my account back, I lose it just as quickly again.I have tried just about every credible and available anti-malware program I've ever heard of. McAfee, AVG free, Spyware Doctor, Spybot S'n'D, Superantispyware, and just last night I ran a full scan with Malwarebyte's to see that I have 0 infected files. Nothing can find this thing.The damndest thing is that this spyware seems to be attached to my network, not just my computer. 3 days ago I tried to change my information via my laptop which I rarely use, and my account was STILL compromised. I left my network homegr... Read more

Answer:Have tried everything I know of. Still getting hacked.

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the ... Read more

2 more replies
Relevance 58.22%

I have been hacked and I'm not sure how to get rid of it and also don't know with what. Every time im online i get a message from my Avast saying Malicious URL blocked. I managed to do a restore point from a couple of days ago but my computer is still acting up it has never been this slow before and im sure it is from this Malicious message. i did a dds File. DDS (Ver_10-10-10.03) - NTFSx86 Run by Danica at 20:40:12.83 on Wed 10/13/2010Internet Explorer: 8.0.6001.18943 BrowserJavaVersion: 1.6.0_07Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.2037.159 [GMT -5:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exeC:\Windows\system32\lsm.exeC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcs... Read more

Answer:I have been hacked but don't know with what

Hi ladybugz080808,

Your post is a few days old. If you still need help simply post back.

1 more replies
Relevance 58.22%
Question: Hacked Or Not????

Before connecting to net when I type netstat -a in cmd I get this report:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Users\Subhadeep>netstat -a

Active Connections

Proto Local Address Foreign Address State
TCP 0.0.0.0:135 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:445 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:3261 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:49152 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:49153 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:49154 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:49155 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:49156 Subhadeep-PC:0 LISTENING
TCP 127.0.0.1:2559 Subhadeep-PC:0 LISTENING
TCP 127.0.0.1:3260 Subhadeep-PC:0 LISTENING
TCP 192.168.1.2:139 Subhadeep-PC:0 LISTENING
TCP [::]:135 Subhadeep-PC:0 LISTENING
TCP [::]:445 Subhadeep-PC:0 LISTENING
TCP [::]:49152 Subhadeep-PC:0 LISTENING
TCP [::]:49153 Subhadeep-PC:0 LISTENING
TCP [::]:49154 Subhadeep-PC:0 LISTENING
TCP [::]:49155 Subhadeep-PC:0 LISTENING
TCP [::]:49156 Subhadeep-PC:0 LISTENING
UDP 0... Read more

Answer:Hacked Or Not????

you're not hacked, the IP address of the two you suspect are: IP Address Locator - Enter an IP address to find its location - Lookup Country Region City etc

6 more replies
Relevance 58.22%
Question: Hacked or Not???

Before connecting to net when I type netstat -a in cmd I get this report:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Users\Subhadeep>netstat -a

Active Connections

Proto Local Address Foreign Address State
TCP 0.0.0.0:135 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:445 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:3261 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:49152 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:49153 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:49154 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:49155 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:49156 Subhadeep-PC:0 LISTENING
TCP 127.0.0.1:2559 Subhadeep-PC:0 LISTENING
TCP 127.0.0.1:3260 Subhadeep-PC:0 LISTENING
TCP 192.168.1.2:139 Subhadeep-PC:0 LISTENING
TCP [::]:135 Subhadeep-PC:0 LISTENING
TCP [::]:445 Subhadeep-PC:0 LISTENING
TCP [::]:49152 Subhadeep-PC:0 LISTENING
TCP [::]:49153 Subhadeep-PC:0 LISTENING
TCP [::]:49154 Subhadeep-PC:0 LISTENING
TCP [::]:49155 Subhadeep-PC:0 LISTENING
TCP [::]:49156 Subhadeep-PC:0 LISTENING
UDP 0... Read more

Answer:Hacked or Not???

See this:

Hacked Or Not????

1 more replies
Relevance 58.22%
Question: hacked

I'm using yahoo for my emails. I believe I've been hacked. (contact lists).
What are my alternatives?

Answer:hacked

change all passwords related to online accounts

7 more replies
Relevance 58.22%

Ok so here is the problem, my task manager will not open up and I know I have been hacked because I had a virus yesterday and my avast had found it but the virus has already hacked my laptop.

Please can someone help I know how to fix it such as making a new acc but I want to know if there is another way!

Also when I cick CTR + ALT + DELETE it's not there

when I right click on the task bar it is grey and I can't click it.

and when I go into run and type "Taskmgr.exe" it says it has been disabled by the admin even thougth there is one admin account and that one is mine!

Answer:HELP ME!!!!! IVE BEEN HACKED!!!

Download malwarebytes antimalware freeware and scan, let it remove what it wants to. Till the matter gets cleared up dont visit any sensitive/financial websites on this computer, dont input any important passwords for any files located on this computer.

9 more replies
Relevance 58.22%

Hello,
I know that if you do the netstat -ano cmd command and get a established connection while there is no internet use then is means you have been hacked.
Is this true?
I did the command and i had 3 or 4 established connections and there was no internet connection active on any system on the network.
have i been hacked?
if so then what do i do to close the established connection and stop this from happening again?

Please help....
Thanks in advance for any help.

Answer:have i been hacked????? PLEASE HELP....

There will always be some connections present when you do that. You can use netstat -b to see all connections currently being used along with the names of the programs. This YouTube post explains how you can use netstat -b to check for malware or spyware. YouTube - How-to: Use NETSTAT.EXE to detect spyware/malware

Or the netstat -ano one which explains how to figure out if you are being hacked or not. The problem with this command is that it only shows you the IP's being used but it doesn't show any program names. It's kind of hard to understand. YouTube - How to Detect If your pc has been hacked or not

Maybe if I post my netstat -ano read out with everything now turned off. Not much showing up there that I don't know about.

The next picture is with netstat -b which tells you what the connections are. The first four are my modem along with my pc name. Then a couple more for the svchost.exe processes. After that it's Google tool bar info.

If you can post these screen shots we can probably figure out what those other IP's are for.

6 more replies
Relevance 58.22%

OHK SO I WAS IN FIRST PERIOD AND A MESSAGE APPERED SAYING

this computer will shutdown
please save all files
computer will shut down in ..14..13 etc.
and then it said a message frome user "unknown" "hahaha"
now i am quite a computer nerd my self so i have already
determined what code they used:
shutdown [/i | /l | /s | /r | /g | /a | /p | /h | /e | /o] [/hybrid] [/f] [/m \\computername] [/t xxx] [/d [p:|u:]xx:yy] [/c "comment"] [/?]

now i want to be able to track were this shutdown code came from using command prompt cmd PLZ HELP!!!!!

Answer:Help!!!!!! Ive been hacked!!!

First off you haven't been hacked, anyone on the school network who has access to command prompt can perform the shutdown command. As far as I know there is no way to track which computer the shutdown command came from via command prompt, however you MAY be able to track it from Event Viewer but being in a School the chances of you being able to access that are slim. I did the same thing to a friend in college and he also wasn't pleased but it was at the end of a class so he didn't lose any work.

