Jump to content

Препоръчан пост

  • Отговори 112
  • Създадена
  • Последен отговор

ТОП потребители в тази тема

ТОП потребители в тази тема

Публикувани изображения

Мисля, че питаш за Windows Rundll.

 

По-долу ще намериш малко информация от източника: Microsoft. Естествено е на английски език. Неразбираема е за повечето български потребители на най-популярната операционна система. :)

Хм, мисля, че малко сарказъм не е излишен. Но въпросът ти е доста интересен. За съжаление за да се разбере какво наистина означава Rundll е необходимо да се понаучи какво означава dll.

 

Eто повече информация за Rundll.exe vs Rundll32.exe.

Източник: Microsoft

 

Ако може, напиши или дай снимка на съобщението от десктопа за липсващ файл.

Link to comment
Сподели другаде

  • 10 months later...

Ще е доста добре да пуснеш LOG файлове на HijackThis и Autoruns.

Изтегли HijackThis 1.99.1 (213KB), която съм преименувал нарочно, стартирай я и кликни Do a system scan and save a logfile. Това ще създаде текстов файл в същата папка. Копирай съдържанието му тук или прикачи файла към темата, както ти е по-удобно.

 

Изтегли Autoruns и:

1) стартирай програмата;

2) избери Options -> Hide Microsoft and Windows Entries;

3) меню File -> Refresh;

4) меню File -> Save...;

5) от долното падащо меню избери Text;

6) запази файла някъде и след това го прикачи към темата или му копирай съдържанието.

Link to comment
Сподели другаде

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

28a38f7d File not found: C:\WINDOWS\system32\waeuwuwf.dll

C:\Documents and Settings\All Users\Start Menu\ÐñïãñÜììáôá\Åêêßíçóç

BTTray.lnkBluetooth Tray Application Broadcom Corporation. c:\program files\widcomm\bluetooth software\bttray.exe

VPro520.lnkTrayMin Philips c:\windows\vpro520.exe

C:\Documents and Settings\user\Start Menu\ÐñïãñÜììáôá\Åêêßíçóç

Rainlendar2.lnkDesktop calendar c:\program files\rainlendar2\rainlendar2.exe

Skype.lnk c:\windows\installer\{5c82dae5-6eb0-4374-9254-be3319ba4e82}\skype.ico

HKCU\Software\Microsoft\Windows\CurrentVersion\Run SpybotSD TeaTimerSystem settings protector Safer Networking Limited c:\program files\spybot - search & destroy\teatimer.exe

0 File not found: About:Home

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers

EPPShellEx SEIKO EPSON CORPORATION c:\program files\epson\creativity suite\easy photo print\eppshell.dll

EzCddax c:\program files\easy cd-da extractor 11\ezcddax11.dll

MyPictures3DTODO: <File description> TODO: <Company name> c:\program files\my pictures 3d\my pictures 3d screensaver\bin\mypiccontext.dll

WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers

WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers

EzCddax c:\program files\easy cd-da extractor 11\ezcddax11.dll

MyPictures3DTODO: <File description> TODO: <Company name> c:\program files\my pictures 3d\my pictures 3d screensaver\bin\mypiccontext.dll

WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers

00nViewNVIDIA Desktop Explorer, Version 110.26 NVIDIA Corporation c:\windows\system32\nvshell.dll

NvCplDesktopContextNVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

HKLM\Software\Classes\Folder\Shellex\ColumnHandlers

PDF Shell ExtensionPDF Shell Extension Adobe Systems, Inc. c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} Sun Microsystems, Inc. c:\program files\openoffice.org 2.1\program\shlxthdl.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

Desktop ExplorerNVIDIA Desktop Explorer, Version 110.26 NVIDIA Corporation c:\windows\system32\nvshell.dll

Desktop Explorer MenuNVIDIA Desktop Explorer, Version 110.26 NVIDIA Corporation c:\windows\system32\nvshell.dll

EzCddax extension c:\program files\easy cd-da extractor 11\ezcddax11.dll

My Bluetooth PlacesBTNeighborhood DLL Broadcom Corporation. c:\windows\system32\btneighborhood.dll

