Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
December 1, 2023
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 464
Members: 0
Total: 464
PacketStorm News
·301 Moved Permanently

read more...
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Newbies corner -> Please help with PC security issue
Post new topic  Reply to topic View previous topic :: View next topic 
Please help with PC security issue
PostPosted: Tue Jun 30, 2009 9:39 pm Reply with quote
shyspy
Advanced user
Advanced user
 
Joined: Jun 08, 2009
Posts: 60




HI,

Well whenever i connect to the internet i get the following when i do an netstat -a

Code:

  TCP    administrator:1110     localhost:4762         TIME_WAIT
  TCP    administrator:1110     localhost:4778         TIME_WAIT
  TCP    administrator:1110     localhost:4795         TIME_WAIT
  TCP    administrator:1110     localhost:4802         TIME_WAIT
  TCP    administrator:1110     localhost:4805         TIME_WAIT
  TCP    administrator:1110     localhost:4806         TIME_WAIT
  TCP    administrator:1110     localhost:4809         TIME_WAIT
  TCP    administrator:1110     localhost:4814         ESTABLISHED
  TCP    administrator:1110     localhost:4816         ESTABLISHED
  TCP    administrator:1110     localhost:4819         TIME_WAIT
  TCP    administrator:1110     localhost:4822         TIME_WAIT
  TCP    administrator:1110     localhost:4824         TIME_WAIT
  TCP    administrator:1110     localhost:4826         TIME_WAIT
  TCP    administrator:1110     localhost:4828         TIME_WAIT
  TCP    administrator:1110     localhost:4844         ESTABLISHED
  TCP    administrator:1110     localhost:4845         ESTABLISHED
  TCP    administrator:1110     localhost:4847         ESTABLISHED
  TCP    administrator:1110     localhost:4850         ESTABLISHED
  TCP    administrator:1110     localhost:4852         ESTABLISHED
  TCP    administrator:1110     localhost:4853         ESTABLISHED
  TCP    administrator:1110     localhost:4854         ESTABLISHED
  TCP    administrator:1110     localhost:4855         ESTABLISHED
  TCP    administrator:1110     localhost:4860         ESTABLISHED
  TCP    administrator:1110     localhost:4861         ESTABLISHED
  TCP    administrator:1110     localhost:4864         ESTABLISHED
  TCP    administrator:1110     localhost:4866         ESTABLISHED
  TCP    administrator:1110     localhost:4869         ESTABLISHED
  TCP    administrator:1110     localhost:4872         ESTABLISHED
  TCP    administrator:1110     localhost:4874         ESTABLISHED
  TCP    administrator:1110     localhost:4875         TIME_WAIT
  TCP    administrator:1110     localhost:4876         ESTABLISHED
  TCP    administrator:1110     localhost:4896         ESTABLISHED
  TCP    administrator:1110     localhost:4898         ESTABLISHED
  TCP    administrator:4389     localhost:1110         ESTABLISHED
  TCP    administrator:4424     localhost:1110         ESTABLISHED
  TCP    administrator:4498     localhost:1110         ESTABLISHED
  TCP    administrator:4499     localhost:1110         ESTABLISHED
  TCP    administrator:4662     localhost:1110         TIME_WAIT
  TCP    administrator:4669     localhost:1110         ESTABLISHED
  TCP    administrator:4704     localhost:1110         TIME_WAIT
  TCP    administrator:4706     localhost:1110         TIME_WAIT
  TCP    administrator:4708     localhost:1110         ESTABLISHED
  TCP    administrator:4711     localhost:1110         ESTABLISHED
  TCP    administrator:4714     localhost:1110         TIME_WAIT
  TCP    administrator:4716     localhost:1110         TIME_WAIT
