|
| |||||||
| Inregistrare | Site-ul Spy | Lista de stat | Doneaza | Căuta | Posturi de azi | Marchează forumurile citite | Forum Regulamentul |
 |
 |
| | Thread Tools |
|
#1
25 martie 2008, 08:58
| |||
| |||
| Salut, Am o problemă cu un cal troian. Mesaj de avertizare este "C: \ windows \ system32 \ crypt32n.dll cal troian BHO.CVX Am rulat AVG şi identifică acest fişier mută-l pe Tom în seif, dar pe re-boot este acolo din nou. Am încercat ştergerea fişier în Windows, care nu a reuşit. Am incercat redenumirea în Windows (cu scopul de a şterge-o), care nu a reuşit. Am încercat să mă întorc şi re-stabilit meu PC, dar nu pot să mă întorc, dincolo de începutul celei de-a luna si am avut aceasta deoarece, înainte de Crăciun. PC-ul meu pare a fi ok, dar eu sunt în continuare preocupat de faptul că am un virus! Este ceva ce pot face? Ajutor apreciat cu respect Ian A |
|
#2
25 martie 2008, 10:47
| |||
| |||
Bine ati venit la CJ.
__________________  |
|
#3
25 martie 2008, 14:33
| |||
| |||
| Max Evil Fantansy Am incercat acest lucru de la începutul lunii aici este jurnalul. Sper că asta înseamnă ceva pentru tine Degetele sunt traversate Ian A Ta StartupList raport, 05.03.2008, 14:49:42 StartupList versiune: 1.52.2 A pornit de la: C: \ Documents and Settings \ Iana \ Desktop \ HijackThis.EXE Detectat: Windows XP SP2 (WINNT 5.01.2600) Detectat: Internet Explorer v7.00 (7.00.6000.16608) * Folosind opţiunile implicite * Inclusiv gol şi neinteresant secţiuni * Spectacol rareori importante secţiuni ==========================================\u0 Rularea procese: C: \ Windows \ system32 \ smss.exe C: \ Windows \ system32 \ winlogon.exe C: \ Windows \ system32 \ services.exe C: \ Windows \ system32 \ lsass.exe C: \ Windows \ system32 \ Ati2evxx.exe C: \ Windows \ system32 \ svchost.exe C: \ Windows \ system32 \ svchost.exe C: \ Windows \ system32 \ brsvc01a.exe C: \ Windows \ system32 \ Spoolsv.exe C: \ Windows \ system32 \ brss01a.exe C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7.5 \ guard.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe C: \ Program Files \ TOSHIBA \ ConfigFree \ CFSvcs.exe C: \ Windows \ system32 \ svchost.exe C: \ Windows \ system32 \ svchost.exe C: \ Windows \ system32 \ Ati2evxx.exe C: \ WINDOWS \ Explorer.exe C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe C: \ Program Files \ Toshiba \ Windows Utilities \ Hotkey.exe C: \ Windows \ system32 \ TPSMain.exe C: \ Program Files \ Synaptics \ SynTP \ Toshiba.exe C: \ Program Files \ TOSHIBA \ ConfigFree \ NDSTray.exe C: \ Windows \ system32 \ TPSBattM.exe C: \ Program Files \ TOSHIBA \ TOSHIBA panoramarea Utility \ SmoothView.exe C: \ Program Files \ TOSHIBA \ Touch şi Lansarea \ PadExe.exe C: \ Windows \ system32 \ dla \ DLACTRLW.EXE C: \ Program Files \ TOSHIBA \ ConfigFree \ CFSServ.exe C: \ Program Files \ Atheros \ ACU.exe C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe C: \ Program Files \ QuickTime \ qttask.exe C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe C: \ Program Files \ TOSHIBA \ ConfigFree \ CFXFER.exe C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ OpwareSE2.exe C: \ Program Files \ TOSHIBA \ TOSCDSPD \ toscdspd.exe C: \ Windows \ system32 \ Ctfmon.exe C: \ Program Files \ Messenger \ msmsgs.exe C: \ Program Files \ FinePixViewer \ QuickDCF.exe C: \ Documents and Settings \ Iana \ Desktop \ HijackThis.exe -------------------------------------------------- Afişarea de pornire dosare: Shell dosare de pornire: [C: \ Documents and Settings \ Iana \ Start Menu \ Programs \ Startup] * Nu fişiere * Shell dosare AltStartup: * Dosar nu a fost găsit * Utilizator coajă dosare de pornire: * Dosar nu a fost găsit * Utilizator coajă dosare AltStartup: * Dosar nu a fost găsit * Shell dosare comună de pornire: [C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup] Exif Launcher.lnk = C: \ Program Files \ FinePixViewer \ QuickDCF.exe Microsoft Office.lnk = C: \ Program Files \ Microsoft Office \ Office \ OSA9.EXE Shell dosare comună AltStartup: * Dosar nu a fost găsit * Utilizator coajă dosare comună de pornire: * Dosar nu a fost găsit * Utilizator coajă dosare alternativ comună de pornire: * Dosar nu a fost găsit * -------------------------------------------------- Verificarea Windows NT Userinit: [HKLM \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon] Userinit = C: \ Windows \ system32 \ userinit.exe, [HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Win logon] * Cheie de registry nu a fost găsit * [HKCU \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon] * Valoare de registry nu a fost găsit * [HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Win logon] * Cheie de registry nu a fost găsit * -------------------------------------------------- Autorun intrările din registry: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run SynTPEnh = C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe Toshiba Hotkey Utility = "C: \ Program Files \ Toshiba \ Windows Utilities \ Hotkey.exe" / lang en TPSMain = TPSMain.exe NDSTray.exe = NDSTray.exe SmoothView = C: \ Program Files \ TOSHIBA \ TOSHIBA panoramarea Utility \ SmoothView.exe PadTouch = C: \ Program Files \ TOSHIBA \ Touch şi Lansarea \ PadExe.exe Dla = C: \ Windows \ system32 \ dla \ DLACTRLW.EXE CFSServ.exe = CFSServ.exe-NoClient REGSHAVE = C: \ Program Files \ REGSHAVE \ REGSHAVE.EXE / AutoRun ACU = "C: \ Program Files \ Atheros \ ACU.exe"-nogui TkBellExe = "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot QuickTime Task = "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime ! AVG Anti-Spyware = "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe" / minimizate AVG7_CC = C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / startup SunJavaUpdateSched = "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe" Salestart = "C: \ Program Files \ Common Files \ AVSystemCare \ bm.exe" dm = http://avsystemcare.com; ad = http://avsystemcare.com Adobe Reader Speed Launcher = "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe" OpwareSE2 = "C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ OpwareSE2.exe" OPSE memento = "C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ EregEng \ Ereg.exe"-r "C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ EregEng \ ereg.ini" -------------------------------------------------- Autorun intrările din registry: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Odată * Nu valori găsit * -------------------------------------------------- Autorun intrările din registry: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run OnceEx * Nu valori găsit * -------------------------------------------------- Autorun intrările din registry: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Services * Nu valori găsit * -------------------------------------------------- Autorun intrările din registry: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run ServicesOnce * Nu valori găsit * -------------------------------------------------- Autorun intrările din registry: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run TOSCDSPD = C: \ Program Files \ TOSHIBA \ TOSCDSPD \ toscdspd.exe Ctfmon.exe = C: \ Windows \ system32 \ Ctfmon.exe PnPUI Registrator = C: \ Program Files \ Common Files \ Sitecom Shared \ PnP Universal Installer \ PnPUIReg.exe-s MSMSGS = "C: \ Program Files \ Messenger \ msmsgs.exe" / background -------------------------------------------------- Autorun intrările din registry: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Odată * Nu valori găsit * -------------------------------------------------- Autorun intrările din registry: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run OnceEx * Nu valori găsit * -------------------------------------------------- Autorun intrările din registry: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Services * Nu valori găsit * -------------------------------------------------- Autorun intrările din registry: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run ServicesOnce * Nu valori găsit * -------------------------------------------------- Autorun intrările din registry: HKLM \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Run * Cheie de registry nu a fost găsit * -------------------------------------------------- Autorun intrările din registry: HKCU \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Run * Cheie de registry nu a fost găsit * -------------------------------------------------- Autorun înregistrări în Registrul de subchei: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run [OptionalComponents] = -------------------------------------------------- Autorun înregistrări în Registrul de subchei: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Odată [Setup] * Nu valori găsit * -------------------------------------------------- Autorun înregistrări în Registrul de subchei: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run OnceEx * Nu subchei găsit * -------------------------------------------------- Autorun înregistrări în Registrul de subchei: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Services * Nu subchei găsit * -------------------------------------------------- Autorun înregistrări în Registrul de subchei: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run ServicesOnce * Nu subchei găsit * -------------------------------------------------- Autorun înregistrări în Registrul de subchei: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run * Nu subchei găsit * -------------------------------------------------- Autorun înregistrări în Registrul de subchei: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Odată [setup] * Nu valori găsit * -------------------------------------------------- Autorun înregistrări în Registrul de subchei: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run OnceEx * Nu subchei găsit * -------------------------------------------------- Autorun înregistrări în Registrul de subchei: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Services * Nu subchei găsit * -------------------------------------------------- Autorun înregistrări în Registrul de subchei: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run ServicesOnce * Nu subchei găsit * -------------------------------------------------- Autorun înregistrări în Registrul de subchei: HKLM \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Run * Cheie de registry nu a fost găsit * -------------------------------------------------- Autorun înregistrări în Registrul de subchei: HKCU \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Run * Cheie de registry nu a fost găsit * -------------------------------------------------- Fişiere de intrare pentru asociere. EXE: HKEY_CLASSES_ROOT \ exefile \ shell \ open \ command (Default) = "% 1"% * -------------------------------------------------- Fişiere de intrare pentru asociere. Com: HKEY_CLASSES_ROOT \ comfile \ shell \ open \ command (Default) = "% 1"% * -------------------------------------------------- Fişiere de intrare pentru asociere. BAT: HKEY_CLASSES_ROOT \ batfile \ shell \ open \ command (Default) = "% 1"% * -------------------------------------------------- Fişiere de intrare pentru asociere. PIF: HKEY_CLASSES_ROOT \ piffile \ shell \ open \ command (Default) = "% 1"% * -------------------------------------------------- Fişiere de intrare pentru asociere. SCR: HKEY_CLASSES_ROOT \ scrfile \ shell \ open \ command (Default) = "% 1" / S -------------------------------------------------- Fişiere de intrare pentru asociere. Hta: HKEY_CLASSES_ROOT \ htafile \ shell \ open \ command (Default) = C: \ Windows \ system32 \ mshta.exe "% 1"% * -------------------------------------------------- Fişiere de intrare pentru asociere. TXT: HKEY_CLASSES_ROOT \ NetLog.Document \ shell \ open \ comma-lea (Default) = C: \ EPICOM ~ 1.02 \ EPICom2.02 \ EPICOM ~ 1.EXE / DDE -------------------------------------------------- Enumerating active Setup cioturi căi: HKLM \ Software \ Microsoft \ Active Setup \ Installed Components (* = Handicap de HKCU twin) [<(12d0ed0d-0ee0-4f90-8827-78cefb8f4988)] * StubPath = C: \ Windows \ system32 \ ieudinit.exe [> (22d6f312-b0f6-11d0-94ab-0080c74c7e95)] StubPath = C: \ WINDOWS \ inf \ unregmp2.exe / ShowWMP [> (26923b43-4d38-484f-9b9e-de460746276c)] * StubPath = C: \ Windows \ system32 \ ie4uinit.exe-UserIconConfig [> (881dd1c5-3dcf-431b-b061-f3f88e8be88a)] * StubPath =% systemroot% \ system32 \ shmgrate.exe OCInstallUserConfigOE [(2C7339CF-2B09-4501-B3F3-F3508C9228ED)] * StubPath =% SystemRoot% \ system32 \ regsvr32.exe / s / n / i: / UserInstall% SystemRoot% \ system32 \ themeui.dll [(44BBA840-CC51-11CF-AAFA-00AA00B6015C)] * StubPath = "% ProgramFiles% \ Outlook Express \ setup50.exe" / APP: Ø / apelantului: WINNT / utilizator / instala [(7790769C-0471-11D2-AF11-00C04FA35D02)] * StubPath = "% ProgramFiles% \ Outlook Express \ setup50.exe" / APP: wab / apelantului: WINNT / utilizator / instala [(89820200-ECBD-11cf-8B85-00AA005B4340)] * StubPath = Regsvr32.exe / s / n / i: U shell32.dll [(89820200-ECBD-11cf-8B85-00AA005B4383)] * StubPath = C: \ Windows \ system32 \ ie4uinit.exe-BaseSettings -------------------------------------------------- Enumerating ICQ agent Autostart apps: HKCU \ Software \ Mirabilis \ ICQ \ Agent \ Apps * Cheie de registry nu a fost găsit * -------------------------------------------------- Încărcaţi / Run cheile de la C: \ WINDOWS \ Win.ini: sarcină =* INI secţiune nu a fost găsit * rula =* INI secţiune nu a fost găsit * Încărcaţi / Executare chei din registri: HKLM \ .. \ Windows NT \ CurrentVersion \ Winlogon: load =* Registry valoare nu a fost găsit * HKLM \ .. \ Windows NT \ CurrentVersion \ Winlogon: executa =* Registry valoare nu a fost găsit * HKLM \ .. \ Windows \ CurrentVersion \ Winlogon: load =* Registry cheie nu a fost găsit * HKLM \ .. \ Windows \ CurrentVersion \ Winlogon: executa =* cheie de registry nu a fost găsit * HKCU \ .. \ Windows NT \ CurrentVersion \ Winlogon: load =* Registry valoare nu a fost găsit * HKCU \ .. \ Windows NT \ CurrentVersion \ Winlogon: executa =* Registry valoare nu a fost găsit * HKCU \ .. \ Windows \ CurrentVersion \ Winlogon: load =* Registry cheie nu a fost găsit * HKCU \ .. \ Windows \ CurrentVersion \ Winlogon: executa =* cheie de registry nu a fost găsit * HKCU \ .. \ Windows NT \ CurrentVersion \ Windows: încărcare = HKCU \ .. \ Windows NT \ CurrentVersion \ Windows: executa =* Registry valoare nu a fost găsit * HKLM \ .. \ Windows NT \ CurrentVersion \ Windows: load =* Registry valoare nu a fost găsit * HKLM \ .. \ Windows NT \ CurrentVersion \ Windows: executa =* Registry valoare nu a fost găsit * HKLM \ .. \ Windows NT \ CurrentVersion \ Windows: AppInit_DLLs = -------------------------------------------------- Shell & screensaver-cheie de la C: \ WINDOWS \ System.ini: Shell =* INI secţiune nu a fost găsit * SCRNSAVE.EXE =* INI secţiune nu a fost găsit * drivers =* INI secţiune nu a fost găsit * Shell & screensaver cheie din registri: Shell = Explorer.exe SCRNSAVE.EXE = C: \ Windows \ system32 \ logon.scr drivers =* Registry valoare nu a fost găsit * Politici Shell cheie: HKCU \ .. \ Policies: Shell =* Registry valoare nu a fost găsit * HKLM \ .. \ Policies: Shell =* Registry valoare nu a fost găsit * -------------------------------------------------- Verificarea pentru Explorer.exe situaţii: C: \ WINDOWS \ Explorer.exe: PREZENT! C: \ Explorer.exe: nu este prezent C: \ WINDOWS \ Explorer \ Explorer.exe: nu este prezent C: \ windows \ system \ Explorer.exe: nu este prezent C: \ Windows \ system32 \ Explorer.exe: nu este prezent C: \ windows \ command \ Explorer.exe: nu este prezent C: \ WINDOWS \ Fonts \ Explorer.exe: nu este prezent -------------------------------------------------- Verificarea pentru SuperHidden extensii: . lnk: ASCUNSE! (arrow overlay: da) . pif: ASCUNSE! (arrow overlay: da) . exe: nu ascunse . com: nu ascunse . bat: nu sunt ascunse . hta: nu ascunse . scr: nu ascunse . shs: ASCUNSE! . shb: ASCUNSE! . vbs: nu ascunse . vbe: nu ascunse . wsh: nu ascunse . CSA: ASCUNSE! (arrow overlay: NU!) . url: ASCUNSE! (arrow overlay: da) . js: nu ascunse . jse: nu sunt ascunse -------------------------------------------------- Verificarea integrităţii Regedit.exe: - Regedit.exe găsite în C: \ WINDOWS -. Reg deschide comanda este normal (regedit.exe% 1) - Numele companiei OK: "Microsoft Corporation" - Original filename OK: "regedit.exe" - File descriere: "Registry Editor" Registrul verifica trecut -------------------------------------------------- Enumerating Browser Helper Objects: (fără nume) - c: \ windows \ system32 \ athcfg11c.dll (fişierul lipseşte) - (51610169-C280-4F36-84AB-82D92ED1F68B) (fără