|
| |||||||
| Regisztráció | Oldaltérkép Spy | Tagok listája | Donate | Keres | Mai hozzászólások | Megjelöl Fórumok Olvas | Fórum Szabályok |
 |
 |
| | Téma eszközök |
|
#1
Szeptember 27, 2008, 18:16
| |||
| |||
| Iexplore.exe kérdés iexplore.exe emléktárgy felbukkanó én Task Manager, annak ellenére, hogy nem használom IE. Ez így lassú a számítógépem, ott vagyunk pop up, néha nincs pop up, csak egy hang így szól: "Gratulálok, nyertél ____" (tehát máshogy), vagy úgy hangzik, mintha egy hiba ablak jelenik meg, vagy valami csattanó, mikor vagyok csinál semmit, és semmi sem jelenik meg a képernyőn (tulajdonképpen ez teszi a számítógépet kísérteties hang! Haha egyébként) Naplózás A Trend Micro HijackThis v2.0.2 Scan mentése 9:12:42, on 9/27/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Futó folyamatok: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ System32 \ Services.exe C: \ WINDOWS \ System32 \ Lsass.exe C: \ WINDOWS \ System32 \ Svchost.exe C: \ Program Files \ Windows Defender \ MsMpEng.exe C: \ WINDOWS \ System32 \ Svchost.exe C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe C: \ Program Files \ Intel \ Wireless \ Bin \ S24EvMon.exe C: \ Program Files \ Intel \ Wireless \ Bin \ WLKeeper.exe C: \ WINDOWS \ System32 \ LEXBCES.EXE C: \ WINDOWS \ System32 \ Spoolsv.exe C: \ WINDOWS \ System32 \ LEXPPS.EXE C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2,0 \ aoltsmon.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ PrevxCSI \ prevxcsi.exe C: \ WINDOWS \ System32 \ dlcxcoms.exe C: \ Program Files \ PrevxCSI \ prevxcsi.exe C: \ WINDOWS \ System32 \ Svchost.exe C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE C: \ Program Files \ Dell \ galagonya \ NICCONFIGSVC.exe C: \ WINDOWS \ System32 \ nvsvc32.exe C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe C: \ WINDOWS \ System32 \ rpcnet.exe C: \ WINDOWS \ System32 \ Svchost.exe C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe C:: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ spysweeper.exe C:: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ commagent.exe C: \ WINDOWS \ Explorer.EXE C: \ WINDOWS \ System32 \ wscntfy.exe C: \ Program Files \ Dell \ galagonya \ quickset.exe C: \ WINDOWS \ System32 \ Rundll32.exe C: \ WINDOWS \ System32 \ spool \ drivers \ W32x86 \ 3 \ hpztsb0 3.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe C: \ Program Files \ Windows Defender \ MSASCui.exe C: \ WINDOWS \ System32 \ Ctfmon.exe C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ Viewpoint \ Viewpoint Manager \ ViewMgr.exe C: \ WINDOWS \ System32 \ wuauclt.exe C: \ WINDOWS \ System32 \ SJv56bM4.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ WINDOWS \ System32 \ Ctfmon.exe C: \ Program Files \ ErrorSmart \ ErrorSmart.exe C:: \ Program Files \ Common Files \ AOL \ 1155864818 \ ee \ aolsoftware.exe C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ AcroRd32.exe C: \ Program Files \ America Online 9.0 \ shellmon.exe C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.bridgew.edu/ R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.bridgew.edu/ O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll Az O2 - BHO: megoldás Class - (99C6D1BB-7555-474C-91DA-D8FB62A9CC75) - C: \ WINDOWS \ System32 \ 58VayB0u.dll Az O2 - BHO: Viewpoint Toolbar BHO - (A7327C09-B521-4EDB-8509-7D2660C9EC98) - C: \ Program Files \ Viewpoint \ Viewpoint Toolbar \ 3.8.0 \ ViewBarBHO.dll O3 - Toolbar: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O3 - Toolbar: Viewpoint Toolbar - (F8AD5AA5-D966-4667-9DAF-2561D68B2012) - C: \ Program Files \ Common Files \ Viewpoint \ Toolbar Futásidejű \ 3.8.0 \ IEViewBar.dll O4 - HKLM \ .. \ Run: [NvCplDaemon] Rundll32.exe C: \ WINDOWS \ System32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Run: [Dell galagonya] C: \ Program Files \ Dell \ galagonya \ quickset.exe O4 - HKLM \ .. \ Run: [NvMediaCenter] Rundll32.exe NvMCTray.dll, NvTaskbarInit O4 - HKLM \ .. \ Run: [HPDJ Feladat Utility] C: \ WINDOWS \ System32 \ spool \ drivers \ W32x86 \ 3 \ hpztsb0 3.exe O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" Background O4 - HKLM \ .. \ Run: [DLCXCATS] rundll32 C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32x86 \ 3 \ DLCXtim e.dll, _RunDLLEntry @ 16 O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe" O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide Background O4 - HKLM \ .. \ Run: [ErrorSmart] C: \ Program Files \ ErrorSmart \ ErrorSmart.exe O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe O4 - HKCU \ .. \ Run: [AOL Fast Start] "C: \ Program Files \ America Online 9.0 \ AOL.EXE"-b O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 -. DEFAULT User Startup: Tiszta Access Agent.lnk = C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe (User 'Default user') O4 - Startup: Tiszta Access Agent.lnk = C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe O6 - HKCU \ Software \ Policies \ Microsoft \ Internet Explorer \ Control Panel jelen O8 - Extra context menu item: & AOL Toolbar Search - res: / / C: \ Program Files \ AOL Toolbar \ toolbar.dll / SEARCH.HTML O8 - Extra context menu item: E & xportálás Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ mikrók ~ 2 \ Office11 \ EXCEL.EXE/3000 O8 - Extra context menu item: Feliratkozás mulasztási RSS olvasó - C: \ Documents and Settings \ Rendszergazda \ Application Data \ RssBandit \ iecontext_subscribefeed.htm O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra button: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O9 - Extra button: Kutatás - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ mikrók ~ 2 \ Office11 \ REFIEBAR.DLL O9 - Extra button: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ WINDOWS \ System32 \ Shdocvw.dll O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra button: PokerStars.net - (FA9B9510-9FCB-4ca0-818C-5D0987B47C4D) - C: \ Program Files \ PokerStars.NET \ PokerStarsUpdate.exe O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Ø15 - Trusted Zone: *. bridgew.edu O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi osztály) -- http://support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?link...67&clcid=0x409 Ø16 - DPF: (5e2a3510-4371-11d6-b64c-00c04faedb18) (Oracle JInitiator 1.1.8.18) -- http://frmserv.bridgew.edu/jinitiator/jinit.exe O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl osztály) -- http://update.microsoft.com/windowsu...?1121111428606 O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl osztály) -- http://update.microsoft.com/microsof...?1121873156643 O16 - DPF: (BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19) (CPlayFirstddfotgControl Object) -- http://aolsvc.aol.com/onlinegames/fr...g.1.0.0.33.cab O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe O23 - Service: AOL Connectivity Service (ACS AOL) - AOL LLC - C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc. - C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2,0 \ aoltsmon.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: Ati Hotkey Poller - Unknown tulajdonos - C: \ WINDOWS \ System32 \ Ati2evxx.exe O23 - Service: CSIScanner - Prevx - C: \ Program Files \ PrevxCSI \ prevxcsi.exe O23 - Service: dlcx_device - - C: \ WINDOWS \ System32 \ dlcxcoms.exe O23 - Service: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C: \ WINDOWS \ System32 \ LEXBCES.EXE O23 - Service: NICCONFIGSVC - Dell Inc. - C: \ Program Files \ Dell \ galagonya \ NICCONFIGSVC.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ System32 \ nvsvc32.exe O23 - Service: Intel (R) PROSet / Wireless Registry Service (RegSrvc) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe O23 - Service: Remote Procedure Call (RPC) Net (Rpcnet) - Ismeretlen tulajdonos - C: \ WINDOWS \ System32 \ rpcnet.exe O23 - Service: Intel (R) PROSet / Wireless Service (S24EventMonitor) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ S24EvMon.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe O23 - Service: Webroot CommAgent Service (WebrootCommAgentService) - Webroot Software, Inc. - C: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ commagent.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ spysweeper.exe O23 - Service: Intel (R) PROSet / Wireless SSO Service (WLANKEEPER) - Intel (R) Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ WLKeeper.exe -- End of file - 10609 bájt |
|
#2
Szeptember 27, 2008, 19:15
| |||
| |||
| Iexplore.exe kérdés Üdvözöljük CJ. Kérjük, nyomtassa ki ezeket az utasításokat, mivel szükség lesz később, az Internet hozzáférést nem áll rendelkezésre. Letöltés SDFix a AndyManchesta és mentse el az asztalra. Amikor használja ezt az eszközt, ki kell használni a Ügyintéző számla vagy a számla Közigazgatási jog
Nyissuk meg a mappát, és SDFix duplakattintásra RunThis.bat kezdeni a forgatókönyvet.
