Check alle échte Black Friday-deals Ook zo moe van nepaanbiedingen? Wij laten alleen échte deals zien
Toon posts:

[PC] Windows XP GE-Hacked?

Pagina: 1
Acties:
  • 193 views sinds 30-01-2008
  • Reageer

zaterdag 24 maart 2007 23:54

Acties:
  • D467
  • Registratie: Juni 2006
  • Laatst online: 09-11 12:33

D467

[M]

Topicstarter
Beste Tweakers,

Ik was van plan om een poortje opentegooien voor p2p in me router, staat er opeens: Busy, en geen (web) admin paneel. Dit heb ik nog nooit meegemaakt maar afijn. Ik bekijk dus of alle beveiliging op me computer goed zit (McAfee), zie ik bij alles alle balkjes groen staan. Ik bekijk dus de firewall van McAfee zie ik opeens dat er allemaal gekke ip adressen verbinding hebben met mijn computer?

(msn staat uit, p2p programma staat uit etc, alleen internet explore 7 staat nu aan.)


Ik ging dus op google zoeken naar de poorten die ze gebruiken en kom ik tot me verbazing dat me pc best wel is een zombie pc kan zijn? Of is hier een anderen verklaring voor?

Alvast bedankt!

Ik maak gebruik van Windows XP home edition, heb de virusscanner van McAfee al laten draaien en Ad-ware van lavasoft en die vonden geen ernstige dingen....


