Yahoo Messenger 10

[mercenarx]

salutare !am o problema cu mess-ul in sensul ca daca il deschid si scriu ceva , cand ii dau "send" , nu-mi apare in lista de dialog ceea ce am scris.l-am dezinstalat , reinstalat si la felyahoo mail-ul n-am probleme cu eltrebuie setat ceva ce eu nu stiu ?poate stie cineva sa ma ajute thx!

[E_manuel]

Descarca Combo fix de aici http://download.bleepingcomputer.com/sUBs/ComboFix.exe pe desktop.

Inchide toate programele din calculator.

Ruleaza programul si de fiecare data cand te intreaba ceva confirma cu Yes.

Iti dispare uneori imagindea in timpul scanarii de pe desktop e ceva normal.

La sfarsit va afisa rezultatele scanarii. Salveaza acel fisier si posteaza continutul aici sa vedem ce si daca aveai virusi.

 

Apoi dezinstaleaza messenger,se sterg registry cu program precum CC cleaner,( vezii google,e varianta free )se da restart si apoi se re-instaleaza messenger.

[mercenarx]

cum postez fisierul text ? (e prea mare..)

* Resident AV is active

 

.

 

((((((((((((((((((((((((( Files Created from 2010-10-22 to 2010-11-22 )))))))))))))))))))))))))))))))

.

 

2010-11-22 23:09 . 2010-11-22 23:09 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-11-20 18:30 . 2008-05-30 12:19 507400 ----a-w- c:\windows\system32\XAudio2_1.dll

2010-11-20 18:29 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll

2010-11-20 18:26 . 2010-11-20 18:26 -------- d-----w- c:\program files\Activision

2010-11-19 06:38 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8C83C07E-15B6-4ED7-8E7F-DB203131CE87}\mpengine.dll

2010-11-10 13:43 . 2000-06-29 15:24 3584 ----a-w- c:\windows\system32\drivers\DLPORTIO.SYS

2010-11-10 13:43 . 2000-06-29 15:24 34816 ----a-w- c:\windows\system32\DLPORTIO.DLL

2010-11-10 13:43 . 2010-11-10 13:43 -------- d-----w- c:\program files\PonyProg2000

2010-11-01 07:08 . 2007-02-23 20:51 19968 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\xrxs1pc.dll

2010-10-30 18:51 . 2010-10-30 18:51 -------- d-----w- c:\programdata\Homag Group

2010-10-30 08:33 . 2010-10-30 08:33 876032 ----a-w- c:\windows\system32\VFP6RENU.DLL

2010-10-30 08:33 . 2010-10-30 08:33 3370256 ----a-w- c:\windows\system32\VFP6R.DLL

2010-10-30 08:33 . 2010-10-30 08:33 260096 ----a-w- c:\windows\system32\RICHTX32.OCX

2010-10-30 08:33 . 2010-10-30 08:33 24990 ----a-w- c:\windows\system32\VFP6RUN.EXE

2010-10-29 12:05 . 2008-05-30 09:46 1712128 ----a-w- c:\windows\system32\gdiplus.dll

2010-10-29 12:05 . 2002-11-21 19:13 3907640 ----a-w- c:\windows\system32\gsdll32.dll

2010-10-29 12:05 . 2010-11-20 18:29 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-10-29 12:05 . 2010-10-29 12:05 -------- d-----w- c:\program files\AutoDWG

2010-10-29 11:25 . 2006-10-26 16:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll

2010-10-29 11:25 . 2006-10-26 16:56 32592 ----a-w- c:\windows\system32\msonpmon.dll

2010-10-29 11:24 . 2010-10-29 11:24 -------- d-----w- c:\program files\Microsoft Works

2010-10-29 11:23 . 2010-10-29 11:23 -------- d-----w- c:\windows\PCHEALTH

2010-10-29 11:23 . 2010-10-29 11:23 -------- d-----w- c:\program files\Microsoft.NET

2010-10-29 11:22 . 2010-10-29 11:22 -------- d-----w- c:\program files\Microsoft Visual Studio 8

2010-10-29 11:22 . 2010-10-29 11:25 -------- d-----w- c:\programdata\Microsoft Help

2010-10-29 11:21 . 2010-10-29 11:21 -------- d-----r- C:\MSOCache

2010-10-29 06:56 . 2010-10-29 06:56 -------- d-----w- c:\windows\SWAT 4

2010-10-28 15:09 . 2010-10-28 15:09 -------- d-----w- c:\program files\Panda Security

2010-10-28 09:53 . 2010-10-29 07:32 -------- d-----w- c:\program files\DAEMON Tools Toolbar

2010-10-28 09:52 . 2010-10-28 09:53 -------- d-----w- c:\program files\DAEMON Tools Lite

2010-10-28 09:44 . 2010-10-28 09:44 -------- d-----w- c:\programdata\DAEMON Tools Pro

2010-10-28 09:38 . 2010-10-28 09:38 -------- d-----w- c:\programdata\DAEMON Tools Lite

2010-10-28 09:26 . 2010-10-28 09:45 697328 ----a-w- c:\windows\system32\drivers\sptd.sys

2010-10-28 09:26 . 2010-10-28 09:28 140368 ----a-w- c:\windows\system32\drivers\sptddrv1.sys

2010-10-28 05:43 . 2010-11-22 20:44 -------- d-----w- c:\programdata\Yahoo! Companion

2010-10-28 05:43 . 2010-11-22 20:44 -------- d-----w- c:\programdata\Yahoo!

