Help !!! HijackThis HTML/Silly.Gen

Buna,
Avira mi-a gasit :
- Virus or unwanted program 'HTML/Silly.Gen [virus]'
detected in file 'C:\Documents and Settings\jorj\Local Settings\Temporary Internet Files\Content.IE5\WHUIHDPK\d[1].htm.
Action performed: Deny access
- The file 'C:\Program Files\SystemRequirementsLab\System_srl.dll'
contained a virus or unwanted program 'TR/Zlob.753664' [trojan]
Action(s) taken:
The file was moved to '49b48c99.qua'!
- The file 'C:\Documents and Settings\jorj\Local Settings\Temporary Internet Files\Content.IE5\TVP01BO7\appie[1].exe'
contained a virus or unwanted program 'TR/Crypt.XDR.Gen' [trojan]
Action(s) taken:
The file was moved to '49b18bae.qua'!

Precizez k orice "clean temporary internet files" nu ajuta cu nimik situatia.
...am mai avuta o astfel de problema si n-am scapat de virus decat dupa ce mi-am dezinstalat windowsu.
Akm nu am nici timp...si nici chef,dar totusi am mare dorinta sa-i vin de hac virusului astuia sau ce o fi el.
Am inteles ca e genu de trojan care se instaleaza in windows folder/system32 k o aplicatie si schimba ceva in registry.
Enervant e faptu k Avira detecteaza la fiecare deschidere a unei pagini web...uneori chiar si cand deschid unele aplicatii.
Imi da erori(nu ma lasa) si cand incerc sa instalez vreun trojan remover,vreun registrycleaner etc.


Am facut si un log cu HiJackThis:



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:15:56, on 12.12.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
D:\Software kits\Antivirus\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0C84CA34-9984-4129-8FB4-B99799A98146}: NameServer = 193.231.40.17
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5941 bytes



....rog mult sa ma lamuriti si pe mine cum sta treaba.Are rost sa-mi pierd timpul cautand solutii pe net....sau mai bine iarasi apelez la reinstalare Windows?!!

Mesaj iniţiat de Pokemon

Logul pare curat la rpima vedere. Acum iti mai detecteaza ceva Avira?

o da....imi detecteaza,si parca ar fi ceva random....la o pagina detecteaza,la alta nu....la un program detecteaza,la altu nu...
nush....chiar nu stiu.SI e aceasi chestie de fiecare data:

- Virus or unwanted program 'HTML/Silly.Gen [virus]'
detected in file 'C:\Documents and Settings\jorj\Local Settings\Temporary Internet Files\Content.IE5\WHUIHDPK\d[1].htm.
Action performed: Deny access

Mesaj iniţiat de Pokemon

Din cate vad ai avut si AVG instalat si nu s-a dezinstalat bine pentru ca au ramas intrari in registri. Singurul sfat ar fi cel pe care l-am mai dat unui user sa scanezi de pe un Rescue Cd. Cel mai util pe care l-am gasit pana acum este cel de la Bitdefender http://download.bitdefender.com/resc...07_08_2008.iso cele de la Avira sau Kaspersky sunt mai criptice.

ai dreptate,am avut si AVG instalat....si kulmea,il dezinstalsem....
...apoi am instalat bitdefender 2009...ala deja imi facea figuri,nepermitand sa intru in jocuri online.Astfel l-am dezinstalat si pe asta...si am vrut sa instalez Kaspersky.Asta deja nicidecum nu se instala k cica aveam AVG8 pe pc,pe cand eu stiam sigur k-al dezinstalasem(dar nu stiam de treaba cu registry).

.....si intr-un bun sfarsit,am hotarat sa reinstalez Windows SP3,...si culmea,dupa ce m-am conectat la net...si cu prima incercare de a intra pe net prin IE7...pac,(Avira sta de paza)....iarasi virusu de mai sus.

nu mai stiu ce sa-i fac,chiar nu mai stiu.....
Sincer sa fiu,in momentu asta...scriind pe forum(akm am deschis pc-ul),ink n-am observat nici un atac,...sau poate o fi k am instalat niste update-uri pentru windows mai devreme.Am renuntat si la IE7 inlocuindu-l cu IE8.


n-am incercat ink cu Rescue CD....desi nu prea cred k o sa-mi fie de ajutor,dat fiind faptul k am instalat bitdefender aseara si imi facea figuri de numai vazusem pan akm.

