Page 1 of 4 1234 LastLast
Results 1 to 15 of 47
  1. #1
    Joined
    Nov 2002
    Location
    In bed with one of my avatar AMD girls :D
    Age
    39
    Posts
    8,876

    Am I being hacked?

    My firewall just gave me a strange alert,it said explorer.EXE is attempting to access the internet,I didnt know what to do so I googled it and I found that it should not be allowed and it might be an unknown trojan or spyware infection,I tried to trace the ip it was trying to connect too and one place said it came from Amsterdam and another from France

    Wtf,I mean I just went through a clean format and install of windows yesterday and now this!?!?!!?
    You guys think Im being hacked?I just ran norton system scan and it found nothing,im running spyware doctor right now and so far its found 20 spywares but I dont know if they are related to this or not.
    If someone can shed some light on this for me that would be great,im starting to get paranoid

  2. #2
    Joined
    Oct 2003
    Location
    Midwest
    Age
    61
    Posts
    1,207

    Re: Am I being hacked?

    Download HiJackThis:

    http://www.spywareinfo.com/~merijn/programs.php

    Do a scan, and paste the results into this:

    http://www.hijackthis.de/

    And then hit analyze
    ......
    ................. Heat .....................

    24/7 speeds
    w/c - * GA-EP45-UD3P - Q9650 - 3737 - 9x415 * ...cpu-z... w/c - GTX260
    w/c - * A8N32-SLI-Dlx - Opty 170 - 2925 - 9x325 * ... cpu-z ... w/c - GTX260
    w/c - * A8N32-SLI-Dlx - Opty 170 - 2826 - 9x314 * ... cpu-z ... a/c - GTX260
    w/c - * A8N32-SLI-Dlx - Opty 165 - 2250 - 9x250 * ... cpu-z ... a/c - GTS250

  3. #3
    Joined
    Nov 2002
    Location
    In bed with one of my avatar AMD girls :D
    Age
    39
    Posts
    8,876

    Re: Am I being hacked?

    Thx but that didnt find anything unusual,it said everything is ok and safe.
    Im still a bit suspicious though,I checked windows folder and besides the explorer.exe that should be there,there is another file named simply explorer with no extension at all,I checked its properties and it said windows explorer command in description,I event tryed opening it to see what it does and it just opened up a normal explorer window.....
    Should this file be there?Am I just being paranoid?

  4. #4
    Joined
    Oct 2003
    Location
    Midwest
    Age
    61
    Posts
    1,207

    Re: Am I being hacked?

    If the log came up clean, you are more than likely fine.

    Just run your antivirus, and if it comes up clean, your, more than likely good to go.

    You could add spybot search and destroy to your aresenal, it finds things adaware misses.
    Last edited by Stevea; 03-29-2007 at 02:00 AM.
    ......
    ................. Heat .....................

    24/7 speeds
    w/c - * GA-EP45-UD3P - Q9650 - 3737 - 9x415 * ...cpu-z... w/c - GTX260
    w/c - * A8N32-SLI-Dlx - Opty 170 - 2925 - 9x325 * ... cpu-z ... w/c - GTX260
    w/c - * A8N32-SLI-Dlx - Opty 170 - 2826 - 9x314 * ... cpu-z ... a/c - GTX260
    w/c - * A8N32-SLI-Dlx - Opty 165 - 2250 - 9x250 * ... cpu-z ... a/c - GTS250

  5. #5
    Joined
    Nov 2002
    Location
    In bed with one of my avatar AMD girls :D
    Age
    39
    Posts
    8,876

    Re: Am I being hacked?

    I did run my anti virus which is norton and it found nothing
    Im even running online kaspersky scanner right now and it has found nothing.
    As for anti spyware I use spyware doctor which is superior to both spybot and ad aware,it found some minor spyware infections and removed them

    But we all know that a good hacker with a good trojan/virus can go undetected by anti virus programs.

    Which is why I still remain suspicious,I checked nortons logs for when explorer.EXE tried to access the internet and they were very suspicious IPs,one even listed a website called www.new-world-odour.com
    I googled that webpage to see what it was and all the results were links to blablalbla free this free that free movies,etc.....


    Ohh boy this is freaking me out.......
    Last edited by Poci; 03-29-2007 at 03:11 AM.

  6. #6
    Joined
    Dec 2000
    Posts
    5,051

    Re: Am I being hacked?

    Do a search ( Include system folder and subdirectories) for explorer.*.

  7. #7
    Joined
    Jan 2007
    Posts
    971

    Re: Am I being hacked?

