Vista elindítása és leállítása Nagyon lassan nem tudja biztosan, mi a teendő

**HistoryGirl** · #1 Március 29 2009, 08:59

Először is feltételezve, hogy én vagyok ez a megfelelő hely, hogy ezt.

Bementem a Vezérlőpult és a teljesítmény, és találtam egy pár teljesítmény mondván:

Indítópult program okozza, hogy a Windows Start lassan
Programok okoznak az ablakok le lassan

A részletek a következők:

Lassan kezdete:

http://i7.photobucket.com/albums/y27...tartslowly.jpg

Leállítása:

http://i7.photobucket.com/albums/y27...downslowly.jpg

Azt is futott hijackthis és kaptam ezt az üzenetet:

http://i7.photobucket.com/albums/y27...rormessage.jpg

Ez valószínűleg egy nagyon hülye kérdés, de hogyan tudom orvosolja ezeket? Ha a fiúk is pont nekem a megfelelő irányba, hogy az lenne jó.

**evilfantasy** · #2 Március 29 2009, 11:19

A Vista akkor jobb klikk a HJT ikonra és válassza a "Futtatás rendszergazdaként".

Már elvégzett bármely karbantartási mostanában? Lemezkarbantartó, töredezettségmentesítse?

**HistoryGirl** · #3 Március 30 2009, 10:11

Persze van, amit futtatni Lemezkarbantartó és töredezettségmentesítse közelmúltban lenne ez mit okoz a problémákat?

Új HijackThis Bejelentkezés:

Idézet:

Naplózás A Trend Micro HijackThis v2.0.2
Beolvasás mentett 18:25:00, a 30/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Futó folyamatok:
C: \ Windows \ System32 \ taskeng.exe
C: \ Windows \ Explorer.EXE
C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ AsGHost.exe
C: \ Windows \ System32 \ taskeng.exe
C: \ Program Files \ ASUS \ ASUS Live Update \ ALU.exe
C: \ Windows \ ASScrPro.exe
C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe
C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe
C: \ Program Files \ RocketDock \ RocketDock.exe
C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe
C: \ Program Files \ Infineon \ Security Platform Software \ PSDrt.exe
C: \ Program Files \ Infineon \ Security Platform Software \ SpTna.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.asus.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ int ernet Beállítások, ProxyOverride = *. helyi
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no file)
O1 - Hosts::: 1 localhost
O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: RealPlayer letöltése és Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: (no name) - (5C255C8A-E604-49b4-9D64-90988571CECB) - (no file)
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL
O2 - BHO: (no name) - (AA58ED58-01DD-4d91-8333-CF10577473F7) - (no file)
O2 - BHO: ASUS Security Protect Manager - (DF21F1DB-80C6-11D3-9483-B03D0EC10000) - C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ ItIEAddIn.dll
O3 - Toolbar: (no name) - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - (no file)
O3 - Toolbar: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL
O4 - HKLM \ .. \ Run: [ASUS Képernyővédő Protector] C: \ Windows \ ASScrPro.exe
O4 - HKLM \ .. \ Run: [IFXSPMGT] C: \ Windows \ System32 \ ifxspmgt.exe / NotifyLogon
O4 - HKLM \ .. \ Run: [ZoneAlarm Client] "C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe"
O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe
O4 - HKCU \ .. \ Run: [RocketDock] "C: \ Program Files \ RocketDock \ RocketDock.exe"
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" / háttér
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] Rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'HÁLÓZATI SZOLGÁLTATÁS')
O8 - Extra context menu item: E & xportálás Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ mikrók ~ 2 \ Office10 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ PROGRA ~ 1 \ Java \ JRE16 ~ 4.0_0 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ PROGRA ~ 1 \ Java \ JRE16 ~ 4.0_0 \ bin \ ssv.dll
O9 - Extra gomb: Ez a blog - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: & Ez a blog a Windows Live Writer - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
O18 - Protocol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG \ AVG8 \ avgpp.dll
O20 - AppInit_DLLs: APSHook.dll, avgrsstx.dll
O22 - SharedTaskScheduler: Windows DreamScene - (E31004D1-A431-41B8-826F-E902F9D95C81) - C: \ Windows \ System32 \ DreamScene.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: ASLDR Szolgálat (ASLDRService) - Ismeretlen tulajdonos - C: \ Program Files \ ATK Hotkey \ ASLDRSrv.exe
O23 - Service: ATKGFNEX Szolgálat (ATKGFNEXSrv) - Ismeretlen tulajdonos - C: \ Program Files \ ATKGFNEX \ GFNEXSrv.exe
O23 - Service: Automatikus LiveUpdate ütemező - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
O23 - Service: AVG Free8 Watchdog (avg8wd) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect szolgáltatás (CLTNetCnService) - Ismeretlen tulajdonos - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst.exe (fájl hiányzik)
O23 - Service: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Kiadó \ FNPLicensingService.exe
O23 - Service: HDDlife HDD hozzáférési szolgáltatás - BinarySense, Inc. - C: \ Program Files \ BinarySense \ HDDlife 3 \ hldasvc.exe
O23 - Service: Intel (R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaantmon.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C: \ Windows \ System32 \ ifxspmgt.exe
O23 - Service: Trusted Platform Core Szolgálat (IFXTCS) - Infineon Technologies AG - C: \ Windows \ System32 \ ifxtcs.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Feliratozó Szolgálat (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: NMIndexingService - Ismeretlen tulajdonos - C: \ Program Files \ Common Files \ Ahead \ Lib \ NMIndexingService.exe (fájl hiányzik)
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C: \ Windows \ System32 \ IfxPsdSv.exe
O23 - Service: ProtexisLicensing - Ismeretlen tulajdonos - C: \ Windows \ System32 \ PSIService.exe
O23 - Service: Intel (R) PROSet / Wireless Registry Service (RegSrvc) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C: \ Program Files \ Spybot - Search & Destroy \ SDWinSec.exe
O23 - Service: spmgr - Ismeretlen tulajdonos - C: \ Program Files \ ASUS \ NB Probe \ SPM \ spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Szolgálat (StkSSrv) - Syntek America, Inc. - C: \ Windows \ System32 \ StkCSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Kft. - C: \ Windows \ System32 \ ZoneLabs \ vsmon.exe

--

**evilfantasy** · #4 Március 30 2009, 10:30

Open HijackThis, és válasszuk Nem a rendszer csak scan.

Tegyünk egy pipa mellett a következő bejegyzést: (ha van)

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar LinksFolderName =
O2 - BHO: (no name) - (5C255C8A-E604-49b4-9D64-90988571CECB) - (no file)
O3 - Toolbar: (no name) - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - (no file)

Fontos: Zárja be az összes Windows kivéve HijackThis majd kattintson Fix ellenőrizni.

Kilépés HijackThis.

----------

Letöltés ComboFix © subs az egyik a lenti linkeket. Győződjön meg róla, top menteni a Desktop.

Link # 1
Link # 2

** Megjegyzés: Fontos, hogy a telefon közvetlenül az asztalra

Zárjon be minden megnyitott webböngészők. (Firefox, Internet Explorer, stb) ComboFix megkezdése előtt.

Ideiglenesen kikapcsol öné antivirus, És minden AntiSpyware valós idejű védelem előtt elvégzi a vizsgálatot. Kattints ez a kapcsolat listájának megtekintéséhez biztonsági programokat kell, hogy a fogyatékkal élők és az, hogyan lehet letiltani őket.

Kattintson duplán combofix.exe és kövesse az instrukciókat.
Ha kész ComboFix fog log Önnek.
A Post ComboFix napló a következő választ.

Fontos: Ne mouseclick ComboFix az ablakon, miközben az fut. Ez okozhatja, hogy az istálló.

Ne felejtsük el újra, hogy a víruskereső és AntiSpyware során ComboFix kész.

Ha gondok vannak ComboFix használat, lásd Hogyan használjuk ComboFix

**HistoryGirl** · #5 30. március 2009, 11:37

Először is köszönöm a segítséget és tanácsot. Csináltam, amit mondott HJT, és rendben volt. Azonban csináltam a link azt mondja, a fogyatékosságot az AVG rezidens pajzs, de ennek ellenére, ha megpróbálom és fuss combofix, akkor még mindig azt mondja, AVG Anti-Virus fut úgy, nem vagyok egészen biztos, hogy miért.

Szeretné, ha arra utalnak, talán én restarting rendszer?

**evilfantasy** · #6 Március 30 2009, 13:39

AVG és Combofix volna, hogy a kérdésben. Csak futtatni ComboFix anyway. Ha az AVG próbálja gátolni azt majd csak, hogy ne fuss.

**HistoryGirl** · #7 Március 30 2009, 14:21

Jobb OK minden kész. Napló kért.

Idézet:

ComboFix 09-03-29.04 - Chloe 2009-03-30 21:54:30.1 - NTFSx86
Microsoft ® Windows Vista ™ Ultimate 6.0.6001.1.1252.1.1033.18.2046.967 [GMT 1:00]
Running From: C: \ Users \ Chloe \ Desktop \ ComboFix.exe
AV: AVG Anti-Virus Free * On-hozzáférés szkennelés engedélyezve * (Frissítve)
FW: ZoneAlarm tűzfal engedélyezve * *
* Létrehozott egy új visszaállítási pontot
.

Egyéb ((((((((((((((((((((((((((((((((((((((( Törlések ))))))))) ))))))))))))))))))))))))))))))))))))))))
.

c: \ Windows \ System32 \ acovcnt.exe

.
((((((((((((((((((((((((( Files létrehozott 2009/02/28 a 2009/03/30 ))))))))))) ))))))))))))))))))))
.