Dupa lungi incercari (imi tot dadea eroare:"access violation address 00409942)Am instalat Malwarebytes Anti-Malware(dupa sfatul cuiva)...si uite rezultatul


Malwarebytes' Anti-Malware 1.31
Database version: 1499
Windows 5.1.2600 Service Pack 3

14.12.2008 17:49:57
mbam-log-2008-12-14 (17-49-52).txt

Scan type: Quick Scan
Objects scanned: 48955
Time elapsed: 2 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 68

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Init.exe (Rogue.Agent) -> No action taken.
C:\mesn.exe (Trojan.Agent) -> No action taken.
C:\Sys1.exe (Trojan.Agent) -> No action taken.
C:\Sys2.exe (Trojan.Agent) -> No action taken.
C:\Sys3.exe (Trojan.Agent) -> No action taken.
C:\Sys4.exe (Trojan.Agent) -> No action taken.
C:\Sys5.exe (Trojan.Agent) -> No action taken.
C:\Sys6.exe (Trojan.Agent) -> No action taken.
C:\Sys7.exe (Trojan.Agent) -> No action taken.
C:\Sys8.exe (Trojan.Agent) -> No action taken.
C:\Sys9.exe (Trojan.Agent) -> No action taken.
C:\Sys1.tmp (Trojan.Agent) -> No action taken.
C:\Sys2.tmp (Trojan.Agent) -> No action taken.
C:\Sys3.tmp (Trojan.Agent) -> No action taken.
C:\Sys4.tmp (Trojan.Agent) -> No action taken.
C:\Sys5.tmp (Trojan.Agent) -> No action taken.
C:\Sys6.tmp (Trojan.Agent) -> No action taken.
C:\Sys7.tmp (Trojan.Agent) -> No action taken.
C:\Sys8.tmp (Trojan.Agent) -> No action taken.
C:\Sys9.tmp (Trojan.Agent) -> No action taken.
C:\vxqh.exe (Trojan.Agent) -> No action taken.
C:\boot.inx (Trojan.Agent) -> No action taken.
C:\xmss.exe (Trojan.Agent) -> No action taken.
C:\mkbr.exe (Trojan.Agent) -> No action taken.
C:\mstc.exe (Trojan.Agent) -> No action taken.
C:\zcom.exe (Trojan.Agent) -> No action taken.
C:\kcxl.exe (Trojan.Agent) -> No action taken.
C:\jllw.exe (Trojan.Agent) -> No action taken.
C:\djwv.exe (Trojan.Agent) -> No action taken.
C:\gaku.exe (Trojan.Agent) -> No action taken.
C:\vgij.exe (Trojan.Agent) -> No action taken.
C:\vFFa.exe (Trojan.Agent) -> No action taken.
C:\pwcp.exe (Trojan.Agent) -> No action taken.
C:\ftnc.exe (Trojan.Agent) -> No action taken.
C:\ijuy.exe (Trojan.Agent) -> No action taken.
C:\fonx.exe (Trojan.Agent) -> No action taken.
C:\rhol.exe (Trojan.Agent) -> No action taken.
C:\ipkc.exe (Trojan.Agent) -> No action taken.
C:\feva.exe (Trojan.Agent) -> No action taken.
C:\waxx.exe (Backdoor.Bot) -> No action taken.
C:\smss.exe (Trojan.Agent) -> No action taken.
C:\iiyv.exe (Trojan.Agent) -> No action taken.
C:\paxs.exe (Trojan.Agent) -> No action taken.
C:\idfq.exe (Trojan.Agent) -> No action taken.
C:\mstn.exe (Trojan.Agent) -> No action taken.
C:\opgr.exe (Trojan.Agent) -> No action taken.
C:\jghp.exe (Trojan.Agent) -> No action taken.
C:\nfiu.exe (Trojan.Agent) -> No action taken.
C:\xmop.exe (Trojan.Agent) -> No action taken.
C:\ihso.exe (Trojan.Agent) -> No action taken.
C:\ator.exe (Trojan.Agent) -> No action taken.
C:\akts.exe (Trojan.Agent) -> No action taken.
C:\Tbfb.exe (Trojan.Agent) -> No action taken.
C:\asdf.dll (Trojan.Agent) -> No action taken.
C:\jriy.exe (Trojan.Agent) -> No action taken.
C:\Ufst.exe (Trojan.Agent) -> No action taken.
C:\boot.bin (Malware.Trace) -> No action taken.
C:\!!!!.exe (Trojan.Agent) -> No action taken.
C:\0xf9.exe (Trojan.Agent) -> No action taken.
C:\syst.exe (Trojan.Downloader) -> No action taken.
C:\empa.exe (Trojan.FakeAlert) -> No action taken.
C:\mpdx.exe (Trojan.FakeAlert) -> No action taken.
C:\atct.exe (Adware.SurfAssistant) -> No action taken.
C:\mrqt.exe (Adware.SurfAssistant) -> No action taken.
C:\uxnc.exe (Trojan.Vundo) -> No action taken.
C:\wgpo.exe (Trojan.Vundo) -> No action taken.
C:\lich.exe (Rootkit.Agent) -> No action taken.
C:\lich.sys (Rootkit.Agent) -> No action taken.


akm sa-mi spuna cineva,daca pot sa le sterg??...