Jump to content

SUBIECTE NOI
« 1 / 5 »
RSS
Cum accesez site-ul CNAS ?

Algoritm simplu de calculare al u...

Bitdefender Total Security ș...

casa verde 2024
 Intrerupator cu N - doza doar cu ...

Incalzire casa fara gaz/lemne

Incalzire in pardoseala etapizata

Suprataxa card energie?!
 Cum era nivelul de trai cam din a...

probleme cu ochelarii

Impozite pe proprietati de anul v...

teava rezistenta panou apa calda
 Acces in Curte din Drum National

Sub mobila de bucatarie si sub fr...

Rezultat RMN

Numar circuite IPAT si prindere t...
 

Iexplore.exe Si Explorer.exe

- - - - -
  • Please log in to reply
3 replies to this topic

#1
vsorin

vsorin

    New Member

  • Grup: Members
  • Posts: 15
  • Înscris: 09.10.2004
la conectarea la IE apare fereastra de atentionare ca iexplore.exe a generat o eroare si Win va fi restartat. de curind acelasi mesaj imi apare dar specifica explorer.exe. inaintea lor aveam un mesaj pt messenger de tipul Ypager.exe a generat o eroare de logare si Win va trebui restartat. am scanat pc : nu exista virusi, firewall este instalat, cu omniquad-antispy am gasit trei registri infectati cu Bonzi Buddy(adusi odata co opera probabil) si cu system spy folder:Wise Installation Wizard din Common Files din Program Files.
AM NEVOIE DE AJUTOR DEOARECE NU MAI STIU CE SA FAC. In registri mi-a fost frica sa fac modificari.
mai nou la apasarea tastei caps lock ca sa o dezactivez nu se intimpla nimic , dezactivarea se realizeaza daca apas tasta shift . Care poate fi motivul?

#2
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Fa download la HijackThis! 1.98.2 de aici

Extrage hijackthis.exe intr-un folder al lui, de exemplu c:\hjt, executa HijackThis.exe, apasa SCAN si apoi SAVE LOG. Posteaza log-ul aici.

Nu fixa nimic cu HJT, cele mai multe intrari de acolo sunt legitime !

O mai fi si altceva pe acolo in afara de BonziBuddy. Nu cred ca Opera instaleaza adware poate l-ai instalat cu altceva.

#3
vsorin

vsorin

    New Member

  • Grup: Members
  • Posts: 15
  • Înscris: 09.10.2004
intre timp am facut o scanare cu ad-aware SE Personal  si am gasit  8 key registri si o cheie infectate.pe care m-am suparat si le-am sters + 10 fisiere .
am facut scanarea cu hijacthis si mai jos este copia dupa rezultate:

Logfile of HiJackThis v1.98.2
Scan saved at 10:45:56 PM, on 10/9/2004
Platform: Windows 2000 SP1 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\carpserv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Omniquad AntiSpy\AntiSpy.exe
C:\WINNT\System32\internat.exe
C:\Program Files\OLYMPUS\CAMEDIA Master 4.1\CM_camera.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\hijack\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.yahoo.com/?.intl=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn0\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn0\ycomp5_3_12_0.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [AntiSpy] C:\Program Files\Omniquad AntiSpy\AntiSpy.exe startup
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: CAMEDIA Master.lnk = C:\Program Files\OLYMPUS\CAMEDIA Master 4.1\CM_camera.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0527.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0527.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.c...utocomplete.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{27BA967C-6E6B-4E75-AA6F-102535A98928}: NameServer = 212.93.136.2,212.93.137.18
O17 - HKLM\System\CS1\Services\Tcpip\..\{27BA967C-6E6B-4E75-AA6F-102535A98928}: NameServer = 212.93.136.2,212.93.137.18
O17 - HKLM\System\CS2\Services\Tcpip\..\{27BA967C-6E6B-4E75-AA6F-102535A98928}: NameServer = 212.93.136.2,212.93.137.18
O17 - HKLM\System\CS3\Services\Tcpip\..\{27BA967C-6E6B-4E75-AA6F-102535A98928}: NameServer = 212.93.136.2,212.93.137.18

astept un raspuns,
multumesc.

#4
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
vsorin log-ul e curat.

Update W2K si instaleaza Service Pack 4. De asemenea Internet Explorer - instaleaza SP1.

Poti fixa astea cu HijackThis:
Porneste hijackthis.exe, inchide toate ferestrele si browserul Internet Explorer, apasa SCAN, bifeaza (numai) cele doua intrari de mai jos si apasa Fix Checked.

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com


Intrarile de mai sus sunt instalate odata cu Yahoo Messenger si sunt considerate spyware de multi experti.

Spune-mi daca mai ai probleme dupa update la OS si Internet Explorer.

Omniquad AntiSpy nu e un Anti-Spy rau, dar iti recomand sa folosesti PestPatrol, Ad-Aware SE si Spybot Search & Destroy + SpywareBlaster. Gasesti ultimele versiuni la Sofware Softpedia.

Anunturi

Chirurgia spinală minim invazivă Chirurgia spinală minim invazivă

Chirurgia spinală minim invazivă oferă pacienților oportunitatea unui tratament eficient, permițându-le o recuperare ultra rapidă și nu în ultimul rând minimizând leziunile induse chirurgical.

Echipa noastră utilizează un spectru larg de tehnici minim invazive, din care enumerăm câteva: endoscopia cu variantele ei (transnazală, transtoracică, transmusculară, etc), microscopul operator, abordurile trans tubulare și nu în ultimul rând infiltrațiile la toate nivelurile coloanei vertebrale.

www.neurohope.ro

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Forumul Softpedia foloseste "cookies" pentru a imbunatati experienta utilizatorilor Accept
Pentru detalii si optiuni legate de cookies si datele personale, consultati Politica de utilizare cookies si Politica de confidentialitate