Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

troyan


  • This topic is locked This topic is locked
9 replies to this topic

#1 Yohonon

Yohonon

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 25 June 2012 - 02:46 PM

The access for my social network is locked.

Attached File  MBRCheck_06.25.12_22.08.07.txt   17.25KB   0 downloads



Attached File  DDS.txt   32.45KB   3 downloads

Attached File  gmer.log   7.8KB   0 downloads


Edited by Orange Blossom, 25 June 2012 - 04:40 PM.


BC AdBot (Login to Remove)

 


#2 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:45 AM

Posted 28 June 2012 - 02:57 PM

Hello and welcome to BleepingComputer! :)



I am Elle and I will be helping you out with your problem. Firstly, you should know that we are working with specific tools which are used to identify the possible threats present on your system so I will analyze the results they produce.


As a start we need to have some more up-to-date logs than the ones you have already provided. The current state of the files on your system might have changed so we need to get a clear look on that aspect. DO NOT bring any changes to the system except the ones I tell you to as that may produce more damage than helping us.

If you will encounter a delay of over 2 days from me, please don't hesitate and private message me (link in the signature).
Do not forget to check your topic periodically and subscribe to it so that you can receive notifications regarding my replies.



Please generate another DDS log (download it from here if you haven't already) and post it in your next reply along with other changes that may have occured since you last posted.
Also download and run GMER from this link: GMER download link.



Thank you very much for your patience.




Regards,

Elle
Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#3 Yohonon

Yohonon
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 29 June 2012 - 07:48 AM

Thank you. I can't check all the boxes in the Gmer interface (see the picture in attach).

Attached Files



#4 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:45 AM

Posted 01 July 2012 - 05:24 AM

Hi there,


Click "start" on the taskbar and then click on the "Control Panel" icon.
Please doubleclick the "Add or Remove Programs" icon
A list of programs installed will be "populated" this may take a bit of time.
If they exist, uninstall the following by clicking on the following entries and selecting "remove":

Anything Yandex related.

Additional instructions can be found here if needed.


========================================================================


Also, please tell us what your problems are.




Elle
Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#5 Yohonon

Yohonon
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 03 July 2012 - 01:20 PM

O no. Yandex is a program like dropbox.
http://disk.yandex.com/

Edited by Yohonon, 03 July 2012 - 03:59 PM.


#6 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:45 AM

Posted 04 July 2012 - 02:27 PM

Well, ok, I mistook the page you screenshot in your first post with yandex.ru. I truly apologize.

Now please describe your remaining problems.





Elle
Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#7 Yohonon

Yohonon
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 04 July 2012 - 04:11 PM

I have malware which blocks access to this site: http://vk.com.
It's not detected by any AV-programs.
When I'm trying to enter on the site, appears this window (see attach). I also can show you source code of this window. My host file is ok. Traceroute to this site is good:
( 1 3 ms 1 ms 1 ms 192.168.1.1
2 1 ms 1 ms 1 ms 10.100.239.1
3 3 ms 3 ms 3 ms comcor.progtech.ru [82.138.6.1]
4 6 ms 7 ms 7 ms iki-crs.comcor.ru [62.117.100.73]
5 59 ms 12 ms 12 ms 178.18.224.203.spb.peering.dataix.ru [178.18.224
203]
6 12 ms 16 ms 12 ms srv209-131.vkontakte.ru [87.240.191.209]
7 13 ms 12 ms 13 ms srv246-131.vkontakte.ru [87.240.191.246]
8 * * * Request timed out.
9 13 ms 13 ms 13 ms srv246-224.vkontakte.ru [93.186.224.246])

Attached Files



#8 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:45 AM

Posted 05 July 2012 - 04:13 PM

Hi there,


The problem you are encountering is not caused by malware by any means as the logs are clean. It is related to the administration of the mentioned site which is better to contact in such cases as we are not entitled to know the source of this matter.


Do you encounter any other problems?




Elle
Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#9 Yohonon

Yohonon
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 05 July 2012 - 04:46 PM

My apologies because of you absolutely right. I met with the same thing, but it was cased by virus which changed the host file. Thank you for your patience and my paranoia.)

#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,917 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:45 AM

Posted 06 July 2012 - 02:36 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users