nume) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) (fără nume) - C: \ Program Files \ Google \ googletoolbar1.dll - (AA58ED58-01DD-4d91-8333-CF10577473F7) (fără nume) - C: \ Windows \ system32 \ crypt32n.dll - (EA389261-1100-451F-8582-815CAB488AE6) -------------------------------------------------- Enumerating Task Scheduler locuri de muncă: AppleSoftwareUpdate.job At1.job Norton de securitate Scan.job RegCure Programul Check.job RegCure.job -------------------------------------------------- Enumerating Download Program Files: [Microsoft XML Parser pentru Java] CODEBASE = file: / / / C: / Windows / Java / clase / xmldso.cab OSD = C: \ WINDOWS \ Downloaded Program Files \ Microsoft XML Parser pentru Java.osd [IPIX ActiveX Control] InprocServer32 = C: \ WINDOWS \ DOWNLO ~ 1 \ ipixx.ocx CODEBASE = http://www.ipix.com/download/ipixx.cab [Shockwave ActiveX Control] InprocServer32 = C: \ Windows \ system32 \ macromed \ director \ SwDir.dll CODEBASE = http://fpdownload.macromedia.com/get...irector/sw.cab [MUWebControl clasa] InprocServer32 = C: \ Windows \ system32 \ muweb.dll CODEBASE = http://www.update.microsoft.com/micr...?1197453622703 [Java Plug-in 1.6.0_05] InprocServer32 = C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll CODEBASE = http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab [(8FFBE65D-2C9C-4669-84BD-5829DC0B603C)] CODEBASE = http://fpdownload.macromedia.com/get.../ultrashim.cab [a-pătratului Scanner] InprocServer32 = C: \ WINDOWS \ DOWNLO ~ 1 \ asquared.ocx CODEBASE = http://ax.emsisoft.com/asquared.cab [Java Plug-in 1.5.0_06] InprocServer32 = C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll CODEBASE = http://java.sun.com/update/1.5.0/jin...ndows-i586.cab [Java Plug-in 1.5.0_11] InprocServer32 = C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll CODEBASE = http://java.sun.com/update/1.5.0/jin...ndows-i586.cab [Java Plug-in 1.6.0_03] InprocServer32 = C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll CODEBASE = http://java.sun.com/update/1.6.0/jin...ndows-i586.cab [Java Plug-in 1.6.0_05] InprocServer32 = C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll CODEBASE = http://java.sun.com/update/1.6.0/jin...ndows-i586.cab [Java Plug-in 1.6.0_05] InprocServer32 = C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ npjpi160_05.dll CODEBASE = http://java.sun.com/update/1.6.0/jin...ndows-i586.cab [Shockwave Flash Object] InprocServer32 = C: \ Windows \ system32 \ Macromed \ Flash \ Flash9e.ocx CODEBASE = http://fpdownload2.macromedia.com/ge...sh/swflash.cab -------------------------------------------------- Enumerating Winsock LSP fisiere: Spaţiu de nume # 1: C: \ Windows \ system32 \ mswsock.dll Spaţiu de nume # 2: C: \ Windows \ system32 \ winrnr.dll Spaţiu de nume # 3: C: \ Windows \ system32 \ mswsock.dll Spaţiu de nume # 4: C: \ Windows \ system32 \ nwprovau.dll Protocolul # 1: C: \ Windows \ system32 \ mswsock.dll Protocolul # 2: C: \ Windows \ system32 \ mswsock.dll Protocolul # 3: C: \ Windows \ system32 \ mswsock.dll Protocolul # 4: C: \ Windows \ system32 \ rsvpsp.dll Protocolul # 5: C: \ Windows \ system32 \ rsvpsp.dll Protocolul # 6: C: \ Windows \ system32 \ mswsock.dll Protocolul # 7: C: \ Windows \ system32 \ mswsock.dll Protocolul # 8: C: \ Windows \ system32 \ mswsock.dll Protocolul # 9: C: \ Windows \ system32 \ mswsock.dll Protocolul # 10: C: \ Windows \ system32 \ mswsock.dll Protocolul # 11: C: \ Windows \ system32 \ mswsock.dll Protocolul # 12: C: \ Windows \ system32 \ mswsock.dll Protocolul # 13: C: \ Windows \ system32 \ mswsock.dll Protocolul # 14: C: \ Windows \ system32 \ mswsock.dll Protocolul # 15: C: \ Windows \ system32 \ mswsock.dll Protocolul # 16: C: \ Windows \ system32 \ mswsock.dll Protocolul # 17: C: \ Windows \ system32 \ mswsock.dll Protocolul # 18: C: \ Windows \ system32 \ mswsock.dll Protocolul # 19: C: \ Windows \ system32 \ mswsock.dll Protocolul # 20: C: \ Windows \ system32 \ mswsock.dll Protocolul # 21: C: \ Windows \ system32 \ mswsock.dll Protocolul # 22: C: \ Windows \ system32 \ mswsock.dll Protocolul # 23: C: \ Windows \ system32 \ mswsock.dll Protocolul # 24: C: \ Windows \ system32 \ mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP servicii Microsoft ACPI Driver: system32 \ DRIVERS \ ACPI.sys (sistem) Microsoft Embedded Controller Driver: system32 \ DRIVERS \ ACPIEC.sys (sistem) Atheros Configuration Service: C: \ Windows \ system32 \ acs.exe (autostart) Microsoft Kernel acustic Echo Canceller: system32 \ drivers \ aec.sys (manualul de a începe) AFD: \ SystemRoot \ system32 \ drivers \ afd.sys (sistem) Alerter:% SystemRoot% \ system32 \ svchost.exe-k LocalService (dezactivat) Application Layer Gateway Service:% SystemRoot% \ System32 \ alg.exe (manualul de a începe) Application Management:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (manualul de a începe) Atheros adaptor de reţea fără fir Service: system32 \ DRIVERS \ ar5211.sys (manualul de a începe) ASP.NET membru Service:% SystemRoot% \ Microsoft.NET \ Framework \ v1.1.4322 \ ASP net_state.exe (manualul de a începe) RAS asincronă Media Driver: system32 \ DRIVERS \ asyncmac.sys (manualul de a începe) Standard IDE / ESDI controlerului de hard disk: system32 \ DRIVERS \ Atapi.sys (sistem) Ati HotKey Poller:% SystemRoot% \ system32 \ Ati2evxx.exe (autostart) ati2mtag: system32 \ DRIVERS \ ati2mtag.sys (manualul de a începe) ATM ARP Client protocol: system32 \ DRIVERS \ atmarpc.sys (manualul de a începe) Windows Audio:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart) Audio Driver cioturi: system32 \ DRIVERS \ audstub.sys (manualul de a începe) AVG Anti-Spyware Driver: \?? \ C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7.5 \ guard.sys (sistem) AVG Anti-Spyware Garda: C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7.5 \ guard.exe (autostart) AVG7 Alert Manager Server: C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe (autostart) AVG7 Kernel: \ SystemRoot \ System32 \ Drivers \ avg7core.sys (sistem) AVG7 Încadrare Driver: \ SystemRoot \ System32 \ Drivers \ avg7rsw.sys (sistem) AVG7 Rezident Driver XP: \ SystemRoot \ System32 \ Drivers \ avg7rsxp.sys (sistem) AVG7 Update Service: C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe (autostart) AVG Anti-Spyware Clean Driver: System32 \ DRIVERS \ AvgAsCln.sys (sistem) AVG7 Clean Driver: \ SystemRoot \ System32 \ Drivers \ avgclean.sys (sistem) Background Intelligent Transfer Service:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart) Accesul 32bits INT15 rutină: system32 \ drivers \ BoiHwSetup.sys (manualul de a începe) BrSplService: C: \ Windows \ system32 \ brsvc01a.exe (autostart) Computer Browser:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart) Logical Disk Manager Monitor:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart) Conexant AMC 3D de mediu Audio: system32 \ drivers \ camc6aud.sys (manualul de a începe) CAMCHALA: system32 \ drivers \ camc6hal.sys (manualul de a începe) CD-ROM-ul Driver: system32 \ DRIVERS \ cdrom.sys (sistem) ConfigFree Service: C: \ Program Files \ TOSHIBA \ ConfigFree \ CFSvcs.exe (autostart) Indexare Service:% SystemRoot% \ system32 \ cisvc.exe (manualul de a începe) ClipBook:% SystemRoot% \ system32 \ clipsrv.exe (dezactivat) Microsoft ACPI metoda de control Acumulator Driver: system32 \ DRIVERS \ CmBatt.sys (manualul de a începe) Microsoft Composite Battery Driver: system32 \ DRIVERS \ compbatt.sys (sistem) COM + System Application: C: \ Windows \ system32 \ dllhost.exe / Processid: (02D4B3F1-FD88-11D1-960D-00805FC79235) (manualul de a începe) Cryptographic Services:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart) DCOM Server Process Launcher:% SystemRoot% \ system32 \ Svchost-k DcomLaunch (autostart) DHCP Client:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart) Disk Driver: system32 \ DRIVERS \ disk.sys (sistem) DLABOIOM: System32 \ dla \ DLABOIOM.SYS (autostart) DLACDBHM: System32 \ Drivers \ DLACDBHM.SYS (sistem) DLADResN: System32 \ dla \ DLADResN.SYS (autostart) DLAIFS_M: System32 \ dla \ DLAIFS_M.SYS (autostart) DLAOPIOM: System32 \ dla \ DLAOPIOM.SYS (autostart) DLAPoolM: System32 \ dla \ DLAPoolM.SYS (autostart) DLARTL_N: System32 \ Drivers \ DLARTL_N.SYS (sistem) DLAUDFAM: System32 \ dla \ DLAUDFAM.SYS (autostart) DLAUDF_M: System32 \ dla \ DLAUDF_M.SYS (autostart) Logical Disk Manager Administrative