  TCP    administrator:4717     localhost:1110         TIME_WAIT
  TCP    administrator:4720     localhost:1110         TIME_WAIT
  TCP    administrator:4722     localhost:1110         TIME_WAIT
  TCP    administrator:4748     localhost:1110         TIME_WAIT
  TCP    administrator:4750     localhost:1110         TIME_WAIT
  TCP    administrator:4752     localhost:1110         TIME_WAIT
  TCP    administrator:4754     localhost:1110         TIME_WAIT
  TCP    administrator:4756     localhost:1110         TIME_WAIT
  TCP    administrator:4757     localhost:1110         TIME_WAIT
  TCP    administrator:4760     localhost:1110         TIME_WAIT
  TCP    administrator:4763     localhost:1110         TIME_WAIT
  TCP    administrator:4766     localhost:1110         TIME_WAIT
  TCP    administrator:4767     localhost:1110         TIME_WAIT
  TCP    administrator:4770     localhost:1110         TIME_WAIT
  TCP    administrator:4771     localhost:1110         TIME_WAIT
  TCP    administrator:4774     localhost:1110         TIME_WAIT
  TCP    administrator:4775     localhost:1110         TIME_WAIT
  TCP    administrator:4780     localhost:1110         TIME_WAIT
  TCP    administrator:4782     localhost:1110         TIME_WAIT
  TCP    administrator:4784     localhost:1110         TIME_WAIT
  TCP    administrator:4786     localhost:1110         TIME_WAIT
  TCP    administrator:4788     localhost:1110         TIME_WAIT
  TCP    administrator:4790     localhost:1110         TIME_WAIT
  TCP    administrator:4791     localhost:1110         TIME_WAIT
  TCP    administrator:4794     localhost:1110         TIME_WAIT
  TCP    administrator:4796     localhost:1110         TIME_WAIT
  TCP    administrator:4800     localhost:1110         TIME_WAIT
  TCP    administrator:4803     localhost:1110         TIME_WAIT
  TCP    administrator:4807     localhost:1110         TIME_WAIT
  TCP    administrator:4814     localhost:1110         ESTABLISHED
  TCP    administrator:4816     localhost:1110         ESTABLISHED
  TCP    administrator:4818     localhost:1110         TIME_WAIT
  TCP    administrator:4830     localhost:1110         TIME_WAIT
  TCP    administrator:4832     localhost:1110         TIME_WAIT
  TCP    administrator:4834     localhost:1110         TIME_WAIT
  TCP    administrator:4837     localhost:1110         TIME_WAIT
  TCP    administrator:4840     localhost:1110         TIME_WAIT
  TCP    administrator:4842     localhost:1110         TIME_WAIT
  TCP    administrator:4844     localhost:1110         ESTABLISHED
  TCP    administrator:4845     localhost:1110         ESTABLISHED
  TCP    administrator:4847     localhost:1110         ESTABLISHED
  TCP    administrator:4850     localhost:1110         ESTABLISHED
  TCP    administrator:4852     localhost:1110         ESTABLISHED
  TCP    administrator:4853     localhost:1110         ESTABLISHED
  TCP    administrator:4854     localhost:1110         ESTABLISHED
  TCP    administrator:4855     localhost:1110         ESTABLISHED
  TCP    administrator:4860     localhost:1110         ESTABLISHED
  TCP    administrator:4861     localhost:1110         ESTABLISHED
  TCP    administrator:4864     localhost:1110         ESTABLISHED
  TCP    administrator:4866     localhost:1110         ESTABLISHED
  TCP    administrator:4869     localhost:1110         ESTABLISHED
  TCP    administrator:4872     localhost:1110         ESTABLISHED
  TCP    administrator:4874     localhost:1110         ESTABLISHED
  TCP    administrator:4876     localhost:1110         ESTABLISHED
  TCP    administrator:4896     localhost:1110         ESTABLISHED
  TCP    administrator:4898     localhost:1110         ESTABLISHED


