mai mică de capital,

Magazine
Go Back   Computer JUICE > Computer Software > Nume, Spyware & Securitate
Reload this Page

Conexiune probleme

Inregistrare Site-ul Spy Lista de stat Doneaza Căuta Posturi de azi Marchează forumurile citite Forum Regulamentul

Register


 Default 

Conexiune probleme




Reply
 
Thread Tools
  #1  
Old 5 noiembrie 2008, 12:37
Grupul de stat
  
Default Conexiune probleme

Salut,
Mi sa spus de a posta un hijack acest LogFile de serverguy de la acest post:
http://www.computer-juice.com/forums...998/ # post90830

Iat-o:
Logfile de Trend Micro HijackThis v2.0.2
Scan salvate la 19:36:22, pe 05.11.2008
Platforma: Windows XP SP2 (WINNT 5.01.2600)
MSIE: Nu pot să-Internet Explorer, versiunea!
Boot mode: Normal

Rularea procese:
C: \ Windows \ system32 \ smss.exe
C: \ Windows \ system32 \ winlogon.exe
C: \ Windows \ system32 \ services.exe
C: \ Windows \ system32 \ lsass.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ Spoolsv.exe
C: \ WINDOWS \ Explorer.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ ekrn.exe
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ egui.exe
C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
C: \ Program Files \ PeerGuardian2 \ pg2.exe
C: \ Program Files \ POP ochi \ POPPeeper.exe
C: \ Program Files \ uTorrent \ utorrent.exe
C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe
C: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe
C: \ Program Files \ filehippo.com \ UpdateChecker.exe
C: \ Program Files \ SlySoft \ AnyDVD \ AnyDVDtray.exe
C: \ Windows \ system32 \ sistray.exe
C: \ Program Files \ CalcFire \ CalcFire.exe
C: \ Program Files \ FreshIP \ FreshIP.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ Program Files \ Trend Micro \ HijackThis \ Sniper.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Local Page =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Setări, ProxyOverride = *. local
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
O2 - BHO: Faceţi clic-pentru-Apel BHO - (5C255C8A-E604-49b4-9D64-90988571CECB) - C: \ Program Files \ Windows Live \ Messenger \ wlchtc.dll
O2 - BHO: Java (tm) plug-in-ul SSV Helper - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre6 \ bin \ ssv.dll
O2 - BHO: Windows Live Sign-in-Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Java (tm) Plug-in 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ implica \ jqs \ ie \ jqs_plugin.dll
O4 - HKLM \ .. \ Run: [SiSPower] Rundll32.exe SiSPower.dll, ModeAgent
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [egui] "C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ egui.exe" / Ascundere / waitservice
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [PeerGuardian] C: \ Program Files \ PeerGuardian2 \ pg2.exe
O4 - HKCU \ .. \ Run: [POP ochi] "C: \ Program Files \ POP ochi \ POPPeeper.exe"-min
O4 - HKCU \ .. \ Run: [μTorrent] "C: \ Program Files \ uTorrent \ utorrent.exe"
O4 - HKCU \ .. \ Run: [uTorrent] "C: \ Program Files \ uTorrent \ utorrent.exe"
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" / fundal
O4 - HKCU \ .. \ Run: [Google Update] "C: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe" / c
O4 - HKCU \ .. \ Run: [filehippo.com] "C: \ Program Files \ filehippo.com \ UpdateChecker.exe" / fundal
O4 - HKCU \ .. \ Run: [AnyDVD] C: \ Program Files \ SlySoft \ AnyDVD \ AnyDVDtray.exe
O4 - HKUS \ S-1-5-19 \ .. \ RunOnce: [nltide_2] regsvr32 / s / n / i: U shell32 (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ RunOnce: [nltide_3] rundll32 advpack.dll, LaunchINFSectionEx nLite.inf, C,, 4, N (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ RunOnce: [nltide_2] regsvr32 / s / n / i: U shell32 (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [nltide_2] regsvr32 / s / n / i: U shell32 (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ RunOnce: [nltide_2] regsvr32 / s / n / i: U shell32 (User 'Default user')
O4 - Startup: CalcFire.lnk = C: \ Program Files \ CalcFire \ CalcFire.exe
O4 - Startup: FreshIP.lnk = C: \ Program Files \ FreshIP \ FreshIP.exe
O4 - Global Startup: Utility Tray.lnk = C: \ Windows \ system32 \ sistray.exe
O6 - HKCU \ Software \ Policies \ Microsoft \ Internet Explorer \ Restrictions prezent
O6 - HKLM \ SOFTWARE \ Policies \ Microsoft \ Internet Explorer \ Restrictions prezent
O8 - Extra context menu item: E & xportaţi la Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ milionimi ~ 1 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: Cercetare - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ milionimi ~ 1 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ ekrn.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: Java rapida pentru începători (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: lxcf_device - - C: \ Windows \ system32 \ lxcfcoms.exe

--
Sfârşit de fişier - 5869 bytes
  #2  
Old 5 noiembrie 2008, 15:27
Moderator Group
  
Default Conexiune probleme

Descărca Malwarebytes' Anti-Malware (MBAM)
  • Faceţi dublu-clic pe mbam-setup.exe şi urmăriţi solicitările pentru a instala programul.
  • La sfârşitul, asiguraţi-vă că un checkmark este plasat lângă următoarele:
    • Update Malwarebytes' Anti-Malware
    • Lansarea Malwarebytes' Anti-Malware
  • Apoi, faceţi clic pe Terminare.
  • Dacă o actualizare este găsit, va descărca şi instala ultima versiune.
  • După ce programul a încărcat, selectaţi Efectuaţi rapid de scanare, Apoi faceţi clic pe Scanare.
  • Când scanarea este completă, faceţi clic pe OK, Apoi Afişare rezultate pentru a vedea rezultatele.
  • Asiguraţi-vă că totul este verificată, şi faceţi clic pe Eliminaţi selectate.
  • Când este completat de dezinfecţie, un jurnal se va deschide în Notepad şi aţi putea să vi se ceară să Repornire. (A se vedea Nota Extra)
  • De jurnal este salvat automat de MBAM şi pot fi vizualizate, făcând clic pe tab-ul Rapoarte în MBAM.
  • Copiaţi şi inseraţi întregul raport în următoarea replică.

