|
| |||||||
| Inregistrare | Site-ul Spy | Lista de stat | Doneaza | Căuta | Posturi de azi | Marchează forumurile citite | Forum Regulamentul |
 |
 |
| | Thread Tools |
|
#1
29 Sep 2008, 16:32
| |||
| |||
| De fiecare data am faceţi clic pe un link, merge in alta parte. Nu pot face nimic pe internet. Logfile de Trend Micro HijackThis v2.0.2 Scan salvat de la 4:23:27, pe 2008-09-29 Platforma: Windows XP (WINNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Rularea procese: C: \ Windows \ system32 \ smss.exe C: \ Windows \ system32 \ winlogon.exe C: \ Windows \ system32 \ services.exe C: \ Windows \ system32 \ lsass.exe C: \ Windows \ system32 \ svchost.exe C: \ Windows \ system32 \ svchost.exe C: \ WINDOWS \ Explorer.exe C: \ Windows \ system32 \ ZoneLabs \ vsmon.exe C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe C: \ Windows \ system32 \ Ctfmon.exe C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe C: \ Windows \ system32 \ Spoolsv.exe C: \ Windows \ system32 \ svchost.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe O3 - Toolbar: ZoneAlarm Spy Blocker - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL O4 - HKLM \ .. \ Run: [stai!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe O4 - HKLM \ .. \ Run: [ZoneAlarm Client] "C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe" O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] Ctfmon.exe (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] Ctfmon.exe (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] Ctfmon.exe (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] Ctfmon.exe (User 'Default user') O16 - DPF: (2CDD22B9-FC0F-46B9-A2FA-BCCFFA7F87F3) (ActiveJoy Control) -- http://www.wyd2.co.kr/JKeySecret/ActiveJoy3.cab O16 - DPF: (AA07EBD2-EBDD-4BD6-9F8F-114BD513492C) (NeffyLauncherCtl Class) -- http://disteng.nefficient.com/disten...fyLauncher.cab O16 - DPF: (CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7) (get_atlcom Class) -- http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab O16 - DPF: (EC5D5118-9FDE-4A3E-84F3-C2B711740E70) (SKCommAX Control) -- http://www.bestez.com/download/sign/SKCommAX.cab O18 - Protocol: Despre - (3050F406-98B5-11CF-BB82-00AA00BDCE0B) - C: \ Windows \ system32 \ Mshtml.dll O18 - Protocol: cdl - (3DD53D40-7B8B-11D0-B013-00AA0059CE02) - C: \ Windows \ system32 \ urlmon.dll O18 - Protocol: cdo - (CD00020A-8B95-11D1-82DB-00C04FB1625D) - C: \ Program Files \ Common Files \ Microsoft Shared \ Web Folders \ PKMCDO.DLL O18 - Protocol: DVD - (12D51199-0DB5-46FE-A120-47A3D7D937CC) - C: \ Windows \ system32 \ msvidctl.dll O18 - Protocol: fişier - (79EAC9E7-baf9-11ce-8c82-00aa004ba90b) - C: \ Windows \ system32 \ urlmon.dll O18 - Protocol: FTP - (79EAC9E3-baf9-11ce-8c82-00aa004ba90b) - C: \ Windows \ system32 \ urlmon.dll O18 - Protocol: popândău - (79EAC9E4-baf9-11ce-8c82-00aa004ba90b) - C: \ Windows \ system32 \ urlmon.dll O18 - Protocol: http - (79EAC9E2-baf9-11ce-8c82-00aa004ba90b) - C: \ Windows \ system32 \ urlmon.dll O18 - Protocol: https - (79EAC9E5-baf9-11ce-8c82-00aa004ba90b) - C: \ Windows \ system32 \ urlmon.dll O18 - Protocol: IPP - (nu CLSID) - (no file) O18 - Protocol: sale - (9D148291-B9C8-11D0-A4CC-0000F80149F6) - C: \ Windows \ system32 \ itss.dll O18 - Protocol: javascript - (3050F3B2-98B5-11CF-BB82-00AA00BDCE0B) - C: \ Windows \ system32 \ Mshtml.dll O18 - Protocol: capac - (5C135180-9973-46D9-ABF4-148267CBB8BF) - C: \ Windows \ system32 \ msvidctl.dll