Проблем с Task Manager

Night_Raven · Юни 13, 2009

Кликни два пъти в прозореца на Task Manager.

liver · Юни 13, 2009

Кликни два пъти в прозореца на Task Manager.

A aз сканирам с avira,malwarebytes,superantispyware,проверявам лога на hijackthis,вместо да се сетя да кликна.Благодаря Night Raven

altan · Ноември 8, 2009

абе хора имам следния проблем с task manager натискам ctr+alt+del

и ми изписва disabled by your administrator :cry:

Night_Raven · Ноември 8, 2009

А предполагам компютърът е твой, акаунтът ти е администраторски и само ти си работиш на компютъра?

radichev · Декември 3, 2009

и аз имам подобен проблем и изобщо не ми излиза таск манаджера и не ми показва грешка опитах с файлове нестава.

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\GameTracker\GSInGameService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\ASUS\Six Engine\SixEngine.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

E:\programi\microsoft office\Office12\GrooveMonitor.exe

C:\Program Files\Unlocker\UnlockerAssistant.exe

C:\Program Files\Multimedia Card Reader\shwicon2k.exe

C:\WINDOWS\system32\ctfmon.exe

E:\programi\daemon tools\DAEMON Tools Lite\daemon.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\Datecs\FlexType 2K\FType2K.exe

E:\programi\uttorent\uTorrent.exe

E:\programi\superantispyware\SUPERAntiSpyware.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

E:\programi\mx\Maxthon2\Maxthon.exe

C:\Documents and Settings\Litex\Local Settings\Temporary Internet Files\Content.IE5\ICPWLUMD\alabala[1].exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - (no file)

O2 - BHO: DownloadGuardBHO - {20C1A7F0-528E-444F-BAC5-5804A61CCA7F} - E:\programi\ad-aware\Lavasoft\Download Guard for Internet Explorer\DownloadGuardBHO.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\programi\microsoft office\Office12\GrooveShellExtensions.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [GrooveMonitor] "E:\programi\microsoft office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Antivirus Protection] C:\WINDOWS\system32\avprot.exe

O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"

O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\programi\daemon tools\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [blazeServoTool] "E:\programi\blazeDTV\BlazeDTV2.0\MediaDetector.exe"

O4 - HKCU\..\Run: [GameTracker] C:\Program Files\GameTracker\GTLite.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] E:\programi\superantispyware\SUPERAntiSpyware.exe

O4 - Global Startup: FlexType 2K.lnk = C:\Program Files\Datecs\FlexType 2K\FType2K.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: &Експортиране към Microsoft Excel - res://E:\programi\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Изпрати към OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\programi\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Изпрати към OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\programi\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\programi\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{BEF07994-87BE-4D90-B03B-7FF6D88819E0}: NameServer = 212.95.162.2 195.24.54.2

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\programi\microsoft office\Office12\GrooveSystemServices.dll

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: !SASWinLogon - E:\programi\superantispyware\SASWINLO.dll

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Convar task manager (ctm) - Unknown owner - C:\Program Files\Convar\TaskManager\ctm.exe (file missing)

O23 - Service: GS In-Game Service - ClanServers Hosting LLC - C:\Program Files\GameTracker\GSInGameService.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - E:\programi\ad-aware\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

tova e ot GMER

GMER 1.0.15.15252 - http://www.gmer.net

Rootkit quick scan 2009-12-03 23:28:59

Windows 5.1.2600 Service Pack 3

Running: gmer.exe; Driver: C:\DOCUME~1\Litex\LOCALS~1\Temp\pxtdypog.sys

---- System - GMER 1.0.15 ----

SSDT spdb.sys ZwEnumerateKey [0xBA6C5CA4]

SSDT spdb.sys ZwEnumerateValueKey [0xBA6C6032]

---- Devices - GMER 1.0.15 ----

Device 89DDE1F8

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- EOF - GMER 1.0.15 ----

ESET SysInspector

http://dox.bg/files/dw?a=7a5837f680

Night_Raven · Декември 3, 2009

Човек би си помислил, че при наличието на SUPERAntiSpyware на системата ще си сканирал с нея и ще си си почистил системата. Така че... ако програмата е актуална версия, обнови дефинициите и сканирай. Ако не е актуална версия, я деинсталирай, инсталирай последната версия, обнови дефинициите и сканирай.

Сканирай и с Malwarebytes' Anti-Malware.

За Malwarebytes' Anti-Malware:

- стартирай програмата;

- избери Perform quick scan (Бързо сканиране) и кликни бутон Scan (Сканирай);

- като приключи сканирането кликни бутон OK и после Show results (Покажи резултатите);

- кликни бутон Remove Selected;

- ще се появи текстов файл (лог), копирай съдържанието му тук.

За SUPERAntiSpyware:

- стартирай програмата;

- кликни бутон Scan your Computer (Сканиране на компютъра;

- вляво избери само дял C:, а вдясно избери Perform Complete Scan (Извърши пълно сканиране);

- кликни Next и изчакай програмата да сканира;

- ако има засечени заплахи, кликни OK на съобщението;

- кликни Next, за да се премахнат гадинките, OK на потвърждението и накрая Finish;

- кликни бутон Preferences... (Настройки) и иди на подпрозорец Statistics/Logs (Дневници), маркирай последния лог по дата и кликни бутон View Log... (Покажи дневника);

- копирай съдържанието му тук.

