Neurochirurgie minim invazivă
"Primum non nocere" este ideea ce a deschis drumul medicinei spre minim invaziv. Avansul tehnologic extraordinar din ultimele decenii a permis dezvoltarea tuturor domeniilor medicinei. Microscopul operator, neuronavigația, tehnicile anestezice avansate permit intervenții chirurgicale tot mai precise, tot mai sigure. Neurochirurgia minim invazivă, sau prin "gaura cheii", oferă pacienților posibilitatea de a se opera cu riscuri minime, fie ele neurologice, infecțioase, medicale sau estetice. www.neurohope.ro |
Blank Destkop & pornire My Documents la Startup
Last Updated: Nov 09 2010 19:49, Started by
rizwan
, Nov 09 2010 15:58
·
0
#1
Posted 09 November 2010 - 15:58
Salut.
Am facut ce-am facut ca am dat peste un virus care, la startup imi arata un desktop negru si My Documents pornit. Ca sa imi apara explorerul trebuie sa-l inchid din Task Manager si sa dau New Task. Logfile of Trend Micro HiJackThis v2.0.4 Scan saved at 3:57:35 PM, on 9/11/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\explorer.exe D:\Programe\Avira\AntiVir Desktop\avgnt.exe D:\Programe\Mouse\Amoumain.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\Windows Sidebar\sidebar.exe D:\Programe\DAEMON Tools Lite\DTLite.exe D:\Programe\Opera\opera.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe D:\Programe\Yahoo!\Messenger\ymsgr_tray.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Razvan\Desktop\HiJackThis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: Shell=explorer.exe rundll32.exe hjdt.qto etmbw O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Programe\BitComet\tools\BitCometBHO_1.3.7.16.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [avgnt] "D:\Programe\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [WheelMouse] d:\Programe\Mouse\Amoumain.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "D:\Programe\Nero\Nero 8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programe\Adobe\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programe\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\Programe\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Programe\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Programe\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Programe\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Programe\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - D:\Programe\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Programe\Avira\AntiVir Desktop\avguard.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Programe\Nero\Nero 8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- End of file - 6038 bytes |
#2
Posted 09 November 2010 - 16:01
Bifeaza si apasa Fix checked in HiJackThis pentru:
Quote F2 - REG:system.ini: Shell=explorer.exe rundll32.exe hjdt.qto etmbw Ruleaza apoi asta: http://download.bleepingcomputer.com/reg/shell.reg Apoi... Descarca Malwarebytes Anti-Malware 1.46 si salveaza-l pe Desktop. Instaleaza-l si la sfarsit asigura-te ca ai bifat urmatoarele: Update Malwarebytes' Anti-Malware si Launch Malwarebytes' Anti-Malware. Apoi apasa Finish. [ http://i53.tinypic.com/13za8f8.png - Pentru incarcare in pagina (embed) Click aici ] [ http://i54.tinypic.com/2dtq001.png - Pentru incarcare in pagina (embed) Click aici ] [ http://i53.tinypic.com/qrerzm.png - Pentru incarcare in pagina (embed) Click aici ] [ http://i54.tinypic.com/2wnpfr6.png - Pentru incarcare in pagina (embed) Click aici ] [ http://i54.tinypic.com/15i7tea.png - Pentru incarcare in pagina (embed) Click aici ] [ http://i55.tinypic.com/1ikapc.png - Pentru incarcare in pagina (embed) Click aici ] [ http://i51.tinypic.com/2efpyfl.png - Pentru incarcare in pagina (embed) Click aici ] [ http://i56.tinypic.com/5xo5g8.png - Pentru incarcare in pagina (embed) Click aici ] [ http://i53.tinypic.com/2e2dnkn.png - Pentru incarcare in pagina (embed) Click aici ] Dupa lansarea programului, click pe tab-ul Update si apasa butonul Check for Updates pentru a verifica daca definitiile descarcate sunt ultimele. Database version: 5XXX [ http://i52.tinypic.com/9fyxjr.png - Pentru incarcare in pagina (embed) Click aici ] [ http://i52.tinypic.com/5ytef5.png - Pentru incarcare in pagina (embed) Click aici ] [ http://i51.tinypic.com/2gw53z7.png - Pentru incarcare in pagina (embed) Click aici ] Click pe tab-ul Scanner, selecteaza Perform full scan si apoi apasa pe Scan. [ http://i54.tinypic.com/23h3pj7.png - Pentru incarcare in pagina (embed) Click aici ] La terminarea scanarii apasa OK si apoi Show Results. [ http://i55.tinypic.com/1z1yavt.png - Pentru incarcare in pagina (embed) Click aici ] [ http://i55.tinypic.com/2cygmc5.png - Pentru incarcare in pagina (embed) Click aici ] Asigura-te ca e totul bifat si apoi apasa Remove Selected. [ http://i53.tinypic.com/2rrqi2q.png - Pentru incarcare in pagina (embed) Click aici ] La final se va deschide un fisier in Notepad cu rezultatele scanarii. Posteaza continutul lui aici. [ http://i53.tinypic.com/1zxazrk.png - Pentru incarcare in pagina (embed) Click aici ] [ http://i56.tinypic.com/2enrbwj.png - Pentru incarcare in pagina (embed) Click aici ] Daca ai dat restart pentru indepartare malware din PC, log-ul il gasesti in fereastra principala in cadrul tab-ului Logs. Verifica sa fie ultimul(dupa data din numele fisierului .txt.) [ http://i51.tinypic.com/2yllhk5.png - Pentru incarcare in pagina (embed) Click aici ] [ http://i53.tinypic.com/1zxazrk.png - Pentru incarcare in pagina (embed) Click aici ] |
#3
Posted 09 November 2010 - 19:27
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org Database version: 4059 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 9/11/2010 7:26:23 PM mbam-log-2010-11-09 (19-26-23).txt Scan type: Full scan (C:\|D:\|E:\|F:\|) Objects scanned: 357054 Time elapsed: 49 minute(s), 9 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 3 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Nvchost (Trojan.Goldun) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\idid (Trojan.Sasfix) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: C:\Users\Razvan\Desktop\ac2.crack\crack\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> Quarantined and deleted successfully. C:\Program Files\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> Not selected for removal. C:\Program Files\Ubisoft\Ubisoft Game Launcher\crack\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> Not selected for removal. Am debifat eu acel ubisoft, pentru ca stiu ce este si este pus acolo cu bună știință. Nu cred că el este cauza pentru Blank Destop si My Doc ala. Edited by rizwan, 09 November 2010 - 19:28. |
Anunturi
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users