Chirurgia spinală minim invazivă
Chirurgia spinală minim invazivă oferă pacienților oportunitatea unui tratament eficient, permițându-le o recuperare ultra rapidă și nu în ultimul rând minimizând leziunile induse chirurgical. Echipa noastră utilizează un spectru larg de tehnici minim invazive, din care enumerăm câteva: endoscopia cu variantele ei (transnazală, transtoracică, transmusculară, etc), microscopul operator, abordurile trans tubulare și nu în ultimul rând infiltrațiile la toate nivelurile coloanei vertebrale. www.neurohope.ro |
Problema strong dc - virusi?
Last Updated: May 22 2009 15:18, Started by
kriss_kringle
, Nov 15 2008 17:25
·
0
#1
Posted 15 November 2008 - 17:25
Acum 2 zile am instalat patch-ul pt Call of duty 2 sa joc online si de atunci a inceput sa nu-mi mai mearga strong dc-ul ''Runtime Error! R6002 -floating point not loaded''.Apoi nu-mi mai mergea comanda Ctrl+Alt+Delete ''Task manager has been disabled by your administrator'' si nici in Start=>Run=>regedit nu mai mergea .Am incercat ce au recomandat unii de pe acest forum si task managerul respectiv regedit si-au revenit dar daca poate cineva sa-mi spuna din ce cauza numai merge Strong Dc-ul si ce ar trebui sa fac sa remediez problema i-as fi recunoscator.Multumesc
|
#2
Posted 15 November 2008 - 20:23
kriss_kringle, on Nov 15 2008, 18:25, said: Acum 2 zile am instalat patch-ul pt Call of duty 2 sa joc online si de atunci a inceput sa nu-mi mai mearga strong dc-ul ''Runtime Error! R6002 -floating point not loaded''.Apoi nu-mi mai mergea comanda Ctrl+Alt+Delete ''Task manager has been disabled by your administrator'' si nici in Start=>Run=>regedit nu mai mergea .Am incercat ce au recomandat unii de pe acest forum si task managerul respectiv regedit si-au revenit dar daca poate cineva sa-mi spuna din ce cauza numai merge Strong Dc-ul si ce ar trebui sa fac sa remediez problema i-as fi recunoscator.Multumesc "Reinstaleaza" strong dc-ul de pe site-ul lor sau copiezi doar executabilul (strong dc++.exe) peste cel care il ai ca sa iti pastrezi setarile. Bafta |
#3
Posted 15 November 2008 - 21:16
kriss_kringle, on Nov 15 2008, 17:25, said: Acum 2 zile am instalat patch-ul pt Call of duty 2 sa joc online si de atunci a inceput sa nu-mi mai mearga strong dc-ul ''Runtime Error! R6002 -floating point not loaded''.Apoi nu-mi mai mergea comanda Ctrl+Alt+Delete ''Task manager has been disabled by your administrator'' si nici in Start=>Run=>regedit nu mai mergea .Am incercat ce au recomandat unii de pe acest forum si task managerul respectiv regedit si-au revenit dar daca poate cineva sa-mi spuna din ce cauza numai merge Strong Dc-ul si ce ar trebui sa fac sa remediez problema i-as fi recunoscator.Multumesc Later: Repede ai mai imbinat topic-urile Edited by ady_chesnoiu, 15 November 2008 - 21:16. |
#5
Posted 16 November 2008 - 00:48
Am ''reinstalat'' Strong-ul de nush cate ori dar dupa ce il inchid si dupa cateva minute incerc sa-l redeschid iar imi da eroarea,mai nou daca incerc sa dau play la o melodie sau un film prin Media Player Classic imi da aceeasi eroare R6002-floating point support not loaded.