Does this mean that my pc is hacked.
I have no server Or anything running on my system.
View user's profile Send private message
PostPosted: Tue Jun 30, 2009 11:25 pm Reply with quote
gibbocool
Advanced user
Advanced user
 
Joined: Jan 22, 2008
Posts: 208




Its possible it's hacked or a virus, but we need some more info.. perhaps your process list or something..
Try run an antivirus and antispyware.

_________________
http://www.gibbocool.com
View user's profile Send private message Visit poster's website
PostPosted: Wed Jul 01, 2009 12:53 am Reply with quote
BoboTiG
Advanced user
Advanced user
 
Joined: Jun 22, 2009
Posts: 66




And If you can give us programs loaded at boot (msconfig) too.
View user's profile Send private message Visit poster's website
-
PostPosted: Wed Jul 01, 2009 7:58 am Reply with quote
shyspy
Advanced user
Advanced user
 
Joined: Jun 08, 2009
Posts: 60




Quote:

Its possible it's hacked or a virus, but we need some more info.. perhaps your process list or something..
Try run an antivirus and antispyware.

Quote:

And If you can give us programs loaded at boot (msconfig) too.


My task Manager running process are,

http://www.tadkalagake.com/images/770_running_process.JPG

Msconfig Startup process are ,

http://www.tadkalagake.com/images/638_msstartup.JPG
View user's profile Send private message
PostPosted: Wed Jul 01, 2009 10:35 am Reply with quote
gibbocool
Advanced user
Advanced user
 
Joined: Jan 22, 2008
Posts: 208




Do you know what rthdcpl.exe, vbptask.exe, and hkcmd.exe are? If not, kill them and see if it solves your problem

_________________
http://www.gibbocool.com
View user's profile Send private message Visit poster's website
PostPosted: Wed Jul 01, 2009 11:46 am Reply with quote
shyspy
Advanced user
Advanced user
 
Joined: Jun 08, 2009
Posts: 60




gibbocool wrote:
Do you know what rthdcpl.exe, vbptask.exe, and hkcmd.exe are? If not, kill them and see if it solves your problem


well i trie dthhs but doesn't help and some process like klwtblfs.exe and otehrs can't be ended.

Also now my pc is running very very slow ....

I have formated it but as soon as i connect to the internet its again infected.

One more thing m using win xp pro do i need to update it Or go for vista will it provide more security or something.
View user's profile Send private message
PostPosted: Wed Jul 01, 2009 12:29 pm Reply with quote
pexli
Valuable expert
Valuable expert
 
Joined: May 24, 2007
Posts: 665
Location: Bulgaria




rthdcpl.exe
Quote:
rthdcpl.exe is a process belonging to the Realtek HD Audio Control Panel and is bundled alongside Realtek sound cards and audio hardware. "This program is a non-essential process, but should not be terminated unless suspected to be causing problems.\r"



vbptask.exe
Quote:
vbptask.exe is located in a subfolder of "C:\Program Files". Known file sizes on Windows XP are 114,688 bytes (39% of all occurrence), 122,880 bytes, 118,784 bytes, 131,072 bytes, 139,264 bytes, 110,592 bytes, 143,360 bytes, 135,168 bytes, 237,568 bytes, 159,744 bytes.
vbptask.exe is not a Windows core file. Program is loaded during the Windows boot process (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). The program has no visible window. vbptask.exe is able to hide itself. Therefore the technical security rating is 56% dangerous, however also read the users reviews.


hkcmd.exe
Quote:
"hkcmd.exe" is Intel's "extreme" grahics hot key interceptor. If you never use the Intel hotkeys, you can go to Control Panel > Intel Extreme Graphics > Hot Keys and turn them off.

Get more detailed information about hkcmd.exe and all other running background processes with Security Task Manager.

Note: Any malware can be named anything - so you should check where the files of the running processes are located on your disk. If a "non-Microsoft" .exe file is located in the C:\Windows or C:\Windows\System32 folder, then there is a high risk for a virus, spyware, trojan or worm infection!
View user's profile Send private message
PostPosted: Wed Jul 01, 2009 7:10 pm Reply with quote
BoboTiG
Advanced user
Advanced user
 
Joined: Jun 22, 2009
Posts: 66




In msconfig, do not check NULL and vchost. vchost is a spyware.
View user's profile Send private message Visit poster's website
Security Task Manager1.7
PostPosted: Thu Jun 17, 2010 7:26 am Reply with quote
arun005
Beginner
Beginner
 
Joined: Jun 17, 2010
Posts: 1




Hello,

Enhanced Process Viewer that protects your PC Use the link : http://www.trustdownload.com/Antivirus-and-Spyware-Cleaners/Antivirus/Security-Task-Manager.html

Thank you
View user's profile Send private message
PostPosted: Mon Oct 04, 2010 4:47 am Reply with quote
ashin
Beginner
Beginner
 
Joined: Oct 04, 2010
Posts: 1




Thank you for the link

_________________
www.cyberls.com
View user's profile Send private message
PostPosted: Tue Oct 05, 2010 3:51 am Reply with quote
sk8er
Advanced user
Advanced user
 
Joined: May 09, 2005
Posts: 64




you will use a firewall, endian Firewall is a good.

http://www.endian.com/en/community/overview/

saludos.
View user's profile Send private message Send e-mail MSN Messenger
Please help with PC security issue
  www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Post new topic  Reply to topic  




Powered by phpBB 2001-2008 phpBB Group






Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2020 Janek Vind "waraxe"
Page Generation: 0.165 Seconds