Sign in with
Sign up | Sign in
Your question

Been hacked

Last response: in Windows Vista
Share
October 13, 2011 2:25:18 AM

Hello,
I went into window task manager and seen that remote access was running by name of rasman. i tried to stop service and it said unable to stop service the operation could not be completed. Access is denied please someone help me thanks. I have a window vista hp

More about : hacked

a b 8 Security
October 13, 2011 5:14:31 AM

Can u log off? That will kill the connection. And u can disable the remote connection.
m
0
l
Related resources
October 13, 2011 8:47:36 PM

i cant kill the connection i Tried it. just says access denied or cant do it. and on when i go to system properties and go to remote i only see the top there no bottom. there no way to disconnect it keeps telling me denied like someone blocked me
m
0
l
a b 8 Security
October 13, 2011 10:33:03 PM

Can u log off? Disconnect from the internet.
m
0
l
October 14, 2011 12:58:43 AM

i disconnected from the internet and in safe mode but i couldnt kill the remote user
m
0
l
October 14, 2011 1:50:49 AM

i Ran all the programs u told me to do i installed them and it came up clean. no malware
m
0
l
October 14, 2011 1:56:16 AM

also it says im not an administrator even though my computer shows i am.
m
0
l
a b 8 Security
October 14, 2011 2:32:26 AM

Can u run Belarc Advisor - Free Personal PC Audit?

It will show what everything is installed and what is the state of security of your system. Post it.

http://www.belarc.com/free_download.html
m
0
l
October 14, 2011 2:47:54 AM

ok im downloading it will let you know result
m
0
l
a b 8 Security
October 14, 2011 2:53:46 AM

Check if there is any program that's not yours, by the install date.
m
0
l
October 14, 2011 2:57:46 AM


System Security Status Security Benchmark Score


1.88 of 10 (details...)

Virus Protection Up-to-date


Microsoft Security Updates 9 missing

--------------------------------------------------------------------------------

Computer Profile Summary
Computer Name: xxxx-PC (in WORKGROUP)
Profile Date: Thursday, October 13, 2011 7:48:49 PM
Advisor Version: 8.2f
Windows Logon: xxxx


Plan for your next computer refresh...
click for Belarc's System Management products

Operating System new – server roles System Model
Windows Vista Home Premium Service Pack 1 (build 6001)
Install Language: English (United States)
System Locale: English (United States)
Installed: 10/10/2011 9:46:06 PM Hewlett-Packard HP G60 Notebook PC F.35
System Serial Number: 2CE9101XFJ
Enclosure Type: Notebook
Processor a Main Circuit Board b
2.00 gigahertz AMD Athlon Dual-Core QL-62
64 kilobyte primary memory cache
1024 kilobyte secondary memory cache
64-bit ready
Multi-core (2 total)
Not hyper-threaded Board: Wistron 303C 08.49
Bus Clock: 133 megahertz
BIOS: Hewlett-Packard F.35 02/17/2009
new USB Storage Use in past 30 Days (mouse over last used for details) new Hosted Virtual Machines (mouse over name for details)
Last Used
Generic- Multi-Card, s/n 20071114173400000, rev 1.00 10/10/2011 9:47:08 PM*


* Possibly used again before the reboot following this time. None discovered
Drives new – drive encryption Memory Modules c,d
250.06 Gigabytes Usable Hard Drive Capacity
197.28 Gigabytes Hard Drive Free Space

Optiarc DVD RW AD-7580S ATA Device [Optical drive]

SAMSUNG HM251JI [Hard drive] (250.06 GB) -- drive 0, s/n S1BVJD9S209159, rev 2SS00_03, SMART Status: Healthy 2814 Megabytes Usable Installed Memory

Slot 'S1' has 2048 MB
Slot 'S2' has 1024 MB
Local Drive Volumes new – volume encryption

c: (NTFS on drive 0) * 238.37 GB 195.38 GB free
d: (NTFS on drive 0) 11.68 GB 1.90 GB free


* Operating System is installed on c:

