Trojan.generic.1192466

BD IS 2009 a detectat pe calculator urmatorul troian:

<<Probleme rezolvate:Nume obiect Nume amenintare Situatie finala

E:\System Volume Information\_restore{E5931C7D-5A6D-42C6-8F8D-78767353063C}\RP558\A0227944.exe Trojan.Generic.1192466 Sters >>

Nu-i gasesc nicaieri descrierea pe net... A mai intalnit cineva acest troian? Ce efecte are?

Găsiți mai multe postări etichetate cu

Comentarii

alexcrist

Aceasta detectie este una generica (adica nu se axeaza pe un sample anume, ci are o plaja mai mare de detectie). Astfel, nu exista o descriere exacta a infectiei, fara a se studia exact un sample infectat.

Insa detectia, in cazul tau, a fost in System Volume Information, adica in unul in punctele de restaurare ale sistemului de operare. Acele fisiere sunt numai backup-uri, si pot fi sterse fara efecte adverse negative (vor fi recreate, daca este cazul).

Din ce ai scris tu mai sus, se pare ca infectia a fost indepartata cu succes. Daca mai ai probleme, revino cu un log complet de scanare.

Cris.

ldamaceanu

Asta e jurnalul de la ultima scanare. Cum reusesc sa scap de acest Trojan.Generic.1189123? Va rog tare sa ma ajutati si pe mine.

Are asta vreo legatura cu faptul ca in momentul in care deschid un film in BSPlayer mi se restarteaza sistemul?

Fisierul jurnal al BitDefender !!!!!

Produs : BitDefender Antivirus 2008

Versiune : BitDefender UIScanner v.11

Data inregistrare : 11:03:33 06/12/2008

Cale inregistrare : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\deep_scan\1228554213_1_02.xml

Cai scanate:Cale0000: C:\

Cale0001: E:\

Cale0002: F:\

Cale0003: G:\

Optiuni scanare:Scaneaza dupa virusi : Da

Scaneaza dupa adware : Da

Scaneaza dupa spyware : Da

Scaneaza dupa aplicatii : Da

Scaneaza dupa dialere : Da

Scaneaza dupa rootkituri : Da

Optiuni selectie tinta:Scaneaza chei registri : Da

Scaneaza fisiere cookie : Da

Scaneaza sectorul de boot : Da

Scaneaza procese memorie : Da

Deschide arhive : Da

Scaneaza in interiorul programelor impachetate : Da

Scaneaza e-mailuri : Da

Scaneaza toate fisierele : Da

Scanare euristica : Da

Extensii scanate :

Extensii excluse :

Procesare obiecte detectateActiune implicita pentru obiectele infectate : Dezinfecteaza

Actiune implicita pentru obiectele suspecte : Niciuna

Actiune implicita pentru obiectele ascunse : Niciuna

Statistici motoare scanareNumar semnaturi virusi : 2332657

Pluginuri de arhive : 44

Pluginuri de mail : 6

Pluginuri de scanare : 13

Pluginuri de arhive : 44

Pluginuri de sistem : 5

Pluginuri de despachetare : 7

Rezumat general scanareObiecte scanate : 216505

Obiecte infectate : 143

Obiecte suspecte : 0

Obiecte rezolvate : 143

Virusi diferiti detectati : 4

Directoare scanate : 3437

Sectoare de boot scanate : 20

Arhive scanate : 873

Erori input-output : 29

Durata scanare : 00:00:47:35

Fisiere/secunda : 75

Rezumat procese scanateScanate : 38

Infectate : 0

Rezumat chei registri scanateScanate : 830

Infectate : 0

Rezumat fisiere cookie scanateScanate : 9

Infectate : 0

Probleme nerezolvate:Nume obiect Nume amenintare Situatie finala

[system]=]HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{13B15C40-1A6B-4E7E-9577-80D99F772C10}=]C:\WINDOWS\SYSTEM32\COMUI.DLL Trojan.Generic.1189123 Infectate

Probleme rezolvate:Nume obiect Nume amenintare Situatie finala

C:\Documents and Settings\Rebeka\Local Settings\Temporary Internet Files\Content.IE5\G5EFK5IN\fileslist[2].js Adware.FakeAntiVirus.L Mutat in carantina

