Second Opinion
Folosind serviciul second opinion ne puteți trimite RMN-uri, CT -uri, angiografii, fișiere .pdf, documente medicale. Astfel vă vom putea da o opinie neurochirurgicală, fără ca aceasta să poată înlocui un consult de specialitate. Răspunsurile vor fi date prin e-mail în cel mai scurt timp posibil (de obicei în mai putin de 24 de ore, dar nu mai mult de 48 de ore). Second opinion – Neurohope este un serviciu gratuit. www.neurohope.ro |
Am fost ... Spart...
Last Updated: Mar 23 2013 21:26, Started by
Could_Fire
, Mar 12 2013 02:10
·
0
#19
Posted 12 March 2013 - 11:42
Da am cam intles , stiu ca am fost prost , dar am un motiv, profesori mei sunt niste idioti care miau dat note degeaba si nu mau invatat nimic, acum vad si eu . De invatat sa iau bacu pot ...tocesc pana crap ... bani la liceu nu am dat nici la fondu clasei... Dar un liceu din Eforie nu te invata prea multe , la romana ne jucam carti ... asa ca scuze de limba romana .......si da acum e 2-1 pentru hacker. Acum sa revin la oile mele , eu sincer la liceu am invatat ca nu prea mai merge treaba cu scam-page si keyloaggeri , dar se pare ca profesorul meu de informatica traieste in alta lume. Iar despre acea linie goala : este "Ceva" care lam gasit in msconfig la start-up , nu are comanda insa are o anumita locatie : ceva cu HKLM la inceput ... acum dupa ce iam dat disable si un restart nu mai apare ... Dar va rog sa ma ajutati sa il gasesc , iau fiecare registru in parte fara sa il modific , dar dupa ce ar trebui sa ma uit ?
Si dupa deblocare pot sa imi recuperez emailul cu nr. de telefon ? acest numar poate fi schimbat , daca are aces la parola ,dar nu la telefon ? PS. Ca securitate am win. XP , licentiat , cu update la zi , avasti internet security tot cu update la zi .... Din cate am vorbit cu hackeru a luat codul sursa dupa net si la modificat substantial , deci daca nu il da la tovarasi si il foloseste doar el .. greu de detectat .... Iar la potlitie o sa ma duc de oftica ca sunt mai slab ca el ) ... asta daca nu reusesc sa imi recuperez macar emailul ... finca bani nu am, de meditatii ,poate e baiat de treaba hackeru asta si ma mediteaza si pe mine ....ma ia ucenic ) .....macar sa stiu de unde si ce trebuie sa invat ... PS. baieti stiu ca am fost prost , dar informatica nu se pupa cu limba romana, iar devina pentru educatia mea e societatea care plateste impozite sa aiba senatori vile si vacante in strainatate , nu profesori care sa invete "copii viitoru tari", eu sincer chiar sunt foarte pasionat de informatica , dar nu am de la cine invata , cel putin aici la mine ... Si daca este cineva care se pricepe cu adevarat eu o sa ii fiu recunoscator , ca desi am 19 ani pot sa zic ca am potential si vreau sa le fac pe toate chiar daca nu imi ies , oricum la varsta asta cred ca este o ralizare sa traiesc pe munca mea si sa imi si ajut parinti care mau ajutat pana acum , incat la varsta asta am si eu o firma si un bar care produc ceva ... imi pare rau ca nu am avut timp pana acum sa invat cea ce ma pasioneaza cu adevarat ,adica informatica Iar daca nu reusesc sa imi recuperez pe calea "mentala" pierderile , nam ce sa fac decat sa devin idiot fara sperante de indreptare si sa ma duc la "militie" ...care se roaga de mine sa fac reclamatie dupa ce leam povestit cum sta treaba , saraci cica nu au avut un caz cu condamnare de mult ,nu prea au ce face si vor si ei niste prime mai ales acum in martie , cica se ocupa de caz imediat si cu cea mai mare placere daca ma duc si fac plangere ca , vor sa apara si ei la tv. cazurile cu hackeri sunt foarte mediatizate si "umflate" asa ca din heckarash" il fac astia ditamai hackeru......dar nu vreau sa le fac oole mari la militieni" ca si asa nu ii suport ....si dupa cum spuneam stiu unde am gresit , sitiu ca sunt prost insa finca am constatat asta si nu vreau sa devin idiot iremediabil ,cred ca am o cale de indreptare si pot deveni chiar bun daca imi pun mintea la contrubutie Scuze pentru dublu post ..dar si pc-ul meu e idiot la fel ca mine .... Edited by Could_Fire, 12 March 2013 - 11:43. |
#20
Posted 12 March 2013 - 11:56
Mai sunt 3 luni pana la bacalaureat, ai belit-o la romana.
