![]() |
Neurochirurgie minim invazivă
"Primum non nocere" este ideea ce a deschis drumul medicinei spre minim invaziv. Avansul tehnologic extraordinar din ultimele decenii a permis dezvoltarea tuturor domeniilor medicinei. Microscopul operator, neuronavigația, tehnicile anestezice avansate permit intervenții chirurgicale tot mai precise, tot mai sigure. Neurochirurgia minim invazivă, sau prin "gaura cheii", oferă pacienților posibilitatea de a se opera cu riscuri minime, fie ele neurologice, infecțioase, medicale sau estetice. www.neurohope.ro |
Virus Backdoor
Last Updated: Aug 18 2006 07:58, Started by
championul
, Aug 17 2006 14:00
·
0
![](https://forum.softpedia.com//public/style_images/classic/icon_users.png)
#1
Posted 17 August 2006 - 14:00
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Am reusit sa iau astazi un virus imi provoaca pagube mari. Virusul mi-a inchis antivirusul si acesta nu vrea sa mai porneasca. Am incercat cu mai multi antivirusi si la fel mi-a facut. Am incercat chiar si cu o scanare on-line dar Internet Explorer nu ma lasa sa downloadez ActiveX-ul necesar(mentionez ca am schimbat setarile de securitate la low si chiar si asa am mai scanat online inainte de a avea problema cu virusul asta). Am downloadad HiJackThis si postez aici log-ul:
Logfile of HijackThis v1.99.1 Scan saved at 14:57:08, on 17.08.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Softwin\BitDefender9\bdmcon.exe C:\Program Files\Softwin\BitDefender9\bdoesrv.exe C:\Program Files\Softwin\BitDefender9\bdnagent.exe C:\Program Files\Softwin\BitDefender9\bdswitch.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe c:\windows\system32\winlog.exe C:\WINDOWS\system32\notepad.exe C:\Documents and Settings\Adminu\Desktop\HijackThis.exe D:\Downloads\'de vazut ce ai in ram - bestial\autoruns v432.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\regedit.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ro/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Razvan R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F0 - system.ini: Shell=Explorer.exe c:\windows\system32\winlog.exe F1 - win.ini: run=c:\windows\system32\winlog.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe" O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe" O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [regguard] c:\windows\system32\winlog.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\RunServices: [regguard] c:\windows\system32\winlog.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {93B52CD5-EDFF-4405-8975-754100710FD5} (GameLauncher Control) - http://www.linkmania...amelauncher.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Program Files\Eset\nod32krn.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) am mai facut ceva: am luat un program care scaneaza si "vede" ce ai in memorie. Am gasit acolo asa: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify + cscdll Offline Network Agent Microsoft Corporation C:\WINDOWS\system32\cscdll.dll + ScCertProp Common DLL to receive Winlogon notifications Microsoft Corporation C:\WINDOWS\system32\wlnotify.dll + Schedule Common DLL to receive Winlogon notifications Microsoft Corporation C:\WINDOWS\system32\wlnotify.dll + SensLogn Common DLL to receive Winlogon notifications Microsoft Corporation C:\WINDOWS\system32\wlnotify.dll + termsrv Common DLL to receive Winlogon notifications Microsoft Corporation C:\WINDOWS\system32\wlnotify.dll + wlballoon Common DLL to receive Winlogon notifications Microsoft Corporation C:\WINDOWS\system32\wlnotify.dll HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit + C:\WINDOWS\system32\userinit.exe Userinit Logon Application Microsoft Corporation C:\WINDOWS\system32\userinit.exe HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell + Explorer.exe Windows Explorer Microsoft Corporation C:\WINDOWS\explorer.exe HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run + BDMCon BitDefender Management Console SOFTWIN S.R.L. C:\Program Files\Softwin\BitDefender9\bdmcon.exe + BDNewsAgent BitDefender News Agent SOFTWIN S.R.L C:\Program Files\Softwin\BitDefender9\bdnagent.exe + BDOESRV bdoesrv application SOFTWIN SRL C:\Program Files\Softwin\BitDefender9\bdoesrv.exe + BDSwitchAgent C:\Program