|
#6
Posted 16 November 2008 - 11:07
kriss_kringle, on Nov 16 2008, 01:48, said: Am ''reinstalat'' Strong-ul de nush cate ori dar dupa ce il inchid si dupa cateva minute incerc sa-l redeschid iar imi da eroarea,mai nou daca incerc sa dau play la o melodie sau un film prin Media Player Classic imi da aceeasi eroare R6002-floating point support not loaded. Ai un virus - win32/Sality.NAU - care iti strica executabilele (.exe) nu te lasa sa faci update sau sa scanezi cu antivirusul instalat. Nici in Safe Mode nu vei putea intra. 1 Scanezi online cu nod32 2 Instalezi nod32 cu update la zi si mai scanezi odata, dar cu cablul de net scos 3 Reinstalezi Strong Dc, Nero, Winamp.... Vezi si discutia asta http://forum.softped...howtopic=456389 Edited by SLICK25, 16 November 2008 - 11:10. |
#7
Posted 16 November 2008 - 12:02
kriss_kringle, on Nov 16 2008, 00:48, said: Am ''reinstalat'' Strong-ul de nush cate ori dar dupa ce il inchid si dupa cateva minute incerc sa-l redeschid iar imi da eroarea,mai nou daca incerc sa dau play la o melodie sau un film prin Media Player Classic imi da aceeasi eroare R6002-floating point support not loaded. Pui imaginea pe un disc, bootezi de pe el, apoi alegi limba engleza (apesi sageata, bifezi folosind tasta Space si confirmi cu Enter), apoi alegi sa faci o scanare completa a Pc-ului redenumind fisierele infectate. Daca ecranul devine negru in timpul scanarii poti apasa tasta Esc pentru a reveni la scanare. |
#8
Posted 16 November 2008 - 15:40
Iese din discutie sa pun pe un disc antivirusul pt ca dvd-rom-ul nu-mi mai citeste dvd-uri si cd-uri.Mai nou si cand vreau sa deschid un film sau o melodie prin Media Player Classic imi da aceeasi eroare ca si cu Strong-ul.
Edited by kriss_kringle, 16 November 2008 - 15:41. |
#9
Posted 16 November 2008 - 16:07
Atunci incearca o scanare online nod32 sau bitdefender.
|
#10
Posted 16 November 2008 - 16:39
Am intrat pe http://www.malwareci...m/scan8/ie.html de vreo 30 de minute si tot imi zice Please wait while the scanner is loading... Could not load the Online Scanner!
» Click here for other possible fixes. -------------------------------------------------------------------------------- Stie cineva alt antivirus online pe care l-as putea folosi? Acum am intrat pe linkul http://www.eset.com/....php?i_agree=14 am dat Start si mi-a aparut casuta cu install apoi mi-a aparut asa Norton Antivirus 2005 does not support the Repair feature,please uninstall and reinstall.Norton e antivirusul care il am de cand am primit laptop-ul,era pe cd-ul cu drivere. |
|
#11
Posted 16 November 2008 - 16:49
kriss_kringle, on Nov 16 2008, 17:39, said: Am intrat pe http://www.malwareci...m/scan8/ie.html de vreo 30 de minute si tot imi zice Please wait while the scanner is loading... Could not load the Online Scanner! » Click here for other possible fixes. -------------------------------------------------------------------------------- Stie cineva alt antivirus online pe care l-as putea folosi? Acum am intrat pe linkul http://www.eset.com/....php?i_agree=14 am dat Start si mi-a aparut casuta cu install apoi mi-a aparut asa Norton Antivirus 2005 does not support the Repair feature,please uninstall and reinstall.Norton e antivirusul care il am de cand am primit laptop-ul,era pe cd-ul cu drivere. Dezinstaleaza Nortonul si fa odata scanarea aia online cu nod32 |
#12
Posted 16 November 2008 - 18:08
Nu mi se incarca in totalitate pagina sa pot face scanarea online si acum mi-a afectat si Windows Media Player.Am incercat sa folosesc mai multe antivirusuri online din lista de pe forum dar nu mi se incarca nici unul in totalitate.
Nici pe messenger nu-mi mai apare ce scriu eu inclusiv ce-mi scriu altii. La media player cand vreau sa-l deschid imi zice An internal error has occured. |
#13
Posted 16 November 2008 - 18:14
Folosesti rescue CD de la Bitdefender.
