Jump to content

SUBIECTE NOI
« 1 / 5 »
RSS
ce este un bitrate ?

Optimizare setari router wireless

HDMI TV SAMSUNG

Nou la U.P.C. - București - ...
 Tastatura pentru TV Samsung Smart...

PC second-hand

Centrala Electrica + Panouri sola...

Problema PC: dupa schimbarea proc...
 Predare in Limba Engleza.

Problema driver mouse

diferenta curs valutar intre deal...

Achizitie PC 2500 lei fost "U...
 Sfat achizitie workstation

Cerneala pentru EPSON L800

Nu pot instala placa de retea

Telefon buget 650+
 
Forumul Softpedia folosește "cookies" pentru a oferi utilizatorilor o experiență completă. Vezi detalii sau închide mesaj (x)

Ajutor curatare calculator de virusi

  • Please log in to reply
7 replies to this topic

#1
nedelea91

nedelea91

    Junior

  • Grup: Members
  • Posts: 105
  • Înscris: 24.06.2008
  • ID membru: 340,695
  • Locație: Prahova

 Rog ajutor, cunostintele mele sunt foarte reduse in acest domeniu. Am scanat calculatorul cu Avira si am primit urmatorul raport:
Avira AntiVir Personal
Report file date: Sunday, March 29, 2009  20:33

Scanning for 1328914 virus strains and unwanted programs.

Licensed to:      Avira AntiVir PersonalEdition Classic
Serial number:    0000149996-ADJIE-0001
Platform:         Windows XP
Windows version:  (Service Pack 2)  [5.1.2600]
Boot mode:        Normally booted
Username:         SYSTEM
Computer name:    HOME

Version information:
BUILD.DAT     : 8.2.0.347      16934 Bytes   3/16/2009 14:45:00
AVSCAN.EXE    : 8.1.4.10      315649 Bytes  11/18/2008 07:21:26
AVSCAN.DLL    : 8.1.4.0        40705 Bytes   5/26/2008 06:56:40
LUKE.DLL      : 8.1.4.5       164097 Bytes   6/12/2008 11:44:19
LUKERES.DLL   : 8.1.4.0        12033 Bytes   5/26/2008 06:58:52
ANTIVIR0.VDF  : 7.1.0.0     15603712 Bytes  10/27/2008 10:30:36
ANTIVIR1.VDF  : 7.1.2.12     3336192 Bytes   2/11/2009 18:50:10
ANTIVIR2.VDF  : 7.1.2.199    1008640 Bytes   3/22/2009 15:36:04
ANTIVIR3.VDF  : 7.1.2.228     257024 Bytes   3/27/2009 18:37:01
Engineversion : 8.2.0.129 
AEVDF.DLL     : 8.1.1.0       106868 Bytes   1/30/2009 17:05:32
AESCRIPT.DLL  : 8.1.1.70      369019 Bytes   3/27/2009 18:37:08
AESCN.DLL     : 8.1.1.8       127346 Bytes    3/7/2009 13:29:08
AERDL.DLL     : 8.1.1.3       438645 Bytes   11/4/2008 12:58:38
AEPACK.DLL    : 8.1.3.11      397687 Bytes   3/27/2009 18:37:07
AEOFFICE.DLL  : 8.1.0.36      196987 Bytes   2/27/2009 13:19:13
AEHEUR.DLL    : 8.1.0.111    1679736 Bytes   3/27/2009 18:37:05
AEHELP.DLL    : 8.1.2.2       119158 Bytes   2/27/2009 13:19:09
AEGEN.DLL     : 8.1.1.31      340341 Bytes   3/27/2009 18:37:02
AEEMU.DLL     : 8.1.0.9       393588 Bytes  10/14/2008 09:05:56
AECORE.DLL    : 8.1.6.6       176501 Bytes   2/19/2009 18:51:26
AEBB.DLL      : 8.1.0.3        53618 Bytes  10/14/2008 09:05:56
AVWINLL.DLL   : 1.0.0.12       15105 Bytes    7/9/2008 07:40:05
AVPREF.DLL    : 8.0.2.0        38657 Bytes   5/16/2008 08:28:01
AVREP.DLL     : 8.0.0.2        98344 Bytes   7/31/2008 11:02:15
AVREG.DLL     : 8.0.0.1        33537 Bytes    5/9/2008 10:26:40
AVARKT.DLL    : 1.0.0.23      307457 Bytes   2/12/2008 07:29:23
AVEVTLOG.DLL  : 8.0.0.16      119041 Bytes   6/12/2008 11:27:49
SQLITE3.DLL   : 3.3.17.1      339968 Bytes   1/22/2008 16:28:02
SMTPLIB.DLL   : 1.2.0.23       28929 Bytes   6/12/2008 11:49:40
NETNT.DLL     : 8.0.0.1         7937 Bytes   1/25/2008 11:05:10
RCIMAGE.DLL   : 8.0.0.51     2371841 Bytes   6/12/2008 12:48:07
RCTEXT.DLL    : 8.0.52.0       86273 Bytes   6/27/2008 12:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:, 
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: Sunday, March 29, 2009  20:33