Extra Notă: Dacă MBAM întâlneşte un fişier care este dificil de a elimina, va fi prezentat cu 1 din 2 solicită, faceţi clic pe OK să fie şi să MBAM continua cu procesul de dezinfecţie, dacă este solicitat pentru a reporni computerul, vă rugăm să faceţi acest lucru imediat.
__________________
  #3  
Old 6 noiembrie 2008, 01:01
Grupul de stat
  
Default Conexiune probleme

Malwarebytes' Anti-Malware 1.30
Baza de date versiune: 1368
Windows 5.1.2600 Service Pack 2

06/11/2008 07:44:27
mbam-log-2008-11-06 (07-44-27). txt

Scan type: Quick Scan
Obiecte scanate: 43086
Timpul scurs: 3 minute (s), 25 secunde (s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Chei de Registry Infected: 0
Registry Values Infected: 0
Registrul de date Elemente Infected: 3
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(Nici un rău elemente detectat)

Memory Modules Infected:
(Nici un rău elemente detectat)

Chei de Registry Infected:
(Nici un rău elemente detectat)

Registry Values Infected:
(Nici un rău elemente detectat)

Registrul de date Elemente Infected:
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Explorer \ Advanced \ Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> carantină şi a fost şters cu succes.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Explorer \ Advanced \ Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> carantină şi a fost şters cu succes.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Explorer \ Advanced \ StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> carantină şi a fost şters cu succes.

Folders Infected:
(Nici un rău elemente detectat)

Files Infected:
C: \ WINDOWS \ run32.sys (Trojan.Agent) -> carantină şi a fost şters cu succes.
  #4  
Old 6 noiembrie 2008, 09:35
Moderator Group
  
Default Conexiune probleme

Descarca ComboFix de sUBs de la unul din link-urile de mai jos. Asiguraţi-vă că aţi început să-l salvaţi în Spaţiul de lucru.

Link # 1
Link # 2

** Notă: Este important că este salvat direct pe Desktop

Închideţi orice deschide browsere. (Firefox, Internet Explorer, etc), înainte de a începe ComboFix.

Temporar dezactiva al tău antivirus, Precum şi orice antispyware de protecţie în timp real înainte care efectuează o scanare. Faceţi clic pe acest link pentru a vedea o listă de programe de securitate care ar trebui să fie cu handicap şi modul de dezactivare a lor.

Faceţi dublu clic combofix.exe & urmăriţi solicitările.

Pentru Windows XP Systems instala Consola de recuperare:

- Dacă folosiţi Windows XP şi nu au deja instalat Consola de recuperare, vă rugăm să vă asiguraţi-vă conexiunea la Internet este activ (dacă este posibil) şi faceţi clic pe Da.
- Dacă, dintr-un motiv Internet nu este lucru faceţi clic pe Nu.
-- Dacă nu utilizaţi Windows XP, nu vi se va solicita.
- Când vi se solicită să acceptaţi EULA clicaţi OK.
- Accept Microsoft EULA (Faceţi clic pe Da).
- Când se spune că RC este instalat corect, faceţi clic pe YES pentru a continua scanare pentru malware-ului.

Când aţi terminat ComboFix va produce un jurnal pentru tine.
Post de ComboFix jurnal şi un nou HijackThis log în următoarea replică.

Important: Nu mouseclick ComboFix de fereastră în timp ce se execută. Care pot determina să-l băga în grajd.

Amintiţi-vă să vă reactiva de protecţie antivirus şi antispyware, atunci când ComboFix este completă.
__________________
  #5  
Old 6 noiembrie 2008, 10:56
Grupul de stat
  
Default Conexiune probleme

ComboFix 08-11-05.02 - Administrator 2008-11-06 17:52:06.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.607 [GMT 0:00]
Rularea de la: C: \ Documents and Settings \ Administrator \ Desktop \ ComboFix.exe
.

((((((((((((((((((((((((( Fişierele create de 2008-10-06 la 2008-11-06 ))))))))))) ))))))))))))))))))))
.