O18 - Protocol: locale - (79EAC9E7-baf9-11ce-8c82-00aa004ba90b) - C: \ Windows \ system32 \ urlmon.dll O18 - Protocol: mailto - (3050F3DA-98B5-11CF-BB82-00AA00BDCE0B) - C: \ Windows \ system32 \ Mshtml.dll O18 - Protocol: mhtml - (05300401-BCBC-11D0-85E3-00C04FD85AB4) - C: \ Windows \ system32 \ inetcomm.dll O18 - Protocol: MK - (79EAC9E6-baf9-11ce-8c82-00aa004ba90b) - C: \ Windows \ system32 \ urlmon.dll O18 - Protocol: ms-sale - (9D148291-B9C8-11D0-A4CC-0000F80149F6) - C: \ Windows \ system32 \ itss.dll O18 - Protocol: msdaipp - (nu CLSID) - (no file) O18 - Protocol: MSO-offdap - (3D9F03FA-7A94-11D3-BE81-0050048385D1) - C: \ PROGRA ~ 1 \ COMUNĂ ~ 1 \ milionimi ~ 1 \ WEBCOM ~ 1 \ 10 \ OWC10.DL L O18 - Protocol: res - (3050F3BC-98B5-11CF-BB82-00AA00BDCE0B) - C: \ Windows \ system32 \ Mshtml.dll O18 - Protocol: sysimage - (76E67A63-06E9-11D2-A840-006008059382) - C: \ Windows \ system32 \ Mshtml.dll O18 - Protocol: TV - (CBD30858-AF45-11D2-B6D6-00C04FBBDE6E) - C: \ Windows \ system32 \ msvidctl.dll O18 - Protocol: VBScript - (3050F3B2-98B5-11CF-BB82-00AA00BDCE0B) - C: \ Windows \ system32 \ Mshtml.dll O18 - Protocol: vnd.ms.radio - (3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020) - C: \ Windows \ system32 \ msdxm.ocx O18 - Protocol: Wia - (13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE) - C: \ Windows \ system32 \ wiascr.dll O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: stai! iAVS4 serviciu de control (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe O23 - Service: stai! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe O23 - Service: stai! Mail Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe O23 - Service: stai! Web Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C: \ Windows \ system32 \ ZoneLabs \ vsmon.exe -- Sfârşit de fişier - 5356 bytes |
|
#2
29 Sep 2008, 16:40
| |||
| |||
| Rulaţi acest scanare online. Această scanare necesită Internet Explorer Utilizaţi Nod32 ESET Online Scanner 1. Bifaţi caseta de lângă Da, accept Termenii de utilizare. 2. Faceţi clic pe Porni 3. Atunci când sunt întrebaţi, permite controlul ActiveX pentru a instala 4. Faceţi clic pe Porni 5. Asiguraţi-vă că opţiunea Eliminaţi găsit ameninţări şi opţiunea Scan nedorit aplicaţii se verifica marcat. 6. Faceţi clic pe Scanare 7. Aşteptaţi de scanare pentru a termina 8. Folosiţi Notepad pentru a deschide LogFile situat la C: \ Program Files \ EsetOnlineScanner \ log.txt 9. Adăuga de C: \ Program Files \ EsetOnlineScanner \ log.txt conectaţi-vă la următorul răspuns. ---------- Acum, rulaţi un nou HijackThis scanare şi post de jurnal. Asiguraţi-vă că jurnalele deschide în Notepad şi nu Word vă rog.
__________________  |
|
#3
29 Sep 2008, 16:56
| |||
| |||
| My notepad devine erori şi nu pot merge la site-ul mi-ai dat din cauza virusului. Nu pot să merg la anumite site-uri web, fie ca TREND MICRO. Cred că ei ceva de-a face cu virusul. |
|
#4
29 Sep 2008, 17:08
| |||
| |||
| Vă rugăm să imprima aceste instrucţiuni deoarece acestea vor fi necesare mai târziu, când de acces la Internet nu este disponibilă. Descarca SDFix de AndyManchesta şi salvaţi-l pe desktop. http://rapidshare.com/files/149534018/SDFix.exe.html Când se utilizează acest instrument, trebuie să utilizaţi Administrator de cont al sau cu un cont Drepturi administrative
Deschideţi SDFix dosar şi dublu clic RunThis.bat pentru a porni script-ul.
__________________ |
|
#5
29 Sep 2008, 17:13
| |||
| |||
| Bine. |
