HijackThis - George994
Last Updated: Jan 26 2015 00:58, Started by
George994
, Jan 24 2015 23:02
·
0
#1
Posted 24 January 2015 - 23:02
Quote Logfile of Trend Micro HiJackThis v2.0.4 Scan saved at 10:52:21, on 24/01/2015 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\CTFMON.EXE C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winotrmh.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wincffca.exe C:\DOCUME~1\ADMINI~1\MYDOCU~1\DOWNLO~1\HIJACK~1.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?ilc=8 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: uNIsailees - {51329fd6-61d5-47e0-89c5-94c90009d87a} - C:\Program Files\uNIsailees\y1HL76sCv2iq09.dll O2 - BHO: unisAilleS - {b7817acf-4c94-4f55-8e40-28a954e7b8ab} - C:\Program Files\unisAilleS\w1vtIc4HDb4zU2.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-18\..\Run: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo (User 'Default user') O4 - Startup: Metin2Mod_PL_16012015.exe.lnk = C:\Documents and Settings\All Users\Application Data\{aa1a5bbc-966a-e353-aa1a-a5bbc9666ef2}\Metin2Mod_PL_16012015.exe.exe O4 - Startup: MobberHack_Ultimate_v5.rar.lnk = C:\Documents and Settings\All Users\Application Data\{18054475-f719-5774-1805-54475f7111d7}\MobberHack_Ultimate_v5.rar.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - Winlogon Notify: RailNotification - Invalid registry found O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 3889 bytes Calculatorul merge foarte greu, cand vreau sa descarc ceva se opreste intre 95 - 99%, iar cand descarc ceva arhivat imi spune No archivest fond. Edited by George994, 24 January 2015 - 23:07. |
#2
Posted 24 January 2015 - 23:14
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winotrmh.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wincffca.exe astea nici google nu stie ce e ar fi bine sa incepi cu ele |
#3
Posted 24 January 2015 - 23:24
Nu ma lasa sa le sterg.
Edited by George994, 24 January 2015 - 23:33. |
#4
Posted 24 January 2015 - 23:33
ma bucur
click dreapta pe taskbar > task manager > tabul proceses gasesti chestiile alea doua, selectezi, apesi stop process si confirmi dupa care mergi pe calea respectiva ( C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp si stergi fisierele alea... poti sa stergi tot din temp dupa care mai vorbim un scann cu un antivirus sau malwarebites ai dat? |
#5
Posted 24 January 2015 - 23:40
Nu am antivirus si nu am cum sa iau unul pentru ca nu poot sa descarc nimic.
|
#7
Posted 25 January 2015 - 01:26
cam cum ai vrea sa te ajute? ce ai vrea sa-ti faca?
sa-ti dau eu mintea mea?!? nu pot prin telepatie? Edited by Nero-d, 25 January 2015 - 01:27. |
#8
Posted 25 January 2015 - 02:47
#9
Posted 25 January 2015 - 04:50
Am dat o scanare cu malware, mi-a gasit 19 virusi, am dat sa-i stearga, iar acum nu mai pot intra pe nimic imi apare ca si cum as fi dat open with
|
#10
Posted 25 January 2015 - 09:41
Mai repeta scanarea, eventual cu Adwcleaner,JRT_NEW,...
Intra in safe mode si verifica de acolo ce ai in plus. Edited by myshyk, 25 January 2015 - 09:43. |
|
#11
Posted 25 January 2015 - 17:12
Am scanat iar cu malware si am rezolvat problema cu open with, dar problema cu descarcatul nu i-am dat de cap.
|
#13
Posted 25 January 2015 - 21:33
Cand am scanat cu malware a detectat 2 sality, dar i-am eliminat..... si tot nu merge
|
#14
Posted 26 January 2015 - 00:58
De ce tot persista problema cu open with?
Cand dau o scanare cu antivirusul imi gaseste virusi ii sterg, iar apoi apare problema cu open with |
Anunturi
Bun venit pe Forumul Softpedia!
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users