Log McAfee firewall plus:
Date/Time Source IP Hostname SPort DPort Event Information
Date/Time Source IP Hostname SPort DPort Event Information
2007/03/24 23:52:59 82.53.123.62 4673 4672 remote file access server
2007/03/24 23:53:00 58.17.152.117 45931 4672 remote file access server
2007/03/24 23:53:02 84.204.100.115 29528 4672 remote file access server
2007/03/24 23:52:46 195.132.204.63 48639 4672 remote file access server
2007/03/24 23:52:47 89.0.16.88 6672 4672 remote file access server
2007/03/24 23:52:47 82.210.155.200 8090 4672 remote file access server
2007/03/24 23:52:49 84.100.96.42 55273 4672 remote file access server
2007/03/24 23:52:39 213.60.58.38 6792 4672 remote file access server
2007/03/24 23:52:33 88.5.148.12 29127 4672 remote file access server
2007/03/24 23:52:14 85.240.169.217 4672 4672 remote file access server
2007/03/24 23:52:15 88.149.228.187 4672 4672 remote file access server
2007/03/24 23:52:19 213.22.58.196 4672 4672 remote file access server
2007/03/24 23:52:05 81.164.68.150 60694 4672 remote file access server
2007/03/24 23:52:05 82.158.240.86 4672 4672 remote file access server
2007/03/24 23:52:06 82.209.59.114 55322 4672 remote file access server
2007/03/24 23:51:56 193.77.156.9 19235 4672 remote file access server
2007/03/24 23:51:47 201.88.24.48 50886 4672 remote file access server
2007/03/24 23:51:35 80.230.30.173 4672 4672 remote file access server
2007/03/24 23:51:35 84.77.47.190 54450 4672 remote file access server
2007/03/24 23:51:27 189.130.13.177 4672 4672 remote file access server
2007/03/24 23:51:29 151.50.211.240 59011 4672 remote file access server
2007/03/24 23:51:31 200.47.20.161 4772 4672 remote file access server
2007/03/24 23:51:21 151.44.142.149 4672 4672 remote file access server
2007/03/24 23:51:23 80.139.202.43 4262 4672 remote file access server
2007/03/24 23:51:14 82.121.1.162 6928 4672 remote file access server
2007/03/24 23:51:14 87.6.26.111 20225 4672 remote file access server
2007/03/24 23:51:07 85.50.4.186 10001 4672 remote file access server
2007/03/24 23:51:08 85.139.107.18 4672 4672 remote file access server
2007/03/24 23:51:10 151.37.75.232 1756 4672 remote file access server
2007/03/24 23:50:52 217.86.91.114 4672 4672 remote file access server
2007/03/24 23:50:41 88.19.54.160 4672 4672 remote file access server
2007/03/24 23:50:43 82.154.213.16 4672 4672 remote file access server
2007/03/24 23:50:35 89.14.94.124 4672 4672 remote file access server
2007/03/24 23:50:36 86.202.106.137 7571 4672 remote file access server
2007/03/24 23:50:37 200.102.248.240 4672 4672 remote file access server
2007/03/24 23:50:38 217.132.13.220 6672 4672 remote file access server
2007/03/24 23:50:22 86.203.69.244 1024 4672 remote file access server
2007/03/24 23:50:22 213.156.55.141 63943 4672 remote file access server
2007/03/24 23:50:24 87.196.94.112 4672 4672 remote file access server
2007/03/24 23:50:07 85.140.90.151 4672 4672 remote file access server
2007/03/24 23:49:54 85.240.172.122 4672 4672 remote file access server
2007/03/24 23:49:56 88.111.160.86 4672 4672 remote file access server
2007/03/24 23:49:48 82.226.64.171 4672 4672 remote file access server
2007/03/24 23:49:26 87.19.14.155 4672 4672 remote file access server
2007/03/24 23:49:28 69.255.141.157 48913 4672 remote file access server
2007/03/24 23:49:30 88.8.24.233 29737 4672 remote file access server
2007/03/24 23:49:20 89.217.140.202 15340 4672 remote file access server
2007/03/24 23:49:10 83.23.159.53 5349 4672 remote file access server
2007/03/24 23:49:10 83.35.37.140 4672 4672 remote file access server
2007/03/24 23:49:11 88.8.231.115 4662 4672 remote file access server
2007/03/24 23:49:14 86.70.140.82 55407 4672 remote file access server
2007/03/24 23:48:53 90.27.216.109 35436 4672 remote file access server