__________________  |
|
#3
Szeptember 27, 2008, 20:24
| |||
| |||
| Iexplore.exe kérdés SDFix: Version 1,229 Run by Administrator on Sat 09/27/2008 at 10:50 Microsoft Windows XP [Version 5/1/2600] Running From: C: \ SDFix Checking Szolgáltatások : Restoring Default Security Values Restoring Default Hosts File Újraindítás Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Utolsó ellenőrzés : CatchMe 0.3.1361.2 W2K/XP/Vista - Rootkit / stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-27 23:14:36 5/1/2600 Windows Service Pack 2 NTFS szkennelés rejtett folyamatok ... scanning hidden services & rendszer méhkas ... scanning hidden registry entries ... scanning hidden files ... scan sikeresen befejeződött Rejtett folyamatok: 0 rejtett szolgáltatás: 0 hidden files: 0 Hátralévő Szolgáltatások : Authorized Application Key Export: [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ szolgáltatásokra es \ SharedAccess \ Parameters \ firewallpolicy \ standard profil \ authorizedapplications \ list] "% windir% \ \ System32 \ \ Sessmgr.exe" = "% windir% \ \ syste M32 \ \ Sessmgr.exe: *: Enabled: @ xpsp2res.dll, -22019" "" C: \ \ Program Files \ \ \ RssBandit \ \ RSSBandit.exe "=" C: \ \ Program Files \ \ \ RssBandit \ \ RSSBandit.exe: *: Enabled: RSS Bandit " : "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe" = "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe: *: Enabled: ctmweb.exe" "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe: *: Enabled : AOL Application Loader " "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe: *: Enabled : AOL " "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe: *: Enabled : AOL " "C: \ \ Program Files \ \ America Online 9.0 \ \ waol.exe" = "C: \ \ Program Files \ \ America Online 9.0 \ \ waol.exe: *: Enabled: AOL" "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2,0 \ \ aoltsmon.exe" = "C: \ \ Prog ram Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2,0 \ \ aoltsmon.exe: *: Enabled: AOLTsMon " "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2,0 \ \ aoltpspd.exe" = "C: \ \ Prog ram Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2,0 \ \ aoltpspd.exe: *: Enabled: AOLTopSpeed " "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost . exe: *: E nabled: AOL " "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe: * : Enabled: AOL " "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protection \ \ AOLSP Scheduler.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protection \ \ AOLSP scheduler . exe: *: Enabled: AOL " "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protection \ \ asp.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protection \ \ asp.exe : *: Enabled: AOL " "C: \ \ Program Files \ \ Common Files \ \ AolCoach \ \ en_en \ \ player \ \ AOLNySEV.exe" = "C: \ \ Program Files \ \ Common Files \ \ AolCoach \ \ en_en \ \ player \ \ AOLNySEV . exe: *: Ena Bled: AOL " "C: \ \ Program Files \ \ FTP Commander Pro \ \ cftp.exe" = "C: \ \ Program Files \ \ FTP Commander Pro \ \ cftp.exe: *: Enabled: cftp" "" C: \ \ Program Files \ \ FTP Commander \ \ ftpcomm.exe "=" C: \ \ Program Files \ \ FTP Commander \ \ ftpcomm.exe: *: Enabled: ftpcomm " "C: \ \ Program Files \ \ Real \ \ RealPlayer \ \ realplay.exe" = "C: \ \ PROGRA m Files \ \ Real \ \ RealPlayer \ \ realplay.exe: *: Enabled: Re alPlayer" "C: \ \ StubInstaller.exe" = "C: \ \ StubInstaller.exe: *: E nabled: LimeWire nyüzsögtek installer" "C: \ \ Program Files \ \ LimeWire \ \ LimeWire.exe" = "C: \ \ Program Files \ \ LimeWire \ \ LimeWire.exe: *: Enabled: LimeWire" "" C: \ \ Program Files \ \ \ SmartFTP Client 2.0 \ \ SmartFTP.exe "=" C: \ \ Program Files \ \ \ SmartFTP Client 2.0 \ \ SmartFTP.exe: *: Enabled: SmartFTP Client 2.0 " "" C: \ \ Program Files \ \ \ BitTornado \ \ btdownloadgui.exe "=" C: \ \ Program Files \ \ \ BitTornado \ \ btdownloadgui.exe: *: Enabled: btd ownloadgui " "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ aolsoftware.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ aolsoftware . exe: *: Enab vezette: AOL Szolgáltatások " "C: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = "C: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe: *: Enabled: Firefox" "C: \ \ Program Files \ \ \ Get-Torrent \ \ Get-Torrent.exe" = "C: \ \ Program Files \ \ \ Get-Torrent \ \ Get-Torrent.exe: *: Enabled: Torrent P2P alkalmazás" "C: \ \ Program Files \ \ Restaurant Empire \ \ re.exe" = "C: \ \ Program Files \ \ Restaurant Empire \ \ re.exe: *: Enabled: re" "C: \ \ Program Files \ \ \ BitZip \ \ bitzip.exe" = "C: \ \ Program Files \ \ \ BitZip \ \ bitzip.exe: *: Enabled: BitZip" "C: \ \ Program Files \ \ uTorrent \ \ uTorrent.exe" = "C: \ \ Program Files \ \ uTorrent \ \ uTorrent.exe: *: Enabled: æTorrent" "C: \ \ Program Files \ \ iTunes \ \ iTunes.exe" = "C: \ \ Program Files \ \ iTunes \ \ iTunes.exe: *: Enabled: iTunes" "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" = "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000" "C: \ \ WINDOWS \ \ System32 \ \ dlcxcoms.exe" = "C: \ \ WINDOWS \ \ System32 \ \ dlcxcoms.exe: *: Enabled: Dell 926 Server" [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ szolgáltatásokra es \ SharedAccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ list] "% windir% \ \ System32 \ \ Sessmgr.exe" = "% windir% \ \ syste M32 \ \ Sessmgr.exe: *: Enabled: @ xpsp2res.dll, -22019" : "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe" = "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe: *: Enabled: ctmweb Computrace Installation / Application Management" "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" = "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000" Hátralévő Files : Rejtett fájlok tulajdonságai : Tue 12 július 2005 54.872 A.. H. --- "C: \ Program Files \ America Online 9.0 \ AOLphx.exe" Tue 12 július 2005 31.832 A.. H. --- "C: \ Program Files \ America Online 9.0 \ rbm.exe" Sze október 13, 2004 1.694.208 A.. H. --- "C: \ Program Files \ Messenger \ msmsgs.exe" Sze szeptember 17, 2008 162 A.. H. --- "C: \ Documents and Settings \ Administrator \ My Documents \ ~ $ RL3917.tmp" Péntek november 23, 2007 4.840.960 ... H. --- "C: \ Documents and Settings \ Administrator \ My Documents \ ~ WRL3917.tmp" Nap 1 április 2007 247 A.. H. --- "C: \ Program Files \ InterActual \ InterActual Player \ itiC9F.tmp" A Sun július 1, 2007 0 A.SH. --- "C: \ Documents and Settings \ All Users \ DRM \ Cache \ Indiv01.tmp" Mon január 14, 2008 3.459 ... HR --- "C: \ Documents and Settings \ Rendszergazda \ Application Data \ Securom \ UserData \ securom_v7_01.bak" Szo 27 szeptember 2008 4.750 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS00643642-9444-46D7-A0F8-98BCEC733FED.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS02319C6A-A321-4C8D-9995-820B7395AC0C.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS025EABA1-CC11-4560-8E12-630DDF3DA7B2.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS045F4367-E293-4856-99B6-A55965765747.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS068F3C9C-D92F-41E5-AF3C-3917DFD07FFB.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0ABE791D-AAB6-94C0-45AE-81FF065FB64C.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0B798094-B44A-427A-B9DC-654E158521EB.