NvCpl DesktopContext ClassNVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

nView Desktop Context MenuNVIDIA Desktop Explorer, Version 110.26 NVIDIA Corporation c:\windows\system32\nvshell.dll

OpenOffice.org Column Handler Sun Microsystems, Inc. c:\program files\openoffice.org 2.1\program\shlxthdl.dll

OpenOffice.org Infotip Handler Sun Microsystems, Inc. c:\program files\openoffice.org 2.1\program\shlxthdl.dll

OpenOffice.org Property Sheet Handler Sun Microsystems, Inc. c:\program files\openoffice.org 2.1\program\shlxthdl.dll

OpenOffice.org Thumbnail Viewer Sun Microsystems, Inc. c:\program files\openoffice.org 2.1\program\shlxthdl.dll

Play on my TV helperNVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

WinRAR shell extension c:\program files\winrar\rarext.dll

ÐñïÝêôáóç åéêïíéäßïõ HyperTerminalHyperTerminal Applet Library Hilgraeve, Inc. c:\windows\system32\hticons.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

AcroIEHlprObj ClassAdobe Acrobat IE Helper Version 7.0 for ActiveX Adobe Systems Incorporated c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll

BitComet HelperBitCometBHO BitComet c:\program files\bitcomet\tools\bitcometbho_1.2.1.2.dll

EpsonToolBandKicker ClassEPSON Web-To-Page SEIKO EPSON CORPORATION c:\program files\epson\epson web-to-page\epson web-to-page.dll

Skype add-on (mastermind)Skype add-on for IE Skype Technologies S.A. c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Spybot-S&D IE ProtectionSBSD IE Protection Safer Networking Limited c:\program files\spybot - search & destroy\sdhelper.dll

{E3B5FB30-B660-4E08-B963-31B19DFC68E1} File not found: C:\WINDOWS\system32\pmnmkKdd.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions

BitComet File not found: C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206

HKLM\System\CurrentControlSet\Services

BitComet File not found: C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206

HKLM\System\CurrentControlSet\Services

ASFWHide File not found: C:\Documents and Settings\user\Local Settings\TEMP\ASFWHide

BTKRNLBluetooth Bus Enumerator Broadcom Corporation. c:\windows\system32\drivers\btkrnl.sys

BTSERIALBluetooth Serial Driver for Windows 2000 Broadcom Corporation. c:\windows\system32\drivers\btserial.sys

BTSLBCSPBluetooth Serial Driver for Windows 2000 Broadcom Corporation. c:\windows\system32\drivers\btslbcsp.sys

Cardex File not found: C:\WINDOWS\System32\Drivers\Cardex.sys

Changer File not found: C:\WINDOWS\System32\Drivers\Changer.sys

CnxEtP File not found: C:\WINDOWS\System32\Drivers\CnxEtP.sys

CnxEtU File not found: C:\WINDOWS\System32\Drivers\CnxEtU.sys

CnxTgNW File not found: C:\WINDOWS\System32\Drivers\CnxTgNW.sys

DrvFltIp File not found: C:\Documents and Settings\user\Local Settings\TEMP\DrvFltIp

i2omgmt File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys

IntcAzAudAddServiceRealtek® High Definition Audio Function Driver Realtek Semiconductor Corp. c:\windows\system32\drivers\rtkhdaud.sys

lbrtfdc File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys

Mtlmnt5 Smart Link c:\windows\system32\drivers\mtlmnt5.sys

Mtlstrm Smart Link c:\windows\system32\drivers\mtlstrm.sys

NtMtlFax Smart Link c:\windows\system32\drivers\ntmtlfax.sys

nvNVIDIA Compatible Windows 2000 Miniport Driver, Version 84.21 NVIDIA Corporation c:\windows\system32\drivers\nv4_mini.sys

PCIDump File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys

pcouffinlow level access layer for CD/DVD/BD devices VSO Software c:\windows\system32\drivers\pcouffin.sys

PDCOMP File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys

PDFRAME File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys

PDRELI File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys

PDRFRAME File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys

PtilinkÐñüãñáììá ïäÞãçóçò Áðåõèåßáò óýíäåóçò ðáñÜëëçëùí èõñþí Parallel Technologies, Inc. c:\windows\system32\drivers\ptilink.sys

PxHelp20Px Engine Device Driver for Windows 2000/XP Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys

RecAgent Smart Link c:\windows\system32\drivers\recagent.sys

RTLE8023xpRealtek 10/100/1000 NDIS 5.1 Driver Realtek Semiconductor Corporation c:\windows\system32\drivers\rtenicxp.sys

SDTHOOKPanda Anti-Malware support driver (sdthook) Panda Software c:\windows\system32\drivers\sdthook.sys

SecdrvSafeDisc driver Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. c:\windows\system32\drivers\secdrv.sys

Slntamr Smart Link c:\windows\system32\drivers\slntamr.sys

SlNtHal Smart Link c:\windows\system32\drivers\slnthal.sys

SlWdmSup Smart Link c:\windows\system32\drivers\slwdmsup.sys

SPC520Philips SPC520 Camera Driver (WDM Main Driver) Philips c:\windows\system32\drivers\spc520.sys

SPC520mPhilips SPC520 Camera Driver (DS MiniDriver) Philips c:\windows\system32\drivers\spc520m.sys

SYMIDSCO File not found: C:\WINDOWS\System32\Drivers\SYMIDSCO.sys

WDICA File not found: C:\WINDOWS\System32\Drivers\WDICA.sys

{FBE1D620-5418-4aae-A0F0-316D590663A1} File not found: C:\WINDOWS\system32\{FBE1D620-5418-4aae-A0F0-316D590663A1}

HKCU\Control Panel\Desktop\Scrnsave.exe

C:\WINDOWS\MYPICT~1.SCRMy Pictures 3D VicMan Software c:\windows\my pictures 3d.scr

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors

Bluetooth Printer Portbthcrp DLL Broadcom Corporation. c:\windows\system32\bthcrp.dll

EPSON Stylus DX4000 Series 32MonitorBEEPSON Bi-directional Monitor SEIKO EPSON CORPORATION c:\windows\system32\e_flbbee.dll

HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages

C:\WINDOWS\system32\pmnmkKdd File not found: C:\WINDOWS\system32\pmnmkKdd

Link to comment
Сподели другаде

А на HijackThis лог-а?

 

Добавено:

Можеш да махнеш отметките на следните обекти в Autoruns:

28a38f7d File not found: C:\WINDOWS\system32\waeuwuwf.dll

E3B5FB30-B660-4E08-B963-31B19DFC68E1} File not found: C:\WINDOWS\system32\pmnmkKdd.dll

ASFWHide File not found: C:\Documents and Settings\user\Local Settings\TEMP\ASFWHide

DrvFltIp File not found: C:\Documents and Settings\user\Local Settings\TEMP\DrvFltIp

c:\windows\system32\e_flbbee.dll

C:\WINDOWS\system32\pmnmkKdd File not found: C:\WINDOWS\system32\pmnmkKdd

Link to comment
Сподели другаде

Явно имаш някаква гадинка на компютъра. Затова ти поисках LOG файлове на двете програми, да се проверят нещата ръчно. Не си дала още LOG на HijackThis, но ако не ти се занимава, можеш да не даваш, макар че, аз бих препоръчал да го пуснеш все пак. А и можеш да сканираш с някоя добра антиспай програма, SUPERAntiSpyware и Malwarebytes' Anti-Malware са доста добри и надеждни програми.
Link to comment
Сподели другаде

Logfile of HijackThis v1.99.1

Scan saved at 15:32:06, on 09.4.2008 ?.

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\WINDOWS\VPro520.exe

C:\Program Files\Rainlendar2\Rainlendar2.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Program Files\Messenger\msmsgs.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Documents and Settings\user\Επιφάνεια εργασίας\alabala.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.start.bg/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: (no name) - AutorunsDisabled - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: {56f812fc-5a4d-64b9-93e4-c5d37ff00358} - {85300ff7-3d5c-4e39-9b46-d4a5cf218f65} - (no file)

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O11 - Options group: [iNTERNATIONAL] International*

Link to comment
Сподели другаде

Това ми излезе в лист:

 

Logfile of HijackThis v1.99.1

Scan saved at 16:35:13, on 09.4.2008 ?.