2008-11-06 07:59. 2008-11-06 07:59 236 - a ------ C: \ sqmdata02.sqm
2008-11-06 07:59. 2008-11-06 07:59 200 - a ------ C: \ sqmnoopt02.sqm
2008-11-06 07:39. 2008-11-06 07:39 236 - a ------ C: \ sqmdata01.sqm
2008-11-06 07:39. 2008-11-06 07:39 200 - a ------ C: \ sqmnoopt01.sqm
2008-11-05 22:36. 2008-11-05 22:36 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Malwarebytes
2008-11-05 22:35. 2008-11-05 22:35 <DIR> d -------- C: \ Program Files \ Malwarebytes' Anti-Malware
2008-11-05 22:35. 2008-11-05 22:35 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-11-05 22:35. 2008-10-22 16:10 38,496 - a ------ C: \ windows \ system32 \ drivers \ mbamswissarmy.sys
2008-11-05 22:35. 2008-10-22 16:10 15,504 - a ------ C: \ windows \ system32 \ drivers \ mbam.sys
2008-11-05 19:35. 2008-11-05 19:35 <DIR> d -------- C: \ Program Files \ Trend Micro
2008-11-04 22:07. 2008-11-04 22:07 <DIR> d -------- C: \ Program Files \ Cabos
2008-11-04 22:07. 2008-11-04 22:07 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Shared
2008-11-04 22:07. 2008-11-04 22:09 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Cabos
2008-11-04 17:50. 2008-11-04 17:50 <DIR> d -------- C: \ CloneDVDTemp
2008-11-04 17:49. 2008-11-04 17:49 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Elaborarea Bytes
2008-11-04 17:37. 2008-11-04 17:37 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ SlySoft
2008-11-04 17:33. 2008-11-04 17:33 <DIR> d -------- C: \ Program Files \ Elaborarea Bytes
2008-11-04 17:31. 2008-11-04 17:31 <DIR> d -------- C: \ Program Files \ SlySoft
2008-11-03 17:05. 2008-11-03 17:05 2.560 - o ------ C: \ windows \ _MSRSTRT.EXE
2008-11-03 17:05. 2008-11-03 17:05 236 - a ------ C: \ sqmdata00.sqm
2008-11-03 17:05. 2008-11-03 17:05 200 - a ------ C: \ sqmnoopt00.sqm
2008-11-03 17:04. 2008-11-03 17:05 <DIR> d -------- C: \ Program Files \ dvs. dezinstalare 2008
2008-11-03 17:04. 2008-11-03 17:05 <DIR> da ------ C: \ Documents and Settings \ All Users \ Application Data \ TEMP
2008-11-03 17:04. 2008-11-03 17:04 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ URSoft
2008-11-03 17:01. 2008-11-03 17:09 158 - a ------ C: \ windows \ nurtab.bat
2008-11-03 07:53. 2008-11-03 07:53 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ ImgBurn
2008-11-03 07:50. 2008-11-03 07:50 0 --------- C: \ windows \ WB.ini
2008-11-02 13:19. 2008-11-02 13:36 64 - a ------ C: \ windows \ prio.ini
2008-11-01 22:23. 2008-11-01 22:23 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ VLC
2008-11-01 18:49. 2008-11-01 18:49 410.976 - a ------ C: \ windows \ system32 \ deploytk.dll
2008-11-01 11:04. 2008-11-06 07:46 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Tracing
2008-11-01 11:00. 2008-11-01 11:03 <DIR> d -------- C: \ Program Files \ Mozilla Firefox 3.1 Beta 1
2008-11-01 10:59. 2008-11-01 10:59 <DIR> d -------- C: \ Program Files \ Microsoft
2008-11-01 10:57. 2008-11-01 10:58 <DIR> d -------- C: \ Program Files \ Windows Live
2008-11-01 10:54. 2008-11-01 10:54 <DIR> d -------- C: \ Program Files \ filehippo.com
2008-11-01 10:51. 2008-11-01 10:51 <DIR> d -------- C: \ Program Files \ Common Files \ Windows Live
2008-10-31 13:40. 2008-11-04 21:34 <DIR> d -------- C: \ Program Files \ DupeEliminator
2008-10-31 10:32. 2008-10-31 10:32 <DIR> d -------- C: \ Program Files \ Foxit Software
2008-10-30 23:21. 2008-10-30 23:21 <DIR> d -------- C: \ windows \ duminică
2008-10-30 22:55. 2008-10-30 23:00 <DIR> d -------- C: \ Program Files \ Free Music Zilla
2008-10-30 22:55. 2008-10-30 22:59 <DIR> d -------- C: \ Downloads
2008-10-30 22:55. 2008-10-30 22:55 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ FMZilla
2008-10-30 22:38. 2008-10-31 22:55 <DIR> d -------- C: \ DVDVideoSoft
2008-10-30 21:03. 2008-10-30 21:03 <DIR> d -------- C: \ Program Files \ Belkin
2008-10-30 21:03. 2005-10-03 09:49 204.800 - a ------ C: \ windows \ system32 \ UploadDLL.dll
2008-10-30 21:03. 2005-11-20 04:31 192,512 - a ------ C: \ windows \ system32 \ blkwcd.dll
2008-10-30 21:03. 2005-10-03 09:50 167.936 - a ------ C: \ windows \ system32 \ BelkinwcuiDLL.dll
2008-10-30 21:03. 2005-10-03 09:50 101.888 - a ------ C: \ windows \ system32 \ CrashRpt.dll
2008-10-30 21:03. 2005-10-03 09:49 81,920 - a ------ C: \ windows \ system32 \ brdcm2k.dll
2008-10-30 21:03. 2005-10-03 09:49 61,440 - a ------ C: \ windows \ system32 \ BelkinHWStatus.dll
2008-10-30 21:03. 2004-10-29 12:09 53,248 - a ------ C: \ windows \ system32 \ preflib.dll
2008-10-30 20:23. 2008-10-30 20:23 20,747 - a ------ C: \ windows \ system32 \ drivers \ AegisP.sys
2008-10-30 20:23. 2003-07-24 12:10 17,149 - a ------ C: \ windows \ system32 \ DNINDIS5.SYS
2008-10-30 20:21. 2008-10-30 20:21 <DIR> d -------- C: \ Program Files \ DVDVideoSoft
2008-10-30 20:21. 2008-10-30 20:22 <DIR> d -------- C: \ Program Files \ Common Files \ DVDVideoSoft
2008-10-30 20:21. 2002-01-05 14:37 344.064 - a ------ C: \ windows \ system32 \ msvcr70.dll
2008-10-30 11:23. 2008-10-30 11:23 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ vsosdk
2008-10-30 09:53. 2008-11-02 16:08 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ VSO
2008-10-30 09:53. 2008-10-30 09:53 47,360 - a ------ C: \ windows \ system32 \ drivers \ pcouffin.sys
2008-10-30 09:53. 2008-10-30 09:53 47,360 - a ------ C: \ Documents and Settings \ Administrator \ Application Data \ pcouffin.sys
2008-10-30 09:52. 2008-10-30 09:52 <DIR> d -------- C: \ Program Files \ VSO
2008-10-30 09:52. 2004-05-04 12:53 1,645,320 - a ------ C: \ windows \ gdiplus.dll
2008-10-30 09:52. 2006-05-20 17:16 1.184.984 - a ------ C: \ windows \ system32 \ wvc1dmod.dll
2008-10-30 09:52. 2006-05-11 20:21 626.688 - a ------ C: \ windows \ system32 \ vp7vfw.dll
