Jump to content

SUBIECTE NOI
« 1 / 5 »
RSS
Rename SQL column

Achiziționare tuner TV !

Din ce este facuta terasa asta?

Cum accesez site-ul CNAS ?
 Algoritm simplu de calculare al u...

Bitdefender Total Security ș...

casa verde 2024

Intrerupator cu N - doza doar cu ...
 Incalzire casa fara gaz/lemne

Incalzire in pardoseala etapizata

Suprataxa card energie?!

Cum era nivelul de trai cam din a...
 probleme cu ochelarii

Impozite pe proprietati de anul v...

teava rezistenta panou apa calda

Acces in Curte din Drum National
 

HijackThis - George994

- - - - -
  • Please log in to reply
13 replies to this topic

#1
George994

George994

    New Member

  • Grup: Junior Members
  • Posts: 21
  • Înscris: 24.01.2015

Quote

Logfile of Trend Micro HiJackThis v2.0.4
Scan saved at 10:52:21, on 24/01/2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\CTFMON.EXE
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winotrmh.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wincffca.exe
C:\DOCUME~1\ADMINI~1\MYDOCU~1\DOWNLO~1\HIJACK~1.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?ilc=8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: uNIsailees - {51329fd6-61d5-47e0-89c5-94c90009d87a} - C:\Program Files\uNIsailees\y1HL76sCv2iq09.dll
O2 - BHO: unisAilleS - {b7817acf-4c94-4f55-8e40-28a954e7b8ab} - C:\Program Files\unisAilleS\w1vtIc4HDb4zU2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo (User 'Default user')
O4 - Startup: Metin2Mod_PL_16012015.exe.lnk = C:\Documents and Settings\All Users\Application Data\{aa1a5bbc-966a-e353-aa1a-a5bbc9666ef2}\Metin2Mod_PL_16012015.exe.exe
O4 - Startup: MobberHack_Ultimate_v5.rar.lnk = C:\Documents and Settings\All Users\Application Data\{18054475-f719-5774-1805-54475f7111d7}\MobberHack_Ultimate_v5.rar.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: RailNotification - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 3889 bytes

Calculatorul merge foarte greu, cand vreau sa descarc ceva se opreste intre 95 - 99%, iar cand descarc ceva arhivat imi spune No archivest fond.

Edited by George994, 24 January 2015 - 23:07.


#2
Nero-d

Nero-d

    je m'en fiche/pohui

  • Grup: Senior Members
  • Posts: 20,138
  • Înscris: 30.01.2004
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winotrmh.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wincffca.exe

astea nici google nu stie ce e
ar fi bine sa incepi cu ele :)

#3
George994

George994

    New Member

  • Grup: Junior Members
  • Posts: 21
  • Înscris: 24.01.2015
Nu ma lasa sa le sterg.

Edited by George994, 24 January 2015 - 23:33.


#4
Nero-d

Nero-d

    je m'en fiche/pohui

  • Grup: Senior Members
  • Posts: 20,138
  • Înscris: 30.01.2004
ma bucur
click dreapta pe taskbar > task manager > tabul proceses
gasesti chestiile alea doua, selectezi, apesi stop process si confirmi
dupa care mergi pe calea respectiva ( C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
si stergi fisierele alea... poti sa stergi tot din temp
dupa care mai vorbim

un scann cu un antivirus sau malwarebites ai dat?

#5
George994

George994

    New Member

  • Grup: Junior Members
  • Posts: 21
  • Înscris: 24.01.2015
Nu am antivirus si nu am cum sa iau unul pentru ca nu poot sa descarc nimic.

#6
George994

George994

    New Member

  • Grup: Junior Members
  • Posts: 21
  • Înscris: 24.01.2015
Ma ajuta si pe mine cineva?

#7
Nero-d

Nero-d

    je m'en fiche/pohui

  • Grup: Senior Members
  • Posts: 20,138
  • Înscris: 30.01.2004
cam cum ai vrea sa te ajute? ce ai vrea sa-ti faca?
sa-ti dau eu mintea mea?!? nu pot
prin telepatie?

Edited by Nero-d, 25 January 2015 - 01:27.


#8
myshyk

myshyk

    Guru Member

  • Grup: Senior Members
  • Posts: 21,812
  • Înscris: 26.11.2006

View PostGeorge994, on 24 ianuarie 2015 - 23:40, said:

Nu am antivirus si nu am cum sa iau unul pentru ca nu poot sa descarc nimic.

Instaleaza un antivirus, malware, adw cleaner pe un stick si ruleaza-l de pe acela.

Edited by myshyk, 25 January 2015 - 02:48.


#9
George994

George994

    New Member

  • Grup: Junior Members
  • Posts: 21
  • Înscris: 24.01.2015
Am dat o scanare cu malware, mi-a gasit 19 virusi, am dat sa-i stearga, iar acum nu mai pot intra pe nimic imi apare ca si cum as fi dat open with

#10
myshyk

myshyk

    Guru Member

  • Grup: Senior Members
  • Posts: 21,812
  • Înscris: 26.11.2006
Mai repeta scanarea, eventual cu Adwcleaner,JRT_NEW,...
Intra in safe mode si verifica de acolo ce ai in plus.

Edited by myshyk, 25 January 2015 - 09:43.


#11
George994

George994

    New Member

  • Grup: Junior Members
  • Posts: 21
  • Înscris: 24.01.2015
Am scanat iar cu malware si am rezolvat problema cu open with, dar problema cu descarcatul nu i-am dat de cap.

#12
glob2droid

glob2droid

    Junior Member

  • Grup: Members
  • Posts: 57
  • Înscris: 29.12.2013
Imi miroase a Sality!Posted Image

#13
George994

George994

    New Member

  • Grup: Junior Members
  • Posts: 21
  • Înscris: 24.01.2015
Cand am scanat cu malware a detectat 2 sality, dar i-am eliminat..... si tot nu merge

#14
George994

George994

    New Member

  • Grup: Junior Members
  • Posts: 21
  • Înscris: 24.01.2015
De ce tot persista problema cu open with?
Cand dau o scanare cu antivirusul imi gaseste virusi ii sterg, iar apoi apare problema cu open with

Anunturi

Bun venit pe Forumul Softpedia!

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Forumul Softpedia foloseste "cookies" pentru a imbunatati experienta utilizatorilor Accept
Pentru detalii si optiuni legate de cookies si datele personale, consultati Politica de utilizare cookies si Politica de confidentialitate