2007/03/24 23:48:39 89.0.83.178 7029 4672 remote file access server
2007/03/24 23:48:43 80.83.50.72 61191 4672 remote file access server
2007/03/24 23:48:11 89.76.129.153 4672 4672 remote file access server
2007/03/24 23:48:14 80.253.245.113 21720 4672 remote file access server
2007/03/24 23:48:03 90.1.17.168 6564 4672 remote file access server
2007/03/24 23:48:06 80.181.220.106 12397 4672 remote file access server
2007/03/24 23:47:56 217.255.100.152 32659 4672 remote file access server
2007/03/24 23:47:59 82.237.223.81 55321 4672 remote file access server
2007/03/24 23:47:46 80.230.76.131 6672 4672 remote file access server
2007/03/24 23:47:47 201.30.97.195 63334 4672 remote file access server
2007/03/24 23:47:33 85.138.157.239 41072 4672 remote file access server
2007/03/24 23:47:33 80.180.204.10 4672 4672 remote file access server
2007/03/24 23:47:37 88.14.204.111 22225 4672 remote file access server
2007/03/24 23:47:21 80.104.198.55 4672 4672 remote file access server
2007/03/24 23:47:14 172.212.43.170 4672 4672 remote file access server
2007/03/24 23:47:04 81.39.172.88 4672 4672 remote file access server
2007/03/24 23:47:05 217.42.137.160 57953 4672 remote file access server
2007/03/24 23:47:08 61.57.15.180 4665 4672 remote file access server
2007/03/24 23:46:57 59.63.20.75 3779 4672 remote file access server
2007/03/24 23:47:01 87.13.80.152 4672 4672 remote file access server
2007/03/24 23:46:49 172.158.12.86 64938 4672 remote file access server
2007/03/24 23:46:50 84.120.185.164 43721 4672 remote file access server
2007/03/24 23:46:41 222.119.59.174 4803 4672 remote file access server
2007/03/24 23:46:35 83.11.245.182 60775 4672 remote file access server
2007/03/24 23:46:35 194.181.128.246 32617 4672 remote file access server
2007/03/24 23:46:28 82.56.164.186 49763 4672 remote file access server
2007/03/24 23:46:29 202.158.188.252 57834 4672 remote file access server
2007/03/24 23:46:30 125.230.175.129 22053 4672 remote file access server
2007/03/24 23:46:32 86.211.143.17 4672 4672 remote file access server
2007/03/24 23:46:12 84.108.123.29 6672 4672 remote file access server
2007/03/24 23:46:03 89.100.137.22 6022 4672 remote file access server
2007/03/24 23:46:05 89.170.11.2 48195 4672 remote file access server
2007/03/24 23:45:57 88.8.221.201 4672 4672 remote file access server
2007/03/24 23:45:57 81.193.239.208 4672 4672 remote file access server
2007/03/24 23:45:47 84.5.120.44 21371 4672 remote file access server
2007/03/24 23:45:39 82.112.136.15 17612 4672 remote file access server
2007/03/24 23:45:30 201.17.24.181 4620 4672 remote file access server
2007/03/24 23:45:33 87.10.145.160 54995 4672 remote file access server
2007/03/24 23:45:19 83.52.31.166 4672 4672 remote file access server
2007/03/24 23:45:12 83.20.140.12 4672 4672 remote file access server
2007/03/24 23:45:12 88.123.255.191 4672 4672 remote file access server
2007/03/24 23:45:13 200.159.216.151 7973 4672 remote file access server
2007/03/24 23:45:15 83.13.45.122 4672 4672 remote file access server
2007/03/24 23:45:16 84.222.127.177 4672 4672 remote file access server
2007/03/24 23:45:05 217.227.17.95 4672 4672 remote file access server
2007/03/24 23:45:07 81.35.170.219 4672 4672 remote file access server
2007/03/24 23:45:08 85.57.1.51 56630 4672 remote file access server
2007/03/24 23:44:55 84.145.35.102 61732 4672 remote file access server
2007/03/24 23:44:56 82.122.30.181 4672 4672 remote file access server
2007/03/24 23:44:44 89.1.104.36 21988 4672 remote file access server
2007/03/24 23:44:45 85.243.17.89 4674 4672 remote file access server
2007/03/24 23:44:47 87.103.53.162 4672 4672 remote file access server
2007/03/24 23:44:33 81.56.46.13 4672 4672 remote file access server
2007/03/24 23:44:27 81.62.44.244 8630 4672 remote file access server
