are un coleg un virus in calculator care tot trimite mess-uri cu un link virusat nu stiti un program cu care si-l poate scoate? Multumesc... fundita+vot!
Ordonare:
După relevanţă
CA sa scapi tu de mass-uri trebuie sa-i dai ''ignore'' si ca sa scape el de ''vierme'' trebuie:
Internet Explorer trebuie sa ramana inchis pana fixezi HomePage in browser.
1.Download ATF Cleaner http://www.atribune.org/ccount/click.php?id=1 si salveaza-l pe desktop. Nu-l folosi inca.
2.Download Repara.zip si extrage Repara.inf pe desktop. Nu-l folosi inca. http://forum.softpedia.com/index.php?act=attach&type=post&id=218415
Download Killbox by Option^Explicit: http://killbox.net/downloads/KillBox.exe
Extrage programul pe desktop si fa dublu-click pe Killbox.exe pentru a porni programul.
In Killbox selecteaza optiunea Delete on Reboot si apasa butonul All Files.
Copiaza linile de mai jos selectandu-le si apasand dupa aia Control+C:
c:\New Folder.exe
c:\Documents and Settings\All Users\Start Menu\Programs\Startup\MSconfig.exe
c:\WINDOWS\lsass.exe
c:\WINDOWS\system\lsass.exe
c:\WINDOWS\system\svchost.exe
c:\WINDOWS\system\svchost32.exe
In Killbox, mergi la meniul File si selecteaza Paste from Clipboard.
Click pe butonul rosu cu alb Delete File. Click Yes cand te intreaba sa Reboot.
Computerul o sa reporneasca.
Vei primi un mesaj de eroare dupa reboot. Click OK ca sa dispara.
Cu HijackThis fixeaza intrarile:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main, Start Page = hxxp://[editat]news.info/
F2 - REG:system.ini: Shell=explorer.exe C:\WINDOWS\system\lsass.exe
F2 - REG:system.ini: UserInit=userinit.exe, C:\WINDOWS\system\lsass.exe
O4 - HKLM\.\Run: [Task Manager] C:\WINDOWS\system\svchost.exe
O4 - HKLM\.\Run: [Yahoo Messenger] C:\WINDOWS\system\svchost32.exe
O4 - Global Startup: MSconfig.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
Goleste temp si Temporary Internet Files.
Dublu-click ATF-Cleaner.exe pentru a porni programul.
In tab-ul Main alege: Select All
Apasa butonul Empty Selected.
Click dreapta pe repara.inf si click Install.
REBOOT.
Nu strica sa faci un scan on-line si un update la Windows.
Repara.inf sterge urmatoarele
HKLM, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,NoRun
HKLM, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,DisableLocalMachineRun
HKLM, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,DisableLocalMachineRunOnce
HKLM, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,DisableCurrentUserRun
HKLM, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,DisableCurrentUserRunOnce
HKLM, Software\Microsoft\Windows\CurrentVersion\Internet Settings,GlobalUserOffline
HKLM, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools
HKLM, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableTaskMgr
HKLM, Software\Policies\Microsoft\Internet Explorer\Control Panel,Homepage
HKLM, Software\Policies\Microsoft\Internet Explorer\Restrictions,NoBrowserOptions
HKLM, Software\Policies\Microsoft\Internet Explorer\Restrictions,NoBrowserClose
HKLM, Software\Policies\Microsoft\Internet Explorer\Restrictions,NoBrowserContextMenu
HKLM, Software\Policies\Microsoft\Internet Explorer\Restrictions,NoNavButtons
HKLM, Software\Policies\Microsoft\Internet Explorer\Restrictions,NoSelectDownloadDir
HKLM, Software\Policies\Microsoft\Windows NT\SystemRestore,DisableConfig
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,NoFolderOptions
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,DisableLocalMachineRun
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,DisableLocalMachineRunOnce
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,DisableCurrentUserRun
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,DisableCurrentUserRunOnce
HKCU, Software\Policies\Microsoft\Internet Explorer\Control Panel,Homepage
HKCU, Software\Policies\Microsoft\Internet Explorer\Restrictions,NoBrowserOptions
HKCU, Software\Policies\Microsoft\Internet Explorer\Restrictions,NoBrowserClose
HKCU, Software\Policies\Microsoft\Internet Explorer\Restrictions,NoBrowserContextMenu
HKCU, Software\Policies\Microsoft\Internet Explorer\Restrictions,NoNavButtons
HKCU, Software\Policies\Microsoft\Internet Explorer\Restrictions, NoSelectDownloadDir
HKCU, Software\Policies\Microsoft\Windows NT\SystemRestore, DisableConfig
Nu este chiar asa usor dar oricum scapi daca urmaresti ce am spus! Bafta!
Răspunde
Uite aici un tutorial :
http://www.faravirusi.com/......%E2%80%9D/
.de asemenea nu ar strica sa iti iei un antivirus mai bun :
eu iti recomand karsperky :
1) tragi de aici trialul ( sau de pe alt site )
http://www.softpedia.com/get/Antivirus/Kaspersky-Internet-Security.shtml
2) tragi programelul asta :
http://www.soft-linking.com/......ested.html
3) urmezi instructiuniile si. voila.ai 3600 de zile gratis :D
btw: multi au spus ca e pacaleala! NU e! daca nu ma credeti va dau un screen de la mine!
http://i.imgur.com/KUan4.png
Foarte simplu. http://majorgeeks.com/download.php?det=5756 down ce este acolo instalezi, scanezi si remove
Bafta!
Aaa,deci pe forumul tau(nesimtzit de-adreptul,ca banezi fix pe nevinovat,adica eu,care nu am facut nimic,sunt ala,de pe forumul tau, problemepc, numit alex_cristian2000).Acum sa revenim la problema, colegul tau trebuie sa-si deviruseze computerul cu un antivirus bun, eu iti recomand kaspersky(iei trial-ul de-aici : www.kaspersky.com)in perioada trial,el poate sa isi deviruseze computerul de virusi,dupa care,pentru a repara pagubele(malware-ul instaleaza procese malware, si alea trebuie dezactivate dupa devirusare)din computer trebuie sa foloseasca programul Rkill, un tutorial despre el aici : http://www.stealthsettings.com/......istem.html Sper ca l-am ajutat, o zi buna :-H
Răspunsul este publicat...
Te rugăm să aştepţi ca răspunsul tău să fie trimis spre publicare.