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0C1801B8-619C-45EF-A0A9-6FDF58378626.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0DC230DD-648D-4C7A-A46F-125E3BBCACF0.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0FD1D4A0-7A3B-4426-BF06-CBE8A10161D9.tmp" Szo 27 szeptember 2008 12.540 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS12E3E01D-D993-4077-84CD-270FC7998D10.tmp" Szo 27 szeptember 2008 5.616 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS1558A464-A8A5-4699-8AD4-1FD636BA73F0.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS16C4CA8E-B45E-4C74-A16A-C6547AC6862A.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS171F971D-9918-4BF8-934E-9F971CE3A62E.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS18482343-4A75-5AA4-B35E-1DE367BE8DF8.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS1F408231-9AD4-4F3A-8F71-E4D1A885E2D9.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS22C553D7-9E17-42E7-9BAC-FD08E49F2DA7.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS29899F67-1A0A-49C1-BF8C-969C56BFE72D.tmp" Szo 27 szeptember 2008 40.408 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS2CE2DD8D-1B89-4236-8CEB-8AE2092F011D.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS2DE8E664-10D0-B385-4BC0-C28929E5600F.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS35CD56A6-869F-4E8D-9744-F5243F94B4B1.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3A52BAF2-C6D8-48C5-A517-8F08AFB8035A.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EC9B69D-4FC5-3F89-B941-1463F3BD2234.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EADD09D-E99C-4EDA-87E8-14DD31C5A1CA.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EDF6917-B0B7-4164-BAA8-7013E06D5FCA.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3FF4AFC6-0025-4047-AEFB-7C34313D972F.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4031D191-1F75-49F0-8272-A12ACD39C269.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS416C7484-2AC6-4BFE-8364-B3DC9640EB90.tmp" Szo 27 szeptember 2008 27.677 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS42B72C22-0C5B-4053-87A4-D8EB671C2029.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4C83367A-C322-4725-A861-182E13107846.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4DB48154-31C5-424F-B7EB-6337D7279415.tmp" Szo 27 szeptember 2008 3.393 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4EAE423C-33F9-4D19-AD00-4127948E7F39.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4FE7BDE5-631A-4BEE-BA59-2A86CECDA9DA.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS50B44EC6-2F2E-4D16-AC0C-376383467A7C.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS56CA220B-4EBA-41A4-B217-FF3A496AA590.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5AF7C2DD-39F4-4B22-8F5A-11FC428681E1.tmp" Szo 27 szeptember 2008 101.080 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5DCC2C2E-7275-4CC4-9192-B113F353FB5F.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5D528DF5-B79E-4EE1-9D6C-1EC565BBBC62.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6011FD6D-D50D-43A0-AE81-A050DD789327.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS62CC7F66-91D7-40E6-9C86-9E1A90363BBD.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6548601C-9BB6-472c-AA53-447B881C2428.tmp" Szo 27 szeptember 2008 6.247.755 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6946DC39-11B6-4B93-A005-7F3C9D123F87.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS69A2BD78-4F53-4EBE-A0E3-D640854156D9.tmp" Szo 27 szeptember 2008 198.358 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6927849A-B300-4980-AAEB-7DBA1C6E4164.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6945CE07-04BF-439F-987F-028637985DF0.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6FE21A12-C11B-4E43-99E2-FA8F960870E1.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS700D83FE-2571-4AE3-89BC-6DD584F68699.tmp" Szo 27 szeptember 2008 3.195.852 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS713A2772-B7C7-4A87-BAEB-E92C67ED4580.tmp" Szo 27 szeptember 2008 143.110 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS71EC4FAD-E45A-4E20-AE13-D864D8CA24A1.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS716E87B1-65B4-4487-B09B-19A89B9F5C97.tmp" Szo 27 szeptember 2008 1.909.332 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7366E027-AE32-4BC8-9360-699C2C95BEB0.tmp" Szo 27 szeptember 2008 270.314 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS75371617-A509-4E33-9F16-118AA8AC2918.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS767A458F-F431-46EB-A2DA-88FB1A7E3E7D.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7A70C6B2-5850-4473-9585-E0C43F090F27.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7B30F8F2-8A4F-42B9-B9F8-625709173611.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7C1354E8-D74C-4AC8-BE8F-7167A5076F4A.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7CBB22C6-4E66-4720-995F-1C2ADC632A9B.tmp" Szo szeptember 27, 2008 642 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7E1AA5E0-2F18-4CF4-B64E-8EB8F378DF31.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7FEECAB9-C6A6-4302-9AA6-F69FA542ED3D.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS840E4E3A-C733-4DC5-A8F3-B248CC83075B.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8716D8FB-A364-4288-8B00-55605E1EF6C0.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS89FE094B-45FA-4923-87F1-139238C4F97B.tmp" Szo szeptember 27, 2008 610 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8A4D2B50-2BB9-4DC6-9E5E-3CB11929C3D2.tmp" Szo 27 szeptember 2008 4.532 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8E7D97AA-E673-4952-AA06-A468A9C52A7C.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8FB3E905-99BA-4D9E-9C2A-B17FB19F5132.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS92FF4DE9-51A7-4FEA-9F94-4984E35FDB14.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS94946861-C52C-4360-B5D7-0BAA075D88BB.tmp" Szo szeptember 27, 2008 674 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9766DA24-0126-49B8-821D-0BBD42716F70.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9CF76AA8-C8DD-426D-8974-7952EA0782D3.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9DE19017-8F84-45F0-8707-3157A64B6CEA.tmp" Szo 27 szeptember 2008 1.190.410 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9F48133A-1109-42EB-93AA-A3CB3CACBCBF.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSABDB0578-02AF-4BA8-A501-9A8992ED7BDB.tmp" Szo 27 szeptember 2008 2.736 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSAD28D6FF-3940-4F08-A657-2E61F69B5449.tmp" Szo 27 szeptember 2008 75.790 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB18333D4-60E0-438D-B085-7DB36F72F77D.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB74C069F-C392-4F81-8670-212FC280E95D.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB76C1894-7B69-4834-97D3-B402FE20935A.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB73D6FFC-0E8C-41B9-84D3-8810EC6D9228.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB9036DEB-8242-4521-A54E-139AF6A9A190.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBAE9F5F5-FA44-4E05-9A1D-A462CE8AF520.