C:\Documents and Settings\Rebeka\Local Settings\Temporary Internet Files\Content.IE5\MNWJMR6P\fileslist[2].js Adware.FakeAntiVirus.L Mutat in carantina

[system]=]C:\Documents and Settings\Rebeka\Cookies\rebeka@ads.pointroll[2].txt Cookie.PointRoll Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat18.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat19.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat1A.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat1B.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat1C.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat1D.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat1E.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat1F.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat20.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat21.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat22.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat23.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat24.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat25.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat26.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat27.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat28.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat29.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat2A.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat2B.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat2C.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat2D.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat2E.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat2F.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat30.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat31.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat32.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat33.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat34.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat35.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat36.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat37.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat38.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat39.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat3A.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat3B.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat3C.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat3D.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat3E.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat3F.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat4.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat40.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat41.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat42.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat43.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat44.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat45.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat46.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat47.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat48.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat49.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat58.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat5F.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat67.tmp Trojan.Generic.1189123 Sters

C:\Documents and Settings\RBK\Local Settings\Temp\dat9A.tmp Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP1\A0000018.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP1\A0000098.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP1\A0000118.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP10\A0015963.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP10\A0017055.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP11\A0017083.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP11\A0017268.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP11\A0017290.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP11\A0017321.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP11\A0017392.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP12\A0018392.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP12\A0018421.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP12\A0018549.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP12\A0020576.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP13\A0021605.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP13\A0021640.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP13\A0021641.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP13\A0021642.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP14\A0021786.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP14\A0021800.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP15\A0021870.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP15\A0021871.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP15\A0021918.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP15\A0021940.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP15\A0022966.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP15\A0023966.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP15\A0023996.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP16\A0024996.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP16\A0025024.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP2\A0000176.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP2\A0000203.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP2\A0000228.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP2\A0000260.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP2\A0000291.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP3\A0000316.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP3\A0000331.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP3\A0000385.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP3\A0000431.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP3\A0000432.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP3\A0000454.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP3\A0000509.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP3\A0000510.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP4\A0000620.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP4\A0000663.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP4\A0000664.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP4\A0000720.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP4\A0000740.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP5\A0000796.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP5\A0000842.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP5\A0000892.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP5\A0000903.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP5\A0000923.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP5\A0000945.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP6\A0000983.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP6\A0001057.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP6\A0003070.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP6\A0004070.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP7\A0005197.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP7\A0006197.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP7\A0007197.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP7\A0007208.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP7\A0008227.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP7\A0009227.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP7\A0010227.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP7\A0011227.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP7\A0011238.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP7\A0011249.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP7\A0011264.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP7\A0011311.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP7\A0011380.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP7\A0012380.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP7\A0013380.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP8\A0014380.dll Trojan.Generic.1189123 Sters

C:\System Volume Information\_restore{4A37FF71-71C0-4B06-A138-3D20E990888E}\RP9\A0015417.dll Trojan.Generic.1189123 Sters

C:\WINDOWS\system32\adsn.dll Trojan.Generic.1189123 Sters

C:\WINDOWS\system32\adsnh.dll Trojan.Generic.1189123 Sters

C:\WINDOWS\system32\askore.dll Trojan.Generic.1189123 Sters

C:\WINDOWS\system32\askorea.dll Trojan.Generic.1189123 Sters

C:\WINDOWS\system32\asrussia.dll Trojan.Generic.1189123 Sters

C:\WINDOWS\system32\bdco.dll Trojan.Generic.1189123 Sters

C:\WINDOWS\system32\browsel.dll Trojan.Generic.1189123 Sters

C:\WINDOWS\system32\cabvie.dll Trojan.Generic.1189123 Sters

C:\WINDOWS\system32\camoc.dll Trojan.Generic.1189123 Sters

C:\WINDOWS\system32\comui.dll Trojan.Generic.1189123 Mutat in carantina

Obiecte care nu au fost scanate:Nume obiect Motiv Situatie finala

C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\ENU\Data1.cab=]WebSearchENU.pdf Protejat cu parola Nicio actiune nu a putut fi aplicata

C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\ENU\Data1.cab=]RdrMsgSplash.pdf Protejat cu parola Nicio actiune nu a putut fi aplicata

alexcrist

Din logul de scanare reiese ca toate fisierele detectate au fost sterse. Re-apar acele fisiere, la scanari sucesive ale sistemului?