2008-10-30 09:52. 2006-09-29 13:24 217,127 - a ------ C: \ windows \ system32 \ drv43260.dll
2008-10-30 09:52. 2006-09-29 13:25 208.935 - a ------ C: \ windows \ system32 \ drv33260.dll
2008-10-30 09:52. 2006-09-29 13:26 176,165 - a ------ C: \ windows \ system32 \ drv23260.dll
2008-10-30 09:52. 2007-03-18 21:37 65.602 - a ------ C: \ windows \ system32 \ cook3260.dll
2008-10-29 14:11. 2008-10-29 15:48 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ dvdcss
2008-10-29 13:17. 2008-10-29 13:17 376 - a ------ C: \ windows \ ODBC.INI
2008-10-29 13:16. 2003-06-18 17:31 17.920 - a ------ C: \ windows \ system32 \ mdimon.dll
2008-10-29 13:13. 2008-10-29 13:13 <DIR> d -------- C: \ Program Files \ Microsoft ActiveSync
2008-10-29 13:10. 2008-10-29 13:10 <DIR> d -------- C: \ windows \ SHELLNEW
2008-10-29 13:10. 2008-10-29 13:10 <DIR> d -------- C: \ Program Files \ Microsoft.NET
2008-10-29 13:08. 2008-10-29 13:08 <DIR> dr.-h ----- C: \ MSOCache
2008-10-29 11:53. 2008-10-29 11:53 12,670 - a ------ C: \ windows \ system32 \ LexFiles.ulf
2008-10-29 11:52. 2008-10-30 09:38 <DIR> d -------- C: \ temp \ (9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15)
2008-10-29 11:52. 2008-10-29 11:53 <DIR> d -------- C: \ Program Files \ Lexmark 730 Series
2008-10-29 11:17. 2008-10-31 13:03 <DIR> d -------- C: \ Program Files \ Handbrake
2008-10-29 09:27. 2008-10-29 09:27 <DIR> d -------- C: \ Program Files \ FreshIP
2008-10-29 09:27. 2008-10-29 09:27 <DIR> d -------- C: \ Program Files \ Ejector
2008-10-29 09:27. 2008-10-29 09:27 <DIR> d -------- C: \ Program Files \ CalcFire
2008-10-29 09:26. 2008-10-29 09:26 <DIR> d -------- C: \ windows \ SIS
2008-10-29 09:26. 2008-10-29 09:26 <DIR> d -------- C: \ Program Files \ sisagp
2008-10-29 09:26. 2008-10-29 09:26 <DIR> d -------- C: \ Program Files \ SiS VGA Utilităţi V3.81
2008-10-29 09:26. 2008-10-30 21:03 <DIR> d - h ----- C: \ Program Files \ InstallShield Installation Information
2008-10-29 09:26. 2008-10-30 21:03 <DIR> d -------- C: \ Program Files \ Common Files \ InstallShield
2008-10-29 09:26. 2007-06-25 16:45 262.144 - a ------ C: \ windows \ system32 \ sistray.exe
2008-10-29 09:26. 2006-04-12 19:35 208,896 - a ------ C: \ windows \ Progress.exe
2008-10-29 09:26. 2007-06-25 16:44 135,168 --------- C: \ windows \ system32 \ SiSApCom.dll
2008-10-29 09:26. 2007-06-25 16:46 110,592 --------- C: \ windows \ system32 \ TVMode.dll
2008-10-29 09:26. 2007-06-29 21:04 92.761 - a ------ C: \ windows \ VGAsetup.ini
2008-10-29 09:26. 2008-10-29 09:26 78,664 - a ------ C: \ windows \ system32 \ VGAunistlog.ini
2008-10-29 09:26. 2007-06-25 16:46 65.536 --------- C: \ windows \ system32 \ SiSHook.dll
2008-10-29 09:25. 2007-06-25 16:46 9.728 - a ------ C: \ windows \ system32 \ SiSPIns2.dll
2008-10-28 20:06. 2004-08-03 22:58 5.504 - o ------ C: \ windows \ system32 \ drivers \ MSTEE.sys
2008-10-28 20:05. 2004-08-03 23:10 85,376 - a ------ C: \ windows \ system32 \ drivers \ NABTSFEC.sys
2008-10-28 20:05. 2004-08-03 23:10 19.328 - a ------ C: \ windows \ system32 \ drivers \ WSTCODEC.SYS
2008-10-28 20:05. 2004-08-03 23:10 17,024 - a ------ C: \ windows \ system32 \ drivers \ CCDECODE.sys
2008-10-28 20:05. 2004-08-04 00:56 16,384 - a ------ C: \ windows \ system32 \ ipsink.ax
2008-10-28 20:05. 2004-08-03 23:10 15,360 - a ------ C: \ windows \ system32 \ drivers \ StreamIP.sys
2008-10-28 20:05. 2004-08-03 23:10 11,136 - a ------ C: \ windows \ system32 \ drivers \ SLIP.sys
2008-10-28 20:05. 2004-08-03 23:10 10,880 - a ------ C: \ windows \ system32 \ drivers \ NdisIP.sys
2008-10-28 19:49. 2008-10-28 19:49 <DIR> d -------- C: \ Documents and Settings \ Administrator \ WINDOWS
2008-10-28 19:49. 1998-01-23 12:22 304,128 - a ------ C: \ windows \ IsUninst.exe
2008-10-28 19:49. 2002-08-20 14:58 139.264 - a ------ C: \ windows \ system32 \ IDEproperty.dll
2008-10-28 19:49. 2002-10-17 15:14 49,024 - a ------ C: \ windows \ system32 \ drivers \ sisidex.sys
2008-10-28 19:49. 2002-08-20 17:19 9.472 - o ------ C: \ windows \ system32 \ drivers \ sisperf.sys
2008-10-28 19:49. 2003-03-25 17:50 4.096 - a ------ C: \ windows \ system32 \ drivers \ siside.sys
2008-10-28 18:36. 2008-10-28 18:36 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Media Player Classic
2008-10-28 18:19. 2008-10-28 18:49 <DIR> d -------- C: \ windows \ system32 \ Adobe
2008-10-28 18:19. 2008-08-06 15:27 499,712 - a ------ C: \ windows \ system32 \ msvcp71.dll
2008-10-28 18:10. 2008-10-28 18:10 822 - a ------ C: \ windows \ langorig.ini
2008-10-28 17:58. 2008-03-03 14:25 5.702 - ah ----- c: \ windows \ nod32restoretemdono.reg
2008-10-28 17:58. 2008-03-03 18:21 568 - ah ----- c: \ windows \ nod32fixtemdono.reg
2008-10-28 17:57. 2008-10-28 17:57 <DIR> d -------- C: \ Program Files \ ESET
2008-10-28 17:57. 2008-10-28 17:57 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ ESET
2008-10-28 17:49. 2008-10-28 17:49 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Contacte
2008-10-28 17:07. 2008-10-28 17:07 <DIR> d -------- C: \ Program Files \ POP se uită pe furiş
2008-10-28 17:07. 2008-11-04 20:22 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ POP pui de găină
2008-10-28 17:02. 2008-10-28 17:02 <DIR> d -------- C: \ Documents and Settings \ Administrator \ dwhelper
2008-10-28 17:01. 2008-10-28 17:01 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Apple Computer
2008-10-28 17:01. 2008-04-17 13:12 107,368 - a ------ C: \ windows \ system32 \ GEARAspi.dll
2008-10-28 17:01. 2008-04-17 13:12 15,464 - a ------ C: \ windows \ system32 \ drivers \ GEARAspiWDM.sys
2008-10-28 17:00. 2008-10-28 17:00 <DIR> d -------- C: \ Program Files \ QuickTime