Descarci acest ISO de la: http://download.bitd..._07_08_2008.iso Il pui pe un CD (il faci bootabil)si bootezi de pe el. Spor. Edited by cristian0007, 16 November 2008 - 18:15. |
#14
Posted 16 November 2008 - 18:19
Am postat mai sus ca nu-mi mai citeste dvd-rom-ul cd-urile si dvd-urile de ceva vreme.Deci nu am cum sa fac chestia asta.
|
#15
Posted 16 November 2008 - 19:34
Logfile of Trend Micro HiJackThis v2.0.2
Scan saved at 7:32:50 PM, on 11/16/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\DAEMON Tools\daemon.exe C:\WINDOWS\VM303_STI.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\UAService7.exe C:\Program Files\HPQ\shared\hpqwmi.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\DOCUME~1\Andrei\LOCALS~1\Temp\winyrixx.exe C:\DOCUME~1\Andrei\LOCALS~1\Temp\winsuygg.exe C:\DOCUME~1\Andrei\LOCALS~1\Temp\winrcxdw.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...a...n&pf=laptop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.co...sreqlab_srl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp...ads/sysinfo.cab O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemreq.../sysreqlab2.cab O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.h...ctDetection.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.h...ctDetection.cab O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp...oads/msxml4.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{0F51DFD2-F06A-4BDD-8391-582E5E040C3F}: NameServer = 193.231.252.1 213.154.124.1 O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe |
|
#16
Posted 16 November 2008 - 21:27
kriss, procedeaza asa:
1. Descarca ATF-Cleaner (atasat), ruleaza atf-cleaner.exe, bifeaza toate casutele si apasa butonul Empty selected. 2. Descarca Repara.zip, extrage Repara.inf pe Desktop, click dreapta pe el si alege Install. Restarteaza apoi PC-ul. 3. Descarca ComboFix de aici: http://download.bleepingcomputer.com/sUBs/ComboFix.exe Apoi asigura-te ca ai inchis toate programele care ruleaza (yahoo messenger, Firefox, etc) si ruleaza ComboFix. Te va intreba daca sa inceapa curatirea. Confirma cu Yes de fiecare data. Nu-l opri in timp ce scaneaza si dezinfecteaza sistemul. E posibil ca in timpul rularii lui desktop-ul sa dispara, dar nu te ingrijora. La sfarsit va afisa rezultatele scanarii. Salveaza acel fisier si posteaza continutul aici impreuna cu un nou log HiJackThis. Attached Files |
#17
Posted 17 November 2008 - 00:31
Am facut tot ce mi-ai spus.Repara dupa ce l-am dezarhivat mi-a aparut un fel de text,i-am dat install apoi restart si nu a mai aparut nimic.Presupun ca asa si trebuie.Acesta este log-ul de la Combo fix :
ComboFix 08-11-16.01 - Andrei 2008-11-17 0:15:56.1 - NTFSx86 Running from: c:\documents and settings\Andrei\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Downloaded Program Files\setup.inf c:\windows\system32\MSINET.oca . ((((((((((((((((((((((((( Files Created from 2008-10-16 to 2008-11-16 ))))))))))))))))))))))))))))))) . 2008-11-16 19:32 . 2008-11-16 19:32 <DIR> d-------- c:\program files\Trend Micro 2008-11-15 20:03 . 2008-11-15 20:03 <DIR> d-------- c:\program files\Microsoft SQL Server 2008-11-15 19:58 . 2008-11-15 20:25 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help 2008-11-15 19:53 . 2008-11-15 20:16 <DIR> d-------- c:\windows\SxsCaPendDel 2008-11-15 19:53 . 2008-07-06 14:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll 2008-11-15 19:53 . 2008-07-06 14:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll 2008-11-15 19:53 . 2008-07-06 12:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2008-11-15 19:53 . 2008-07-06 14:06 575,488 --------- c:\windows\system32\xpsshhdr.dll 2008-11-15 19:53 . 2008-07-06 14:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll 2008-11-15 19:53 . 2008-07-06 14:06 117,760 --------- c:\windows\system32\prntvpt.dll 2008-11-15 19:53 . 2008-07-06 14:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2008-11-15 19:48 . 2008-11-15 19:48 <DIR> d-------- c:\program files\MSXML 6.0 2008-11-15 19:31 . 2008-02-28 13:26 1,414,440 --a------ c:\windows\system32\ShellManager310E2D762.dll 2008-11-15 19:31 . 2008-02-28 13:01 774,144 --a------ c:\windows\system32\NEROINSTAEC43759.DB 2008-11-15 19:22 . 2008-11-15 19:22 <DIR> d-------- c:\program files\Common Files\Scanner 2008-11-15 14:45 . 