2009-03-29 16:23. 2008-06-20 02:14 781.344 - a ------ C: \ Windows \ System32 \ PresentationNative_v0300.dll
2009-03-29 16:23. 2008-06-20 02:14 622.080 - a ------ C: \ Windows \ System32 \ icardagt.exe
2009-03-29 16:23. 2008-06-20 02:14 326.160 - a ------ C: \ Windows \ System32 \ PresentationHost.exe
2009-03-29 16:23. 2008-06-20 02:14 105.016 - a ------ C: \ Windows \ System32 \ PresentationCFFRasterizerNativ e_v0300.dll
2009-03-29 16:23. 2008-06-20 02:14 97.800 - a ------ C: \ Windows \ System32 \ infocardapi.dll
2009-03-29 16:23. 2008-06-20 02:14 43.544 - a ------ C: \ Windows \ System32 \ PresentationHostProxy.dll
2009-03-29 16:23. 2008-06-20 02:14 37.384 - a ------ C: \ Windows \ System32 \ infocardcpl.cpl
2009-03-29 16:23. 2008-06-20 02:14 11.264 - a ------ C: \ Windows \ System32 \ icardres.dll
2009-03-29 16:15. 2008-07-27 19:03 282.112 - a ------ C: \ Windows \ System32 \ mscoree.dll
2009-03-29 16:15. 2008-07-27 19:03 96.760 - a ------ C: \ Windows \ System32 \ dfshim.dll
2009-03-29 16:15. 2008-07-27 19:03 41.984 - a ------ C: \ Windows \ System32 \ netfxperf.dll
2009-03-29 16:14. 2008-07-27 19:03 158.720 - a ------ C: \ Windows \ System32 \ mscorier.dll
2009-03-29 16:14. 2008-07-27 19:03 83.968 - a ------ C: \ Windows \ System32 \ mscories.dll
2009-03-29 13:52. 2009-03-29 13:53 <DIR> d -------- C: \ Program Files \ Defraggler
2009-03-29 13:26. 2008-02-23 05:38 170.496 - a ------ C: \ Windows \ System32 \ tcpipcfg.dll
2009-03-29 13:26. 2008-02-23 03:41 22.528 - a ------ C: \ Windows \ System32 \ netiougc.exe
2009-03-29 13:25. 2009-02-16 00:10 1.221.512 - a ------ C: \ Windows \ System32 \ zpeng25.dll
2009-03-17 21:57. 2009-03-17 21:57 <DIR> d -------- C: \ Program Files \ Microsoft
2009-03-17 21:56. 2009-03-17 21:56 <DIR> d -------- C: \ Windows \ PCHEALTH
2009-03-16 22:43. 2009-03-28 22:36 <DIR> d - h ----- C: \ $ $ AVG8.VAULT
2009-03-16 20:59. 2009-03-16 20:59 25 - a ------ C: \ Windows \ cdplayer.ini
2009-03-14 00:34. 2008-12-05 05:32 428.544 - a ------ C: \ Windows \ System32 \ EncDec.dll
2009-03-14 00:34. 2008-12-05 05:32 293.376 - a ------ C: \ Windows \ System32 \ psisdecd.dll
2009-03-14 00:34. 2008-12-05 05:31 217.088 - a ------ C: \ Windows \ System32 \ psisrndr.ax
2009-03-14 00:34. 2008-12-05 05:31 177.664 - a ------ C: \ Windows \ System32 \ mpg2splt.ax
2009-03-14 00:34. 2008-12-05 05:31 80.896 - a ------ C: \ Windows \ System32 \ MSNP.ax
2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ Programdata \ (00D89592-F643-4D8D-8F0F-AFAE0F14D4C3)
2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ Program Files \ iTunes
2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ Program Files \ iPod
2009-03-14 00:29. 2008-04-17 13:12 107.368 - a ------ C: \ Windows \ System32 \ GEARAspi.dll
2009-03-14 00:29. 2009-01-15 13:19 23.848 - a ------ C: \ Windows \ System32 \ Drivers \ GEARAspiWDM.sys
2009-03-14 00:26. 2009-03-14 00:27 <DIR> d -------- C: \ Program Files \ QuickTime
2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ Programdata \ Kontiki
2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ Program Files \ Kontiki
2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ Program Files \ Channel4
2009-03-12 23:38. 2009-03-12 23:38 <DIR> d -------- C: \ Programdata \ Channel4
2009-03-11 22:33. 2009-03-30 21:10 <DIR> d -------- C: \ Users \ Chloe \ Tracing
2009-03-11 22:22. 2009-03-11 22:22 <DIR> d -------- C: \ Program Files \ Windows Live SkyDrive
2009-03-11 22:22. 2009-03-17 21:57 <DIR> d -------- C: \ Program Files \ Windows Live
2009-03-11 21:57. 2009-03-11 21:57 <DIR> d -------- C: \ Program Files \ Common Files \ Windows Live
2009-03-11 13:13. 2009-03-11 21:47 <DIR> d -------- C: \ Program Files \ Amazon
2009-03-11 13:13. 2009-03-11 13:13 107.272 - a ------ C: \ Windows \ System32 \ Drivers \ avgtdix.sys
2009-03-11 02:09. 2009-01-15 04:36 1.383.424 - a ------ C: \ Windows \ System32 \ mshtml.tlb
2009-03-11 02:09. 2009-01-15 07:11 827.392 - a ------ C: \ Windows \ System32 \ Wininet.dll
2009-03-11 02:05. 2008-12-16 04:29 8.147.456 - a ------ C: \ Windows \ System32 \ wmploc.DLL
2009-03-11 02:05. 2008-12-16 06:31 7.680 - a ------ C: \ Windows \ System32 \ spwmp.dll
2009-03-11 02:05. 2008-12-16 06:31 4.096 - a ------ C: \ Windows \ System32 \ msdxm.ocx
2009-03-11 02:05. 2008-12-16 06:31 4.096 - a ------ C: \ Windows \ System32 \ dxmasf.dll
2009-03-11 02:03. 2008-12-16 03:42 288.768 - a ------ C: \ Windows \ System32 \ Drivers \ srv.sys
2009-03-11 02:03. 2008-11-27 05:43 268.288 - a ------ C: \ Windows \ System32 \ Schannel.dll
2009-03-11 02:02. 2009-02-09 04:10 2.033.152 - a ------ C: \ Windows \ System32 \ Win32k.sys
2009-02-06 19:52. 2009-02-06 19:52 49.504 - a ------ C: \ Windows \ System32 \ sirenacm.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Jelentés )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-30 21:07 350.195 --- ha-w C: \ Windows \ System32 \ Drivers \ vsconfig.xml
2009-03-30 21:07 --------- d --- aw C: \ Programdata \ TEMP
2009-03-29 14:42 --------- d ----- wc: \ Programdata \ Spybot - Search & Destroy
2009-03-29 14:42 --------- d ----- wc: \ Program Files \ Spybot - Search & Destroy
2009-03-29 14:42 --------- d ----- wc: \ Program Files \ CCleaner
2009-03-19 16:48 --------- d ----- wc: \ Users \ Chloe \ AppData \ Roaming \ uTorrent
2009-03-16 19:58 --------- d ----- wc: \ Program Files \ Common Files \ Real
2009-03-13 23:29 --------- d ----- wc: \ Programdata \ Apple Computer
2009-03-13 23:29 --------- d ----- wc: \ Program Files \ Common Files \ Apple
2009-03-13 23:27 --------- d ----- wc: \ Program Files \ Bonjour
2009-03-12 22:24 --------- d ----- wc: \ Program Files \ Google
2009-03-11 23:07 --------- d ----- wc: \ Program Files \ Microsoft Silverlight
2009-03-11 23:05 --------- d ----- wc: \ Program Files \ Windows Mail
2009-03-11 12:13 325.128 ---- aw C: \ Windows \ System32 \ Drivers \ avgldx86.sys
2009-03-11 11:52 --------- d ----- wc: \ Programdata \ avg8
2009-02-15 23:11 293.528 ---- aw C: \ Windows \ System32 \ Drivers \ vsdatant.sys
2009-01-14 20:20 55.232 ---- aw C: \ Users \ Chloe \ AppData \ Roaming \ GDIPFONTCACHEV1.DAT
2008-12-31 21:51 13.025 ---- aw C: \ Users \ Chloe \ AppData \ Roaming \ nvModes.dat
2008-12-31 14:32 174 - sha-w C: \ Program Files \ Desktop.ini
2008-11-19 15:31 81.920 ---- aw C: \ Users \ Chloe \ AppData \ Roaming \ ezpinst.exe
2008-11-19 15:31 47.360 ---- aw C: \ Users \ Chloe \ AppData \ Roaming \ pcouffin.sys
2007-05-31 18:23 77.160 ---- aw C: \ Users \ Chloe \ DSETUP.dll
2007-05-31 18:23 503.144 ---- aw C: \ Users \ Chloe \ DXSETUP.exe
2007-05-31 18:23 1.673.576 ---- aw C: \ Users \ Chloe \ dsetup32.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Megjegyzés * empty entries & legit default bejegyzések nem jelennek meg
REGEDIT4

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"RocketDock" = "C: \ Program Files \ RocketDock \ RocketDock.exe" [2007-09-02 495616]
"msnmsgr" = "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" [2009-02-06 3885408]
"WMPNSCFG" = "C: \ Program Files \ Windows Media Player \ WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"ASUS Képernyővédő Protector" = "c: \ windows \ ASScrPro.exe" [2007-05-15 33136]
"IFXSPMGT" = "C: \ Windows \ System32 \ ifxspmgt.exe" [2007-02-26 677408]
"ZoneAlarm Client" = "C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe" [2009-02-16 981384]
"SynTPEnh" = "C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe" [2007-03-01 857648]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entversion \ Policies \ System]
"EnableUIADesktopToggle" = 0 (0x0)

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Windows]
"AppInit_DLLs" = APSHook.dll avgrsstx.dll

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ drivers32]
"msacm.ac3filter" = ac3filter.acm

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ lsa]
Notification Packages REG_MULTI_SZ scecli ASWLNPkg

[HKLM \ ~ \ startupfolder \ C: ^ ^ Programdata Microsoft Wind ows ^ ^ Start Menu ^ Programs ^ ^ Indítópult WinZip Quick Pick.lnk]
path = c: \ Programdata \ Microsoft \ Windows \ Start Menu \ Programs \ Startup \ WinZip Quick Pick.lnk
backup = C: \ Windows \ PSS \ WinZip Quick Pick.lnk.CommonStartup
backupExtension =. CommonStartup

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ 4oD]
- a ------ 2007-04-23 12:23 1032640 C: \ Program Files \ Kontiki \ KHost.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Adobe Reader Speed Launcher]
- a ------ 2008-06-12 02:38 34672 D: \ Program Files \ Reader \ reader_sl.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ ASUS Camera ScreenSaver]
- a ------ 2007-05-15 05:12 37232 C: \ Windows \ ASScrProlog.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ ATKMEDIA]
- a ------ 2006-11-02 16:27 61440 C: \ Program Files \ ASUS \ ATK Media \ DMedia.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ AVG8_TRAY]
- a ------ 2009-03-11 13:13 1601304 C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ CognizanceTS]
-ra ------ 2003-12-21 22:11 17920 C: \ PROGRA ~ 1 \ ASUSSE ~ 1 \ ASUSSE ~ 1 \ Bin \ ASTSVCC.dll

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ ehTray.exe]
- a ------ 2008-01-19 08:33 125952 C: \ Windows \ ehome \ ehtray.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Google Update]
- a ---- t-2009-03-17 22:06 133104 C: \ Users \ Chloe \ AppData \ Local \ Google \ Update \ GoogleU pdate.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ iTunesHelper]
- a ------ 2009-03-11 14:52 342312 C: \ Program Files \ iTunes \ iTunesHelper.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ msnmsgr]
- a ------ 2009-02-06 19:51 3885408 C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvCplDaemon]
- a ------ 2007-04-04 12:40 8429568 C: \ Windows \ System32 \ nvcpl.dll

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvMediaCenter]
- a ------ 2007-04-04 12:40 81920 C: \ Windows \ System32 \ nvmctray.dll

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvSvc]
- a ------ 2007-04-04 12:40 86016 C: \ Windows \ System32 \ nvsvc.dll

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ QuickTime Task]
- a ------ 2009-01-05 17:18 413696 C: \ Program Files \ QuickTime \ QTTask.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ RocketDock]
- a ------ 2007-09-02 13:58 495616 C: \ Program Files \ RocketDock \ RocketDock.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ SpybotSD TeaTimer]
-rahs ---- 2009-03-05 16:07 2260480 C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ SunJavaUpdateSched]
- a ------ 2008-06-10 04:27 144784 C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ TkBellExe]
- a ------ 2009-03-16 20:58 198160 C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Windows Defender]
- a ------ 2008-01-19 08:38 1008184 C: \ Program Files \ Windows Defender \ MSASCui.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ WMPNSCFG]
- a ------ 2008-01-19 08:33 202240 C: \ Program Files \ Windows Media Player \ wmpnscfg.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ (0228e555-4f9c-4e35-a3ec-b109a192b4c2)]
- a ------ 2005-07-15 22:48 479232 C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ RtHDVCpl]
- a ------ 2007-02-15 10:07 4390912 C: \ Windows \ RtHDVCpl.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center \ Monitoring]
"DisableMonitoring" = dword: 00000001