Network Drives
None discovered
Users (mouse over user name for details) Printers
local user accounts last logon
Timothy 10/13/2011 6:17:50 PM (admin)
local system accounts
Administrator 10/10/2011 9:59:56 PM (admin)
Guest never


Marks a disabled account; Marks a locked account Microsoft XPS Document Writer on XPSPort:
Send To Microsoft OneNote Driver on Send To Microsoft OneNote Port:

Controllers Display
ATA Channel 0 [Controller] (2x)
ATA Channel 1 [Controller] (2x)
Standard Dual Channel PCI IDE Controller (2x) LogMeIn Mirror Driver [Display adapter]
NVIDIA GeForce 8200M G [Display adapter]
Generic PnP Monitor (15.9"vis)
Bus Adapters Multimedia
Microsoft iSCSI Initiator
Standard Enhanced PCI to USB Host Controller (2x)
Standard OpenHCD USB Host Controller (2x) Conexant High Definition SmartAudio 221
NVIDIA HDMI Audio
Virus Protection [Back to Top] Group Policies
AVG Internet Security 2012
None discovered
Communications new – connection speed & status Other Devices
HDAUDIO Soft Data Fax Modem with SmartCP


↑ Atheros AR5007 802.11b/g WiFi Adapter
primary Auto IP Address: 192.168.1.4 / 24
Gateway: 192.168.1.1
Dhcp Server: 192.168.1.1
Physical Address: 00:24:2B:C8:13:45
Connection Speed: 54 Mbps
Microsoft ISATAP Adapter
↓ NVIDIA nForce 10/100/1000 Mbps Networking Controller
Status: Cable unplugged
Dhcp Server: none responded
Physical Address: 00:1F:16:71:CA:A2
Teredo Tunneling Pseudo-Interface

Networking Dns Server: 192.168.1.1
Microsoft AC Adapter
Microsoft ACPI-Compliant Control Method Battery
HP Webcam-101
Standard 101/102-Key or Microsoft Natural PS/2 Keyboard with HP QLB
Synaptics PS/2 Port TouchPad [Mouse]
Realtek USB 2.0 Card Reader
USB Composite Device
USB Root Hub (4x)
Generic volume shadow copy

See your entire network map...
click for Belarc's System Management products

Network Map (mouse over IP address for physical address) [Back to Top]
IP Device Type Device Details Device Roles
192.168.1.1 Router Netgear DHCP Server, Gateway, Domain Name Server, Web Server
192.168.1.2 System Apple
192.168.1.4 Windows Vista Workstation Timothy-pc (in WORKGROUP) Web Server, Browse Master
192.168.1.45 Physical Address 7C:ED:8D:99:B9:12


Find your security vulnerabilities...
click for Belarc's System Management products

Missing Microsoft Security Hotfixes [Back to Top]
These required security hotfixes were not found installed (using the 10/11/2011 Microsoft Security Bulletin Summary with definitions version 2011.10.12.4). Note: Security benchmarks require that Critical and Important severity security hotfixes must be installed.
Q936960 - Important (details...)
Q950130 - Critical (details...)
Q951550 - Important (details...)
Q954038 - Important (details...)
Q2512827 - Critical (details...)
Q2538242 - Important (details...)
Q2538243 - Important (details...)
Q2565063 - Important (details...)
Q2617986 - Critical (details...)

Hotfixes from Windows Update (agent version 7.4.7600.226) install automatically. Last install: 10/13/2011 2:03:08 PM, download: 10/13/2011 4:49:06 PM, check: 10/13/2011 1:25:42 PM.