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBBCD6D72-A069-40FF-9AF2-916180E0A88E.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBBCBA3E5-E607-436E-B3EE-A1DEAC925872.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBEC0CEEC-C42B-4b06-A604-EAAD26CE6255.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSC5D01365-2009-400C-A9A3-5F990CF4A80D.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSC9E0B767-5A0A-47B9-A439-227E2B94F887.tmp" Szo 27 szeptember 2008 134.148 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD2617AFF-BC61-4BFE-B8E6-6CC988A0F275.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD21BE94F-9EE4-475B-B0A2-24C81FFF173F.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD4AA62E4-9D9E-4B7B-9CD0-686A2C05AEF7.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD729F3FB-EE09-459B-A678-BD9132629FDF.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD8157780-DB4C-464E-B192-D31296C412A8.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD97D795A-5F39-4FDD-A7EF-691DEBB65005.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDA1F438F-BCAF-4452-A79A-167408950654.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDA218F7C-D867-4690-96E2-789F80A7D3E0.tmp" Szo 27 szeptember 2008 20.968 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDBBDCE8F-1CB9-456D-9A48-B332BFDD4DA3.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC4DE87E-7FB7-4AAF-9341-074C383E5277.tmp" Szo 27 szeptember 2008 2.168.120 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC4805C4-09F4-44DF-953F-40714AC7B32D.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC54187B-23EE-4C63-A3C1-F95DD71DC749.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE542CE01-559A-4B52-B46E-3ABA034CB806.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE76031B3-69B7-40CD-98AA-1FBADCFD80F9.tmp" Szo szeptember 27, 2008 538 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE89A2A1E-7243-491E-8713-779584114914.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE9F327DF-50B6-42E2-B361-B1279BCFE655.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSEAF8FCDA-0414-40ED-8AC7-F6E8BA990710.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSEC43267D-076B-42D7-838C-4A46B1619D44.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSED7CFB5E-591C-4B3A-BB59-99AC6B355CE9.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF03658AA-EBC4-437C-8F4E-338B053BBCC5.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF1EE7C84-96F2-4922-8549-E4F727B9B3A5.tmp" Szo szeptember 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF5708FAD-F162-475A-BBD8-590D8EED1563.tmp" Szo 27 szeptember 2008 1.609.542 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF60C8606-1E32-4C46-9DD9-9591141A47D3.tmp" Szo 27 szeptember 2008 29.084 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF7DCFFB4-3037-49B4-8FAF-FB62C2892816.tmp" Szo 27 szeptember 2008 16.965 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSFABFD6CE-CC5D-4B27-9BE0-5CE94D2BE9C9.tmp" Kész! Naplózás A Trend Micro HijackThis v2.0.2 Scan mentése 11:22:30, on 9/27/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Futó folyamatok: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ System32 \ Services.exe C: \ WINDOWS \ System32 \ Lsass.exe C: \ WINDOWS \ System32 \ Svchost.exe C: \ Program Files \ Windows Defender \ MsMpEng.exe C: \ WINDOWS \ System32 \ Svchost.exe C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe C: \ Program Files \ Intel \ Wireless \ Bin \ S24EvMon.exe C: \ Program Files \ Intel \ Wireless \ Bin \ WLKeeper.exe C: \ WINDOWS \ System32 \ LEXBCES.EXE C: \ WINDOWS \ System32 \ Spoolsv.exe C: \ WINDOWS \ System32 \ LEXPPS.EXE C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2,0 \ aoltsmon.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ PrevxCSI \ prevxcsi.exe C: \ Program Files \ PrevxCSI \ prevxcsi.exe C: \ WINDOWS \ System32 \ dlcxcoms.exe C: \ WINDOWS \ System32 \ Svchost.exe C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE C: \ Program Files \ Dell \ galagonya \ NICCONFIGSVC.exe C: \ WINDOWS \ System32 \ nvsvc32.exe C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe C: \ WINDOWS \ System32 \ rpcnet.exe C: \ WINDOWS \ System32 \ Svchost.exe C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe C:: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ spysweeper.exe C: \ WINDOWS \ Explorer.EXE C:: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ commagent.exe C: \ WINDOWS \ System32 \ wscntfy.exe C: \ Program Files \ Viewpoint \ Viewpoint Manager \ ViewMgr.exe C: \ WINDOWS \ System32 \ notepad.exe C: \ Program Files \ Dell \ galagonya \ quickset.exe C: \ WINDOWS \ System32 \ Rundll32.exe C: \ WINDOWS \ System32 \ spool \ drivers \ W32x86 \ 3 \ hpztsb0 3.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe C: \ Program Files \ Windows Defender \ MSASCui.exe C: \ Program Files \ ErrorSmart \ ErrorSmart.exe C: \ WINDOWS \ System32 \ Ctfmon.exe C: \ Program Files \ America Online 9.0 \ waol.exe C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe C: \ WINDOWS \ System32 \ wuauclt.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ America Online 9.0 \ shellmon.exe C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.bridgew.edu/ R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.bridgew.edu/ O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll Az O2 - BHO: Viewpoint Toolbar BHO - (A7327C09-B521-4EDB-8509-7D2660C9EC98) - C: \ Program Files \ Viewpoint \ Viewpoint Toolbar \ 3.8.0 \ ViewBarBHO.dll O3 - Toolbar: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O3 - Toolbar: Viewpoint Toolbar - (F8AD5AA5-D966-4667-9DAF-2561D68B2012) - C: \ Program Files \ Common Files \ Viewpoint \ Toolbar Futásidejű \ 3.8.0 \ IEViewBar.dll O4 - HKLM \ .. \ Run: [NvCplDaemon] Rundll32.exe C: \ WINDOWS \ System32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Run: [Dell galagonya] C: \ Program Files \ Dell \ galagonya \ quickset.exe O4 - HKLM \ .. \ Run: [NvMediaCenter] Rundll32.exe NvMCTray.dll, NvTaskbarInit O4 - HKLM \ .. \ Run: [HPDJ Feladat Utility] C: \ WINDOWS \ System32 \ spool \ drivers \ W32x86 \ 3 \ hpztsb0 3.exe O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" Background O4 - HKLM \ .. \ Run: [DLCXCATS] rundll32 C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32x86 \ 3 \ DLCXtim e.dll, _RunDLLEntry @ 16 O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe" O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide Background O4 - HKLM \ .. \ Run: [ErrorSmart] C: \ Program Files \ ErrorSmart \ ErrorSmart.exe O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe O4 - HKCU \ .. \ Run: [AOL Fast Start] "C: \ Program Files \ America Online 9.0 \ AOL.EXE"-b O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 -. DEFAULT User Startup: Tiszta Access Agent.lnk = C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe (User 'Default user') O4 - Startup: Tiszta Access Agent.lnk = C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe O6 - HKCU \ Software \ Policies \ Microsoft \ Internet Explorer \ Control Panel jelen O8 - Extra context menu item: & AOL Toolbar Search - res: / / C: \ Program Files \ AOL Toolbar \ toolbar.dll / SEARCH.HTML O8 - Extra context menu item: E & xportálás Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ mikrók ~ 2 \ Office11 \ EXCEL.EXE/3000 O8 - Extra context menu item: Feliratkozás mulasztási RSS olvasó - C: \ Documents and Settings \ Rendszergazda \ Application Data \ RssBandit \ iecontext_subscribefeed.htm O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra button: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O9 - Extra button: Kutatás - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ mikrók ~ 2 \ Office11 \ REFIEBAR.DLL O9 - Extra button: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ WINDOWS \ System32 \ Shdocvw.dll O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra button: PokerStars.net - (FA9B9510-9FCB-4ca0-818C-5D0987B47C4D) - C: \ Program Files \ PokerStars.NET \ PokerStarsUpdate.exe O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Ø15 - Trusted Zone: *. bridgew.edu O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi osztály) -- http://support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?link...67&clcid=0x409 Ø16 - DPF: (5e2a3510-4371-11d6-b64c-00c04faedb18) (Oracle JInitiator 1.1.8.18) -- http://frmserv.bridgew.edu/jinitiator/jinit.exe O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl osztály) -- http://update.microsoft.com/windowsu...?1121111428606 O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl osztály) -- http://update.microsoft.com/microsof...?1121873156643 O16 - DPF: (BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19) (CPlayFirstddfotgControl Object) -- http://aolsvc.aol.com/onlinegames/fr...g.1.0.0.33.cab O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe O23 - Service: AOL Connectivity Service (ACS AOL) - AOL LLC - C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc. - C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2,0 \ aoltsmon.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: Ati Hotkey Poller - Unknown tulajdonos - C: \ WINDOWS \ System32 \ Ati2evxx.exe O23 - Service: CSIScanner - Prevx - C: \ Program Files \ PrevxCSI \ prevxcsi.exe O23 - Service: dlcx_device - - C: \ WINDOWS \ System32 \ dlcxcoms.exe O23 - Service: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C: \ WINDOWS \ System32 \ LEXBCES.EXE O23 - Service: NICCONFIGSVC - Dell Inc. - C: \ Program Files \ Dell \ galagonya \ NICCONFIGSVC.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ System32 \ nvsvc32.exe O23 - Service: Intel (R) PROSet / Wireless Registry Service (RegSrvc) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe O23 - Service: Remote Procedure Call (RPC) Net (Rpcnet) - Ismeretlen tulajdonos - C: \ WINDOWS \ System32 \ rpcnet.exe O23 - Service: Intel (R) PROSet / Wireless Service (S24EventMonitor) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ S24EvMon.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe O23 - Service: Webroot CommAgent Service (WebrootCommAgentService) - Webroot Software, Inc. - C: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ commagent.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ spysweeper.exe O23 - Service: Intel (R) PROSet / Wireless SSO Service (WLANKEEPER) - Intel (R) Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ WLKeeper.exe -- End of file - 10298 bájt |
|
#4
Szeptember 27, 2008, 20:37
| |||
| |||
| Iexplore.exe kérdés Megbénít SpySweeper Azt is újra lehetővé teszi, miután már tiszta. Letiltásához SpySweeper: Nyitott Spysweeper click> Opciók mint a bal oldalon, majd> Program Options > Törölje "terhelés Windows" Több mint a bal oldalon kattintson a "pajzs" és Törölje mind ott. Törölje "home page pajzs" Törölje "automatikusan Alaphelyzet bejelentés nélkül" Miután mind a javítások teljes nagyon fontos, hogy Ön, hogy valós idejű védelem újra. ---------- Megbénít Windows Defender Meg kell tiltani a Windows Defender valós idejű védelem is zavarja a rögzíti, hogy meg kell tenni.
---------- Meg kell távolítani ErrorSmart. Ez tekinthető a rouge programot, mert megbízhatatlan és gyakran telepített a felhasználó beleegyezése nélkül. Tovább a Programok telepítése és törlése és uninstall ErrorSmart (ha van) ---------- Open HijackThis, és válasszuk Nem a rendszer csak scan. Tegyünk egy pipa mellett a következő bejegyzést: (ha van)
Kilépés HijackThis. ---------- Megjegyzés: Az alábbi utasításokat hoztak létre külön erre a felhasználót. Ha nem ez a felhasználó, NEM alábbi irányokba, mivel azok károsíthatják a működését a rendszer Menj a Start> Futtatás és típusa notepad.exe majd kattintson OK Másolja be az alábbi a Jegyzettömbbe, és mentse a fixme.reg az Ön Desktop Kód: REGEDIT4 [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Run] "ErrorSmart" =- Győződjön meg róla, hogy elmondja nekem, ha kap egy üzenetet sikert hozzáadták a fent a rendszerleíró adatbázisban. Ha nem kap egy üzenetet a sikeres, ám ez még nem működik. Törölje a fixme.reg a Desktop. ---------- Letöltés CCleaner Slim és menthetjük az asztalra. Amikor a fájl mentésre került, akkor az asztalra, és kattintson duplán a ccsetupxxx_slim.exe Kövesse az instrukciókat, hogy telepítse a programot. A telepítés akkor:
---------- Letöltés Malwarebytes' Anti-Malware (MBAM)
__________________ |
|
#5
Szeptember 27, 2008, 21:50
| |||
| |||
| Iexplore.exe kérdés ÉN tett kap sikert üzenetet a Registry. Malwarebytes' Anti-Malware 1,28 Adatbázis verzió: 1216 5/1/2600 Windows Service Pack 2 9/28/2008 12:45:51 mbam-log-2008-09-28 (00-45-51). txt Beolvasás típusa: Quick Scan Tárgyakat beolvasott: 59.369 Eltelt idő: 10 perc (ek), 46 másodperc (ek) Memory Processes Infected: 0 Fertőzött memória modulok: 0 Fertőzött rendszerleíró kulcsok: 0 Fertőzött rendszerleíró értékek: 0 Registry adatokat Infected: 0 Fertőzött mappák: 0 Fertőzött fájlok: 1 Memory Processes Infected: (Nem észlelhető rosszindulatú elem) Fertőzött memória modulok: (Nem észlelhető rosszindulatú elem) Fertőzött rendszerleíró kulcsok: (Nem észlelhető rosszindulatú elem) Fertőzött rendszerleíró értékek: (Nem észlelhető rosszindulatú elem) Registry adatokat Infected: (Nem észlelhető rosszindulatú elem) Fertőzött mappák: (Nem észlelhető rosszindulatú elem) A fertőzött fájlok: C: \ WINDOWS \ System32 \ SJv56bM4.exe.a_a (Trojan.Agent) -> Karanténba és sikeresen törölve. |
|
#6
Szeptember 27, 2008, 21:55
| |||
| |||
| Iexplore.exe kérdés Bármilyen változtatásokat?
__________________ |
|
#7
Szeptember 27, 2008, 22:49
| |||
| |||
| Iexplore.exe kérdés Nem, még mindig ott |
|
#8
Szeptember 27, 2008, 22:56
| |||
| |||
| Iexplore.exe kérdés Ne aggódjon, fogunk találni. Letöltés ComboFix a köv az egyik a lenti linkeket. Győződjön meg róla, top menteni a Desktop. Link # 1 Link # 2 ** Megjegyzés: Fontos, hogy a telefon közvetlenül az asztalra Zárjon be minden megnyitott webböngészők. (Firefox, Internet Explorer, stb) ComboFix megkezdése előtt. Ideiglenesen kikapcsol öné antivirus, És minden AntiSpyware valós idejű védelem előtt elvégzi a vizsgálatot. Kattints ez a kapcsolat listájának megtekintéséhez biztonsági programokat kell, hogy a fogyatékkal élők és az, hogyan lehet letiltani őket. Kattintson duplán combofix.exe és kövesse az instrukciókat. Ha kész ComboFix fog log Önnek. A Post ComboFix napló a következő választ. Fontos: Ne mouseclick ComboFix az ablakon, miközben az fut. Ez okozhatja, hogy az istálló. Ne felejtsük el újra, hogy a víruskereső és AntiSpyware során ComboFix kész.
