Jump to content

Появява ми се system alert

sunay_r
 Share

Препоръчан пост

sunay_r Новобранец

sunay_r

Публикувано
Публикувано

Здравейте бих се радвал ако някой ми помогне. Щях да си преинсталирам Windows XP заради този system alert, който ми се появява от време на време, но реших да се допитам дали има някакъв друг начин. Аз съм с антивирусна avast, който прихвана някакъв вирус и от тогава насам ми изкарва това съобщение, който ме препращаше в друг сайт за антивирусна програма.После прочетох тук таме че трябва да сканирам под safe mode с няколко други програмки, но не беше ефективно тъй като някои бяха платени само сканираха без да махат нещо . В момента продължава да изкарва това съобщение. Видях някъде да се споменава за Hijackthis , сканирах с него и се получи следното...

 

Logfile of HijackThis v1.99.1

Scan saved at 14:13:55, on 03.03.2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Ahead\InCD\InCD.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\DHTray.exe

C:\WINDOWS\system32\A0380mon.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\WINDOWS\system32\CTFMON.EXE

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\WINDOWS\Datecs\Flex2K.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Microsoft Office\Office\OSA.EXE

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

D:\Programi\download\alabala.exe

 

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: e404 helper - {03B902B1-9B25-4173-9468-56775C85A8D4} - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [DHTray] C:\WINDOWS\system32\DHTray.exe

O4 - HKLM\..\Run: [A0380mon] C:\WINDOWS\system32\A0380mon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - Startup: Demonstone Registration.lnk = C:\Documents and Settings\SUNAY\Local Settings\Temp\{094F1AD4-15CB-4B42-B297-8F78D858BAEA}\{7B8620F4-F388-4522-ADAD-9888C1E3D76C}\ATR1.exe

O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE

O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE

O4 - Global Startup: FlexType 2K.lnk = C:\WINDOWS\Datecs\Flex2K.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{E2B7156B-91B1-4640-A750-2F7CBE065F7B}: NameServer = 194.187.132.1 194.187.132.2

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: InCD File System Service (InCDsrv) - Unknown owner - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: NNServ - Unknown owner - C:\Program Files\NewDotNet\nnrun.exe" "C:\Program Files\NewDotNet\nncore.dll" ServiceStart (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

 

 

 

Някой може ли да ми каже какво мога да направя сега.

Благодяря предварително и се извинявам ако съм изговорил нещо глупаво не съм специалист.

Link to comment
Сподели другаде
Night_Raven Сътрудник

Night_Raven

Публикувано
Публикувано

Опитай да прекратиш A0380mon.exe от Task Manager -> Processes, след което опитай да изтриеш въпросния файл. от C:\WINDOWS\system32.

Ако не се получи, стартирай HijackThis, кликни Open Misc Tools section -> Delete a file on reboot, посочи въпросния файл и на въпроса дали искаш да рестартираш сега избери No.

Отново от менюто Misc Tools кликни Delete an NT service..., в появилото се поле напиши/пейстни NNServ и кликни OK. Кликни No на въпроса за рестарт.

Кликни Back, за да се върнеш в основното меню и кликни Scan. Постави отметки на следните обекти и кликни Fix checked:

O2 - BHO: e404 helper - {03B902B1-9B25-4173-9468-56775C85A8D4} - (no file)

O4 - HKLM\..\Run: [A0380mon] C:\WINDOWS\system32\A0380mon.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

Рестартирай компютъра.

 

По принцип можеш да сканираш и с наличната при теб Spybot - Search & Destroy. Други препоръчителни програми са SUPERAntiSpyware и Malwarebytes' Anti-Malware. Бих ти препоръчал да сканираш с тях независимо дори и проблемът да се реши с HijackThis. Не забравяй да им обновиш дефинициите, преди да сканираш.

 

Ако нищо от това не помогне, пусни още един LOG на HijackThis и един на Autoruns. Стартирай програмата и направи следното:

1) избери Options -> Hide Microsoft Entries;

2) кликни File -> Refresh;

3) кликни File -> Save as;

4) запази файла някъде и след това го прикачи към темата или му копирай съдържанието.

