Have i been hacked into?

Status
Not open for further replies.
Shane

Shane

Super Moderator
Staff member
Whats the sighns of been hacked?

Im sure that somethings not right with my pc....internet loading slow...pages not loading at all,Programes & games opening by themselves and the whole system is just slow:confused:

Spyware/antivirus free according to Kaspersky & spyware blaster.

Btw...im probably to blame if i have been hacked into because im just using standard windows xp firewall:eek:

Im not realy concearned if i have been hacked into because i NEVER keep any personal information or anything of importance on my pc;) but obviusly if i have been hacked into i want to get rid of him.

Hijackthis log just incase anyone needs it....

Logfile of HijackThis v1.99.1
Scan saved at 21:36:24, on 31/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\VMware\VMware Workstation\vmTrayProcess.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Browser Mouse\mouse32a.exe
C:\Program Files\Muiltmedia keyboard Utility\2.0\KbdAp32A.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\FRAPS\FRAPS.EXE
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\Shane\LOCALS~1\Temp\Rar$EX00.047\HijackThis.exe

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: VizController Class - {0F9CECE1-0306-4BB0-8BEF-C9EA3841E38A} - C:\Program Files\Vyooh\DiskView\VizBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: DiskView - {6A882320-BDD0-4ff4-BE3A-D8BAF82668E9} - C:\Program Files\Vyooh\DiskView\VizBar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [vmTrayProcess] C:\Program Files\VMware\VMware Workstation\vmTrayProcess.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser Mouse\mouse32a.exe
O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Muiltmedia keyboard Utility\2.0\KbdAp32A.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXE
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: VMware Agent Service (ufad-p2v) - Unknown owner - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe" -d "C:\Program Files\VMware\VMware Workstation\\" -s ufad-p2v.xml (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
Click to expand...
 
Last edited:
I'm no good with Hijack this logs, but I know you have Widgets, Those things are awesome!

I don't think you would of been hacked, There's no real reason somebody would hack you.

I suggest you try a registry cleaner and defrag... See if that does anbything?
 
Alright, Yu have alot of unneeded stuff. For Beginners, for your peice of mind. download Sygate Personal Firewall

http://www.tucows.com/preview/213160

(windows Firewall couldn stop rain in the desert)

Now,

C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Browser Mouse\mouse32a.exe (unless thats a system thing)
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe (looks suss)


O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE (unless you know this is safe)

O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser Mouse\mouse32a.exe (unless you know this is safe)

O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/game...Plugin9USA.cab (unless you know this is safe, your computer shouldn be auto downloading .cab Files for you)

If your Really Really worried, Reformat, oh and something for the Future, some virus's have been programmed to hide from hijackthis.exe, so next time, rename it to analyser.exe or something along those lines....

dont ask how i know that... lol

A Clean Re-Format would be nice, if not, free up unneeded crap, and De***g (defragment) your PC.

Good Luck
 
Thanks K3rupt,

i think that im gonna do a fresh instal of windows so its nice and fast again...i cant be bothred tidying up my current install....just quicker for me to format and re-instal it all again.

Doesnt take me long as i have all my programes on disk:)
 
Wow! You've put XP back on already, that was quick!

Did you copy your save files? Don't want to loose them :P

Especially if you've ever played Oblivion, lol!
 
Kornowski said:
Wow! You've put XP back on already, that was quick!

Did you copy your save files? Don't want to loose them :P

Especially if you've ever played Oblivion, lol!
Click to expand...

Mate i put xp back on about 2 clock this afternoon:D
Didnt take long to install.
Got everything back on my system now and its nice and fast.

Yeah i save my files....my Call of duty files to my Usb pen drive;)
 
haha niiice, lol how big if your bloddy pen drive?? lol i just bought another 320gb hdd, so now i have 640 gb hdd haha.... beat that mate
 
Kornowski said:
Oh right, Nice one!

Beat this, I've got a 40GB HDD :D
Click to expand...

Your system only has a 40Gb hard drive?:eek:

Dunno how you cope with that mate.

Btw...my Usb pen drive is 256Mb....Plenty just for some saved COD game files and stuff.
 
oww man, i got a 2gb flash disk Just for my work stuff, lol. GO THE 40GB HDD GUY!!! YUR ROCK haha... lawl.
 
dude, i work for an ISP. im a programmer. Yes at 16. (high school drop out) lol. thats what happens after years of VB 6.0....
 
Last edited:
Status
Not open for further replies.
Back
Top