2010-10-28 05:35 . 2010-11-22 20:44 -------- d-----w- c:\program files\Yahoo!

2010-10-28 05:30 . 2010-10-28 05:30 -------- d-----w- c:\programdata\Bluetooth

2010-10-27 23:46 . 2010-10-27 12:56 -------- d-----w- c:\windows\Panther

2010-10-27 21:15 . 2010-10-27 21:15 -------- d-----w- c:\program files\MPlayer_test

2010-10-27 21:13 . 2010-10-27 21:13 -------- d-----w- c:\program files\IVT Corporation

2010-10-27 21:08 . 2010-10-28 07:00 -------- d-----w- c:\program files\Common Files\Adobe

2010-10-27 21:08 . 1998-10-29 11:45 306688 ----a-w- c:\windows\IsUninst.exe

2010-10-27 21:07 . 2003-11-17 11:24 208896 ------w- c:\windows\system32\SSRemove.Exe

2010-10-27 21:07 . 2005-08-29 00:15 20622 ----a-w- c:\windows\system32\XRXS1LMK.DLL

2010-10-27 21:07 . 2005-08-29 00:15 57344 ----a-w- c:\windows\system32\SSCoInst.dll

2010-10-27 21:07 . 2005-08-29 00:15 151552 ----a-w- c:\windows\system32\SSCoInst.exe

2010-10-27 21:07 . 2010-10-27 21:07 -------- d-----w- c:\windows\Xerox

2010-10-27 21:07 . 2003-07-29 07:57 40448 ------w- c:\windows\system32\drivers\Dgivecp.Sys

2010-10-27 20:54 . 2010-10-27 20:54 -------- d-----w- c:\windows\system32\Wat

2010-10-27 20:49 . 2010-10-27 20:49 -------- d-----w- c:\program files\Conduit

2010-10-27 20:48 . 2010-10-27 20:48 -------- d-----w- c:\program files\VideoLAN

2010-10-27 20:25 . 2010-10-27 20:25 -------- d-----w- c:\program files\DC++

2010-10-27 19:40 . 2009-12-29 06:55 172032 ----a-w- c:\windows\system32\wintrust.dll

2010-10-27 19:40 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll

2010-10-27 19:37 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll

2010-10-27 19:36 . 2009-11-25 09:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2010-10-27 19:36 . 2009-11-25 09:47 49472 ----a-w- c:\windows\system32\netfxperf.dll

2010-10-27 19:36 . 2009-11-25 09:47 297808 ----a-w- c:\windows\system32\mscoree.dll

2010-10-27 19:36 . 2009-11-25 09:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2010-10-27 19:36 . 2009-11-25 09:47 1130824 ----a-w- c:\windows\system32\dfshim.dll

2010-10-27 19:32 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe

2010-10-27 19:31 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys

2010-10-27 19:27 . 2010-08-21 05:36 224256 ----a-w- c:\windows\system32\schannel.dll

2010-10-27 19:26 . 2010-05-27 07:24 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-10-27 19:26 . 2010-05-27 03:49 293888 ----a-w- c:\windows\system32\atmfd.dll

2010-10-27 19:26 . 2009-10-19 14:10 70656 ----a-w- c:\windows\system32\fontsub.dll

2010-10-27 18:53 . 2010-10-27 18:53 -------- d-----w- c:\programdata\NVIDIA

2010-10-27 18:51 . 2010-10-27 18:51 -------- d-----w- c:\programdata\NVIDIA Corporation

2010-10-27 18:51 . 2010-10-27 18:51 -------- d-----w- c:\program files\NVIDIA Corporation

2010-10-27 18:16 . 2010-10-27 18:16 -------- d-----w- c:\program files\ESET

2010-10-27 17:31 . 2010-10-27 17:31 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor

2010-10-27 17:19 . 2010-11-20 18:29 -------- d-sh--w- c:\windows\Installer

2010-10-27 17:19 . 2010-10-27 17:19 -------- d-----w- c:\program files\Tracker Software

2010-10-27 17:15 . 2010-10-27 17:15 -------- d-----w- c:\windows\system32\Macromed

2010-10-27 17:02 . 2008-02-14 06:56 118784 ----a-w- c:\windows\system32\drivers\Rtlh86.sys