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center \ Monitoring \ SymantecAntiVirus]
"DisableMonitoring" = dword: 00000001

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center \ Monitoring \ SymantecFirewall]
"DisableMonitoring" = dword: 00000001

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center \ Monitoring \ ZoneLabsFirewall]
"DisableMonitoring" = dword: 00000001

[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ DomainProfile]
"EnableFirewall" = 0 (0x0)

[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ FirewallRules]
"(71E74FA5-D1FA-4A82-9121-AE2CACB2ED04)" = = Profil Privát | C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(2FE2345B-5C77-485E-9855-FC6024DE75EC)" = = Profil Privát | C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(CC9CFD37-6799-47CF-9AEE-1063F21C5548)" = = Profil Privát | C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(3D44E6E8-68F3-42F0-B97E-1081F1354874)" = UDP: C: \ Program Files \ LimeWire \ LimeWire.exe: LimeWire 4.12.15
"(B2393435-26B3-4482-A391-C964F3370D66)" = TCP: C: \ Program Files \ LimeWire \ LimeWire.exe: LimeWire 4.12.15
"(1B1039C9-3AEF-4B2E-85CA-DA79FB7CDBD3)" = Kikapcsolva: C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(F9EC3544-5A35-4D84-A067-E7167563791A)" = Kikapcsolva: C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(A9CE85F3-F9BA-4875-B169-9DEF59911C8A)" = Kikapcsolva: C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"TCP Query User (0FAAFA32-F5A3-4C35-9AFD-A648E4B3016E) c: \ \ Program Files \ \ uTorrent \ \ utorrent.exe" = UDP: C: \ Program Files \ uTorrent \ utorrent.exe: uTorrent
"UDP Query User (CDC85196-C503-4F00-82DC-B95F8D021895) c: \ \ Program Files \ \ uTorrent \ \ utorrent.exe" = TCP: C: \ Program Files \ uTorrent \ utorrent.exe: uTorrent
"TCP Query User (5D761702-BEB7-4B94-B693-1A7EF8E441ED) c: \ \ Program Files \ \ könnyen webTV & rádió \ \ easywebtv.exe" = UDP: C: \ Program Files \ könnyen webTV & rádió \ easywebtv.exe : webtv \ Radio \ Media
"UDP Query User (A7E2F9B1-976E-49B1-960A-8FE671DECB26) c: \ \ Program Files \ \ könnyen webTV & rádió \ \ easywebtv.exe" = TCP: C: \ Program Files \ könnyen webTV & rádió \ easywebtv.exe : webtv \ Radio \ Media
"(978D57EE-8CEF-4E88-B3CC-472590D8A602)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(038AD6DB-57BA-4294-B6BE-DC5AC329D87A)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"TCP Query User (20F3997A-2406-42BC-9A96-17DBA8717938) c: \ \ Program Files \ \ soulseek \ \ slsk.exe" = UDP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek
"UDP Query User (EBEDABDC-8DFA-4EA4-83A0-5D79C8A2BE45) c: \ \ Program Files \ \ soulseek \ \ slsk.exe" = TCP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek
"TCP Query User (A2D20908-089C-441B-B9C8-C8811AFCAB9E) c: \ \ Program Files \ \ LimeWire \ \ limewire.exe" = UDP: C: \ Program Files \ LimeWire \ limewire.exe: LimeWire
"UDP Query User (0B6B64F6-D6E9-4D1D-B83A-E6E85E360C05) c: \ \ Program Files \ \ LimeWire \ \ limewire.exe" = TCP: C: \ Program Files \ LimeWire \ limewire.exe: LimeWire
"(2E890455-237D-4ABA-BE37-B5E6E1862834)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(DDAAC8F6-7557-495A-82B3-EBFF9330A2CC)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(5131D757-BC24-44C9-8EA5-E268DFC6DCAC)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"TCP Query User (4C52E1A6-D998-41D5-8E99-27F21E3CA7CB) c: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = UDP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox
"UDP Query User (80235B6B-2462-4AC3-8A59-7534841DE76B) c: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = TCP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox
"TCP Query User (049DD1E6-8191-4983-A59D-240E79B46042) c: \ \ Program Files \ \ uTorrent \ \ utorrent.exe" = UDP: C: \ Program Files \ uTorrent \ utorrent.exe: uTorrent
"UDP Query User (9A00A32D-A675-4425-8F5E-1528AAB521FB) c: \ \ Program Files \ \ uTorrent \ \ utorrent.exe" = TCP: C: \ Program Files \ uTorrent \ utorrent.exe: uTorrent
"TCP Query User (348698D9-5A1D-4E1C-AC00-DBDC43BE0ACF) c: \ \ Program Files \ \ soulseek \ \ slsk.exe" = UDP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek
"UDP Query User (60AFF659-3A7C-488C-9CCA-0A8589DD32FA) c: \ \ Program Files \ \ soulseek \ \ slsk.exe" = TCP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek
"TCP Query User (3EF98A58-7B3C-42B1-8A5A-CF7DEF59C2A7) c: \ \ Program Files \ \ sopcast \ \ sopcast.exe" = UDP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Main Application
"UDP Query User (D8A0735D-6D19-4482-A90A-35A9D023DEBE) c: \ \ Program Files \ \ sopcast \ \ sopcast.exe" = TCP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Main Application
"TCP Query User (7B392C25-D64F-4897-B5CC-5C9B83106BB0) c: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = UDP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox
"UDP Query User (9990806D-9198-4760-93E7-C65D44E1FE8A) c: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = TCP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox
"TCP Query User (9998DAB7-D775-4620-A491-D752230551A3) c: \ \ Program Files \ \ Internet Explorer \ \ iexplore.exe" = UDP: C: \ Program Files \ Internet Explorer \ iexplore.exe: Internet Explorer
"UDP Query User (B9293167-A4DC-43ED-893B-B5B1B89F9988) c: \ \ Program Files \ \ Internet Explorer \ \ iexplore.exe" = TCP: C: \ Program Files \ Internet Explorer \ iexplore.exe: Internet Explorer
"TCP Query User (B04F6C2B-953A-469D-AFD8-4F3AE27A4941) c: \ \ Users \ \ Chloe \ \ AppData \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = UDP: c: \ users \ Chloe \ AppData \ roaming \ sopcast \ adv \ mártogat adver.exe: sopadver.exe
"UDP Query User (914B6A2A-9A2A-43A8-B4EA-BB1EEDC476B5) c: \ \ Users \ \ Chloe \ \ AppData \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = TCP: c: \ users \ Chloe \ AppData \ roaming \ sopcast \ adv \ mártogat adver.exe: sopadver.exe
"TCP Query User (69F8C35B-6614-4033-B40E-59012B10975A) c: \ \ Program Files \ \ bearflix \ \ bearflix.exe" = UDP: C: \ Program Files \ bearflix \ bearflix.exe: BearFlix
"UDP Query User (89ABF64F-F79E-456D-9136-82A8675A3E17) c: \ \ Program Files \ \ bearflix \ \ bearflix.exe" = TCP: C: \ Program Files \ bearflix \ bearflix.exe: BearFlix
"(8D76BC83-ABC9-406B-8945-366EA3B7074B)" = UDP: C: \ Program Files \ SmartFTP Client \ SmartFTP.exe: SmartFTP Client
"(9FC79C86-3E66-4A61-AA2A-FAB0C61E0453)" = TCP: C: \ Program Files \ SmartFTP Client \ SmartFTP.exe: SmartFTP Client
"TCP Query User (9FF9F89E-5323-45dB-89F0-BA37B84180EE) c: \ \ Program Files \ \ tvants \ \ tvants.exe" = UDP: C: \ Program Files \ tvants \ tvants.exe: TVAnts
"UDP Query User (C10505B7-BDD4-49BB-93E6-E73B8E6C4E33) c: \ \ Program Files \ \ tvants \ \ tvants.exe" = TCP: C: \ Program Files \ tvants \ tvants.exe: TVAnts
"TCP Query User (A9E241F3-D69C-4E67-938B-33C91AB576A1) c: \ \ Program Files \ \ tvuplayer \ \ tvuplayer.exe" = UDP: C: \ Program Files \ tvuplayer \ tvuplayer.exe: TVU Player komponens
"UDP Query User (D3542B64-2CF9-4C20-B6CB-1D9096FF27EB) c: \ \ Program Files \ \ tvuplayer \ \ tvuplayer.exe" = TCP: C: \ Program Files \ tvuplayer \ tvuplayer.exe: TVU Player komponens
"(F8B68D6E-3A24-4B31-8261-FB3CA92B5740)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"TCP Query User (4E95BA55-EDF5-491D-9059-F11FF353A128) c: \ \ Users \ \ Chloe \ \ AppData \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = UDP: c: \ users \ Chloe \ AppData \ roaming \ sopcast \ adv \ mártogat adver.exe: sopadver.exe
"UDP Query User (55C79E39-F1AC-45C7-8F99-995A835F089A) c: \ \ Users \ \ Chloe \ \ AppData \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = TCP: c: \ users \ Chloe \ AppData \ roaming \ sopcast \ adv \ mártogat adver.exe: sopadver.exe
"TCP Query User (A3EF2380-6740-4FD5-913E-D67F54A54B11) c: \ \ Program Files \ \ sopcast \ \ sopcast.exe" = UDP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Main Application
"UDP Query User (E9C164FD-CB41-4D08-9DBA-BDDB929D1C86) c: \ \ Program Files \ \ sopcast \ \ sopcast.exe" = TCP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Main Application
"TCP Query User (C1148110-2D5B-4810-8651-98FBFD3A6751) c: \ \ Program Files \ \ Internet Explorer \ \ iexplore.exe" = UDP: C: \ Program Files \ Internet Explorer \ iexplore.exe: Internet Explorer
"UDP Query User (F15683E5-A578-47EE-BEB1-4541978254F4) c: \ \ Program Files \ \ Internet Explorer \ \ iexplore.exe" = TCP: C: \ Program Files \ Internet Explorer \ iexplore.exe: Internet Explorer
"TCP Query User (CCA39E89-B85B-41BA-9A33-CA6DB37579E4) d: \ \ Program Files \ \ clue.exe" = UDP: D: \ Program Files \ clue.exe: Clue
"UDP Query User (39F3C83F-DCF0-43B4-B149-19F3630B3078) d: \ \ Program Files \ \ clue.exe" = TCP: D: \ Program Files \ clue.exe: Clue
"(01834D55-82B5-480D-BEFF-52EDB82BB8B5)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(90ECB35B-6897-4166-A35A-04BC39978BA9)" = C: \ Program Files \ AVG \ AVG8 \ avgemc.exe: avgemc.exe
"(504F647E-1476-4948-AA42-DC1DF85CA9A8)" = C: \ Program Files \ AVG \ AVG8 \ avgupd.exe: avgupd.exe
"(CC411EBB-9ACA-4217-9994-ABB961E83B3C)" = UDP: C: \ Program Files \ uTorrent \ uTorrent.exe: μTorrent (TCP-in)
"(031AA3B5-F93B-4E4B-9ED7-66C6B9FFF3E8)" = TCP: C: \ Program Files \ uTorrent \ uTorrent.exe: μTorrent (UDP-in)
"(1D54F818-ABAC-418F-8F39-17EA7664FABE)" = UDP: C: \ Program Files \ Bonjour \ mDNSResponder.exe: Bonjour
"(3C9FFAF4-40EA-450F-A906-D34D3E2EFA72)" = TCP: C: \ Program Files \ Bonjour \ mDNSResponder.exe: Bonjour
"(6AC9F5D1-C3AC-4878-8740-8A3E10F857E2)" = UDP: C: \ Program Files \ iTunes \ iTunes.exe: iTunes
"(77045B5E-EC2E-4749-AC23-32130CD39567)" = TCP: C: \ Program Files \ iTunes \ iTunes.exe: iTunes
"(00BE12C0-42CB-4B64-AA07-80A45C05B97C)" = Kikapcsolva: UDP: C: \ Program Files \ Sports Interactive \ Football Manager 2008 \ fm.exe: Football Manager 2008
"(0A529C81-B8E4-4809-A54B-B5141A997A78)" = Kikapcsolva: TCP: C: \ Program Files \ Sports Interactive \ Football Manager 2008 \ fm.exe: Football Manager 2008