Restartarea sistemului la deschiderea unui film poate avea cu totul alte cauze, nu malware. Eu as spune ca de vina sunt codec-urile, care probabil intra in conflict cu ceva si cauzeaza un Blue Screen of Death (BSOD = eroare fatala). Te rog sa dezactivezi rebootul automat:

- clic dreapta pe My Computer

- clic pe Properties

- du-te la Advanced -> Startup and Recovery (Settings)

- debifeaza Automatically restart

Daca presupunerea mea este adevarata, in loc de reboot vei primi un ecran albastru. Noteaza acel mesaj (si eventual, numele de fisiere care sunt afisate in josul ecranului) si posteaza-le.

Cris.

ldamaceanu

Nu apar la o scanare ulterioara. A ramas o problema nerezolvata si nu stiu cum sa o rezolv:

Probleme nerezolvate:Nume obiect Nume amenintare Situatie finala

Iar in legatura cu cea de-a doua problema, am incercat ceea ce mi-ai spus insa fara nici un rezultat. In incercarea de a deschide BSPlayer, mi s-a restart calculatorul si am primit urmatorul mesaj pe fundal albastru:

"A problem has been detected and windows has been shut down to prevent damage to your computers.

IRQL_NOT_LESS_OR_EQUAL

If this is the first time you`ve seen this stop error screen, restart your computers. If this screen appears again, follow these steps:

Cheke to make sure any new hardware or software is properly installed. If this is a new installation, ask your hardware or software manufacturer for any windows updates you might need.

If problems continue, disable or remove any newly installed hardware or software. Disable bios memory options such as caching or shadowing. If u need to use safe Mode to remove or disable components, restart you computer, press F8 to select Advanced Startup options, and then select safe Mode.

Technical information:

***STOP:0X0000000A(0X00000016,0X0000001C,0X00000000,0X80502332)

Beginning dump of physical memory.

Phisical memory dump complete.

Contact your sistem administrator or technical support group for further assistance."

Acest mesaj imi apare nu doar la deschiderea BSPlayer-ului ci si cand incerc sa deschid un joc. Nu am facut nimic din ceea ce spune in mesaj pentru ca nu ma prea pricep.

Multumesc pentru ajutor.

alexcrist

Probleme nerezolvate:Nume obiect Nume amenintare Situatie finala

[system]=]HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{13B15C40-1A6B-4E7E-9577-80D99F772C10}=]C:\WINDOWS\SYSTEM32\COMUI.DLL Trojan.Generic.1189123 Infectate

- Deshide regedit:

Start -> Run -> regedit <Enter>

- navigheaza pana la

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\

- clic dreapta pe cheia numita (cheile sunt afisate in partea stanga, sub forma de directoare) {13B15C40-1A6B-4E7E-9577-80D99F772C10} si selecteaza Export. Salveaza undeva acea cheie.

- apoi clic dreapta pe acea cheie si alege Delete.

- pune fisierul exportat (va fi de tip .reg) intr-o arhiva parolata (cu parola infected) si ataseaz-o la urmatorul post.

- verifica daca exista fisierul C:\WINDOWS\SYSTEM32\COMUI.DLL (inainte de asta, urmeaza instructiunile de aici: http://forum.bitdefender.com/index.php?showtopic=3573)

- daca exista, sterge-l

Iar in legatura cu cea de-a doua problema, am incercat ceea ce mi-ai spus insa fara nici un rezultat. In incercarea de a deschide BSPlayer, mi s-a restart calculatorul si am primit urmatorul mesaj pe fundal albastru: ~snip~

Acest mesaj imi apare nu doar la deschiderea BSPlayer-ului ci si cand incerc sa deschid un joc. Nu am facut nimic din ceea ce spune in mesaj pentru ca nu ma prea pricep.

Multumesc pentru ajutor.

Nu este deloc "fara rezultat". Banuiala ma a fost corecta, si ai primit un BSOD (ecran albastru).

Mesajul scris acolo inseamna ca, undeva, este un conflict intre driveri.

Pentru ca ai probleme si la BsPlayer, si la jouri, as putea spune ca este de vina driverul video, insa nu pot sa garantez asta.