2010-10-27 13:23 . 2010-10-27 17:04 319456 ----a-w- c:\windows\DIFxAPI.dll

2010-10-27 13:23 . 2010-10-27 13:23 315392 ----a-w- c:\windows\HideWin.exe

2010-10-27 13:22 . 2010-10-27 18:29 -------- d-----w- c:\windows\system32\Tools

2010-10-27 13:22 . 2006-12-29 10:35 409088 ------w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Reboot.exe

2010-10-27 13:21 . 2010-10-27 21:07 -------- d-----w- c:\program files\Common Files\InstallShield

2010-10-27 13:15 . 2010-10-19 08:41 222080 ------w- c:\windows\system32\MpSigStub.exe

2010-10-27 13:01 . 2010-11-22 14:55 -------- d-----w- c:\windows\system32\wbem\Performance

2010-10-27 12:57 . 2010-10-27 12:57 -------- d-----w- c:\users\VALENTIN

2010-10-27 12:55 . 2010-10-27 12:55 -------- d-----w- C:\Recovery

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-10-28 15:00 . 2009-07-13 23:40 409088 ----a-w- c:\windows\system32\systemcpl.dll

2010-10-28 15:00 . 2009-07-13 23:36 13824 ----a-w- c:\windows\system32\slwga.dll

2010-10-28 15:00 . 2009-07-13 23:24 811520 ----a-w- c:\windows\system32\user32.dll

2010-10-19 10:14 . 2010-10-19 10:14 1254747 ----a-w- c:\windows\facemoods.exe

.

 

------- Sigcheck -------

 

[-] 2010-10-28 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll

[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]

 

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Reboot.exe [2006-12-29 409088]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

 

R3 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\DRIVERS\DLPortIO.SYS [2000-06-29 3584]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-27 1343400]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-10-28 697328]

S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]

S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]

S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]

S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]

S2 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-12-27 51816]

 

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com

mStart Page = hxxp://www.yahoo.com

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

FF - ProfilePath - c:\users\VALENTIN\AppData\Roaming\Mozilla\Firefox\Profiles\zxaue1j7.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxp://www.google.ro/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=

FF - component: c:\users\VALENTIN\AppData\Roaming\Mozilla\Firefox\Profiles\zxaue1j7.default\extensions\{930f1200-f5f1-4870-bac6-e233ec8e7023}\components\FFExternalAlert.dll

FF - component: c:\users\VALENTIN\AppData\Roaming\Mozilla\Firefox\Profiles\zxaue1j7.default\extensions\{930f1200-f5f1-4870-bac6-e233ec8e7023}\components\RadioWMPCore.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll

FF - plugin: c:\program files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

FF - plugin: c:\users\VALENTIN\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll

 

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2010-11-23 01:10:28

ComboFix-quarantined-files.txt 2010-11-22 23:10

ComboFix2.txt 2010-11-22 23:01

 

Pre-Run: 9,367,367,680 bytes free

Post-Run: 9,187,958,784 bytes free

 

- - End Of File - - FCBE040E36CCD6B27576E3B5A0F72C09

[leonidos]

fratilor stie careva cum scap de timpenia asta>> Funny ust scandal.avi e o timpenie ce am luato de pe un stik al unui coleg

[mercenarx]

am reusit sa scap de aceasta manifestare a YM 10cum ? f simplu : am instalat in al meu calc :Malwarebytes AntiMalware aveam calc-ul infectat la greu cu troieni si viermi (culmea , la scanarea cu nod 32 antivirus 4 , sau cu Microsoft Security Essensialsnu aparea NIMIC...)versiunea 1.50.1 (nu necesita dezinstalare antivirus nativ. (cu toate ca la mine e ca si cum n-ar fi fost...)

[nickrvl]

Am si eu o problema cu acest Yahoo Messenger, la inceput instalat fiind nu mai voia sa se logheze, accepta parola si user insa zicea ca nustiu ce il blocheaza, l-am dezinstalat atit pe el cit si toata suita de yahooo (din add or remove programs) am curatat registrii cu CCleaner, restart, si am incercat sa-l instalez din nou, fisierul de instalare de pe site-ul original l-am luat insa acum nu ma lasa sa-l instalez, i-mi apare asta:[attachment=0]mes.jpg[/attachment]Firewall-ul original al Windows e pe Off, lucrez numai cu ZoneAlarm si Avira ca antivirus, am verificat in ZoneAlarm si Avira si nu e blocat de acolo, am incercat si cu ele dezactivate, tot nu merge, i-mi apare acelasi mesaj, nu e pe calculatorul meu e al unui prieten, v-ati lovit de asa ceva?

[adicontakt]

dezactiveaza antivirusii pe perioada instalarii

[nickrvl]

dezactiveaza antivirusii pe perioada instalarii

Am scris in postul de mai sus ca am dezactivat si antivirus si firewall.....