Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

am i hacked


  • Please log in to reply
1 reply to this topic

#1 Guest_Daancatch22_*

Guest_Daancatch22_*

  • Guests
  • OFFLINE
  •  

Posted 12 January 2011 - 05:01 PM

I have been having problems with my new laptop since i boughy it, screens going black, system failures, icons disappearing, NVIDIA and Intel menu hampering. I did quite a few asus total system recovery, but that did not really help. I did many different AV-scans, nothing popped up. Norton diagnose scan blcks, same with system fragmentation analysis. Norton gave a message it blocked a massive attack. So now i am wondering if if my pc has been hacked. could do with some help. below log of tpc


[System Process] 0 TCP 127.0.0.1 6999 127.0.0.1 50348 TIME_WAIT
[System Process] 0 TCP 192.168.33.103 50356 63.110.246.17 80 TIME_WAIT
daemonu.exe 1828 TCP 127.0.0.1 2559 0.0.0.0 0 LISTENING
daemonu.exe 1828 UDP 0.0.0.0 48000 * *
iexplore.exe 1640 TCP 127.0.0.1 50354 127.0.0.1 6999 CLOSE_WAIT
iexplore.exe 3904 UDP 127.0.0.1 52686 * *
iexplore.exe 3452 UDP 127.0.0.1 57142 * *
iexplore.exe 1640 UDP 127.0.0.1 59416 * *
lsass.exe 644 TCP 0.0.0.0 49155 0.0.0.0 0 LISTENING
lsass.exe 644 TCPV6 [0:0:0:0:0:0:0:0] 49155 [0:0:0:0:0:0:0:0] 0 LISTENING
services.exe 592 TCP 0.0.0.0 49156 0.0.0.0 0 LISTENING
services.exe 592 TCPV6 [0:0:0:0:0:0:0:0] 49156 [0:0:0:0:0:0:0:0] 0 LISTENING
SfCtlCom.exe 1924 TCP 127.0.0.1 37848 0.0.0.0 0 LISTENING
SfCtlCom.exe 1924 TCP 0.0.0.0 49159 0.0.0.0 0 LISTENING
SfCtlCom.exe 1924 UDP 0.0.0.0 40116 * *
SfCtlCom.exe 1924 TCPV6 [0:0:0:0:0:0:0:0] 49160 [0:0:0:0:0:0:0:0] 0 LISTENING
SfCtlCom.exe 1924 UDPV6 [0:0:0:0:0:0:0:0] 40116 * *
svchost.exe 884 TCP 0.0.0.0 135 0.0.0.0 0 LISTENING
svchost.exe 976 TCP 0.0.0.0 49153 0.0.0.0 0 LISTENING
svchost.exe 128 TCP 0.0.0.0 49154 0.0.0.0 0 LISTENING
svchost.exe 2244 UDP 127.0.0.1 1900 * *
svchost.exe 2244 UDP 192.168.33.103 1900 * *
svchost.exe 2244 UDP 127.0.0.1 55358 * *
svchost.exe 884 TCPV6 [0:0:0:0:0:0:0:0] 135 [0:0:0:0:0:0:0:0] 0 LISTENING
svchost.exe 976 TCPV6 [0:0:0:0:0:0:0:0] 49153 [0:0:0:0:0:0:0:0] 0 LISTENING
svchost.exe 128 TCPV6 [0:0:0:0:0:0:0:0] 49154 [0:0:0:0:0:0:0:0] 0 LISTENING
svchost.exe 976 UDPV6 [fe80:0:0:0:8510:6a1f:83b4:cda1] 546 * *
svchost.exe 2244 UDPV6 [0:0:0:0:0:0:0:1] 1900 * *
svchost.exe 2244 UDPV6 [fe80:0:0:0:8510:6a1f:83b4:cda1] 1900 * *
svchost.exe 2244 UDPV6 [0:0:0:0:0:0:0:1] 55357 * *
System 4 TCP 192.168.33.103 139 0.0.0.0 0 LISTENING
System 4 TCP 0.0.0.0 445 0.0.0.0 0 LISTENING
System 4 UDP 192.168.33.103 137 * *
System 4 UDP 192.168.33.103 138 * *
System 4 TCPV6 [0:0:0:0:0:0:0:0] 445 [0:0:0:0:0:0:0:0] 0 LISTENING
TmProxy.exe 3772 TCP 127.0.0.1 6999 127.0.0.1 50354 FIN_WAIT2
TmProxy.exe 3772 TCP 127.0.0.1 6999 0.0.0.0 0 LISTENING
TmProxy.exe 3772 TCPV6 [0:0:0:0:0:0:0:1] 6999 [0:0:0:0:0:0:0:0] 0 LISTENING
UNS.exe 2328 TCP 127.0.0.1 49164 0.0.0.0 0 LISTENING
wininit.exe 532 TCP 0.0.0.0 49152 0.0.0.0 0 LISTENING
wininit.exe 532 TCPV6 [0:0:0:0:0:0:0:0] 49152 [0:0:0:0:0:0:0:0] 0 LISTENING

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Bleep Bleep!


  • Admin
  • 40,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA

Posted 13 January 2011 - 05:27 PM

From what you gave it doesnt look like there is anything running that is listening for connections that shouldn't be.

If you think you are infected you may want to follow the steps here:

http://www.bleepingcomputer.com/forums/topic34773.html




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users