danina Публикувано Ноември 14, 2006 Report Share Публикувано Ноември 14, 2006 Здравейте!Най- после включиха интернет в службата, но поради някои причини 1 ден бях без антивирусна.Резултата- неизвестна и ужасна гад, която ме доведе почти до отчаяние.Найт Равен, на когото мнооооооого благодаря ми даде някои програмки за чистене на предполагаемата гад- sasser/ не се откри такава гад / и FixBlast / такава също /.Както и да е- изскачаше прозорец, който ми казваше, че компа ще се рестартира и започваше да отброява . Сега май спря да изскача, но остана придружаващото го съобщение:http://img300.imageshack.us/img300/708/untitledkr5.jpgСвалих въпросната програма , но това съобщение продължава да ме тормози.Преди не можех да сканирам с антивирусни, но сега сканирах с avast, NOD и Касперски и нищо не откриха- никакъв вирус или нещо подобно. Въпросното съобщение обаче продължава. Вероятно е някакъв спай. Дайте идея- какво да правя. Най- странното е, че така и не разбрах какво му има на компа- май все пак е имал вирусите, които Найт Равен предполагаше, но има и още нещо. Как да го открия?Благодаря ви! Цитирай Link to comment Сподели другаде More sharing options...
panevdd Публикувано Ноември 14, 2006 Report Share Публикувано Ноември 14, 2006 Свали си Autoruns и го разархивирай някъде. Стартирай autoruns.exe, изчакай да се попълни списъка и го запази като файл (File -> Save As...). После дай съдържанието на файла да го прегледаме. Цитирай Link to comment Сподели другаде More sharing options...
Sir William Публикувано Ноември 14, 2006 Report Share Публикувано Ноември 14, 2006 Здравей!Както виждам, имаш активни програми за сигурност:1. Ad-aware Pro със активен скенер ad-watch2. Антивирус (предполагам) Kaspersky 3. Защитна стена (предполагам вградената на Windows) Предполага се, че имаш операционна система Windows XP2. Препоръчвам ти да изключиш аd-watch и да сканираш със следните програми за спай, червеи и други:1. Spybot Search and Destroy: http://www.softvisia.com/download.php?view.4402. a-squared free: http://www.softvisia.com/download.php?view.502 Но за мен е добре да изтеглиш също a-squared HiJackFree (http://www.softvisia.com/download.php?view.630), като пуснеш онлайн анализ на системата си. Натискаш бутона "Оnline Analysis" който е като земно кълбо, вторият от ляво надясно. Виж какъв е резултата, който ще се появи в браузъра ти.http://www.picvalley.net/u/50/49922_675.JPG Успех! Цитирай Link to comment Сподели другаде More sharing options...
yasya2 Публикувано Ноември 14, 2006 Report Share Публикувано Ноември 14, 2006 най-грубо е да спреш "messenger" услугата ... сканираи комп с това http://www.spywareinfo.com/~merijn/programs.php#hijackthisи пусни тхт-то Цитирай Link to comment Сподели другаде More sharing options...
Castigado Pantockrator Публикувано Ноември 14, 2006 Report Share Публикувано Ноември 14, 2006 На мен не ми прилича на вирус. Това според мен си е чис спайуеър. С това се обяснява и ненамирането му от антивирусна програма.Компютъра в крайна сметка рестартира ли се или само отброява?Препоръчвам ти да търсиш тая гад с AdAware SE Personal или с XoftSpy 4.22.Нищо няма да загубиш ако направиш и едно логче с HiJack This и го пуснеш тук в темата или тук, където сама можеш да видиш резултатите. Цитирай Link to comment Сподели другаде More sharing options...
danina Публикувано Ноември 14, 2006 Author Report Share Публикувано Ноември 14, 2006 Привет!Знаех си аз, че мога да разчитам на вас. Започвам да действам по ред на номерата.panevdd- ето лога от сканирането:HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms + rdpclip RDP Clip Monitor Microsoft Corporation c:\windows\system32\rdpclip.exeHKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit + C:\WINDOWS\system32\userinit.exe Userinit Logon Application Microsoft Corporation c:\windows\system32\userinit.exeHKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell + Explorer.exe Windows Explorer Microsoft Corporation c:\windows\explorer.exeHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run + AVPCC KL Control Centre Kaspersky Labs. c:\program files\kaspersky lab\kaspersky anti-virus personal pro\avpcc.exe+ DAEMON Tools-1033 Virtual DAEMON Manager DAEMON'S HOME c:\program files\d-tools\daemon.exe+ HP Software Update hpwuSchd Hewlett-Packard Company c:\program files\hp\hp software update\hpwuschd2.exe+ ICQ Lite ICQLite ICQ Ltd. c:\program files\icqlite\icqlite.exe+ OfficeGuard RegChecker c:\program files\kaspersky lab\kaspersky anti-virus personal pro\ogrc.exe+ OrderReminder HP Cartridge Order Reminder Hewlett-Packard c:\program files\hewlett-packard\orderreminder\orderreminder.exe+ Smapp SoundMAX System Tray Analog Devices c:\program files\analog devices\soundmax\smtray.exeC:\Documents and Settings\All Users\Start Menu\Programs\Startup + HP Digital Imaging Monitor.lnk HP Digital Imaging Monitor Hewlett-Packard Co. c:\program files\hp\digital imaging\bin\hpqtra08.exe+ HP Image Zone Fast Start.lnk HP Image Zone Hewlett-Packard Co. c:\program files\hp\digital imaging\bin\hpqthb08.exe+ Microsoft Office.lnk Microsoft Office XP component Microsoft Corporation c:\program files\microsoft office\office10\osa.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Run + ctfmon.exe CTF Loader Microsoft Corporation c:\windows\system32\ctfmon.exe+ MSMSGS Messenger Microsoft Corporation c:\program files\messenger\msmsgs.exeHKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce + ICQ Lite ICQLite ICQ Ltd. c:\program files\icqlite\icqlite.exeHKLM\SOFTWARE\Classes\Protocols\Filter + application/octet-stream Microsoft .NET Runtime Execution Engine Microsoft Corporation c:\windows\system32\mscoree.dll+ application/x-complus Microsoft .NET Runtime Execution Engine Microsoft Corporation c:\windows\system32\mscoree.dll+ application/x-msdownload Microsoft .NET Runtime Execution Engine Microsoft Corporation c:\windows\system32\mscoree.dll+ Class Install Handler OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll+ deflate OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll+ gzip OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll+ lzdhtml OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll+ text/webviewhtml Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dllHKLM\SOFTWARE\Classes\Protocols\Handler + about Microsoft ® HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll+ cdl OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll+ cdo Microsoft SharePoint Portal Server Object Model Microsoft Corporation c:\program files\common files\microsoft shared\web folders\pkmcdo.dll+ dvd ActiveX control for streaming video Microsoft Corporation c:\windows\system32\msvidctl.dll+ file OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll+ ftp OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll+ gopher OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll+ http OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll+ https OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll+ its Microsoft® InfoTech Storage System Library Microsoft Corporation c:\windows\system32\itss.dll+ javascript Microsoft ® HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll+ local OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll+ mailto Microsoft ® HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll+ mhtml Microsoft Internet Messaging API Microsoft Corporation c:\windows\system32\inetcomm.dll+ mk OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll+ ms-its Microsoft® InfoTech Storage System Library Microsoft Corporation c:\windows\system32\itss.dll+ mso-offdap Microsoft Office XP Web Components Microsoft Corporation c:\program files\common files\microsoft shared\web components\10\owc10.dll+ res Microsoft ® HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll+ sysimage Microsoft ® HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll+ tv ActiveX control for streaming video Microsoft Corporation c:\windows\system32\msvidctl.dll+ vbscript Microsoft ® HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll+ vnd.ms.radio Windows Media Player 2 ActiveX Control Microsoft Corporation c:\windows\system32\msdxm.ocx+ wia WIA Scripting Layer Microsoft Corporation c:\windows\system32\wiascr.dllHKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components + 0 File not found: About:HomeHKLM\SOFTWARE\Microsoft\Active Setup\Installed Components + Address Book 6 Outlook Express Setup Library Microsoft Corporation c:\program files\outlook express\setup50.exe+ Browser Customizations Microsoft Internet Explorer Customization DLL Microsoft Corporation c:\windows\system32\iedkcs32.dll+ Internet Explorer Windows NT User Data Migration Tool Microsoft Corporation c:\windows\system32\shmgrate.exe+ Internet Explorer 6 IE 5.0 Per-User Install Utility Microsoft Corporation c:\windows\system32\ie4uinit.exe+ Microsoft Outlook Express 6 Outlook Express Setup Library Microsoft Corporation c:\program files\outlook express\setup50.exe+ Microsoft Windows Media Player Microsoft Windows Media Player Setup Utility Microsoft Corporation c:\windows\inf\unregmp2.exe+ Microsoft Windows Media Player 6.4 ADVPACK Microsoft Corporation c:\windows\system32\advpack.dll+ Microsoft Windows Media Player 8 ADVPACK Microsoft Corporation c:\windows\system32\advpack.dll+ n/a Messenger Service Microsoft Corporation c:\program files\messenger\msgsc.dll+ n/a Microsoft .NET IE SECURITY REGISTRATION Microsoft Corporation c:\windows\system32\mscories.dll+ NetMeeting 3.01 ADVPACK Microsoft Corporation c:\windows\system32\advpack.dll+ Outlook Express Windows NT User Data Migration Tool Microsoft Corporation c:\windows\system32\shmgrate.exe+ Themes Setup Microsoft© Register Server Microsoft Corporation c:\windows\system32\regsvr32.exe+ Windows Desktop Update Microsoft© Register Server Microsoft Corporation c:\windows\system32\regsvr32.exe+ Windows Messenger ADVPACK Microsoft Corporation c:\windows\system32\advpack.dllHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler + Browseui preloader Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Component Categories cache daemon Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dllHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad + CDBurn Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll+ PostBootReminder Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll+ SysTray Systray shell service object Microsoft Corporation c:\windows\system32\stobject.dll+ WebCheck Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dllHKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks + shell32.dll Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dllHKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved + %DESC_PublishDropTarget% Photo Printing Wizard Microsoft Corporation c:\windows\system32\photowiz.dll+ &Address Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ .CAB file viewer Cabinet File Viewer Shell Extension Microsoft Corporation c:\windows\system32\cabview.dll+ Accessible Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ ActiveX Cache Folder Object Control Viewer Microsoft Corporation c:\windows\system32\occache.dll+ Address Bar Parser Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Address EditBox Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Administrative Tools Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Audio Media Properties Handler Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll+ Augmented Shell Folder Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Augmented Shell Folder 2 Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Auto Update Property Sheet Extension Automatic Updates Control Panel Microsoft Corporation c:\windows\system32\wuaucpl.cpl+ Avi Properties Handler Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll+ BandProxy Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Briefcase Windows Briefcase Microsoft Corporation c:\windows\system32\syncui.dll+ CDF Extension Copy Hook Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Channel File Channel Definition File Viewer Microsoft Corporation c:\windows\system32\cdfview.dll+ Channel Handler Object Channel Definition File Viewer Microsoft Corporation c:\windows\system32\cdfview.dll+ Channel Menu Channel Definition File Viewer Microsoft Corporation c:\windows\system32\cdfview.dll+ Channel Properties Channel Definition File Viewer Microsoft Corporation c:\windows\system32\cdfview.dll+ Channel Shortcut Channel Definition File Viewer Microsoft Corporation c:\windows\system32\cdfview.dll+ Code Download Agent Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll+ Compatibility Page Compatibility Tab Shell Extension DLL Microsoft Corporation c:\windows\system32\slayerxp.dll+ Compressed (zipped) Folder Compressed (zipped) Folders Microsoft Corporation c:\windows\system32\zipfldr.dll+ Compressed (zipped) Folder Right Drag Handler Compressed (zipped) Folders Microsoft Corporation c:\windows\system32\zipfldr.dll+ Compressed (zipped) Folder SendTo Target Compressed (zipped) Folders Microsoft Corporation c:\windows\system32\zipfldr.dll+ ConnectionAgent Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll+ Crypto PKO Extension Crypto Shell Extensions Microsoft Corporation c:\windows\system32\cryptext.dll+ Crypto Sign Extension Crypto Shell Extensions Microsoft Corporation c:\windows\system32\cryptext.dll+ Custom MRU AutoCompleted List Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Darwin App Publisher Shell Application Manager Microsoft Corporation c:\windows\system32\appwiz.cpl+ DfsShell Distributed File System shell extension Microsoft Corporation c:\windows\system32\dfsshlex.dll+ Directory Context Menu Verbs Directory Service Common UI Microsoft Corporation c:\windows\system32\dsuiext.dll+ Directory Object Find Directory Service