2008-10-10 04:52 4,379,984 --a------ c:\windows\system32\D3DX9_40.dll 2008-11-15 14:45 . 2008-10-10 04:52 2,036,576 --a------ c:\windows\system32\D3DCompiler_40.dll 2008-11-15 14:45 . 2008-10-27 10:04 514,384 --a------ c:\windows\system32\XAudio2_3.dll 2008-11-15 14:45 . 2008-10-10 04:52 452,440 --a------ c:\windows\system32\d3dx10_40.dll 2008-11-15 14:45 . 2008-10-27 10:04 235,856 --a------ c:\windows\system32\xactengine3_3.dll 2008-11-15 14:45 . 2008-10-27 10:04 70,992 --a------ c:\windows\system32\XAPOFX1_2.dll 2008-11-15 14:45 . 2008-10-27 10:04 23,376 --a------ c:\windows\system32\X3DAudio1_5.dll 2008-11-14 21:34 . 2008-11-14 21:46 138,376 --a------ c:\windows\system32\drivers\PnkBstrK.sys 2008-11-14 21:33 . 2008-11-14 21:45 182,928 --a------ c:\windows\system32\PnkBstrB.exe 2008-11-14 21:33 . 2008-11-14 21:33 66,872 --a------ c:\windows\system32\PnkBstrA.exe 2008-11-10 18:39 . 2008-11-10 18:39 <DIR> d--hs---- c:\windows\ftpcache 2008-10-30 23:28 . 2008-11-15 19:31 <DIR> d-------- c:\program files\Common Files\Nero 2008-10-24 13:57 . 2008-10-24 13:57 <DIR> d-------- c:\windows\lhsp 2008-10-24 13:56 . 2008-10-24 13:56 <DIR> d-------- c:\windows\speech 2008-10-24 13:56 . 1999-04-12 23:00 1,046,288 --a------ c:\windows\system32\MSJET35.DLL 2008-10-24 13:56 . 1996-10-23 23:00 803,680 --a------ c:\windows\system32\AXDIST.EXE 2008-10-24 13:56 . 1999-04-12 23:00 415,504 --a------ c:\windows\system32\MSREPL35.DLL 2008-10-24 13:56 . 1998-04-23 23:00 252,176 --a------ c:\windows\system32\MSRD2X35.DLL 2008-10-24 13:56 . 1998-04-23 23:00 123,664 --a------ c:\windows\system32\MSJINT35.DLL 2008-10-24 13:56 . 1998-04-23 23:00 24,848 --a------ c:\windows\system32\MSJTER35.DLL 2008-10-24 13:55 . 2008-10-24 13:55 <DIR> d-------- c:\program files\QFIT 2008-10-24 13:54 . 1998-10-01 14:22 373,248 --a------ c:\windows\uninst.exe 2008-10-24 00:37 . 2008-10-24 00:40 37 --a------ c:\windows\entpack.ini 2008-10-24 00:36 . 2008-10-24 00:36 <DIR> d-------- c:\documents and settings\Andrei\WINDOWS 2008-10-24 00:36 . 1991-09-11 23:00 271,264 --a------ c:\windows\VBRUN100.DLL 2008-10-24 00:36 . 1991-09-11 23:00 19,200 --a------ c:\windows\WEPUTIL.DLL 2008-10-24 00:23 . 2008-10-24 00:31 <DIR> d-------- c:\program files\Beat the House! 2008-10-22 16:11 . 2008-10-22 16:11 <DIR> d-------- c:\program files\EA SPORTS . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-16 15:10 --------- d-----w c:\program files\Common Files\Symantec Shared 2008-11-16 15:01 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec 2008-11-16 02:35 --------- d-----w c:\documents and settings\Andrei\Application Data\uTorrent 2008-11-15 17:21 --------- d-----w c:\program files\Yahoo! 2008-11-14 18:12 --------- d--h--w c:\program files\InstallShield Installation Information 2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-22 12:27 --------- d-----w c:\program files\SystemRequirementsLab 2008-10-16 12:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 12:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 12:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 12:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 12:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 12:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 12:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 12:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-12 18:48 --------- d-----w c:\program files\RegCure 2008-10-11 19:10 --------- d-----w c:\program files\4U Computing 2008-10-08 20:07 --------- d-----w c:\program files\Winamp 2008-10-01 21:02 --------- d-----w c:\documents and settings\Andrei\Application Data\temp 2008-09-30 14:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll 2008-09-25 14:14 107,888 ----a-w c:\windows\system32\CmdLineExt.dll 2008-09-15 14:52 43,520 ----a-w c:\windows\system32\CmdLineExt03.dll 2008-09-15 11:57 1,846,016 ----a-w c:\windows\system32\win32k.sys 2008-09-04 16:42 1,106,944 ----a-w c:\windows\system32\msxml3.dll 2008-08-29 18:06 1,350,664 ----a-w c:\windows\system32\msxml6.dll 2008-08-26 07:24 826,368 ----a-w c:\windows\system32\wininet.