Manage all your software licenses...
click for Belarc's System Management products

Software Licenses [Back to Top]

Avg - IDS 7JNN9FY3ZUSQGMHF27AS
Belarc - Advisor 124ddbbd
Cyberlink - PowerStarter CDS080612-02
Cyberlink - PowerStarter CDS080612-03
Cyberlink - QuickPlay HQP080710-01
Cyberlink - QuickPlay MV49742189549015
Hewlett-Packard - System Properties 2CE9101XFJ
Microsoft - Internet Explorer 89578-OEM-7332157-00061 (Key: 2R6WF-KYF88-27HYQ-XTKW2-WQD8Q)e
Microsoft - PowerShell 89383-100-0001260-04309
Microsoft - Windows Vista Home Premium 89578-OEM-7332157-00061 (Key: 2R6WF-KYF88-27HYQ-XTKW2-WQD8Q)e
Microsoft - Works 91697-OEM-0400003-00000
Microsoft - Works 9.0 91697-OEM-0400003-00000 (Key: TM66R-2Q86K-HXPBD-CQ9TR-9WTQY)e


Find unused software and reduce licensing costs...
click for Belarc's System Management products

Software Versions & Usage (mouse over i for details, click i for location) [Back to Top]
i 2007 Microsoft Office system Version 12.0.4518.1014
i Acrobat.com
ı i Adobe Acrobat Version 9.0.0.2008061200
i Adobe AIR 1.0.1 Version 1.0.1
i Adobe Reader Version 9.0.0.2008061200
i Adobe Systems, Inc. - Shockwave Flash Version 10,3,183,5
i Adobe Systems, Inc. - Shockwave Flash Version 11,0,1,152
i Adobe Systems, Inc. - Shockwave for Director Version 11.0
i Adobe Systems, Inc. - Shockwave Version 11.0
i Agatha Christie - Death on the Nile Version 1.1.0.22
ı i Application STServices Version 1, 0, 0, 12
ı i AVG Internet Security Version 12.0.0.1829
ı i Belarc, Inc. - Advisor Version 8.2f
i BVRP - NetWaiting Version 2.5.46
ı i Conexant Systems, Inc. - SoftK56 Modem Driver Version 1.00.15.00
i CyberLink - DZM Version 2.00.0222
i CyberLink - PowerStarter Version 6.00.2203
i CyberLink Corp. - HP DVDPlay Version 3.7.0.5723
ı i CyberLink Corp. - HP QuickPlay Version 3.7.0.5723
i CyberLink Corp. - LabelPrint Version 2.5.0.0926
ı i CyberLink Corp. - MUI StartMenu Application Version 1.00.0924
i CyberLink Corp. - Power2Go Version 6.0.0.2202
i CyberLink Corp. - PowerDirector Version 7.00.2201
ı i CyberLink Corp. - StartMen Application Version 1.00.1224
i CyberLink YouCam Version 2.00.1616
ı i Google Chrome Version 14.0.835.202
ı i Google Update Version 1.2.183.21
i Google Updater Version 2.4.1441.4352.beta
i Hewlett-Packard - HP Battery Check Version 3.1.9.1
ı i Hewlett-Packard - HP Health Check Scheduler Version 3.1.9.1
ı i Hewlett-Packard - HP Health Check Service Version 3.1.9.1
i Hewlett-Packard - HP Health Check Version 3.1.9.1
i Hewlett-Packard - HP Software Update Client Version 4, 0, 10, 1
i Hewlett-Packard - HP System Information Version 3.1.9.1
ı i Hewlett-Packard - HP Total Care Advisor Version 2.4.4941.2798
i Hewlett-Packard - HPHS Launcher Version 2.1.1.0
ı i Hewlett-Packard - hpwuSchd Application Version 80, 1, 0, 0
ı i Hewlett-Packard Company - HPTCS Version 1.1.1963.2799
ı i Hewlett-Packard Development Company, L.P. - HP Quick Launch Buttons Version 6, 4, 8, 2
