11 visiteur(s) en ligne
Date actuelle : 22-11-2024, 17:49 PM Bienvenue, Visiteur ! ( Identification S'enregistrer )







 
Hello Everybody...I have a big spam problem... :(
 
Note de cette discussion :
  • Moyenne : 0 (0 vote(s))
  • 1
  • 2
  • 3
  • 4
  • 5
Auteur Message
Sum 41 Hors ligne
Newbie
*

Messages : 4
Inscription : Jul 2006
Réputation : 0
Message : #1
Hello Everybody...I have a big spam problem... :(
Hi...First of all I'm not French and a friend of mine recommended this site...

I have a spam problem that I tried so hard to fix that but I couldnt...When I start internet explorer or an application that uses internet explorer, a pop-up window appears that contains a message "Advertisement by Outerinfo"...And also it contains advertisements of some companies...

Here is my HijackThis log file...

Logfile of HijackThis v1.99.1
Scan saved at 9:31:07 PM, on 7/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Babylon\Babylon.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\MXOALDR.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\PPATCH~1\javaw.exe
C:\WINDOWS\ECURIT~1\winword.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\ad\Application Data\Map Maker\MMManager.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ntvdm.exe
C:\HJT\HijackThis.exe

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [dos_win.exe] C:\WINDOWS\system32\dos_win.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Niru] "C:\WINDOWS\system32\PPATCH~1\javaw.exe" -vt ndrv
O4 - HKCU\..\Run: [Pvi] C:\WINDOWS\ECURIT~1\winword.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [Sticker] C:\Program Files\MoRUN.net\NotesPlusPlus\notespp.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: SunClock5.lnk = C:\Documents and Settings\ad\Application Data\Map Maker\MMManager.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &MyToolBar Search - res://C:\Program Files\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM
O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download by Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\wuaclt.dll
O20 - Winlogon Notify: Explorer - C:\WINDOWS\system32\jbsh400.dll (file missing)
O20 - Winlogon Notify: klogon - "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klogon.dll" (file missing)
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe


How can I fix that problem?

If you help me, I will really be happy...Thanks a lot... :|
23-07-2006 17:37 PM
Envoyer un email à cet utilisateur Trouver tous les messages de cet utilisateur Citer ce message dans une réponse
Troll Hors ligne
Trolls' master
******

Messages : 15 818
Inscription : Mar 2006
Réputation : 21
Message : #2
 
Hello !

Welcome to Pc-Info Wink

You may have some trojan or malware in you pc, and you have a lot of BHO :o

So, Can you read the french ?

If yes, do that it's written >>here<< and give us the ewido report Wink

If you don't understand something I said tell it me Wink (I'm not english...so I can do some errors in writting in this langage :mrgreen: ).


Good evening Wink

Un poste sans accent ? La faute au clavier qwerty :/
|| Merci de mettre des titres explicites !!! || La bouille à Troll ? || 
Vous voulez remercier l'équipe du forum ? Participez ! Exprimez-vous ! Revenez et parlez de ce que vous voulez ! Wink Image: actualites-informatiques-pcw.1.gif
23-07-2006 18:00 PM
Visiter le site internet de cet utilisateur Trouver tous les messages de cet utilisateur Citer ce message dans une réponse
Sum 41 Hors ligne
Newbie
*

Messages : 4
Inscription : Jul 2006
Réputation : 0
Message : #3
 
Hi Troll...Thanks for help... Smile)

I can't speak French... :cry: But I installed 4 programs that I saw on that link...(CCleaner, Adaware, Ewido and Spybot)...

If you explain the steps on that link shortly, I will be happy...

(Your English is so good...I can understand everything that you wrote... Smile))
23-07-2006 18:12 PM
Envoyer un email à cet utilisateur Trouver tous les messages de cet utilisateur Citer ce message dans une réponse
Troll Hors ligne
Trolls' master
******

Messages : 15 818
Inscription : Mar 2006
Réputation : 21
Message : #4
 
Thanks for my english Big Grin

The steps aren't very complicated,


For CCleaner, launch it and, on the right bottom of the window, there's a button "lancer le nettoyage", clic on Wink

Second step : Ad-aware, don't use the second link, it's for turning it on french. The software may be in english by default, so you clic update on the bottom of the window (a little earth...), you clic on connecting and you answer yes for downloading update file. Then you clic on close for closing window.

Then this, clic on the next button and select complete system scan, clic on the scan button and let it scanning, it wont be very long.

After the scan, delete all files that has found, withou moving them in quarantine.

For spybot, it's very simple.

You can turn it on english by the language button.

After this, clic on update and update it.

Clic then on the scan button "check problems" and let scanning, after the scan, delete all files that has been founded Wink

For ewido, it's in english too, you update and scan too. And after, you give us the report by CNTRL + A (select all) , CNTRL + C (copy) and CNTRL+V (stick).


We see after that the on-line scanner of kaspersky Wink

Un poste sans accent ? La faute au clavier qwerty :/
|| Merci de mettre des titres explicites !!! || La bouille à Troll ? || 
Vous voulez remercier l'équipe du forum ? Participez ! Exprimez-vous ! Revenez et parlez de ce que vous voulez ! Wink Image: actualites-informatiques-pcw.1.gif
23-07-2006 18:32 PM
Visiter le site internet de cet utilisateur Trouver tous les messages de cet utilisateur Citer ce message dans une réponse
Sum 41 Hors ligne
Newbie
*

Messages : 4
Inscription : Jul 2006
Réputation : 0
Message : #5
 
Hi Troll,

Finally all steps are ended... Smile)

Here is the report of ewido...