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\WINDOWS\VPro520.exe

C:\Program Files\Rainlendar2\Rainlendar2.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Program Files\Messenger\msmsgs.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Documents and Settings\user\Επιφάνεια εργασίας\alabala.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.start.bg/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: (no name) - AutorunsDisabled - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: {56f812fc-5a4d-64b9-93e4-c5d37ff00358} - {85300ff7-3d5c-4e39-9b46-d4a5cf218f65} - (no file)

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O11 - Options group: [iNTERNATIONAL] International*

Link to comment
Сподели другаде

Пак казвам, че не вярвам това да е целия LOG файл. Иначе дотук можеш да махнеш отметките на:

O2 - BHO: (no name) - AutorunsDisabled - (no file)

O2 - BHO: {56f812fc-5a4d-64b9-93e4-c5d37ff00358} - {85300ff7-3d5c-4e39-9b46-d4a5cf218f65} - (no file)

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)

Не са опасни, но са откровено излишни.

Link to comment
Сподели другаде

  • 2 weeks later...

Здравейте.Имам проблем подобен на тери,свързан с RUNDLL. Появява се всеки път като стартирам уиндоуса и после си продължава...По-долу съм пейстнал лог-файла от Autoruns,моля кажете ми кои отметки е нужно да махна и има ли такива въобще. A за HijackThis при стартиране на сетъп-а ми даде някво предупреждение и се отказах да сканирам

 

 

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ Adobe Reader Speed Launcher Adobe Acrobat SpeedLauncher Adobe Systems Incorporated c:\program files\adobe\reader 8.0\reader\reader_sl.exe

+ avast! avast! service GUI component ALWIL Software c:\program files\alwil software\avast4\ashdisp.exe

+ ISTray PC Tools Tray Application PC Tools c:\program files\spyware doctor\pctstray.exe

+ NeroFilterCheck NeroCheck Nero AG c:\program files\common files\ahead\lib\nerocheck.exe

+ nTrayFw Firewall Tray Application NVIDIA Corporation c:\program files\nvidia corporation\networkaccessmanager\bin\ntrayfw.exe

+ NvCplDaemon NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

+ NVIDIA nTune NVIDIA nTune application NVIDIA c:\program files\nvidia corporation\ntune\ntune.exe

+ NvMediaCenter NVIDIA Media Center Library NVIDIA Corporation c:\windows\system32\nvmctray.dll

+ nwiz NVIDIA nView Wizard, Version 110.26 NVIDIA Corporation c:\windows\system32\nwiz.exe

+ SoundMan Realtek Sound Manager Realtek Semiconductor Corp. C:\WINDOWS\soundman.exe

+ SunJavaUpdateSched Java Platform SE binary Sun Microsystems, Inc. c:\program files\java\jre1.6.0_05\bin\jusched.exe

C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup

+ BlueSoleil.lnk Bluetooth Application IVT Corporation c:\program files\ivt corporation\bluesoleil\bluesoleil.exe

+ Color Calibration.lnk GammaTray MFC ?? ???? c:\program files\sec\magictune3.5_client\gammatray.exe

+ FlexType 2K.lnk c:\windows\datecs\flex2k.exe

+ MagicTune3.5.lnk MagicTuneTray MFC Application c:\program files\sec\magictune3.5_client\magictunetray.exe

+ Orbit.lnk Orbit Downloader Orbitdownloader.com c:\program files\orbitdownloader\orbitdm.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

+ BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} Nero Home Nero AG c:\program files\common files\ahead\lib\nmbgmonitor.exe

+ DAEMON Tools Lite DAEMON Tools main application DT Soft Ltd c:\program files\daemon tools lite\daemon.exe

+ Skype Skype. Take a deep breath Skype Technologies S.A. c:\program files\skype\phone\skype.exe

HKLM\SOFTWARE\Classes\Protocols\Handler

+ skype4com Skype for COM API Skype Technologies c:\program files\common files\skype\skype4com.dll

HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components

+ 0 File not found: About:Home

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers

+ avast avast! Shell Extension ALWIL Software c:\program files\alwil software\avast4\ashshell.dll

+ Cover Designer Cover Designer Nero AG c:\program files\nero\nero 7\nero coverdesigner\coveredextension.dll

+ FineReader9ContextMenu ABBYY FineReader Integration ABBYY Software Ltd c:\program files\abbyy finereader 9.0\frintegration.dll

+ TuneUp Shredder Shell Extension TuneUp Shredder Shell Extension TuneUp Software GmbH c:\program files\tuneup utilities 2008\sdshelex-win32.dll

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers

+ MBAMShlExt Malwarebytes' Anti-Malware shell extension Malwarebytes c:\program files\malwarebytes' anti-malware\mbamext.dll

HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers

+ avast avast! Shell Extension ALWIL Software c:\program files\alwil software\avast4\ashshell.dll

+ MBAMShlExt Malwarebytes' Anti-Malware shell extension Malwarebytes c:\program files\malwarebytes' anti-malware\mbamext.dll

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers

+ TuneUp Shredder Shell Extension TuneUp Shredder Shell Extension TuneUp Software GmbH c:\program files\tuneup utilities 2008\sdshelex-win32.dll

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers

+ 00nView NVIDIA Desktop Explorer, Version 110.26 NVIDIA Corporation c:\windows\system32\nvshell.dll

+ NvCplDesktopContext NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

HKLM\Software\Classes\Folder\Shellex\ColumnHandlers

+ PDF Shell Extension PDF Shell Extension Adobe Systems, Inc. c:\program files\common files\adobe\acrobat\activex\pdfshell.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ avast avast! Shell Extension ALWIL Software c:\program files\alwil software\avast4\ashshell.dll

+ Desktop Explorer NVIDIA Desktop Explorer, Version 110.26 NVIDIA Corporation c:\windows\system32\nvshell.dll

+ Desktop Explorer Menu NVIDIA Desktop Explorer, Version 110.26 NVIDIA Corporation c:\windows\system32\nvshell.dll

+ Display Panning CPL Extension File not found: deskpan.dll

+ FineReader9ContextMenu ABBYY FineReader Integration ABBYY Software Ltd c:\program files\abbyy finereader 9.0\frintegration.dll

+ HyperTerminal Icon Ext HyperTerminal Applet Library Hilgraeve, Inc. c:\windows\system32\hticons.dll

+ NeroCoverEd Live Icons Cover Designer Nero AG c:\program files\nero\nero 7\nero coverdesigner\coveredextension.dll

+ NvCpl DesktopContext Class NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

+ nView Desktop Context Menu NVIDIA Desktop Explorer, Version 110.26 NVIDIA Corporation c:\windows\system32\nvshell.dll

+ Play on my TV helper NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

+ TuneUp Shredder Shell Extension TuneUp Shredder Shell Extension TuneUp Software GmbH c:\program files\tuneup utilities 2008\sdshelex-win32.dll

+ TuneUp Theme Extension TuneUp Theme Extension TuneUp Software GmbH c:\windows\system32\uxtuneup.dll

+ WinRAR shell extension c:\program files\winrar\rarext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ Adobe PDF Reader Link Helper Adobe PDF Helper for Internet Explorer Adobe Systems Incorporated c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll

+ Octh Class Orbitcth Orbitdownloader.com c:\program files\orbitdownloader\orbitcth.dll

+ SSVHelper Class Java Platform SE binary Sun Microsystems, Inc. c:\program files\java\jre1.6.0_05\bin\ssv.dll

Task Scheduler

+ 1-Click Maintenance.job c:\program files\tuneup utilities 2008\oneclickstarter.exe

HKLM\System\CurrentControlSet\Services

+ ABBYY.Licensing.FineReader.Professional.9.0 ABBYY FineReader 9.0 Licensing Service ABBYY (BIT Software) c:\program files\abbyy finereader 9.0\networklicenseserver.exe

+ aswUpdSv Осигурява авотматични обновявания на компонентите на avast!. ALWIL Software c:\program files\alwil software\avast4\aswupdsv.exe

