Въпрос за възможен проблем с вирус

G0ld · Декември 30, 2006

Значи казаха ми че имам вирус... примерно работя си със пс-то и изведнаж почва да лагва. Чудя се какво става и давам диспейчъра на задачите и виждам околко 10 exe-та от типа : irc.exe. Сами се пускат незнам какво е и всяко едно изпозлва 8000 К или 2000 и пс-то ми ужасно се натоварва... махам ги и след определено време пак почват да се пускат.. товае някъкв вирус нали ? С нод 32 скоро побазиках и насторих благодарене на вашият форум.. а мога ли някак да се очистя от това или да си прейнсталирам windowsa.

Sir William · Декември 30, 2006

1. Сканира ли с NOD32? Има ли някакъв резултат от това?

2. Можеш да изтеглиш HijackThis.

Ето мирър: HijackThis.

Програмата е архивирана. Разархивираш в някаква папка, после преименуваш програмата HijackThis с друго име. После я стартираш и пускаш "Do a system scan and save a log file".

Снимка:

http://www.picvalley.net/u/69/68184_660.PNG

Получава се текстов лог (notepad). Копирай текста и го пусни (paste) тук.

G0ld · Декември 30, 2006

Logfile of HijackThis v1.99.1

Scan saved at 19:47:10, on 30.12.2006 г.

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program Files\Eset\nod32krn.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Analog Devices\SoundMAX\Smax4.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Unlocker\UnlockerAssistant.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\data\start.exe

c:\windows\system32\data\main.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

c:\windows\system32\data\listener.exe

C:\Program Files\Datecs\FlexType 2K\FType2K.exe

C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe

C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe

C:\Program Files\SkylineUltimate\mIRC.exe

C:\Program Files\BitComet\BitComet.exe

C:\Program Files\Gr0zEn`ScRiPt 1.0\mirc.exe

C:\Program Files\ESET\nod32kui.exe

C:\Program Files\StrongDC\StrongDC.exe

C:\Program Files\Opera\Opera.exe

C:\Documents and Settings\USER\Desktop\helper\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hit.bg/

F2 - REG:system.ini: Shell=explorer.exe ,svchost.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: TVbox Helper - {087774B9-C132-445F-A476-95368F3F0751} - E:\Program Files\TVbox\BHO_TVbox.dll (file missing)

O2 - BHO: Skype Plugin (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Asus Probe\AsusProb.exe

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime

O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s

O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [Mirabilis ICQ] C:\PROGRA~1\ICQ\ICQNet.exe

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [VIPv3_Auto_Update] C:\WINDOWS\VIPv3\CheckForUpdates.exe

O4 - HKLM\..\Run: [VisualTooltip] C:\WINDOWS\VIPv3\VIPtooltip\VisualToolTip.exe

O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\VIPv3\VIPhd\vsdrv.exe

O4 - HKLM\..\Run: [Microsoft DLL Verifier] scvhost.exe

O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H

O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe

O4 - HKLM\..\RunServices: [Microsoft DLL Verifier] scvhost.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [steam] "D:\Games\PacSteam\\Steam.exe" -silent

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [sMS by Jeko Ianev] C:\Program Files\sms\sms.exe

O4 - HKCU\..\Run: [WinStart] C:\WINDOWS\system32\data\start.exe

O4 - HKCU\..\Run: [GetSmile] C:\Program Files\GetSmile\GetSmile.exe

O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe

O4 - Startup: ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe

O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

O4 - Global Startup: BlueSoleil.lnk = ?

