![]() |
Second Opinion
Folosind serviciul second opinion ne puteți trimite RMN-uri, CT -uri, angiografii, fișiere .pdf, documente medicale. Astfel vă vom putea da o opinie neurochirurgicală, fără ca aceasta să poată înlocui un consult de specialitate. Răspunsurile vor fi date prin e-mail în cel mai scurt timp posibil (de obicei în mai putin de 24 de ore, dar nu mai mult de 48 de ore). Second opinion – Neurohope este un serviciu gratuit. www.neurohope.ro |
Hijakthis - ancasd
Last Updated: Jan 07 2013 18:13, Started by
ancasd
, Dec 29 2012 22:05
·
0
![](https://forum.softpedia.com//public/style_images/classic/icon_users.png)
#19
Posted 05 January 2013 - 14:54
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Am revenit...stiu ca am spus ca revin de ieri,insa nu am putut ...daca mai esti dispus sa ma ajuti...astept sa imi spui ceea ce trebuie sa fac
|
#22
Posted 05 January 2013 - 17:43
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Explica-mi, te rog cum se manifesta acum.
Ai spus ca se comporta ciudat. Mai ai Adwcleaner pe Desktop? |
#23
Posted 05 January 2013 - 17:55
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Vad ca nu s.a mai blocat ...insa gandeste putin cam greu...da mai am AdwCleaner
|
#24
Posted 05 January 2013 - 17:58
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Ruleazal din nou:
Quote Dublu click pe Adwcleaner.exe pentru al rula. Click pe Search. Un fisier log se va deschide dupa ce va termina de scanat. Posteaza continutul lui aici. |
#25
Posted 05 January 2013 - 18:06
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
# Adwcleaner v2.104 - Logfile created 01/05/2013 at 17:03:22
# Updated 29/12/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 2 (32 bits) # User : Administrator - ALEXANDRU # Boot Mode : Normal # Running from : C:\Documents and Settings\Administrator\My Documents\Downloads\adwcleaner.exe # Option [Search] ***** [Services] ***** ***** [Files / Folders] ***** File Found : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Uninstall.exe ***** [Registry] ***** Key Found : HKCU\Software\Conduit ***** [Internet Browsers] ***** -\\ Internet Explorer v6.0.2900.2180 [OK] Registry is clean. -\\ Mozilla Firefox v3.6.28 (ro) File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\udzcu9xb.default\prefs.js [OK] File is clean. -\\ Google Chrome v23.0.1271.97 File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [1020 octets] - [05/01/2013 17:03:22] AdwCleaner[S1].txt - [11844 octets] - [31/12/2012 19:16:58] ########## EOF - C:\AdwCleaner[R1].txt - [1141 octets] ########## Asta este fisierul ce s a deschis..insa s.a deschis foarte repede dupa ce am dat Search..este normal? |
#26
Posted 05 January 2013 - 18:25
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Da e bine.
Ruleaza din nou Adwcleaner. Quote Dublu click pe AdwCleaner.exe pentru al rula. Click pe Delete. Descarca si SALVEAZA pe Desktop RogueKiller. Inchide toate programele care ruleaza. Scoate tot din porturile USB. Daca ai internet mobil asta poate sa ramana. Dublu click pe Desktop RogueKiller pentru a rula. Asteapta pana termina Prescan-ul. (Nu dureaza mult) Click pe butonul "Scan". Cand apare "Scan Finished" Click pe "Report" si fa un copy/paste aici. Posteaza cele doua loguri aici. |
#27
Posted 05 January 2013 - 18:44
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
reportul de la RogueKiller
RogueKiller V8.4.2 [Dec 31 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo...13-roguekiller/ Website : http://tigzy.geeksto...roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 2) 32 bits version Started in : Normal mode User : Administrator [Admin rights] Mode : Scan -- Date : 01/05/2013 17:35:43 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: FUJITSU MHY2120BH +++++ --- User --- [MBR] ab3c84bb846a6b8c3e9edccfe8f96c08 [BSP] 4bc0866048c48b5f77a90d7235161f0e : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 114463 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_01052013_02d1735.txt >> RKreport[1]_S_01052013_02d1735.txt # Adwcleaner v2.104 - Logfile created 01/05/2013 at 17:39:42 # Updated 29/12/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 2 (32 bits) # User : Administrator - ALEXANDRU # Boot Mode : Normal # Running from : C:\Documents and Settings\Administrator\My Documents\Downloads\adwcleaner.exe # Option [Delete] ***** [Services] ***** ***** [Files / Folders] ***** Deleted on reboot : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Zynga ***** [Registry] ***** ***** [Internet Browsers] ***** -\\ Internet Explorer v6.0.2900.2180 [OK] Registry is clean. -\\ Mozilla Firefox v3.6.28 (ro) File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\udzcu9xb.default\prefs.js [OK] File is clean. -\\ Google Chrome v23.0.1271.97 File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [1210 octets] - [05/01/2013 17:03:22] AdwCleaner[R2].txt - [1270 octets] - [05/01/2013 17:21:17] AdwCleaner[S1].txt - [11844 octets] - [31/12/2012 19:16:58] AdwCleaner[S3].txt - [1331 octets] - [05/01/2013 17:28:27] AdwCleaner[S5].txt - [1225 octets] - [05/01/2013 17:39:42] ########## EOF - C:\AdwCleaner[S5].txt - [1285 octets] ########## notepadul dupa ce am dat Delete in AdwCleaner |
#28
Posted 05 January 2013 - 18:54
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
E bine.
Ne apropiem de final, incet dar sigur. Ruleaza RogueKiller. Dupa ce ternina"Prescan" apasa "Scan". Dupa apasa butonul "Delete". E in partea dreapta. Cu Internet Explorer mergi aici. Accepta termeni si conditiile,(I accept the Terms of Use.) Click pe Start. Debifeaza "Remove found threats" si bifeaza "Scan unwanted applications". Click Scan. Asteapta sa termine de scanat. Logul e aici: C:\Program Files\EsetOnlineScanner\log.txt. Posteazal te rog aici. |
|
#29
Posted 05 January 2013 - 19:04
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Am o problema...cand dau click pe iconita de la Internet Explorer..mi se deschide Chromul... iar Internet Explorerul nu l gasesc in programe..nu stiu daca am facut eu ceva sau nu
|
#30
Posted 05 January 2013 - 19:11
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
#31
Posted 05 January 2013 - 19:20
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Ammmmm...am deschis cu Chrome...mi.a deschis un program numit Bitdefender Quickscan..care mi.a cerut permisiunea sa acceseze fisierele din pc...dupa ce am dat sa scaneze (scanarea mi.a aratat.o direct pe pagina care s.a deschis online) mi.a aparut scris acolo...ca nu s.au gasit infectii active in calculatorul meu. Asa ar fi trebuit sa apara?
precizez ca nu mi.a aparut nimic de genul...~vezi log~ Edited by ancasd, 05 January 2013 - 19:21. |
#32
Posted 05 January 2013 - 19:28
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Nu e bine, e chiar foarte bine!
Descarca: ComboFix si salveaza-l pe Desktop. Apoi asigura-te ca ai inchis toate programele care ruleaza (Yahoo Messenger, Mozila Firefox, etc) si ruleaza ComboFix. Te va intreba daca sa inceapa sa curete sistemul. Confirma cu Yes de fiecare data. Nu-l opri in timp ce scaneaza si dezinfecteaza sistemul. E posibil ca in timpul rularii lui desktop-ul sa dispara, dar nu te ingrijora. La sfarsit va afisa rezultatele scanarii. Salveaza acel fisier si posteaza continutul AICI. |
#33
Posted 05 January 2013 - 20:06
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
ComboFix 13-01-05.01 - Administrator 01/05/2013 18:41:14.1.1 - x86
Running from: c:\documents and settings\Administrator\My Documents\Downloads\ComboFix.exe * Resident AV is active . . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Administrator\Recent\Thumbs.db c:\documents and settings\Administrator\WINDOWS c:\documents and settings\All Users\Application Data\TEMP c:\windows\system32\Cache c:\windows\system32\sqlite3.dll . . ((((((((((((((((((((((((( Files Created from 2012-12-05 to 2013-01-05 ))))))))))))))))))))))))))))))) . . 2013-01-05 17:13 . 2013-01-05 17:14 -------- d-----w- c:\documents and settings\Administrator\Application Data\QuickScan 2012-12-29 22:29 . 2012-12-29 22:29 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2012-12-29 22:29 . 2012-12-29 22:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-12-28 12:34 . 2012-12-28 12:34 -------- d-----w- c:\windows\048298C9A4D3490B9FF9AB023A9238F3.TMP 2012-12-28 00:30 . 2012-12-28 00:30 -------- d-----w- c:\program files\BrowseToSave 2012-12-28 00:30 . 2012-12-28 12:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Browse2save 2012-12-20 21:48 . 2013-01-05 17:58 -------- d-----w- c:\program files\Steam . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-09 20:42 . 2011-01-09 20:42 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="c:\documents and settings\Administrator\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" [2012-07-27 138096] "Steam"="c:\program files\Steam\Steam.exe" [2012-12-22 1354736] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 3117344] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ Launcher.lnk - c:\program files\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe [2012-8-25 510960] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau . [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk] path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent] 2011-01-13 10:29 840000 ----a-w- c:\program files\DAEMON Tools Pro\DTAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] 2011-01-09 20:41 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] 2007-09-24 09:27 166424 ----a-w- c:\windows\system32\hkcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant] 2007-05-11 10:21 472632 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2007-09-24 09:27 141848 ----a-w- c:\windows\system32\igfxtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2004-08-03 22:06 1667584 --sh--w- c:\program files\Messenger\msmsgs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence] 2007-09-24 09:27 137752 ----a-w- c:\windows\system32\igfxpers.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] 2009-03-15 10:15 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe] 2008-02-26 05:36 177456 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2009-04-16 10:36 24264488 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX] 2006-07-13 04:12 729088 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] 2007-01-05 13:36 872448 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2008-01-18 08:04 1028096 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UIExec] 2009-10-10 09:56 132096 ----a-w- c:\program files\Join Air\UIExec.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] 2008-01-15 22:54 37376 ----a-w- c:\program files\Winamp\winampa.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "%windir%\\system32\\sopocx.ocx"= "%windir%\\system32\\tvu49.ocx"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Documents and Settings\\Administrator\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"= "c:\\Program Files\\Steam\\Steam.exe"= "c:\\Program Files\\Steam\\SteamApps\\common\\Sid Meier's Civilization V\\Launcher.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "57259:TCP"= 57259:TCP:Pando Media Booster "57259:UDP"= 57259:UDP:Pando Media Booster . R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2/6/2009 1:23 PM 120152] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2/6/2009 1:24 PM 104160] R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [3/2/2011 10:43 PM 218688] S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [8/25/2012 9:22 PM 102784] S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [8/25/2012 9:22 PM 117504] S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [8/25/2012 9:22 PM 72576] S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys --> c:\windows\system32\DRIVERS\ewusbfake.sys [?] S3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys --> c:\windows\system32\drivers\massfilter.sys [?] . Contents of the 'Scheduled Tasks' folder . 2013-01-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-220523388-725345543-839522115-500Core.job - c:\documents and settings\Administrator\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-02-09 10:40] . 2013-01-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-220523388-725345543-839522115-500UA.job - c:\documents and settings\Administrator\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-02-09 10:40] . 2013-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-12-28 16:15] . 2013-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-12-28 16:15] . 2013-01-02 c:\windows\Tasks\RegClean Prosch.job - c:\program files\RegClean Pro\RegCleanPro.exe [2012-07-16 09:25] . 2013-01-04 c:\windows\Tasks\RegClean Pro_DEFAULT.job - c:\program files\RegClean Pro\RegCleanPro.exe [2012-07-16 09:25] . 2013-01-02 c:\windows\Tasks\RegClean Pro_UPDATES.job - c:\program files\RegClean Pro\RegCleanPro.exe [2012-07-16 09:25] . . ------- Supplementary Scan ------- . uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://www.google.com mSearch Bar = hxxp://www.google.com/ie uInternet Connection Wizard,ShellNext = iexplore uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.2.1 FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\udzcu9xb.default\ . - - - - ORPHANS REMOVED - - - - . SafeBoot-Wdf01000.sys MSConfigStartUp-Google Quick Search Box - c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe MSConfigStartUp-Google Update - c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe MSConfigStartUp-TomTomHOME - c:\program files\TomTom HOME\TomTomHOME.exe MSConfigStartUp-uTorrent - c:\program files\uTorrent\uTorrent.exe AddRemove-{DCFF7DFC-64F4-D193-3378-2CD6071C5F0A} - c:\docume~1\ALLUSE~1\APPLIC~1\INSTAL~1\{DCFF7~1\Setup.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-01-05 19:00 Windows 5.1.2600 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(2320) c:\windows\system32\msi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Google\Update\1.3.21.124\GoogleCrashHandler.exe c:\windows\system32\agrsmsvc.exe c:\program files\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe c:\program files\Telenor Sweden\ESUS_TNS\ESUS_TNS.exe c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe c:\windows\system32\PnkBstrA.exe c:\program files\Join Air\AssistantServices.exe c:\windows\system32\wdfmgr.exe c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\windows\system32\wscntfy.exe c:\\?\c:\windows\system32\WBEM\WMIADAP.EXE . ************************************************************************** . Completion time: 2013-01-05 19:03:57 - machine was rebooted ComboFix-quarantined-files.txt 2013-01-05 18:03 . Pre-Run: 5,168,320,512 bytes free Post-Run: 27,348,959,232 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - D2DC29617FA0A005C55B33AC05D8EFFE asta este notepadul care mi.a aparut dupa ce programul si.a facut de cap... |
|
#34
Posted 05 January 2013 - 20:22
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Quote asta este notepadul care mi.a aparut dupa ce programul si.a facut de cap... ![]() Si-a facut doar datoria. 1 Verifica ce functioneaza in PC 2 Fa un scan rapid "Quick Scan" cu Malwarebytes AntiMalware. Posteaza logul aici. 3 Descarca Security Check by screen317 pe Desktop. Dublu click pe SecurityCheck.exe si urmeaza instructiunile. In Notepad apare automat checkup.txt, posteaza continutul aici. In functie de astea cred ca am terminat cu devirusarea. Urmeaza un pic de curatanie(plus update) si cam atat. |
#35
Posted 05 January 2013 - 20:48
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org Database version: v2013.01.05.06 Windows XP Service Pack 2 x86 NTFS Internet Explorer 6.0.2900.2180 Administrator :: ALEXANDRU [administrator] Protection: Disabled 1/5/2013 7:28:30 PM mbam-log-2013-01-05 (19-28-30).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 212501 Time elapsed: 7 minute(s), 13 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Results of screen317's Security Check version 0.99.56 Windows XP Service Pack 2 x86 Out of date service pack!! Internet Explorer 6 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Please wait while WMIC compiles updated MOF files.d i s p l a y N a m e ECHO is off. E S E T ECHO is off. N O D 3 2 ECHO is off. A n t i v i r u s ECHO is off. 5 . 2 ECHO is off. Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 10.2.153.1 Flash Player out of Date! Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (3.6.28) Firefox out of Date! Google Chrome 23.0.1271.97 ````````Process Check: objlist.exe by Laurent```````` ESET NOD32 Antivirus egui.exe ESET NOD32 Antivirus ekrn.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 25% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log`````````````````````` Asta este ceea ce mi.a aparut...casuta de la Security Check in care scrie "results have been copied to checkup.txt ,wich should open now! " mi.a ramas deschisa pe Desktop. Presupun ca o pot inchide ,nu? |
#36
Posted 05 January 2013 - 20:57
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Oficial nu mai ai virusi!
Acum sa facem curat. 1 Dublu click pe Adwcleaner.exe Click pe Uninstall. Confirma cu Yes. 2 Click Start>Run si fa copy/paste la asta: ComboFix /uninstall > click OK 3 Verifica daca a ramas RogueKiller pe desktop. Sterge tot ce a ramas(loguri etc). Dupa ce ai facut astea refa scanul cu HiJackThis si pune logul aici. |
Anunturi
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users