[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ PublicProfile]
"EnableFirewall" = 0 (0x0)

[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ StandardProfile]
"EnableFirewall" = 0 (0x0)

R1 AvgLdx86; AVG Free AVI Loader Driver x86, C: \ Windows \ System32 \ Drivers \ avgldx86.sys [2008-12-24 325128]
R1 AvgTdiX; AVG8 Hálózati Redirector, C: \ Windows \ System32 \ Drivers \ avgtdix.sys [2009-03-11 107272]
R1 ItSDisk; ItSDisk, C: \ Windows \ System32 \ Drivers \ itsdis k.sys [2006-05-16 23496]
R1 PersonalSecureDrive; PersonalSecureDrive, C: \ Windows \ System32 \ Drivers \ psd.sys [2007-01-23 39080]
R2 ASBroker; Logon Session Broker, C: \ Windows \ System32 \ Svchost.exe-k tudomásul [2008-08-07 21504]
R2 ASChannel; helyi kommunikációs csatorna, C: \ Windows \ System32 \ Svchost.exe-k tudomásul [2008-08-07 21504]
R2 avg8emc; AVG Free8 E-mail Scanner, C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe [2009-03-11 903960]
R2 avg8wd; AVG Free8 Watchdog, C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe [2009-03-11 298264]
R2 HDDlife HDD Access szolgáltatás HDDlife HDD Access szolgáltatás, C: \ Program Files \ BinarySense \ HDDlife 3 \ hldasvc.exe [2007-08-09 816376]
R2 SBSDWSCService; SBSD Security Center Service, C: \ Program Files \ Spybot - Search & Destroy \ SDWinSec.exe [2007-07-15 1153368]
R2 StkSSrv; Syntek AVStream USB2.0 WebCam Service, C: \ Windows \ System32 \ StkCSrv.exe [2007-02-07 24576]
R3 AtcL001; NDIS miniport Driver for Attansic L1 Gigabit Ethernet Controller, C: \ Windows \ System32 \ Drivers \ atl01v32.sy s [2007-03-15 48128]
R3 StkCMini; Syntek AVStream USB2.0 1.3M WebCam, C: \ Windows \ System32 \ Drivers \ StkCMini.sys [2007-02-13 1245056]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Svchost]
bthsvcs REG_MULTI_SZ BthServ
Tudomásul REG_MULTI_SZ ASBroker ASChannel

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ E]
\ Shell \ autorun \ command - E: \ Start.exe

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ H]
\ Shell \ autorun \ command - H: \ LaunchU3.exe

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ (1a4a90a1-32d4-11dc-aa3d-001bfc03310e)]
\ Shell \ autorun \ command - H: \ LaunchU3.exe

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ (c1865685-0291-11dc-b943-806e6f6e6963)]
\ Shell \ autorun \ command - E: \ Autorun.exe
.
Tartalma az "Ütemezett feladatok" mappába

2009/01/11: c: \ windows \ feladatok \ Defrag Job # 00.job
- C: \ Program Files \ DiskTrix \ UltimateDefrag \ UDefrag.exe []

2009/03/26: c: \ windows \ feladatok \ GoogleUpdateTaskUserS-1-5-21-3600620296-2450975610-132854369-1000.job
- C: \ Users \ Chloe \ AppData \ Local \ Google \ Update \ GoogleU pdate.exe [2009-03-17 22:06]

2009/03/30: c: \ windows \ feladatok \ User_Feed_Synchronization-(5963E371-2796-42F4-9A54-042DA9F406BC). Job
- C: \ Windows \ System32 \ msfeedssync.exe [2008-01-19 08:33]
.
.
Kiegészítő Scan ------- -------
.
uStart page = hxxp: / / www.google.co.uk/
uInternet Beállítások, ProxyOverride = *. helyi
IE: E & xportálás a Microsoft Excel - C: \ PROGRA ~ 1 \ mikrók ~ 2 \ Office10 \ EXCEL.EXE/3000
FF - ProfilePath - C: \ Users \ Chloe \ AppData \ Roaming \ Mozilla \ Firefox \ Pro Files \ ppnzryw9.default \
FF - prefs.js: browser.search.defaulturl - hxxp: / / search.conduit.com / ResultsExt.aspx? Ctid = CT1178131 & SearchSource = 3 & q =
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp: / / www.google.co.uk/
FF - összetevő: C: \ Program Files \ AVG \ AVG8 \ Firefox \ alkatrészek \ avgssff.dll
FF - összetevő: C: \ Program Files \ AVG \ AVG8 \ ToolbarFF \ alkatrészek \ vmAVGConnector. Dll
FF - összetevő: C: \ Program Files \ Real \ RealPlayer \ browserrecord \ alkatrészek \ npr pbrowserrecordplugin.dll
FF - összetevő: C: \ Users \ Chloe \ AppData \ Roaming \ Mozilla \ Firefox \ Pro Files \ ppnzryw9.default \ extensions \ (463F6CA5-EE3C-4be1-B7E6-7FEE11953374) \ platform \ WINNT \ alkatrészek \ FoxyTunes. dll
FF - plugin: C: \ Program Files \ Mozilla Firefox \ plugins \ np-mswmp.dll
FF - plugin: c: \ users \ Chloe \ AppData \ Local \ Google \ Update \ 1.2.141 .5 \ npGoogleOneClick7.dll
FF - plugin: D: \ Program Files \ Reader \ browser \ nppdf32.dll

FIREFOX POLITIKÁKKAL ---- ----
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v1.02.08); user_pref (general.useragent.extra.zencast, Creative ZENcast v2.00.07.

************************************************** ************************

CatchMe 0.3.1375 W2K/XP/Vista - Rootkit / stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-30 22:08:49
Windows 6.0.6001 Service Pack 1 NTFS

szkennelés rejtett folyamatok ...

scanning hidden autostart entries ...

scanning hidden files ...

scan sikeresen befejeződött
hidden files: 0

************************************************** ************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - -> "Lsass.exe" (696)
C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ bin \ ASWLNPkg.dll
C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ bin \ ItMsg.dll

- - - - - - -> "Explorer.exe" (5000)
C: \ Program Files \ RocketDock \ RocketDock.dll
C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ SFSShell.dll
C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ ItMsg.dll
.
------------------------ Other Running Processes ----------------------- --
.
C: \ Windows \ System32 \ audiodg.exe
C: \ Windows \ System32 \ ZoneLabs \ vsmon.exe
C: \ Windows \ System32 \ wlanext.exe
C: \ Program Files \ ATK Hotkey \ ASLDRSrv.exe
C: \ Program Files \ ATKGFNEX \ GFNEXSrv.exe
C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ asghost.exe
C: \ Program Files \ ATK Hotkey \ HControl.exe
C: \ Program Files \ ATKOSD2 \ ATKOSD2.exe
C: \ Program Files \ Wireless Console 2 \ wcourier.exe
C: \ Program Files \ ASUS \ Splendid \ ACMON.exe
C: \ Program Files \ P4G \ BatteryLife.exe
C: \ Windows \ System32 \ ACEngSvr.exe
C: \ Program Files \ ATK Hotkey \ ATKOSD.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Symantec \ LiveUpdate \ AluSchedulerSvc.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe
c: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgrsx.exe
c: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgnsx.exe
C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ IAANTmon.exe
C: \ Windows \ System32 \ IFXTCS.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Windows \ System32 \ IfxPsdSv.exe
C: \ Windows \ System32 \ PSIService.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe
C: \ Program Files \ ASUS \ NB Probe \ SPM \ spmgr.exe
C: \ Program Files \ AVG \ AVG8 \ avgcsrvx.exe
C: \ Windows \ System32 \ IfxUAGUI.exe
C: \ Program Files \ Infineon \ Security Platform Software \ PSDrt.exe
C: \ Program Files \ Infineon \ Security Platform Software \ SpTNA.exe
C: \ Windows \ System32 \ Rundll32.exe
.
************************************************** ************************
.
Teljesítés ideje: 2009-03-30 22:16:25 - a gép újraindítása
ComboFix-karantén-files.txt 2009-03-30 21:15:12

Pre-Run: 38800285696 bájt szabad
Post-Run: 38307028992 bájt szabad

Jelenlegi = 1 Default = 1 Nem = 0 LastKnownGood = 41 = Beállítja 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18, 19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35, 36,37,38,39,40,41
354 --- EOF --- 2009-03-29 15:30:34

Egy másik gyors kérdés firefox úgy tűnik, hogy működik egy kicsit lassabban, mint általában, és mikor zárják le, és megy, hogy azt egy kicsit később. Ebből jön ki egy üzenet mondás Firefox éppen fut, de nem válaszol. Kérjük, zárja be minden verzió előtt próbálkozik újra, vagy valami ezek a vonalak mentén. Szeretné, hogy jelentkezzen be jelzik / show minden oka ennek? Bocs, ha amit egy hülye kérdés.

**evilfantasy** · #8 Március 30 2009, 15:17

Törölje ezeket a fájlokat / mappákat, az alábbiak szerint:

1. Menj a Start > Fut > Type Notepad.exe , és kattintson OK megnyitásához Jegyzettömbbe.
Azt kell a Jegyzettömb, nem Wordpad.
2. Másolja az alábbi szöveget a kód mezőbe, kiemelve az összes szöveget, és nyomja meg Ctrl + C

Kód:

Killall: Registry:: [-HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center \ Monitoring \ SymantecAntiVirus] [-HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center \ Monitoring \ SymantecFirewall] [-HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mountpoints2 \ E] [-HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mountpoints2 \ (c1865685-0291-11dc-b943-806e6f6e6963)] Firefox: FF - prefs.js: browser.search.defaulturl - hxxp: / / search.conduit.com / ResultsExt.aspx? ctid = CT1178131 & SearchSource = 3 & q = FF - prefs.js: browser.search.selectedEngine - Web Search

3. Ugrás a Jegyzettömb ablak, és kattintson Szerkesztés > Beillesztés
4. Ezután kattintson a Fájl > Ment
5. A fájl neve CFScript.txt - Mentsük a fájlt az asztalra
6. Ezután húzza a CFScript (tartsuk lenyomva a bal egérgombot, miközben húzza a fájlt), és dobja el (engedje el a bal egérgombot) a ComboFix.exe mint látod a screenshot alább. Fontos: Végezze el ezt az utasítást figyelmesen!