This Microsoft Article tells you exactly what each parameter of the shutdown command does and is used for. The most commonly used would be /i /a and /s, /i gives you a graphical user interface so you get a few checkboxes and you can theoretically search for a list of computers in the Domain (Browse will not work outwith a school, college or big business network, and is usually pointless unless you know the name of the PC the person is working on), /a will ABORT a shutdown that is in progress (I'll get to this command soon), and shutdown /s will shutdown the targeted computer or IP address immediately with a 30 second countdown (which is what you got on the screen).

If something like this happens often firstly I would create a .bat file that aborts the shutdown, then secondly I would tell your teacher who should tell the network administrator what is happening and the network administrator can then put a stop to people using command prompt without the proper authority.

To create a ... Read more

2 more replies
Relevance 58.22%

first of all hello to everyone..
i had a problem that made me a little bit to concern..

suddenly without making anything in my pc...the windows taskbar change color and from transparent went to blue...after some minutes there was again a change and everything went back to normal..

have i been hacked? please help me..

thanks in advanced

Answer:Have i been hacked?

Hello Woot, and welcome to Seven Forums.

It sounds like your Windows 7 may have been running WEI to update it's score.

To help make sure your system is clean, it wouldn't hurt to run a thorough scan of your system with Microsoft Standalone System Sweeper at boot.

Hope this helps,
Shawn

9 more replies
Relevance 58.22%

Ok so it is sketchy, because i have little proof for this. But I think I'm getting hacked. First I was  getting these replicas of my account on the desktop, and .temp files, then settings were changing on my laptop, it went from a 4Gig fast running to so slow, that it can barely load microsoft edge. and third proof: event wiewer: it shows a logon and a special logon after I went off of the laptop. for the last week. i can also see some repetitive changes to the security audits. like someone spammed  itplease contact me as soon as you can. 

Answer:was / am I being hacked???

What remote access services, modules, programs, does your computer have running?

0 more replies
Relevance 58.22%
Question: HACKED OFF

My daughter was using the net to study. She had ICQ on "DND"mode and was accessing "Bite size revision" When the screen was changed to a black screen and someone called "Invsible" took over the computer not allowing access to her original screen.
I have reset the computer and switched ICQ off. Is this likely to be ICQ associated? or could it be from anywhere? What is the answer? How do I prevent access to hackers?
Any help appreciated.
 

Answer:HACKED OFF

6 more replies
Relevance 58.22%
Question: I Am Being Hacked

I believe that I am being continuously hacked. I have submitted a dds log report. I can not properly install gmer to do a scan. My files are located in
correct addresses. I think that someone has hacked my registry and other parts of my computer. What do you advise?

Assistance Please

Answer:I Am Being Hacked

Hello,

Your DDS logs are not present. Please post them as a response to this topic and I'll merge them to the post above so your topic won't get lost.

~ OB

2 more replies
Relevance 58.22%

ok well i was on aim and these guys say that they were using my screen name, and they deleted like folders that were on my desktop and i dont know what to do someone please help
 

More replies
Relevance 58.22%

Hi

Just a small thing I noticed. On my home pc, whenever I open my yahoo mail, the first time I enter my user name and password it says the password is incorrect. The seond time it works.

It always says my password is wrong the first time I try logging onto yahoo mail from the web. Just a bug? Or some key logging software?

I have win xp pro.

Any suggestions?

Here is a hijackthis log:

Logfile of HijackThis v1.97.7
Scan saved at 19:44:51, on 29/02/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsgSys.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\NavNT\vptray.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\atiptaxx.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\tbctray.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\mIRC\mirc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Jarmila\D... Read more

Answer:Have I been hacked?

8 more replies
Relevance 58.22%

Somebody hacked into my forum today and hijacked some user accounts. He did this by getting into the private forum I have for admin and mods. I have fixed up my forum but this person has my Ip address.. it's a long story, but I'm nearly 100% positive this guy hacked my computer a while ago.. he got inside it somehow and he was doing bleep like deleting my emails and turning my webcam on.. I think he's done it again. My computer is acting strange, it's making the same dragging noise as when he was in here the last time, plus it is really slow. I have already taken the steps to scan for spyware, viruses et. Came up clear. Thanks so much in advance. Here is my log: Logfile of HijackThis v1.99.1Scan saved at 20:39:15, on 08/02/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:D:\WINDOWS\System32\smss.exeD:\WINDOWS\system32\winlogon.exeD:\WINDOWS\system32\services.exeD:\WINDOWS\system32\lsass.exeD:\WINDOWS\system32\svchost.exeD:\WINDOWS\System32\svchost.exeD:\Program Files\ntl\ntl Netguard\fws.exeD:\WINDOWS\system32\spoolsv.exeD:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeD:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exeD:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exeD:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exeD:\WINDOWS&#... Read more

Answer:I Think Somebody Has Hacked My Pc

Hello stoneagequeen and welcome to the BC HijackThis forum. I see no signs of viruses or malware in the log. It is clean.HijackThis simply shows the most common points of entry for viruses and malware. If the computer was hacked into, HijackThis would not be able to tell. If there are security or performance issues I would recommend posting in the XP forum here: http://www.bleepingcomputer.com/forums/f/56/windows-xp-home-and-professional/ . They can assist with tightening security and evaluating system performance. Let them know that you have been to this forum and that no malware was found.Cheers.OT

1 more replies
Relevance 58.22%

Hi everyone,

I have a copy of windows xp home, or is it called basic? running on a pc which has cable isp, via a wireless router (dlink) an additional one in another room i use infrequently, with win2k. The firewall is set to 128bit encryption with like a 30 character password, at the moment, although previously it was not encrypted; the connection to the isp runs through the router 1st.

Also, the regular "user" account on this pc was, "administrator" but now, is a 'limited' account.

I am fairly certain that someone has hacked into this pc (or somehow they have "access to my pc, can change settings, and can follow my surfing trail" , but not my home network-or the other pc. I even came home and found my entrance unlocked, a couple times. nothing was missing but this all has me thinking overtime.

I stay on top of spyware malware and the like, antivirus etc. but with all the gotomyhomepc and the like on the market i really dont know what to look for. I've changed privacy settings only to come back the next day and find them back to "sharing". - this is what led me to believe i've been, well, hacked. who, why, i dont know.

but i dont like it. Unfortunately a reformat is not an option, i have FAR TOO much installed, and i am guilty of not having a clean backup so i cant do it now anyway.

Any ideas on what to look for files wise? Perhaps "they" are reading this right now. I do realize this is a significa... Read more

Answer:I've been hacked, or something?