__________________ |
|
#9
Szeptember 28, 2008, 08:56
| |||
| |||
| Iexplore.exe kérdés ComboFix 08-09-27.05 - Rendszergazda 2008-09-28 11:44:34.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.615 [GMT -4:00] Running From: C: \ Documents and Settings \ Administrator \ Desktop \ ComboFix.exe * Létrehozott egy új visszaállítási pontot FIGYELMEZTETÉS-Ez a gép nem rendelkezik a helyreállítási konzol telepítve!! . Egyéb ((((((((((((((((((((((((((((((((((((((( Törlések ))))))))) )))))))))))))))))))))))))))))))))))))))) . C: \ Documents and Settings \ NetworkService \ Cookies \ system @ trafficmp [1]. Txt C: \ WINDOWS \ System32 \ Drivers \ fad.sys . ((((((((((((((((((((((((( Files létrehozott 2008/08/28 a 2008/09/28 ))))))))))) )))))))))))))))))))) . 2008-09-28 01:46. 2008-09-28 01:46 0 - a ------ C: \ WINDOWS \ System32 \ SJv56bM4.exe.a_a 2008-09-27 22:45. 2008-09-27 22:45 <DIR> d -------- C: \ WINDOWS \ ERUNT 2008-09-27 22:20. 2008-09-27 23:19 <DIR> d -------- C: \ SDFix 2008-09-27 21:03. 2008-09-27 21:03 <DIR> d -------- C: \ Program Files \ Trend Micro 2008-09-27 20:48. 2008-09-27 20:48 <DIR> d -------- C: \ Documents and Settings \ NetworkService \ Application Data \ AdobeUM 2008-09-27 20:36. 2008-09-27 20:40 <DIR> d -------- C: \ Documents and Settings \ Rendszergazda \ Application Data \ ErrorSmart 2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Program Files \ Malwarebytes' Anti-Malware 2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes 2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Documents and Settings \ Rendszergazda \ Application Data \ Malwarebytes 2008-09-27 19:38. 2008-09-10 00:04 38.528 - a ------ C: \ WINDOWS \ System32 \ Drivers \ mbamswissarmy.sys 2008-09-27 19:38. 2008-09-10 00:03 17.200 - a ------ C: \ WINDOWS \ System32 \ Drivers \ mbam.sys 2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Program Files \ SUPERAntiSpyware 2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard 2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ SUPERAntiSpyware.com 2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Documents and Settings \ Rendszergazda \ Application Data \ SUPERAntiSpyware.com 2008-09-27 15:13. 2008-09-27 15:13 <DIR> d -------- C: \ Program Files \ CCleaner 2008-09-27 12:35. 2008-09-27 12:35 <DIR> d -------- C: \ Program Files \ PrevxCSI 2008-09-27 12:35. 2008-09-28 11:36 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PrevxCSI 2008-09-27 12:35. 2008-09-27 12:35 17.408 - a ------ C: \ WINDOWS \ System32 \ Drivers \ pxark.sys 2008-09-27 00:48. 2008-09-27 00:47 102.664 - a ------ C: \ WINDOWS \ System32 \ Drivers \ tmcomm.sys 2008-09-27 00:47. 2008-09-27 00:48 <DIR> d -------- C: \ Documents and Settings \ Rendszergazda \. Housecall6.6 2008-09-26 23:23. 2008-09-26 23:22 30.272 - a ------ C: \ WINDOWS \ System32 \0vx55IOc.exe 2008-09-23 19:04. 2008-09-23 22:56 <DIR> d -------- C: \ WINDOWS \ System32 \ CatRoot_bak 2008-09-21 00:19. 2008-09-21 00:19 <DIR> d -------- C: \ Program Files \ Windows Defender 2008-09-12 13:32. 2004-03-29 16:23 90.112 - a ------ C: \ WINDOWS \ unvise32.exe 2008-09-11 12:41. 2008-09-28 11:36 54.156 - ah ----- C: \ WINDOWS \ QTFont.qfn 2008-09-11 12:41. 2008-09-11 12:41 1.409 - a ------ C: \ WINDOWS \ QTFont.for 2008-09-09 15:33. 2008-09-09 15:56 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ FarmFrenzy2 2008-09-04 13:39. 2008-09-04 13:39 <DIR> d -------- C: \ Program Files \ Atari 2008-09-03 23:06. 2008-06-10 02:32 73.728 - a ------ C: \ WINDOWS \ System32 \ javacpl.cpl 2008-09-01 20:34. 2008-09-01 20:34 <DIR> d -------- C: \ Documents and Settings \ Rendszergazda \ Application Data \ Eyeblaster 2008-08-28 23:11. 2004-08-04 00:56 159.232 - a ------ C: \ WINDOWS \ System32 \ ptpusd.dll 2008-08-28 23:11. 2001-08-17 22:36 5.632 - a ------ C: \ WINDOWS \ System32 \ ptpusb.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Jelentés )))))))) )))))))))))))))))))))))))))))))))))))))))))) . 2008-09-28 15:35 31.232 ---- aw C: \ WINDOWS \ System32 \ rpcnet.dll 2008-09-28 15:35 17.408 ---- aw C: \ WINDOWS \ System32 \ Rpcnetp.exe 2008-09-28 03:10 17.408 ---- aw C: \ WINDOWS \ System32 \ rpcnetp.dll 2008-09-28 00:20 --------- d ----- w C: \ Program Files \ RealArcade 2008-09-25 21:30 --------- d ----- w C: \ Program Files \ FTP Commander 2008-09-21 04:33 --------- d ----- w C: \ Program Files \ Common Files \ Adobe 2008-09-11 16:36 --------- d ----- w C: \ Documents and Settings \ Rendszergazda \ Application Data \ uTorrent 2008-09-05 18:19 98.304 ---- aw C: \ WINDOWS \ System32 \ CmdLineExt.dll 2008-09-04 17:39 --------- d - h - w C: \ Program Files \ InstallShield Installation Information 2008-09-04 03:06 --------- d ----- w C: \ Program Files \ Java 2008-08-30 00:32 --------- d ----- w C: \ Program Files \ dl_Cats 2008-08-24 21:28 --------- d ----- w C: \ Documents and Settings \ Rendszergazda \ Application Data \ Move Networks 2008-08-24 21:07 --------- d ----- w C: \ Documents and Settings \ Rendszergazda \ Application Data \ Gamelab 2008-07-30 01:59 --------- d ----- w C: \ Documents and Settings \ All Users \ Application Data \ FreshGames 2008-07-19 02:10 94.920 ---- aw C: \ WINDOWS \ System32 \ cdm.dll 2008-07-19 02:10 53.448 ---- aw C: \ WINDOWS \ System32 \ wuauclt.exe 2008-07-19 02:10 45.768 ---- aw C: \ WINDOWS \ System32 \ wups2.dll 2008-07-19 02:10 36.552 ---- aw C: \ WINDOWS \ System32 \ wups.dll 2008-07-19 02:09 563.912 ---- aw C: \ WINDOWS \ System32 \ wuapi.dll 2008-07-19 02:09 325.832 ---- aw C: \ WINDOWS \ System32 \ wucltui.dll 2008-07-19 02:09 205.000 ---- aw C: \ WINDOWS \ System32 \ wuweb.dll 2008-07-19 02:09 1.811.656 ---- aw C: \ WINDOWS \ System32 \ Wuaueng.dll 2008-07-19 02:07 270.880 ---- aw C: \ WINDOWS \ System32 \ mucltui.dll 2008-07-19 02:07 210.976 ---- aw C: \ WINDOWS \ System32 \ muweb.dll 2008-07-07 20:32 253.952 ---- aw C: \ WINDOWS \ System32 \ es.dll 2007-10-02 01:01 60.968 ---- aw C: \ Documents and Settings \ Rendszergazda \ GoToAssistDownloadHelper.ex e 2007-01-13 12:49 774.144 ---- aw C: \ Program Files \ RngInterstitial.dll 2007-08-10 19:03 6.275.816 ---- aw C: \ Program Files \ Mozilla Firefox \ plugins \ ScorchPDFWrapper.