Find Microsoft Corporation c:\windows\system32\dsquery.dll+ Directory Property UI Directory Service Common UI Microsoft Corporation c:\windows\system32\dsuiext.dll+ Directory Query UI Directory Service Find Microsoft Corporation c:\windows\system32\dsquery.dll+ Directory Start/Search Find Directory Service Find Microsoft Corporation c:\windows\system32\dsquery.dll+ Disk Copy Extension Windows DiskCopy Microsoft Corporation c:\windows\system32\diskcopy.dll+ Disk Quota UI Windows Shell Disk Quota UI DLL Microsoft Corporation c:\windows\system32\dskquoui.dll+ Display Adapter CPL Extension Advanced display adapter properties Microsoft Corporation c:\windows\system32\deskadp.dll+ Display Monitor CPL Extension Advanced display monitor properties Microsoft Corporation c:\windows\system32\deskmon.dll+ Display Panning CPL Extension File not found: deskpan.dll+ Display TroubleShoot CPL Extension Advanced display performance properties Microsoft Corporation c:\windows\system32\deskperf.dll+ Download Status Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ DS Security Page Directory Service Security UI Microsoft Corporation c:\windows\system32\dssec.dll+ E-mail Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Explorer Band Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Favorites Band Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Fonts Windows Font Folder Microsoft Corporation c:\windows\system32\fontext.dll+ Fonts Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ For &People... Find People Microsoft Corporation c:\program files\outlook express\wabfind.dll+ FTP Folders Webview Microsoft Internet Explorer FTP Folder Shell Extension Microsoft Corporation c:\windows\system32\msieftp.dll+ Fusion Cache Microsoft .NET Runtime Execution Engine Microsoft Corporation c:\windows\system32\mscoree.dll+ GDI+ file thumbnail extractor Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll+ Get a Passport Wizard Map Network Drives/Network Places Wizard Microsoft Corporation c:\windows\system32\netplwiz.dll+ Global Folder Settings Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Help and Support Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Help and Support Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ History Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ HTML Thumbnail Extractor Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll+ HyperTerminal Icon Ext HyperTerminal Applet Library Hilgraeve, Inc. c:\windows\system32\hticons.dll+ ICC Profile Microsoft Color Matching System User Interface DLL Microsoft Corporation c:\windows\system32\icmui.dll+ ICM Monitor Management Microsoft Color Matching System User Interface DLL Microsoft Corporation c:\windows\system32\icmui.dll+ ICM Printer Management Microsoft Color Matching System User Interface DLL Microsoft Corporation c:\windows\system32\icmui.dll+ ICM Scanner Management Microsoft Color Matching System User Interface DLL Microsoft Corporation c:\windows\system32\icmui.dll+ ICQ Lite Shell Extension ICQLiteShell Module c:\program files\icqlite\icqliteshell.dll+ IE4 Suite Splash Screen Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ In-pane search Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Installed Apps Enumerator Shell Application Manager Microsoft Corporation c:\windows\system32\appwiz.cpl+ Internet Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Internet Name Space Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ InternetShortcut Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ ISFBand OC Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Media Band Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Microsoft Agent Character Property Sheet Handler Microsoft Agent Property Sheet Handler Microsoft Corporation c:\windows\msagent\agentpsh.dll+ Microsoft AutoComplete Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Microsoft Browser Architecture Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Microsoft BrowserBand Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Microsoft Data Link Microsoft Data Access - OLE DB Core Services Microsoft Corporation c:\program files\common files\system\ole db\oledb32.dll+ Microsoft DocProp Inplace Calendar Control Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll+ Microsoft DocProp Inplace Droplist Combo Control Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll+ Microsoft DocProp Inplace Edit Box Control Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll+ Microsoft DocProp Inplace ML Edit Box Control Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll+ Microsoft DocProp Inplace Time Control Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll+ Microsoft DocProp Shell Ext Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll+ Microsoft History AutoComplete List Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Microsoft Internet Toolbar Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Microsoft Multiple AutoComplete List Container Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Microsoft Office HTML Icon Handler Microsoft Office XP component Microsoft Corporation c:\program files\microsoft office\office10\msohev.dll+ Microsoft Outlook Custom Icon Handler Outlook Shell Hook for Start/Find Microsoft Corporation c:\program files\microsoft office\office10\olkfstub.dll+ Microsoft Shell Folder AutoComplete List Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Microsoft Url History Service Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Microsoft Url Search Hook Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Midi Properties Handler Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll+ MMC Icon Handler MMC Shell Extension DLL Microsoft Corporation c:\windows\system32\mmcshext.dll+ MRU AutoComplete List Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Multimedia File Property Sheet Control Panel Drivers Applet Microsoft Corporation c:\windows\system32\mmsys.cpl+ MyDocs Copy Hook My Documents Folder UI Microsoft Corporation c:\windows\system32\mydocs.dll+ MyDocs Drop Target My Documents Folder UI Microsoft Corporation c:\windows\system32\mydocs.dll+ MyDocs Properties My Documents Folder UI Microsoft Corporation c:\windows\system32\mydocs.dll+ Network Connections Network Connections Shell Microsoft Corporation c:\windows\system32\netshell.dll+ Network Connections Network Connections Shell Microsoft Corporation c:\windows\system32\netshell.dll+ NTFS Security Page Security Shell Extension Microsoft Corporation c:\windows\system32\rshx32.dll+ Offline Files Folder Client Side Caching UI Microsoft Corporation c:\windows\system32\cscui.dll+ Offline Files Folder Options Client Side Caching UI Microsoft Corporation c:\windows\system32\cscui.dll+ Offline Files Menu Client Side Caching UI Microsoft Corporation c:\windows\system32\cscui.dll+ OLE Docfile Property Page OLE DocFile Property Page Microsoft Corporation c:\windows\system32\docprop.dll+ PDFTransformer2ContextMenu ABBYY PDF Transformer Context Menu ABBYY Software c:\program files\abbyy pdf transformer 2.0\pdftcontextmenu.dll+ PicaView32 PicaView Shell Extension DLL ACD Systems, Ltd. c:\program files\picaview32\picaview.dll+ PlusPack CPL Extension Windows Theme API Microsoft Corporation c:\windows\system32\themeui.dll+ PostAgent Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll+ Print Ordering via the Web Map Network Drives/Network Places Wizard Microsoft Corporation c:\windows\system32\netplwiz.dll+ Printers Security Page Security Shell Extension Microsoft Corporation c:\windows\system32\rshx32.dll+ Registry Tree Options Utility Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Remote Sessions CPL Extension Remote Sessions CPL Extension Microsoft Corporation c:\windows\system32\remotepg.dll+ Run... Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Corporation c:\windows\system32\wiashext.dll+ Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Corporation c:\windows\system32\wiashext.dll+ Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Corporation c:\windows\system32\wiashext.dll+ Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Corporation c:\windows\system32\wiashext.dll+ Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Corporation c:\windows\system32\wiashext.dll+ Scheduled Tasks Task Scheduler interface DLL Microsoft Corporation c:\windows\system32\mstask.dll+ Search Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Search Assistant OC Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Search Band Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Sendmail service Send Mail Microsoft Corporation c:\windows\system32\sendmail.dll+ Sendmail service Send Mail Microsoft Corporation c:\windows\system32\sendmail.dll+ Shell Application Manager Shell Application Manager Microsoft Corporation c:\windows\system32\appwiz.cpl+ Shell Automation Inproc Service Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Shell Band Site Menu Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Shell DeskBar Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Shell DeskBarApp Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Shell DocObject Viewer Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Shell extensions for Microsoft Windows Network objects Network object shell UI Microsoft Corporation c:\windows\system32\ntlanui2.dll+ Shell extensions for sharing Shell extensions for sharing Microsoft Corporation c:\windows\system32\ntshrui.dll+ Shell extensions for sharing Shell extensions for sharing Microsoft Corporation c:\windows\system32\ntshrui.dll+ Shell extensions for Windows Script Host Microsoft ® Shell Extension for Windows Script Host Microsoft Corporation c:\windows\system32\wshext.dll+ Shell Image Data Factory Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll+ Shell Image Property Handler Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll+ Shell Image Verbs Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll+ Shell properties for a DS object Directory Service Find Microsoft Corporation c:\windows\system32\dsquery.dll+ Shell Publishing Wizard Object Map Network Drives/Network Places Wizard Microsoft Corporation c:\windows\system32\netplwiz.dll+ Shell Rebar BandSite Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Shell Scrap DataHandler Shell scrap object handler Microsoft Corporation c:\windows\system32\shscrap.dll+ Subscription Folder Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll+ Subscription Mgr Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll+ Summary Info Thumbnail handler (DOCFILES) Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll+ Taskbar and Start Menu Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll+ Tasks Folder Icon Handler Task Scheduler interface DLL Microsoft Corporation c:\windows\system32\mstask.dll+ Tasks Folder Shell Extension Task Scheduler interface DLL Microsoft Corporation c:\windows\system32\mstask.dll+ Temporary Internet Files Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Temporary Internet Files Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ The Internet Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll+ Track Popup Bar Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ TrayAgent Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll+ TridentImageExtractor Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ User Accounts Map Network Drives/Network Places Wizard Microsoft Corporation c:\windows\system32\netplwiz.dll+ User Assist Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ Video Media Properties Handler Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll+ Video Thumbnail Extractor Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll+ Wav Properties Handler Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll+ Web Folders Microsoft Web Folders Microsoft Corporation c:\program files\common files\microsoft shared\web folders\msonsext.dll+ Web Printer Shell Extension Print UI DLL Microsoft Corporation c:\windows\system32\printui.dll+ Web Publishing Wizard Map Network Drives/Network Places Wizard Microsoft Corporation c:\windows\system32\netplwiz.dll+ Web Search Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll+ WebCheck Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll+ WebCheck SyncMgr Handler Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll+ WebCheckChannelAgent Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll+ WebCheckWebCrawler Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll+ Windows Media Player Add to Playlist Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll+ Windows Media Player Burn Audio CD Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll+ Windows Media Player Play as Playlist Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll+ WinRAR shell extension c:\program files\winrar\rarext.dllHKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved + Web Folders Microsoft Web Folders Microsoft Corporation c:\program files\common files\microsoft shared\web folders\msonsext.dllHKLM\Software\Classes\Folder\Shellex\ColumnHandlers + {0D2E74C4-3C34-11d2-A27E-00C04FC30871} Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll+ {24F14F01-7B1C-11d1-838f-0000F80461CF} Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll+ {24F14F02-7B1C-11d1-838f-0000F80461CF} Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll+ {66742402-F9B9-11D1-A202-0000F81FEDEE} Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dllHKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects + AcroIEHlprObj Class AcroIEHelper Module c:\program files\adobe\acrobat 5.0\reader\activex\acroiehelper.ocx+ IeCatch2 Class jccatch Module Amaze Soft c:\program files\flashget\jccatch.dllHKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks + shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dllHKLM\Software\Microsoft\Internet Explorer\Toolbar + FlashGet Bar FlashGet IE Bar Amaze Soft c:\program files\flashget\fgiebar.dll+ msdxm.ocx Windows Media Player 2 ActiveX Control Microsoft Corporation c:\windows\system32\msdxm.ocxHKLM\Software\Microsoft\Internet Explorer\Extensions + &FlashGet FlashGet Amaze Soft c:\program files\flashget\flashget.exe+ ICQ Lite ICQLite ICQ Ltd. c:\program files\icqlite\icqlite.exeHKLM\System\CurrentControlSet\Services + AudioSrv Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe+ AVPCC KL Control Centre Kaspersky Labs. c:\program files\kaspersky lab\kaspersky anti-virus personal pro\avpcc.exe+ Browser Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe+ CryptSvc Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe+ Dhcp Manages network configuration by registering and updating IP addresses and DNS names. Microsoft Corporation c:\windows\system32\svchost.exe+ dmserver Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe+ Dnscache Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe+ ERSvc Allows error reporting for services and applictions running in non-standard environments. Microsoft Corporation c:\windows\system32\svchost.exe+ Eventlog Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped. Microsoft Corporation c:\windows\system32\services.exe+ helpsvc Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe+ KAVMonitorService KAV Monitor main module Kaspersky Labs. c:\program files\kaspersky lab\kaspersky anti-virus personal pro\avpm.exe+ lanmanserver Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe+ lanmanworkstation Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe+ LmHosts Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution. Microsoft Corporation c:\windows\system32\svchost.exe+ Messenger Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe+ PlugPlay Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability. Microsoft Corporation c:\windows\system32\services.exe+ PolicyAgent Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver. Microsoft Corporation c:\windows\system32\lsass.exe+ ProtectedStorage Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users. Microsoft Corporation c:\windows\system32\lsass.exe+ RemoteRegistry Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe+ RpcSs Provides the endpoint mapper and other miscellaneous RPC services. Microsoft Corporation c:\windows\system32\svchost.exe+ SamSs Stores security information for local user accounts. Microsoft Corporation c:\windows\system32\lsass.exe+ Schedule Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe+ seclogon Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe+ SENS Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events. Microsoft Corporation c:\windows\system32\svchost.exe+ ShellHWDetection Generic Host Process for Win32 Services Microsoft Corporation c:\windows\system32\svchost.exe+ Spooler Loads files to memory for later printing. Microsoft Corporation c:\windows\system32\spoolsv.exe+ srservice Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties Microsoft Corporation c:\windows\system32\svchost.exe+ stisvc Provides image acquisition services for scanners and cameras. Microsoft Corporation c:\windows\system32\svchost.exe+ Themes Provides user experience theme management. Microsoft Corporation c:\windows\system32\svchost.exe+ TrkWks Maintains links between NTFS files within a computer or across computers in a network domain. Microsoft Corporation c:\windows\system32\svchost.exe+ uploadmgr Manages synchronous and asynchronous file transfers between clients and servers on the network. If this service is stopped, synchronous and asynchronous file transfers between clients and servers on the network will not occur. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe+ W32Time Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe+ WebClient Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe+ winmgmt Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe+ WmdmPmSp Retrieves the serial number of any portable music player connected to your computer Microsoft Corporation c:\windows\system32\svchost.exe+ wuauserv Enables the download and installation of critical Windows updates. If the service is disabled, the operating system can be manually updated at the Windows Update Web site. Microsoft Corporation c:\windows\system32\svchost.exe+ WZCSVC Provides automatic configuration for the 802.11 adapters Microsoft Corporation c:\windows\system32\svchost.exeHKLM\System\CurrentControlSet\Services + ac97intc Intel® Integrated Controller Hub Audio Driver Intel Corporation c:\windows\system32\drivers\ac97intc.sys+ ACPI ACPI Driver for NT Microsoft Corporation c:\windows\system32\drivers\acpi.sys+ aec Microsoft Acoustic Echo Canceller Microsoft Corporation c:\windows\system32\drivers\aec.sys+ AFD Ancillary Function Driver for WinSock Microsoft Corporation c:\windows\system32\drivers\afd.sys+ agp440 440 NT AGP Filter Microsoft Corporation c:\windows\system32\drivers\agp440.sys+ AsyncMac RAS Asynchronous Media Driver Microsoft Corporation c:\windows\system32\drivers\asyncmac.sys+ atapi c:\windows\system32\drivers\atapi.sys+ Atmarpc ATM ARP Client Protocol Microsoft Corporation c:\windows\system32\drivers\atmarpc.sys+ audstub AudStub Driver Microsoft Corporation c:\windows\system32\drivers\audstub.sys+ Cdrom SCSI CD-ROM Driver Microsoft Corporation c:\windows\system32\drivers\cdrom.sys+ d346bus PnP BIOS Extension c:\windows\system32\drivers\d346bus.sys+ d346prt SCSI miniport c:\windows\system32\drivers\d346prt.sys+ Disk PnP Disk Driver Microsoft Corporation c:\windows\system32\drivers\disk.sys+ dmio NT Disk Manager I/O Driver Microsoft Corp., Veritas Software c:\windows\system32\drivers\dmio.sys+ dmload NT Disk Manager Startup Driver Microsoft Corp., Veritas Software. c:\windows\system32\drivers\dmload.sys+ DMusic Microsoft Kernel DLS Synthesizer Microsoft Corporation c:\windows\system32\drivers\dmusic.sys+ drmkaud Microsoft Kernel DRM Audio Descrambler Filter Microsoft Corporation c:\windows\system32\drivers\drmkaud.sys+ E100B NDIS 5 driver Intel Corporation c:\windows\system32\drivers\e100b325.sys+ Fdc Floppy Disk Controller Driver Microsoft Corporation c:\windows\system32\drivers\fdc.sys+ Flpydisk Floppy Driver Microsoft Corporation c:\windows\system32\drivers\flpydisk.sys+ Ftdisk FT Disk Driver Microsoft Corporation c:\windows\system32\drivers\ftdisk.sys+ Gpc Generic Packet Classifier Microsoft Corporation c:\windows\system32\drivers\msgpc.sys+ HidUsb USB Miniport Driver for Input Devices Microsoft Corporation c:\windows\system32\drivers\hidusb.sys+ i8042prt i8042 Port Driver Microsoft Corporation c:\windows\system32\drivers\i8042prt.sys+ i81x Miniport Driver for Intel Graphics Driver Intel® Corporation c:\windows\system32\drivers\i81xnt5.sys+ iAimFP0 Digital Display Minidriver for Intel® Graphics