+ avast! Antivirus Управлява и изпълнява антивирусните услуги на avast! на този компютър. Това включва резидентна защита, клетката за вируси и планировчика. ALWIL Software c:\program files\alwil software\avast4\ashserv.exe

+ BlueSoleil Hid Service c:\program files\ivt corporation\bluesoleil\btntservice.exe

+ Bonjour Service ##Id_String2.6844F930_1628_4223_B5CC_5BB94B879762## Apple Computer, Inc. c:\program files\bonjour\mdnsresponder.exe

+ ForceWare Intelligent Application Manager (IAM) app_filter Module c:\program files\nvidia corporation\networkaccessmanager\bin\nsvcappflt.exe

+ ForcewareWebInterface Apache Apache Software Foundation c:\program files\nvidia corporation\networkaccessmanager\apache group\apache2\bin\apache.exe

+ MBAMService Malwarebytes' Anti-Malware Service Malwarebytes c:\program files\malwarebytes' anti-malware\mbamservice.exe

+ nSvcIp nSvcIp NVIDIA c:\program files\nvidia corporation\networkaccessmanager\bin\nsvcip.exe

+ nSvcLog nSvcLog NVIDIA c:\program files\nvidia corporation\networkaccessmanager\bin\nsvclog.exe

+ NVSvc Provides system and desktop level support to the NVIDIA display driver NVIDIA Corporation c:\windows\system32\nvsvc32.exe

+ sdAuxService Provides auxiliary PC Tools Security services. If this service is disabled spyware protection will be reduced. PC Tools c:\program files\spyware doctor\pctsauxs.exe

+ sdCoreService Provides spyware and malware protection for the system. If this service is disabled spyware protection will be disabled. PC Tools c:\program files\spyware doctor\pctssvc.exe

+ UxTuneUp Allows to use visual styles without Microsoft signature. TuneUp Software GmbH c:\windows\system32\uxtuneup.dll

HKLM\System\CurrentControlSet\Services

+ Aavmker4 avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP ALWIL Software c:\windows\system32\drivers\aavmker4.sys

+ ALCXWDM Realtek AC'97 Audio Driver (WDM) Realtek Semiconductor Corp. c:\windows\system32\drivers\alcxwdm.sys

+ aswFsBlk avast! mini-filter driver (aswFsBlk) ALWIL Software c:\windows\system32\drivers\aswfsblk.sys

+ aswMon2 avast! File System Filter Driver for Windows XP ALWIL Software c:\windows\system32\drivers\aswmon2.sys

+ aswRdr avast! TDI RDR Driver ALWIL Software c:\windows\system32\drivers\aswrdr.sys

+ aswSP avast! self protection module ALWIL Software c:\windows\system32\drivers\aswsp.sys

+ aswTdi avast! TDI Filter Driver ALWIL Software c:\windows\system32\drivers\aswtdi.sys

+ BIOS I/O Interface driver file BIOSTAR Group c:\windows\system32\drivers\bios.sys

+ BlueletAudio Bluelet Audio Driver IVT Corporation c:\windows\system32\drivers\blueletaudio.sys

+ BT Bluetooth PAN Network Adapter Driver IVT Corporation c:\windows\system32\drivers\btnetdrv.sys

+ Btcsrusb Bluetooth USB Device Driver IVT Corporation c:\windows\system32\drivers\btcusb.sys

+ BTHidEnum c:\windows\system32\drivers\vbtenum.sys

+ BTHidMgr Bluetooth HID Manager driver IVT Corporation c:\windows\system32\drivers\bthidmgr.sys

+ BTNetFilter c:\windows\system32\drivers\btnetfilter.sys

+ Changer File not found: C:\WINDOWS\System32\Drivers\Changer.sys

+ EverestDriver c:\program files\lavalys\everest ultimate edition\kerneld.wnt

+ i2omgmt File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys

+ IKFileSec File Security Device Driver PCTools Research Pty Ltd. c:\windows\system32\drivers\ikfilesec.sys

+ IKSysFlt System Filter Device Driver PCTools Research Pty Ltd. c:\windows\system32\drivers\iksysflt.sys