.
(((((((((((((((((((((((((((((((((((((((( Find3M Raport )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-28 15:52 --------- d ----- wc: \ Program Files \ Opera
2008-10-23 15:07 99.904 ---- Aw c: \ windows \ system32 \ drivers \ AnyDVD.sys
2008-09-09 00:03 51.712 ---- Aw c: \ windows \ system32 \ sirenacm.dll
2008-08-29 10:18 87.336 ---- Aw c: \ windows \ system32 \ dns-sd.exe
2008-08-29 09:53 61.440 ---- Aw c: \ windows \ system32 \ dnssd.dll
2007-07-31 12:00 34.048 ---- ar C: \ Program Files \ Mozilla Firefox \ plugin-uri \ upd62i9x.dll
2007-07-31 12:00 45.056 ---- ar C: \ Program Files \ Mozilla Firefox \ plugin-uri \ upd62int.dll
2007-07-31 12:00 34.048 ---- ar C: \ Program Files \ Opera \ program \ plugin-uri \ upd62i9x.dll
2007-07-31 12:00 45.056 ---- ar C: \ Program Files \ Opera \ program \ plugin-uri \ upd62int.dll
.

------- Sigcheck -------

2007-07-31 12:00 360576 c7be59b07c6eb74bea6fd67c1b164015 c: \ windows \ system32 \ drivers \ tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Se incarca Puncte )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Nota * gol intrări & legit default intrări nu sunt afişate
REGEDIT4

[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"PeerGuardian" = "C: \ Program Files \ PeerGuardian2 \ pg2.exe" [2007-01-30 1432064]
"Pui de găină POP" = "C: \ Program Files \ POP ochi \ POPPeeper.exe" [2008-07-18 1437696]
"μTorrent" = "C: \ Program Files \ uTorrent \ utorrent.exe" [2008-10-28 270128]
"uTorrent" = "C: \ Program Files \ uTorrent \ utorrent.exe" [2008-10-28 270128]
"msnmsgr" = "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" [2008-09-09 3513344]
"Google Update" = "C: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe" [2008-11-01 133104]
"filehippo.com" = "C: \ Program Files \ filehippo.com \ UpdateChecker.exe" [2008-10-22 147968]
"AnyDVD" = "C: \ Program Files \ SlySoft \ AnyDVD \ AnyDVDtray.exe" [2008-11-04 2259904]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ QTTask.exe" [2008-09-06 413696]
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008-10-01 289576]
"egui" = "C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ egui.exe" [2008-02-20 1443072]
"SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe" [2008-11-01 136600]
"SiSPower" = "SiSPower.dll" [2007-06-25 C: \ windows \ system32 \ SiSPower.dll]

[HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ RunOnce]
"nltide_2" = "shell32" [X]
"nltide_3" = "advpack.dll" [2007-07-31 C: \ windows \ system32 \ advpack.dll]

C: \ Documents and Settings \ Administrator \ Start Menu \ Programs \ Startup \
CalcFire.lnk - C: \ Program Files \ CalcFire \ CalcFire.exe [2008-09-04 283529]
FreshIP.lnk - C: \ Program Files \ FreshIP \ FreshIP.exe [2008-09-15 232891]

C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \
Utility Tray.lnk - c: \ windows \ system32 \ sistray.exe [2008-10-29 262144]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ windows \ curr entversion \ Policies \ Explorer]
"MemCheckBoxInRunDlg" = 1 (0x1)
"StartMenuFavorites" = 0 (0x0)
"Start_ShowMyComputer" = 1 (0x1)
"Start_ShowMyDocs" = 1 (0x1)
"Start_ShowMyMusic" = 0 (0x0)
"Start_ShowRun" = 1 (0x1)
"Start_ShowSearch" = 0 (0x0)

[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ curre ntversion \ Policies \ Explorer]
"NoSMHelp" = 1 (0x1)
"ForceClassicControlPanel" = 1 (0x1)
"NoResolveTrack" = 1 (0x1)
"NoResolveSearch" = 1 (0x1)
"NoSMMyPictures" = 1 (0x1)
"NoSMConfigurePrograms" = 1 (0x1)
"MemCheckBoxInRunDlg" = 1 (0x1)

[HKEY_USERS \. Implicit \ SOFTWARE \ Microsoft \ Windows \ actuală rentversion \ Policies \ Explorer]
"NoInternetIcon" = 1 (0x1)
"NoSMHelp" = 1 (0x1)
"ForceClassicControlPanel" = 1 (0x1)
"NoResolveTrack" = 1 (0x1)
"NoResolveSearch" = 1 (0x1)
"NoSMMyPictures" = 1 (0x1)
"NoSMConfigurePrograms" = 1 (0x1)
"MemCheckBoxInRunDlg" = 1 (0x1)

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ notifice \ WBSrv]
2008-09-16 08:44 174328 C: \ Program Files \ Stardock \ Object Desktop \ WindowBlinds \ WbSrv.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Windows]
"AppInit_DLLs" = wbsys.dll

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ securityproviders]
SecurityProviders schannel.dll, digest.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Security Center]
"UpdatesDisableNotify" = dword: 00000001
"AntiVirusDisableNotify" = dword: 00000001
"AntiVirusOverride" = dword: 00000001
"FirewallOverride" = dword: 00000001

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ Lista]
"% WINDIR% \ \ system32 \ \ sessmgr.exe" =
"% WINDIR% \ \ Reţeaua de diagnostic \ \ xpnetdiag.exe" =
"c: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" =
"c: \ \ Program Files \ \ iTunes \ \ iTunes.exe" =
"c: \ \ Program Files \ \ uTorrent \ \ utorrent.exe" =
"c: \ \ Program Files \ \ Free Music Zilla \ \ FMZilla.exe" =
"c: \ \ Program Files \ \ Windows Live \ \ Messenger \ \ wlcsdk.exe" =
"c: \ \ Program Files \ \ Windows Live \ \ Messenger \ \ msnmsgr.exe" =
"c: \ \ WINDOWS \ \ system32 \ \ java.exe" =

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ IcmpSettings]
"AllowInboundEchoRequest" = 1 (0x1)

R1 epfwtdir; epfwtdir; c: \ windows \ system32 \ drivers \ epfw tdir.sys [2008-02-20 33800]
R1 lusbaudio; Logitech USB Microfon; c: \ windows \ system32 \ drivers \ OVSound2.sy s [2001-08-17 25216]
R2 JavaQuickStarterService; Java rapida pentru începători; C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe [2008-11-01 152984]
R3 QCEmerald; Logitech QuickCam Web; c: \ windows \ system32 \ drivers \ OVCE.sys [2001-08-17 31872]
S2 NOD32FiXTemDono; Eset nod32 Boot; c: \ windows \ system32 \ Regedt32.exe [2007-07-31 3584]
S3 DNINDIS5; DNINDIS5 Driver NDIS protocol; C: \ progra ~ 1 \ Belkin \ BELKIN ~ 1.11G \ DNINDIS5.SY S [2003-07-24 17149]

NETSVCS SOLICITĂ REPARATII - curent Intrările prezentate
6to4
AppMgmt
AudioSrv
Browser
Cryptsvc
DMServer
DHCP
EventSystem
FastUserSwitchingCompatibility
HidServ
IAS
Iprip
Irmon
LanmanServer
LanmanWorkstation
Netman
Nla
Ntmssvc
NWCWorkstation
Nwsapagent
Rasauto
RasMan
Remoteaccess
Programa
Seclogon
SENS
Sharedaccess
Srservice
Tapisrv
Teme
TrkWks
W32Time
WZCSVC
WMI
WmdmPmSp
winmgmt
xmlprov
ShellHWDetection

HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Svchost - NetSvcs


* Newly Created Service * - CATCHME
* Newly Created Service * - PROCEXP90
.
Cuprins de la "Activităţi programate" dosar

2008-11-03 C: \ windows \ Tasks \ AppleSoftwareUpdate.job
- C: \ Program Files \ Apple Software Update \ SoftwareUpdate.exe [2008-07-30 12:34]