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-07-16 4748528] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 391296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-06-15 729178] "Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2005-08-01 315454] "eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2005-10-11 409600] "DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2005-11-09 128920] "BigDog303"="c:\windows\VM303_STI.EXE" [2005-06-23 61440] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 1 (0x1) "DisableRegistryTools"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.X264"= x264vfw.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a------ 2007-05-08 16:24 128568 c:\program files\Hp\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant] --a------ 2005-05-04 09:59 864256 c:\program files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2007-09-25 01:11 210320 c:\program files\Java\jre1.6.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] -ra------ 2006-03-30 15:45 391296 c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "UacDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "UacDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "c:\\Program Files\\uTorrent\\utorrent.exe"= "c:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe"= "c:\\Program Files\\RegCure\\RegCure.exe"= "c:\\Program Files\\HPQ\\Default Settings\\cpqset.exe"= "c:\\WINDOWS\\system32\\netsh.exe"= "c:\\WINDOWS\\system32\\CF7780.exe"= *Newly Created Service* - PROCEXP90 . Contents of the 'Scheduled Tasks' folder 2008-01-24 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57] 2008-11-16 c:\windows\Tasks\RegCure Program Check.job - c:\program files\RegCure\RegCure.exe [2008-10-12 20:39] 2008-11-13 c:\windows\Tasks\RegCure.job - c:\program files\RegCure\RegCure.exe [2008-10-12 20:39] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/ TCP: {0F51DFD2-F06A-4BDD-8391-582E5E040C3F} = 193.231.252.1 213.154.124.1 c:\windows\Downloaded Program Files\sysreqlab3.dll - c:\windows\Downloaded Program Files\sysreqlab_srl.dll O16 -: {1E54D648-B804-468d-BC78-4AFFED8E262E} hxxp://www.srtest.com/srl_bin/sysreqlab_srl.cab c:\windows\Downloaded Program Files\sysreqlab.osd . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-17 00:17:41 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????6?0?5?8??????? ???B?????????????hLC? ?????? BigDog303 = c:\windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)????????????????0?????????@?????????????? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-11-17 0:19:28 ComboFix-quarantined-files.txt 2008-11-16 22:19:21 Pre-Run: 2,074,456,064 bytes free Post-Run: 3,129,520,128 bytes free WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect 188 --- E O F --- 2008-11-16 17:58:38 Acum cand incerc sa intru in HiJackThis imi da eroare cu Don't send.O sa-l dezinstalez si o sa-l descarc iar de pe site sa vad poate merge. Nu merge sa dezinstalez HiJackThis Pana la urma am reusit sa il fac iar sa imi scaneze.Acesta este log-ul : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:29:45 AM, on 11/17/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\DAEMON Tools\daemon.exe C:\WINDOWS\VM303_STI.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\UAService7.exe C:\Program Files\HPQ\shared\hpqwmi.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\explorer.exe C:\DOCUME~1\Andrei\LOCALS~1\Temp\bbqqhr.exe C:\DOCUME~1\Andrei\LOCALS~1\Temp\winishinb.exe C:\DOCUME~1\Andrei\LOCALS~1\Temp\qjpnin.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.co...sreqlab_srl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp...ads/sysinfo.cab O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemreq.../sysreqlab2.cab O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.h...ctDetection.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.h...ctDetection.cab O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp...oads/msxml4.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{0F51DFD2-F06A-4BDD-8391-582E5E040C3F}: NameServer = 193.231.252.1 213.154.124.1 O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Windows CardSpace (idsvc) - Macrovision Corporation - (no file) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe -- End of file - 6223 bytes |
#18
Posted 17 November 2008 - 01:29
Dupa ce am folosit programele respective mi-a mers pana la urma sa dau scan si cu Nod32 online.Mi-a gasit 222 de threats.
Attached Files |
Anunturi
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users