Service:% SystemRoot% \ System32 \ dmadmin.exe / com (manualul de a începe) dmboot: system32 \ drivers \ dmboot.sys (dezactivat) Logical Disk Manager Driver: system32 \ drivers \ dmio.sys (sistem) dmload: system32 \ drivers \ dmload.sys (sistem) Logical Disk Manager:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart) Microsoft Kernel DLS Syntheiszer: system32 \ drivers \ DMusic.sys (manualul de a începe) DNINDIS5 Driver NDIS protocol: \?? \ C: \ PROGRA ~ 1 \ Belkin \ BELKIN ~ 1.11G \ DNINDIS5.SYS (manualul de a începe) DNS Client:% SystemRoot% \ system32 \ svchost.exe-k NetworkService (autostart) Microsoft Kernel DRM audio Descrambler: system32 \ drivers \ drmkaud.sys (manualul de a începe) DRVMCDB: System32 \ Drivers \ DRVMCDB.SYS (sistem) DRVNDDM: System32 \ Drivers \ DRVNDDM.SYS (autostart) Error Reporting Service:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart) Jurnalul de evenimente:% SystemRoot% \ system32 \ services.exe (autostart) COM + Event System: C: \ Windows \ system32 \ svchost.exe-k netsvcs (manualul de a începe) Comutarea rapidă între utilizatori Compatibilitate:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (manualul de a începe) FltMgr: system32 \ DRIVERS \ fltMgr.sys (sistem) Volume Manager Driver: system32 \ DRIVERS \ ftdisk.sys (sistem) Generic Packet clasificator: system32 \ DRIVERS \ msgpc.sys (manualul de a începe) GTNDIS5 Driver NDIS protocol: \?? \ C: \ Windows \ system32 \ GTNDIS5.SYS (manualul de a începe) Google Updater Service: "C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe" (manualul de a începe) Ajutor şi Asistenţă:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart) Human Interface Device Acces:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (dezactivat) Microsoft HID Class Driver: system32 \ DRIVERS \ hidusb.sys (manualul de a începe) hlkvythd: system32 \ drivers \ vzrpdamf.dat (sistem) HSFHWATI: system32 \ DRIVERS \ HSFHWATI.sys (manualul de a începe) HSF_DPV: system32 \ DRIVERS \ HSF_DPV.sys (manualul de a începe) HTTP: System32 \ Drivers \ Http.sys (manualul de a începe) HTTP SSL:% SystemRoot% \ System32 \ svchost.exe-k HTTPFilter (manualul de a începe) i8042 tastaturii şi PS / 2 Mouse Port Driver: system32 \ DRIVERS \ i8042prt.sys (sistem) InstallDriver Table Manager: "C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe" (manualul de a începe) Burning CD-driverul de filtrare: system32 \ DRIVERS \ imapi.sys (sistem) IMAPI CD-Burning COM Service: C: \ Windows \ system32 \ imapi.exe (manualul de a începe) Procesor Intel Driver: system32 \ DRIVERS \ intelppm.sys (sistem) IPv6 Windows Firewall Driver: system32 \ DRIVERS \ Ip6Fw.sys (manualul de a începe) Driverul de filtrare a traficului IP: system32 \ DRIVERS \ ipfltdrv.sys (manualul de a începe) IP la IP Tunel Driver: system32 \ DRIVERS \ ipinip.sys (manualul de a începe) IP Network Address Translator: system32 \ DRIVERS \ Ipnat.sys (manualul de a începe) IPSec driver: system32 \ DRIVERS \ ipsec.sys (sistem) IR enumeratorul Service: system32 \ DRIVERS \ irenum.sys (manualul de a începe) PnP ISA / EISA Bus Driver: system32 \ DRIVERS \ isapnp.sys (sistem) IVI ASPI Shell: system32 \ drivers \ iviaspi.sys (manualul de a începe) Clasa Keyboard Driver: system32 \ DRIVERS \ kbdclass.sys (sistem) Microsoft Kernel Wave Audio Mixer: system32 \ drivers \ kmixer.sys (manualul de a începe) Server:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart) Workstation:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart) TCP / IP NetBIOS Helper:% SystemRoot% \ system32 \ svchost.exe-k LocalService (autostart) mdmxsdk: system32 \ DRIVERS \ mdmxsdk.sys (autostart) Messenger:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (dezactivat) NetMeeting Remote Desktop Sharing: C: \ Windows \ system32 \ mnmsrvc.exe (manualul de a începe) Mouse-ul de clasa Driver: system32 \ DRIVERS \ mouclass.sys (sistem) Mouse HID Driver: system32 \ DRIVERS \ mouhid.sys (manualul de a începe) Client WebDAV Redirector: system32 \ DRIVERS \ mrxdav.sys (manualul de a începe) MRXSMB: system32 \ DRIVERS \ mrxsmb.sys (sistem) Distribuit Transaction Coordonator: C: \ Windows \ system32 \ msdtc.exe (manualul de a începe) Windows Installer: C: \ Windows \ system32 \ Msiexec.exe / V (manualul de a începe) Microsoft Streaming Service Proxy: system32 \ drivers \ MSKSSRV.sys (manualul de a începe) Microsoft Streaming Ceas Proxy: system32 \ drivers \ MSPCLOCK.sys (manualul de a începe) Microsoft Streaming Manager Calitate Proxy: system32 \ drivers \ MSPQM.sys (manualul de a începe) Microsoft System Management BIOS Driver: system32 \ DRIVERS \ mssmbios.sys (manualul de a începe) Remote Access Driver NDIS TAPI: system32 \ DRIVERS \ ndistapi.sys (manualul de a începe) NDIS usermode I / O protocol: system32 \ DRIVERS \ ndisuio.sys (manualul de a începe) Remote Access Driver NDIS WAN: system32 \ DRIVERS \ ndiswan.sys (manualul de a începe) NetBIOS Interface: system32 \ DRIVERS \ netbios.sys (sistem) NetBIOS prin Tcpip: system32 \ DRIVERS \ netbt.sys (sistem) Network DDE:% SystemRoot% \ system32 \ netdde.exe (dezactivat) Network DDE DSDM:% SystemRoot% \ system32 \ netdde.exe (dezactivat) TOSHIBA dispozitiv de reţea usermode I / O protocol: system32 \ DRIVERS \ netdevio.sys (autostart) Net Logon:% SystemRoot% \ system32 \ lsass.exe (autostart) Conexiuni în reţea:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (manualul de a începe) Network Location Awareness (NLA):% SystemRoot% \ system32 \ svchost.exe-k netsvcs (manualul de a începe) NT LM Security Support Provider:% SystemRoot% \ system32 \ lsass.exe (manualul de a începe) Stocare:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (manualul de a începe) Client Service pentru NetWare:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart) IPX Trafic driverul de filtrare: system32 \ DRIVERS \ nwlnkflt.sys (manualul de a începe) IPX Trafic Forwarder Driver: system32 \ DRIVERS \ nwlnkfwd.sys (manualul de a începe) NWLink IPX / SPX / NetBIOS Compatible Transport Protocol: system32 \ DRIVERS \ nwlnkipx.sys (autostart) NWLink NetBIOS: system32 \ DRIVERS \ nwlnknb.sys (autostart) NWLink SPX / SPXII protocol: system32 \ DRIVERS \ nwlnkspx.sys (autostart) NetWare Rdr: system32 \ DRIVERS \ nwrdr.sys (manualul de a începe) Office Sursa Motor: "C: \ Program Files \ Common Files \ Microsoft Shared \ Sursa Motor \ OSE.EXE" (manualul de a începe) PCI Bus Driver: system32 \ DRIVERS \ pci.sys (sistem) PCIIde: system32 \ DRIVERS \ pciide.sys (sistem) Pcmcia: system32 \ DRIVERS \ pcmcia.sys (sistem) Padus ASPI Shell: system32 \ drivers \ pfc.sys (manualul de a începe) Plug and Play:% SystemRoot% \ system32 \ services.exe (autostart) IPSec Servicii:% SystemRoot% \ system32 \ lsass.exe (autostart) WAN miniport (PPTP): system32 \ DRIVERS \ raspptp.sys (manualul de a începe) Protected Storage:% SystemRoot% \ system32 \ lsass.exe (autostart) QoS Packet Scheduler: system32 \ DRIVERS \ psched.sys (manualul de a începe) Paralel Direct Link Driver: system32 \ DRIVERS \ ptilink.sys (manualul de a începe) PxHelp20: System32 \ Drivers \ PxHelp20.sys (sistem) Quanta HotKey Keyboard driverul de filtrare: system32 \ drivers \ qkbfiltr.sys (manualul de a începe) Quanta HotKey Mouse driverul de filtrare: system32 \ drivers \ qmofiltr.sys (manualul de a începe) Remote Access Auto Connection Driver: system32 \ DRIVERS \ rasacd.sys (sistem) Remote Access Auto Connection Manager:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (manualul de a începe) WAN miniport (L2TP): system32 \ DRIVERS \ rasl2tp.sys (manualul de a începe) Remote Access Connection Manager:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (manualul de a începe) Remote Access PPPoE Driver: system32 \ DRIVERS \ raspppoe.sys (manualul de a începe) Direct paralele: system32 \ DRIVERS \ raspti.sys (manualul de a începe) Rdbss: system32 \ DRIVERS \ rdbss.sys (sistem) RDPCDD: System32 \ DRIVERS \ RDPCDD.sys (sistem) Terminal Server Device Driver Redirector: system32 \ DRIVERS \ rdpdr.sys (manualul de a începe) Remote Desktop Help Session Manager: C: \ Windows \ system32 \ sessmgr.exe (manualul de a începe) Digital Audio CD Redare driverul de filtrare: system32 \ DRIVERS \ redbook.sys (sistem) Routing and Remote Access:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (dezactivat) Remote registri:% SystemRoot% \ system32 \ svchost.exe-k LocalService (autostart) Remote Procedure Call (RPC) Locator:% SystemRoot% \ system32 \ locator.exe (manualul de a începe) Remote Procedure Call (RPC):% SystemRoot% \ system32 \ Svchost-k RpcSs (autostart) QoS RSVP:% SystemRoot% \ system32 \ rsvp.exe (manualul de a începe) Belkin RT2500 Wireless Driver: system32 \ DRIVERS \ RT61.sys (manualul de a începe) Realtek 10/100/1000 NIC de familie, toate într-un XP Driver NDIS: system32 \ DRIVERS \ Rtlnicxp.sys (manualul de a începe) Realtek RTL8139 (A / B / C), bazate pe PCI Fast Ethernet Adapter NT Driver: system32 \ DRIVERS \ RTL8139.SYS (manualul de a începe) Security Accounts Manager:% SystemRoot% \ system32 \ lsass.exe (autostart) Smart Card:% SystemRoot% \ System32 \ SCardSvr.exe (manualul de a începe) Task Scheduler:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart) Secdrv: system32 \ DRIVERS \ secdrv.sys (manualul de a începe) Secundar Pseudonim:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart) Sistemul de notificare Eveniment:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart) Sitecom port serial driver: system32 \ DRIVERS \ ser2pl.sys (manualul de a începe) Serenum driverul de filtrare: system32 \ DRIVERS \ serenum.sys (manualul de a începe) Mare capacitate Floppy Disk Drive: system32 \ DRIVERS \ sfloppy.sys (manualul de a începe) Windows Firewall / Internet Connection Sharing (ICS):% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart) Shell Hardware Detection:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart) Microsoft Kernel Audio separator: system32 \ drivers \ Splitter.sys (manualul de a începe) Print Spooler:% SystemRoot% \ system32 \ Spoolsv.exe (autostart) System Restore driverul de filtrare: system32 \ DRIVERS \ sr.sys (sistem) System Restore Service:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart) Srv: system32 \ DRIVERS \ srv.sys (manualul de a începe) SSDP Discovery Service:% SystemRoot% \ system32 \ svchost.exe-k LocalService (manualul de a începe) Totuşi Serial Digital Camera Driver: system32 \ DRIVERS \ serscan.sys (manualul de a începe) Windows Image achiziţie (Wia):% SystemRoot% \ system32 \ svchost.exe-k imgsvc (autostart) Software-ul Bus Driver: system32 \ DRIVERS \ swenum.sys (manualul de a începe) Microsoft Kernel GS Wavetable sintetizator: system32 \ drivers \ swmidi.sys (manualul de a începe) MS Software Shadow Copy Provider: C: \ Windows \ system32 \ dllhost.exe / Processid: (6C222AAE-7AD3-43BE-AC4B-02239FF8DEC6) (manualul de a începe) Synaptics TouchPad Driver: system32 \ DRIVERS \ SynTP.sys (manualul de a începe) Microsoft Kernel Sistemul Audio Device: system32 \ drivers \ sysaudio.sys (manualul de a începe) Performance Logs şi Alerts:% SystemRoot% \ system32 \ smlogsvc.exe (manualul de a începe) Telefonie:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (manualul de a începe) TCP / IP protocol Driver: system32 \ DRIVERS \ tcpip.sys (sistem) Terminal driver de dispozitiv: system32 \ DRIVERS \ termdd.sys (sistem) Terminal Services:% SystemRoot% \ System32 \ Svchost-k DComLaunch (manualul de a începe) Teme:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart) Telnet: C: \ Windows \ system32 \ tlntsvr.exe (dezactivat) tmcomm: \?? \ C: \ Windows \ system32 \ drivers \ tmcomm.sys (autostart) Distributed Link Tracking Client:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart) Microcode Update Driver: system32 \ DRIVERS \ update.sys (manualul de a începe) Universal Plug and Play Device Host:% SystemRoot% \ system32 \ svchost.exe-k LocalService (manualul de a începe) Uninterruptible Power Supply:% SystemRoot% \ System32 \ ups.exe (manualul de a începe) Microsoft USB Generic Parent Driver: system32 \ DRIVERS \ usbccgp.sys (manualul de a începe) Microsoft USB 2.0 Enhanced Host Controller Driver miniport: system32 \ DRIVERS \ Usbehci.sys (manualul de a începe) USB2 Enabled Hub: system32 \ DRIVERS \ Usbhub.sys (manualul de a începe) Microsoft USB Open Host Controller Driver miniport: system32 \ DRIVERS \ Usbohci.sys (manualul de a începe) Microsoft USB PRINTER Clasa: system32 \ DRIVERS \ usbprint.sys (manualul de a începe) USB Scanner Driver: system32 \ DRIVERS \ usbscan.sys (manualul de a începe) USB Mass Storage Driver: system32 \ DRIVERS \ USBSTOR.SYS (manualul de a începe) Linksys Wireless-G USB cu adaptor de reţea SpeedBooster Driver v2: system32 \ DRIVERS \ usb8023.sys (manualul de a începe) VgaSave: \ SystemRoot \ system32 \ drivers \ vga.sys (sistem) Volume Shadow Copy:% SystemRoot% \ System32 \ vssvc.exe (manualul de a începe) Windows Time:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart) Remote Access IP ARP Driver: system32 \ DRIVERS \ wanarp.sys (manualul de a începe) Windows CE USB Serial-gazdă Driver: system32 \ DRIVERS \ wceusbsh.sys (manualul de a începe) Microsoft WINMM WDM Audio Compatibility Driver: system32 \ drivers \ Wdmaud.sys (manualul de a începe) WebClient:% SystemRoot% \ system32 \ svchost.exe-k LocalService (autostart) winachsf: system32 \ DRIVERS \ HSF_CNXT.sys (manualul de a începe) Windows Management Instrumentation:% systemroot% \ system32 \ svchost.exe-k netsvcs (autostart) Portable Media Service Număr de serie:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (manualul de a începe) Windows Management Instrumentation Driver Extensions:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (manualul de a începe) WMI Performance Adapter: C: \ Windows \ system32 \ wbem \ wmiapsrv.exe (manualul de a începe) Windows Media Player Network Sharing Service: "C: \ Program Files \ Windows Media Player \ WMPNetwk.exe" (manualul de a începe) Windows Socket 2.0 Non-IFS furnizor de servicii de suport de Mediu: \ SystemRoot \ system32 \ drivers \ ws2ifsl.sys (dezactivat) Centrul de securitate:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart) Actualizări automate:% systemroot% \ system32 \ svchost.exe-k netsvcs (autostart) Windows Driver Foundation - User-mode Driver-cadru Platforma Driver: system32 \ DRIVERS \ WudfPf.sys (manualul de a începe) Windows Driver Foundation - User-mode Driver-cadru Reflector: system32 \ DRIVERS \ wudfrd.sys (manualul de a începe) Windows Driver Foundation - User-mode Driver-cadru:% SystemRoot% \ system32 \ svchost.exe-k WudfServiceGroup (manualul de a începe) Wireless Zero Configuration:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart) Network Provisioning Service:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (manualul de a începe) -------------------------------------------------- Enumerating Windows NT logon / Log off script-uri: * Nu setat să ruleze script-uri * Windows NT checkdisk comandă: BootExecute = Automată Autochk * Windows NT "Wininit.ini": PendingFileRenameOperations: * valoare de registry nu a fost găsit * -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad elemente: PostBootReminder: C: \ Windows \ system32 \ SHELL32.dll CDBurn: C: \ Windows \ system32 \ SHELL32.dll WebCheck: C: \ Windows \ system32 \ webcheck.dll Systray: C: \ Windows \ system32 \ stobject.dll UPnPMonitor: C: \ Windows \ system32 \ upnpui.dll WPDShServiceObj: C: \ Windows \ system32 \ WPDShServiceObj.dll -------------------------------------------------- Autorun intrările din registry: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Pol icies \ Explorer \ Run * Nu valori găsit * -------------------------------------------------- Autorun intrările din registry: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Pol icies \ Explorer \ Run * Nu valori găsit * -------------------------------------------------- Sfârşit de raport, 38242 bytes Raport generată în 0.266 secunde Opţiuni de linie de comandă: / verbose - pentru a adăuga informaţii suplimentare cu privire la fiecare secţiune / complet - pentru a include secţiunile gol şi unsuspicious date / complet - pentru a include mai multe rareori-importante secţiuni / force9x - pentru a include numai Win9x-pornografiei chiar dacă rulează pe WINNT / forcent - pentru a include numai WINNT-pornografiei chiar dacă rulează pe Win9x / forceall - pentru a include toate Win9x şi WINNT pornografiei, indiferent de platformă / istorie - de a lista versiune de istorie numai |
|
#4
25 martie 2008, 14:47
| |||
| |||
| Thats o listă de pornire de la HJT, care este util, dar am nevoie de principalele scanare. Deschideţi HJT şi selectaţi Fă-un sistem de scanare şi salva un fişier de log buton. Post că log te rog.