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'opera.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'ATKKBService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sqlmangr.exe' - '1' Module(s) have been scanned
Scan process 'MFIndexer.exe' - '1' Module(s) have been scanned
Scan process 'YahooMessenger.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'opwareSE2.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'winampa.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
33 processes with 33 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
    [INFO]      No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
    [INFO]      No virus was found!
Boot sector 'D:\'
    [INFO]      No virus was found!
Boot sector 'E:\'
    [INFO]      No virus was found!

Starting to scan the registry.
The registry was scanned ( '54' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
    [WARNING]   The file could not be opened!
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\P1BHGYED\upgrade[1].cab
    [0] Archive type: CAB (Microsoft)
      --> upgrade.exe
        [1] Archive type: NSIS
        --> [UnknownDir]/seekeen.exe
          [DETECTION] Is the TR/BHO.OneStepSearch.56 Trojan
    [NOTE]      The file was moved to '4a36b191.qua'!
C:\Documents and Settings\user\Local Settings\Application Data\Opera\Opera\profile\cache4\temporary_download\CursorManiaSetup2.3.50.26.ZCman000.exe
    [0] Archive type: RSRC
      --> Object
        [1] Archive type: CAB (Microsoft)
        --> mwsSetup.CommonCodebase.exe
          [DETECTION] Contains recognition pattern of the DR/MyWebSearch.AU dropper
    [NOTE]      The file was moved to '4a41b204.qua'!
C:\Documents and Settings\user\Local Settings\Application Data\Opera\Opera\profile\cache4\temporary_download\vlc-0.9.8a-win32.exe
    [0] Archive type: NSIS
    --> ProgramFilesDir/libquicktime_plugin.dll
      [WARNING]   No further files can be extracted from this archive. The archive will be closed
C:\Documents and Settings\user\Local Settings\Application Data\Opera\Opera\profile\cache4\temporary_download\X12-30196.exe
    [0] Archive type: CAB SFX (self extracting)
    --> README.HTM
      [WARNING]   No further files can be extracted from this archive. The archive will be closed
C:\System Volume Information\_restore{447D541C-204F-4385-B3F1-7144A4121CA5}\RP203\A0192300.exe
    [0] Archive type: RSRC
      --> Object
        [1] Archive type: CAB (Microsoft)
        --> mwsSetup.CommonCodebase.exe
          [DETECTION] Contains recognition pattern of the DR/MyWebSearch.AU dropper
    [NOTE]      The file was moved to '4a00b5fe.qua'!
C:\WINDOWS\Temp\SEE16F.tmp\upgrade.exe
    [0] Archive type: NSIS
    --> [UnknownDir]/seekeen.exe
      [DETECTION] Is the TR/BHO.OneStepSearch.56 Trojan
    [NOTE]      The file was moved to '4a36b8ed.qua'!
Begin scan in 'D:\' <Local Disk (D:)>
Begin scan in 'E:\' <FILME/JOCURY/MUZIKA!!!>
E:\jocury\pestisorul\pestisorul.ace
    [0] Archive type: ACE
    --> FeedingFrenzy.exe
      [WARNING]   No further files can be extracted from this archive. The archive will be closed


End of the scan: Sunday, March 29, 2009  21:22
Used time: 48:16 Minute(s)

The scan has been done completely.

   5141 Scanning directories
 544458 Files were scanned
      4 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      4 files were moved to quarantine
      0 files were renamed
      1 Files cannot be scanned
 544453 Files not concerned
   8606 Archives were scanned
      4 Warnings
      4 Notes
 Ce trebue sa fac pentru devirusare??????

#2
rootkit

rootkit

    Awake. Security DNA

  • Grup: Senior Members
  • Posts: 34,883
  • Înscris: 07.02.2007
  • ID membru: 139,332
  • Locație: AntiMalware HQ
Descarca Dr. Web CureIt: ftp://ftp.drweb.com/pub/drweb/cureit/launch.exe

Scaneaza cu el full.