ComboFix kezdődik végrehajtásához, kövesse az instrukciókat.
Újraindítás után (amennyiben azt kéri, hogy reboot), majd egy naplót az Ön számára.
Post hogy log (Combofix.txt) a következő választ.

Megjegyzés: Ne mouseclick ComboFix az ablakon, miközben az fut. Ezt okozhatja a rendszer befagyasztja

----------

Töltsd le a Norton Removal Tool (SymNRT) az asztalra.

A letöltött zárja be az összes megnyitott böngészőket is menthetjük azt a munkát, mert ehhez szükség lehet a számítógép újraindítása.

Ugrás az asztalon, és kattintson duplán az eltávolítóeszköz majd kattintson Setup.
Amint nyílt kattintson Következő
Fogadja el a licencszerződést, és kattintson Következő
Írd be a betűket / számokat, hogy látod a szövegmezőbe, majd kattintson Következő.
Ezután kattintson a Következő és az eszköz elindul.
Amint kész újraindítani a számítógépet.
Töröl Nortonremoval eszközt az asztalról.

----------

Ön Java elavult.

A régebbi verziók is sebezhető, hogy a rosszindulatú webhelyek használhatja arra, hogy a rendszert.

Egyrészt az új Sun Java Runtime Environment

Ügyeljen arra, hogy zárja be az összes böngészőablakot a telepítés megkezdése előtt.

Vegye ki a régi verzió (k)

Letöltés JavaRa

Bontsa ki a fájlt, és nyissa meg a JavaRa.exe
Kattints Távolítsa el a régebbi verziók
JavaRa majd keressük meg és távolítsa el az elavult változatát Java és távolítsa el azokat, amelyek nem találtak.
Kattints Kiegészítő feladatok
Hely ellenőrzés mellett Eltávolítás Mihaszna JRE Files , és kattintson Jár
Kilépés JavaRa
Törölje a JavaRa fájlokat a Desktop

Kiegészítő megjegyzés: A Java Quick Starter (JQS.exe) Hozzáteszi, a szolgáltatást, hogy javítsák a kezdeti indítási idő Java appletek és alkalmazások. Ha letiltja a JQS szolgáltatás, ha nem akarjuk használni, akkor menjen a Start> Vezérlőpult> Java> Speciális> Miscellaneous és unjelölje be a Java Quick Starter. Kattintson az OK gombra, és indítsa újra a számítógépét.

----------

Letöltés ATF Tisztitószerek által Atribune az asztalra.

Alternate letöltés link

Megjegyzés: Vista felhasználóinak kell használnia Run As Administrator

Alatt Fő: Válasszon fájlok törlése választhat: Select All.
Kattintson a Üres válogatott gombra.
Ha a Firefox böngészőben click Firefox a tetején, és választja ki: Select All
Kattintson a Üres válogatott gombra.
Ha szeretné megtartani a mentett jelszavak kattintson Nem A gyors.
Ha az Opera böngésző click Opera a tetején, és választja ki: Select All
Kattintson a Üres válogatott gombra.
Ha szeretné megtartani a mentett jelszavak kattintson Nem A gyors.
Kattints Kilépés a fő menüből, hogy bezárja a programot.

Megjegyzendő, hogy a rendszer lassabban fog futni egy-két újraindítás után használják ezt az eszközt, úgyhogy ne ess pánikba.

Fontos: Indítsa újra a számítógépet, mielőtt folytatná.

----------

Hogy van a számítógépen futó most?

**HistoryGirl** · #9 Március 31 2009, 09:25

Új ComboFix Bejelentkezés:

ComboFix 09-03-29.04 - Chloe 2009-03-31 16:37:20.2 - NTFSx86
Microsoft ® Windows Vista ™ Ultimate 6.0.6001.1.1252.1.1033.18.2046.1173 [GMT 1:00]
Running From: C: \ Users \ Chloe \ Desktop \ ComboFix.exe
Command kapcsolók használhatók: c: \ users \ Chloe \ Desktop \ CFScript.txt
AV: AVG Anti-Virus Free * On-hozzáférés szkennelés engedélyezve * (Frissítve)
FW: ZoneAlarm tűzfal engedélyezve * *
* Létrehozott egy új visszaállítási pontot
.

((((((((((((((((((((((((( Files létrehozott 2009/02/28 a 2009/03/31 ))))))))))) ))))))))))))))))))))
.