2008-11-06 C: \ windows \ Tasks \ GoogleUpdateTaskUser.job
- C: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe [2008-11-01 10:54]
.
.
------- Suplimentare Scan -------
.
Firefox -: Profil - C: \ Documents and Settings \ Administrator \ Application Data \ Mozilla \ Firefox \ Profiles \ p2eog6ij.default \
Firefox -: prefs.js - STARTUP.HOMEPAGE - hxxp: / / www.google.com/
FF -: plugin - C: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Google \ Update \ 1.2.131.25 \ npGoogleOneClick6.dl l
FF -: plugin - C: \ Program Files \ iTunes \ Mozilla Plugins \ npitunes.dll
FF -: plugin - C: \ Program Files \ Java \ jre6 \ bin \ new_plugin \ npdeploytk.dll
FF -: plugin - C: \ Program Files \ Java \ jre6 \ bin \ new_plugin \ npjp2.dll
FF -: plugin - C: \ Program Files \ K-Lite Codec Pack \ Real \ browser \ plugin-uri \ nppl3260.dll
FF -: plugin - C: \ Program Files \ K-Lite Codec Pack \ Real \ browser \ plugin-uri \ nprpjplug.dll
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit / stealth malware detector de Gmer, http://www.gmer.net
Rootkit scan 2008-11-06 17:53:46
Windows 5.1.2600 Service Pack 2 NTFS

scanare ascuns procese ...

scanare ascuns autostart intrări ...

scanare fişiere ascunse ...

scanare sa finalizat cu succes
fişiere ascunse: 0

************************************************** ************************
.
Completion time: 2008-11-06 17:55:07
ComboFix-carantină-files.txt 2008-11-06 17:54:43
ComboFix2.txt 2008-11-06 17:44:22

Pre-Run: 71168983040 bytes liber
Post-Run: 71160324096 bytes liber

306
  #6  
Old 6 noiembrie 2008, 10:56
Grupul de stat
  
Default Conexiune probleme

Logfile de Trend Micro HijackThis v2.0.2
Scan salvate la 17:56:55, pe 06.11.2008
Platforma: Windows XP SP2 (WINNT 5.01.2600)
MSIE: Nu pot să-Internet Explorer, versiunea!
Boot mode: Normal

Rularea procese:
C: \ Windows \ system32 \ smss.exe
C: \ Windows \ system32 \ winlogon.exe
C: \ Windows \ system32 \ services.exe
C: \ Windows \ system32 \ lsass.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ Spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ ekrn.exe
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ egui.exe
C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
C: \ Program Files \ POP ochi \ POPPeeper.exe
C: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe
C: \ Program Files \ filehippo.com \ UpdateChecker.exe
C: \ Program Files \ SlySoft \ AnyDVD \ AnyDVDtray.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ iTunes \ iTunes.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ Trend Micro \ HijackThis \ Sniper.exe

R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Local Page =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Setări, ProxyOverride = *. local
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
O2 - BHO: Faceţi clic-pentru-Apel BHO - (5C255C8A-E604-49b4-9D64-90988571CECB) - C: \ Program Files \ Windows Live \ Messenger \ wlchtc.dll
O2 - BHO: Java (tm) plug-in-ul SSV Helper - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre6 \ bin \ ssv.dll
O2 - BHO: Windows Live Sign-in-Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Java (tm) Plug-in 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ implica \ jqs \ ie \ jqs_plugin.dll
O4 - HKLM \ .. \ Run: [SiSPower] Rundll32.exe SiSPower.dll, ModeAgent
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [egui] "C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ egui.exe" / Ascundere / waitservice
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [PeerGuardian] C: \ Program Files \ PeerGuardian2 \ pg2.exe
O4 - HKCU \ .. \ Run: [POP ochi] "C: \ Program Files \ POP ochi \ POPPeeper.exe"-min
O4 - HKCU \ .. \ Run: [μTorrent] "C: \ Program Files \ uTorrent \ utorrent.exe"
O4 - HKCU \ .. \ Run: [uTorrent] "C: \ Program Files \ uTorrent \ utorrent.exe"
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" / fundal
O4 - HKCU \ .. \ Run: [Google Update] "C: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe" / c
O4 - HKCU \ .. \ Run: [filehippo.com] "C: \ Program Files \ filehippo.com \ UpdateChecker.exe" / fundal
O4 - HKCU \ .. \ Run: [AnyDVD] C: \ Program Files \ SlySoft \ AnyDVD \ AnyDVDtray.exe
O4 - HKUS \ S-1-5-19 \ .. \ RunOnce: [nltide_2] regsvr32 / s / n / i: U shell32 (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ RunOnce: [nltide_3] rundll32 advpack.dll, LaunchINFSectionEx nLite.inf, C,, 4, N (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ RunOnce: [nltide_2] regsvr32 / s / n / i: U shell32 (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [nltide_2] regsvr32 / s / n / i: U shell32 (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ RunOnce: [nltide_2] regsvr32 / s / n / i: U shell32 (User 'Default user')
O4 - Startup: CalcFire.lnk = C: \ Program Files \ CalcFire \ CalcFire.exe
O4 - Startup: FreshIP.lnk = C: \ Program Files \ FreshIP \ FreshIP.exe
O4 - Global Startup: Utility Tray.lnk = C: \ Windows \ system32 \ sistray.exe
O6 - HKLM \ SOFTWARE \ Policies \ Microsoft \ Internet Explorer \ Restrictions prezent
O8 - Extra context menu item: E & xportaţi la Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ milionimi ~ 1 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: Cercetare - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ milionimi ~ 1 \ OFFICE11 \ REFIEBAR.DLL
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Indexare Service (CiSvc) - Unknown owner - C: \ Windows \ system32 \ cisvc.exe (fişierul lipseşte)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ ekrn.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: Java rapida pentru începători (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: lxcf_device - - C: \ Windows \ system32 \ lxcfcoms.exe

--
Sfârşit de fişier - 5724 bytes
  #7  
Old 6 noiembrie 2008, 11:30
Moderator Group
  
Default Conexiune probleme

Deschide HijackThis şi selectaţi Fă-un sistem de scanare numai.