O4 - Global Startup: FlexType 2K.lnk = C:\Program Files\Datecs\FlexType 2K\FType2K.exe

O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe

O9 - Extra button: Skype Plugin - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{0D60F77A-14F5-422B-869F-09E0F32A202C}: NameServer = 88.87.10.2,88.87.10.4

O17 - HKLM\System\CCS\Services\Tcpip\..\{18641F9D-50A9-4747-99C9-1901E70AA2DB}: NameServer = 88.87.10.4,88.87.10.2

O17 - HKLM\System\CS1\Services\Tcpip\..\{0D60F77A-14F5-422B-869F-09E0F32A202C}: NameServer = 88.87.10.2,88.87.10.4

O17 - HKLM\System\CS2\Services\Tcpip\..\{0D60F77A-14F5-422B-869F-09E0F32A202C}: NameServer = 88.87.10.2,88.87.10.4

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Skype\Plugin Manager\Skype4COM.dll

O20 - AppInit_DLLs: wbsys.dll,

O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

Sir William · Декември 30, 2006

Няколко неща от лога не ми харесват. Но не прави засега нищо с HijackFree.

Имаш ли инсталирана програма от сорта на AdAware, SpyBot - Search & Destroy, a-squared (безплатни са)?

Пробвай да изтеглиш и сканираш както следва със:

1. SpyBot - Search & Destroy

Информация: SpyBot - Search & Destroy. Има български интерфейс, обнови дефинициите и сканирай.

2. a-squared Free

Информация: a-squared Free, има Ревю: a-squared freе

След инсталацията следва ъпдейт на дефинициите и сканиране.

Забележка: може да използва AdAware вместо a-squared. По избор.

Информация: Ad-Aware SE Personal

G0ld · Декември 30, 2006

Направих го със a-squared Free 2.1 Дадох save reports и ето :

a-squared Free - Version 2.1

Scan settings:

Objects: Memory, Traces, Cookies, C:\, D:\, E:\

Scan archives: On

Heuristics: On

ADS Scan: On

Scan start: 30.12.2006 г. 21:28:20

Key: HKEY_LOCAL_MACHINE\software\orl\winvnc3 detected: Trace.Registry.VNC.CommonComponents

Key: HKEY_CURRENT_USER\software\realvnc\vncviewer4 detected: Trace.Registry.VNCViewer

C:\Documents and Settings\USER\Cookies\user@2o7[2].txt detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:7 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:42 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:44 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:45 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:94 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:95 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:96 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:97 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:123 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:145 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:162 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:166 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:167 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:169 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:173 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:174 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:240 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:255 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:256 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:257 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:258 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:274 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:275 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:276 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:290 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:295 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:296 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:313 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:314 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:317 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:324 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:337 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:338 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:360 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:361 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:366 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:381 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:414 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:458 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:482 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:483 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:485 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:486 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:487 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:493 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:494 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:502 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:505 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:514 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:515 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:516 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:517 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:536 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:543 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:545 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:546 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:548 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:549 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:550 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:558 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:559 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:562 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:611 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:629 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:639 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:640 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:648 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:649 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:650 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:651 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:652 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:653 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:654 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:655 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:656 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:657 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:658 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:659 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:660 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:661 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:662 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:663 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:664 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:665 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:667 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:668 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:670 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:672 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:676 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:677 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:679 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:680 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:681 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:682 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:688 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:689 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:712 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:713 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:714 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:728 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:729 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:730 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:731 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:735 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:760 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:761 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:762 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:769 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:770 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:780 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:781 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:782 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:783 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:784 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:785 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\93qs3po6.default\cookies.txt:786 detected: Trace.TrackingCookie

C:\Documents and Settings\USER\Desktop\Stuffs\ImperialScript2.4-0.rar.rar/mirc32.exe detected: Backdoor.Win32.mIRC-based

C:\Documents and Settings\USER\Desktop\Stuffs\sobieski skript.rar/mirc.exe detected: Riskware.Client-IRC.Win32.mIRC.16

C:\Program Files\DC++\Incomplete\Cosmopolitan Virtual Makeover 3.rar.GZOYWMRMONJF5BODAFVSA4VGKZFDRZ5FF3U32IY.dctmp/Cosmopolitan Virtual Makeover 3.nrg detected: Heuristic.ArchiveBomb

C:\Program Files\EVO Script\mIRC.exe detected: Riskware.Client-IRC.Win32.mIRC.614

C:\Program Files\ImperiaLScript2.4-0\mirc32.exe detected: Backdoor.Win32.mIRC-based