De vina esti tu ca ai frecat menta pana in clasa XII-a, unde se foloseste cratima si cate ii-uri sunt la diverse cuvinte trebuia sa stii din clasa a 5a. Edited by Gh3r0m, 12 March 2013 - 11:57. |
#22
Posted 12 March 2013 - 12:52
#23
Posted 12 March 2013 - 13:03
Pai daca zici ca nu poate fi detectat, reinstaleaza sistemul si gata, ai scapat de keylogger. ( da, stiu, e ultima solutie pe care o accept, dar e caz "special" ).
Ca la modul tau de a explica problemele ne ia durerea de cap doar sa citim ce scrii, darmite sa-ti mai explicam si ce sa faci. |
#24
Posted 12 March 2013 - 13:19
incepi cu un log HiJackThis ca sa vezi ce procese ruleaza si pune rezultatul aici
Edited by STARTREK1, 12 March 2013 - 13:20. |
#25
Posted 12 March 2013 - 15:25
In sfarsit un raspuns ajutator ... Pai ma fratilor ce sa fac la romana daca nu mi se preda ...inafara de frecat menta .. Sa ma apuc sa invat singur ?
Tin sa precizez ca dupa ce am dezactivat programul fara nume, din msconfi/startup , nu mai apare acolo , sa il bifez sau debifez... Logfile of Trend Micro HiJackThis v2.0.4 Scan saved at 15:18:50, on 12.03.2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\System32\WLTRYSVC.EXE D:\WINDOWS\System32\bcmwltry.exe D:\Program Files\Alwil Software\Avast5\AvastSvc.exe D:\WINDOWS\Explorer.EXE D:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE D:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe D:\WINDOWS\system32\WLTRAY.exe D:\Program Files\Dell Support Center\bin\sprtcmd.exe D:\WINDOWS\system32\ctfmon.exe D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe D:\Program Files\Bonjour\mDNSResponder.exe D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe D:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe D:\Program Files\Trust\GXT14 Mouse\GameMouseServiceApp.exe D:\Program Files\Dell Support Center\bin\sprtsvc.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe D:\Program Files\ATI Technologies\ATI.ACE\cli.exe D:\WINDOWS\system32\wuauclt.exe D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe D:\WINDOWS\system32\osk.exe D:\WINDOWS\system32\MSSWCHX.EXE D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe D:\Documents and Settings\Street.hacker\My Documents\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c.../search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://http://www.ya...ilc=8.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://http://www.ya...ilc=8.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://http://www.ya...ilc=8.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fpdownload.ad...h_player_ax.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - D:\Program Files\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - D:\Program Files\uTorrentBar\prxtbuTor.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - D:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: YSPManager - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - D:\Program Files\Yahoo!\Search Protection\ysp.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - D:\Program Files\uTorrentBar\prxtbuTor.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - D:\Program Files\uTorrentBar\prxtbuTor.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [avast5] D:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] D:\WINDOWS\system32\WLTRAY.exe O4 - HKLM\..\Run: [dellsupportcenter] "D:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\RunOnce: [ClearTemp] del D:\DOCUME~1\STREET~1.HAC\LOCALS~1\Temp\yupdate.exe-{C4B58948-C6AB-4AA8-A9D2-37DE7DD4EDBF} O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://D:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: (no name) - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - D:\Program Files\Yahoo!\Search Protection\ysp.dll O9 - Extra 'Tools' menuitem: Yahoo! Search Protection - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - D:\Program Files\Yahoo!\Search Protection\ysp.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Avast Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HWDeviceService.exe - Unknown owner - D:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe O23 - Service: Game Mouse Communication And Update Service V1 (KmGameMouseServiceV1) - UASSOFT.COM - D:\Program Files\Trust\GXT14 Mouse\GameMouseServiceApp.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - D:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - D:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - D:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - D:\WINDOWS\System32\WLTRYSVC.EXE O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 9715 bytes Edited by Could_Fire, 12 March 2013 - 15:32. |
#26
Posted 12 March 2013 - 16:17
Pai.. domnu' Hackeru strazii ce-mi esti, ai si gauri de securitate serioase si inviti si hackerii la tine ?