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) )))))))))))))))))))))))))))))))))))))))) . . * Megjegyzés * empty entries & legit default bejegyzések nem jelennek meg REGEDIT4 [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run] "Ctfmon.exe" = "C: \ WINDOWS \ System32 \ Ctfmon.exe" [2004-08-04 15360] "AOL Fast Start" = "C: \ Program Files \ America Online 9.0 \ AOL.EXE" [2005-07-12 50776] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "NvCplDaemon" = "C: \ WINDOWS \ System32 \ NvCpl.dll" [2007-04-28 8429568] "Dell galagonya" = "C: \ Program Files \ Dell \ galagonya \ quickset.exe" [2007-07-20 1228800] "HPDJ Tálca Utility" = "C: \ WINDOWS \ System32 \ Spool \ Drivers \ W32x86 \ 3 \ hpztsb03.exe" [2001-06-12 200704] "QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008-01-10 385024] "iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008-01-15 267048] "DLCXCATS" = "C: \ WINDOWS \ System32 \ Spool \ Drivers \ W32X 86 \ 3 \ DLCXtime.dll" [2006-10-16 106496] "SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe" [2008-06-10 144784] "NvMediaCenter" = "NvMCTray.dll" [2007/04/28 C: \ WINDOWS \ System32 \ nvmctray.dll] [HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ RunOnce] "RunNarrator" = "Narrator.exe" [2004/08/04 C: \ WINDOWS \ System32 \ narrator.exe] C: \ Documents and Settings \ Rendszergazda \ Start Menu \ Programs \ Startup \ Tiszta Access Agent.lnk - C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe [2007-06-28 2056266] [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Policies \ Explorer] "NoSMBalloonTip" = 1 (0x1) "NoAutoTrayNotify" = 1 (0x1) [HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ cur rentversion \ Policies \ Explorer] "NoActiveDesktopChanges" = 0 (0x0) [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entversion \ Explorer \ ShellExecuteHooks] "(5AE067D3-9AFB-48E0-853A-EBB7F4A000DA)" = "C: \ Program Files \ SUPERAntiSpyware \ SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \! SASWinLogon] 2008-07-23 16:28 352256 C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll [HKLM \ ~ \ startupfolder \ C: ^ Documents and Settings ^ ^ Administrator Start menü Programok ^ ^ ^ Indítópult Adobe Gamma.lnk] path = C: \ Documents and Settings \ Rendszergazda \ Start Menu \ Programs \ Startup \ Adobe Gamma.lnk backup = C: \ WINDOWS \ PSS \ Adobe Gamma.lnkStartup [HKLM \ ~ \ startupfolder \ C: ^ Documents and Settings ^ All Users ^ Start Menu ^ Programs ^ ^ Indítópult Adobe Reader Speed Launch.lnk] path = C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \ Adobe Reader Speed Launch.lnk backup = C: \ WINDOWS \ PSS \ Adobe Reader Speed Launch.lnkCommon Indítópult [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ AOLDialer] -ra ------ 2006-10-23 08:50 71216 C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Apoint] - a ------ 2003-08-20 20:24 151552 C: \ Program Files \ Apoint \ Apoint.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Ctfmon.exe] - a ------ 2004-08-04 00:56 15360 C: \ WINDOWS \ System32 \ Ctfmon.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ HostManager] - a ------ 2006-09-25 20:52 50736 C: \ Program Files \ Common Files \ AOL \ 1155864818 \ EE \ aolsoftware.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ igfxhkcmd] - a ------ 2006-07-14 18:04 77824 C: \ WINDOWS \ System32 \ hkcmd.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ igfxpers] - a ------ 2006-07-14 18:08 118784 C: \ WINDOWS \ System32 \ igfxpers.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ igfxtray] - a ------ 2006-07-14 18:07 94208 C: \ WINDOWS \ System32 \ igfxtray.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ IntelWireless] - a ------ 2006-08-02 01:32 696320 C: \ Program Files \ Intel \ Wireless \ Bin \ iFrmewrk.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ IntelZeroConfig] - a ------ 2006-08-02 01:38 802816 C: \ Program Files \ Intel \ Wireless \ Bin \ ZCfgSvc.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ iTunesHelper] - a ------ 2008-01-15 04:22 267048 C: \ Program Files \ iTunes \ iTunesHelper.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ MSMSGS] - ah ----- 2004-10-13 12:24 1694208 C: \ Program Files \ Messenger \ msmsgs.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvCplDaemon] - a ------ 2007-04-28 19:05 8429568 C: \ WINDOWS \ System32 \ nvcpl.dll [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvMediaCenter] - a ------ 2007-04-28 19:05 81920 C: \ WINDOWS \ System32 \ nvmctray.dll [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ QuickTime Task] - a ------ 2008-01-10 16:27 385024 C: \ Program Files \ QuickTime \ QTTask.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ RealTray] - a ------ 2006-08-17 21:34 26112 C: \ Program Files \ Real \ RealPlayer \ realplay.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ SunJavaUpdateSched] - a ------ 2006-12-15 04:23 75520 C: \ Program Files \ Java \ jre1.5.0_11 \ bin \ jusched.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ WMPNSCFG] --------- 2006-10-18 20:05 204288 C: \ Program Files \ Windows Media Player \ wmpnscfg.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NVHotkey] - a ------ 2007-04-28 19:05 67584 C: \ WINDOWS \ System32 \ nvhotkey.dll [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ nwiz] - a ------ 2007-04-28 19:05 1626112 C: \ WINDOWS \ System32 \ nwiz.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ SigmatelSysTrayApp] - a - c --- 2005-11-16 15:35 397312 C: \ WINDOWS \ stsystra.exe [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ standardprofile \ AuthorizedApplications \ List] "% windir% \ \ System32 \ \ Sessmgr.exe" = "C: \ \ Program Files \ \ RssBandit \ \ RSSBandit.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe" = "C: \ \ Program Files \ \ America Online 9.0 \ \ waol.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2,0 \ \ aoltsmon.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2,0 \ \ aoltpspd.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protection \ \ AOLSP Scheduler.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protection \ \ asp.exe" = "C: \ \ Program Files \ \ Common Files \ \ AolCoach \ \ en_en \ \ player \ \ AOLNySEV.exe" = "C: \ \ Program Files \ \ FTP Commander \ \ ftpcomm.exe" = "C: \ \ Program Files \ \ Real \ \ RealPlayer \ \ realplay.exe" = "C: \ \ StubInstaller.exe" = "C: \ \ Program Files \ \ SmartFTP Client 2,0 \ \ SmartFTP.exe" = "C: \ \ Program Files \ \ BitTornado \ \ btdownloadgui.