    I keep explorer around for pages that won't open by Opera ,
    Opera seems much faster than any other browser I have tested


    That being said - I just deleted a file that was a windows downloader specifically for trojans - avg grabbed it , pointed it out when it wanted to access the net and no it was not an updater
    "Five senses; an incurably abstract intellect;
    a haphazardly selective memory;
    a set of preconceptions and assumptions
    so numerous that I can never examine more
    than a minority of them-never become conscious
    of them all.
    How much of total reality can such an apparatus let through?"

  8. #8
    Joined
    Aug 2003
    Location
    USA
    Posts
    5,843

    Re: Am I being hacked?

    Wait, if it asked this after you recently installed the oS, then its perfectly fine. I've ran across this before after installing windows and shortly thereafter installing zonealarm, or another kind of software firewall. You're fine if hijackthis didn't show anything suspicious.

  9. #9
    Joined
    Jul 2001
    Location
    UK
    Age
    51
    Posts
    20,229

    Re: Am I being hacked?

    Quote Originally Posted by Ganj View Post
    My firewall just gave me a strange alert,it said explorer.EXE is attempting to access the internet, <snip>
    If you're still concerned, zip up a copy of the file and email it to me - I'll check it out for you to make sure if it's a legit copy or not (in case it's been patched). You can PM me for my email addy.

    Also, some trojans inject code into running processes (like explorer) as a means of getting past firewalls and evading detection, but HJT should show that unless it's being hidden by a rootkit. However, this won't show up by just scanning the file as it's only present in memory - you'd need to do a memory dump of the process to see it.
    Last edited by Ned Slider; 03-29-2007 at 03:06 PM.

  10. #10
    Joined
    Oct 2005
    Location
    Stockholm, Sweden
    Posts
    1,503

    Re: Am I being hacked?

    When I am using the XP SP2 Windows Explorer, like searching the hard disk.
    It tries to send something to sa.windows.com
    Last time I checked the IP address, it was located in Washington USA.

    Windows Explorer has never accessed the Internet without me doing something with it.

    Note.
    If the computer is not connected to the Internert, it will not show up that it is doing this.

  11. #11
    Joined
    Nov 2002
    Location
    In bed with one of my avatar AMD girls :D
    Age
    39
    Posts
    8,876

    Re: Am I being hacked?

    PM sent to you Ned.

    Anyways doesnt anyone think that its weird that explorer.EXE was trying to connect to those IPs?Even weirder is that I just checked log again and the URLs associated with those IPs are gone.........

  12. #12
    Joined
    Mar 2003
    Location
    Near São Paulo, Brazil
    Age
    53
    Posts
    1,416

    Re: Am I being hacked?

    Spybot S&D has an embedded feature to block known malicious addresses automatically. It's called immunize.
    ***STILL WITH THE DARK SIDE, BUT PLANNING TO GO BACK TO AMD SOON ***

    C2D E6400/ GA-P35-DS3 / HD4670


  13. #13
    Joined
    Nov 2002
    Location
    In bed with one of my avatar AMD girls :D
    Age
    39
    Posts
    8,876

    Re: Am I being hacked?

    The one I use spyware doctor supposedly has the same feature.But hey I guess Ill try spybot anyways.

    Also I just noticed a few more suspicious files in windows root folder,they are bmp images.....
    One is named coffee beans.bmp another soap bubbles.bmp
    Wth Im pretty sure they arent supposed to be there and I have no idea how they got there

  14. #14
    Joined
    Mar 2003
    Location
    Near São Paulo, Brazil
    Age
    53
    Posts
    1,416

    Re: Am I being hacked?

    I suppose those are just wallpaper bitmaps, the kind you select "Tile together" in control panel.
    I have about a dozen of them in Win2k. Not sure how many in XP.
    ***STILL WITH THE DARK SIDE, BUT PLANNING TO GO BACK TO AMD SOON ***

    C2D E6400/ GA-P35-DS3 / HD4670


  15. #15
    Joined
    Nov 2002
    Location
    In bed with one of my avatar AMD girls :D
    Age
    39
    Posts
    8,876

    Re: Am I being hacked?

    Quote Originally Posted by MarkHark View Post
    I suppose those are just wallpaper bitmaps, the kind you select "Tile together" in control panel.
    I have about a dozen of them in Win2k. Not sure how many in XP.
    Hmm,well I sure hope they are not malicious.Can anyone else confirm this?If your running XP pro and have weird bmp images like the ones I mentioned in your windows root folder plz say so

    I downloaded AVG anti-spyware and it found a few tracking cookies which Im not worried about but it found one thing called Trojan.Small.dvz I think it was called.It removed it but still Im worried,I suspect I may have a rootkit on my PC.I downloaded AVG anti rootkit as well and it found nothing.
    Anyone know of a really good free rootkit detector that should find something others miss?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •