Neurochirurgie minim invazivă
"Primum non nocere" este ideea ce a deschis drumul medicinei spre minim invaziv. Avansul tehnologic extraordinar din ultimele decenii a permis dezvoltarea tuturor domeniilor medicinei. Microscopul operator, neuronavigația, tehnicile anestezice avansate permit intervenții chirurgicale tot mai precise, tot mai sigure. Neurochirurgia minim invazivă, sau prin "gaura cheii", oferă pacienților posibilitatea de a se opera cu riscuri minime, fie ele neurologice, infecțioase, medicale sau estetice. www.neurohope.ro |
...troieni pe capul meu...
Last Updated: Aug 26 2004 16:14, Started by
Nicanor
, Aug 25 2004 09:04
·
0
#1
Posted 25 August 2004 - 09:04
Infected Exploit.ADODB.Stream.C
Infected VBS.Trojan.Psyme.W Infected Trojan.Downloader.Small.KR ...cam asta imi spune bitdefenderu fara sa le faca nimic. am dat si cu adaware si spybot. ca efecte simtite: pe internet ma baga automat pe un site iar ca sa deschid explorerul imi ia 1 minut. pe ultimul am reusit sa-l bag in carantina si sa-l sterg (oare?)... uite si logul C:IBMTOOLSAPPSNORTONAVSUPPORTNAVTOOLSREPAIRKILL_CIH.EXE Suspect Win95.FileInfector C:IBMTOOLSAPPSNORTONAVSUPPORTNAVTOOLSREPAIRKILL_CIH.EXE Disinfection failed C:IBMTOOLSAPPSNORTONAVSUPPORTNAVTOOLSREPAIRKILL_CIH.EXE Moved C:WINNTmsxmidi.exe Infected Trojan.Downloader.Small.KR C:WINNTmsxmidi.exe Disinfection failed C:WINNTmsxmidi.exe Moved C:Documents and SettingsciprianLocal SettingsTemporary Internet FilesContent.IE5I98JM1I5exploit[1].chm=>/exploit.htm Infected VBS.Trojan.Psyme.W C:Documents and SettingsciprianLocal SettingsTemporary Internet FilesContent.IE5I98JM1I5exploit[1].chm=>/exploit.htm Disinfection failed C:Documents and SettingsciprianLocal SettingsTemporary Internet FilesContent.IE5I98JM1I5exploit[1].chm=>/exploit.htm Move failed C:Documents and SettingsciprianLocal SettingsTemporary Internet FilesContent.IE5WPER0D6Fonline[1].chm=>/1.htm Infected Exploit.ADODB.Stream.C C:Documents and SettingsciprianLocal SettingsTemporary Internet FilesContent.IE5WPER0D6Fonline[1].chm=>/1.htm Disinfection failed C:Documents and SettingsciprianLocal SettingsTemporary Internet FilesContent.IE5WPER0D6Fonline[1].chm=>/1.htm Move failed Scanned files |
#2
Posted 25 August 2004 - 09:23
Pentru intarzierea Internet Explorerului este vinovat MsxMidi (Hijacker & Dropper).
Inchide Internet Explorer. Goleste fisierele temporare din MSIE: In "Start" => "Run" tasteaza "cleanmgr" (fara ghilimele). Apasa OK si in ferastra care apare bifeaza astea doua: - Temporary Internet Files - Temporary Files Fa o dezinfectie online la TrendMicro: http://housecall.trendmicro.com/ Daca mai ai probleme da un semn. |
#3
Posted 25 August 2004 - 09:29
Ai incercat sa stergi temporary internet files? adica tocmai acolo unde le gaseste. Daca nu merg unele fisiere sterse incearca din safe mode.
Si incearca sa scanezi si cu CWshredder. |
#4
Posted 25 August 2004 - 09:33
Anakyn13, CWshredder se foloseste numai pentru parazitul CoolWebSearch.
|
#5
Posted 25 August 2004 - 09:45
golisem din internetexplorer/tools temporalele,cookiesurile, chiar si historyul. le-am sters si in safemode.
am dat acum si din run si incerc si cu situl acela desi cred ca nu o sa ma lase proxyul. revin... |
#6
Posted 25 August 2004 - 09:49
Pentru Exploitul ADODB exista un patch si un workaround.
Critical Patch Available for ADODB Vulnerability How to disable the ADODB.Stream object from Internet Explorer |
#7
Posted 25 August 2004 - 12:17
...am re-scanat cu bitdef. n-a gasit nimic !!??
aceeasi problema insa pe internet, se deschide greu si automat pe aceeasi pagina, indiferent de ce ii setez. cum de nu au mai aparut Psyme sau Adodb habar nu am, ieri s-a caznit inginerul de sistem si nu a reusit sa faca nimic. o sa-i mai dau o scanare ... |
#8
Posted 25 August 2004 - 12:20
#9
Posted 26 August 2004 - 07:29
...cam asa e, bitdefenderul zice ca totul e clean.
dar au ramas efectele adica expl. si i-expl. se deschid greu iar i-expl se deschide pe aceeasi pagina indiferent de setari (culmea , pe pagina esti anuntat ca este infectat pc si trebe sa dwnl de la ei...) Logfile of HiJackThis v1.98.2 Scan saved at 08:26:08, on 26.08.2004 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:WINNTSystem32smss.exe C:WINNTsystem32winlogon.exe C:WINNTsystem32services.exe C:WINNTsystem32lsass.exe C:WINNTsystem32svchost.exe C:WINNTsystem32spoolsv.exe C:WINNTsystem32crypserv.exe C:WINNTSystem32svchost.exe C:WINNTrunservice.exe C:WINNTSystem32NMSSvc.exe C:WINNTSystem32nvsvc32.exe C:WINNTsystem32regsvc.exe C:WINNTsystem32MSTask.exe C:WINNTsystem32stisvc.exe C:WINNTSystem32WBEMWinMgmt.exe C:WINNTSystem32mspmspsv.exe C:WINNTsystem32svchost.exe C:Program FilesCommon FilesSoftwinBitDefender Communicatorxcommsvr.exe C:Program FilesCommon FilesSoftwinBitDefender Local Managerbdlm.exe C:Program FilesCommon FilesSoftwinBitDefender Scan Serverbdss.exe C:Program FilesSoftwinBitDefender Standard Editionvsserv.exe C:WINNTExplorer.EXE C:WINNTsystem32Smtray.exe C:WINNTsystem32internat.exe C:Program FilesMicrosoft OfficeOfficeOSA.EXE C:PROGRAM FILESIBMCLIENT ACCESSEMULATORpcsws.exe C:PROGRAM FILESIBMCLIENT ACCESSEMULATORPCSCM.EXE C:PROGRA~1IBMCLIENT~1cwblmsrv.exe C:PROGRAM FILESIBMCLIENT ACCESSEMULATORpcsws.exe C:PROGRAM FILESIBMCLIENT ACCESSEMULATORpcsws.exe C:Program FilesInternet ExplorerIEXPLORE.EXE C:Program FilesSoftwinBitDefender Standard Editionbdmcon.exe C:Documents and SettingsciprianDesktophijackthisHijackThis.exe R1 - HKCUSoftwareMicrosoftInternet Explorer,Search = http://bigbr.cc (obfuscated) R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchURL = http://bigbr.cc (obfuscated) R1 - HKLMSoftwareMicrosoftInternet Explorer,Search = http://bigbr.cc (obfuscated) R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://bigbr.cc (obfuscated) R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://bigbr.cc (obfuscated) R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = file://C:DOCUME~1ciprianLOCALS~1Tempsp.html R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = file://C:DOCUME~1ciprianLOCALS~1Tempsp.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://lookfor.cc?pin=29126 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://bigbr.cc (obfuscated) R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = file://C:DOCUME~1ciprianLOCALS~1Tempsp.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = file://C:DOCUME~1ciprianLOCALS~1Tempsp.html R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = file://C:DOCUME~1ciprianLOCALS~1Tempsp.html R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = http://bigbr.cc (obfuscated) R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = file://C:DOCUME~1ciprianLOCALS~1Tempsp.html R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = http://bigbr.cc (obfuscated) R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = about:blank R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings F3 - REG:win.ini: run=C:WINNTsystem32serviceswmplayer.exe O1 - Hosts: xxx.xxx.xxx.xxx PROD O1 - Hosts: xxx.xxx.xxx.xxx BACKUP O1 - Hosts: xxx.xxx.xxx.xxx BRASOV O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx O2 - BHO: (no name) - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll O2 - BHO: (no name) - {A66A3E46-E099-4E8A-AF8D-8C7E8003DC55} - C:WINNTsystem32bemjp.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINNTSystem32msdxm.ocx O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINNTSystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [tourpath] regedit /s c:winnttour.reg O4 - HKLM..Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM..Run: [Client Access Service] "C:Program FilesIBMClient AccessCwbSvStr.Exe" O4 - HKLM..Run: [Client Access Help Update] "C:Program FilesIBMClient Accesscwbinhlp.exe" O4 - HKLM..Run: [Client Access Check Version] "C:Program FilesIBMClient Accesscwbckver.exe" LOGIN O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [Smapp] Smtray.exe O4 - HKLM..Run: [timerecorder.exe] C:Program Files2UTimeRecordertimerecorder.exe O4 - HKLM..Run: [SpeedyPDF] C:Program FilesSpeedyPDFspdfload.exe O4 - HKLM..Run: [xpsystem] C:WINNTsystem32serviceswmplayer.exe O4 - HKLM..Run: [BDSwitchAgent] C:Program FilesSoftwinBitDefender Standard Editionbdswitch.exe O4 - HKCU..Run: [internat.exe] internat.exe O4 - HKCU..Run: [xpsystem] C:WINNTsystem32serviceswmplayer.exe O4 - Startup: PowerReg Scheduler.exe O4 - Global Startup: Office Startup.lnk = C:Program FilesMicrosoft OfficeOfficeOSA.EXE O4 - Global Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft OfficeOfficeFINDFAST.EXE O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe O8 - Extra context menu item: Save Flash - res://C:Program FilesUnH SolutionsFlash Saving PluginFlashSButton.dll/210 O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - (no file) (HKCU) O12 - Plugin for .mov: C:Program FilesInternet ExplorerPLUGINSnpqtplugin.dll O12 - Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll O13 - Home Prefix: http://%62%69%67%62%72%2E%63%63?error= O13 - Mosaic Prefix: http://%62%69%67%62%72%2E%63%63?error= O15 - Trusted Zone: *.05p.com O15 - Trusted Zone: *.clickspring.net O15 - Trusted Zone: *.mt-download.com O15 - Trusted Zone: *.my-internet.info O15 - Trusted Zone: *.scoobidoo.com O15 - Trusted Zone: *.searchmiracle.com O16 - DPF: {10000030-1000-0000-1000-000000000000} - its:mhtml:file://c:MAIN.MHT!http://zloeboogle.bi...id=3301::/x.exe O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:RecycledQ330995.exe O16 - DPF: {11311111-1111-1111-1111-11111121115F} - file://C:RecycledQ383301.exe O16 - DPF: {93B52CD5-EDFF-4405-8975-754100710FD5} (GameLauncher Control) - http://www.linkmania...amelauncher.cab O18 - Filter: text/html - {2C67D7A0-EB0E-4635-839C-98CAB9438541} - C:WINNTsystem32bemjp.dll O18 - Filter: text/plain - {2C67D7A0-EB0E-4635-839C-98CAB9438541} - C:WINNTsystem32bemjp.dll |
#10
Posted 26 August 2004 - 07:43
Anakyn13 a avut o presimitire .
Oricum nu recomand CWshredder, decat daca parazitul e identificat corect. CWShredder poate face si rau. Download CWShredder executa-l si apasa Fix (nu Scan). Reboot si posteaza un nou log sa vedem daca reuseste sa-l scoata si daca mai ramane ceva. BitDefender nu poate scoate asta, nici nu stiu daca il identifica. Daca CWShredder pare sa nu functioneze, download CoolWebSearch.Smartkiller (v1/v2) Miniremoval Tool, executa-l pe asta mai intai si CWShredder ar trebui sa functioneze normal dupa asta. |
|
#12
Posted 26 August 2004 - 07:52
Asta e de azi ? Daca e de azi, posteaza un nou log HJT te rog. Pe la 9.30 ajung la job si il preiau de acolo.
|
#13
Posted 26 August 2004 - 07:53
...si cica sa-mi reinstalez mediaplayerul. mi-e teama ca boala mpului se trage de la ultimul acemegacodec (fara de care nu am putut deschide troy).
|
#14
Posted 26 August 2004 - 07:55
Nu reinstala inca nimic pana cand logul HJT nu e curat. Cauta sa nu te plimbi pe net daca e posbil. Daca ai folosit CWshredder acum posteaza te rog un nou log HJT.
|
#15
Posted 26 August 2004 - 08:03
...am bootat. cica nu mai am mediaplayer, s-a sters ceva in registrii. aceleasi efecte si uite logul:
Logfile of HiJackThis v1.98.2 Scan saved at 09:03:42, on 26.08.2004 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:WINNTSystem32smss.exe C:WINNTsystem32winlogon.exe C:WINNTsystem32services.exe C:WINNTsystem32lsass.exe C:WINNTsystem32svchost.exe C:WINNTsystem32spoolsv.exe C:WINNTsystem32crypserv.exe C:WINNTSystem32svchost.exe C:WINNTrunservice.exe C:WINNTSystem32NMSSvc.exe C:WINNTSystem32nvsvc32.exe C:WINNTsystem32regsvc.exe C:WINNTsystem32MSTask.exe C:WINNTsystem32stisvc.exe C:WINNTSystem32WBEMWinMgmt.exe C:WINNTSystem32mspmspsv.exe C:WINNTsystem32svchost.exe C:Program FilesCommon FilesSoftwinBitDefender Communicatorxcommsvr.exe C:Program FilesCommon FilesSoftwinBitDefender Local Managerbdlm.exe C:Program FilesCommon FilesSoftwinBitDefender Scan Serverbdss.exe C:Program FilesSoftwinBitDefender Standard Editionvsserv.exe C:WINNTExplorer.EXE C:WINNTsystem32Smtray.exe C:WINNTsystem32internat.exe C:Program FilesMicrosoft OfficeOfficeOSA.EXE C:WINNTsystem32taskmgr.exe C:Program FilesInternet ExplorerIEXPLORE.EXE C:Documents and SettingsciprianDesktophijackthisHijackThis.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = file://C:DOCUME~1ciprianLOCALS~1Tempsp.html R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = file://C:DOCUME~1ciprianLOCALS~1Tempsp.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = file://C:DOCUME~1ciprianLOCALS~1Tempsp.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = file://C:DOCUME~1ciprianLOCALS~1Tempsp.html R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = file://C:DOCUME~1ciprianLOCALS~1Tempsp.html R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = file://C:DOCUME~1ciprianLOCALS~1Tempsp.html R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = about:blank R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,F3 - REG:win.ini: run=C:WINNTsystem32serviceswmplayer.exe O1 - Hosts: xxx.xxx.xxx.xxx PROD O1 - Hosts: xxx.xxx.xxx.xxx BACKUP O1 - Hosts: xxx.xxx.xxx.xxx BRASOV O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx O2 - BHO: (no name) - {1D209094-9986-4267-8BD2-B7BEDADFDE59} - C:WINNTsystem32bemjp.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINNTSystem32msdxm.ocx O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINNTSystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [tourpath] regedit /s c:winnttour.reg O4 - HKLM..Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM..Run: [Client Access Service] "C:Program FilesIBMClient AccessCwbSvStr.Exe" O4 - HKLM..Run: [Client Access Help Update] "C:Program FilesIBMClient Accesscwbinhlp.exe" O4 - HKLM..Run: [Client Access Check Version] "C:Program FilesIBMClient Accesscwbckver.exe" LOGIN O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [Smapp] Smtray.exe O4 - HKLM..Run: [timerecorder.exe] C:Program Files2UTimeRecordertimerecorder.exe O4 - HKLM..Run: [SpeedyPDF] C:Program FilesSpeedyPDFspdfload.exe O4 - HKLM..Run: [BDSwitchAgent] C:Program FilesSoftwinBitDefender Standard Editionbdswitch.exe O4 - HKCU..Run: [internat.exe] internat.exe O4 - Startup: PowerReg Scheduler.exe O4 - Global Startup: Office Startup.lnk = C:Program FilesMicrosoft OfficeOfficeOSA.EXE O4 - Global Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft OfficeOfficeFINDFAST.EXE O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe O8 - Extra context menu item: Save Flash - res://C:Program FilesUnH SolutionsFlash Saving PluginFlashSButton.dll/210 O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - (no file) (HKCU) O12 - Plugin for .mov: C:Program FilesInternet ExplorerPLUGINSnpqtplugin.dll O12 - Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll O15 - Trusted Zone: *.05p.com O15 - Trusted Zone: *.clickspring.net O15 - Trusted Zone: *.mt-download.com O15 - Trusted Zone: *.my-internet.info O15 - Trusted Zone: *.scoobidoo.com O15 - Trusted Zone: *.searchmiracle.com O16 - DPF: {10000030-1000-0000-1000-000000000000} - its:mhtml:file://c:MAIN.MHT!http://zloeboogle.bi...id=3301::/x.exe O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:RecycledQ330995.exe O16 - DPF: {11311111-1111-1111-1111-11111121115F} - file://C:RecycledQ383301.exe O16 - DPF: {93B52CD5-EDFF-4405-8975-754100710FD5} (GameLauncher Control) - http://www.linkmania...amelauncher.cab O18 - Filter: text/html - {D920B216-40E0-4E90-A698-6AE0A9D9519C} - C:WINNTsystem32bemjp.dll O18 - Filter: text/plain - {D920B216-40E0-4E90-A698-6AE0A9D9519C} - C:WINNTsystem32bemjp.dll |
|
#16
Posted 26 August 2004 - 08:55
OK, acum a devenit mai clar ce este. Admin de la tine stie ce faci ? Ai drepturi de administrator pe workstation ? Poti intra in Safe Mode ?
|
#18
Posted 26 August 2004 - 09:33
OK, sa-l scoatem mai intai pe W32. Agabot. Te rog anunta-l pe adminul tau ca ai avut acest worm. E posibil sa mai fie si pe alte statii de lucru.
Printeaza instructiunile astea. A. Intra in Safe Mode (metoda F8) 1. Close all open programs. 2. Click Restart, and then click OK. 3. Watch the screen while it is still black. When you see the black-and-white Starting Windows bar at the bottom of the screen, start tapping the F8 key on your keyboard. The Windows 2000 Advanced Options Menu appears. 4. Ensure that the Safe mode option is selected. In most cases, it is the first item in the list and is selected by default. (If it is not selected, use the arrow keys on your keyboard to select it.) 5. Press Enter. The computer will start in Safe mode. This can take a few minutes. B. Deschide HiJackThis si bifeaza asta: F3 - REG:win.ini: run=C:WINNTsystem32serviceswmplayer.exe Apasa FIX. Inchide HJT. C. Asigura-te ca hidden files sunt vizibile: # Double-click My Computer. # Click the Tools menu, and then click Folder Options. # Click the View tab. # Clear "Hide file extensions for known file types." # Under the "Hidden files" folder, select "Show hidden files and folders." # Clear "Hide protected operating system files." # Click Apply, and then click OK. D. Apasa CRTL-ALT-DEL si opreste procesul wmplayer.exe daca il gesesti in Task Manager. E. Cauta si sterge acest fisier: C:WINNTsystem32serviceswmplayer.exe <-- acest fisier 6. Start --> Run --> tasteaza REGEDIT, apasa OK Cauta: HKLMSOFTWAREMicrosoftWindowsCurrentVersionRunWindows Media Player = wmplayer.exe si HKLMSOFTWAREMicrosoftWindowsCurrentVersionRunServicesWindows Media Player = wmplayer.exe Sterge in dreapta cheile: Windows Media Player = wmplayer.exe F. REBOOT normal si posteaza un nou log HJT. |
Anunturi
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users