Internet Explorer 6, Avast 5... Sa inteleg ca nu ai auzit de IE 8 sau Avast 8... Gandeste-te ca IE 6 nu a mai fost actualizat de peste 2 ani si se cunosc toate gaurile de securitate din el. Iar fara update e vulnerabil si sistemul, intrucat e dependent de IE. In rest in afara de ceva spyware - gen Ask nu se vede nimic ciudat. |
#27
Posted 12 March 2013 - 16:28
Zici ca Avast nu a detectat nici un keylogger.
Instaleaza si ruleaza HitmanPro...momentan este cea mai buna solutie de pe piata in detectia de keylogger. http://www.surfright.nl/en/home/ |
#28
Posted 12 March 2013 - 17:24
Pai "hakeru strazii " sunt ... Dar credeam ca sistemul nu are treaba cu IE , deoarece folosesc doar gogle chrome si mozila firefox , chiar nu aveam habar ca Internet Explorer 8 are vreo treaba cu chrome , de acea nici nu iam facut update , credeam ca daca nu il folosesc nu am treaba cu el ... Da cred ca keyloageru sa "stricat" din cauza acelei dezactivari din msconfig , si acum cred ca e inactiv, insa sper sa il gasesc cu acel program .. Se poate gasi keylogger-ul inactiv ? Se poate pastra ,pentru a vedea adresa la care trimite ?
Multumesc de ajutorul dat pana acum .... Iar cu emailul se poate face ceva ? tinand cont si de faptul ca sar putea sa imi stie intrebarile secrete si sa le fi schimbat ... Sa imi fac sperante ca o sa pot recupera emailul prin telefon ? |
|
#29
Posted 12 March 2013 - 17:42
eiffel, on 12 martie 2013 - 13:03, said:
Pai daca zici ca nu poate fi detectat, reinstaleaza sistemul si gata, ai scapat de keylogger. ( da, stiu, e ultima solutie pe care o accept, dar e caz "special" ). Reinstalarea (evident de pe un mediu curat) este prima, de fapt singura solutie prin care obtii siguranta dupa o problema de genul asta. Singura solutie alternativa ar fi daca ai avea vreun sistem care sa-ti garanteze integritatea, gen tripwire, dar este o chestie imposibila la windows cu registry-ul care se schimba constant. Da, in mod normal lumea prefera sa lanseze un arsenal de anti-virus/spyware/rootkit/etc si sa stearga tot ce intilneste in cale dar nu mai poti avea incredere in sistemul ala nici din punct de vedere al securitatii (cine stie ce altceva a fost instalat si NU a fost descoperit) cit si din punct de vedere al stabilitatii (sint programe "de firma" care dupa instalare si dezinstalare lasa "bube", darmite dupa instalarea vreunui spyware care nu respecta nici o regula si stergerea lui cu un "anti-"). |
#30
Posted 12 March 2013 - 17:53
Multumesc de sfat .. asa am sa fac ... acest keylogger vreau sa il gasesc doar pentru a afla unde trimite mesajele ... dupa acea voi face o curatenie totala in sistem.