2007/03/24 23:44:27 151.56.208.160 4672 4672 remote file access server
2007/03/24 23:44:28 201.81.144.41 4672 4672 remote file access server
2007/03/24 23:44:30 217.132.130.21 4672 4672 remote file access server
2007/03/24 23:44:20 201.26.92.178 4672 4672 remote file access server
2007/03/24 23:44:21 190.31.86.16 4672 4672 remote file access server
2007/03/24 23:44:21 202.22.230.175 49659 4672 remote file access server
2007/03/24 23:44:22 80.39.117.93 4773 4672 remote file access server
2007/03/24 23:44:08 200.233.250.156 4672 4672 remote file access server
2007/03/24 23:44:09 83.45.68.84 4672 4672 remote file access server
2007/03/24 23:43:56 172.186.242.119 27054 4672 remote file access server
2007/03/24 23:43:56 200.211.215.2 4672 4672 remote file access server
2007/03/24 23:43:57 59.63.20.75 3779 4672 remote file access server
2007/03/24 23:43:46 88.167.192.29 85 4672 remote file access server
2007/03/24 23:43:48 90.18.104.208 4672 4672 remote file access server
2007/03/24 23:43:49 62.111.225.97 37500 4672 remote file access server
2007/03/24 23:43:41 88.25.111.176 23038 4672 remote file access server
2007/03/24 23:43:42 83.46.0.45 4672 4672 remote file access server
2007/03/24 23:43:34 201.74.241.44 53515 4672 remote file access server
2007/03/24 23:43:37 89.84.126.1 34426 4672 remote file access server
2007/03/24 23:43:27 84.99.60.9 55300 4672 remote file access server
2007/03/24 23:43:30 220.191.85.146 7566 4672 remote file access server
2007/03/24 23:43:10 89.36.95.102 4672 4672 remote file access server
2007/03/24 23:43:10 86.139.194.123 7737 4672 remote file access server
2007/03/24 23:42:57 83.44.29.40 4672 4672 remote file access server
2007/03/24 23:42:45 79.0.129.30 4672 4672 remote file access server
2007/03/24 23:42:36 82.154.174.210 4672 4672 remote file access server
2007/03/24 23:42:37 83.201.105.23 14672 4672 remote file access server
2007/03/24 23:42:40 212.90.211.109 22415 4672 remote file access server
2007/03/24 23:42:21 213.97.156.34 4672 4672 remote file access server
2007/03/24 23:42:21 195.132.65.9 9045 4672 remote file access server
2007/03/24 23:42:23 83.43.34.41 4672 4672 remote file access server
2007/03/24 23:42:26 200.127.6.7 31212 4672 remote file access server
2007/03/24 23:42:02 83.187.209.36 4672 4672 remote file access server
2007/03/24 23:41:56 82.238.205.29 7757 4672 remote file access server
2007/03/24 23:42:00 82.158.240.86 4672 4672 remote file access server
2007/03/24 23:42:00 87.203.199.161 athedsl-56915.otenet.gr 10004 4672 remote file access server
2007/03/24 23:41:46 58.49.193.105 4679 4672 remote file access server
2007/03/24 23:41:46 85.137.120.45 4672 4672 remote file access server
2007/03/24 23:41:48 83.40.126.149 4672 4672 remote file access server
2007/03/24 23:41:49 151.74.93.38 22036 4672 remote file access server
2007/03/24 23:41:37 83.156.86.146 27901 4672 remote file access server
2007/03/24 23:41:37 83.36.43.241 55938 4672 remote file access server
2007/03/24 23:41:38 82.234.152.251 4672 4672 remote file access server
2007/03/24 23:41:40 82.121.43.92 23178 4672 remote file access server
2007/03/24 23:41:30 84.130.221.113 4672 4672 remote file access server
2007/03/24 23:41:13 82.61.158.227 4672 4672 remote file access server
2007/03/24 23:41:05 82.25.133.252 6125 4672 remote file access server
2007/03/24 23:41:08 87.15.196.139 4672 4672 remote file access server
2007/03/24 23:41:09 84.60.184.188 4672 4672 remote file access server
2007/03/24 23:41:01 83.28.64.182 43490 4672 remote file access server
2007/03/24 23:40:52 83.213.33.79 11872 4672 remote file access server
2007/03/24 23:40:56 83.171.182.187 4672 4672 remote file access server
2007/03/24 23:40:36 83.200.109.217 7571 4672 remote file access server
2007/03/24 23:40:39 83.16.129.97 60549 4672 remote file access server