ı i Hewlett-Packard Development Company, L.P. - HP Quick Launch Buttons Version 6.4.4.2
ı i Hewlett-Packard Development Company, L.P. - HP Wireless Assistant Version 3, 0, 9, 1
ı i Hewlett-Packard Development Company, L.P. - hpqwmiex Module Version 2, 00, 2, 5
ı i HideMyIpSRV.exe Version 2.1.0.5
i Juno Dial-up
i Macrovision Corporation - InstallShield (R) Version 10.50
ı i Malwarebytes' Anti-Malware Version 1.51.1118 ı i Microsoft (R) Windows Script Host Version 5.7.0.6000
i Microsoft Clip Organizer Version 12.0.4518.1014
i Microsoft Corporation - digital locker assistant Version 1.6.5
ı i Microsoft Corporation - Internet Explorer Version 7.00.6000.16386
i Microsoft Corporation - Office Diagnostics Service Version 12.0.4518.1014
i Microsoft Corporation - Office Diagnostics Version 12.0.4518.1014
i Microsoft Corporation - Office Source Engine Version 12.0.4518.1014
ı i Microsoft Corporation - Windows Defender Version 1.1.1600.0
ı i Microsoft Corporation - Windows Installer - Unicode Version 4.0.6000.16386
i Microsoft Corporation - Windows Version 1.0.0.1
i Microsoft Office OneNote Version 12.0.4518.1014
i Microsoft Office Picture Manager Version 12.0.4518.1014
i Microsoft Open XML Converter Version 12.0.4518.1014
i Microsoft® .NET Framework Version 2.0.50727.3053
i Microsoft® .NET Framework Version 3.0.4506.648
i Microsoft® .NET Framework Version 4.0.31106.0
ı i Microsoft® Windows® Operating System Version 11.0.6001.7010
i Microsoft® Works 9 Version 9.07.0613.0
i muveeReveal Version 7.0
i Netzero Dial-up
ı i NirSoft - IPNetInfo Version 1.37
ı i NVIDIA Driver Helper Service, Version 176.14 Version 7.15.11.7614
i Piriform Ltd - CCleaner Version 3, 11, 0, 1550
i Quick Tour
ı i RichVideo Module Version 2.0.3027
i Safer Networking Limited - Secure Shredder Version 1.9.0.0
i Safer Networking Limited - Spybot - Search & Destroy Version 1, 5, 2, 0
ı i Safer Networking Limited - Spybot - Search & Destroy Version 1, 6, 0, 30
i Safer Networking Limited - SpyBot-S&D Version 1, 6, 2, 0
ı i Safer Networking Ltd. - Spybot - Search & Destroy Version 1, 6, 0, 0
ı i Snapfish Media Detector Version 1, 7, 0, 7
i Snapfish Picture Mover - Move Photos in a Snap!
i SoftThinks - Application CD Creator Version 7, 0, 91, 54
i SoftThinks - Recovery Manager Version 7, 0, 91, 5
i Sun Microsystems, Inc. - Java(TM) Platform SE 6 U7 Version 6.0.70.6
ı i Synaptics Pointing Device Driver Version 11.1.3 17Apr08
ı i TeamViewer Version 6.0
ı i ToolbarU Application Version 8, 0, 0, 34
ı i VProtect Application Version 8, 0, 0, 34
i WildTangent, Inc. - GameConsole Version 1.0.0.1
i WizLink Application Version 1, 0, 0, 1
ı i www.hidemyip.com - Hide My IP Version 5.3.0.17648
ı i Yahoo! AutoUpdater Version 1.0.0.53
i Yahoo! Inc. - Y! BrowserPlus Version 2.9.8.0
ı i Yahoo! Messenger Version 11,0,0,2014
ı i {StringFileInfo_CompanyName} - {StringFileInfo_ProductName} Version 1.0.0.17700


