• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Was my pc hacked?

Joined
May 22, 2008
Messages
419 (0.12/day)
Likes
11
Processor AMD Phenom II 720 3x2,8 GHz BE
Motherboard MSI 870A Fuzion A770 SAM3
Cooling Scythe Zipang SCZP-1000
Memory Crucial 4GB DDR3 1600MHz Ballistix Sport CL9
Video Card(s) PALIT GeForce GTX 560Ti 1GB
Storage TOSHIBA 1000GB 32MB 3,5'' 7200 SATA III
Display(s) Gateway FPD2275W `22
Case Shinobi SH09A
Power Supply Thermaltake Toughpower W0116 750W
Software Windows 7 Ultimate 64bit
#1
Every time when I start PC and connect to internet, this massage in HijackThis appears:

O17 - HKLM\System\CCS\Services\Tcpip\..\{F052A8D9-84A0-4405-860B-9C593D51C8E0}: NameServer = 212.2.96.54 212.2.96.52
Do you know the IP or Domain '212.2.96.54 212.2.96.52'? If not, fix this entry.
I can fix it, but after restart my system and connect to internet, this entry appears again in HijackThis. Even when I remove this entry and reconect to the internet, this problem back again. When I disconnetct my PC from the internet, HijackThis doesn`t detect this problem.

How can I remove this entry permanently?
 
Last edited:
Joined
May 9, 2011
Messages
1,892 (0.77/day)
Likes
890
Location
Mainland Britain
System Name H2o Box
Processor Intel(R) Xeon e5-2690 v2 Stock 3.3GHz
Motherboard MSI X79A-G43 Plus (MS-7760) v3
Cooling CPU EK Block & Phobya G-Changer 360 V2.0 RAD H2o
Memory Gskill RipjawsZ 16Gb & Gskill TridentX 16Gb 9-10-9-28 2T @ 1866Mhz [locked]
Video Card(s) Zotac GTX 1080ti AMP EXTREME
Storage HyperX Fury 120GB & Savage 480GB SSD, Seagate 250GB,250GB 7200rpm Kingston 64GB SSD
Display(s) Panasonic GT30 46'' 1080p 3D HDTV [Custom Resolution 4096*2304]
Case Corsair O-800D
Audio Device(s) Creative Sound Blaster X-Fi Titanium Fatal1ty Pro
Power Supply Be Quiet! [Dark Power Pro 11] 1200W CM replaced [7-4-2017]
Mouse Asus ROG
Keyboard Microsoft Digital Media 1.0A
Software Win 10 Pro 64Bit v 1703 / OS[build 16299.192]
#2
Hi

This may help - http://ip-lookup.net/ , use the *Lookup an IP address : box; at the bottom of the page to see who the IP or Domain belong to.

atb (all the best)

Law-II
 
Last edited:
Joined
Oct 12, 2008
Messages
5,659 (1.67/day)
Likes
2,608
Location
στο άλφα έως ωμέγα
System Name Ha/AhHa/Dell
Processor QX9650 SLAWN C1/i7-980x/i7-6700K
Motherboard GA-X48_DS4 (F3B bios)/Gigabyte x58A-UDR3 v 2.0(modded FH bios)/Dell Foxconn 0XJ8C4 Z170
Cooling CNPS9900 LED/H60/ 3 pipe-center fan-air
Memory 8 Gig of G.Skill F2-8800CL5D/24 Gb Corsair Vengence/ 24Gb Samsung DDR4 2133
Video Card(s) Galaxy NVIDIA GeForce GTX 960/PowerColor R9 280/ASUS R9 380X Strix G1
Storage All have SSDs with HDDs for extra storage and backup/Dell-M.2 Samsung 850 EVO PCIe
Display(s) Asus 266H/Viewsonic 1080p/HP ZR24W
Case CM-690/CM-690 II adv/Dell 8900 series
Audio Device(s) All use on board (Realtek) w/2.1 speakers
Power Supply PC P&C 750/PC P&C Silencer 950/CM 700 Extreme
Mouse Logitech
Keyboard Logitech
Software Windows 10 Pro - 64 bit/Windows 10 Pro - 64bit/Windows 10 Pro - 64bit
#3
Seems those are Polkomtel (Plus+) 's DNS nameservers.