2009-03-31 17:15. 2009-03-31 17:15 45.056 - a ------ C: \ Windows \ System32 \ acovcnt.exe
2009-03-30 22:26. 2009-03-30 22:26 <DIR> d -------- C: \ Program Files \ MediaMonkey
2009-03-29 16:23. 2008-06-20 02:14 781.344 - a ------ C: \ Windows \ System32 \ PresentationNative_v0300.dll
2009-03-29 16:23. 2008-06-20 02:14 622.080 - a ------ C: \ Windows \ System32 \ icardagt.exe
2009-03-29 16:23. 2008-06-20 02:14 326.160 - a ------ C: \ Windows \ System32 \ PresentationHost.exe
2009-03-29 16:23. 2008-06-20 02:14 105.016 - a ------ C: \ Windows \ System32 \ PresentationCFFRasterizerNativ e_v0300.dll
2009-03-29 16:23. 2008-06-20 02:14 97.800 - a ------ C: \ Windows \ System32 \ infocardapi.dll
2009-03-29 16:23. 2008-06-20 02:14 43.544 - a ------ C: \ Windows \ System32 \ PresentationHostProxy.dll
2009-03-29 16:23. 2008-06-20 02:14 37.384 - a ------ C: \ Windows \ System32 \ infocardcpl.cpl
2009-03-29 16:23. 2008-06-20 02:14 11.264 - a ------ C: \ Windows \ System32 \ icardres.dll
2009-03-29 16:15. 2008-07-27 19:03 282.112 - a ------ C: \ Windows \ System32 \ mscoree.dll
2009-03-29 16:15. 2008-07-27 19:03 96.760 - a ------ C: \ Windows \ System32 \ dfshim.dll
2009-03-29 16:15. 2008-07-27 19:03 41.984 - a ------ C: \ Windows \ System32 \ netfxperf.dll
2009-03-29 16:14. 2008-07-27 19:03 158.720 - a ------ C: \ Windows \ System32 \ mscorier.dll
2009-03-29 16:14. 2008-07-27 19:03 83.968 - a ------ C: \ Windows \ System32 \ mscories.dll
2009-03-29 13:52. 2009-03-29 13:53 <DIR> d -------- C: \ Program Files \ Defraggler
2009-03-29 13:26. 2008-02-23 05:38 170.496 - a ------ C: \ Windows \ System32 \ tcpipcfg.dll
2009-03-29 13:26. 2008-02-23 03:41 22.528 - a ------ C: \ Windows \ System32 \ netiougc.exe
2009-03-29 13:25. 2009-02-16 00:10 1.221.512 - a ------ C: \ Windows \ System32 \ zpeng25.dll
2009-03-17 21:57. 2009-03-17 21:57 <DIR> d -------- C: \ Program Files \ Microsoft
2009-03-17 21:56. 2009-03-17 21:56 <DIR> d -------- C: \ Windows \ PCHEALTH
2009-03-16 22:43. 2009-03-28 22:36 <DIR> d - h ----- C: \ $ $ AVG8.VAULT
2009-03-16 20:59. 2009-03-16 20:59 25 - a ------ C: \ Windows \ cdplayer.ini
2009-03-14 00:34. 2008-12-05 05:32 428.544 - a ------ C: \ Windows \ System32 \ EncDec.dll
2009-03-14 00:34. 2008-12-05 05:32 293.376 - a ------ C: \ Windows \ System32 \ psisdecd.dll
2009-03-14 00:34. 2008-12-05 05:31 217.088 - a ------ C: \ Windows \ System32 \ psisrndr.ax
2009-03-14 00:34. 2008-12-05 05:31 177.664 - a ------ C: \ Windows \ System32 \ mpg2splt.ax
2009-03-14 00:34. 2008-12-05 05:31 80.896 - a ------ C: \ Windows \ System32 \ MSNP.ax
2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ Programdata \ (00D89592-F643-4D8D-8F0F-AFAE0F14D4C3)
2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ Program Files \ iTunes
2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ Program Files \ iPod
2009-03-14 00:29. 2008-04-17 13:12 107.368 - a ------ C: \ Windows \ System32 \ GEARAspi.dll
2009-03-14 00:29. 2009-01-15 13:19 23.848 - a ------ C: \ Windows \ System32 \ Drivers \ GEARAspiWDM.sys
2009-03-14 00:26. 2009-03-14 00:27 <DIR> d -------- C: \ Program Files \ QuickTime
2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ Programdata \ Kontiki
2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ Program Files \ Kontiki
2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ Program Files \ Channel4
2009-03-12 23:38. 2009-03-12 23:38 <DIR> d -------- C: \ Programdata \ Channel4
2009-03-11 22:33. 2009-03-31 17:16 <DIR> d -------- C: \ Users \ Chloe \ Tracing
2009-03-11 22:22. 2009-03-11 22:22 <DIR> d -------- C: \ Program Files \ Windows Live SkyDrive
2009-03-11 22:22. 2009-03-17 21:57 <DIR> d -------- C: \ Program Files \ Windows Live
2009-03-11 21:57. 2009-03-11 21:57 <DIR> d -------- C: \ Program Files \ Common Files \ Windows Live
2009-03-11 13:13. 2009-03-11 21:47 <DIR> d -------- C: \ Program Files \ Amazon
2009-03-11 13:13. 2009-03-11 13:13 107.272 - a ------ C: \ Windows \ System32 \ Drivers \ avgtdix.sys
2009-03-11 02:09. 2009-01-15 04:36 1.383.424 - a ------ C: \ Windows \ System32 \ mshtml.tlb
2009-03-11 02:09. 2009-01-15 07:11 827.392 - a ------ C: \ Windows \ System32 \ Wininet.dll
2009-03-11 02:05. 2008-12-16 04:29 8.147.456 - a ------ C: \ Windows \ System32 \ wmploc.DLL
2009-03-11 02:05. 2008-12-16 06:31 7.680 - a ------ C: \ Windows \ System32 \ spwmp.dll
2009-03-11 02:05. 2008-12-16 06:31 4.096 - a ------ C: \ Windows \ System32 \ msdxm.ocx
2009-03-11 02:05. 2008-12-16 06:31 4.096 - a ------ C: \ Windows \ System32 \ dxmasf.dll
2009-03-11 02:03. 2008-12-16 03:42 288.768 - a ------ C: \ Windows \ System32 \ Drivers \ srv.sys
2009-03-11 02:03. 2008-11-27 05:43 268.288 - a ------ C: \ Windows \ System32 \ Schannel.dll
2009-03-11 02:02. 2009-02-09 04:10 2.033.152 - a ------ C: \ Windows \ System32 \ Win32k.sys
2009-02-06 19:52. 2009-02-06 19:52 49.504 - a ------ C: \ Windows \ System32 \ sirenacm.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Jelentés )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-31 16:15 --------- d --- aw C: \ Programdata \ TEMP
2009-03-31 16:14 350.195 --- ha-w C: \ Windows \ System32 \ Drivers \ vsconfig.xml
2009-03-29 14:42 --------- d ----- wc: \ Programdata \ Spybot - Search & Destroy
2009-03-29 14:42 --------- d ----- wc: \ Program Files \ Spybot - Search & Destroy
2009-03-29 14:42 --------- d ----- wc: \ Program Files \ CCleaner
2009-03-19 16:48 --------- d ----- wc: \ Users \ Chloe \ AppData \ Roaming \ uTorrent
2009-03-16 19:58 --------- d ----- wc: \ Program Files \ Common Files \ Real
2009-03-13 23:29 --------- d ----- wc: \ Programdata \ Apple Computer
2009-03-13 23:29 --------- d ----- wc: \ Program Files \ Common Files \ Apple
2009-03-13 23:27 --------- d ----- wc: \ Program Files \ Bonjour
2009-03-12 22:24 --------- d ----- wc: \ Program Files \ Google
2009-03-11 23:07 --------- d ----- wc: \ Program Files \ Microsoft Silverlight
2009-03-11 23:05 --------- d ----- wc: \ Program Files \ Windows Mail
2009-03-11 12:13 325.128 ---- aw C: \ Windows \ System32 \ Drivers \ avgldx86.sys
2009-03-11 11:52 --------- d ----- wc: \ Programdata \ avg8
2009-02-15 23:11 293.528 ---- aw C: \ Windows \ System32 \ Drivers \ vsdatant.sys
2009-01-14 20:20 55.232 ---- aw C: \ Users \ Chloe \ AppData \ Roaming \ GDIPFONTCACHEV1.DAT
2008-12-31 21:51 13.025 ---- aw C: \ Users \ Chloe \ AppData \ Roaming \ nvModes.dat
2008-12-31 14:32 174 - sha-w C: \ Program Files \ Desktop.ini
2008-11-19 15:31 81.920 ---- aw C: \ Users \ Chloe \ AppData \ Roaming \ ezpinst.exe
2008-11-19 15:31 47.360 ---- aw C: \ Users \ Chloe \ AppData \ Roaming \ pcouffin.sys
2007-05-31 18:23 77.160 ---- aw C: \ Users \ Chloe \ DSETUP.dll
2007-05-31 18:23 503.144 ---- aw C: \ Users \ Chloe \ DXSETUP.exe
2007-05-31 18:23 1.673.576 ---- aw C: \ Users \ Chloe \ dsetup32.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-03-30_22.13.33.29 )))))))))) )))))))))))))))))))))))))))))))
.
+ 2009-03-31 16:14:31 2.048 - sha-w C: \ Windows \ ServiceProfiles \ LocalService \ AppData \ Lo cal \ lastalive0.dat
+ 2009-03-31 16:14:31 2.048 - sha-w C: \ Windows \ ServiceProfiles \ LocalService \ AppData \ Lo cal \ lastalive1.dat
- 2009-03-30 21:07:56 1.048.576 - sha-w C: \ Windows \ ServiceProfiles \ LocalService \ Ntuser.dat
+ 2009-03-31 16:15:44 1.048.576 - sha-w C: \ Windows \ ServiceProfiles \ LocalService \ Ntuser.dat
- 2009-03-30 21:07:56 1.048.576 - sha-w C: \ Windows \ ServiceProfiles \ NetworkService \ NTUSER.D AT
+ 2009-03-31 16:15:44 1.048.576 - sha-w C: \ Windows \ ServiceProfiles \ NetworkService \ NTUSER.D AT
- 2009-03-30 21:07:06 16.384 - sha-w C: \ Windows \ System32 \ Config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ History \ History.IE5 \ index.d at
+ 2009-03-31 16:14:35 16.384 - sha-w C: \ Windows \ System32 \ Config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ History \ History.IE5 \ index.d at
- 2009-03-30 21:07:06 32.768 - sha-w C: \ Windows \ System32 \ Config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ Temporary Internet Files \ Content.IE5 \ Index.dat
+ 2009-03-31 16:14:35 32.768 - sha-w C: \ Windows \ System32 \ Config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ Temporary Internet Files \ Content.IE5 \ Index.dat
- 2009-03-30 21:07:06 16.384 - sha-w C: \ Windows \ System32 \ Config \ systemprofile \ AppData \ r oaming \ Microsoft \ Windows \ Cookies \ Index.dat
+ 2009-03-31 16:14:35 16.384 - sha-w C: \ Windows \ System32 \ Config \ systemprofile \ AppData \ r oaming \ Microsoft \ Windows \ Cookies \ Index.dat
- 2009-03-30 19:05:35 126.818 ---- aw C: \ Windows \ System32 \ perfc007.dat
+ 2009-03-31 15:21:23 126.818 ---- aw C: \ Windows \ System32 \ perfc007.dat
- 2009-03-30 19:05:35 119.076 ---- aw C: \ Windows \ System32 \ perfc009.dat
+ 2009-03-31 15:21:23 119.076 ---- aw C: \ Windows \ System32 \ perfc009.dat
- 2009-03-30 19:05:35 127.578 ---- aw C: \ Windows \ System32 \ perfc00C.dat
+ 2009-03-31 15:21:23 127.578 ---- aw C: \ Windows \ System32 \ perfc00C.dat
- 2009-03-30 19:05:35 124.352 ---- aw C: \ Windows \ System32 \ perfc010.dat
+ 2009-03-31 15:21:23 124.352 ---- aw C: \ Windows \ System32 \ perfc010.dat
- 2009-03-30 19:05:35 130.866 ---- aw C: \ Windows \ System32 \ perfc013.dat
+ 2009-03-31 15:21:23 130.866 ---- aw C: \ Windows \ System32 \ perfc013.dat
- 2009-03-30 19:05:35 130.272 ---- aw C: \ Windows \ System32 \ perfc019.dat
+ 2009-03-31 15:21:23 130.272 ---- aw C: \ Windows \ System32 \ perfc019.dat
- 2009-03-30 19:05:35 620.942 ---- aw C: \ Windows \ System32 \ perfh007.dat
+ 2009-03-31 15:21:23 620.942 ---- aw C: \ Windows \ System32 \ perfh007.dat
- 2009-03-30 19:05:35 644.794 ---- aw C: \ Windows \ System32 \ perfh009.dat
+ 2009-03-31 15:21:23 644.794 ---- aw C: \ Windows \ System32 \ perfh009.dat
- 2009-03-30 19:05:35 672.380 ---- aw C: \ Windows \ System32 \ perfh00C.dat
+ 2009-03-31 15:21:23 672.380 ---- aw C: \ Windows \ System32 \ perfh00C.dat
- 2009-03-30 19:05:35 666.234 ---- aw C: \ Windows \ System32 \ perfh010.dat
+ 2009-03-31 15:21:23 666.234 ---- aw C: \ Windows \ System32 \ perfh010.dat
- 2009-03-30 19:05:35 669.852 ---- aw C: \ Windows \ System32 \ perfh013.dat
+ 2009-03-31 15:21:23 669.852 ---- aw C: \ Windows \ System32 \ perfh013.dat
- 2009-03-30 19:05:35 657.990 ---- aw C: \ Windows \ System32 \ perfh019.dat
+ 2009-03-31 15:21:23 657.990 ---- aw C: \ Windows \ System32 \ perfh019.dat
- 2009-03-30 19:03:55 17.414 ---- aw C: \ Windows \ System32 \ WDI \ (86432a0b-3c7d-4ddf-a89c-172faa90485d) \ S-1-5-21-3600620296-2450975610 - 132854369-1000_UserData.bin
+ 2009-03-31 16:17:14 18.026 ---- aw C: \ Windows \ System32 \ WDI \ (86432a0b-3c7d-4ddf-a89c-172faa90485d) \ S-1-5-21-3600620296-2450975610 - 132854369-1000_UserData.bin
- 2009-03-30 19:03:55 81.750 ---- aw C: \ Windows \ System32 \ WDI \ BootPerformanceDiagnostics _SystemData.bin
+ 2009-03-31 16:17:14 81.884 ---- aw C: \ Windows \ System32 \ WDI \ BootPerformanceDiagnostics _SystemData.bin
- 2009-03-30 19:03:54 68.204 ---- aw C: \ Windows \ System32 \ WDI \ ShutdownPerformanceDiagnos tics_SystemData.bin
+ 2009-03-31 15:15:30 68.346 ---- aw C: \ Windows \ System32 \ WDI \ ShutdownPerformanceDiagnos tics_SystemData.bin
.
- Snapshot visszaáll az aktuális dátum --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Megjegyzés * empty entries & legit default bejegyzések nem jelennek meg
REGEDIT4

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"RocketDock" = "C: \ Program Files \ RocketDock \ RocketDock.exe" [2007-09-02 495616]
"msnmsgr" = "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" [2009-02-06 3885408]
"WMPNSCFG" = "C: \ Program Files \ Windows Media Player \ WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"ASUS Képernyővédő Protector" = "c: \ windows \ ASScrPro.exe" [2007-05-15 33136]
"IFXSPMGT" = "C: \ Windows \ System32 \ ifxspmgt.exe" [2007-02-26 677408]
"ZoneAlarm Client" = "C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe" [2009-02-16 981384]
"SynTPEnh" = "C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe" [2007-03-01 857648]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entversion \ Policies \ System]
"EnableUIADesktopToggle" = 0 (0x0)

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Windows]
"AppInit_DLLs" = APSHook.dll avgrsstx.dll

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ drivers32]
"msacm.ac3filter" = ac3filter.acm

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ lsa]
Notification Packages REG_MULTI_SZ scecli ASWLNPkg

[HKLM \ ~ \ startupfolder \ C: ^ ^ Programdata Microsoft Wind ows ^ ^ Start Menu ^ Programs ^ ^ Indítópult WinZip Quick Pick.lnk]
path = c: \ Programdata \ Microsoft \ Windows \ Start Menu \ Programs \ Startup \ WinZip Quick Pick.lnk
backup = C: \ Windows \ PSS \ WinZip Quick Pick.lnk.CommonStartup
backupExtension =. CommonStartup

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ 4oD]
- a ------ 2007-04-23 12:23 1032640 C: \ Program Files \ Kontiki \ KHost.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Adobe Reader Speed Launcher]
- a ------ 2008-06-12 02:38 34672 D: \ Program Files \ Reader \ reader_sl.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ ASUS Camera ScreenSaver]
- a ------ 2007-05-15 05:12 37232 C: \ Windows \ ASScrProlog.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ ATKMEDIA]
- a ------ 2006-11-02 16:27 61440 C: \ Program Files \ ASUS \ ATK Media \ DMedia.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ AVG8_TRAY]
- a ------ 2009-03-11 13:13 1601304 C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ CognizanceTS]
-ra ------ 2003-12-21 22:11 17920 C: \ PROGRA ~ 1 \ ASUSSE ~ 1 \ ASUSSE ~ 1 \ Bin \ ASTSVCC.dll

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ ehTray.exe]
- a ------ 2008-01-19 08:33 125952 C: \ Windows \ ehome \ ehtray.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Google Update]
- a ---- t-2009-03-17 22:06 133104 C: \ Users \ Chloe \ AppData \ Local \ Google \ Update \ GoogleU pdate.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ iTunesHelper]
- a ------ 2009-03-11 14:52 342312 C: \ Program Files \ iTunes \ iTunesHelper.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ msnmsgr]
- a ------ 2009-02-06 19:51 3885408 C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvCplDaemon]
- a ------ 2007-04-04 12:40 8429568 C: \ Windows \ System32 \ nvcpl.dll

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvMediaCenter]
- a ------ 2007-04-04 12:40 81920 C: \ Windows \ System32 \ nvmctray.dll