Driver Intel® Corporation c:\windows\system32\drivers\wadv01nt.sys+ iAimFP1 Digital Display Minidriver for Intel® Graphics Driver Intel® Corporation c:\windows\system32\drivers\wadv02nt.sys+ iAimFP2 Digital Display Minidriver for Intel® Graphics Driver Intel® Corporation c:\windows\system32\drivers\wadv05nt.sys+ iAimFP3 Digital Display Minidriver for Intel® Graphics Driver Intel® Corporation c:\windows\system32\drivers\wsiintxx.sys+ iAimFP4 Local Flat Panel Display Minidriver for Intel® Graphics Driver Intel® Corporation c:\windows\system32\drivers\wvchntxx.sys+ iAimFP5 Digital Display Minidriver for Intel® Graphics Driver Intel® Corporation c:\windows\system32\drivers\wadv07nt.sys+ iAimFP6 Digital Display Minidriver for Intel® Graphics Driver Intel® Corporation c:\windows\system32\drivers\wadv08nt.sys+ iAimFP7 Digital Display Minidriver for Intel® Graphics Driver Intel® Corporation c:\windows\system32\drivers\wadv09nt.sys+ iAimTV0 Digital Display Minidriver for Intel® Graphics Driver Intel® Corporation c:\windows\system32\drivers\watv01nt.sys+ iAimTV1 Digital Display Minidriver for Intel® Graphics Driver Intel® Corporation c:\windows\system32\drivers\watv02nt.sys+ iAimTV2 Digital Display Minidriver for Intel® Graphics Driver Intel Corporation c:\windows\system32\drivers\watv03nt.sys+ iAimTV3 Digital Display Minidriver for Intel® Graphics Driver Intel® Corporation c:\windows\system32\drivers\watv04nt.sys+ iAimTV4 Digital Display Minidriver for Intel® Graphics Driver Intel® Corporation c:\windows\system32\drivers\wch7xxnt.sys+ iAimTV5 Digital Display Minidriver for Intel® Graphics Driver Intel® Corporation c:\windows\system32\drivers\watv10nt.sys+ iAimTV6 Digital Display Minidriver for Intel® Graphics Driver Intel® Corporation c:\windows\system32\drivers\watv06nt.sys+ Imapi IMAPI Kernel Driver Microsoft Corporation c:\windows\system32\drivers\imapi.sys+ IntelIde Intel PCI IDE Driver Microsoft Corporation c:\windows\system32\drivers\intelide.sys+ IpFilterDriver IP Traffic Filter Driver Microsoft Corporation c:\windows\system32\drivers\ipfltdrv.sys+ IpInIp IP in IP Tunnel Driver Microsoft Corporation c:\windows\system32\drivers\ipinip.sys+ IpNat IP Network Address Translator Microsoft Corporation c:\windows\system32\drivers\ipnat.sys+ IPSec IPSEC driver Microsoft Corporation c:\windows\system32\drivers\ipsec.sys+ IRENUM Infra-Red Bus Enumerator Microsoft Corporation c:\windows\system32\drivers\irenum.sys+ isapnp PNP ISA Bus Driver Microsoft Corporation c:\windows\system32\drivers\isapnp.sys+ Kbdclass Keyboard Class Driver Microsoft Corporation c:\windows\system32\drivers\kbdclass.sys+ Klif spuper-ptor Kaspersky Labs c:\windows\system32\drivers\klif.sys+ kmixer Kernel Mode Audio Mixer Microsoft Corporation c:\windows\system32\drivers\kmixer.sys+ Mouclass Mouse Class Driver Microsoft Corporation c:\windows\system32\drivers\mouclass.sys+ mouhid HID Mouse Filter Driver Microsoft Corporation c:\windows\system32\drivers\mouhid.sys+ MSKSSRV MS KS Server Microsoft Corporation c:\windows\system32\drivers\mskssrv.sys+ MSPCLOCK MS Proxy Clock Microsoft Corporation c:\windows\system32\drivers\mspclock.sys+ MSPQM MS Proxy Quality Manager Microsoft Corporation c:\windows\system32\drivers\mspqm.sys+ NdisTapi Remote Access NDIS TAPI Driver Microsoft Corporation c:\windows\system32\drivers\ndistapi.sys+ Ndisuio NDIS Usermode I/O Protocol Microsoft Corporation c:\windows\system32\drivers\ndisuio.sys+ NdisWan Remote Access NDIS WAN Driver Microsoft Corporation c:\windows\system32\drivers\ndiswan.sys+ NetBT NetBios over Tcpip Microsoft Corporation c:\windows\system32\drivers\netbt.sys+ NwlnkFlt IPX Traffic Filter Driver Microsoft Corporation c:\windows\system32\drivers\nwlnkflt.sys+ NwlnkFwd IPX Traffic Forwarder Driver Microsoft Corporation c:\windows\system32\drivers\nwlnkfwd.sys+ P3 Processor Device Driver Microsoft Corporation c:\windows\system32\drivers\p3.sys+ Parport Parallel Port Driver Microsoft Corporation c:\windows\system32\drivers\parport.sys+ PCI NT Plug and Play PCI Enumerator Microsoft Corporation c:\windows\system32\drivers\pci.sys+ PptpMiniport WAN Miniport (PPTP) Microsoft Corporation c:\windows\system32\drivers\raspptp.sys+ PSched QoS Packet Scheduler Microsoft Corporation c:\windows\system32\drivers\psched.sys+ Ptilink Direct Parallel Link Driver Parallel Technologies, Inc. c:\windows\system32\drivers\ptilink.sys+ RasAcd Remote Access Auto Connection Driver Microsoft Corporation c:\windows\system32\drivers\rasacd.sys+ Rasl2tp WAN Miniport (L2TP) Microsoft Corporation c:\windows\system32\drivers\rasl2tp.sys+ RasPppoe Remote Access PPPOE Driver Microsoft Corporation c:\windows\system32\drivers\raspppoe.sys+ Raspti Direct Parallel Microsoft Corporation c:\windows\system32\drivers\raspti.sys+ RDPCDD RDP Miniport Microsoft Corporation c:\windows\system32\drivers\rdpcdd.sys+ rdpdr Microsoft RDP Device redirector Microsoft Corporation c:\windows\system32\drivers\rdpdr.sys+ redbook Redbook Audio Filter Driver Microsoft Corporation c:\windows\system32\drivers\redbook.sys+ S3SAVAGE4M S3 Miniport Driver S3 Incorporated c:\windows\system32\drivers\s3sav4m.sys+ Secdrv SafeDisc driver c:\windows\system32\drivers\secdrv.sys+ serenum Serial Port Enumerator Microsoft Corporation c:\windows\system32\drivers\serenum.sys+ Serial Serial Device Driver Microsoft Corporation c:\windows\system32\drivers\serial.sys+ smwdm SoundMAX Integrated Digital Audio Analog Devices, Inc. c:\windows\system32\drivers\smwdm.sys+ splitter Microsoft Kernel Audio Splitter Microsoft Corporation c:\windows\system32\drivers\splitter.sys+ swenum Plug and Play Software Device Enumerator Microsoft Corporation c:\windows\system32\drivers\swenum.sys+ swmidi Microsoft GS Wavetable Synthesizer Microsoft Corporation c:\windows\system32\drivers\swmidi.sys+ sysaudio System Audio WDM Filter Microsoft Corporation c:\windows\system32\drivers\sysaudio.sys+ Tcpip TCP/IP Protocol Driver Microsoft Corporation c:\windows\system32\drivers\tcpip.sys+ TermDD Terminal Server Driver Microsoft Corporation c:\windows\system32\drivers\termdd.sys+ Update Update Driver Microsoft Corporation c:\windows\system32\drivers\update.sys+ usbhub Default Hub Driver for USB Microsoft Corporation c:\windows\system32\drivers\usbhub.sys+ usbprint USB Printer driver Microsoft Corporation c:\windows\system32\drivers\usbprint.sys+ usbscan USB Scanner Driver Microsoft Corporation c:\windows\system32\drivers\usbscan.sys+ USBSTOR USB Mass Storage Class Driver Microsoft Corporation c:\windows\system32\drivers\usbstor.sys+ usbuhci UHCI USB Miniport Driver Microsoft Corporation c:\windows\system32\drivers\usbuhci.sys+ VgaSave VGA/Super VGA Video Driver Microsoft Corporation c:\windows\system32\drivers\vga.sys+ Wanarp Remote Access IP ARP Driver Microsoft Corporation c:\windows\system32\drivers\wanarp.sys+ wdmaud MMSYSTEM Wave/Midi API mapper Microsoft Corporation c:\windows\system32\drivers\wdmaud.sysHKLM\System\CurrentControlSet\Control\Session Manager\BootExecute + autocheck autochk * Auto Check Utility Microsoft Corporation c:\windows\system32\autochk.exeHKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options + Your Image File Name Here without a path Symbolic Debugger for Windows 2000 Microsoft Corporation c:\windows\system32\ntsd.exeHKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls + advapi32 Advanced Windows 32 Base API Microsoft Corporation c:\windows\system32\advapi32.dll+ comdlg32 Common Dialogs DLL Microsoft Corporation c:\windows\system32\comdlg32.dll+ gdi32 GDI Client DLL Microsoft Corporation c:\windows\system32\gdi32.dll+ imagehlp Windows NT Image Helper Microsoft Corporation c:\windows\system32\imagehlp.dll+ kernel32 Windows NT BASE API Client DLL Microsoft Corporation c:\windows\system32\kernel32.dll+ lz32 LZ Expand/Compress API DLL Microsoft Corporation c:\windows\system32\lz32.dll+ ole32 Microsoft OLE for Windows Microsoft Corporation c:\windows\system32\ole32.dll+ oleaut32 Microsoft OLE 3.50 for Windows NT and Windows 95 Operating Systems Microsoft Corporation c:\windows\system32\oleaut32.dll+ olecli32 Object Linking and Embedding Client Library Microsoft Corporation c:\windows\system32\olecli32.dll+ olecnv32 Microsoft OLE for Windows Microsoft Corporation c:\windows\system32\olecnv32.dll+ olesvr32 Object Linking and Embedding Server Library Microsoft Corporation c:\windows\system32\olesvr32.dll+ olethk32 Microsoft OLE for Windows Microsoft Corporation c:\windows\system32\olethk32.dll+ rpcrt4 Remote Procedure Call Runtime Microsoft Corporation c:\windows\system32\rpcrt4.dll+ shell32 Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll+ url Internet Shortcut Shell Extension DLL Microsoft Corporation c:\windows\system32\url.dll+ urlmon OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll+ user32 Windows XP USER API Client DLL Microsoft Corporation c:\windows\system32\user32.dll+ version Version Checking and File Installation Libraries Microsoft Corporation c:\windows\system32\version.dll+ wininet Internet Extensions for Win32 Microsoft Corporation c:\windows\system32\wininet.dll+ wldap32 Win32 LDAP API DLL Microsoft Corporation c:\windows\system32\wldap32.dllHKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost + logonui.exe Windows Logon UI Microsoft Corporation c:\windows\system32\logonui.exeHKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify + crypt32chain Crypto API32 Microsoft Corporation c:\windows\system32\crypt32.dll+ cryptnet Crypto Network Related API Microsoft Corporation c:\windows\system32\cryptnet.dll+ cscdll Offline Network Agent Microsoft Corporation c:\windows\system32\cscdll.dll+ ScCertProp Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll+ Schedule Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll+ sclgntfy Secondary Logon Service Notification DLL Microsoft Corporation c:\windows\system32\sclgntfy.dll+ SensLogn Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll+ termsrv Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll+ wlballoon Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dllHKCU\Control Panel\Desktop\Scrnsave.exe + C:\WINDOWS\System32\logon.scr Logon Screen Saver Microsoft Corporation c:\windows\system32\logon.scrHKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9 + MSAFD NetBIOS [\Device\NetBT_Tcpip_{31E00F48-6793-47A8-99DF-805FD86274A7}] DATAGRAM 1 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{31E00F48-6793-47A8-99DF-805FD86274A7}] SEQPACKET 1 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{6BE80C15-3B13-4705-8211-B9169C250966}] DATAGRAM 3 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{6BE80C15-3B13-4705-8211-B9169C250966}] SEQPACKET 3 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{BFA6E356-8CA6-476A-AE99-797F3BEE817A}] DATAGRAM 0 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{BFA6E356-8CA6-476A-AE99-797F3BEE817A}] SEQPACKET 0 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{E486E92C-C8DA-4C65-9279-C40481D84E50}] DATAGRAM 2 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{E486E92C-C8DA-4C65-9279-C40481D84E50}] SEQPACKET 2 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll+ MSAFD Tcpip [RAW/IP] Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll+ MSAFD Tcpip [TCP/IP] Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll+ MSAFD Tcpip [uDP/IP] Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll+ RSVP TCP Service Provider Microsoft Windows Rsvp 1.0 Service Provider Microsoft Corporation c:\windows\system32\rsvpsp.dll+ RSVP UDP Service Provider Microsoft Windows Rsvp 1.0 Service Provider Microsoft Corporation c:\windows\system32\rsvpsp.dllHKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors + BJ Language Monitor Langage Monitor for Canon Bubble-Jet Printer Microsoft Corporation c:\windows\system32\cnbjmon.dll+ HPLJ1020LM Spooler Language Monitor for HP LaserJet Series 1020/2600 Zenographics, Inc. c:\windows\system32\zlhp1020.dll+ Local Port Local Spooler DLL Microsoft Corporation c:\windows\system32\localspl.dll+ PDF-XChange PDF-XChange Port Monitor Tracker Software c:\windows\system32\pxc25pm.dll+ PJL Language Monitor PJL Language monitor Microsoft Corporation c:\windows\system32\pjlmon.dll+ Standard TCP/IP Port Standard TCP/IP Port Monitor DLL Microsoft Corporation c:\windows\system32\tcpmon.dll+ USB Monitor Standard Dynamic Printing Port Monitor DLL Microsoft Corporation c:\windows\system32\usbmon.dllHKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders + digest.dll Digest SSPI Authentication Package Microsoft Corporation c:\windows\system32\digest.dll+ msapsspc.dll DPA Client for 32 bit platforms Microsoft Corporation c:\windows\system32\msapsspc.dll+ msnsspc.dll MSN Internet Access Microsoft Corporation c:\windows\system32\msnsspc.dll+ schannel.dll TLS / SSL Security Provider Microsoft Corporation c:\windows\system32\schannel.dllHKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages + msv1_0 Microsoft Authentication Package v1.0 Microsoft Corporation c:\windows\system32\msv1_0.dllHKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages + scecli Windows Security Configuration Editor Client Engine Microsoft Corporation c:\windows\system32\scecli.dllHKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages + kerberos Kerberos Security Package Microsoft Corporation c:\windows\system32\kerberos.dll+ msv1_0 Microsoft Authentication Package v1.0 Microsoft Corporation c:\windows\system32\msv1_0.dll+ schannel TLS / Цитирай Link to comment Сподели другаде More sharing options...
Night_Raven Публикувано Ноември 14, 2006 Report Share Публикувано Ноември 14, 2006 Обикновен spy. AVG Anti-Spyware и Spybot трябва да могат да го неутрализират без особени проблеми. Цитирай Link to comment Сподели другаде More sharing options...