14 more replies
Relevance 58.22%

I think that my system has been hacked into, one of my computers that is on the network had a Trojan Virus but even after we remover that we are still being put on Blacklists, and some of our clients are receiving email messages from our domain, from senders that are not in our domain. (spoofing) but when I look into the properties of the Outlook message I can't find the IP address of the sender. So I am here because a Trend Micro rep told me to try posting my log here. Any help would be great. Thanks again, JenLogfile of Trend Micro HijackThis v2.0.2Scan saved at 12:25:13 PM, on 7/17/2007Platform: Windows 2003 SP1 (WinNT 5.02.3790)MSIE: Internet Explorer v7.00 (7.00.6000.16473)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Dfssvc.exeC:\WINDOWS\System32\dns.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\CA\SharedComponents\iTechnology\igateway.exeC:\WINDOWS\system32\inetsrv\inetinfo.exeC:\Program Files\CA\eTrustITM\InoRpc.exeC:\Program Files\CA\eTrustITM\InoRT.exeC:\Program Files\CA\eTrustITM\InoTask.exe... Read more

Answer:I Think I've Been Hacked

Hello jsummers,

Welcome to Bleeping Computer

Sorry about the delay. If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Thanks,
tea

2 more replies
Relevance 58.22%
Question: Am I Being Hacked?

Hello. Long story short I think I'm being hacked. My homepage keeps getting reset to google.com and other weird stuff keeps happening (hearing mouse clicking sounds etc.)Here is my HJT log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:43:47 PM, on 7/12/2007Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\ewido anti-malware\ewidoctrl.exec:\Program Files\Norton AntiVirus\navapsvc.exeC:\WINDOWS\System32\nvsvc32.exeC:\Program Files\Softex\OmniPass\Omniserv.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Viewpoint\Common\ViewpointService.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\Program Files\Softex\OmniPass\OPXPApp.exeC:\WINDOWS\explorer.exeC:\windows\system\hpsysdrv.exeC:\Program Files\USB Storage RW\udsi.exeC:\HP\KBD\KBD.EXEC:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exeC:\Updater.exeC:\Program Files\HP\... Read more

Answer:Am I Being Hacked?

Hello piano,Download haxfix.exe and save it to your desktop. Double click on haxfix.exe to install haxfix. (standard installation path is c:\program Files\haxfix) Checkmark "Create a desktop icon" Click "Next" When the installation is completed, make sure that the checkmark "Launch HaxFix" is placed Click "Finish"A red "dos window" (dos box) will open with options: 1. Make logfile 2. Run auto fix 3. Run manual fix E. Exit Haxfix Select option 1. Make logfile by typing 1 and then pressing Enter Haxfix will start scanning the computer. When it is finished a logfile will open: haxlog.txt Copy the contents of that logfile and paste it into this thread. (c:\haxfix.txt)

21 more replies
Relevance 58.22%
Question: Was I hacked?

An unusual series of things happened on my computer the other day, and while I find it unlikely, I wonder if it was possible that I was hacked into.

I was downloading 2 things, Windows update and Avast program update. My screen periodically would black out, resize, and then a minute later go back to normal, I blamed this on the Intel display drivers being installed and thought nothing of it.

However several minutes later my screen went black and stayed this way several minutes. I waited for it to come back, and it eventually did. After this things seemed normal, but then my screen went black again with a broken up image, that appeared like it was attempting to tile itself vertically. It was a symbol, a cross with a circular top, I've seen them before but don't know what they mean, but for some reason I didn't think it was something an update would need.

I did get my screen back after a few seconds, I cut off my wireless connection using the switch on the computer. Shortly after that my screen went black with a blinking cursor in the top corner. I hit a few keys to see if it was a command prompt, nothing happened, so I killed the power and rebooted. Everything has been fine since.

What is more likely, being hacked, or just glitches from updates and over working my system? I use a Comodo firewall, and being on a log in network (not public Wi-Fi) I assumed I'd be somewhat secure. I have Windows Vista Home Premium.

Thanks for any input.
 

Answer:Was I hacked?

I'd guess heat before hacking. Check your air flow and fans. Be sure vents are clear. If your graphics card has a fan and the PCI slot next to it is in use, move whatever is in that slot so there is more space for air to flow. When you have the side off, if this happens again, blow a fan into the case to see if this cooling stops the problem.

But, scan for malware, of course. It usually takes more than one to catch them all.

Free anti-malware scanners:

A-Squared
Spybot S&D
Ad-Aware 2007
SuperAntiSpyware
Spyware Eliminator
Emco Malware Destroyer
Spyware Doctor
Arovax Anti-spyware
Trend-Micro Rootkit Buster
F-Secure Blacklight

List of freeware security software
 

2 more replies
Relevance 58.22%

Recently when I go to turn my computer off I'm seeing a box from "MSN sending and receiving information" and inside it reads "Calender events and invitations".

I have Norton spyware and everything else they sell and am getting no warning from them.

I make it a habit of deleting my cookies, internet files and clearing history before I turn off computer if that makes a difference.

Maybe I'm just paranoid but once when I signed up for Pay Pal a few years ago I got a comfirmation e-mail from them and then minutes later I got another e-mail from a very convincing looking imitation of Pay Pal saying that they needed my social security # before they can go any futher.
 

More replies
Relevance 58.22%

My last employer had full access to my system. I removed spyware and have replaced Windows but I have reason to believe they still may be accessing my system because I know the carrier of the person harassing me is qwest communications. Any help is much appreciated....Here are my logs:First, I did a command search and saw: 3057 65.116.204.242 (which is qwest communications)Logfile of HijackThis v1.99.1Scan saved at 9:09:02 PM, on 5/5/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16414)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\S24EvMon.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\System32\RegSrvc.exeC:\WINDOWS\System32\RoamMgr.exeC:\Program Files\Webroot\Spy Sweeper\SpySweeper.exeC:\Program Files\Intel\Switching\User\RoamSvc.exeC:\WINDOWS\system32\ZCfgSvc.exeC:\WINDOWS\Explorer.EXE... Read more

Answer:Have I Been Hacked?

Howdy dost,

Determining if you are being "spied on" by another individual might be beyond the scope of what I can provide here.

Looks like you located a registry listing for maybe a current user Range setting. Evidence of foul play? I do not think so, to be honest with you. Just the fact you reinstalled Windows would suffice to remove any prior questions. After that, physical access to the machine would likely be required to return any items placed with bad intent.

If you look in Internet Explorer - Tools - Internet Options - Security tab, and click either the Trusted sites or restricted sites icon, and click the "Sites" button you may (may) see that item listed there. But having a Qwest IP address, or any other known IP service provider's address, in the registry would likely not be a nefarious item.

1 more replies
Relevance 58.22%

My friend keeps telling me my firewall is useless and he can come in through the way I go out, whatever that means.

Then one day about 2 weeks ago, my internet explorer 'experienced a problem and have to close'. Then I noticed a higher than normal traffic start occurring on my internet meter.

Then a few days ago my friend says he can see all my files on my work server.

I did some checks:
Blink says it found a win32.Dloader and quarantined it.
Kapersky online scan found DarkSpykernel.sys and I moved and renamed it; then deleted 2 registry entries that mentions it.
Pandasecurity online scan found nothing.
I ran unhackme and it found nothing.

Also IE cannot access Pandasecurity.com, but firefox3 can.