Insa marea mea problema este mailul... se poate face ceva ? tinand cont si de faptul ca sar putea sa imi stie intrebarile secrete si sa le fi schimbat ... Sa imi fac sperante ca o sa pot recupera emailul prin telefon ? Nu apare keyloggeru ! Se poate sa dispara asa fara urma ? Uitati ce mi-a gasit Hitman-Pro : HitmanPro 3.7.2.190 www.hitmanpro.com Computer name . . . . : booot Windows . . . . . . . : 5.1.3.2600.X86/2 User name . . . . . . : bot\Street.hacker License . . . . . . . : XXXXXXXXXXXXXXXXXXXXXXXXXX Scan date . . . . . . : 2013-03-12 17:23:31 Scan mode . . . . . . : Normal Scan duration . . . . : 29m 11s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 2 Traces . . . . . . . : 104 Objects scanned . . . : 569.685 Files scanned . . . . : 21.740 Remnants scanned . . : 125.517 files / 422.428 keys Potential Unwanted Programs _________________________________________________ D:\Documents and Settings\Street.hacker\Local Settings\Application Data\AskToolbar\ (AskBar) D:\Documents and Settings\Street.hacker\Local Settings\Application Data\AskToolbar\APNU\ (AskBar) D:\Documents and Settings\Street.hacker\Local Settings\Application Data\AskToolbar\APNU\config.xml (AskBar) D:\Documents and Settings\Street.hacker\Local Settings\Application Data\AskToolbar\APNU\extensions.sqlite (AskBar) D:\Documents and Settings\Street.hacker\Local Settings\Temp\AskSearch\ (AskBar) D:\Program Files\Ask.com\ (AskBar) D:\Program Files\Ask.com\assets\oobe\ (AskBar) D:\Program Files\Ask.com\assets\oobe\b.png (AskBar) D:\Program Files\Ask.com\assets\oobe\bl.png (AskBar) D:\Program Files\Ask.com\assets\oobe\br.png (AskBar) D:\Program Files\Ask.com\assets\oobe\l.png (AskBar) D:\Program Files\Ask.com\assets\oobe\pointer.png (AskBar) D:\Program Files\Ask.com\assets\oobe\r.png (AskBar) D:\Program Files\Ask.com\assets\oobe\t.png (AskBar) D:\Program Files\Ask.com\assets\oobe\tl.png (AskBar) D:\Program Files\Ask.com\assets\oobe\tr.png (AskBar) D:\Program Files\Ask.com\cobrand.ico (AskBar) D:\Program Files\Ask.com\config.xml (AskBar) D:\Program Files\Ask.com\favicon.ico (AskBar) D:\Program Files\Ask.com\fv_77f.ico (AskBar) D:\Program Files\Ask.com\GenericAskToolbar.dll (AskBar) Size . . . . . . . : 1.519.304 bytes Age . . . . . . . : 223.8 days (2012-07-31 23:17:44) Entropy . . . . . : 6.8 SHA-256 . . . . . : 6D027164C6FEBDA59662DA1C6D494A69A7477BD3AECE8E066E6FBC28DEF830EF Product . . . . . : Toolbar Publisher . . . . : Ask Description . . . : Ask Toolbar Version . . . . . : 5.15.4.23821 Copyright . . . . : (c) Ask. All rights reserved. RSA Key Size . . . : 2048 Authenticode . . . : Valid Fuzzy . . . . . . : -15.0 Startup HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ HKU\S-1-5-21-1202660629-1958367476-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks\{00000000-6E41-4FD3-8538-502F5495E5FC} References HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1\ HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd\ HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}\ D:\Program Files\Ask.com\mupcfg.xml (AskBar) D:\Program Files\Ask.com\precache.exe (AskBar) Size . . . . . . . : 70.856 bytes Age . . . . . . . : 223.8 days (2012-07-31 23:17:45) Entropy . . . . . : 6.4 SHA-256 . . . . . : 69A6378F25A2B289771C454178890C53662F89B8D4C91972623D19C1502F15D9 RSA Key Size . . . : 2048 Authenticode . . . : Valid Fuzzy . . . . . . : -9.0 D:\Program Files\Ask.com\SaUpdate.exe (AskBar) Size . . . . . . . : 196.808 bytes Age . . . . . . . : 223.8 days (2012-07-31 23:17:46) Entropy . . . . . : 6.6 SHA-256 . . . . . : 3633F7015DE1A099A1E59884F6503EE3E4A243BA0DC74906B8EE334FB9DCE1F7 RSA Key Size . . . : 2048 Authenticode . . . : Valid Fuzzy . . . . . . : -9.0 D:\Program Files\Ask.com\Updater\ (AskBar) D:\Program Files\Ask.com\Updater\config.xml (AskBar) D:\Program Files\Ask.com\Updater\Updater.exe (AskBar) Size . . . . . . . : 1.564.872 bytes Age . . . . . . . : 223.8 days (2012-07-31 23:17:44) Entropy . . . . . : 6.1 SHA-256 . . . . . : 8D76E5AB31B4F3E12054F7EF1DF9FC553E708F1126AF5E6A5CA6433393CD40D3 Product . . . . . : Updater Publisher . . . . : Ask Description . . . : Ask Updater Version . . . . . : 5.15.4.23821 Copyright . . . . : (c) Ask. All rights reserved. RSA Key Size . . . : 2048 Authenticode . . . : Valid Fuzzy . . . . . . : -19.0 References HKU\S-1-5-21-1202660629-1958367476-1801674531-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache\D:\Program Files\Ask.com\Updater\Updater.exe D:\Program Files\Ask.com\UpdateTask.exe (AskBar) Size . . . . . . . : 135.368 bytes Age . . . . . . . : 223.8 days (2012-07-31 23:17:46) Entropy . . . . . : 6.5 SHA-256 . . . . . : CE7BB9DB8CAAC6B0EF032E0861466B4613FA85C7884E2D9008308FC34F9890FB RSA Key Size . . . : 2048 Authenticode . . . : Valid Fuzzy . . . . . . : -11.0 Startup D:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job D:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ (AskBar) D:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1033.MST (AskBar) D:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe (AskBar) Size . . . . . . . : 102.400 bytes Age . . . . . . . : 223.8 days (2012-07-31 23:17:51) Entropy . . . . . : 6.1 SHA-256 . . . . . : 092D64E5DB4FA21D6719B3A6A30AD06A2CB0E1F897357CD4935BECA52E921274 Product . . . . . : InstallShield Publisher . . . . : Acresso Software Inc. Description . . . : InstallShield Version . . . . . : 16.0.328 Copyright . . . . : Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved. Fuzzy . . . . . . : 0.0 D:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job (AskBar) HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1\ (AskBar) HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd\ (AskBar) HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9\ (AskBar) HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar) HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ (AskBar) HKU\S-1-5-21-1202660629-1958367476-1801674531-1003\Software\Ask.com\ (AskBar) HKU\S-1-5-21-1202660629-1958367476-1801674531-1003\Software\AskToolbar\ (AskBar) HKU\S-1-5-21-1202660629-1958367476-1801674531-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar) Cookies _____________________________________________________________________ D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:ad.360yield.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:ad.yieldmanager.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:adbrite.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:adinterax.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:ads.crakmedia.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:ads.creative-serving.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:ads.p161.net D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:ads.pointroll.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:ads.tradeads.eu D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:advertising.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:apmebf.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:atdmt.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:casalemedia.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:doubleclick.net D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:engine.phn.doublepimp.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:exoclick.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:invitemedia.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:media6degrees.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:pointroll.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:ru4.com D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:track.adform.net D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:yadro.ru D:\Documents and Settings\Street.hacker\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\cookies.sqlite:yieldmanager.net D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.p161.net D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.tradeads.eu D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:adtech.de D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:advertising.com D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:atdmt.com D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:casalemedia.com D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:doubleclick.net D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:invitemedia.com D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:media6degrees.com D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ru4.com D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:serving-sys.com D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:track.adform.net D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:xiti.com D:\Documents and Settings\Street.hacker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:yadro.ru Edited by Could_Fire, 12 March 2013 - 18:09. |
#31
Posted 12 March 2013 - 20:22
De unde stii ca ai avut keylogger? Poate ala ti-a facut reset la parole si asa ti-a luat conturile fara sa-ti stie parola ta...
