HELP!!i'm bein terrorized...

Status
Not open for further replies.
K

kreigsmarine

Broken In
a frnd of mine has learnt hackin from a site.now hes usin his knowledge to **** me...he hacked my hi5 account..he got my yahoo password(i hav no idea how)...and now hes threatin to delete my hi5 account...i remember he told me sumthin bout usin internet scripts to do his hackin...can nyone tell me how do i prevent him from doin all this..
btw,hi5's an online community like orkut...hes got my password and i dun think changin the password wud b of ny use cuz he will hack it again
so pls help..
he had also changed my display name from nishant to assh***...my bro told me to delete the testimonial that my frnd had given me...when i delted it ..my name changed back again...so i hope this gives u an idea howz he doin this...pls pls help..
 
Last edited:
OP
K

kreigsmarine

Broken In
@thunderbird---dont worry,hes not a frnd nymore
this is my hijack this log
Logfile of HijackThis v1.99.1
Scan saved at 9:47:47 PM, on 6/18/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\VVSN\VVSN.exe
C:\Program Files\Skype\Phone\Skype.exe
E:\Program Files\NetMeter\NetMeter.exe
E:\Program Files\adobe\Distillr\AcroTray.exe
E:\Program Files\Red Chair Software\Anapod Explorer\anamgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
E:\Program Files\Buddy Spy\BuddySpy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Explorer.EXE
H:\hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = *as.starware.com/dp/search?x=wKX1IL...gkvhPYiXtUONzi+15WmLh2NWPzRIJNbA81wE0MUa+rew=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - e:\program files\adobe\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: Starware - {CA356D79-679B-4b4c-8E49-5AF97014F4C1} - C:\Program Files\Starware\bin\Starware.dll
O3 - Toolbar: Starware - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - C:\Program Files\Starware\bin\Starware.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [E:\Program Files\NetMeter\NetMeter.exe] E:\Program Files\NetMeter\NetMeter.exe
O4 - HKCU\..\RunOnce: [CleanUp!] C:\CleanUp!\Cleanup.exe /WindowsRestart
O4 - Startup: Anapod Manager.lnk = E:\Program Files\Red Chair Software\Anapod Explorer\anamgr.exe
O4 - Global Startup: Acrobat Assistant.lnk = E:\Program Files\adobe\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

when i did a check using bazooka scanner,it found sumthin called "VVSN"

AND THIS IS wat it says bout vvsn
*www.kephyr.com/spywarescanner/library/vvsn/index.phtml?source=app
shud i delete it?

onemore thing,my names back to assh***..he told me that i wudnt be able to view my name as nishant for more than 3 daze continuosly for the next 3 weeks...so has he hijacked my cookies or sumthin bcuz u knoe hes specifyin a particular time period...
and i've already informed hi5...awaitin their reply
 
Last edited:
busyanuj

busyanuj

In the zone
here is a detailed analysis of your hijackthis logfile:
*hijackthis.de/logfiles/ee9d9f38fb72b366dd77905234abc39a.html

simply fix all the entries marked "nasty".

remember, this logfile will be saved for 3 days only.
 
__Virus__

__Virus__

Ambassador of Buzz
ur indeed keylogged and its not called hacking.. its called G@y act :) well a gud antivirus is sure to help u out :) I wud format my system once and start all over and start using a gud AV and NOT accpet any files I mean ANY file from anyone.. be it a gud hot nude chik ;)
 
OP
K

kreigsmarine

Broken In
@alpha geek---i seriously dont think that itz a keylogger.cuz i've never accepted ny file from him.i think he got my yahoo id thru a fake page(i.e i think it wuz fake) that he sent me.But i hav absolutely no clue how he got my hi5 password...
Can sumone pls tell me how the heck can he change my name??i've even changed my password...
i did a complete scan of the comp with avg and spybot..found 4-5 entries in spybot,which were removed..avg found nothin...
 
OP
K

kreigsmarine

Broken In
@rollercoaster----believe me...if i cud ,i wud i have smashed his fat little head to pieces by now.The thing is i'm in delhi and hes in hyderabad,otherwise he wudnt hav dared do all this stuff...that bloody faggot!
@-indyan----i've deleted those adwares usin spybot...also checkd the system using ewido...came clean

the thing is,i dont care how he got my password,and i dont think i'll find out either...Wat i wanna knoe is how the hell does he have access to my account despite my changing the password??????
and can nyone please tell me wat do i do now?I dont wanna b at that basta*** mercy...he keeps threatin to cancel my account.
btw,this is the site from which he learnt hackin---h4cky0u.org


hey..hey.hey...wuz checkin out this h4cky0u site when i came across this thread
*h4cky0u.org/viewtopic.php?t=14111
is this wat hes done?
 
Last edited:
Rollercoaster

Rollercoaster

-The BlacKCoaT Operative-
you should change the following in all your accounts

1. Password(user digits as well as special chars)
2. Security Question/Answer
3. Associated alternate email IDs

and do them all at the same go....
 
anandk

anandk

Distinguished Member
go in safe mode
run 'ccleaner' to clear ur pc junk/temp/cookies/etc
run adaware anti-spy AND ewido anti-malware AND ur avg too

re-boot into normal mode
again use ccleaner registry cleaner to clear residual junk of uninstalled adware
now change all ur passwords. use a,A,spl characters, numerals too. make it atleast 7-8 characs long

use zonealarm security suite or atleast zone alarm firewall, when on the net.
 
tuxfan

tuxfan

Technomancer
If things are so serious and creating real probs for you, ever thought about reporting to Cyber Crime Cell? Under the Indian Information Technology Act, hacking is a criminal offence. Punishment is fine of a lakh and even imprisonment :D

Threaten your so called friend with dire consequences and tell him that if anything happens to your account now, he will be the first suspect.
 
JGuru

JGuru

Wise Old Owl
Always create passwords as alpha-numeric codes like 2a5x6ej9m4. Never use
English words. If you use English words, it can misused by others. Install ZoneAlarm
firewall & some good anti-spyware like SpyBot.
 
Status
Not open for further replies.
Top Bottom