Citiraj:
Autor Stormbreaker
da, ovo sa očitavanjem njegovih logova je "mali" problem   |
Upravo tako,,lako je kopirat log pejstat u analyze field,click na analyze i brisat X-eve i upitnike ,a što ustvari to znači za komp i za net ?????
Evo samo jednog primjera LOP-infekcije koja dolazi sa instalacijom Messengera plus...
Zahvača R1 , 02 i 04 sekcije ,,znači usmjerava te na stranicu koju želi(R1),,,,,,,dodaje razne Browser Helper Objecte u naš Browser (02),,,,i pokreće programe ili aplikacije koje sam stvori ili koje zove preko neta(04)..
Sad....lako je stavit kvačicu na to i fix,,,ali stvar je u tome da onaj tko stvarno zna čitat log ZNA da ta infekcija dolazi sa tim programom i da mora maknut :
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.fmgdfrbbwolkcsujdqsdmg.ne...pa6xDG9BI4.cgi
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.cenzunjgsodceudthxojah.ne...tu_Am/mGG.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.anhmrajywkhelucsdxto.net/...QLkDVwAM2Q.php
O2 - BHO: (no name) - {19B89A8F-57A9-5E97-9B02-F2CA701ED8DE} - C:\DOCUME~1\Owner\APPLIC~1\SIXTHD~1\Bold okay.exe
O2 - BHO: (no name) - {E0F2DF9F-B79F-15E0-FBFE-402D1D7D3EE1} - C:\DOCUME~1\Dad\APPLIC~1\LICENS~1\First Drv.exe
O2 - BHO: (no name) - {D74EAF21-F030-988F-6324-4BB6FA9B03D2} - C:\DOCUME~1\DON\APPLIC~1\WINSTO~1\TransPlay.exe
O4 - HKLM\..\Run: [skip stupid audio free] C:\Documents and Settings\All Users\Application Data\bows corn skip stupid\pokeadmin.exe
O4 - HKCU\..\Run: [objloud] C:\DOCUME~1\Dad\APPLIC~1\MOVEAT~1\coalheart.exe
O4 - HKLM\..\Run: [burn owns bags corn] C:\Documents and Settings\All Users\Application Data\ItchWinBurnOwns\Heck Setup.exe
O4 - HKLM\..\Run: [GridShimInterMath] C:\Documents and Settings\All Users\Application Data\downloadgluegridshim\onestyle.exe
I onda slijedi :
Fix
You have a LOP infection that often comes together with Messenger Plus. To remove it we will try the simple way first.
1. Go to Add/Remove programs. Double click on "Messenger Plus!" (or click on Remove)
2. The "Messenger Plus! - Setup" is now displayed. Click on the Uninstall button. Note: options displayed on the first screen are not related to the sponsor program.
3. The sponsor screen is now displayed (if you don't see it, search for it in your Task Bar). To prove that someone is currently reading the screen, you have to type the code that is displayed. Once you enter the code, press Uninstall.
4. If you entered the code properly, the program will ask you to confirm that you want to uninstall. You must answer "Yes" to this question, else, you won't have another chance of uninstalling.
5. To complete the uninstallation, follow the instructions that are displayed (the first one is to close all your Internet Explorer windows, that's very important). When everything is complete, restart your computer and, hopefully voila one nasty infection is gone.
Jer bez deinstalacije Mess.plus Infekcija se vrača za pol sata neta.
Eto...a takvih stvari ima mali milion,,,,,,,Dobro je dok su to sitnice.......