+ IKSysSec System Security Device Driver PCTools Research Pty Ltd. c:\windows\system32\drivers\iksyssec.sys

+ lbrtfdc File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys

+ MagicTune c:\windows\system32\drivers\mtictwl.sys

+ MBAMCatchMe c:\program files\malwarebytes' anti-malware\catchme.sys

+ MBAMDrvService Malwarebytes' Anti-Malware On-Access Scanner c:\program files\malwarebytes' anti-malware\mbam.sys

+ nv NVIDIA Compatible Windows 2000 Miniport Driver, Version 84.21 NVIDIA Corporation c:\windows\system32\drivers\nv4_mini.sys

+ NVENETFD NVIDIA Networking Function Driver. NVIDIA Corporation c:\windows\system32\drivers\nvenetfd.sys

+ nvnetbus NVIDIA Networking Bus Driver. NVIDIA Corporation c:\windows\system32\drivers\nvnetbus.sys

+ NVTCP NVIDIA Networking Protocol Driver. NVIDIA Corporation c:\windows\system32\drivers\nvtcp.sys

+ PCIDump File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys

+ PDCOMP File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys

+ PDFRAME File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys

+ PDRELI File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys

+ PDRFRAME File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys

+ Ptilink Direct Parallel Link Driver Parallel Technologies, Inc. c:\windows\system32\drivers\ptilink.sys

+ Secdrv SafeDisc driver Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. c:\windows\system32\drivers\secdrv.sys

+ sptd c:\windows\system32\drivers\sptd.sys

+ SRS_SSCFilter SRS WOW HD, TSXT, CSII, Mobile HD Standalone driver c:\windows\system32\drivers\srs_sscfilter_i386.sys

+ VComm Bluetooth Serial Port Driver IVT Corporation c:\windows\system32\drivers\vcomm.sys

+ VcommMgr Bluetooth VcommMgr driver IVT Corporation c:\windows\system32\drivers\vcommmgr.sys

+ WDICA File not found: C:\WINDOWS\System32\Drivers\WDICA.sys

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

+ qoMcDSJB File not found: qoMcDSJB.dll

HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9

+ NVIDIA App Filter NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{2B05AF73-F267-4FDD-9202-E46700A6BCEB}] DATAGRAM 0] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{2B05AF73-F267-4FDD-9202-E46700A6BCEB}] SEQPACKET 0] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{329380E0-259E-4C0A-9FE1-2251C22765C5}] DATAGRAM 4] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{329380E0-259E-4C0A-9FE1-2251C22765C5}] SEQPACKET 4] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{554C8361-81A0-44CB-956B-821C0CC1C710}] DATAGRAM 3] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{554C8361-81A0-44CB-956B-821C0CC1C710}] SEQPACKET 3] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{6D50CEE5-6F7F-43C3-B266-95895A5B1840}] DATAGRAM 5] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{6D50CEE5-6F7F-43C3-B266-95895A5B1840}] SEQPACKET 5] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{703FC3A1-E837-4715-9C38-2E073F832656}] DATAGRAM 2] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{703FC3A1-E837-4715-9C38-2E073F832656}] SEQPACKET 2] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{90DD7689-7BA4-43FB-A3FA-537677D2F9A2}] DATAGRAM 1] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{90DD7689-7BA4-43FB-A3FA-537677D2F9A2}] SEQPACKET 1] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [MSAFD Tcpip [RAW/IP]] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [MSAFD Tcpip [TCP/IP]] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [MSAFD Tcpip [uDP/IP]] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [RSVP TCP Service Provider] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

+ NVIDIA App Filter over [RSVP UDP Service Provider] NVIDIA IAM LSP NVIDIA c:\windows\system32\nvappfilter.dll

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors

+ Canon BJ Language Monitor MP170 IJ Language Monitor CANON INC. c:\windows\system32\cnmlm7j.dll

+ PDFConverter c:\windows\system32\pdfmonnt.dll

Link to comment
Сподели другаде

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Гост
Отговори на тази тема

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   Не можете да качите директно снимка. Качете или добавете изображението от линк (URL)

Loading...

×
×
  • Създай ново...