__________________ |
|
#5
27 martie 2008, 12:47
| |||
| |||
| Salut, Îmi pare rău dacă am par lente în a răspunde, dar eu sunt cu dificultate în salvarea de scanare! Am fost la HJT rula "Fă-un sistem de scanare şi salva un fişier jurnal, dar atunci când încearcă să deschidă un fişier de log nu reuşeşte. Singurul mod în care pot vedea de a furniza aceste informaţii este dacă am economisi o copie de ecran, dar pentru a posta că va fi o mare fişier crezi că aceasta este o idee bună sau nu este altceva pot incerca? Cu respect Ian A |
|
#6
27 martie 2008, 12:58
| |||
| |||
| Încercaţi acest loc şi în jurnalele de post de la ea. Descărca Decker sistemului Scanner (DSS) pentru a vă Spaţiul de lucru. Notă: Trebuie să vă înregistraţi pe un cont cu privilegii de administrator.
Ce va face DSS:
__________________ |
|
#7
28 martie 2008, 14:41
| |||
| |||
| Salut Eu cred că trebuie să fie! Am încercat duc la cald se leagă Deckards scanner, dar nu îl pot găsi dss.exe. Deckards-mi cere să se înscrie la un alt site web forum similară cu cea Sunt deja pe Vă rugăm să explicaţi Ian |
|
#8
28 martie 2008, 14:46
| |||
| |||
| Utilizaţi acest link. http://www.techsupportforum.com/sect...eckard/dss.exe
__________________ |
|
#9
7 aprilie 2008, 00:56
| |||
| |||
| Salut, Ne pare rău, dacă aceasta din cand in cand, deoarece m-am întors, dar am fost plecat Acum am reusit sa fac de scanare şi de aici sunt rezultatele System Restore ------------------------------------------------ -------------- Creat cu succes un sistem de scanare Decker lui punct de restaurare. - Ultimele 5 Restabilire punct (e) -- 49: 2008-04-07 07:50:49 UTC - RP160 - Decker a Sistemului Scanner punct de restaurare 48: 2008-04-07 06:07:59 UTC - RP159 - Sistemul Checkpoint 47: 2008-04-01 17:50:42 UTC - RP158 - Sistemul Checkpoint 46: 2008-03-28 20:48:03 UTC - RP157 - Installed SUPERAntiSpyware Free Edition 45: 2008-03-28 19:02:25 UTC - RP156 - Sistemul Checkpoint - Primul punct de restaurare -- 1: 2008-01-04 07:54:54 UTC - RP112 - Sistemul Checkpoint Susţinute de registru de stupi. Efectuate pe Curăţire disc. Procentul de Memorie în uz: 76% (mai mult de 75%). Total Physical Memorie: 447 MIB (512 MIB recomandat). - HijackThis (rulat ca iana.exe) ---------------------------------------- -------- Logfile de Trend Micro HijackThis v2.0.2 Scan salvate la 08:52:30, pe 07.04.2008 Platforma: Windows XP SP2 (WINNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Rularea procese: C: \ Windows \ system32 \ smss.exe C: \ Windows \ system32 \ winlogon.exe C: \ Windows \ system32 \ services.exe C: \ Windows \ system32 \ lsass.exe C: \ Windows \ system32 \ Ati2evxx.exe C: \ Windows \ system32 \ svchost.exe C: \ Windows \ system32 \ svchost.exe C: \ Windows \ system32 \ brsvc01a.exe C: \ Windows \ system32 \ Spoolsv.exe C: \ Windows \ system32 \ brss01a.exe C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7.5 \ guard.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe C: \ Program Files \ TOSHIBA \ ConfigFree \ CFSvcs.exe C: \ Windows \ system32 \ svchost.exe C: \ Windows \ system32 \ svchost.exe C: \ Windows \ system32 \ Ati2evxx.exe C: \ WINDOWS \ Explorer.exe C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe C: \ Program Files \ Toshiba \ Windows Utilities \ Hotkey.exe C: \ Windows \ system32 \ TPSMain.exe C: \ Program Files \ Synaptics \ SynTP \ Toshiba.exe C: \ Program Files \ TOSHIBA \ ConfigFree \ NDSTray.exe C: \ Program Files \ TOSHIBA \ TOSHIBA panoramarea Utility \ SmoothView.exe C: \ Program Files \ TOSHIBA \ Touch şi Lansarea \ PadExe.exe C: \ Windows \ system32 \ dla \ DLACTRLW.EXE C: \ Program Files \ TOSHIBA \ ConfigFree \ CFSServ.exe C: \ Program Files \ Atheros \ ACU.exe C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe C: \ Program Files \ QuickTime \ qttask.exe C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ OpwareSE2.exe C: \ Program Files \ TOSHIBA \ TOSCDSPD \ toscdspd.exe C: \ Windows \ system32 \ Ctfmon.exe C: \ Program Files \ Messenger \ msmsgs.exe C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe C: \ Windows \ system32 \ TPSBattM.exe C: \ Program Files \ FinePixViewer \ QuickDCF.exe C: \ Program Files \ TOSHIBA \ ConfigFree \ CFXFER.exe C: \ Program Files \ Internet Explorer \ iexplore.exe C: \ Program Files \ Adobe \ Acrobat 6.0 \ Reader \ AcroRd32.exe C: \ Windows \ system32 \ WISPTIS.EXE C: \ Documents and Settings \ Iana \ Local Settings \ Temporary Internet Files \ Content.IE5 \ EL9EICW6 \ DSS [1]. Exe C: \ PROGRA ~ 1 \ TRENDM ~ 1 \ hijack ~ 1 \ iana.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/ R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Search, SearchAssistant = R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Search, CustomizeSearch = R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Setări, ProxyServer = flotechsvr: 8080 O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 6.0 \ Reader \ ActiveX \ AcroIEHelper.dll O2 - BHO: (no name) - (51610169-C280-4F36-84AB-82D92ED1F68B) - c: \ windows \ system32 \ athcfg11c.dll (fişierul lipseşte) O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ googletoolbar1.dll O2 - BHO: (no name) - (EA389261-1100-451F-8582-815CAB488AE6) - C: \ Windows \ system32 \ crypt32n.dll O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar1.dll O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe O4 - HKLM \ .. \ Run: [Toshiba Hotkey Utility] "C: \ Program Files \ Toshiba \ Windows Utilities \ Hotkey.exe" / lang en O4 - HKLM \ .. \ Run: [TPSMain] TPSMain.exe O4 - HKLM \ .. \ Run: [NDSTray.exe] NDSTray.exe O4 - HKLM \ .. \ Run: [SmoothView] C: \ Program Files \ TOSHIBA \ TOSHIBA panoramarea Utility \ SmoothView.exe O4 - HKLM \ .. \ Run: [PadTouch] C: \ Program Files \ TOSHIBA \ Touch şi Lansarea \ PadExe.exe O4 - HKLM \ .. \ Run: [dla] C: \ Windows \ system32 \ dla \ DLACTRLW.EXE O4 - HKLM \ .. \ Run: [CFSServ.exe] CFSServ.exe-NoClient O4 - HKLM \ .. \ Run: [REGSHAVE] C: \ Program Files \ REGSHAVE \ REGSHAVE.EXE / AutoRun O4 - HKLM \ .. \ Run: [ACU] "C: \ Program Files \ Atheros \ ACU.exe"-nogui O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe" / minimizate O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / startup O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe" O4 - HKLM \ .. \ Run: [OpwareSE2] "C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ OpwareSE2.exe" O4 - HKLM \ .. \ Run: [OPSE memento] "C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ EregEng \ Ereg.exe"-r "C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ EregEng \ ereg . ini " O4 - HKCU \ .. \ Run: [TOSCDSPD] C: \ Program Files \ TOSHIBA \ TOSCDSPD \ toscdspd.exe O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe O4 - HKCU \ .. \ Run: [PnPUI Registrator] C: \ Program Files \ Common Files \ Sitecom Shared \ PnP Universal Installer \ PnPUIReg.exe-s O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'Default user') O4 - Global Startup: Exif Launcher.lnk = C: \ Program Files \ FinePixViewer \ QuickDCF.exe O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files \ Microsoft Office \ Office \ OSA9.EXE