Vraag & Antwoord

Beveiliging & privacy

hack krack mijn computer???

5 antwoorden
  • Hello, zit ff met een gigantisch probleem! Iemand is in mijn systeem gekomen en heeft de beheerder account veranderd...rarara..Heb een ADSL verbinding met Firewall & antivirus, van Maccfee...laastste versies..Spayware en spybots...anti Trojan.. Hoe kan ik nou myn sesteem weer aanpassen zonder alles te herinstalleren.? Nou ben ik bevreesd dat wanneer ik iedere keer online ben dat die persoon in 't systeem zit....Heb wel Kazza lite...E-mule en Dc++ , dus via een van die (poorten) is die binnengekomen...Kan ik die weer sluiten????? Kent iemand dan een free ware programma die dat verhinderd en kan zien welke (poorten) ik kan openen en sluiten... Speel ook online BHD maar kan dat ook via een spelserver binnengekomen zijn? Nou is mijn systeem heel traag en verwerkt by een aantal sites zijn refresh langzaam... Heb een Pentium 4 3.0 Mhz HT- 1024 ram - ethernet card - 240 harde schijf - Sapphire 9800 Pro 128 - Mb Ik hoor 't wel......Thanx
  • Download [url=http://www.spywareinfo.com/~merijn/files/HijackThis.exe]HijackThis[/url]. Sla het bestand op in een eigen map. Niet op je bureaublad of in je Temp-files. HijackThis maak namelijk backups in de map waar het opgestart wordt. Run het programma. Klik op scan, save log en sla het log op als een .txt bestand. Kopieer en plak de inhoud in je volgende bericht. Dan halen we de bestanden eraf, die niet op je computer thuis horen.
  • Google op 'russian password crackers', dan eerste link. Daar taat wel ergens een programnma bij om je Administrator password te veranderen denk ik ;)
  • zo ff Hijack gedraaid en hier de resultaten kun je eigenlijk wijs uit worden???? Logfile of HijackThis v1.97.7 Scan saved at 20:50:21, on 18-4-2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe e:\antivirus\McAfee\McAfee VirusScan\Avsynmgr.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\WINDOWS\System32\gearsec.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe e:\antivirus\McAfee\McAfee VirusScan\VsStat.exe e:\antifirewall\McAfee\McAfee Firewall\CPD.EXE e:\antivirus\McAfee\McAfee VirusScan\Vshwin32.exe C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe e:\antivirus\McAfee\McAfee VirusScan\Avconsol.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE e:\antifirewall\McAfee\McAfee Firewall\CPD.EXE C:\ATI-CPanel\atiptaxx.exe C:\WINDOWS\System32\CTHELPER.EXE C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe E:\BeClean\bca.exe C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe C:\Program Files\Netropa\Onscreen Display\OSD.exe C:\Program Files\Netropa\InetKb\Inetkb.exe E:\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe E:\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE C:\PROGRA~1\boltcastowns\IDLEGLUE.exe C:\WINDOWS\System32\ctfmon.exe E:\FreeMem Standard\FreeMem.exe C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe E:\Creative\MediaSource\GO\CTCMSGo.exe F:\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe E:\Trojan Guarder Gold Version\Trojan Guarder.exe E:\MRU-Blaster\scheduler.exe F:\Pinnacle\Pinnacle PCTV\Vision\Vision.exe f:\Pinnacle\SHARED~1\Filter\server.exe f:\Pinnacle\SHARED~1\Filter\VBI_SE~1.EXE C:\Program Files\Messenger\msmsgs.exe F:\MICROS~1\Office10\OUTLOOK.EXE F:\Microsoft Office\Office10\WINWORD.EXE C:\Program Files\Internet Explorer\iexplore.exe E:\Hijack\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.iquicksearch.net/search.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://contexualsearch.com/searchbar.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://contexualsearch.com/searchbar.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://contexualsearch.com/passthrough/index.html?http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://contexualsearch.com/searchbar.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://contexualsearch.com/searchbar.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://contexualsearch.com/searchbar.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://contexualsearch.com/searchbar.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = contexualsearch.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://localhost:2558/cgi-bin/start.hps R3 - URLSearchHook: (no name) - _{0428FFC7-1931-45b7-95CB-3CBB919777E1} - (no file) R3 - URLSearchHook: (no name) - _{5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file) O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\SPYBOT~1\SDHelper.dll O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - e:\antivirus\McAfee\McAfee VirusScan\VSCShellExtension.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe O4 - HKLM\..\Run: [BeClean Agent] E:\BeClean\bca.exe O4 - HKLM\..\Run: [McAfee Guardian] "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [CTSysVol] e:\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe O4 - HKLM\..\Run: [CTDVDDet] e:\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [32ITCH] C:\PROGRA~1\boltcastowns\IDLEGLUE.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [FreeMem Pro] "E:\FreeMem Standard\FreeMem.exe" Startup O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR O4 - HKCU\..