hacked

  • penguin
  • Flying penguins
  • Banned
  • User avatar
  • Posts: 1647
  • Loc: Behind you !

Post 3+ Months Ago

well every email i have has been hacked into, I tried to recover my passwords but all the secret questions was the same " H@CKED BY M0RPH "

Now this person has hacked my two hotmail addresses and my google mail address. Just a little puzzled to how he has done this?

Do you think that it would be a keylogger on my pc? if so how can i find it, would i highjack log help anyone on this forum to help me out?

im so confused about it.
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Don2007
  • Web Master
  • Web Master
  • Don2007
  • Posts: 4924
  • Loc: NY

Post 3+ Months Ago

A keylogger is certainly a possibility and a hijack this log may find it. Just out of curiosity, did all of those accounts have the same password? What passwords were you using? You can tell us because you have to create new accounts and pick new passwords anyway. I'm just wondering how good they were.

Before you run Hijack This, reboot the machine, open a command prompt and run
netstat -ano
Post the output here. That's another way of checking for a key logger and it may point you to the ISP that M0RPH is using.
  • penguin
  • Flying penguins
  • Banned
  • User avatar
  • Posts: 1647
  • Loc: Behind you !

Post 3+ Months Ago

i was using the password //removed - don't post your passwords, even if they aren't good anymore. for my hotmail and googlemail and i will do what you said now
  • penguin
  • Flying penguins
  • Banned
  • User avatar
  • Posts: 1647
  • Loc: Behind you !

Post 3+ Months Ago

Urrm my print screen will not work on this laptop so it will have to be a highjack log as i cant paste my cmd log on here :(
  • grinch2171
  • Moderator
  • Genius
  • User avatar
  • Posts: 6807
  • Loc: Martinsburg, WV

Post 3+ Months Ago

You don't need print screen. In the command prompt click the top left corner and select Edit -> Mark. Highlight the stuff you want and press enter, then paste it here.
  • penguin
  • Flying penguins
  • Banned
  • User avatar
  • Posts: 1647
  • Loc: Behind you !

Post 3+ Months Ago

Microsoft Windows [Version 6.0.6000]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.