Incearca sa dezinstalezi driverul video, si sa instalezi ultima versiune, de pe site-ul oficial al producatorului.

De asemenea, pot fi de vina codec-urile video. In general, pot aparea probleme la folosirea codec-pack-urilor, care de multe ori vin cu zeci/sute de codec-uri care intra in conflict unele cu altele. Personal recomand sa nu fie utilzate codec pack-uri, ci doar codec-uri individuale (DivX + XviD au de cele mai multe ori rezultate foarte bune, cu majoritatea filmelor).

Cris.

ldamaceanu

Am incercat sa sterg comui.dll dar nu am reusit pentru ca nu mi-a data voie.

Iar atasamentul nu il pot pune. imi da mesajul urmator cand incerc sa pun atasamentul:"Upload failed. You are not permitted to upload this type of file"

ldamaceanu

Am reusit sa atasez HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\

Astept un raspuns.

Multumesc

/applications/core/interface/file/attachment.php?id=4281" data-fileid="4281" rel="">key.rar

key.rar

luc79

Aceasta detectie este una generica (adica nu se axeaza pe un sample anume, ci are o plaja mai mare de detectie). Astfel, nu exista o descriere exacta a infectiei, fara a se studia exact un sample infectat.

Insa detectia, in cazul tau, a fost in System Volume Information, adica in unul in punctele de restaurare ale sistemului de operare. Acele fisiere sunt numai backup-uri, si pot fi sterse fara efecte adverse negative (vor fi recreate, daca este cazul).

Din ce ai scris tu mai sus, se pare ca infectia a fost indepartata cu succes. Daca mai ai probleme, revino cu un log complet de scanare.

Cris.

Multumesc pentru promtitudine si pentru sfaturi... problema aparea in momentul in care screen saver-ul era activat... in ultima saptamana nu s-a mai manifestat...

Sarbatori fericite!

alexcrist

Am incercat sa sterg comui.dll dar nu am reusit pentru ca nu mi-a data voie.

Incearca programul Unlocker ca sa vezi ce proces blocheaza accesul la acel DLL. Daca sunt procese critice (gen winlogon.exe sau svchost.exe) ai grija cand dai Unlock, ca s-ar putea sa crape aplicatiile, chiar si sistemul complet.

Daca reusesti sa deblochezi acel DLL, inainte sa-l stergi pune-l intr-o arhiva parolata (cum ai facut si mai sus) si ataseaza-l aici.

EDIT: Acum am observat ca intr-un topic mai sus se vede ca BD deja detecteaza acel DLL. Deci foloseste programul Unlocker pentru a sterge acel fisier. Nu este necesara atasarea lui in topic.

Scuze de raspunsul intarziat, nu am observat ca ai raspuns.

Am reusit sa atasez HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\

Aparent cheia este goala. Poate fi stearsa.

Multumesc pentru promtitudine si pentru sfaturi... problema aparea in momentul in care screen saver-ul era activat... in ultima saptamana nu s-a mai manifestat...

Sarbatori fericite!

Daca problema apare cand ruleaza screensaver-ul, atunci sunt doua variante:

- ori screensaverul este infectat, si nu e detectat

- ori alerta este o alarma falsa

In ambele cazuri, te rog sa adaugi screensaverul respectiv intr-o arhiva parolata (cu parola infected) si sa o atasezi in acest topic, pentru analiza.

Cris.

ldamaceanu

Am incercat sa sterg

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER

HELPER OBJECTS\{13B15C40-1A6B-4E7E-9577-80D99F772C10} dar nu imi da voie.

Ce as putea face ? de ce nu imi voie? Am incercat sa sterg si din Safe Mode si aceeasi problema.

Multumesc.

alexcrist

Te rog sa postezi un log HijackThis. Gasesti AICI cateva instructiuni.

Cris.

luc79

Daca problema apare cand ruleaza screensaver-ul, atunci sunt doua variante:

- ori screensaverul este infectat, si nu e detectat

- ori alerta este o alarma falsa

In ambele cazuri, te rog sa adaugi screensaverul respectiv intr-o arhiva parolata (cu parola infected) si sa o atasezi in acest topic, pentru analiza.

Cris.

Asa cum spuneam, in ultima vreme nu a mai aparut... daca mai sunt probleme il trimit spre analiza...

Merci,