Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

virus idaw64.exe kako ga ukloniti?

[es] :: Zaštita :: virus idaw64.exe kako ga ukloniti?

[ Pregleda: 2900 | Odgovora: 4 ] > FB > Twit

Postavi temu Odgovori

Autor

Pretraga teme: Traži
Markiranje Štampanje RSS

stefanbg89
Stefan Cvetkovic
Beograd, Srbija

Član broj: 125336
Poruke: 57
*.cpe.vektor.net.



Profil

icon virus idaw64.exe kako ga ukloniti?16.12.2007. u 22:42 - pre 198 meseci
ljudi, mene vas kolega iz windows desktopa uputio ovde..
napravio sam log file (hijackthis), i pojavio se ovaj virus, i kozna sta tu jos ima...a reinstalirao sam winows pre 3 nedelje.
koji je naj program za skidanje tih virusa sa kompa?
hvala veliko!
 
Odgovor na temu

Binary Mind
11040

Član broj: 28245
Poruke: 13289
*.adsl-1.sezampro.yu.



+3778 Profil

icon Re: virus idaw64.exe kako ga ukloniti?17.12.2007. u 19:04 - pre 198 meseci
Citat:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 1:27:35 PM, on 12/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\idaw64.exe
C:\WINDOWS\system32\bkpgpdfd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\explorer.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Milos\Desktop\HiJackThis_v2.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, explorer.exe,C:\WINDOWS\system32\idaw64.exe,C:\WINDOWS\system32\ntos.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: {885d1adf-4887-f6b8-b7f4-b1b456fe9ce0} - {0ec9ef65-4b1b-4f7b-8b6f-7884fda1d588} - C:\WINDOWS\system32\qqgwmitc.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8E3FBDE2-7DBD-4040-85D9-29BBC559C129} - C:\WINDOWS\system32\byxuutu.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {C5E08949-D9C5-4A86-9203-2B36FC6A557A} - C:\WINDOWS\system32\mllji.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [startdrv] C:\WINDOWS\Temp\startdrv.exe
O4 - HKLM\..\Run: [Barsaka] explorer.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [d450207f] rundll32.exe "C:\WINDOWS\system32\lvdkwkwn.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: byxuutu - C:\WINDOWS\SYSTEM32\byxuutu.dll
O20 - Winlogon Notify: ivn4reg - C:\Documents and Settings\All Users\Documents\Settings\ivn4.dll
O20 - Winlogon Notify: winghy32 - C:\WINDOWS\SYSTEM32\winghy32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AppMgmt - Unknown owner - C:\DOCUME~1\Stefan\LOCALS~1\Temp\win5.exe (file missing)
O23 - Service: DomainService - - C:\WINDOWS\system32\bkpgpdfd.exe
O23 - Service: FCI - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5055 bytes



Skini SDFix:

http://downloads.andymanchesta.com/removaltools/sdfix.exe

Kad ga skines, dupli click na njega i instalirace se na svojoj default lokaciji C:\SDFix... Posle toga restartuj racunar, udji u Safe Mode i odnavigiraj do C:\SDFix. Kad udjes u C:\SDFix pokreni RunThis.bat duplim klikom na isti i upisis Y da bi poceo sa ciscenjem trojanaca. Kad zavrsi taj deo ciscenja javice "press any key to reboot", nakon cega ces pritisnuti bilo koji taster da bi restartovao racunar. Kad se racunar restaruje pre nego sto se Windows podigne SDFix ce nastaviti sa ciscenjem dok ne zavrsi i obavesti te, nakon cega ces pritisnuti bilo koji taster da bi usao u Windows. Kad udjes u Windows pojavice se SDFix report koji ce biti sacuvan kao Report.txt u SDFix folderu. Okaci taj report i novi HiJackThis! log ovde kad budes sve ovo zavrsio.
 
Odgovor na temu

stefanbg89
Stefan Cvetkovic
Beograd, Srbija

Član broj: 125336
Poruke: 57
*.cpe.vektor.net.



Profil

icon Re: virus idaw64.exe kako ga ukloniti?18.12.2007. u 00:09 - pre 198 meseci
Hvala na iscprnom odgovoru!
ali ja sam reinstalirao ceo windows :)
i posto sam komp uzeo pre mesec dana, imam trial verziju symantec-a od 90 dana...
sada cu ga koristiti. samo da vas pitam ovako malo OFF...jel symantec dobar?jer sam cuo da kao "koci" sistem?
hvala!
 
Odgovor na temu

duki994

Član broj: 150586
Poruke: 86
77.46.203.*



+1 Profil

icon Re: virus idaw64.exe kako ga ukloniti?18.12.2007. u 08:37 - pre 198 meseci
Taj idaw64.exe si mogao da skines sa unlockerom.To je freeware program koji moze da obrise fajlove koje windows vec koristi.Pozz!

Link:
http://ccollomb.free.fr/unlocker/unlocker1.8.5.exe
 
Odgovor na temu

Binary Mind
11040

Član broj: 28245
Poruke: 13289
*.adsl-4.sezampro.yu.



+3778 Profil

icon Re: virus idaw64.exe kako ga ukloniti?18.12.2007. u 10:56 - pre 198 meseci
Skini nesto drugo. Symantec suvise koci sistem za ono sto radi. Avast, AVG, NOD32 su samo neki od antivirusa koje bi mogao da probas.

@duki994

Nije idaw64.exe bio jedini problem... Bilo ih je vise.
 
Odgovor na temu

[es] :: Zaštita :: virus idaw64.exe kako ga ukloniti?

[ Pregleda: 2900 | Odgovora: 4 ] > FB > Twit

Postavi temu Odgovori

Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.