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvSvc]
- a ------ 2007-04-04 12:40 86016 C: \ Windows \ System32 \ nvsvc.dll

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ QuickTime Task]
- a ------ 2009-01-05 17:18 413696 C: \ Program Files \ QuickTime \ QTTask.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ RocketDock]
- a ------ 2007-09-02 13:58 495616 C: \ Program Files \ RocketDock \ RocketDock.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ SpybotSD TeaTimer]
-rahs ---- 2009-03-05 16:07 2260480 C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ SunJavaUpdateSched]
- a ------ 2008-06-10 04:27 144784 C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ TkBellExe]
- a ------ 2009-03-16 20:58 198160 C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Windows Defender]
- a ------ 2008-01-19 08:38 1008184 C: \ Program Files \ Windows Defender \ MSASCui.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ WMPNSCFG]
- a ------ 2008-01-19 08:33 202240 C: \ Program Files \ Windows Media Player \ wmpnscfg.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ (0228e555-4f9c-4e35-a3ec-b109a192b4c2)]
- a ------ 2005-07-15 22:48 479232 C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ RtHDVCpl]
- a ------ 2007-02-15 10:07 4390912 C: \ Windows \ RtHDVCpl.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center \ Monitoring]
"DisableMonitoring" = dword: 00000001

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center \ Monitoring \ ZoneLabsFirewall]
"DisableMonitoring" = dword: 00000001

[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ DomainProfile]
"EnableFirewall" = 0 (0x0)

[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ FirewallRules]
"(71E74FA5-D1FA-4A82-9121-AE2CACB2ED04)" = = Profil Privát | C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(2FE2345B-5C77-485E-9855-FC6024DE75EC)" = = Profil Privát | C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(CC9CFD37-6799-47CF-9AEE-1063F21C5548)" = = Profil Privát | C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(3D44E6E8-68F3-42F0-B97E-1081F1354874)" = UDP: C: \ Program Files \ LimeWire \ LimeWire.exe: LimeWire 4.12.15
"(B2393435-26B3-4482-A391-C964F3370D66)" = TCP: C: \ Program Files \ LimeWire \ LimeWire.exe: LimeWire 4.12.15
"(1B1039C9-3AEF-4B2E-85CA-DA79FB7CDBD3)" = Kikapcsolva: C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(F9EC3544-5A35-4D84-A067-E7167563791A)" = Kikapcsolva: C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(A9CE85F3-F9BA-4875-B169-9DEF59911C8A)" = Kikapcsolva: C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"TCP Query User (0FAAFA32-F5A3-4C35-9AFD-A648E4B3016E) c: \ \ Program Files \ \ uTorrent \ \ utorrent.exe" = UDP: C: \ Program Files \ uTorrent \ utorrent.exe: uTorrent
"UDP Query User (CDC85196-C503-4F00-82DC-B95F8D021895) c: \ \ Program Files \ \ uTorrent \ \ utorrent.exe" = TCP: C: \ Program Files \ uTorrent \ utorrent.exe: uTorrent
"TCP Query User (5D761702-BEB7-4B94-B693-1A7EF8E441ED) c: \ \ Program Files \ \ könnyen webTV & rádió \ \ easywebtv.exe" = UDP: C: \ Program Files \ könnyen webTV & rádió \ easywebtv.exe : webtv \ Radio \ Media
"UDP Query User (A7E2F9B1-976E-49B1-960A-8FE671DECB26) c: \ \ Program Files \ \ könnyen webTV & rádió \ \ easywebtv.exe" = TCP: C: \ Program Files \ könnyen webTV & rádió \ easywebtv.exe : webtv \ Radio \ Media
"(978D57EE-8CEF-4E88-B3CC-472590D8A602)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(038AD6DB-57BA-4294-B6BE-DC5AC329D87A)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"TCP Query User (20F3997A-2406-42BC-9A96-17DBA8717938) c: \ \ Program Files \ \ soulseek \ \ slsk.exe" = UDP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek
"UDP Query User (EBEDABDC-8DFA-4EA4-83A0-5D79C8A2BE45) c: \ \ Program Files \ \ soulseek \ \ slsk.exe" = TCP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek
"TCP Query User (A2D20908-089C-441B-B9C8-C8811AFCAB9E) c: \ \ Program Files \ \ LimeWire \ \ limewire.exe" = UDP: C: \ Program Files \ LimeWire \ limewire.exe: LimeWire
"UDP Query User (0B6B64F6-D6E9-4D1D-B83A-E6E85E360C05) c: \ \ Program Files \ \ LimeWire \ \ limewire.exe" = TCP: C: \ Program Files \ LimeWire \ limewire.exe: LimeWire
"(2E890455-237D-4ABA-BE37-B5E6E1862834)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(DDAAC8F6-7557-495A-82B3-EBFF9330A2CC)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(5131D757-BC24-44C9-8EA5-E268DFC6DCAC)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"TCP Query User (4C52E1A6-D998-41D5-8E99-27F21E3CA7CB) c: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = UDP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox
"UDP Query User (80235B6B-2462-4AC3-8A59-7534841DE76B) c: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = TCP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox
"TCP Query User (049DD1E6-8191-4983-A59D-240E79B46042) c: \ \ Program Files \ \ uTorrent \ \ utorrent.exe" = UDP: C: \ Program Files \ uTorrent \ utorrent.exe: uTorrent
"UDP Query User (9A00A32D-A675-4425-8F5E-1528AAB521FB) c: \ \ Program Files \ \ uTorrent \ \ utorrent.exe" = TCP: C: \ Program Files \ uTorrent \ utorrent.exe: uTorrent
"TCP Query User (348698D9-5A1D-4E1C-AC00-DBDC43BE0ACF) c: \ \ Program Files \ \ soulseek \ \ slsk.exe" = UDP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek
"UDP Query User (60AFF659-3A7C-488C-9CCA-0A8589DD32FA) c: \ \ Program Files \ \ soulseek \ \ slsk.exe" = TCP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek
"TCP Query User (3EF98A58-7B3C-42B1-8A5A-CF7DEF59C2A7) c: \ \ Program Files \ \ sopcast \ \ sopcast.exe" = UDP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Main Application
"UDP Query User (D8A0735D-6D19-4482-A90A-35A9D023DEBE) c: \ \ Program Files \ \ sopcast \ \ sopcast.exe" = TCP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Main Application
"TCP Query User (7B392C25-D64F-4897-B5CC-5C9B83106BB0) c: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = UDP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox
"UDP Query User (9990806D-9198-4760-93E7-C65D44E1FE8A) c: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = TCP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox
"TCP Query User (9998DAB7-D775-4620-A491-D752230551A3) c: \ \ Program Files \ \ Internet Explorer \ \ iexplore.exe" = UDP: C: \ Program Files \ Internet Explorer \ iexplore.exe: Internet Explorer
"UDP Query User (B9293167-A4DC-43ED-893B-B5B1B89F9988) c: \ \ Program Files \ \ Internet Explorer \ \ iexplore.exe" = TCP: C: \ Program Files \ Internet Explorer \ iexplore.exe: Internet Explorer
"TCP Query User (B04F6C2B-953A-469D-AFD8-4F3AE27A4941) c: \ \ Users \ \ Chloe \ \ AppData \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = UDP: c: \ users \ Chloe \ AppData \ roaming \ sopcast \ adv \ mártogat adver.exe: sopadver.exe
"UDP Query User (914B6A2A-9A2A-43A8-B4EA-BB1EEDC476B5) c: \ \ Users \ \ Chloe \ \ AppData \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = TCP: c: \ users \ Chloe \ AppData \ roaming \ sopcast \ adv \ mártogat adver.exe: sopadver.exe
"TCP Query User (69F8C35B-6614-4033-B40E-59012B10975A) c: \ \ Program Files \ \ bearflix \ \ bearflix.exe" = UDP: C: \ Program Files \ bearflix \ bearflix.exe: BearFlix
"UDP Query User (89ABF64F-F79E-456D-9136-82A8675A3E17) c: \ \ Program Files \ \ bearflix \ \ bearflix.exe" = TCP: C: \ Program Files \ bearflix \ bearflix.exe: BearFlix
"(8D76BC83-ABC9-406B-8945-366EA3B7074B)" = UDP: C: \ Program Files \ SmartFTP Client \ SmartFTP.exe: SmartFTP Client
"(9FC79C86-3E66-4A61-AA2A-FAB0C61E0453)" = TCP: C: \ Program Files \ SmartFTP Client \ SmartFTP.exe: SmartFTP Client
"TCP Query User (9FF9F89E-5323-45dB-89F0-BA37B84180EE) c: \ \ Program Files \ \ tvants \ \ tvants.exe" = UDP: C: \ Program Files \ tvants \ tvants.exe: TVAnts
"UDP Query User (C10505B7-BDD4-49BB-93E6-E73B8E6C4E33) c: \ \ Program Files \ \ tvants \ \ tvants.exe" = TCP: C: \ Program Files \ tvants \ tvants.exe: TVAnts
"TCP Query User (A9E241F3-D69C-4E67-938B-33C91AB576A1) c: \ \ Program Files \ \ tvuplayer \ \ tvuplayer.exe" = UDP: C: \ Program Files \ tvuplayer \ tvuplayer.exe: TVU Player komponens
"UDP Query User (D3542B64-2CF9-4C20-B6CB-1D9096FF27EB) c: \ \ Program Files \ \ tvuplayer \ \ tvuplayer.exe" = TCP: C: \ Program Files \ tvuplayer \ tvuplayer.exe: TVU Player komponens
"(F8B68D6E-3A24-4B31-8261-FB3CA92B5740)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"TCP Query User (4E95BA55-EDF5-491D-9059-F11FF353A128) c: \ \ Users \ \ Chloe \ \ AppData \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = UDP: c: \ users \ Chloe \ AppData \ roaming \ sopcast \ adv \ mártogat adver.exe: sopadver.exe
"UDP Query User (55C79E39-F1AC-45C7-8F99-995A835F089A) c: \ \ Users \ \ Chloe \ \ AppData \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = TCP: c: \ users \ Chloe \ AppData \ roaming \ sopcast \ adv \ mártogat adver.exe: sopadver.exe
"TCP Query User (A3EF2380-6740-4FD5-913E-D67F54A54B11) c: \ \ Program Files \ \ sopcast \ \ sopcast.exe" = UDP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Main Application
"UDP Query User (E9C164FD-CB41-4D08-9DBA-BDDB929D1C86) c: \ \ Program Files \ \ sopcast \ \ sopcast.exe" = TCP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Main Application
"TCP Query User (C1148110-2D5B-4810-8651-98FBFD3A6751) c: \ \ Program Files \ \ Internet Explorer \ \ iexplore.exe" = UDP: C: \ Program Files \ Internet Explorer \ iexplore.exe: Internet Explorer
"UDP Query User (F15683E5-A578-47EE-BEB1-4541978254F4) c: \ \ Program Files \ \ Internet Explorer \ \ iexplore.exe" = TCP: C: \ Program Files \ Internet Explorer \ iexplore.exe: Internet Explorer
"TCP Query User (CCA39E89-B85B-41BA-9A33-CA6DB37579E4) d: \ \ Program Files \ \ clue.exe" = UDP: D: \ Program Files \ clue.exe: Clue
"UDP Query User (39F3C83F-DCF0-43B4-B149-19F3630B3078) d: \ \ Program Files \ \ clue.exe" = TCP: D: \ Program Files \ clue.exe: Clue
"(01834D55-82B5-480D-BEFF-52EDB82BB8B5)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(90ECB35B-6897-4166-A35A-04BC39978BA9)" = C: \ Program Files \ AVG \ AVG8 \ avgemc.exe: avgemc.exe
"(504F647E-1476-4948-AA42-DC1DF85CA9A8)" = C: \ Program Files \ AVG \ AVG8 \ avgupd.exe: avgupd.exe
"(CC411EBB-9ACA-4217-9994-ABB961E83B3C)" = UDP: C: \ Program Files \ uTorrent \ uTorrent.exe: μTorrent (TCP-in)
"(031AA3B5-F93B-4E4B-9ED7-66C6B9FFF3E8)" = TCP: C: \ Program Files \ uTorrent \ uTorrent.exe: μTorrent (UDP-in)
"(1D54F818-ABAC-418F-8F39-17EA7664FABE)" = UDP: C: \ Program Files \ Bonjour \ mDNSResponder.exe: Bonjour
"(3C9FFAF4-40EA-450F-A906-D34D3E2EFA72)" = TCP: C: \ Program Files \ Bonjour \ mDNSResponder.exe: Bonjour
"(6AC9F5D1-C3AC-4878-8740-8A3E10F857E2)" = UDP: C: \ Program Files \ iTunes \ iTunes.exe: iTunes
"(77045B5E-EC2E-4749-AC23-32130CD39567)" = TCP: C: \ Program Files \ iTunes \ iTunes.exe: iTunes
"(00BE12C0-42CB-4B64-AA07-80A45C05B97C)" = Kikapcsolva: UDP: C: \ Program Files \ Sports Interactive \ Football Manager 2008 \ fm.exe: Football Manager 2008
"(0A529C81-B8E4-4809-A54B-B5141A997A78)" = Kikapcsolva: TCP: C: \ Program Files \ Sports Interactive \ Football Manager 2008 \ fm.exe: Football Manager 2008