O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll O9 - Extra button: Cercetare - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI05E6 ~ 1 \ OFFICE11 \ REFIEBAR.DLL O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O10 - Unknown file in Winsock LSP: c: \ windows \ system32 \ nwprovau.dll O14 - IERESET.INF: START_PAGE_URL = http://Companyweb O16 - DPF: (11260943-421B-11D0-8EAC-0000C07D88CF) (IPIX ActiveX Control) -- http://www.ipix.com/download/ipixx.cab O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1197453622703 O16 - DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) (Java Runtime Environment 1.6.0) -- http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab O16 - DPF: (BB21F850-63F4-4EC9-BF9D-565BD30C9AE9) (a-pătratului Scanner) -- http://ax.emsisoft.com/asquared.cab O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab O17 - HKLM \ SYSTEM \ CCS \ Services \ Tcpip \ Parameters: Domain = flotech.local O17 - HKLM \ SOFTWARE \ .. \ telefonie: numedomeniu = flotech.local O17 - HKLM \ SYSTEM \ CCS \ Services \ Tcpip \ .. \ (3C838800-48EC-1126-8092-81CB4BD5BA88): nume = 208.67.220.220,208.67.222.222 O17 - HKLM \ SYSTEM \ CS1 \ Services \ Tcpip \ Parameters: Domain = flotech.local O17 - HKLM \ SYSTEM \ CS1 \ Services \ Tcpip \ Parameters: nume = 208.67.220.220,208.67.222.222 O17 - HKLM \ SYSTEM \ CS1 \ Services \ Tcpip \ .. \ (3C838800-48EC-1126-8092-81CB4BD5BA88): nume = 208.67.220.220,208.67.222.222 O17 - HKLM \ SYSTEM \ CS3 \ Services \ Tcpip \ Parameters: Domain = flotech.local O17 - HKLM \ SYSTEM \ CS3 \ Services \ Tcpip \ Parameters: nume = 208.67.220.220,208.67.222.222 O17 - HKLM \ SYSTEM \ CS3 \ Services \ Tcpip \ .. \ (3C838800-48EC-1126-8092-81CB4BD5BA88): nume = 208.67.220.220,208.67.222.222 O17 - HKLM \ SYSTEM \ CCS \ Services \ Tcpip \ Parameters: nume = 208.67.220.220,208.67.222.222 O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O20 - Winlogon Notify: detcdzqc - athcfg11c.dll (fişierul lipseşte) O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C: \ Windows \ system32 \ acs.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc - C: \ Windows \ system32 \ Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7.5 \ guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe O23 - Service: BrSplService (Brother Spl XP Service) - fratele Industries Ltd - C: \ Windows \ system32 \ brsvc01a.exe O23 - Service: ConfigFree Service (CFSvcs) - Toshiba Corporation - C: \ Program Files \ TOSHIBA \ ConfigFree \ CFSvcs.exe O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe -- Sfârşit de fişier - 9862 bytes - HijackThis fix Entries (C: \ PROGRA ~ 1 \ TRENDM ~ 1 \ hijack ~ 1 \ backups \) ----------- backup-20071217-070814-188 O4 - HKLM \ .. \ Run: [\ \ WKS-216 \ EPSON stylus C46 Seria] C: \ Windows \ system32 \ bobina \ DRIVERS \ W32X86 \ 3 \ E_S4I0T 1.EXE / P33 "\ \ WKS-216 \ EPSON Stylus C46 Seria "/ O6" USB002 "/ M" stylus C46 " backup-20071217-071110-763 O16 - DPF: (935F9B04-0C7B-4454-A391-348C54AD7ADD) (Jolly Bear Jocuri Player) -- http://games.bigfishgames.com/en_big...GamePlayer.cab backup-20071219-071455-100 O20 - Winlogon Notify: detcdzqc - C: \ Windows \ system32 \ athcfg11c.dll backup-20071219-071455-320 O4 - Global Startup: EPSON Status Monitor 3 Verificaţi Mediu (3). lnk = C: \ Windows \ system32 \ bobina \ drivers \ w32x86 \ 3 \ E_SRCV0 3.EXE backup-20071219-071455-780 O2 - BHO: (no name) - (EA389261-1100-451F-8582-815CAB488AE6) - C: \ Windows \ system32 \ crypt32n.dll backup-20080327-194111-931 O2 - BHO: (no name) - (51610169-C280-4F36-84AB-82D92ED1F68B) - c: \ windows \ system32 \ athcfg11c.dll (fişierul lipseşte) backup-20080327-194139-797 O2 - BHO: (no name) - (EA389261-1100-451F-8582-815CAB488AE6) - C: \ Windows \ system32 \ crypt32n.dll backup-20080327-194247-663 O2 - BHO: (no name) - (EA389261-1100-451F-8582-815CAB488AE6) - C: \ Windows \ system32 \ crypt32n.dll - Asocierile de fişiere ---------------------------------------------- ------------- . txt - NetLog.Document - DefaultIcon - C: \ EPICOM ~ 1.02 \ EPICom2.02 \ EPICOM ~ 1.EXE, 8 . txt - NetLog.Document - shell \ open \ command - C: \ EPICOM ~ 1.02 \ EPICom2.02 \ EPICOM ~ 1.EXE / DDE - Drivere: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 hlkvythd - c: \ windows \ system32 \ drivers \ vzrpdamf.dat R1 SASDIFSV - C: \ Program Files \ superantispyware \ sasdifsv.sys R1 SASKUTIL - C: \ Program Files \ superantispyware \ saskutil.sys R2 MASPINT - c: \ windows \ system32 \ drivers \ maspint.sys <Not Verified; MicroStaff Co.,Ltd.; Aspi32 Driver pentru WinNT> R2 mdmxsdk - c: \ windows \ system32 \ drivers \ mdmxsdk.sys <Not Verified; Conexant; de diagnostic Interface> R2 Netdevio (TOSHIBA dispozitiv de reţea usermode I / O Protocol) - c: \ windows \ system32 \ drivers \ netdevio.sys <Not Verified; TOSHIBA Corporation.; TOSHIBA dispozitiv de reţea usermode I/O protocol> R3 AR5211 (Atheros adaptor de reţea fără fir Service) - c: \ windows \ system32 \ drivers \ ar5211.sys <Not Verified; Atheros Communications, Inc.; Atheros AR5001 Wireless Network Adapter> R3 BoiHwsetup (Access 32bits INT15 rutină) - c: \ windows \ system32 \ drivers \ boihwsetup.sys <Not Verified; Compania Quanta Computer Corp; Toshiba HwSetup Driver> R3 CAMCAUD (Conexant AMC audio 3D de mediu) - c: \ windows \ system32 \ drivers \ camc6aud.sys <Not Verified; Conexant Systems Inc.; Conexant Audio Driver> R3 CAMCHALA - c: \ windows \ system32 \ drivers \ camc6hal.sys <Not Verified; Conexant Systems Inc.; Conexant AmcHal Driver> R3 HSF_DPV - c: \ windows \ system32 \ drivers \ hsf_dpv.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver> R3 HSFHWATI - c: \ windows \ system32 \ drivers \ hsfhwati.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver> R3 Iviaspi (IVI ASPI Shell) - c: \ windows \ system32 \ drivers \ iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell> R3 PFC (Padus ASPI Shell) - c: \ windows \ system32 \ drivers \ pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell> R3 qkbfiltr (Quanta HotKey Keyboard driverul de filtrare) - c: \ windows \ system32 \ drivers \ qkbfiltr.sys <Not Verified; Quanta Computer, Inc.; Quanta HotKey Keyboard Filtru Driver> R3 qmofiltr (Quanta HotKey Mouse driverul de filtrare) - c: \ windows \ system32 \ drivers \ qmofiltr.sys <Not Verified; Quanta Computer, Inc.; Quanta Mouse Filtru Aparat Driver> R3 SASENUM - C: \ Program Files \ superantispyware \ sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware> R3 winachsf - c: \ windows \ system32 \ drivers \ hsf_cnxt.