zondag 25 maart 2007 00:00

Acties:

Verwijderd

p2p, edonkey-netwerk gebruikt default dat poort. Zeker net je programma uitgeklikt, want je connecties blijven dan een x aantal seconden/minuten bestaan. nix aant handje in ieder geval :P

zondag 25 maart 2007 00:03

Acties:
  • gambieter
  • Registratie: Oktober 2006
  • Niet online

gambieter

Just me & my cat

Poort 4672 is een standaard poort voor Emule/Edonkey, dus dat kan wel kloppen. Herstart je computer maar eerst eens even :) .

I had a decent lunch, and I'm feeling quite amiable. That's why you're still alive.

zondag 25 maart 2007 00:03

Acties:
  • Snake
  • Registratie: Juli 2005
  • Laatst online: 07-03-2024

Snake

Los Angeles, CA, USA

Zijn wel een heel deel erros.

Draaien er gekke processen op de achtergrond?

Going for adventure, lots of sun and a convertible! | GMT-8

zondag 25 maart 2007 00:04

Acties:
  • D467
  • Registratie: Juni 2006
  • Laatst online: 09-11 12:33

D467

[M]

Topicstarter
Verwijderd schreef op zondag 25 maart 2007 @ 00:00:
p2p, edonkey-netwerk gebruikt default dat poort. Zeker net je programma uitgeklikt, want je connecties blijven dan een x aantal seconden/minuten bestaan. nix aant handje in ieder geval :P
Heb hem zeker 15 minuten geleden uitgezet log heb ik weer leeg gemaakt. Kan nog steeds me router niet in (ik denk zometeen effe stroom eraf halen).