---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 1:00:07 AM 7/24/2006

+ Scan result:



C:\WINDOWS\system32\__delete_on_reboot__w_u_a_c_l_t_._d_l_l_ -> Adware.PurityScan : No action taken.
C:\WINDOWS\&amp;#1109;ecurity\__delete_on_reboot__w_i_n_w_o_r_d_._e_x_e_ -> Adware.PurityScan : No action taken.
[1024] C:\WINDOWS\system32\wuaclt.dll -> Adware.PurityScan : No action taken.
[1148] C:\WINDOWS\system32\wuaclt.dll -> Adware.PurityScan : No action taken.
[1216] C:\WINDOWS\system32\wuaclt.dll -> Adware.PurityScan : No action taken.
[1304] C:\WINDOWS\system32\wuaclt.dll -> Adware.PurityScan : No action taken.
[1384] C:\WINDOWS\system32\wuaclt.dll -> Adware.PurityScan : No action taken.
[1392] C:\WINDOWS\system32\wuaclt.dll -> Adware.PurityScan : No action taken.
[1660] C:\WINDOWS\system32\wuaclt.dll -> Adware.PurityScan : No action taken.
[1736] C:\WINDOWS\system32\wuaclt.dll -> Adware.PurityScan : No action taken.
[1744] C:\WINDOWS\system32\wuaclt.dll -> Adware.PurityScan : No action taken.
[4012] C:\WINDOWS\system32\wuaclt.dll -> Adware.PurityScan : No action taken.
[4048] C:\WINDOWS\ECURIT~1\winword.exe -> Adware.PurityScan : No action taken.
[808] C:\WINDOWS\system32\wuaclt.dll -> Adware.PurityScan : No action taken.
C:\WINDOWS\system32\&amp;#913;&amp;#1088;pPatch\__delete_on_reboot__j_a_v_a_w_._e_x_e_ -> Downloader.PurityScan.co : No action taken.
C:\WINDOWS\system32\ld100.tmp -> Downloader.Zlob.zu : No action taken.
C:\WINDOWS\system32\regperf.exe -> Downloader.Zlob.zu : No action taken.
C:\Program Files\outlook\p.zip/Setup.exe -> Worm.VB.dw : No action taken.


::Report end

-------------------------------------------------------------------------

It says no action taken...But after saving this report I removed all of these infections...
23-07-2006 21:06 PM
Envoyer un email à cet utilisateur Trouver tous les messages de cet utilisateur Citer ce message dans une réponse
Troll Hors ligne
Trolls' master
******

Messages : 15 818
Inscription : Mar 2006
Réputation : 21
Message : #6
 
If you removed the infections AFTER generating of the report it's normal, because when the report has been generated, this infections weren't deleted yet Wink

If you have deleted all infections so it's good.

Now, have you always spam after this ?

Un poste sans accent ? La faute au clavier qwerty :/
|| Merci de mettre des titres explicites !!! || La bouille à Troll ? || 
Vous voulez remercier l'équipe du forum ? Participez ! Exprimez-vous ! Revenez et parlez de ce que vous voulez ! Wink Image: actualites-informatiques-pcw.1.gif
24-07-2006 03:59 AM
Visiter le site internet de cet utilisateur Trouver tous les messages de cet utilisateur Citer ce message dans une réponse
Bilifly Hors ligne
Administrateur
******

Messages : 3 439
Inscription : Mar 2006
Réputation : 11
Message : #7
 
Hello Sum 41, Welcome

The report of Ewido that you come from poster did not remove the infections, it is marked "No action taken"

Therefore, it is necessary that you always remake the scanne except connection Internet (by disconnecting your cable USB or LAN or key Wi-Fi) and all the closed programs With the end of the scan, you remove these infectionsen doing this :

click with dimensions of "Set all elements to:" and select Delete, so that it removes all the found infected files. Then, click on Apply all actions

Then, stations the new report of Ewido

Image: powered-by-linux.png Image: actualites-informatiques-pcw.1.gif
Image: userbar-ubuntu.gif
24-07-2006 07:27 AM
Visiter le site internet de cet utilisateur Trouver tous les messages de cet utilisateur Citer ce message dans une réponse
Sum 41 Hors ligne
Newbie
*

Messages : 4
Inscription : Jul 2006
Réputation : 0
Message : #8
Hello Everybody...I have a big spam problem... :(
Hi Troll,Bilifly,

I took the Ewido's report before taking the action...After taking this report, I removed all of the infected files...And my computer seems OK now... Smile))

If I see the same pop-up window again, I will write here... Smile))

Thank you so much... Smile) Have a good time... Smile))
24-07-2006 09:20 AM
Envoyer un email à cet utilisateur Trouver tous les messages de cet utilisateur Citer ce message dans une réponse




Discussions apparemment similaires...
Discussion : Auteur Réponses : Affichages : Dernier message
  thunderbird et anti spam pmpciw 2 8 576 01-04-2009 19:05 PM
Dernier message: Troll
  anti-spam bils2 4 4 565 30-08-2006 13:14 PM
Dernier message: gargout

Aller à :


Utilisateur(s) parcourant cette discussion : 1 visiteur(s)