Pleeeeesssse Help!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:21:09 AM, on 6/29/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\eEye Digital Security\Blink\blinksvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\P... Read more

Answer:I've been hacked -- please help

7 more replies
Relevance 58.22%
Question: Hacked?

Hello, i've had this old computer for awhile now and i do'nt really useit, but my dad uses it often for payments and such and he told me the computer had been more slow then usual, and that recently we recieved a charge on a payment made on this computer from this IP address under a name that no one in this house uses. I've read some topics on the forum b4 about disconnecting the computer from the internet, which i will do after this is sent, please help.Logfile of HijackThis v1.99.1Scan saved at 3:34:37 PM, on 2/22/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEc:\program files\comcast\security manager\app\CurtainsSysSvcNt.exeC:\Program Files\ewido\security suite\ewidoctrl.exeC:\Program Files\Ahead\InCD\InCDsrv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\drivers\KodakCCS.exeC:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exeC:\PROGRA~1\McAfee\MSC\mcmscsvc.exec:... Read more

Answer:Hacked?

Hey SephirothdotcomUninstall List:1. Open Hijackthis and select: Open the Misc Tools section.2. Then choose: Open Uninstall Manager and click Save List.3. Save the list to your computer.4. Then copy the contents of the list back to this thread in your next reply.VirusTotal:1. Go to this website: www.virustotal.com2. Upload this file by copy/pasting it in to the file box: C:\windows\system32\lfdgraph.exe3. Submit the file and copy/paste the results back into this thread.Kaspersky Online ScannerGo to http://www.kaspersky.com/virusscannerYou will be promted to install an ActiveX component from Kaspersky, Click Yes.The program will launch and then begin downloading the latest definition files:Once the files have been downloaded click on NEXT
Now click on Scan SettingsIn the scan settings make sure that the following are selected:Scan using the following Anti-Virus database:Extended (if available otherwise Standard)
Scan Options:Scan Archives
Scan Mail BasesClick OKNow under select a target to scan:Select My ComputerThis program will start and scan your system.The scan will take a while so be patient and let it run.Once the scan is complete it will display if your system has been infected.Now click on the Save as Text button:Save the file to your desktop.Copy and paste that information in your next post with another HJT log.

7 more replies
Relevance 58.22%

my comodo firewall is blocking lots and lots of intrusion atempts an ip got onto my network & i tried to block it but it would not block so i unpluged from the net unistalled comodo and reinstalled it what should i do help .........use another firewall?????????
 

Answer:Am I Being Hacked.?

6 more replies
Relevance 58.22%
Question: Being hacked?

Hi Folks,
I have a windows XP with one of the best firewalls.
The firewall is indicating a lot of outside attacks via TCP and sometimes UDP to port 15190 from a lot of different IP addresses
In one night, not long ago, I got over 31000 attacks, and today over 3000....
I find it also strange that when this is happening, and I go to google.com to search something, that the things I type in the google searchbox are not shown as normal fonts but looks something like this:

| | | || | |||| ||| || | | |
and then after a while it will change to the normal fonts... and I finally see what I typed.

Could this be some sort of trojan keylogger? Makes me a bit paranoid thanks to all you friendly hackerz out there that can enlighten me

greetz
 

Answer:Being hacked?

Perhaps you should post a HijackThis log to be viewed by a Malware Removal expert, just in case.

Please download and install HijackThis.

Run it and select Do a system scan and save a logfile.

The log will be saved in Notepad. Copy and paste the log in your next post.

Do not fix anything.​
 

1 more replies
Relevance 58.22%

tonight i noticed my computer running bad, porn in my favorites, pop ups a lot, and i just get a warning saying someone is trying to get into my computer or w/e, how can i clean this outheres my logLogfile of HijackThis v1.99.1Scan saved at 11:19:46 PM, on 3/31/2005Platform: Windows 2000 SP4 (WinNT 5.00.2195)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\svchost.exeC:\PROGRA~1\NORTON~1\NORTON~4\GHOSTS~2.EXEC:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exeC:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXEC:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exeC:\WINDOWS\system32\MSTask.exeC:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXEC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\System32\WBEM\WinMgmt.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Pr... Read more

Answer:help! being hacked HELP NOW

Download cwshredder 2.12 from here:http://cwshredder.net/bin/CWShredder.exeRun the file after it is downloaded and click on the fix button. Let it do its thing and when its done, even if it crashes.When its done run hijackthis again post a new log

16 more replies
Relevance 58.22%
Question: Hacked?

We've been having various problems with the computer -- not shutting down when asked, running very slowly, not accessing sites, etc.

My thought is that my daughter, who plays Quake on line and talks to lots of people, somehow made our IP address available and someone is now using our computer.

In the start-up files, there is a program automatically starting called zIPToolz.exe that we cannot delete. When we try, it replicates itself and starts again.
Any ideas??

I'm not computer literate, so be very basic, please!

Answer:Hacked?

I believe you have arrived at the right site to get help, but you need to let these people understand a bit more about what system you are using etc etc etc.

I suggest you state what anti spyware, anti virus and platform you are operating (i.e XP or Windows 98 etc)

I was hacked without knowing it and they identified it easily and I just dumbly followed their advice and instructions........ Be Patient.

2 more replies
Relevance 58.22%

Hi, when I started my computer today I noticed the internet was very slow, I installed zonealarm which I had ment to do the day before having just reinstalled wondows. zonealarm started spamming alerts at me and the internet traffic was high even tho I wasn't using it. I didn't like this 1 bit so i decided to restore to factory settings(destructive method) having nothing on my computer I care about losing anyway. when this was finished I installed zonealarm and was still getting these alerts. I then installed avg and did a full scan, there was nothing found except cookies. Im guessing that this person/program was attacking my ip? so thats why the restore didn't work?. Would changing my ip solve this and is that possible on an adsl modem?.

here is a scrn of the zonealarm log

http://img38.imageshack.us/img38/6593/51851420.png
 

Answer:Please Help, Being Hacked =/

14 more replies
Relevance 58.22%
Question: I am being hacked

I have recently been havcing some problems. I noticed something was amiss when i tried to update avira9 to avira10 there was an error

c:\users\neilma~1\appdata\local\temp\rarsfx0\presetup.exe

this application has requested the runtime to terminate it in an unusual way.
please contact the application's support team for more information
and i could not install avira10 or reinstall 9 either. oh and while i was asleep one night a foder was created on my desktop called redstart i deleted it. then firefox said some of the java i had installed had security issues so i disabled them. also at night when i'm sleeping i get messages saying that the lowmic utility has stopped working do you want to send a report to microsoft.

and i got an email from gmail stating that my email was accessed in san fran sisco or california i cant remember which and that i need to change my password if it wasnt me that did it.

then i got avg but dont like that one so substituted for avast and nothing so i got rid of that too when i signed up for shaw's internet and they provide free fsecure.

i got shaw secure which is fsecure. and i find that i had nine viruses or threats. it didn't remove 5 of them so i checked them out they were from hirens boot cd, proccess explorer and win key finder plus some others. so i quarantined them.

i was also alerted to the fact that i was getting intrusion attempts five so far. i checked whois and they are mainly from china and one from stokholm a... Read more

Answer:I am being hacked

16 more replies
Relevance 58.22%
Question: I think im hacked

hey guys,
 
I'm getting redirected/filtered search results on any browser, denied access to suspicious files AV skips most files in scans.
 
downloads even get hijacked or maybe they get infected once downloaded?
 
