Проблем с бутона Run

mavro · Декември 28, 2008

Опитах ( Start => Run => msconfig) и eто какво се получава.

При други команди не е така.

Maniac · Декември 28, 2008

Сигурен ли си, че имаш администраторски привилегии? Ако да, опитай така:

1. Изтегли: MalwareBytes' Anti-Malware
2. Инсталирайте го.
3. Кликвате на иконата “Malwarebytes’ Anti-Malware“.Първото и най-важно нещо е да отидете в категорията “Update” и да изберете бутончето “Check For Updates“.
4. След това се насочете към секцията “Scanner” и изберете опцията “Perform full scan” (особено ако за първи път стартирате приложението.Щраквате на бутончето “Scan“, посочвате кои дялове ма компютъра да бъдат проверени.Можете да маркирате и само дяла на който е инсталирана Операционната Система и натискате “Start Scan“.
5. След края на проверката ще получите или съобщение, че вредители не са намерени или ще получите възможност да ги маркирате и изтриете.
6. Най-накрая ще получите лог файл с извършените процедури. Моля, копирайте го и го поставете тук, за да видим какво е станало.

Night_Raven · Декември 28, 2008

Само да вмъкна, че не е нужно да се прави пълно сканиране (Full scan). Бързото сканиране (Quick scan) е достатъчно.

Освен това бих препоръчал да не ползваш нелегална и/или портативна версия на Malwarebytes' Anti-Malware.

mavro · Декември 28, 2008

Сигурен ли си, че имаш администраторски привилегии? Ако да, опитай така:

Ето логфайла

Версия на базата от данни: 1562

Windows 5.1.2600 Service Pack 3

28.12.2008 г. 22:39:09

mbam-log-2008-12-28 (22-39-02).txt

Тип сканиране: Бързо сканиране

Сканирани обекти: 46758

Изминало време: 2 minute(s), 19 second(s)

Заразени процеси в паметта: 0

Заразени модули в паметта: 0

Заразени ключове в регистратурата: 0

Заразени стойности в регистратурата: 1

Заразени информационни обекти в регистратурата: 1

Заразени папки: 0

Заразени файлове: 1

Заразени процеси в паметта:

(Нямаше открити заплахи)

Заразени модули в паметта:

(Нямаше открити заплахи)

Заразени ключове в регистратурата:

(Нямаше открити заплахи)

Заразени стойности в регистратурата:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\skype.exe (Backdoor.Bot) -> No action taken.

Заразени информационни обекти в регистратурата:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

Заразени папки:

(Нямаше открити заплахи)

Заразени файлове:

C:\Program Files\Skype\Phone\Skype.exe (Backdoor.Bot) -> No action taken.

Maniac · Декември 28, 2008

Избра ли Remove Selected? Как е положението след, като ги почисти?

mavro · Декември 29, 2008

Избра ли Remove Selected? Как е положението след, като ги почисти?

След почистването няма промяна.

Night_Raven · Декември 29, 2008

В папка C:\WINDOWS\pchealth\helpctr\binaries въобще имаш ли msconfig.exe?

mavro · Декември 29, 2008

В папка C:\WINDOWS\pchealth\helpctr\binaries въобще имаш ли msconfig.exe?

Да,има я!

Между другото също ми изчезна иконката за езиците,долу в таскбара,въпреки ,че има отметка на Language bar.

Night_Raven · Декември 29, 2008

Изтегли HijackThis 1.99.1 (213KB), която съм преименувал нарочно, стартирай я и кликни Do a system scan and save a logfile. Това ще създаде текстов файл в същата папка. Копирай съдържанието му тук или прикачи файла към темата, както ти е по-удобно.

Изтегли Autoruns, след това стартирай програмата и направи следното:

1) избери Options -> Hide Microsoft Entries;

2) кликни File -> Refresh;

3) кликни File -> Export...;

4) запази файла някъде и след това го прикачи към темата или му копирай съдържанието.

mavro · Декември 29, 2008

Изтегли HijackThis 1.99.1 (213KB), която съм преименувал нарочно, стартирай я и кликни Do a system scan and save a logfile. Това ще създаде текстов файл в същата папка. Копирай съдържанието му тук или прикачи файла към темата, както ти е по-удобно.
Изтегли Autoruns, след това стартирай програмата и направи следното:
1) избери Options -> Hide Microsoft Entries;
2) кликни File -> Refresh;
3) кликни File -> Export...;
4) запази файла някъде и след това го прикачи към темата или му копирай съдържанието.

Ето логфайловете:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:16:00, on 29.12.2008 г.

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Unable to get Internet Explorer version!

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\VIA\RAID\raid_tool.exe

C:\WINDOWS\RTHDCPL.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Google\Gmail Notifier\gnotify.exe

C:\Program Files\MLocator\MLocator.exe

C:\Program Files\HDD Thermometer\HDD Thermometer.exe

C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe

O4 - HKLM\..\Run: [MouseLocator] C:\Program Files\MLocator\MLocator.exe

O4 - HKLM\..\Run: [Температура на диска] C:\Program Files\HDD Thermometer\HDD Thermometer.exe

O4 - HKCU\..\Run: [Gadwin PrintScreen] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - S-1-5-18 Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'Default user')

O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{C18B9571-BD33-483A-8853-1C0694BC14FB}: NameServer = 80.72.72.9

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

--

End of file - 5868 bytes

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ avast! avast! service GUI component ALWIL Software c:\program files\alwil software\avast4\ashdisp.exe

+ MouseLocator c:\program files\mlocator\mlocator.exe

+ RaidTool VIA RAID Tool VIA Technologies c:\program files\via\raid\raid_tool.exe

+ RTHDCPL Realtek HD Audio Control Panel Realtek Semiconductor Corp. c:\windows\rthdcpl.exe

+ {0228e555-4f9c-4e35-a3ec-b109a192b4c2} Gmail Notifier Google Inc. c:\program files\google\gmail notifier\gnotify.exe

+ Температура на диска c:\program files\hdd thermometer\hdd thermometer.exe

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup

+ RocketDock.lnk c:\windows\bricopacks\vista inspirat 2\rocketdock\rocketdock.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

+ Gadwin PrintScreen Gadwin PrintScreen Gadwin Systems, Inc c:\program files\gadwin systems\printscreen\printscreen.exe

+ RocketDock c:\program files\rocketdock\rocketdock.exe

+ Skype Skype Skype Technologies S.A. c:\program files\skype\phone\skype.exe

HKLM\SOFTWARE\Classes\Protocols\Handler

+ skype4com Skype for COM API Skype Technologies c:\program files\common files\skype\skype4com.dll

HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components

+ 0 File not found: About:Home

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

+ SABShellExecuteHook Class ShellExecuteHook SuperAdBlocker.com c:\program files\superantispyware\sasseh.dll

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers

+ avast avast! Shell Extension ALWIL Software c:\program files\alwil software\avast4\ashshell.dll

+ SASContextMenu Class SUPERAntiSpyware Context Menu Extension SUPERAntiSpyware.com c:\program files\superantispyware\sasctxmn.dll

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers

+ MBAMShlExt Malwarebytes' Anti-Malware Malwarebytes Corporation c:\program files\malwarebytes' anti-malware\mbamext.dll

HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers

+ CMenuExtender File not found: C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\CMExt.dll

+ SASContextMenu Class SUPERAntiSpyware Context Menu Extension SUPERAntiSpyware.com c:\program files\superantispyware\sasctxmn.dll

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Directory\Shellex\DragDropHandlers

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Folder\Shellex\ColumnHandlers

+ PDF Shell Extension PDF Shell Extension Adobe Systems, Inc. c:\program files\common files\adobe\acrobat\activex\pdfshell.dll

+ {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} Sun Microsystems, Inc. c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll

HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers

+ avast avast! Shell Extension ALWIL Software c:\program files\alwil software\avast4\ashshell.dll

+ MBAMShlExt Malwarebytes' Anti-Malware Malwarebytes Corporation c:\program files\malwarebytes' anti-malware\mbamext.dll

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers

+ ACE AMD Desktop Control Panel Advanced Micro Devices, Inc. c:\program files\ati technologies\ati.ace\core-static\atiacmxx.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ avast avast! Shell Extension ALWIL Software c:\program files\alwil software\avast4\ashshell.dll

+ Catalyst Context Menu extension AMD Desktop Control Panel Advanced Micro Devices, Inc. c:\program files\ati technologies\ati.ace\core-static\atiacmxx.dll

+ CMenuExtender File not found: C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\CMExt.dll

+ Display Panning CPL Extension File not found: deskpan.dll

+ HyperTerminal Icon Ext HyperTerminal Applet Library Hilgraeve, Inc. c:\windows\system32\hticons.dll

+ OpenOffice.org Column Handler Sun Microsystems, Inc. c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll

+ OpenOffice.org Infotip Handler Sun Microsystems, Inc. c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll

+ OpenOffice.org Property Sheet Handler Sun Microsystems, Inc. c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll

+ OpenOffice.org Thumbnail Viewer Sun Microsystems, Inc. c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll

+ UnlockerShellExtension c:\program files\unlocker\unlockercom.dll

+ WinRAR shell extension c:\program files\winrar\rarext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ Adobe PDF Link Helper Adobe PDF Helper for Internet Explorer Adobe Systems Incorporated c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll

+ Java Plug-In 2 SSV Helper Java Platform SE binary Sun Microsystems, Inc. c:\program files\java\jre6\bin\jp2ssv.dll

+ Java Plug-In SSV Helper Java Platform SE binary Sun Microsystems, Inc. c:\program files\java\jre6\bin\ssv.dll

+ JQSIEStartDetectorImpl Class Java Quick Starter binary Sun Microsystems, Inc. c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

Task Scheduler

+ AWC AutoSweep.job Auto Sweep IObit c:\program files\iobit\advanced systemcare 3\autosweep.exe

+ AWC Update.job IObit Live Update IObit c:\program files\iobit\advanced systemcare 3\iobitupdate.exe

HKLM\System\CurrentControlSet\Services

+ aswUpdSv Осигурява авотматични обновявания на компонентите на avast!. ALWIL Software c:\program files\alwil software\avast4\aswupdsv.exe

+ Ati HotKey Poller ATI External Event Utility EXE Module ATI Technologies Inc. c:\windows\system32\ati2evxx.exe

+ ATI Smart ATI Smart c:\windows\system32\ati2sgag.exe

+ avast! Antivirus Управлява и изпълнява антивирусните услуги на avast! на този компютър. Това включва резидентна защита, клетката за вируси и планировчика. ALWIL Software c:\program files\alwil software\avast4\ashserv.exe

+ Diskeeper Allows Diskeeper to run on this computer and improve file system performance. Diskeeper Corporation c:\program files\diskeeper corporation\diskeeper\dkservice.exe

+ JavaQuickStarterService Prefetches JRE files for faster startup of Java applets and applications Sun Microsystems, Inc. c:\program files\java\jre6\bin\jqs.exe

+ LVCOMSer Logitech Video COM Service Logitech Inc. c:\program files\common files\logishrd\lvcomser\lvcomser.exe

+ LVPrcSrv Injector service Logitech Inc. c:\program files\common files\logishrd\lvmvfm\lvprcsrv.exe

+ LVSrvLauncher Launcher for Logitech Video Components. Logitech Inc. c:\program files\common files\logishrd\srvlnch\srvlnch.exe

HKLM\System\CurrentControlSet\Services

+ Aavmker4 avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP ALWIL Software c:\windows\system32\drivers\aavmker4.sys

+ aswArKrn File not found: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\aswArKrn.sys

+ aswFsBlk avast! mini-filter driver (aswFsBlk) ALWIL Software c:\windows\system32\drivers\aswfsblk.sys

+ aswMon2 avast! File System Filter Driver for Windows XP ALWIL Software c:\windows\system32\drivers\aswmon2.sys

+ aswRdr avast! TDI RDR Driver ALWIL Software c:\windows\system32\drivers\aswrdr.sys

+ aswSP avast! self protection module ALWIL Software c:\windows\system32\drivers\aswsp.sys

+ aswTdi avast! TDI Filter Driver ALWIL Software c:\windows\system32\drivers\aswtdi.sys

+ ati2mtag ATI Radeon WindowsNT Miniport Driver ATI Technologies Inc. c:\windows\system32\drivers\ati2mtag.sys

+ Changer File not found: C:\WINDOWS\System32\Drivers\Changer.sys

+ eusk2par SmartKey Parallel driver for Windows EUTRON c:\windows\system32\drivers\eusk2par.sys

+ eusk3usb SmartKey USB Driver for Windows EUTRON c:\windows\system32\drivers\eusk3usb.sys

+ FETNDIS NDIS 5.0 miniport driver VIA Technologies, Inc. c:\windows\system32\drivers\fetnd5.sys

+ gmer GMER Driver http://www.gmer.net GMER c:\windows\system32\drivers\gmer.sys

+ i2omgmt File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys

+ IntcAzAudAddService Realtek® High Definition Audio Function Driver Realtek Semiconductor Corp. c:\windows\system32\drivers\rtkhdaud.sys

+ lbrtfdc File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys

+ LVcKap Logitech Kernel Audio Processing Filter Driver Logitech Inc. c:\windows\system32\drivers\lvckap.sys

+ LVMVDrv Logitech Machine Vision Engine Loader Logitech Inc. c:\windows\system32\drivers\lvmvdrv.sys

+ LVPr2Mon Logitech ProcMon Driver Logitech Inc. c:\windows\system32\drivers\lvpr2mon.sys

+ LVUSBSta USB Statistic Driver Logitech Inc. c:\windows\system32\drivers\lvusbsta.sys

+ PCIDump File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys

+ PDCOMP File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys

+ PDFRAME File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys

+ PDRELI File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys

+ PDRFRAME File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys

+ pepifilter Audio filter for Express Plus Logitech Inc. c:\windows\system32\drivers\lv302af.sys

+ PID_PEPI Logitech QuickCam Driver Logitech Inc. c:\windows\system32\drivers\lv302v32.sys

+ Ptilink Direct Parallel Link Driver Parallel Technologies, Inc. c:\windows\system32\drivers\ptilink.sys

+ PxHelp20 Px Engine Device Driver for Windows 2000/XP Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys

+ SASDIFSV SASDIFSV.SYS SUPERAdBlocker.com and SUPERAntiSpyware.com c:\program files\superantispyware\sasdifsv.sys

+ SASENUM SASENUM.SYS SUPERAdBlocker.com and SUPERAntiSpyware.com c:\program files\superantispyware\sasenum.sys

+ SASKUTIL SASKUTIL.SYS SUPERAdBlocker.com and SUPERAntiSpyware.com c:\program files\superantispyware\saskutil.sys

+ Secdrv SafeDisc driver Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. c:\windows\system32\drivers\secdrv.sys

+ toshidpt Toshiba Bluetooth HID mini port driver TOSHIBA Corporation. c:\windows\system32\drivers\toshidpt.sys

+ tosporte TOSHIBA Bluetooth Port Emulation Driver TOSHIBA Corporation c:\windows\system32\drivers\tosporte.sys

+ Tosrfbd Bluetooth RF Bus Driver TOSHIBA CORPORATION c:\windows\system32\drivers\tosrfbd.sys

+ Tosrfbnp Bluetooth RFBNEP Driver TOSHIBA Corporation c:\windows\system32\drivers\tosrfbnp.sys

+ Tosrfcom Bluetooth RFCOMM Driver TOSHIBA Corporation c:\windows\system32\drivers\tosrfcom.sys

+ Tosrfhid Bluetooth HID Driver from TOSHIBA TOSHIBA Corporation. c:\windows\system32\drivers\tosrfhid.sys

+ tosrfnds Bluetooth BNEP Driver TOSHIBA Corporation. c:\windows\system32\drivers\tosrfnds.sys

+ TosRfSnd Bluetooth Audio Driver (WDM) TOSHIBA Corporation c:\windows\system32\drivers\tosrfsnd.sys

+ Tosrfusb Bluetooth USB Miniport Driver TOSHIBA CORPORATION c:\windows\system32\drivers\tosrfusb.sys

+ viamraid VIA AHCI RAID DRIVER FOR WIN 2000/XP VIA Technologies inc,.ltd c:\windows\system32\drivers\viamraid.sys

+ WDICA File not found: C:\WINDOWS\System32\Drivers\WDICA.sys

HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute

+ autocheck OODBS File not found: OODBS

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options

+ iexplore.exe c:\windows\system32\ropfnqz.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

+ !SASWinLogon SUPERAntiSpyware WinLogon Processor SUPERAntiSpyware.com c:\program files\superantispyware\saswinlo.dll

+ AtiExtEvent ATI External Event Utility DLL Module ATI Technologies Inc. c:\windows\system32\ati2evxx.dll

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors

+ Oki Printer Driver Language Monitor Oki Page Printer Driver Language Monitor DLL for Windows 2000® Oki Data Corporation c:\windows\system32\opprmon.dll

+ Toshiba Bluetooth Monitor tbtmon98 Toshiba America Business Solutions, Inc. c:\windows\system32\tbtmon.dll

Night_Raven · Декември 29, 2008

Каква е причината да не ползваш версията на HijackThis, която съм ти дал?

mavro · Декември 29, 2008

Каква е причината да не ползваш версията на HijackThis, която съм ти дал?

Никаква. Просто имах свалена тази версия и не видях,че има разлика.Ето лог с твоята версия.

Logfile of HijackThis v1.99.1

Scan saved at 18:06:42, on 29.12.2008 г.

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Unable to get Internet Explorer version!

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\VIA\RAID\raid_tool.exe

C:\WINDOWS\RTHDCPL.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Google\Gmail Notifier\gnotify.exe

C:\Program Files\MLocator\MLocator.exe

C:\Program Files\HDD Thermometer\HDD Thermometer.exe

C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Administrator\Desktop\alabala.exe