Castigado Pantockrator Публикувано Ноември 14, 2006 Report Share Публикувано Ноември 14, 2006 Цитирай Link to comment Сподели другаде More sharing options...
danina Публикувано Ноември 14, 2006 Author Report Share Публикувано Ноември 14, 2006 Ох, де да беше толкова лесно и спая да беше толкова обикновен. Проблемът явно е доста по- сериозен, отколкото си мислим. Sir William, сканирах и с трите програми, които препоръча, но гадината си стои.Spybot Search and Destroy откри това: http://img93.imageshack.us/img93/7150/1fb0.jpg2. a-squared free- това:http://img301.imageshack.us/img301/1803/2qw0.jpgСлед чистенето проблемът си остана.Изтеглиш също a-squared HiJackFree и от там дойде най- голямата изненада, но честно да си кажа незнам как да процедирам нататък. Ужасните резултати можете да видите тук. http://analyze.hijackfree.com/analyze/?id=...07-4ca12501279f Цитирай Link to comment Сподели другаде More sharing options...
Sir William Публикувано Ноември 14, 2006 Report Share Публикувано Ноември 14, 2006 От лога на a-squared HiJackFree излиза съобщение, което ме притеснява: Your used operating system version: Windows XP Service Pack 1The current version of your operating system: Windows XP Service Pack 2Please update your operating system and install the latest service pack! Всъщност инсталиран ли е SP2 и ъпдейтната ли е системата? Цитирай Link to comment Сподели другаде More sharing options...
danina Публикувано Ноември 14, 2006 Author Report Share Публикувано Ноември 14, 2006 От лога на a-squared HiJackFree излиза съобщение, което ме притеснява:Всъщност инсталиран ли е SP2 и ъпдейтната ли е системата? Не! Със SP 1 съм и не е ъпдейтнат. Но ъпдейтите...........Незнам, луднах вече.Всяка програма намира различни неща, а тъпия прозорец непрекъснато изскача. Цял ден се боря и нищо.Поне не ми се рестартира компа. И това е нещо. Касперски мига като щур и нищо не отчита. Изобщо не ми е ясно какво става. Уж, каквото хванат програмите го махат, а проблемът си остава. Ще сканирам и с другите, ноа се съмнявам да го хванат.Такова чудо не бях виждала. Благодаря ви. Незнам какво ще правя, ще пиша ако не се влоши много. Цитирай Link to comment Сподели другаде More sharing options...
Night_Raven Публикувано Ноември 14, 2006 Report Share Публикувано Ноември 14, 2006 Опитай и сканиране с AVG Anti-Spyware Free 7.5.0.50, като не забравяй да го обновиш.Ако не се оправят нещата, пусни отново лог-а на HijackThis тук, но директно. В онзи сайт е малко объркващо. А, да, и първо преименувай ехе-то на нещо друго. Някои гадини се крият успешно от него ако е с оригиналното си име.И можеш да изтеглиш SmitfraudFix 2.120 (593KB).ВНИМАНИЕ: архивът съдържа файла Process.exe, който може да бъде засечен от антивирусни като заплаха. НЕ Е ЗАПЛАХА. Той се използва за принудително спиране на процеси и затова се третитра като потенциално опасно приложение.Разархивираш някъде и стартираш SmitfraudFix.bat. Ако антивирусната се включи с предложения, просто казваш да остави файла на мира. В прозореца избираш 1. Search и натискаш Enter. Компютърът ще бъде сканиран и ще се изведе текстов файл. Копирай съдържанието му тук (заедно с лог-а от HijackThis). Това за всеки случай. Чистенето е препоръчително да се извърши под Safe Mode (помопиш F8 преди да започне да зарежда операционната система). Просто стартираш SmitfraudFix.bat, но избираш 2. Clean (safe mode recommended). След като почисти рестартираш в нормален. Цитирай Link to comment Сподели другаде More sharing options...
danina Публикувано Ноември 14, 2006 Author Report Share Публикувано Ноември 14, 2006 Благодаря много за всичко, но май това беше краят и няма да мога да направя повече нищо, освен преинстал. Последно Касперски най- после засече файлове с различни вируси, с по няколко тела. Уж ги изтри, обаче познайте какво- след рестарта Касперски изчезна. Няма го в трея. Като го пусна от Старт менюто, присветва и нищо не се появява. Сякаш и той е заразен. Изобщо пълен шах и мат. На всичко отгоре компа почти не се движи- почти нищо не мога да направя вече. И така- започва силно да мирише на преинстал.Найт Равен- благодаря ти много, както и на другите, чийто съвети не можах да изпробвам. Просто найстина немога. Каква беше тази гад- незнам. Имам чувството, че веднага след като се включи компа към нета и се заразява. Както и да е. Изгубих надежда. Утре ще направя последен опит да сканирам с Касперски- ако случайно се появи и може да работи. Ако ли не- предавам се.Благодаря на всички за помоща! Цитирай Link to comment Сподели другаде More sharing options...
vesodimov Публикувано Ноември 14, 2006 Report Share Публикувано Ноември 14, 2006 Дани, прочетох всичко написано до сега и реших да се включа.Очевидно предложените програми не дават резултат. Ще ти кажа аз как бих постъпил в такъв случай. Гледам, че декстопът ти е сравнително чист. Тоест нямаш много инсталирани програми. Прехвърли на друг дял или на CD важните неща и дай на системата да се разбере - форматирай я. Ама така, както се прави : зареждаш система от дискета и ... format c:. и като слагаш новия Win нека е със SP 2. А след като инсталираш Win-а първото нещо да бъде да сложиш антивирусна и пазач на регистрите. След това настройваш нета и обновяваш гореспоменатите.Вярно, мярката е радикална, но ... в повечето случаи наистина целта оправдава средствата Но пък всяко зло - за добро !!! В момента имаш невероятната възможност за изпробваш доста програми и в крайна сметка след форматирането да си избереш най - добрата. УСПЕХ !!! ПП: моля темата да не се товари с мнения за и против форматирането. Написаното си е мое лично мнение и го споделям от желание за помощ на колежката Цитирай Link to comment Сподели другаде More sharing options...
Sir William Публикувано Ноември 14, 2006 Report Share Публикувано Ноември 14, 2006 Данина, проблема ти явно е сериозен. Подкрепям vesodimov. Но имай предвид следното:Не знам каква файлова система е избрана при теб: Fat 32 или NTFS. Ако някога преинсталиташ, спри се на NTFS. Лично мое мнение също така е да се инсталира SP2, след като спряха поддръжката на SP1. Имам една останала Windows 98 инсталация и знам за проблемите, свързани точно с безопасността, ако няма поддръжка. Съветвам те да направиш или ъпдейт към Windows XP SP2 или да направиш първоначална инcталация: формат, NTFS и SP2. Цитирай Link to comment Сподели другаде More sharing options...
Препоръчан пост
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.