I'm on win7 with bullgard AV
 
Thankyou

Answer:I think im hacked

Welcome to BC...
 
Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the
Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.
After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.
CCleaner - PC Optimization and Cleaning - Free Download
 
Download Malwarebytes' Anti-Malware from Here
Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
Click the Remove Selected button.
MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order... Read more

7 more replies
Relevance 58.22%

Hi people
 
First of all, I get the impression that things are rather strict on here so I apologise if I've not put this into the correct section.
 
Last year I had discovered I was hacked and did away with that particular system (still have it, just refuse to ever use it again)
 
I ended up buying another, only to feel that the hacker had full access to my network and 'possibly' re-infected this new system. After only a few days I had to go back to factory default because It was just a blank screen with nothing but the Wi-Fi icon showing. Something similar happened on my previous LT that locked me out until it decided to work as normal after turning it off for around 12 hours.
 
I've had nothing but weird things happen to it constantly, from system settings being unavailable/disabled, my VPN settings being changed (only decided to use one for the first time a few months back, but feel it may be pointless), my AV constantly telling me that my network isn't safe ("Your network router is accessible from the internet") and a random blue screen is showing for short periods every now and then. I'm also receiving HIPS warnings about files being downloaded when I haven't even been downloading anything. Not to mention my IP is now located hundreds of miles away from where I actually live. This is strange because for as long as I've been with my ISP they have always had the location within a reasonable distance. Last year when I realised I'd been hacked it was a si... Read more

Answer:More than likely, hacked!

Are you able to provide screenshots? What AV are you using?

31 more replies
Relevance 58.22%
Question: I've been hacked

Ok, here is my problem. I use the same computer as 3 other people where i work. One of them took control of the computer, and changed everybody but himself to administrator. He also installed a program called KGBSpy that spy's on everything we do. I have private files that i have to review with clients information he does not need to have. I don't know how to even find the program, or how it works. And if you ask the guy about it, he acts like he doesn't know what your talking about. He's not even an admin or nothing, we dont have anybody like that, he's just being a jerk. I just want to block the program or something so he can't see what i do on my screen name. Is there anyway to stop him, or block my screen name from this stupid program?
 

Answer:I've been hacked

Since this is a work computer, I'd simply take the issue up with your manager. We can't get involved in such issues with company computers here at TSG.
 

1 more replies
Relevance 58.22%
Question: Is my PC hacked?

Hey everyone, i was away for holidays back home and i asked my friend to house-sit for me. When i got back,i noticed that my pc was slower. When i did a virus scan, a BAT_SASSER virus was found. After cleaning it, i noticed that my norton and zonelabs were disabled and i cant open them. i tried reinstalling both the programs but they just cant seem to be uninstalled. help? think my pc may have been hacked also cos i find weird programs and suddenly a lot of my files are gone
 

Answer:Is my PC hacked?

16 more replies
Relevance 58.22%

Lately, every time I start up my computer, I have to reset the homepage to my page because it's at one of those 'spyware' search sites or something, and I also have to reset my security system dealing with cookies because it's 'custom'.
I've tried Spybot S&D, and it got out some spyware, but this problem still remained.
This is the only problem though.

If you do think I'm being hacked, can you recommend me a good, free firewall?
 

Answer:Do you think I'm being hacked?

Hi,

Download and run Hijack this then post a log for us to look at for you. I'm no expert at reading the logs, but there are a lot of people here who can read them well.....

http://www.spychecker.com/program/hijackthis.html
Wizzkid
 

2 more replies
Relevance 58.22%

Never thought I'll post here, but in the last week, wierd things have been happening to my computer. In the beggining, a problem came up and said to me that I need to update my graphics driver, which was true, but when I clicked "Show Solution" the thing redirected me to install some software that had stollen the Norton icon.After that, I scanned the computer and removed 22 spyware. Good, but after a day, suprise! I can see a wierd account at the Logon screen. After Loging On, I immediately went to cmd.exe to disable it and delete it. For 3 days, I was fine, but then, the Internet browser, after closing my games, was opened on bit.ly, not by me. Ok.Returned to my good ol' friend ESET Smart Security. Found 25 viruses and deleted them. After that, ESET detected no suspicious things in my PC, so, because it made the computer boot slower, I unninstalled it. Today, something that scared me: I was browsing the Internet when suddendly, a bit.ly page opens. I close it, then close Firefox, disconnect myself from the Internet and start playing reliefed NFS Most Wanted. I think I know what's the problem: I use Vista SP2 without any single security update cause I can't update it. What to do to get rid of the hacker and to install these damn updates?Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum. ~ Animal

Answer:I think I got hacked

Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scroll down.Double-click ... Read more

more replies
Relevance 58.22%
Question: Hacked

I was hacked and before I realized it, a pop up came up and I only saw the last of the password (*******) typed. now no .exe will run

More replies
Relevance 58.22%
Question: Hacked

I was hacked and before I realized it, a pop up came up and I only saw the last of the password (*******) typed. now no .exe will run

More replies
Relevance 58.22%
Question: I think Im hacked

There's questionable processes and services running on my computer. Can someone take a look?

Answer:I think Im hacked

Did you do a scan with something like Microsoft Security Essentials, Malwarebytes or similar programs? What makes you thing you have questionable items?

1 more replies
Relevance 58.22%
Question: I think Im hacked

There's questionable processes and services running on my computer. Can someone take a look?

Answer:I think Im hacked

Did you do a scan with something like Microsoft Security Essentials, Malwarebytes or similar programs? What makes you thing you have questionable items?

1 more replies
Relevance 58.22%
Question: Am I being hacked?

I keep getting this since April 11 in my event viewer
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10003
Date: 4/29/2004
Time: 10:23:20 PM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: Ne0
Description:
Access denied attempting to launch a DCOM Server using DefaultLaunchPermssion. The server is:
{00020906-0000-0000-C000-000000000046}
The user is ANONYMOUS LOGON/NT AUTHORITY, SID=S-1-5-7.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Am I being hacked or something?
 

Answer:Am I being hacked?

Have you by any chance disabled "Com" in services (on Blackviper advise).The event Viewer is complaining about not having the service running.No problem.
Find out about Blackviper here:http://www.blackviper.com/WinXP/service411.htm
 

2 more replies
Relevance 58.22%
Question: Hacked!!!

Okay, I have a 2000 server machine that one of my techs left FTP open to the world last night. I come in this morning and the disk if full. No biggie! They just FTP'd movies (porn) to one directory on the machine. The problem is that I cannot delete that directory. It keeps saying: "cannot delete "file", cannot find the specified file".

