Lassabban és lassabban

**RB211** · #1 Április 4 2008, 10:57

Letöltés után néhány dolgot az én számítógépes egyre lassabb és lassabb az idegesítő spyware / malware durrantó add fel, hogy én vidám megszabadulni. Kérem, segítsen guys ..

**Hybr! D** · #2 Április 4 2008, 11:02

Start Here: http://www.computer-juice.com/forums...-posting-7476/

**RB211** · #3 Április 4 2008, 14:51

OK ez a napló. Én csak azt folytatni?

SUPERAntiSpyware Scan Napló
http://www.superantispyware.com
Generálva 04/04/2008 at 10:06
Alkalmazás verzió: 4.0.1154
Az alapvető szabályok Database Version: 3431
Trace szabályzat Database Version: 1423
Beolvasás típusa: Complete Scan
Összesen beolvasási idő: 01:41:45
Memória beolvasott elem: 703
Memória észlelt fenyegetések: 1
Iktatási tételek Beolvasott: 5826
Rendszerleíróadatbázis észlelt fenyegetések: 43
Fájl elem Beolvasott: 289779
File észlelt fenyegetések: 158
Adware.Vundo Változat / Resident
C: \ WINDOWS \ SYSTEM32 \ MLJJJ.DLL
C: \ WINDOWS \ SYSTEM32 \ MLJJJ.DLL
Trojan.WinFixer
HKLM \ Software \ Classes \ CLSID \ (09888678-51D6-42FC-9437-CBBFDA0B86EA)
HKCR \ CLSID \ (09888678-51D6-42FC-9437-CBBFDA0B86EA)
HKCR \ CLSID \ (09888678-51D6-42FC-9437-CBBFDA0B86EA) \ InprocServer32
HKCR \ CLSID \ (09888678-51D6-42FC-9437-CBBFDA0B86EA) \ InprocServer32 # ThreadingModel
HKLM \ Software \ Classes \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B)
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B)
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B) \ InprocServer32
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B) \ InprocServer32 # ThreadingModel
C: \ WINDOWS \ SYSTEM32 \ JKKLL.DLL
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (09888678-51D6-42FC-9437-CBBFDA0B86EA)
Adware.Vundo Variant
HKLM \ Software \ Classes \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9) \ InprocServer32
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9) \ InprocServer32 # ThreadingModel
C: \ WINDOWS \ SYSTEM32 \ TUVSQPQ.DLL
HKLM \ Software \ Classes \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2) \ InprocServer32
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2) \ InprocServer32 # ThreadingModel
C: \ WINDOWS \ SYSTEM32 \ YAYWUVW.DLL
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ ShellExecuteHooks # (D85530E8-D39D-49D0-9F36-300D594556D2)
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ ShellExecuteHooks # (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
Unclassified.Unknown Származás
HKLM \ Software \ Classes \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ InprocServer32
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ ProgID
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ Programmable
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ typelib
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ VersionIndependentProgID
C: \ PROGRA ~ 1 \ DAP \ SBSEARCH.DLL
HKU \ S-1-5-21-73586283-1326574676-839522115-1004 \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ SearchHook.SrchHook.1
HKCR \ SearchHook.SrchHook
HKCR \ typelib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6)
HKCR \ typelib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1,0
HKCR \ typelib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ 0
HKCR \ typelib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ 0 \ win32
HKCR \ typelib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ FLAGS
HKCR \ typelib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ HELPDIR
Adware.Tracking Cookie
C: \ Documents and Settings \ Danny \ Cookies \ danny @ kiszolgáló-rendszer [1]. Txt
C: \ Documents and Settings \ Danny \ Cookies \ danny @ tribalfusion [1]. Txt
C: \ Documents and Settings \ Danny \ Cookies \ danny @ DoubleClick [1]. Txt
C: \ Documents and Settings \ Danny \ Cookies \ danny@bs.serving-sys [1]. Txt
C: \ Documents and Settings \ Danny \ Cookies \ danny@bs.serving-sys [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@ad.yieldmanager [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@ad.zanox [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz @ adnetserver [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@ads.alpharooms [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@ads1.alpharooms [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@ads2.alpharooms [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@ads3.alpharooms [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@ads4.alpharooms [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz @ Szexpartner [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz @ gostats [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz @ hornymatches [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz @ indexstats [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz @ indexstats [3]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz @ linksynergy [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@media2.mediafileshost [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz @ statcounter [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@statse.webtrendslive [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@tracking.summitmedia.co [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@webstats.wthosting.co [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@www.admedia365 [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@www.admedia365 [3]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@www.hxtrack [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
H: \ Docs & Újabbak Sets \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Docs & Újabbak Sets \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Docs & Újabbak Sets \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
H: \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
Trojan.Unknown Származás
C: \ WINDOWS \ System32 \ nGpxx01
HKLM \ Software \ xpre
HKLM \ Software \ xpre # execount
Adware.VXGame-Trace
HKU \ S-1-5-21-73586283-1326574676-839522115-1005 \ Software \ kernelexe
Adware.Vundo Változat / Rel
C: \ WINDOWS \ SYSTEM32 \ ACCDD.INI
C: \ WINDOWS \ SYSTEM32 \ ACCDD.INI2
C: \ WINDOWS \ SYSTEM32 \ ILKKJ.INI
C: \ WINDOWS \ SYSTEM32 \ ILKKJ.INI2
C: \ WINDOWS \ SYSTEM32 \ JJJLM.INI
C: \ WINDOWS \ SYSTEM32 \ JJJLM.INI2
C: \ WINDOWS \ SYSTEM32 \ LLKKJ.INI
C: \ WINDOWS \ SYSTEM32 \ LLKKJ.INI2
C: \ WINDOWS \ SYSTEM32 \ LNNMP.INI2
C: \ WINDOWS \ SYSTEM32 \ MCRH.TMP
C: \ WINDOWS \ SYSTEM32 \ RRQSS.INI
C: \ WINDOWS \ SYSTEM32 \ VVVWA.INI2
Adware.Vundo-változat
C: \ WINDOWS \ SYSTEM32 \ DDCCA.DLL
C: \ WINDOWS \ SYSTEM32 \ SSQRR.DLL
Fenyegetés Trace.Known Források
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ index [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ alulról [2]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_t1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ CAXOO75T.htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ xrest [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ ajax [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ verx [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_brd-top-1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ vezetők [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ errorhandler [2]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i701_line2 [1]. Jpg
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_boton1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ errorhandler [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ niż [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ errorhandler [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_btn-jellemzők [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_cor bal-1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_icon3 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ crypt [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ ablak [1]. Js
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ tiszta [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_bg1 [1]. Gif
SZ: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ stats [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ top [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ SDWBGNOV \ main_02 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ CASL6F4X.htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_line2 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_cor jobbra-1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ AHGZAXI5 \ ajánljuk [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_icon5 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ stílusok [5]. Css
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ ZLGK0BFB \ off_2 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_bg2 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ fejlődés [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_btn-áttekintés [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ index [5]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ stats [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_bg3 [1]. Jpg
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 8NKJEV4R \ bottom_r_2 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ sürgős [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ errorhandler [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ AC_RunActiveContent [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ midle [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ stílusok [2]. Css
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_boton4 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_btn vásárlás [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ spacer [4]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ ajax [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ G92ZKB2T \ Mark [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CX8VSB4B \ bottom_r [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ crypt [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ errsnd [1]. Swf
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CX8VSB4B \ bottom_l [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_brd-top-1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ crypt [2]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ AHGZAXI5 \ secpan [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_btn hazai [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ CAUJABA1.htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ AC_ActiveX [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_line3 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ chec [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_icon1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ ajax [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_btn-download [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ ZLGK0BFB \ x [2]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ CA3MKJZH.htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_BG [1]. Jpg
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_line1 [1]. Jpg
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_brd-bot-1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_pc [1]. Jpg
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_boton2 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_brd-bot-1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_bg4 [1]. Jpg
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ vezetők [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_btn-updates [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ vezetők [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ UR2NQ1UR \ figyelmeztető [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ Flash [1]. Js
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_spacer [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ AL6HK9M7 \ main_06 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ head_r_back [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ pajzs [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_line3 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i701_boton2 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ flash_detect [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ játszani. [1] js
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ UR2NQ1UR \ main_10 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ main_05 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ át [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ G92ZKB2T \ main_07 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ EJ23EDUF \ closebutton [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 8NKJEV4R \ main_03 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ ban_2 [1]. Swf
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ logo2 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ adatok [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ off_back [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ AL6HK9M7 \ letöltés [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ main_04 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ felugró [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ left_3 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ bottom_l_2 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ Z81HJ8WK \ right_2 [1]. Gif