Dit is trouwens de nieuwe log:
Date/Time Source IP Hostname SPort DPort Event Information
2007/03/24 23:57:48 218.27.76.20 1873 4672 remote file access server
2007/03/24 23:57:49 84.121.104.222 1755 4672 remote file access server
2007/03/24 23:57:49 189.166.109.93 4672 4672 remote file access server
2007/03/24 23:57:51 82.250.163.161 6622 4672 remote file access server
2007/03/24 23:58:16 84.228.123.134 4672 4672 remote file access server
2007/03/24 23:58:18 85.141.159.166 4672 4672 remote file access server
2007/03/24 23:58:19 86.69.102.23 6672 4672 remote file access server
2007/03/24 23:58:29 220.113.160.122 5151 4672 remote file access server
2007/03/24 23:58:29 62.57.177.114 61105 4672 remote file access server
2007/03/24 23:58:32 87.2.128.250 1756 4672 remote file access server
2007/03/24 23:58:34 82.239.18.33 4672 4672 remote file access server
2007/03/24 23:58:34 219.71.218.70 4672 4672 remote file access server
2007/03/24 23:58:58 86.35.186.85 64638 4672 remote file access server
2007/03/24 23:59:02 82.55.247.159 21240 4672 remote file access server
2007/03/24 23:59:02 88.26.11.36 4672 4672 remote file access server
2007/03/24 23:59:04 89.100.137.22 6022 4672 remote file access server
2007/03/24 23:59:04 211.212.80.203 4672 4672 remote file access server
2007/03/24 23:59:06 88.165.152.139 4672 4672 remote file access server
2007/03/24 23:59:14 86.215.249.187 61336 4672 remote file access server
2007/03/24 23:59:15 201.218.95.130 8638 4672 remote file access server
2007/03/24 23:59:25 81.241.131.227 62911 4672 remote file access server
2007/03/24 23:59:27 83.180.160.194 10134 4672 remote file access server
2007/03/24 23:59:56 87.16.90.145 4672 4672 remote file access server
2007/03/25 00:00:00 80.25.61.99 99.Red-80-25-61.staticIP.rima-tde.net 15624 4672 remote file access server
2007/03/25 00:00:04 87.178.111.235 p57B26FEB.dip.t-dialin.net 4672 4672 remote file access server
2007/03/25 00:00:09 213.190.69.160 6672 4672 remote file access server
2007/03/25 00:00:11 151.48.69.57 adsl-ull-57-69.48-151.net24.it 50668 4672 remote file access server
2007/03/25 00:00:12 87.206.0.128 chello087206000128.chello.pl 51210 4672 remote file access server
2007/03/25 00:00:20 84.60.237.176 dslb-084-060-237-176.pools.arcor-ip.net 60224 4672 remote file access server
2007/03/25 00:00:23 80.180.215.183 host183-215.pool80180.interbusiness.it 25633 4672 remote file access server
2007/03/25 00:00:25 62.90.195.118 62-90-195-118.alami.net 55443 4672 remote file access server
2007/03/25 00:00:26 83.132.136.235 a83-132-136-235.cpe.netcabo.pt 4672 4672 remote file access server
2007/03/25 00:00:29 85.59.44.84 84.pool85-59-44.dynamic.orange.es 4672 4672 remote file access server
2007/03/25 00:00:31 83.195.226.80 ARennes-352-1-9-80.w83-195.abo.wanadoo.fr 60608 4672 remote file access server
2007/03/25 00:00:38 88.139.25.76 88-139-25-76.adslgp.cegetel.net 4672 4672 remote file access server
2007/03/25 00:00:40 81.39.151.114 114.Red-81-39-151.dynamicIP.rima-tde.net 4662 4672 remote file access server
2007/03/25 00:00:41 213.254.94.207 cable94a207.usuarios.retecal.es 42953 4672 remote file access server
2007/03/25 00:00:43 201.89.165.97 4672 4672 remote file access server
2007/03/25 00:00:56 82.56.169.99 host99-169-dynamic.56-82-r.retail.telecomitalia.it 12505 4672 remote file access server
2007/03/25 00:01:12 60.240.26.106 60-240-26-106-nsw-pppoe.tpgi.com.au 21481 4672 remote file access server
2007/03/25 00:01:15 86.80.226.197 ip5650e2c5.speed.planet.nl 16327 4672 remote file access server
2007/03/25 00:01:18 82.52.174.37 host37-174.pool8252.interbusiness.it 6346 4672 remote file access server
2007/03/25 00:01:20 85.152.212.179 cm-85-152-212-179.telecable.es 4672 4672 remote file access server
2007/03/25 00:01:20 87.18.112.88 host88-112-dynamic.18-87-r.retail.telecomitalia.it 4672 4672 remote file access server
2007/03/25 00:01:21 81.65.169.194 m194.net81-65-169.noos.fr 4672 4672 remote file access server
2007/03/25 00:01:28 200.47.20.161 aquiles.inaes.gov.ar 4772 4672 remote file access server
2007/03/25 00:01:32 83.27.226.209 bck209.neoplus.adsl.tpnet.pl 53508 4672 remote file access server
2007/03/25 00:01:42 87.2.87.120 host120-87-dynamic.2-87-r.retail.telecomitalia.it 55426 4672 remote file access server
2007/03/25 00:01:46 84.232.63.206 40001 4672 remote file access server
2007/03/25 00:01:49 88.9.50.84 84.Red-88-9-50.dynamicIP.rima-tde.net 10547 4672 remote file access server
2007/03/25 00:02:01 87.13.52.14 host14-52-static.13-87-r.retail.telecomitalia.it 63408 4672 remote file access server
2007/03/25 00:02:07 89.228.205.249 host-89-228-205-249.kalisz.mm.pl 4672 4672 remote file access server
2007/03/25 00:02:08 88.154.63.183 bzq-88-154-63-183.red.bezeqint.net 4672 4672 remote file access server
2007/03/25 00:02:14 82.56.171.94 host94-171-dynamic.56-82-r.retail.telecomitalia.it 4665 4672 remote file access server
2007/03/25 00:02:21 83.196.66.180 AStrasbourg-151-1-36-180.w83-196.abo.wanadoo.fr 4672 4672 remote file access server
2007/03/25 00:02:24 82.50.12.72 host72-12.pool8250.interbusiness.it 4672 4672 remote file access server
2007/03/25 00:02:41 87.29.125.195 host195-125-static.29-87-b.business.telecomitalia.it 4672 4672 remote file access server
2007/03/25 00:02:44 86.211.66.168 AToulon-256-1-11-168.w86-211.abo.wanadoo.fr 4661 4672 remote file access server
2007/03/25 00:02:44 88.9.50.84 84.Red-88-9-50.dynamicIP.rima-tde.net 10547 4672 remote file access server
2007/03/25 00:02:45 81.184.51.243 243.red-81-184-51.user.auna.net 4672 4672 remote file access server
2007/03/25 00:02:47 84.77.245.32 9110 4672 remote file access server
2007/03/25 00:02:49 87.204.123.2 gate.krotoszyn.kaskada.net 58137 4672 remote file access server
2007/03/25 00:02:52 12.44.208.239 21066 4672 remote file access server
2007/03/25 00:02:54 151.74.228.255 8065 4672 remote file access server
2007/03/25 00:02:58 77.216.129.184 d77-216-129-184.cust.tele2.fr 4672 4672 remote file access server
2007/03/25 00:02:59 65.94.45.198 bas3-montreal02-1096691142.dsl.bell.ca 4672 4672 remote file access server
2007/03/25 00:03:10 61.229.212.31 61-229-212-31.dynamic.hinet.net 10702 4672 remote file access server
2007/03/25 00:03:13 83.190.82.236 d83-190-82-236.cust.tele2.it 4672 4672 remote file access server
2007/03/25 00:03:20 212.241.105.248 cm105-248.liwest.at 4672 4672 remote file access server
2007/03/25 00:03:43 83.6.253.232 abdl232.neoplus.adsl.tpnet.pl 4672 4672 remote file access server