I even tried it in safe mode. Is there a way to "force delete" this directory?

Please, any help appreciated!!!

dtugg
 

Answer:Hacked!!!

12 more replies
Relevance 58.22%
Question: Was I hacked?

Hi: Last night, my computer was fine. This morning, all my programs started up fine. Then when I clicked on a shortcut, it said that this program does not have a program associated with it for performing this action, create an association for it in the Folder Options control panel. When I go into MY Programs folder, and try to open them up, the search file opens up! I can access my internet and some programs by right-clicking and choosing run as...Owner, etc., but I can't open Messenger or Outlook Express. When I try to accesss programs that require an administrater to use, like system restore, I am not recognized as administrator, and the program won't start. My firewall and antivirus programs won't start either. Help me please.
 

Answer:Was I hacked?

You MAY have a virus/trojan. If possible, remove the hard drive and install it in another computer that has anti-virus software and scan your hard drive. You can also try an online virus scanner, but I don't think those are as good or as comprehensive as dedicated AV software.
 

2 more replies
Relevance 58.22%

Hello, I have a problem with my pc that is only a year old & was wondering if anyone would throw some light on the matter?

I have an AMD Sempron 2200 processor with Abit VA-20 mobo. With Windows XP Home.
I use Norton internet securoity & a usb modem.
My pc has ran fine for the last year and the problem started the other day..

The other day it froze on shutdown & I had to turn it off at the plug. Then when I started it up the next day it would only let me boot in safe mode, with no networking capabilities either. So I decided to format & reinstall.
Since then Ive formatted 3 times & reinstalled, all with the same result. After a few hours it freezes & when I start it up again it gets to the windows page, a blue screen flashes up so quick I cant read it, & then it reboots again & again, round & round in circles, with thiis blue screen flashing up.
So now the only way I can get it to start up properly when this happens is by getting my windows disc & opting to 'repair' windows. (so I wont lose all my data again) which although isnt as time consuming as formatting, is still time consuming enough for me not to want to do it every few hours.

A couple of other little bits of info that may help or may not...

1) Before my system froze up the first time I had aquired a piece of software for removing software that couldnt be removed with the usual uninstall software.The piece of software that was proving hard to remove was some Noki... Read more

Answer:Im getting really hacked off with this now...

15 more replies
Relevance 58.22%

Hello,

I clicked on a link 2 weeks ago and got a mass of Trojans and Viruses Jump onto my system.

I rebootes and ran scans with various softare. ( SpyBot SD, SpyWare DOctore,, Ewido , ASquared, Hijack This) and came up with alot of results wasnt able to completely erase them.

I cant read or understand any of that Code stuff.. I have been trying eveything to fix this to no avail..

Your help would be greatly appreciated .

Now my Computer Is Very Slow and BOgged down , Getting lots of error messages, Showing me blank screens .. And generally Not working..

I get lots of Messages saying : My Buffer is Being Overrun !

I think I;ve been Hacked !
Cheers'

Ed -

Here is my Info :

My System Specs: DELL
Intel Pentium 4 CPU 3.00 Ghz, 512 MB RAM, NVIDIA GeForce FX 5200
Windows XP Professional 2002
service pack #2

Norton Antivirus:
can type: Realtime Protection Scan
Event: Virus Found!
Virus name: Downloader
File: C:\System Volume Information\_restore{2AD92CD6-171A-45FB-9EBC-5535A28846A0}\RP1\A0000002.exe
Location: Quarantine
Computer: USER-EY35M5DWTN
User: SYSTEM
Action taken: Clean failed : Quarantine succeeded : Access denied
Date found: Sat Nov 11 10:21:19 200
--------------------------------------------------------------------------------------------------------
Symptoms:
When computer is turned on a notice that Windows Firewall is Turned Off appears. WHen I check it it says it is turned on...
SAFE MODE : Does Not Work.. Shows up as black screen with Safe mode writ... Read more

Answer:Help I've been Hacked !

16 more replies
Relevance 58.22%

Hey guys, i suspect that i have been hacked because my DVD rom drive opened by itself this afternoon, and then again just now. This has never happened before and I was not doing anything while it happened.Another reason I believe I may have been hacked is that my friend (maybe not so much) came over last week with his laptop and asked for the password to log onto my wireless router. I am very suspicious of him.here is my hijack this log, please tell me what else I can do to get to the bottom of this.Thanks!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:04:41 PM, on 2/5/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\SOUNDMAN.EXEC:\Program Files\Winamp\winampa.exeC:\Program Files\Nero\Nero 7\InCD\NBHGui.exeC:\Program Files\Nero\Nero 7\InCD\InCD.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\iTunes\iTun... Read more

Answer:I Think I've Been Hacked

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Please post the contents of log.txt. Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until instruc... Read more

2 more replies
Relevance 58.22%

Hey all,

Well i luckly found this forum when i was trying to find a reason as to why my USB wasnt work lol, but thats not the point in this thread. For the past 2 weeks or so, when i turn on my laptop (compaq nx9010) i get an orange message from zone labs saying : The firewall has blocked internet acces to your computer (TCP Port) from 192.168.123.254 (192.16.123.254) (TCP Prt 048) (TCP Flags:S)

At first it annoyed me because when i pressed Ok, it just kept comin up and i thought nothing of it, but i was just restarting my laptop when a box came up. you know if you close a programme quickly or by using control manager, you get an option to End Now or cancel. Well at the top of the box it said End Programme - dont show me or something dodgey like that. I can assure you i dont have a game or something called that lol, so seen as im rubbish on computers im not sure what to do :S have i been hacked? is there anyway to find out? more importantly can i fix it
 

Answer:Help! - Am I Hacked?

6 more replies
Relevance 58.22%
Question: Hacked??????

I'm concerned that I may have been hacked in the last couple of months.

I'm running Windows XP

I noticed that all of a sudden my computer slowed right down, and at the same time, my facebook account would not let me log in unless I logged into a different account first. I would always get the "this page is not...blahblah." If I logged into another facebook account first and then went back to my primary account, I could open the page.

This week, I learned that someone has been fraudulently using my credit card and since the card has not left my purse in the last 6 months, I figure that the information must have been taken from my computer. The only place I use my credit card online is at ebay, paypal, and amazon as far as I can remember.

Here is my hijackthis log.

Logfile of HijackThis v1.99.1
Scan saved at 12:42:33 PM, on 9/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.... Read more

Answer:Hacked??????

10 more replies
Relevance 58.22%

I need help, and fast really

I have done the usual things, ran antivirus, malwarebytes

I got a phone call from someone who said they were from Microsoft

They gave me all my details, PC number, operating system, even the disc number of my operating system, they had my name, DOB, email address, my home address, my phone number (I dont give out my land line number, but when I got my OS, I had to give that to MS) only thing that was missing was my inside leg measurement, they seemed to know everything about my PC and me (even knew what page I was on)

They were very convincing, and as I have been having problems with my PC and sent them error reports, I thought they were the real deal (I have never contacted MS before, so didnt have the number to call em back

Anyway, they got control of my PC, then started deleteing stuff, I pulled the plug when I saw stuff going, but then they called me back and started taking the p*** about how my PC wouldnt work any more (I'm glad to say it does)

They sounded like the usual Indians in India that MS employ

But how do I find out if they can still access my PC ?