#3
nedelea91

nedelea91

    Junior

  • Grup: Members
  • Posts: 105
  • Înscris: 24.06.2008
  • ID membru: 340,695
  • Locație: Prahova

View Postcrysty2k5, on Mar 29 2009, 20:27, said:

Descarca Dr. Web CureIt: ftp://ftp.drweb.com/pub/drweb/cureit/launch.exe

Scaneaza cu el full.
  Am scanat si mi-a dat urmatorul rezultat:


 mwssrcas.dll    c:/program files/mywebsear...   Adware.Websearch.13

20090220202235.reg  C:/Program Files/Abexo/afr...   ProbablySCRIPT.Virus

MWSSRCAS.DLL  C:/Program Files/MyWebSe...  Adware.Websearch.13

#4
rootkit

rootkit

    Awake. Security DNA

  • Grup: Senior Members
  • Posts: 34,883
  • Înscris: 07.02.2007
  • ID membru: 139,332
  • Locație: AntiMalware HQ
Bun. Curata alea.

Descarca Malwarebytes Anti-Malware si salveaza-l pe Desktop.
Instaleaza-l si la sfarsit asigura-te ca ai bifat urmatoarele: Update Malwarebytes' Anti-Malware si Launch Malwarebytes' Anti-Malware. Apoi apasa Finish.
Dupa lansarea programului, selecteaza Perform full scan si apoi apasa pe Scan.
La terminarea scanarii apasa OK si apoi Show Results. Asigura-te ca e totul bifat si apoi apasa Remove Selected.
La final se va deschide un fisier in Notepad cu rezultatele scanarii. Posteaza continutul lui aici.

#5
nedelea91

nedelea91

    Junior

  • Grup: Members
  • Posts: 105
  • Înscris: 24.06.2008
  • ID membru: 340,695
  • Locație: Prahova

View Postcrysty2k5, on Mar 30 2009, 18:42, said:

Bun. Curata alea.

Descarca Malwarebytes Anti-Malware si salveaza-l pe Desktop.
Instaleaza-l si la sfarsit asigura-te ca ai bifat urmatoarele: Update Malwarebytes' Anti-Malware si Launch Malwarebytes' Anti-Malware. Apoi apasa Finish.
Dupa lansarea programului, selecteaza Perform full scan si apoi apasa pe Scan.
La terminarea scanarii apasa OK si apoi Show Results. Asigura-te ca e totul bifat si apoi apasa Remove Selected.
La final se va deschide un fisier in Notepad cu rezultatele scanarii. Posteaza continutul lui aici.

Malwarebytes' Anti-Malware 1.35
Database version: 1919
Windows 5.1.2600 Service Pack 2

30.03.2009 21:44:33
mbam-log-2009-03-30 (21-44-33).txt

Scan type: Full Scan (C:\|D:\|E:\|)
Objects scanned: 144556
Time elapsed: 28 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 11
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{248dd897-bb45-11cf-9abc-0080c7e7b78d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{248dd890-bb45-11cf-9abc-0080c7e7b78d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{248dd892-bb45-11cf-9abc-0080c7e7b78d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{248dd893-bb45-11cf-9abc-0080c7e7b78d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{248dd896-bb45-11cf-9abc-0080c7e7b78d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\MSWINSCK.OCX (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\MSWINSCK.OCX (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\wadv07nt.sys (Rootkit.Agent.V) -> Quarantined and deleted successfully.

#6
rootkit

rootkit

    Awake. Security DNA

  • Grup: Senior Members
  • Posts: 34,883
  • Înscris: 07.02.2007
  • ID membru: 139,332
  • Locație: AntiMalware HQ
Bun. Fa update la Avira si ruleaza cu el un scan :)

Poate chiar si upgrade la versiunea 9 de la Avira ;)

#7
nedelea91

nedelea91

    Junior

  • Grup: Members
  • Posts: 105
  • Înscris: 24.06.2008
  • ID membru: 340,695
  • Locație: Prahova

View Postcrysty2k5, on Mar 30 2009, 21:02, said:

Bun. Fa update la Avira si ruleaza cu el un scan :)

Poate chiar si upgrade la versiunea 9 de la Avira ;)
 Respectele mele crysty2k5, l-am updatat si un full scan si am detections 0. Multe, multe, multumiri. Sunt :D !!!!!!!!!!!!!!!!!!!

#8
rootkit

rootkit

    Awake. Security DNA

  • Grup: Senior Members
  • Posts: 34,883
  • Înscris: 07.02.2007
  • ID membru: 139,332
  • Locație: AntiMalware HQ
E ok atunci.

Daca mai ai probleme, revino aici ;)

Reclamă

Bun venit pe Forumul Softpedia!

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users