C:\Program Files\IRC\mirc.exe detected: Riskware.Client-IRC.Win32.mIRC.621

C:\Program Files\Radio VT Script v1.1\mIRC.exe detected: Riskware.Client-IRC.Win32.mIRC.614

C:\Program Files\SkylineUltimate\mIRC.exe detected: Riskware.Client-IRC.Win32.mIRC.62

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP1\A0001697.exe/EggBot.exe detected: Backdoor.Win32.mIRC-based

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP2\A0002293.exe/wInnIE-Script.exe detected: Backdoor.Win32.mIRC-based

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP2\A0003019.exe detected: Riskware.Client-IRC.Win32.mIRC.16

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP2\A0003020.exe detected: Riskware.Client-IRC.Win32.mIRC.16

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP2\A0003029.exe detected: Riskware.Client-IRC.Win32.mIRC.614

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP2\A0003037.exe detected: Backdoor.Win32.mIRC-based

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP4\A0003398.exe/wInnIE-Script.exe detected: Backdoor.Win32.mIRC-based

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP4\A0003811.exe/wInnIE-Script.exe detected: Backdoor.Win32.mIRC-based

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP4\A0003910.exe detected: Riskware.Client-IRC.Win32.mIRC.01

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP4\A0003912.exe/EggBot.exe detected: Backdoor.Win32.mIRC-based

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP4\A0003916.exe detected: Backdoor.Win32.mIRC-based

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP4\A0003931.exe detected: Riskware.Client-IRC.Win32.mIRC.614

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP4\A0003935.exe detected: Riskware.Client-IRC.Win32.mIRC.02

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP4\A0003937.exe detected: Riskware.Client-IRC.Win32.mIRC.01

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP4\A0003945.exe detected: Backdoor.Win32.mIRC-based

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP4\A0003986.exe detected: Riskware.Client-IRC.Win32.mIRC.16

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP4\A0003987.exe detected: Riskware.Client-IRC.Win32.mIRC.16

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP4\A0003996.exe detected: Riskware.Client-IRC.Win32.mIRC.614

E:\System Volume Information\_restore{5DF9F857-2A9A-4EA8-A401-32CA12881513}\RP4\A0004006.exe detected: Backdoor.Win32.mIRC-based

E:\System Volume Information\_restore{3EE1898F-1433-462B-8606-278AAD89E12B}\RP61\A0061270.exe/wInnIE-Script.exe detected: Backdoor.Win32.mIRC-based

E:\System Volume Information\_restore{3EE1898F-1433-462B-8606-278AAD89E12B}\RP61\A0061353.exe detected: Riskware.Client-IRC.Win32.mIRC.01

E:\System Volume Information\_restore{3EE1898F-1433-462B-8606-278AAD89E12B}\RP61\A0061355.exe/EggBot.exe detected: Backdoor.Win32.mIRC-based

E:\System Volume Information\_restore{3EE1898F-1433-462B-8606-278AAD89E12B}\RP61\A0061359.exe detected: Backdoor.Win32.mIRC-based

E:\System Volume Information\_restore{3EE1898F-1433-462B-8606-278AAD89E12B}\RP61\A0061374.exe detected: Riskware.Client-IRC.Win32.mIRC.614

E:\System Volume Information\_restore{3EE1898F-1433-462B-8606-278AAD89E12B}\RP61\A0061378.exe detected: Riskware.Client-IRC.Win32.mIRC.02

E:\System Volume Information\_restore{3EE1898F-1433-462B-8606-278AAD89E12B}\RP61\A0061380.exe detected: Riskware.Client-IRC.Win32.mIRC.01

E:\System Volume Information\_restore{3EE1898F-1433-462B-8606-278AAD89E12B}\RP61\A0061389.exe detected: Backdoor.Win32.mIRC-based

E:\System Volume Information\_restore{3EE1898F-1433-462B-8606-278AAD89E12B}\RP61\A0061447.exe detected: Riskware.Client-IRC.Win32.mIRC.614

E:\System Volume Information\_restore{3EE1898F-1433-462B-8606-278AAD89E12B}\RP61\A0061455.exe detected: Riskware.Client-IRC.Win32.mIRC.16

Scanned

Files: 143536

Traces: 91664

Cookies: 1051

Processes: 42

Found

Files: 37

Traces: 2

Cookies: 117

Processes: 0

Registry keys: 0

Scan end: 30.12.2006 г. 22:21:43

Scan time: 00:53:23

Sir William · Декември 30, 2006

Дотук добре. Само сканира и направи лог? На кой режим от програмата?