How do I find out if they have put a 'back door' into it ?

Shall I change my router password ?

I have turned off any remote access to my PC

I am running various malware and anti virus software (so far nothing has been found)

I cant find anything that isnt working any more, it seems fine

There are no new accounts on my PC (that I can find)

I havent been on any b... Read more

Answer:Help, I think I have just been hacked

7 more replies
Relevance 58.22%

i am playing on my laptop and my other computer is on its viruse protection on it is disabled for whatever reason there was and then i looked at the screen and it had this message on it saying
tnanks for the visit
and the theme on it is white
before it was black
 

Answer:don't know if i got hacked or not

if it has been hacked does that mean that i can get hacked too since we are on the same network
 

3 more replies
Relevance 58.22%
Question: hacked

i have had two problems since last wednesday. I run windows 7 ultimate. And have bit defender as virus protection.The first problem was an apple exe file appleiedav.exe suddenly went into overdrive and I burned 8gs of my mobile broadband in two days. I sourced the problem via the task manager. deleted all apple of my computer. Then this morning I am on for about 10 minutes log of and take the dog for a walk. Come back home start the computer and it goes into safe mode on start up. I hit reset as it would not shut down. When I start up I keep modem turned of until I ready to use. i do not start computer with internet connected. Question is what I have done wrong as I have not downloaded anything and I have run system scan as well as sfc/scannow and nothing comes up?
 

Answer:hacked

Start the computer with the diagnostic screen (F8) and choose to boot from the last known good configuration. If that does not work, boot from with Windows 7 installation DVD and at the Install now screen, use the Repair my computer link and allow to run until done. Beyond that, access the optional repairs to run a MS System Restore to a date when the machine was working.
 

1 more replies
Relevance 58.22%
Question: am I still hacked

I had previosuly posted post as my then windows 8 I believed was being hacked. And now another strange part. I do still believe I am being hacked into. I thought of getting rid of my windows 8 and now upgraded to the windows 10 system. But I still experience strange things. My computer Still experiences strange things even on windows 10. Few days before my security logs were not appearing. And now they are back. But strangely my windows 10 keeps logging itself. I am not sure. I heard this is due to windows 10 itself. But how can windows keep logging itself when its locked.Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum. ~ Animal

Answer:am I still hacked

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the
Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.
After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.
CCleaner - PC Optimization and Cleaning - Free Download
 
Download Malwarebytes' Anti-Malware from Here
Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
Click the Remove Selected button.
MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them.... Read more

more replies
Relevance 58.22%
Question: I'm getting hacked

Hello

My aunt told me to be exact so I will describe all of my difficulties, including the symptoms of my phone too which I think is hacked.
I have had my computer for 6/7 years and I've had obscure troubles using internet, running problems, turning my PC on and off and even using my cursor.

A while back, when I was using my computer ( which I mainly use for games) when I would move my mouse, the cursor would lag, move slowly or not respond at all. I describe it as flickering, if I would drag the cursor from the left side of my screen to the right than it would move and stop and move and stop on and on again. I replaced my mouse many times, changed the batteries and I tested wireless and corded mouses. It was very frustrating but eventually the problem ceased.

Another problem I had was when sometimes my screen would turn black and I would have to use the power button to shut it down and start and then restart the computer in safe mode to shut it down again.

I also often have troubles with internet, I would have internet access with my phone or my laptop but my PC would have no internet and it is plugged directly in the router so this is strange.

Now, I just got back from vacation and before I had departed, my I was having more internet problems, my monitor was sometimes going black, and a weird icon was visible in the system tray. It was a blue circular icon with a white x and when I clicked on it, nothing would happen and if I hovered my cursor over it, it would say ... Read more

More replies
Relevance 58.22%
Question: I got hacked

when i whent 2 log on 2 get help from ppl in this site i was un-able 2 log on so i restart my password and when i finaly get it back i find im a fag as my last name and i say some posts i never did right.
so...how can i stop this hacker and is it possable that my or a GM can virus protect my acc?

Answer:I got hacked

Perhaps someone is just playing a joke on you?
You could create an alpha numeric password...something not easily broken.

12 more replies
Relevance 58.22%

Not to sound too stupid, but I made a few changes on my router (smb barricade 7004vwbr) and I see this every day in the log. I get a few hundred a day now. The wireless setting is disabled. I am on UCI campus on their network.

Thanks.

Wed Jun 16 06:55:24 2004 : Blocked access attempt from 128.195.96.118
Wed Jun 16 06:48:14 2004 : Blocked access attempt from 128.195.66.168
Wed Jun 16 06:38:21 2004 : Blocked access attempt from 128.195.67.133
Wed Jun 16 06:35:52 2004 : Blocked access attempt from 128.195.98.191
Wed Jun 16 06:27:59 2004 : Blocked access attempt from 128.195.99.31
Wed Jun 16 06:24:05 2004 : Blocked access attempt from 128.195.92.144
Wed Jun 16 06:23:05 2004 : Blocked access attempt from 128.195.64.5
Wed Jun 16 06:16:04 2004 : Blocked access attempt from 128.195.99.31
Wed Jun 16 06:04:39 2004 : Blocked access attempt from 83.154.132.192
Wed Jun 16 06:00:51 2004 : Blocked access attempt from 128.195.99.31
Wed Jun 16 05:58:50 2004 : Blocked access attempt from 128.195.67.133
Wed Jun 16 05:32:00 2004 : Blocked access attempt from 211.161.242.182
Wed Jun 16 05:23:06 2004 : Blocked access attempt from 128.195.64.5
Wed Jun 16 05:19:42 2004 : Blocked access attempt from 202.39.223.4
Wed Jun 16 05:15:00 2004 : Blocked access attempt from 128.195.75.151
Wed Jun 16 05:08:14 2004 : Blocked access attempt from 128.195.69.197
 

Answer:What does this mean - Am I being hacked ?

University networks are often rife with malware infested computers. When there's an exploit on an unpatched vulnerability, once it gets into the network, it'll go through it like corn through a dog. The university I'm at regularly gets raped by pretty much every major exploit. Nimda ran wild here for about a month.

The lesson to take away from your log is to never connect a computer directly to the network (unless for educational purposes, but assume the box to be compromised after doing so and don't connect it with any of your other machines before a reformat and reinstall).
 

7 more replies
Relevance 58.22%

I alt tabbed out of a wow and open firefox thus 100's of tabs opening by themselves. And left clicking on the desktop anywhere open windows helper thing. I'm using windows 7. build 7100. is this something to do with a virus/exploit?
How do i fix it?

thanks
 

Answer:was i hacked?!?!?!?

Uhm.... anti-virus and anti-malware?

Doubtful that you were "hacked".