Se pune un semn de selectare lângă următoarele menţiuni: (dacă există)
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
Important: Închideţi toate ferestrele cu excepţia HijackThis apoi faceţi clic pe Fix verificate.

Exit HijackThis.

----------
Descărca CCleaner Slim şi salvaţi-l pe Desktop .- Alternative download link
Când dosarul a fost salvat, du-te la desktop şi faceţi dublu-clic pe ccsetupxxx_slim.exe
Urmaţi solicitările pentru a instala programul.
  • Faceţi dublu-clic pe CCleaner comandă rapidă pe desktop pentru a începe programul.
  • Click pe Opţiuni bloc de pe partea stângă, apoi alegeţi Cookies.
    • Sub Cookie-uri pentru a Ştergere, Evidenţiaţi orice cookie-urile pe care doriţi să-şi menţină permanent
    • Faceţi clic pe săgeată dreapta > pentru a le muta la Cookie-uri pentru a se ţine fereastra.
  • Du-te în Opţiuni > Advanced unverifica Numai ştergeţi fişiere în Windows Temp dosare mai vechi de 48 de ore
  • Faceţi clic pe Cleaner pe partea stângă, apoi Run Cleaner cu privire la dreptul de a rula programul.
  • Important: Asiguraţi-vă că TOATE browser-ul Windows sunt închise înainte de selectarea Run Cleaner
  • Atentie: Numai utilizează Registrul caracteristică, dacă nu sunteţi foarte familiarizat cu registry.
  • Întotdeauna copia de rezervă a registry înainte a face orice modificări.
  • Exit CCleaner după ce acesta a completat procesul este.
----------
Descărca SUPERAntiSpyware.exe

Alternative download link 1
Alternative download link 2
  • Faceţi dublu-clic pe icoana de pe desktop pentru a rula programul de instalare.
  • Când a fost întrebată de a Actualiza programul definiţii, faceţi clic pe Da
  • Dacă întâmpinaţi vreo problemă în timp ce descărca actualizări, descărcaţi manual şi dezarhivaţi-le de la aici
  • Faceţi clic pe Next Preferinţe buton.
  • Sub Start-Up Opţiuni debifaţi următoarele:
  • Start SUPERAntiSpyware când Windows porneşte
  • Arăta SUPERAntiSpyware icon in system tray
  • Show splash screen la pornire
  • Faceţi clic pe Scanarea de control filă.
  • Sub Opţiuni de scanare asiguraţi-vă doar următoarele sunt verificate:
  • Inchide browsere, înainte de scanare
  • Scan pentru cookie-uri de urmărire
  • Opriţi de memorie înainte de ameninţări quarantining
  • Scan alternativ de date Curente
  • Vă rugăm să lăsaţi pe ceilalţi bifat.
  • Faceţi clic pe Închide buton pentru a ieşi din Centrul de Control ecran.
  • Pe ecranul principal clicaţi Scanaţi computerul
  • Pe partea stângă, bifaţi caseta de unitate pe care o scanare.
  • În dreapta alege Efectuaţi scanare completă
  • Faceţi clic pe Următorul pentru a începe scanarea. Vă rugăm să aveţi răbdare în timp ce scanează computerul.
  • După scanare completă este un rezumat va apărea caseta. Faceţi clic pe OK
  • Asiguraţi-vă că totul în alb, are o caseta de control de lângă el, apoi faceţi clic pe Următorul
  • Este ceea ce se va carantină găsit şi în cazul în care acesta solicită, dacă doriţi să repornirea sistemului, faceţi clic pe Da
  • Pentru a prelua îndepărtarea de informaţii, vă rugăm să faceţi următoarele:
  • După repornire, faceţi dublu-clic pe icoana SUPERAntiSpyware pe desktop.
  • Faceţi clic pe Preferinţe. Faceţi clic pe Statistici / Rapoarte filă.
  • Sub Scanner Rapoarte, faceţi dublu-clic pe SUPERAntiSpyware Scan Jurnal.
  • Se va deschide in implicit editor de text (de preferat Notepad).
  • Salvaţi notepad fişierul pe spaţiul de lucru, făcând clic pe (in notepad) Dosar > Salvare ca...
  • Salvare jurnal undeva puteţi foarte uşor să-l găsiţi. (în mod normal, pe desktop)
  • Faceţi clic pe aproape şi închide din nou, pentru a ieşi din program.
  • Copiaţi şi lipiţi log in post.
__________________
Reply

Register

Marcaje

Similar Threads
Fir Thread Starter Forum Răspunsurile Ultimul mesaj
MP3 Playere Probleme de conectare prin USB Wizosir Sunet, Difuzoare & MP3 Playere 1 26 iulie 2008 10:18
LAN / probleme de conexiune la Internet lloydwoodford91 Networking, Modemuri & VoIP 7 26 mai 2008 05:38
Hamachi probleme, rău de conectare. euhlol General Chat Software 1 24 ianuarie 2008 14:29
Probleme de conexiune la Internet opnight Networking, Modemuri & VoIP 6 21 Jan 2008 06:38
PC conexiune Internet probleme tjhawg Networking, Modemuri & VoIP 6 27 august 2007 20:34
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Suc.
Contact -- Confidentialitate -- Harta site-ului -- Vârf

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd. SEO de vBSEO © 2009, Crawlability, Inc