\Run: [Creative MediaSource Go] E:\Creative\MediaSource\GO\CTCMSGo.exe /SCB O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: MRU-Blaster Scheduler.lnk = E:\MRU-Blaster\scheduler.exe O4 - Startup: MRU-Blaster Silent Clean.lnk = E:\MRU-Blaster\mrublaster.exe O4 - Startup: PowerReg Scheduler.exe O4 - Global Startup: Adobe Gamma Loader.lnk = ? O4 - Global Startup: GetRight - Tray Icon.lnk.disabled O4 - Global Startup: InterVideo WinCinema Manager.lnk.disabled O4 - Global Startup: Microsoft Office.lnk = F:\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Nuria.lnk.disabled O4 - Global Startup: Pinnacle Scheduler.lnk = ? O4 - Global Startup: Trojan Guarder Gold Version.lnk = E:\Trojan Guarder Gold Version\Trojan Guarder.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Dictionary - http://www.ezreference.com/_/ie-com-p3.htm O8 - Extra context menu item: &Encyclopedia - http://www.ezreference.com/_/ie-com-e-p3.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://F:\MICROS~1\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN_XP.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/SU/ocx/12119/CTSUEng.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/pub/shockwave/cabs/director/swdir.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - O16 - DPF: {1EB17D1C-141D-4D9D-91CB-24D99215851D} - http://akamai.downloadv3.com/binaries/IA/netia32_EN_XP.cab O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {4E15D681-1D20-11D4-8B72-000021DA1956} - http://www.klikeuro.nl/plugins_met_herhaal_bezoek/zwartetijgersnl010.exe O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/software/launch/alaunch.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38057.4250462963 O16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} - http://support.fujitsu-siemens.de/DeskUpdate/isapi/activex.cab O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - http://www.symantec.com/techsupp/activedata/SymAData.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.roings.com/cabs/ieplug.cab O16 - DPF: {E3F7205F-2AE0-4BF0-816B-2D24A5F20EC7} - http://fr4-download.strip-player.com/download/stripplayer/bin/activestripsetup_minsize.cab O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} - http://www.symantec.com/techsupp/activedata/ActiveData.cab O16 - DPF: {F57D17AE-CE37-4BC8-B232-EA57747BE5E7} - http://66.230.146.53/EPlugin_NL.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/SU/ocx/12119/CTPID.cab
  • Er zit wat spyware rommel in je logje.. Beeindig via taakbeheer (ctrl+alt+del) de processen: IDLEGLUE.exe Vink in Hijackthis ALLEEN die regels aan die hieronder staan beschreven (je kan altijd weer een backup terugzetten). Sluit de browser en andere vensters behalve hijackthis en klik op "fix checked". START DAARNA OPNIEUW OP. R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.iquicksearch.net/search.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://contexualsearch.com/searchbar.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://contexualsearch.com/searchbar.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://contexualsearch.com/passthrough/index.html?http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://contexualsearch.com/searchbar.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://contexualsearch.com/searchbar.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://contexualsearch.com/searchbar.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://contexualsearch.com/searchbar.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = contexualsearch.com R3 - URLSearchHook: (no name) - _{0428FFC7-1931-45b7-95CB-3CBB919777E1} - (no file) R3 - URLSearchHook: (no name) - _{5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file) O4 - HKLM\..\Run: [32ITCH] C:\PROGRA~1\boltcastowns\IDLEGLUE.exe O4 - Startup: PowerReg Scheduler.exe O4 - Global Startup: Adobe Gamma Loader.lnk = ? O4 - Global Startup: Pinnacle Scheduler.lnk = ? Heb je de immuniseerfunctie van Spybot gebruikt dan hoef je deze twee O6 entries niet aan te vinken. O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN_XP.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - O16 - DPF: {1EB17D1C-141D-4D9D-91CB-24D99215851D} - http://akamai.downloadv3.com/binaries/IA/netia32_EN_XP.cab O16 - DPF: {4E15D681-1D20-11D4-8B72-000021DA1956} - http://www.klikeuro.nl/plugins_met_herhaal_bezoek/zwartetijgersnl010.exe O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.roings.com/cabs/ieplug.cab O16 - DPF: {E3F7205F-2AE0-4BF0-816B-2D24A5F20EC7} - http://fr4-download.strip-player.com/download/stripplayer/bin/activestripsetup_minsize.cab O16 - DPF: {F57D17AE-CE37-4BC8-B232-EA57747BE5E7} - http://66.230.146.53/EPlugin_NL.cab Verwijder na de herstart, bij voorkeur in de veilige mode, deze (eventueel nog) aanwezige bestanden of mappen (let op: Sommige kunnen verborgen staan dus eerst even dit uitvoeren: Start > instellngen > configuratiescherm > Mapopties > tabblad Weergave > klik "verborgen bestanden en mappen weergeven" en verwijder het vinkje bij Extensies voor bekende bestandstypen verbergen. > OK): C:\PROGRA~1\boltcastowns\IDLEGLUE.exe <= deze map

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.