Audit your security posture...
click for Belarc's System Management products

Installed Microsoft Hotfixes [Back to Top]
Compatibility Pack for the 2007 Office system
KB934528 on 10/22/2008 (details...)
MSXML4SP2
KB954430 on 10/12/2011 (details...)
KB973688 on 10/12/2011 (details...)
Office Home and Student 2007
KB934528 on 10/22/2008 (details...)
Office PowerPoint Viewer 2007 (English)
KB934528 on 10/22/2008 (details...)
Windows Vista
KB935509 on 1/20/2008 (details...)
......

Click here to see all available Microsoft security hotfixes for this computer.

Marks a security hotfix (using the 10/11/2011 Microsoft Security Bulletin Summary)
Marks a security hotFix that fails verification (a security vulnerability)
Marks a hotfix that verifies correctly
Marks a hotfix that fails verification (note that failing hotfixes need to be reinstalled)
Unmarked hotfixes lack the data to allow verification


--------------------------------------------------------------------------------
a. Processor clock speed is measured at computer start-up, and on laptops may be impacted by power option settings.
b. Data may be transferred on the bus at one, two, or four times the Bus Clock rate.
c. Memory slot contents may not add up to Installed Memory if some memory is not recognized by Windows.
d. Memory slot contents is reported by the motherboard BIOS. Contact system vendor if slot contents are wrong.
e. This is the manufacturer's factory installed product key rather than yours. You can change it to your product key here http://go.microsoft.com/fwlink/?LinkId=45668 for Windows, or here http://support.microsoft.com/?kbid=895456 for Office.
Copyright 2000-11, Belarc, Inc. All rights reserved.
Legal notice. U.S. Patents 5665951, 6085229 and Patents pending.
--------------------------------------------------------------------------------
m
0
l
October 14, 2011 3:09:11 AM

it shows administrative account has been disabled as well as guest
m
0
l
a b 8 Security
October 14, 2011 3:13:32 AM

meigshigh08, do u have a original install disc? Or back up image?
m
0
l
October 14, 2011 3:17:32 AM

No I dont have one
m
0
l
October 14, 2011 3:29:02 AM

said system error 5 has occurred access is denied
m
0
l
October 14, 2011 3:38:05 AM

I did it this is what it says on cmd


C:\Users\xxxxxxx>net user administratnet user administrator /active:yes
The syntax of this command is:

NET USER
[username [password | *] [options]] [/DOMAIN]
username {password | *} /ADD [options] [/DOMAIN]
username [/DELETE] [/DOMAIN]
username [/TIMES:{times | ALL}]
m
0
l
a b 8 Security
October 14, 2011 3:41:37 AM

Can u use LiveCD to reset the password?
m
0
l
a b 8 Security
October 14, 2011 3:41:54 AM

Do u have a USB stick?
m
0
l
October 14, 2011 4:12:56 AM

where do i go on there? there is so many of them and files
m
0
l
October 14, 2011 4:21:00 AM

im reading it but have no cd or usb. would have to get to walmart. cd-rw the cd i want?
m
0
l
a b 8 Security
October 14, 2011 4:22:16 AM

Get 5pack CD-r, that will do. But find cheap USB pen drive and u can reuse that one.
m
0
l
October 14, 2011 4:26:37 AM

ok so i cant go any farther until i do that?
m
0
l
October 14, 2011 4:52:08 AM

so i would need windows install disc before he locks me out for good? and where can i get one ? im not under warranty anymore been two years
m
0
l
a b 8 Security
October 14, 2011 5:07:37 AM

meigshigh08 said:
so i would need windows install disc before he locks me out for good? and where can i get one ? im not under warranty anymore been two years

No, what if he locks u out? U don't have any install disc anymore, so what u gonna do?

If he sets the password on the start up, and u don't know it, what than.

Anyway, u should re-install, u have some oldies there : )
m
0
l
October 14, 2011 5:18:05 AM

yea. he cant do nothing if this computer is shut down right? i tried to do some methods of catching it but there no ip address nor ways of stopping it. can you shut anyone down or hack into computer from miles and miles and miles away? or do you gotta be close?
m
0
l
a b 8 Security
October 14, 2011 5:58:39 AM

It doesn't matter how far away are u.
m
0
l
a b 8 Security
October 14, 2011 6:03:17 AM

What I was wondering, what if u would install a firewall and not let anything in unless u know what it is.
Download,disconnect from the net physically and install, restart ... Not to let it connect again. If it will let u install at all : )

http://personalfirewall.comodo.com/free-download.html?k...
m
0
l
a b 8 Security
November 11, 2011 3:10:17 AM

meigshigh08 said:
yea. he cant do nothing if this computer is shut down right? i tried to do some methods of catching it but there no ip address nor ways of stopping it. can you shut anyone down or hack into computer from miles and miles and miles away? or do you gotta be close?

Hey, did u got it solved?
m
0
l
!