А премахна ли (става с маркиране на ръка, виж снимката) и "Поставяне под карантина" опасните обекти?

Eто пример:

http://www.picvalley.net/u/69/68296_355.PNG

Пробвай да сканираш на "умна" проверка, ако не си почистил (а) с маркиране и "Поставяне под карантина" ма откритите от програмата проблеми в списъка след сканирането.

Засега избягвай да отстраняваш открити проблеми, започващи с "Heurestic".

Давам пример на картинката с "Heurestic", защото нямам никакви други индикации за "зарази".

Опасявам се, че след отстраняването на "заразите" ще се наложи да преинсталиташ mIRC...

G0ld · Декември 30, 2006

Единственото което направих е да сканирам на "задълбочена проверка" Аз сега съм с друг скрипт но пак го има това...

Sir William · Декември 30, 2006

Сканирането не премахва откритите проблеми от a-squared при теб.

Трябва да маркираш с чавка (както е на картинката) и да поставиш под карантина избраните файлове.

G0ld · Декември 30, 2006

така,работите които ми откри ги сложих под картина. Значи ли че съм се изчистил ? И нямаше такива под името Heurestic.

Sir William · Декември 30, 2006

Вече има ли го проблемът ти от преди: десетина irc.exe?

Рестартирай и провери.

G0ld · Декември 31, 2006

Значи след тази процедура не рестартирах а си легнах и сега като станах имах 20тина такива.. но сега рестартирах и ако се появат ще ти се обадя.

Да тукощо се пусна едно

в момента пак сканирам и намира троянец и някой друг вирус.... защо ли не ги намери вчера...

При всяко сканиране намира по 2 3 нови вируси.. защо не ми ги показва на веднъж :(

Sir William · Януари 1, 2007

Според мен е добре да имаш активирана и настроена защитна стена (Firewall). При LAN мрежите е задължително. Ако не филтрираш трафика на нета - входящ и изходящ според мен няма да имат край тези "зарази", голяма част от които всъщност не са вируси, а рекламни, шпионски и троянски приложения, хакерски атаки и пр.

G0ld · Януари 1, 2007

Ами аз вече съм със нов win. Пуснал съм нова тема много ще съм радостен ако ме насочиш към такава стена и една хубава антивирусна и разбира се ми дадеш наръчник.. и как да ги настроя. Много ще съм ти благодарен.

Sir William · Януари 1, 2007

Eто информация (на английски) за настройки на ZoneAlarm: Firewalls and ZoneAlarm Guide and Tips.

Peyu · Май 20, 2007

Значи след тази процедура не рестартирах а си легнах и сега като станах имах 20тина такива.. но сега рестартирах и ако се появат ще ти се обадя.

Да тукощо се пусна едно

в момента пак сканирам и намира троянец и някой друг вирус.... защо ли не ги намери вчера...

При всяко сканиране намира по 2 3 нови вируси.. защо не ми ги показва на веднъж :(

Баце виш сега.. най-добре направи един преинстал на wid-а си

и внимаваи какви скриптове слагаш на PC-то за в бъдеще.

А ако си решил да се бориш мога да ти дам една добра програма която

ще ти свърши работа срещу irc.exe проблема ако още има такъв.

Казва се ProcessPatrol малка програмка и мн добра, мисля че няма да имаш

проблеми с работата с нея.

http://peyu.hit.bg/ProcessPatrolSetup.rar

luck

edit: можеш да ме намериш в skype: coldblood8 ако искаш нещо да попиташ

за програмата processpatrol.

Редактиран Май 20, 2007 от Peyu

Въпрос за възможен проблем с вирус

Препоръчан пост

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Join the conversation