Did you change your DNS servers or install setup software from (Plus+) Polkomtel.
Who is your service (internet,video, cellular access, software etc.) provider?

Check or change your DNS servers:Change TCP/IP settings

If you want to try OpenDNS, here is their instructions:Change your settings: Configuration for Windows 7

Here is a useful couple of tools.
One for changing your DNS server easily:Dns jumper v1.0.4
And, one to edit your hosts file:BlueLifeHosts editor v1.0

If you do not remember changing your DNS or have no software or dealings with Plus+ (Polkomtel), then run Malwarebytes and your favorite A/V programs to check for any baddies.

I do not believe that has anything to do with you being hacked.:)
 
Joined
May 22, 2008
Messages
419 (0.12/day)
Likes
11
Processor AMD Phenom II 720 3x2,8 GHz BE
Motherboard MSI 870A Fuzion A770 SAM3
Cooling Scythe Zipang SCZP-1000
Memory Crucial 4GB DDR3 1600MHz Ballistix Sport CL9
Video Card(s) PALIT GeForce GTX 560Ti 1GB
Storage TOSHIBA 1000GB 32MB 3,5'' 7200 SATA III
Display(s) Gateway FPD2275W `22
Case Shinobi SH09A
Power Supply Thermaltake Toughpower W0116 750W
Software Windows 7 Ultimate 64bit
#4
Yes, I`m using Polkomtel (Plus+) software. They`re my internet suppliers. I`ll try with Malwarebytes...

Edit:

OTL results:

OTL.txt
Code:
http://wklej.org/id/820080/
Extras.txt
Code:
http://wklej.org/id/820082/
Could someone take a look?
 
Joined
Nov 4, 2005
Messages
9,976 (2.24/day)
Likes
2,336
System Name MoFo 2
Processor AMD PhenomII 1100T @ 4.2Ghz
Motherboard Asus Crosshair IV
Cooling Swiftec 655 pump, Apogee GT,, MCR360mm Rad, 1/2 loop.
Memory 8GB DDR3-2133 @ 1900 8.9.9.24 1T
Video Card(s) HD7970 1250/1750
Storage Agility 3 SSD 6TB RAID 0 on RAID Card
Display(s) 46" 1080P Toshiba LCD
Case Rosewill R6A34-BK modded (thanks to MKmods)
Audio Device(s) ATI HDMI
Power Supply 750W PC Power & Cooling modded (thanks to MKmods)
Software A lot.
Benchmark Scores Its fast. Enough.
#6
Hijack this is not for users who ask what it is, unless they are asked to use it by users who know what it is.


*******************************

Its just your DNS or WINS being hijacked by your ISP's questionable software.


If you don't like to see this message use OpenDNS or Google for DNS lookup.
 
Joined
Jan 17, 2010
Messages
10,168 (3.48/day)
Likes
6,814
Location
Oregon
System Name Delta // Alpha-HTPC
Processor Intel i7 6700K // Intel i5 4570
Motherboard GIGABYTE Z270X-Gaming K7 // Gigabyte H97M -D3H
Cooling Corsair H80i V2 // Silverstone NT-06 Pro
Memory Corsair DDR4 3000 32gb //G.SKILL Ripjaws X Series 8GB 1600
Video Card(s) EVGA GTX980ti// EVGA GTX 1050ti
Storage Samsung 950 Pro 512, 2 Tb FireCuda// Samsung 850 Pro, Synology NAS with 2X Toshiba 6Tb
Display(s) ASUS PB278Q 27" 1440X 2560 // 50" Samsung Plasma 720p
Case Corsair Obsidian Series 550D // Silverstone Granada GD05
Audio Device(s) ASUS Xonar DGX // HDMI to Yamaha RX V571
Power Supply Corsair TX850M // SeaSonic G Series 550w
Mouse Logitech G502
Keyboard Corsair K70
Software Windows 10 64bit // Windows 7 64bit with Kodi
#7
Exactly