Files\Softwin\BitDefender9\bdswitch.exe + NeroFilterCheck NeroCheck Ahead Software Gmbh C:\WINDOWS\system32\NeroCheck.exe + nod32kui C:\Program Files\ESET\nod32kui.exe + regguard c:\WINDOWS\system32\winlog.exe HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components + Address Book 6 Outlook Express Setup Library Microsoft Corporation C:\Program Files\OUTLOOK EXPRESS\setup50.exe + Browser Customizations Microsoft Internet Explorer Customization DLL Microsoft Corporation C:\WINDOWS\system32\iedkcs32.dll + Internet Explorer Windows NT User Data Migration Tool Microsoft Corporation C:\WINDOWS\system32\shmgrate.exe + Internet Explorer C:\WINDOWS\system32\SETUPAPI.exe + Internet Explorer 6 IE 5.0 Per-User Install Utility Microsoft Corporation C:\WINDOWS\system32\ie4uinit.exe + Microsoft Outlook Express 6 Outlook Express Setup Library Microsoft Corporation C:\Program Files\OUTLOOK EXPRESS\setup50.exe + Microsoft Windows Media Player Microsoft Windows Media Player Setup Utility Microsoft Corporation C:\WINDOWS\inf\unregmp2.exe + Microsoft Windows Media Player ADVPACK Microsoft Corporation C:\WINDOWS\system32\advpack.dll + NetMeeting 3.01 ADVPACK Microsoft Corporation C:\WINDOWS\system32\advpack.dll + Outlook Express Windows NT User Data Migration Tool Microsoft Corporation C:\WINDOWS\system32\shmgrate.exe + Themes Setup Microsoft© Register Server Microsoft Corporation C:\WINDOWS\system32\regsvr32.exe + Windows Desktop Update Microsoft© Register Server Microsoft Corporation C:\WINDOWS\system32\regsvr32.exe + Windows Messenger 4.7 ADVPACK Microsoft Corporation C:\WINDOWS\system32\advpack.dll HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components C:\Documents and Settings\All Users\Start Menu\Programs\Startup C:\Documents and Settings\Adminu\Start Menu\Programs\Startup HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler + Browseui preloader Shell Browser UI Library Microsoft Corporation C:\WINDOWS\system32\browseui.dll + Component Categories cache daemon Shell Browser UI Library Microsoft Corporation C:\WINDOWS\system32\browseui.dll HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad + CDBurn Windows Shell Common Dll Microsoft Corporation C:\WINDOWS\system32\shell32.dll + PostBootReminder Windows Shell Common Dll Microsoft Corporation C:\WINDOWS\system32\shell32.dll + SysTray Systray shell service object Microsoft Corporation C:\WINDOWS\system32\stobject.dll + WebCheck Web Site Monitor Microsoft Corporation C:\WINDOWS\system32\webcheck.dll HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run HKCU\Software\Microsoft\Windows\CurrentVersion\Run + Yahoo! Pager Yahoo! Messenger Yahoo! Inc. C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce Task Scheduler Imediat dupa antivirulul mi-a detectat virusul mi-a aparut o eroare cum ca c:\windows\system32\ldrmsvbvm06.dll lipseste si dupa aia cand dau enable la scutul antivirus el ramane tot pe disable. Poate fi fisierul asta problema? Multumesc anticipat Edit: Am observat ca nici Yahoo Messengerul nu imi porneste. Imi da o eroare de windows ![]() Edited by championul, 17 August 2006 - 14:06. |
#2
Posted 17 August 2006 - 17:52
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Hmm.. bun virusul..
![]() Incearca sa-ti iei un antivirus bun. Dar daca nu te lasa.. si e asha de avansat virusul asta.. probabil ca nu o sa scapi asha usor de el. Cel mai sigur si rapid e sa-ti reinstalezi windowsul. |
#3
Posted 17 August 2006 - 18:26
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
am sters dll-ul acela si dupa aceea am cautat in registru numele, am sters si de acolo, am restartat calculatorul dar nod32 si bitdefender nu vor sa porneasca. Insa acum imi merge messengerul, am scanat online cu kaspersky, mi-a detectat inca un dll virusat, l-am sters si pe ala si acum scanez cu kaspersky trial si vad ca am calculatorul curat. Cred ca am rezolvat problema...Daca crede cineva ca nu am facut-o rog sa posteze aici
Multumesc |
#5
Posted 18 August 2006 - 07:58
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
din pacate, daca pot spune asa, am rezolvat problema...printr-un format si instalarea unei copii noi de windows .
![]() ![]() |
Anunturi
▶ 1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users