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver> S3 DNINDIS5 (DNINDIS5 Driver NDIS protocol) - c: \ progra ~ 1 \ belkin \ belkin ~ 1.11g \ dnindis5.sys (fişierul lipseşte) S3 GTNDIS5 (GTNDIS5 Driver NDIS protocol) - c: \ windows \ system32 \ gtndis5.sys (fişierul lipseşte) S3 RT61 (Belkin RT2500 Wireless Driver) - c: \ windows \ system32 \ drivers \ rt61.sys (fişierul lipseşte) S3 Ser2pl (Sitecom port serial driver) - c: \ windows \ system32 \ drivers \ ser2pl.sys <Not Verified; Prolific Technology Inc.; Prolific USB-to-Serial Bridge Cable> S3 wceusbsh (Windows CE USB Serial-gazdă Driver) - c: \ windows \ system32 \ drivers \ wceusbsh.sys <Not Verified; Microsoft Windows CE Corporation; USB Serial-gazdă Driver> - Servicii: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 CFSvcs (ConfigFree Service) - C: \ Program Files \ Toshiba \ configfree \ cfsvcs.exe <Not Verified; TOSHIBA CORPORATION; ConfigFree(TM)> S2 ACS (Atheros Configuration Service) - c: \ windows \ system32 \ acs.exe - Device Manager: Disabled -------------------------------------------- -------- Nr persoane cu dispozitive de găsit. - Activităţi programate ---------------------------------------------- --------------- 2008-04-07 06:48:40 436 - a ------ C: \ WINDOWS \ Tasks \ RegCure Programul Check.job 2008-04-04 12:33:04 438 - a ------ C: \ WINDOWS \ Tasks \ At1.job 2008-03-15 17:25:00 284 - a ------ C: \ WINDOWS \ Tasks \ AppleSoftwareUpdate.job 2008-01-31 16:37:13 370 - a ------ C: \ WINDOWS \ Tasks \ RegCure.job - Fişierele create între 2008-03-07 si 2008-04-07 ----------------------------- 2008-03-28 21:48:16 0 d -------- C: \ Documents and Settings \ All Users \ Application Data \ SUPERAntiSpyware.com 2008-03-28 21:48:05 0 d -------- C: \ Program Files \ SUPERAntiSpyware 2008-03-28 21:48:05 0 d -------- C: \ Documents and Settings \ Iana \ Application Data \ SUPERAntiSpyware.com 2008-03-28 21:47:28 0 d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard - Raport Find3M ---------------------------------------------- ----------------- 2008-04-07 06:51:23 0 d -------- C: \ Documents and Settings \ Iana \ Application Data \ AVG7 2008-04-04 16:30:58 0 d -------- C: \ Program Files \ Hansa52Client 2008-04-04 15:41:49 0 d -------- C: \ Documents and Settings \ Iana \ Application Data \ AdobeUM 2008-03-28 21:47:28 0 d -------- C: \ Program Files \ Common Files 2008-03-25 10:03:27 0 d -------- C: \ Program Files \ Common Files \ Adobe 2008-03-25 09:31:28 0 d -------- C: \ Program Files \ Common Files \ Symantec Shared 2008-03-05 15:04:08 0 d -------- C: \ Program Files \ Canon 2008-03-05 11:57:28 0 d -------- C: \ Program Files \ Java 2008-02-25 09:26:29 0 d -------- C: \ Documents and Settings \ Iana \ Application Data \ ScanSoft 2008-02-25 09:26:26 0 d -------- C: \ Program Files \ Common Files \ ScanSoft partajate 2008-02-25 09:25:40 0 d -------- C: \ Program Files \ ScanSoft 2008-02-25 08:32:09 0 d -------- C: \ Program Files \ Google 2008-02-21 18:33:48 0 d -------- C: \ Program Files \ MumbleJumble 2008-02-21 18:10:04 0 d -------- C: \ Program Files \ Mahjong Deluxe 2008-02-21 12:06:28 0 d -------- C: \ Program Files \ RogueRemover GRATUIT 2008-02-21 12:04:40 0 d -------- C: \ Program Files \ zidurile Jericho 2008-02-21 12:04:31 0 d -------- C: \ Program Files \ HP Creative Ideea CD 2008-02-21 12:04:11 0 d -------- C: \ Program Files \ XviD 2008-02-21 12:03:54 0 d -------- C: \ Program Files \ RegCure 2008-02-21 12:02:55 0 d -------- C: \ Program Files \ Eliminarea Man 2008-02-21 12:02:55 0 d -------- C: \ Program Files \ Polarkubes 2008-02-21 12:01:40 0 d -------- C: \ Program Files \ PopCap Games 2008-02-18 19:38:17 16 - a ------ C: \ WINDOWS \ popcinfot.dat 2008-02-18 19:19:59 0 - a ------ C: \ WINDOWS \ popcreg.dat 2008-02-11 17:53:24 0 d -------- C: \ Program Files \ IDIGICON Limited 2008-01-21 18:36:58 1024 - a ------ C: \ WINDOWS \ jericho_game_ra.dat - Registrul Dump ---------------------------------------------- ----------------- * Nota * gol intrări & legit default intrări nu sunt afişate [HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (51610169-C280-4F36-84AB-82D92ED1F68B)] [HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (EA389261-1100-451F-8582-815CAB488AE6)] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "SynTPEnh" = "C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe" [17/12/2005 00:32] "Toshiba Hotkey Utility" = "C: \ Program Files \ Toshiba \ Windows Utilities \ Hotkey.exe" [28/01/2006 05:13] "TPSMain" = "TPSMain.exe" [08/02/2006 16:02 C: \ Windows \ system32 \ TPSMain.exe] "NDSTray.exe" = "NDSTray.exe" [] "SmoothView" = "C: \ Program Files \ TOSHIBA \ TOSHIBA panoramarea Utility \ SmoothView.exe" [12/05/2005 11:31] "PadTouch" = "C: \ Program Files \ TOSHIBA \ Touch şi Lansarea \ PadExe.exe" [21/12/2005 14:52] "Dla" = "C: \ Windows \ system32 \ dla \ DLACTRLW.EXE" [06/10/2005 06:20] "CFSServ.exe" = "CFSServ.exe" [] "REGSHAVE" = "C: \ Program Files \ REGSHAVE \ REGSHAVE.exe" [04/02/2002 23:32] "ACU" = "C: \ Program Files \ Atheros \ ACU.exe" [11/07/2005 16:04] "TkBellExe" = "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe" [04/03/2007 17:39] "QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [01/09/2006 16:57] "! AVG Anti-Spyware" = "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe" [11/06/2007 10:25] "AVG7_CC" = "C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe" [02/01/2008 12:20] "SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe" [22/02/2008 05:25] "OpwareSE2" = "C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ OpwareSE2.exe" [08/05/2003 12:00] "OPSE memento" = "C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ EregEng \ Ereg.exe" [07/07/2003 10:29] "RegistryMechanic" = "" [] [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run] "TOSCDSPD" = "C: \ Program Files \ TOSHIBA \ TOSCDSPD \ toscdspd.exe" [11/04/2005 12:26] "Ctfmon.exe" = "C: \ Windows \ system32 \ Ctfmon.exe" [04/08/2004 14:00] "PnPUI Registrator" = "C: \ Program Files \ Common Files \ Sitecom Shared \ PnP Universal Installer \ PnPUIReg.exe" [22/11/2004 21:04] "MSMSGS" = "C: \ Program Files \ Messenger \ msmsgs.exe" [13/10/2004 17:24] "SUPERAntiSpyware" = "C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe" [27/02/2007 12:39] C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \ Exif Launcher.lnk - C: \ Program Files \ FinePixViewer \ QuickDCF.exe [09/01/2002 22:53:14] Microsoft Office.lnk - C: \ Program Files \ Microsoft Office \ Office \ OSA9.EXE [21/01/2000 09:15:54] [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ curre ntversion \ policies \ system] "DisableRegistryTools" = 0 (0x0) [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ windows \ curr entversion \ Policies \ Explorer] "NoWelcomeScreen" = 1 (0x1) [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ShellExecuteHooks] "(5AE067D3-9AFB-48E0-853A-EBB7F4A000DA)" = C: \ Program Files \ SUPERAntiSpyware \ SASSEH.DLL [20/12/2006 13:55 77824] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ notifice \! SASWinLogon] C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll 27/02/2007 12:39 282624 C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ notifice \ detcdzqc] athcfg11c.dll [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ Lsa] "Pachetele de autentificare" = msv1_0 nwprovau HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Svchost - NetSvcs buznlwxw [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (a2fd87dd-a192-11dc-b600-0016e375ed46)] AutoRun \ command-E: \ LaunchU3.exe - Sfarsitul lui Decker sistem de scanare: terminat la 2008-04-07 08:53:08 ------------ Sper ca toate astea are sens pentru tine Cu respect Iana |