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ aolsoftware.exe" = "C: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = "C: \ \ Program Files \ \ BitZip \ \ bitzip.exe" = "C: \ \ Program Files \ \ uTorrent \ \ uTorrent.exe" = "C: \ \ Program Files \ \ iTunes \ \ iTunes.exe" = "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" = "C: \ \ WINDOWS \ \ System32 \ \ dlcxcoms.exe" = [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ standardprofile \ GloballyOpenPorts \ List] "50001: TCP" = 50001: TCP: webroots "50002: TCP" = 50002: TCP: webroots2 "3389: TCP" = 3389: TCP: @ xpsp2res.dll, -22009 [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ standardprofile \ IcmpSettings] "AllowInboundEchoRequest" = 1 (0x1) R0 a320raid; a320raid, C: \ WINDOWS \ System32 \ Drivers \ A320 raid.sys [2006-04-04 251578] R0 pxark; pxark, C: \ WINDOWS \ System32 \ Drivers \ pxark.sys [2008-09-27 17408] R1 SAVOnAccess Control; SAVOnAccess Control, C: \ WINDOWS \ System32 \ Drivers \ savonaccesscon trol.sys [2006-04-14 80128] R1 SAVOnAccess Filter; SAVOnAccess Filter, C: \ WINDOWS \ System32 \ Drivers \ savonaccessfilt er.sys [2006-04-14 24064] R2 CSIScanner; CSIScanner, C: \ Program Files \ PrevxCSI \ prevxcsi.exe [2008-09-27 618040] R2 dlcx_device; dlcx_device, C: \ WINDOWS \ System32 \ dlcxco ms.exe [2006-11-03 537480] R2 Viewpoint Manager Service; Viewpoint Service Manager, C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe [2007-01-04 24652] S2 ousbehci; NEC PCI az USB Enhanced Host Controller, C: \ WINDOWS \ System32 \ Drivers \ ousbehci.sy s [2003-08-01 41600] S3 GTIPCI21; GTIPCI21, C: \ WINDOWS \ System32 \ Drivers \ gtip ci21.sys [2004-05-03 80384] S3 NWADI; NWADI Busz Enumerator, C: \ WINDOWS \ System32 \ Drivers \ NWADIenum.s ys [2005-12-09 67840] S3 ousb2hub; OrangeWare USB 2.0 Root Hub támogatása, C: \ WINDOWS \ System32 \ Drivers \ ousb2hub.sys [2003-08-01 55552] S3 whfltr2k; WheelMouse USB Lower Filter Driver; C: \ WINDOWS \ System32 \ Drivers \ whfltr2k.sys [2007-01-25 6784] S3 whmice2k; Advanced Wheel Mouse Upper Filter Driver; C: \ WINDOWS \ System32 \ Drivers \ whmice2k.sys [2004-04-25 6885] [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ D] \ Shell \ autorun \ command - D: \ autorun.exe [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ (64d8acf2-5f84-11db-b756-00038a000015)] \ Shell \ autorun \ command - E: \ Installer.exe [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ (7aebf132-2e3f-11db-b6e0-0015c547091a)] \ Shell \ autorun \ command - E: \ wd_windows_tools \ setup.exe [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ (c4f3f4e1-2c11-11d9-8305-806d6172696f)] \ Shell \ autorun \ command - D: \ Programok \ nu2menu \ nu2menu.exe * Newly Created Service * - PROCEXP90 . Tartalma az "Ütemezett feladatok" mappába . - - - - ÁRVAELLÁTÁS REMOVED - - - -- MSConfigStartUp-! AVG Anti-Spyware - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe MSConfigStartUp-DVDLauncher - C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe MSConfigStartUp-SpySweeperEnterprise - C: \ Program Files \ \ Webroot \ Enterprise \ Spy Sweeper \ \ SpySweeperUI.exe MSConfigStartUp-SpysweeperUI - C: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ SpySweeperUI.exe MSConfigStartUp-UpdateManager - C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe . Kiegészítő Scan ------- ------- . FireFox -: Profile - C: \ Documents and Settings \ Rendszergazda \ Application Data \ Mozilla \ Firefox \ Profiles \ dlc1hobz.default \ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp: / / www.broadway.com/ FF -: plugin - C: \ Documents and Settings \ Rendszergazda \ Application Data \ Mozilla \ Firefox \ Profiles \ dlc1hobz.default \ ext ensions \ npmozax@real.com \ plugins \ npmozax.dll FF -: plugin - C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ browser \ nppdf32.dll FF -: plugin - C: \ Program Files \ iTunes \ Mozilla Plugins \ npitunes.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ npagent.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ npmozax.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ npmusicn.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ npracplug.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ nptgeqplugin.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ npunagi2.dll FF -: plugin - C: \ Program Files \ Real \ RealArcade \ Plugins \ Mozilla \ npracplug.dl l FF -: plugin - C: \ Program Files \ Viewpoint \ Viewpoint Tapasztalat Technology \ npViewpoint.dll . ************************************************** ************************ CatchMe 0.3.1361 W2K/XP/Vista - Rootkit / stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-28 11:48:43 5/1/2600 Windows Service Pack 2 NTFS szkennelés rejtett folyamatok ... scanning hidden autostart entries ... HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run DLCXCATS = rundll32 C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32x86 \ 3 \ DLCXtim e.dll, _RunDLLEntry @ 16 ???????????????????????? ????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? scanning hidden files ... scan sikeresen befejeződött hidden files: 0 ************************************************** ************************ . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C: \ WINDOWS \ system32 \ winlogon.exe -> C: \ WINDOWS \ System32 \ Ati2evxx.dll . Teljesítés ideje: 2008-09-28 11:50:56 ComboFix-karantén-files.txt 2008-09-28 15:50:52 Pre-Run: 25918537728 byte szabad Post-Run: 25986658304 byte szabad 255 --- EOF --- 2008-09-26 12:22:29 |
|
#10
Szeptember 28, 2008, 10:25
| |||
| |||
| Iexplore.exe kérdés Megjegyzés: Az alábbi utasításokat hoztak létre külön erre a felhasználót. Ha nem ez a felhasználó, NEM alábbi irányokba, mivel azok károsíthatják a működését a rendszer Törölje ezeket a fájlokat / mappákat, az alábbiak szerint: 1. Menj a Start > Fut > Type Notepad.exe , és kattintson OK megnyitásához Jegyzettömbbe. Azt kell a Jegyzettömb, nem Wordpad. 2. Másolja az alábbi szöveget a kód mezőbe, kiemelve az összes szöveget, és nyomja meg Ctrl + C Kód: Killall:: File:: C: \ WINDOWS \ System32 \ SJv56bM4.exe.a_a C: \ WINDOWS \ System32 \ 0vx55IOc.exe Folder:: C: \ Documents and Settings \ Rendszergazda \ Application Data \ ErrorSmart 4. Ezután kattintson a Fájl > Ment 5. A fájl neve CFScript.txt - Mentsük a fájlt az asztalra 6. Ezután húzza a CFScript (tartsuk lenyomva a bal egérgombot, miközben húzza a fájlt), és dobja el (engedje el a bal egérgombot) a ComboFix.exe mint látod a screenshot alább. Fontos: Végezze el ezt az utasítást figyelmesen!  ComboFix kezdődik végrehajtásához, kövesse az instrukciókat. Újraindítás után (amennyiben azt kéri, hogy reboot), majd egy naplót az Ön számára. Post hogy log (Combofix.txt) a következő választ. Megjegyzés: Ne mouseclick ComboFix az ablakon, miközben az fut. Ezt okozhatja a rendszer befagyasztja
__________________ |