C:\Users\liam>netstat -ano

Active Connections

Proto Local Address Foreign Address State PID
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 924
TCP 0.0.0.0:554 0.0.0.0:0 LISTENING 4152
TCP 0.0.0.0:3390 0.0.0.0:0 LISTENING 1508
TCP 0.0.0.0:6646 0.0.0.0:0 LISTENING 5172
TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING 608
TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING 1044
TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING 1328
TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING 1104
TCP 0.0.0.0:49156 0.0.0.0:0 LISTENING 664
TCP 0.0.0.0:49158 0.0.0.0:0 LISTENING 652
TCP 127.0.0.1:10110 0.0.0.0:0 LISTENING 5440
TCP 127.0.0.1:49157 0.0.0.0:0 LISTENING 1660
TCP 127.0.0.1:50989 127.0.0.1:50990 ESTABLISHED 3448
TCP 127.0.0.1:50990 127.0.0.1:50989 ESTABLISHED 1660
TCP 127.0.0.1:51883 127.0.0.1:51880 TIME_WAIT 0
TCP 192.168.1.100:139 0.0.0.0:0 LISTENING 4
TCP 192.168.1.100:50991 207.46.111.65:1863 ESTABLISHED 1660
TCP [::]:135 [::]:0 LISTENING 924
TCP [::]:445 [::]:0 LISTENING 4
TCP [::]:554 [::]:0 LISTENING 4152
TCP [::]:2869 [::]:0 LISTENING 4
TCP [::]:3390 [::]:0 LISTENING 1508
TCP [::]:10243 [::]:0 LISTENING 4
TCP [::]:49152 [::]:0 LISTENING 608
TCP [::]:49153 [::]:0 LISTENING 1044
TCP [::]:49154 [::]:0 LISTENING 1328
TCP [::]:49155 [::]:0 LISTENING 1104
TCP [::]:49156 [::]:0 LISTENING 664
TCP [::]:49158 [::]:0 LISTENING 652
UDP 0.0.0.0:123 *:* 1328
UDP 0.0.0.0:500 *:* 1104
UDP 0.0.0.0:4500 *:* 1104
UDP 0.0.0.0:5004 *:* 4152
UDP 0.0.0.0:5005 *:* 4152
UDP 0.0.0.0:5355 *:* 1508
UDP 127.0.0.1:1900 *:* 1328
UDP 127.0.0.1:49238 *:* 1320
UDP 127.0.0.1:49240 *:* 1104
UDP 127.0.0.1:49281 *:* 1328
UDP 127.0.0.1:49291 *:* 5524
UDP 127.0.0.1:49295 *:* 3448
UDP 127.0.0.1:49398 *:* 3448
UDP 192.168.1.100:9 *:* 3448
UDP 192.168.1.100:137 *:* 4
UDP 192.168.1.100:138 *:* 4
UDP 192.168.1.100:1900 *:* 1328
UDP 192.168.1.100:6646 *:* 5172
UDP 192.168.1.100:16008 *:* 3448
UDP 192.168.1.100:49280 *:* 1328
UDP [::]:123 *:* 1328
UDP [::]:500 *:* 1104
UDP [::]:5004 *:* 4152
UDP [::]:5005 *:* 4152
UDP [::]:5355 *:* 1508
UDP [::1]:1900 *:* 1328
UDP [::1]:49278 *:* 1328
UDP [fe80::2040:2424:ae95:4d60%16]:1900 *:*
1328
UDP [fe80::2040:2424:ae95:4d60%16]:49279 *:*
1328
UDP [fe80::5067:9a4d:674a:ba90%12]:1900 *:*
1328
UDP [fe80::5067:9a4d:674a:ba90%12]:49276 *:*
1328
UDP [fe80::943f:723f:5a68:eecb%15]:1900 *:*
1328
UDP [fe80::943f:723f:5a68:eecb%15]:49275 *:*
1328
UDP [fe80::e873:297:4265:4a4b%8]:1900 *:*
1328
UDP [fe80::e873:297:4265:4a4b%8]:49277 *:*
1328

C:\Users\liam>
  • penguin
  • Flying penguins
  • Banned
  • User avatar
  • Posts: 1647
  • Loc: Behind you !

Post 3+ Months Ago

Hope that helps. I just dont get how a keylogger made it onto my pc?
  • kc0tma
  • o|||||||o
  • Web Master
  • User avatar
  • Posts: 3318
  • Loc: Trout Creek, MT

Post 3+ Months Ago

Nothing looks out of place. I'd say run your hijack this and fix anything that it says needs fixed. If you do have a key logger, they are probably having everything saved to a file, then they download the file whenever they feel like it. Most likely they aren't just sitting there watching your every key stroke as you make them. So unless you just happen to do this command again at the exact moment they are retrieving the file, you probably won't catch them red handed. Although that would be cool.....
  • penguin
  • Flying penguins
  • Banned
  • User avatar
  • Posts: 1647
  • Loc: Behind you !

Post 3+ Months Ago

so how can i protect my emails? forum accounts? paypal ect ect ? so does this mean that they could just hack into my paypal and get my bank details, and i cant do a thing about it
  • grinch2171
  • Moderator
  • Genius
  • User avatar
  • Posts: 6807
  • Loc: Martinsburg, WV

Post 3+ Months Ago

As far as your PM goes, you can post a HiJack This log and one of us will go through it and see if there is anything there.

There is no real way to protect your passwords. If someone wants it bad enough they will get it. My best advice is to use complex passwords. Letters, numbers, special characters and as long as you can make it without forgetting it. Don't use the same password for everything, I know this is difficult but you got to do what you got to do.
  • penguin
  • Flying penguins
  • Banned
  • User avatar
  • Posts: 1647
  • Loc: Behind you !

Post 3+ Months Ago

But if they have a keylogger will they not find it? Any way i have installed spyware doctor and that is scanning along side with AVG, I will post a highjack log when AVG stops running becuase it always says that highjack is running when avg is on.

Post Information

  • Total Posts in this topic: 11 posts
  • Users browsing this forum: No registered users and 64 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.