|
#32
Posted 12 March 2013 - 21:24
Cum sa imi faca reset ? daca el nu ma cunostea de nici un fel ... mia si zis ca el cu keylogger mia furat parola data trecuta .. atunci am recuperato cu intrebarile secrete ... si a doua oara a zis ca keylogeru e inca activ .. mia stiut toate parolele ..din prima ... mia schibat parola la emailul principal .. am apucat so resetez eu dupa cu emailu alternativ apoi mia resetat el la ambele emailuri parola .. Si cand am incarcat din nou intrebarile secrete .. nu a mai mers .. nu cred ca le tin minte ... insa am apucat sa trec numarul meu de telefon la a doua resetare si sper sa pot sa resetez din nou parola cand mi so debloca emailul..
|
#33
Posted 12 March 2013 - 21:44
Doamne, e o aiureala in capul tau... aaaa, pardon, in sistemul tau, ca nu reusesc sa inteleg nimic din treaba cu resetatul parolelor si intrebarilor din yahoo mail, cu keyloger-ul care este, cu hacker-u' lu' peste prajit, cu nu stiu ce concursuri de penetrare faci cu vecinul procuror care-i aresteaza pe alti vecini...
Calmeaza-te, omule! Asta e primul pas!!! Daca esti deja hack-uit, nu mai are rost sa te ambalezi acum! 2. Deconecteaza computerul de la net. 3. Pana una, alta, foloseste un alt computer, care nu e compromis. 4. Asa cum spuneau mai sus colegii de forum, salveaza documentele importante si faci apoi un clean install pe sistemul compromis. Instalezi un sistem original, cu licenta, instalezi un antivirus bun (recomand Bitdefender - cu plata, sau AVG 2013 free), faci apoi toate update-urile la zi. 5. Copiezi la loc documentele, nu inainte de a le scana de virusi. Succes! PS. In locul tau n-as merge pe presupunerea ca mi-a fost spart mailul la yahoo. Dupa ce te calmezi, iei frumos la citit help-ul de pe Yahoo cu privire la recuperarea de parole pierdute, si urmezi instructiunile pas cu pas. Parerea mea! Edited by dan_slack, 12 March 2013 - 21:45. |
|
#34
Posted 12 March 2013 - 21:45
Titlul este varza.
Am fost spart: in vene, in c#r, in M#|3, de gabori cu bastoane etc. |
#35
Posted 12 March 2013 - 22:06
Emailul stiu ca mi-a intrat in el , deoarece mi-a schimbat adresa de email si parola la Steam , care nu se pot schimba decat cu emailul . As mai avea o nedumerire : Keyloageri pot inregistra ce se scrie pe tastatura virtuala ,din windows(on screen keyboard) ?
Imi cer scuze pentru titlu ... nu gandeam deloc din cauza nervilor .... laptopul a suferit si el ..are display-ul spart ... Iar keyloageru lu peste , e inca activ ... Mia furat parola si la a 3-ia adresa de email ... E clar ce bune sunt asa zisele scanere de spyware ... Edited by Could_Fire, 12 March 2013 - 22:03. |
#36
Posted 12 March 2013 - 22:07
Poate ar trebui sa te scuzam si ptr. alte exprimari nefericite... cum e cazul mai sus.
Dar n-o (mai) putem face, ca vad ca recidivezi in draci! Off topic, Mai exista si solutia finala: Arunca laptopul pe geam. Dar ai grija sa-l arunci in sus... Scuze, nu m-am putut abtine sa fiu rautacios! Edited by dan_slack, 12 March 2013 - 22:11. |
Anunturi
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users