Link to comment
Сподели другаде
sunay_r Новобранец

sunay_r

Публикувано
  • Author
Публикувано

Здравей пъро искам да ти благодаря , че се отзова толкова бързо за помощ.

 

Направих всичко както ми писа.

Първо изключих от Task Manager A0380mon.exe и след това го изтрих. Рестартирах и веднага ми се появи пак Sistem alert на който пише следното:

 

"System has detected a number of active spyware applications that may impact the performance of your computer.Click the icon to get rid of unwanted spyware by downloading an up-to date antispyware solution."

 

След това стартирах HijackThis и Autoruns както ми каза и ето какви са резултатите:

 

Logfile of HijackThis v1.99.1

Scan saved at 16:08:08, on 03.03.2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Ahead\InCD\InCD.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\DHTray.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Datecs\Flex2K.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Microsoft Office\Office\OSA.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Mozilla Firefox\firefox.exe

D:\Programi\download\alabala.exe

 

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: e404 helper - {03B902B1-9B25-4173-9468-56775C85A8D4} - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [DHTray] C:\WINDOWS\system32\DHTray.exe

O4 - HKLM\..\Run: [A0380mon] C:\WINDOWS\system32\A0380mon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - Startup: Demonstone Registration.lnk = C:\Documents and Settings\SUNAY\Local Settings\Temp\{094F1AD4-15CB-4B42-B297-8F78D858BAEA}\{7B8620F4-F388-4522-ADAD-9888C1E3D76C}\ATR1.exe

O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE

O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE

O4 - Global Startup: FlexType 2K.lnk = C:\WINDOWS\Datecs\Flex2K.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{E2B7156B-91B1-4640-A750-2F7CBE065F7B}: NameServer = 194.187.132.1 194.187.132.2

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: InCD File System Service (InCDsrv) - Unknown owner - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: NNServ - Unknown owner - C:\Program Files\NewDotNet\nnrun.exe" "C:\Program Files\NewDotNet\nncore.dll" ServiceStart (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

 

и от autoruns това:

 

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ Alcmtr Realtek Azalia Audio - Event Monitor Realtek Semiconductor Corp. c:\windows\alcmtr.exe

+ avast! avast! service GUI component ALWIL Software c:\program files\alwil software\avast4\ashdisp.exe

+ DHTray DHTray Microsoft Base Application c:\windows\system32\dhtray.exe

+ InCD InCD Ahead Software AG c:\program files\ahead\incd\incd.exe

+ NeroCheck NeroCheck Ahead Software Gmbh c:\windows\system32\nerocheck.exe

+ NvCplDaemon NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

+ NvMediaCenter NVIDIA Media Center Library NVIDIA Corporation c:\windows\system32\nvmctray.dll

+ nwiz NVIDIA nView Wizard, Version 110.05 NVIDIA Corporation c:\windows\system32\nwiz.exe

+ Resume copy c:\windows\copyfstq.exe

+ RTHDCPL Realtek HD Audio Control Panel Realtek Semiconductor Corp. c:\windows\rthdcpl.exe

+ SunJavaUpdateSched Java Platform SE binary Sun Microsystems, Inc. c:\program files\java\jre1.6.0_03\bin\jusched.exe

+ WinampAgent c:\program files\winamp\winampa.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Startup

+ FlexType 2K.lnk c:\windows\datecs\flex2k.exe

C:\Documents and Settings\SUNAY\Start Menu\Programs\Startup

+ Demonstone Registration.lnk File not found: C:\Documents and Settings\SUNAY\Local Settings\Temp\{094F1AD4-15CB-4B42-B297-8F78D858BAEA}\{7B8620F4-F388-4522-ADAD-9888C1E3D76C}\ATR1.exe

+ Office Startup.lnk c:\program files\microsoft office\office\osa.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

+ Skype Skype. Take a deep breath Skype Technologies S.A. c:\program files\skype\phone\skype.exe

+ SpybotSD TeaTimer System settings protector Safer Networking Limited c:\program files\spybot - search & destroy\teatimer.exe

HKLM\SOFTWARE\Classes\Protocols\Handler

+ skype4com Skype for COM API Skype Technologies c:\program files\common files\skype\skype4com.dll

HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components

+ 0 File not found: About:Home

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler

+ corduroyed c:\windows\system32\heuvth.dll

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers

+ avast avast! Shell Extension ALWIL Software c:\program files\alwil software\avast4\ashshell.dll

+ IZArcCM c:\program files\izarc\izarccm.dll

HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers

+ avast avast! Shell Extension ALWIL Software c:\program files\alwil software\avast4\ashshell.dll

HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers

+ IZArcCM c:\program files\izarc\izarccm.dll

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers

+ 00nView NVIDIA Desktop Explorer, Version 110.05 NVIDIA Corporation c:\windows\system32\nvshell.dll

+ NvCplDesktopContext NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ avast avast! Shell Extension ALWIL Software c:\program files\alwil software\avast4\ashshell.dll

+ Desktop Explorer NVIDIA Desktop Explorer, Version 110.05 NVIDIA Corporation c:\windows\system32\nvshell.dll

+ Desktop Explorer Menu NVIDIA Desktop Explorer, Version 110.05 NVIDIA Corporation c:\windows\system32\nvshell.dll

+ Display Panning CPL Extension File not found: deskpan.dll

+ HyperTerminal Icon Ext HyperTerminal Applet Library Hilgraeve, Inc. c:\windows\system32\hticons.dll

+ IZArc DragDrop Menu c:\program files\izarc\izarccm.dll

+ IZArc Shell Context Menu c:\program files\izarc\izarccm.dll

+ NvCpl DesktopContext Class NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

+ nView Desktop Context Menu NVIDIA Desktop Explorer, Version 110.05 NVIDIA Corporation c:\windows\system32\nvshell.dll

+ Play on my TV helper NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

+ QCopy c:\windows\dropcpyr.dll

+ Shell Extension for CDRW UDF Shell Extension DLL Ahead Software, Karlsbad, Germany c:\program files\ahead\incd\incdshx.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ AcroIEHlprObj Class AcroIEHelper Module c:\program files\adobe\acrobat 5.0\reader\activex\acroiehelper.ocx

+ Spybot-S&D IE Protection SBSD IE Protection Safer Networking Limited c:\program files\spybot - search & destroy\sdhelper.dll

+ SSVHelper Class Java Platform SE binary Sun Microsystems, Inc. c:\program files\java\jre1.6.0_03\bin\ssv.dll

+ Yahoo! Toolbar Helper Yahoo! Toolbar Yahoo! Inc. c:\program files\yahoo!\companion\installs\cpn\yt.dll

HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks

+ Yahoo! Toolbar Yahoo! Toolbar Yahoo! Inc. c:\program files\yahoo!\companion\installs\cpn\yt.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar

+ Yahoo! Toolbar Yahoo! Toolbar Yahoo! Inc. c:\program files\yahoo!\companion\installs\cpn\yt.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions

+ Windows Messenger File not found: C:\Program Files\Messenger\msmsgs.exe

HKLM\System\CurrentControlSet\Services

+ aswUpdSv Осигурява авотматични обновявания на компонентите на avast!. ALWIL Software c:\program files\alwil software\avast4\aswupdsv.exe

+ avast! Antivirus Управлява и изпълнява антивирусните услуги на avast! на този компютър. Това включва резидентна защита, клетката за вируси и планировчика. ALWIL Software c:\program files\alwil software\avast4\ashserv.exe

+ InCDsrv Helper service for the InCD filesystem driver c:\program files\ahead\incd\incdsrv.exe

+ NNServ New.net update service File not found: C:\Program Files\NewDotNet\nnrun.exe

+ NVSvc Provides system and desktop level support to the NVIDIA display driver NVIDIA Corporation c:\windows\system32\nvsvc32.exe

HKLM\System\CurrentControlSet\Services

+ A0380VID Video capture minidriver CNLTF. c:\windows\system32\drivers\a0380vid.sys

+ Aavmker4 avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP ALWIL Software c:\windows\system32\drivers\aavmker4.sys

+ AmdK8 AMD Processor Driver Advanced Micro Devices c:\windows\system32\drivers\amdk8.sys

+ aswMon2 avast! File System Filter Driver for Windows XP ALWIL Software c:\windows\system32\drivers\aswmon2.sys