Ако е нужен рестарт при някое от сканиранията, се съгласи и рестартирай веднага.

radichev · Декември 4, 2009

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

Generated 12/04/2009 at 09:04 AM

Application Version : 4.31.1000

Core Rules Database Version : 4334

Trace Rules Database Version: 2188

Scan type : Complete Scan

Total Scan Time : 00:16:19

Memory items scanned : 513

Memory threats detected : 0

Registry items scanned : 6495

Registry threats detected : 0

File items scanned : 15697

File threats detected : 31

Adware.Tracking Cookie

C:\Documents and Settings\Litex\Cookies\litex@account.impulse[2].txt

C:\Documents and Settings\Litex\Cookies\litex@adv.gamerzhut[2].txt

C:\Documents and Settings\Litex\Cookies\litex@microsoftsto.112.2o7[1].txt

C:\Documents and Settings\Litex\Cookies\litex@ads.ad4game[2].txt

C:\Documents and Settings\Litex\Cookies\litex@chitika[2].txt

C:\Documents and Settings\Litex\Cookies\litex@content.yieldmanager[2].txt

C:\Documents and Settings\Litex\Cookies\litex@content.yieldmanager[3].txt

C:\Documents and Settings\Litex\Cookies\litex@doubleclick[2].txt

C:\Documents and Settings\Litex\Cookies\litex@mediaplex[2].txt

C:\Documents and Settings\Litex\Cookies\litex@statcounter[2].txt

C:\Documents and Settings\Litex\Cookies\litex@hardwarezone[2].txt

C:\Documents and Settings\Litex\Cookies\litex@ads.easytrader[3].txt

C:\Documents and Settings\Litex\Cookies\litex@fastclick[2].txt

C:\Documents and Settings\Litex\Cookies\litex@122.2o7[2].txt

C:\Documents and Settings\Litex\Cookies\litex@apmebf[2].txt

C:\Documents and Settings\Litex\Cookies\litex@countermania.forumotion[2].txt

C:\Documents and Settings\Litex\Cookies\litex@tribalfusion[2].txt

C:\Documents and Settings\Litex\Cookies\litex@ads.neogen[3].txt

C:\Documents and Settings\Litex\Cookies\litex@ads.neogen[2].txt

C:\Documents and Settings\Litex\Cookies\litex@ad.yieldmanager[1].txt

C:\Documents and Settings\Litex\Cookies\litex@questionmarket[2].txt

C:\Documents and Settings\Litex\Cookies\litex@ads.fulldls[2].txt

C:\Documents and Settings\Litex\Cookies\litex@kontera[1].txt

C:\Documents and Settings\Litex\Cookies\litex@imrworldwide[2].txt

C:\Documents and Settings\Litex\Cookies\litex@www.hardwarezone[1].txt

C:\Documents and Settings\Litex\Cookies\litex@account.impulse[1].txt

C:\Documents and Settings\Litex\Cookies\litex@microsoftwindows.112.2o7[1].txt

C:\Documents and Settings\Litex\Cookies\litex@mediaplex[1].txt

C:\Documents and Settings\Litex\Cookies\litex@ads.kaldata[2].txt

C:\Documents and Settings\Litex\Cookies\litex@atdmt[1].txt

C:\Documents and Settings\Litex\Cookies\litex@counter.search[1].txt

Malwarebytes' Anti-Malware 1.42

Версия на базата от данни: 3291

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

04.12.2009 г. 09:22:42

mbam-log-2009-12-04 (09-22-42).txt

Тип сканиране: Бързо сканиране

Сканирани обекти: 118542

Изминало време: 6 minute(s), 51 second(s)

Заразени процеси в паметта: 0

Заразени модули в паметта: 0

Заразени ключове в регистратурата: 1

Заразени стойности в регистратурата: 0

Заразени информационни обекти в регистратурата: 0

Заразени папки: 0

Заразени файлове: 0

Заразени процеси в паметта:

(Не бяха открити заплахи)

Заразени модули в паметта:

(Не бяха открити заплахи)

Заразени ключове в регистратурата:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.Exe (Trojan.Agent) -> Quarantined and deleted successfully.

Заразени стойности в регистратурата:

(Не бяха открити заплахи)

Заразени информационни обекти в регистратурата:

(Не бяха открити заплахи)

Заразени папки:

(Не бяха открити заплахи)

Заразени файлове:

(Не бяха открити заплахи)

radichev · Декември 4, 2009

http://dox.bg/files/dw?a=a58c429862

radichev · Декември 6, 2009

Какво да правя

Night_Raven · Декември 6, 2009

Кажи дали в папка C:\WINDOWS\system32 въобще имаш файл taskmgr.exe. Дай пресен лог от HijackThis.

radichev · Декември 7, 2009

Logfile of HijackThis v1.99.1

Scan saved at 10:24:44, on 07.12.2009 г.

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\GameTracker\GSInGameService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\WINDOWS\System32\dmadmin.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\ASUS\Six Engine\SixEngine.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

E:\programi\microsoft office\Office12\GrooveMonitor.exe

C:\Program Files\Unlocker\UnlockerAssistant.exe

C:\Program Files\Multimedia Card Reader\shwicon2k.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\ctfmon.exe

E:\programi\daemon tools\DAEMON Tools Lite\daemon.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

E:\programi\superantispyware\SUPERAntiSpyware.exe

C:\Program Files\Datecs\FlexType 2K\FType2K.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

D:\GAMES\c\Flex Anticheat.ex

E:\programi\mx\Maxthon2\Maxthon.exe

C:\Documents and Settings\Litex\Desktop\alabala.exe