zondag 25 maart 2007 00:07

Acties:
  • gambieter
  • Registratie: Oktober 2006
  • Niet online

gambieter

Just me & my cat

Er wordt geprobeerd de download op je bestand voort te zetten. Deel je soms veel bestanden?

I had a decent lunch, and I'm feeling quite amiable. That's why you're still alive.

zondag 25 maart 2007 00:09

Acties:
  • Puch-Maxi
  • Registratie: December 2003
  • Laatst online: 00:03

Puch-Maxi

Ik heb even een paar ip's gepinged, deze verwijzen allemaal naar DSL/Cable users
post eens een Hijackthis log ?

[ Voor 26% gewijzigd door Puch-Maxi op 25-03-2007 00:10 ]

My favorite programming language is solder.

zondag 25 maart 2007 00:09

Acties:
  • D467
  • Registratie: Juni 2006
  • Laatst online: 09-11 12:33

D467

[M]

Topicstarter
gambieter schreef op zondag 25 maart 2007 @ 00:07:
Er wordt geprobeerd de download op je bestand voort te zetten. Deel je soms veel bestanden?
Nope heel het p2p programma staat ook uit...

Log HijackThis
Logfile of HijackThis v1.99.1
Scan saved at 0:07:19, on 25-3-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\progra~1\mcafee\MCAFEE~1\masalert.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\Program Files\Lexmark 6200 Series\lxbumon.exe
C:\Program Files\Lexmark 6200 Series\ezprint.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Salling Software AB\Salling Clicker\WinClicker.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\progra~1\mcafee\mcafee antispyware\massrv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\lxbucoms.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hitman Pro\hitmanpro2.exe
c:\PROGRA~1\mcafee.com\agent\McDash.exe
c:\program files\mcafee.com\shared\mghtml.exe
C:\Program Files\McAfee.com\Personal Firewall\MpfConsole.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:4001
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~1\masalert.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxbumon.exe] "C:\Program Files\Lexmark 6200 Series\lxbumon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 6200 Series\ezprint.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Windows Media Connect 2] "C:\Program Files\Windows Media Connect 2\WMCCFG.exe" /StartQuiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WinClicker.exe] "C:\Program Files\Salling Software AB\Salling Clicker\WinClicker.exe" -atboottime
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn...tatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendm.../win32/activex/hcImpl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://matrixjohny.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn...rStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - c:\progra~1\mcafee\mcafee antispyware\massrv.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe

zondag 25 maart 2007 00:14

Acties:
  • Puch-Maxi
  • Registratie: December 2003
  • Laatst online: 00:03

Puch-Maxi

Ziet er zo op het eerste gezicht wel clean uit

My favorite programming language is solder.

zondag 25 maart 2007 00:16

Acties:
  • gambieter
  • Registratie: Oktober 2006
  • Niet online

gambieter

Just me & my cat

D467 schreef op zondag 25 maart 2007 @ 00:09:
[...]
Nope heel het p2p programma staat ook uit...
[...]
Wat ik bedoel is dat als je veel deelt, dan stuurt het netwerk waarschijnlijk allerlei verzoeken of je er nog bent. Dat is onafhankelijk van het wel of niet draaien van het programma, en ijlt nog wel een tijdje door.

I had a decent lunch, and I'm feeling quite amiable. That's why you're still alive.

maandag 26 maart 2007 14:49

Acties:
  • Freakertje
  • Registratie: Januari 2002
  • Laatst online: 10:35

Freakertje

PC schopt kont, ik nog niet...

Verwijderen (bestanden bestaan niet meer):
code:
1
2
3

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)


Nazoeken wat het is (mogelijk trojan, niet zeker):
code:
1

O4 - HKCU\..\Run: [WinClicker.exe] "C:\Program Files\Salling Software AB\Salling Clicker\WinClicker.exe" -atboottime

Ik ga een aantal zaken even helemaal anders doen!
Totale Modjesgekte

Pagina: 1
Reageer

Apple iPhone 17 LG OLED evo G5 Google Pixel 10 Samsung Galaxy S25 Star Wars: Outlaws Nintendo Switch 2 Apple AirPods Pro (2e generatie) Sony PlayStation 5 Pro

Tweakers is onderdeel van DPG Media B.V.
Alle rechten voorbehouden - Auteursrecht © 1998 - 2025 Hosting door TrueFullstaq