HijackThis-mihai

Logfile of Trend Micro HiJackThis v2.0.4
Scan saved at 8:31:34 PM, on 9/4/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\programs files\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Mihai\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PWRISOVM.EXE] E:\programs files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ QQPCTray] "C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCTRAY.EXE" /regrun /qqrepair
O4 - HKLM\..\Run: [RSDTRAY] "C:\Program Files (x86)\Rising\RSD\popwndexe.exe"
O4 - HKLM\..\Run: [RavTRAY] "C:\Program Files (x86)\Rising\RAV\RSTRAY.EXE" -system
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_5745444199F9D8D65702398926FE4E79] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ctfmon] C:\Windows\system32\ctfmon.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {03AE1B7B-A9E7-4D5A-9D34-89999C31B659} - (no file)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\ProgramData\SecurityUtility\SecurityUtility32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8686 bytes

Si care-i problema?
Suspicios e:

Quote

am o eroare cand aprin windows-ul si nu stiu cei cu ea....am curatat sistemul de 'chinezoi' si la propriu si la figurat....si nu stiu cum sa scap si de eroarea aia.... am sa revin cu prtsc

asta e eroarea

http://imgur.com/qO0rx6Y

Edited by cmihai89, 05 September 2015 - 20:49.

Hai sa vedem, cum te pot ajuta.


Descarca si salveaza Farbar Recovery Scan Tool, pe Desktop.
Dublu click pe FRST.exe pentru al rula.[ http://s4.postimg.org/b7b2g838p/Frst1.png - Pentru incarcare in pagina (embed) Click aici ]
Pentru Windows Vista sau Windows7,Windows8
click dreapta, selecteaza Run as administrator.
Click pe Yes.

[ http://s27.postimg.org/yzw6sw783/FRST2.png - Pentru incarcare in pagina (embed) Click aici ]

Click pe Scan.

[ http://s4.postimg.org/69q3ljvgt/Frst5.jpg - Pentru incarcare in pagina (embed) Click aici ]

La terminare vor apare 2 ferestre de Notepad - FRST.txt si Addition.txt.

Ataseaza FRST.txt si Addition.txt in urmatorul raspuns.

[ http://s30.postimg.org/m4ozfqfpt/ataseaza.jpg - Pentru incarcare in pagina (embed) Click aici ]

salut.

acestea sunt fisierele

1. Descarca si salveaza fixlist.txt.   =>    fixlist.txt   5.93K   6 downloads

Atentie,fixlist.txt, trebuie salvat in aceiasi locatie cu FRST.exe

2. Ruleaza din nou Farbar Recovery Scan Tool.

Dublu click pe FRST.exe pentru al rula.[ http://s4.postimg.org/b7b2g838p/Frst1.png - Pentru incarcare in pagina (embed) Click aici ]
Pentru Windows Vista sau Windows7,Windows8
click dreapta, selecteaza Run as administrator.
Click pe Yes.

[ http://s27.postimg.org/yzw6sw783/FRST2.png - Pentru incarcare in pagina (embed) Click aici ]

Click pe Fix.

[ http://s22.postimg.org/bzzjtg0ap/FRST4.jpg - Pentru incarcare in pagina (embed) Click aici ]

Ataseaza logul in urmatorul raspuns.

[ http://s30.postimg.org/m4ozfqfpt/ataseaza.jpg - Pentru incarcare in pagina (embed) Click aici ]

3. Descarca AdwCleaner  sau AdwCleaner by Xplode pe Desktop.
Dublu click pe AdwCleaner.exe pentru al rula.
Pentru Windows Vista sau Windows7,Windows8
click dreapta, selecteaza Run as administrator.
Click pe Scan.
Asteapta sa termine de cautat, click pe Clean.
Dupa ce termina de curatat, apasa pe Report.
Posteaza continutul fisierului aici.
Logul se gaseste in C:\AdwCleaner[Sn].txt (n este un numar).

[ http://s3.postimg.org/tfjxm09qr/Adw_C.png - Pentru incarcare in pagina (embed) Click aici ]

4. Descarca si salveaza pe Desktop Junkware Removal Tool.
Inchide toate programele care ruleaza.
Pentru Windows Vista sau Windows7,Windows8
click dreapta, selecteaza Run as administrator.
Scaneaza cu el.
Ai rabdare cu el, dureaza putin mai mult.
Posteaza logul aici.

[ http://s7.postimage.org/z2rwy800r/JRT.jpg - Pentru incarcare in pagina (embed) Click aici ]


5 Deschide Malwarebytes Anti-Malware, faci update si scaneaza cu el.

Edited by MhG_40, 06 September 2015 - 11:59.

salut.


imi cer scuze ca n-am mai raspuns...dar cand sa aprind ultima data leptopul, a ramas blocat pe logo-ul Lenovo si acum este in service sa vedem ce  are.

multumesc foarte mult pentru ajutor!!!


PS:Am sa revin cu un review dupa ce iese din service