[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ PublicProfile]
"EnableFirewall" = 0 (0x0)

[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ StandardProfile]
"EnableFirewall" = 0 (0x0)

R1 AvgLdx86; AVG Free AVI Loader Driver x86, C: \ Windows \ System32 \ Drivers \ avgldx86.sys [2008-12-24 325128]
R1 AvgTdiX; AVG8 Hálózati Redirector, C: \ Windows \ System32 \ Drivers \ avgtdix.sys [2009-03-11 107272]
R1 ItSDisk; ItSDisk, C: \ Windows \ System32 \ Drivers \ itsdis k.sys [2006-05-16 23496]
R1 PersonalSecureDrive; PersonalSecureDrive, C: \ Windows \ System32 \ Drivers \ psd.sys [2007-01-23 39080]
R2 ASBroker; Logon Session Broker, C: \ Windows \ System32 \ Svchost.exe-k tudomásul [2008-08-07 21504]
R2 ASChannel; helyi kommunikációs csatorna, C: \ Windows \ System32 \ Svchost.exe-k tudomásul [2008-08-07 21504]
R2 avg8emc; AVG Free8 E-mail Scanner, C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe [2009-03-11 903960]
R2 avg8wd; AVG Free8 Watchdog, C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe [2009-03-11 298264]
R2 HDDlife HDD Access szolgáltatás HDDlife HDD Access szolgáltatás, C: \ Program Files \ BinarySense \ HDDlife 3 \ hldasvc.exe [2007-08-09 816376]
R2 SBSDWSCService; SBSD Security Center Service, C: \ Program Files \ Spybot - Search & Destroy \ SDWinSec.exe [2007-07-15 1153368]
R2 StkSSrv; Syntek AVStream USB2.0 WebCam Service, C: \ Windows \ System32 \ StkCSrv.exe [2007-02-07 24576]
R3 AtcL001; NDIS miniport Driver for Attansic L1 Gigabit Ethernet Controller, C: \ Windows \ System32 \ Drivers \ atl01v32.sy s [2007-03-15 48128]
R3 StkCMini; Syntek AVStream USB2.0 1.3M WebCam, C: \ Windows \ System32 \ Drivers \ StkCMini.sys [2007-02-13 1245056]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Svchost]
bthsvcs REG_MULTI_SZ BthServ
Tudomásul REG_MULTI_SZ ASBroker ASChannel

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ H]
\ Shell \ autorun \ command - H: \ LaunchU3.exe

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ (1a4a90a1-32d4-11dc-aa3d-001bfc03310e)]
\ Shell \ autorun \ command - H: \ LaunchU3.exe
.
Tartalma az "Ütemezett feladatok" mappába

2009/01/11: c: \ windows \ feladatok \ Defrag Job # 00.job
- C: \ Program Files \ DiskTrix \ UltimateDefrag \ UDefrag.exe []

2009/03/26: c: \ windows \ feladatok \ GoogleUpdateTaskUserS-1-5-21-3600620296-2450975610-132854369-1000.job
- C: \ Users \ Chloe \ AppData \ Local \ Google \ Update \ GoogleU pdate.exe [2009-03-17 22:06]

2009/03/30: c: \ windows \ feladatok \ User_Feed_Synchronization-(5963E371-2796-42F4-9A54-042DA9F406BC). Job
- C: \ Windows \ System32 \ msfeedssync.exe [2008-01-19 08:33]
.
.
Kiegészítő Scan ------- -------
.
uStart page = hxxp: / / www.google.co.uk/
uInternet Beállítások, ProxyOverride = *. helyi
IE: E & xportálás a Microsoft Excel - C: \ PROGRA ~ 1 \ mikrók ~ 2 \ Office10 \ EXCEL.EXE/3000
FF - ProfilePath - C: \ Users \ Chloe \ AppData \ Roaming \ Mozilla \ Firefox \ Pro Files \ ppnzryw9.default \
FF - prefs.js: browser.search.defaulturl - hxxp: / / search.conduit.com / ResultsExt.aspx? Ctid = CT1178131 & SearchSource = 3 & q =
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp: / / www.google.co.uk/
FF - összetevő: C: \ Program Files \ AVG \ AVG8 \ Firefox \ alkatrészek \ avgssff.dll
FF - összetevő: C: \ Program Files \ AVG \ AVG8 \ ToolbarFF \ alkatrészek \ vmAVGConnector. Dll
FF - összetevő: C: \ Program Files \ Real \ RealPlayer \ browserrecord \ alkatrészek \ npr pbrowserrecordplugin.dll
FF - összetevő: C: \ Users \ Chloe \ AppData \ Roaming \ Mozilla \ Firefox \ Pro Files \ ppnzryw9.default \ extensions \ (463F6CA5-EE3C-4be1-B7E6-7FEE11953374) \ platform \ WINNT \ alkatrészek \ FoxyTunes. dll
FF - plugin: C: \ Program Files \ Mozilla Firefox \ plugins \ np-mswmp.dll
FF - plugin: c: \ users \ Chloe \ AppData \ Local \ Google \ Update \ 1.2.141 .5 \ npGoogleOneClick7.dll
FF - plugin: D: \ Program Files \ Reader \ browser \ nppdf32.dll

FIREFOX POLITIKÁKKAL ---- ----
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v1.02.08); user_pref (general.useragent.extra.zencast, Creative ZENcast v2.00.07.

************************************************** ************************

CatchMe 0.3.1375 W2K/XP/Vista - Rootkit / stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-31 17:16:10
Windows 6.0.6001 Service Pack 1 NTFS

szkennelés rejtett folyamatok ...

"10ûÿét0ûÿ3ö9sHu [1166747253] 0x75636F44
"10ûÿét0ûÿ3ö9sHu [1166747253] 0x6F6D6D6F
scanning hidden autostart entries ...

scanning hidden files ...

scan sikeresen befejeződött
hidden files: 0

************************************************** ************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - -> "Lsass.exe" (704)
C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ bin \ ASWLNPkg.dll
C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ bin \ ItMsg.dll

- - - - - - -> "Explorer.exe" (3304)
C: \ Program Files \ RocketDock \ RocketDock.dll
C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ SFSShell.dll
C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ ItMsg.dll
.
------------------------ Other Running Processes ----------------------- --
.
C: \ Windows \ System32 \ audiodg.exe
C: \ Windows \ System32 \ ZoneLabs \ vsmon.exe
C: \ Windows \ System32 \ wlanext.exe
C: \ Program Files \ ATK Hotkey \ ASLDRSrv.exe
C: \ Program Files \ ATKGFNEX \ GFNEXSrv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Symantec \ LiveUpdate \ AluSchedulerSvc.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe
c: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgrsx.exe
c: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgnsx.exe
C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ IAANTmon.exe
C: \ Windows \ System32 \ IFXTCS.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Windows \ System32 \ IfxPsdSv.exe
C: \ Windows \ System32 \ PSIService.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe
C: \ Program Files \ ASUS \ NB Probe \ SPM \ spmgr.exe
C: \ Program Files \ AVG \ AVG8 \ avgcsrvx.exe
C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ asghost.exe
C: \ Program Files \ ATK Hotkey \ HControl.exe
C: \ Program Files \ ATKOSD2 \ ATKOSD2.exe
C: \ Program Files \ Wireless Console 2 \ wcourier.exe
C: \ Program Files \ ASUS \ Splendid \ ACMON.exe
C: \ Program Files \ P4G \ BatteryLife.exe
C: \ Windows \ System32 \ ACEngSvr.exe
C: \ Program Files \ ATK Hotkey \ ATKOSD.exe
C: \ Windows \ System32 \ IfxUAGUI.exe
C: \ Program Files \ Infineon \ Security Platform Software \ PSDrt.exe
C: \ Program Files \ Infineon \ Security Platform Software \ SpTNA.exe
C: \ Windows \ System32 \ wbem \ WMIADAP.exe
C: \ Windows \ System32 \ dllhost.exe
.
************************************************** ************************
.
Teljesítés ideje: 2009-03-31 17:23:29 - a gép újraindítása
ComboFix-karantén-files.txt 2009-03-31 16:23:16
ComboFix2.txt 2009-03-30 21:16:26

Pre-Run: 39213060096 bájt szabad
Post-Run: 38632595456 bájt szabad

Jelenlegi = 1 Default = 1 Nem = 0 LastKnownGood = 41 = Beállítja 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18, 19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35, 36,37,38,39,40,41
396 --- EOF --- 2009-03-29 15:30:34

**HistoryGirl** · #10 Március 31 2009, 09:48

Ami a Norton eltávolítása Sosem telepített Norton itt igen miért symantec felsorolt?

Hasonló szálak
Szál	Thread Starter	Fórum	Válaszok	Utolsó hozzászólás
Grafikus kártya probléma lehet Megállás Vista indítását.	Jonmal	Általános fémáru Chat	1	November 5, 2009 11:21
XP futtatása Lassan, Nem Malware ...	mbonwick	A Windows operációs rendszerek	3	Augusztus 24, 2009 07:52
Dell laptop - Trouble Starting Windows - Keeps lezárására	jazker	Laptopok, PDA-k & Mobiles	4	25. március 2009 06:59
Miért letapogatású McAfee olyan lassan?	stevescholes	Vírus, kémprogram és biztonság	3	29. december 2008 15:48
My Vista fagyása után röviddel kezdődik.	Jyan29	Általános fémáru Chat	2	30. november 2008 16:40

Téma eszközök
Show Nyomtatható verzió Küldés e-mailben