ludmata Публикувано Февруари 12, 2008 Report Share Публикувано Февруари 12, 2008 Докато разглеждах процесите в task- manager- а, открих този процес, за който зная само, че се намира в system 32, без да знам коя програма или приложение го използва. Как да разбера, като Google не ми дава отговор за този процес? Има ли някой представа коя програма да използвам?Hijackthis не ми дава нужния отговор. Благодаря._________________ Цитирай Link to comment Сподели другаде More sharing options...
Night_Raven Публикувано Февруари 12, 2008 Report Share Публикувано Февруари 12, 2008 Пробвай с Process Explorer. А LOG файла на HijackThis също можеше да го копираш тук. Цитирай Link to comment Сподели другаде More sharing options...
ludmata Публикувано Февруари 12, 2008 Author Report Share Публикувано Февруари 12, 2008 Пробвай с Process Explorer. А LOG файла на HijackThis също можеше да го копираш тук.ето го Scan saved at 21:42:44, on 12.2.2008 г.Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.20544) Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exeC:\Program Files\Analog Devices\SoundMAX\Smax4.exeC:\Program Files\A4Tech\Mouse\Amoumain.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\Program Files\Java\jre1.6.0_03\bin\jusched.exeC:\WINDOWS\eagle2.EXEC:\Program Files\Eset\nod32kui.exeC:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\DAEMON Tools\daemon.exeC:\FRAPS\FRAPS.EXEC:\WINDOWS\system32\eqlsdm.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXEC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exeC:\Program Files\Eset\nod32krn.exeC:\WINDOWS\system32\PnkBstrA.exeC:\Program Files\CyberLink\Shared files\RichVideo.exeC:\Program Files\Spyware Doctor\sdhelp.exeC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Webroot\Spy Sweeper\SpySweeper.exeC:\WINDOWS\System32\alg.exeC:\Program Files\Webroot\Spy Sweeper\SSU.EXEC:\Program Files\BitComet\BitComet.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Documents and Settings\ludmil\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.phpR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO4 - HKLM\..\Run: [soundMAXPnP] "C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe"O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /trayO4 - HKLM\..\Run: [WheelMouse] "C:\Program Files\A4Tech\Mouse\Amoumain.exe"O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"O4 - HKLM\..\Run: [bigDog302] "C:\WINDOWS\eagle2.EXE" Vimicro USB PC Camera (ZC0302)O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICEO4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"O4 - HKLM\..\Run: [Messenger Sharing USN Journal Reader Service] eqlsdm.exeO4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintrayO4 - HKLM\..\RunServices: [Messenger Sharing USN Journal Reader Service] eqlsdm.exeO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXEO4 - HKCU\..\Run: [Messenger Sharing USN Journal Reader Service] eqlsdm.exeO4 - HKCU\..\Run: [uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /SO4 - Startup: PowerReg Scheduler.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO11 - Options group: [iNTERNATIONAL] International*O11 - Options group: [TABS] Tabbed BrowsingO16 - DPF: {62D6556A-808B-4322-A76F-B5DFF38D3DC5} (Media Class) - http://www.acti.com/software/livedemo/2004...NVCTRLMEDIA.dllO16 - DPF: {B015B944-7316-49AE-AC84-ACCA9379EA32} (IPCamPlugIn Control) - http://freeplace.info:88/IPCamPluginMJPEG.cabO16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://popa.datacom.bg/activex/AMC.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{81FC86FF-D989-4FD5-8A3A-23BD6937B87D}: NameServer = 78.90.79.1,213.240.241.252O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLLO20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dllO20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dllO21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dllO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exeO23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exeO23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exeO23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exeO23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exeO23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe Пробвах и с Process Explorer но срещу тоя процес нищо не показва Цитирай Link to comment Сподели другаде More sharing options...
Castigado Pantockrator Публикувано Февруари 12, 2008 Report Share Публикувано Февруари 12, 2008 Без да приемаш това за дребнавост, но не е eglsdm.exe, а е eqlsdm.exe и ти излиза в Process Explorer така: C:\WINDOWS\system32\eqlsdm.exe Цитирай Link to comment Сподели другаде More sharing options...
Night_Raven Публикувано Февруари 12, 2008 Report Share Публикувано Февруари 12, 2008 Просто му сложи отметки на няколкото места, където го има и кликни Fix checked. След рестарт пробвай и да изтриеш файла. Цитирай Link to comment Сподели другаде More sharing options...
ludmata Публикувано Февруари 12, 2008 Author Report Share Публикувано Февруари 12, 2008 Просто му сложи отметки на няколкото места, където го има и кликни Fix checked. След рестарт пробвай и да изтриеш файла.Благодаря ти стана но така и не разбрах от къде се появи това Цитирай Link to comment Сподели другаде More sharing options...
Препоръчан пост
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.