+ aswRdr avast! TDI RDR Driver ALWIL Software c:\windows\system32\drivers\aswrdr.sys

+ aswTdi avast! TDI Filter Driver ALWIL Software c:\windows\system32\drivers\aswtdi.sys

+ BT848 Bt848 WDM Video Capture Driver Illusion & Hope. c:\windows\system32\drivers\bt848.sys

+ Changer File not found: C:\WINDOWS\System32\Drivers\Changer.sys

+ FlyPCI c:\windows\system32\drivers\flypci.sys

+ i2omgmt File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys

+ InCDPass Ahead CD-RW Filter Driver Ahead Software c:\windows\system32\drivers\incdpass.sys

+ incdrm Ahead MRW Filter Driver Ahead Software AG c:\windows\system32\drivers\incdrm.sys

+ IntcAzAudAddService Realtek® High Definition Audio Function Driver Realtek Semiconductor Corp. c:\windows\system32\drivers\rtkhdaud.sys

+ ip100xp ASUSTek Computer Inc. c:\windows\system32\drivers\ipfnd51.sys

+ lbrtfdc File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys

+ nthwio d:\programi\tv\cine5\decoders\cinetv\nthwio.sys

+ nv NVIDIA Compatible Windows 2000 Miniport Driver, Version 81.85 NVIDIA Corporation c:\windows\system32\drivers\nv4_mini.sys

+ NVENETFD NVIDIA Networking Function Driver. NVIDIA Corporation c:\windows\system32\drivers\nvenetfd.sys

+ nvnetbus NVIDIA Networking Bus Driver. NVIDIA Corporation c:\windows\system32\drivers\nvnetbus.sys

+ PCIDump File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys

+ PDCOMP File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys

+ PDFRAME File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys

+ PDRELI File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys

+ PDRFRAME File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys

+ Ptilink Direct Parallel Link Driver Parallel Technologies, Inc. c:\windows\system32\drivers\ptilink.sys

+ PxHelp20 Px Engine Device Driver for Windows 2000/XP Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys

+ RMSPPPOE PPP over Ethernet Protocol NDIS Intermediate Driver Robert Schlabbach c:\windows\system32\drivers\rmspppoe.sys

+ Secdrv SafeDisc driver Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. c:\windows\system32\drivers\secdrv.sys

+ sptd SCSI Pass Through Direct Host Duplex Secure Ltd. c:\windows\system32\drivers\sptd.sys

+ ss_bus Samsung Mobile USB Device 1.0 Driver MCCI c:\windows\system32\drivers\ss_bus.sys

+ ss_mdfl SAMSUNG Mobile USB Modem 1.0 Filter MCCI c:\windows\system32\drivers\ss_mdfl.sys

+ ss_mdm SAMSUNG Mobile USB Modem 1.0 Drivers MCCI c:\windows\system32\drivers\ss_mdm.sys

+ WDICA File not found: C:\WINDOWS\System32\Drivers\WDICA.sys

 

 

Искам също да добавя не знам дали има някаква връзка , появи се нещо от сорта DrWatson debugger не знам какво беше , но го спрях от Task manager понеже ми блокира компютъра.

Благодаря предварително.

Link to comment
Сподели другаде
Night_Raven Сътрудник

Night_Raven

Публикувано
Публикувано
Не разбрах дали след изтриването на файла от папката си изпълнил премахването на обектите от HijackThis, услугата и дали си сканирал с дадените от мен програми.
Link to comment
Сподели другаде
sunay_r Новобранец

sunay_r

Публикувано
  • Author
Публикувано
Не разбрах дали след изтриването на файла от папката си изпълнил премахването на обектите от HijackThis, услугата и дали си сканирал с дадените от мен програми.

 

опс забравил съм да сканирам :blush:

 

Благодаря ти Night_Raven

 

Проблема вече е решен благодарение на теб , след сканиране с препоръчаните програми , всичко се оправи. :bgflag:

Link to comment
Сподели другаде

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Гост
Отговори на тази тема

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   Не можете да качите директно снимка. Качете или добавете изображението от линк (URL)

Loading...
×
 Share
Иди на предишната тема
×
×
  • Създай ново...