You probably downloaded one or more viruses and/or malware.

Go install Avira free and MalwareBytes, run both of those, and report back with the results. If you can't get them to download or install, boot into Safe Mode with Networking to download and install them.

You should probably try scanning with other AV and AM software as well, but I'd be interested in seeing what just those two will pick up.
 

22 more replies
Relevance 58.22%

Hello,

Something just happened to me that has never happened before...

I was talking to a friend on skype and I was actually helping him with some stuff so he was sharing his desktop, suddenly windows gives me a pop up that the system is running slow :S... So it switched to windows 7 basic.... I didn't pay much attention to it and kept with my business...

Then, I get a pop up from the recyclin bin telling me if im sure that I want to delete 17 files... Im like........wtf and click no....

THEN, my mouse starts skipping around the screen, mostly going to the right and it appears to automatically start right clicking... I moved it to my screen on the left (eyefinity system) and it would skip as in "teleport" slowly to the right, while right clicking...

I turned off my dinovo edge keyboard cause sometimes it likes to freak out but it still kept doing it. Then a min later it stopped.

What the hell happened here? was I being remote controlled? I just formatted last week and have win 7 up to date, with microsoft security essentials and windows firewall on.

I haven't installed anything new :S

What do you guys think happened???

I'm getting really paranoid!

Thanks!
 

Answer:Did I just get hacked?!?!

lot of warez places its a head game to get you to click on the wrong thing.takes pratis to know how to play that game but hemmm
what anti virus and anti spy-ware software are you running ?



I'm getting really paranoid!Click to expand...

i know the fealing

you want fun try this,

exaple

*.exe is 1000k
exe stops working now the exe is 1036k
so replace exe with a clean exe,wait 5 min and it changes back to 1036k

lol that's all way fun,freaking exe munchers ,lost like 300 exe once long ago cus of some garbage like that.
that was fun........ not
 

7 more replies
Relevance 58.22%

I have a very strong password, which I recently changed. Today I came to my computer and Pidgen was logged out and it said "logged out due to connected from somewhere else". This is not right... how would someone have gotten into the account, and how would I tell? Everything looks ok, like I don't see contacts added or deleted or anything.

I'm not really that worried as there's nothing confidential, but what worries me is how they got the password in first place. Is there a known issue with MSN going on or something?

I have a pfsense firewall, what would I look for in there to see if someone is trying or has successfully hacked into my network? Everything is fairly secure as far as I know, but obviously someone managed to get my msn password somehow. It's in a PINs database, which they would of had to brute force the password to. That means they got all my other passwords too. I just can't see how anyone would have gotten on my network though, but now I'm paranoid.
 

Answer:Anyway to tell if my MSN got hacked?

Red Squirrel said:





I have a very strong password, which I recently changed. Today I came to my computer and Pidgen was logged out and it said "logged out due to connected from somewhere else". This is not right... how would someone have gotten into the account, and how would I tell? Everything looks ok, like I don't see contacts added or deleted or anything.

I'm not really that worried as there's nothing confidential, but what worries me is how they got the password in first place. Is there a known issue with MSN going on or something?

I have a pfsense firewall, what would I look for in there to see if someone is trying or has successfully hacked into my network? Everything is fairly secure as far as I know, but obviously someone managed to get my msn password somehow. It's in a PINs database, which they would of had to brute force the password to. That means they got all my other passwords too. I just can't see how anyone would have gotten on my network though, but now I'm paranoid.Click to expand...

Are you able to change your password on msn ? Does your other computer have msn messenger ?
 

3 more replies
Relevance 58.22%

Hi guys, so I know this seems stupid. but I am a littl ebit paranoid I have been hacked,

I am not what you would call a prime candidate, clean system, don't browse unsafe sites, etc etc. I run windows firewall and microsoft security essentials. I am behind a Billion Bipac 7800N modem router, however "Block WAN PING" and "Intrusion Detection" were not turned on, they are now.

Basically I was browsing reddit and chatting on facebook when all of a sudden, the typing line that comes up just kept going to the right, no matter ewhat i pressed it just kept sliding to the right and starting a new line, then i clicked a few different convo windows, then tried to close firefox, thinking it had just fucked up.

basically then everything was scrolling to the bottom and closing windows wasnt working and nothing i clicked wa sresponding, like it didnt register.

I then manage to try and shut down the computer, wasnt working,

I managed to right click and disable my network adapter (ethernet) and straight away everything started responding again and the computer shut down imedietly,

Restarted now and running a scan and everything is working perfectly...

any advice guys or thoughts? random software anomoly or have I been compromised?

PS I am not a noob and have average understanding of things so feel free to get a bit technical with me.

Thanks in advance.
 

Answer:Think I got hacked?

Try running additional scans with some of the programs recommended in the malware thread. (MBAM, Spybot, etc) Being a safe web user is important but more and more it's not just about the websites you goto. There's a risk of getting infected/attacked through ad networks that run on forums or hijacked links.

Either way, it could have just been a fluke. Run scans with software besides what you currently use just to double check.
 

11 more replies
Relevance 58.22%

I just received 5 emails with the title:




Delivery Status Notification (Failure)Click to expand...

Sent to some random (and some dictionary words) addresses at one domain. Body was some advertisement from "LRWatches", which seems to be some Chinese watch maker with a link to a base website address.

I was logged in, and did not notice until 40 minutes later. I then promptly changed my password and signed out all other accounts. Gmail said there was no other accounts logged in, and did not report any activity on the ip address that sent the mail.

I have the whole header from the delivery failure message. Nothing is in the sent mail. The header:



Received: by 10.236.125.130 with SMTP id z2mr26303175yhh.94.1329951863039;
Wed, 22 Feb 2012 15:04:23 -0800 (PST)
Received: by 10.236.125.130 with SMTP id z2mr26303172yhh.94.1329951862986;
Wed, 22 Feb 2012 15:04:22 -0800 (PST)
Return-Path: <[email protected]>
Received: from 236.137.167.190.d.dyn.codetel.net.do ([190.167.137.236])
by mx.google.com with SMTP id c9si26748951qao.50.2012.02.22.15.04.02;
Wed, 22 Feb 2012 15:04:22 -0800 (PST)
Received-SPF: neutral (google.com: 190.167.137.236 is neither permitted nor denied by domain of [email protected]) client-ip=190.167.137.236;
Authentication-Results: mx.google.com; spf=neutral (google.com: 190.167.137.236 is neither permitted nor denied by domain of [email protected]) [email protected]
Received: from c3-s... Read more

Answer:Did I just get hacked? What do I need to do?

This could have happened in many different ways. You were right to change your password and check the access records. People who fall victim to this don't always have spyware on their computer but it wouldn't hurt to scan your computer with Malware Bytes and or a similar program.
 

17 more replies
Relevance 58.22%

causse when i log into my profile i automatically get logged out...
and i think it aint a virus
 

Answer:I think i got hacked

I get booted out of windows as soon as I log in, Dont know if its the same thing but its a virus on this end.
 

3 more replies