**evilfantasy** · #4 Április 4 2008, 19:20

Igen kérem, folytassa a fennmaradó lépéseket. Minden lépés néz, és rögzíti a különböző veszélyeket.

**RB211** · #5 Április 5 2008, 00:13

OK Heres a második napló ..

Malwarebytes' Anti-Malware 1,10
Adatbázis verzió: 592
Beolvasás típusa: Full Scan (A: \ | C: \ | D: \ | E: \ | H: \ | I: \ | J: \ |)
Beolvasott Objects: 336027
Eltelt idő: 1 óra (k), 8 perc (ek), 1 másodperc (ek)
Memory Processes Infected: 5
Fertőzött memória modulok: 0
Fertőzött rendszerleíró kulcsok: 10
Fertőzött rendszerleíró értékek: 7
Registry adatokat Infected: 0
Fertőzött mappák: 0
Fertőzött fájlok: 11
Memory Processes Infected:
C: \ WINDOWS \ System32 \ Drivers \ Ctfmon.exe (Trojan.Agent) -> kirakodott folyamat sikeres volt.
C: \ WINDOWS \ System32 \ Drivers \ Ctfmon.exe (Trojan.Agent) -> kirakodott folyamat sikeres volt.
C: \ Documents and Settings \ Danny \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> kirakodott folyamat sikeres volt.
C: \ Documents and Settings \ Danny \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> kirakodott folyamat sikeres volt.
C: \ Documents and Settings \ Danny \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> kirakodott folyamat sikeres volt.
Fertőzött memória modulok:
(Nem észlelhető rosszindulatú elem)
Fertőzött rendszerleíró kulcsok:
HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet001 \ Services \ s chedule (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet002 \ Services \ s chedule (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ szolgáltatásokra es \ ütemezése (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_CURRENT_USER \ Software \ Microsoft \ affri (Malware.Trace) -> Karanténba és sikeresen törölve.
HKEY_CURRENT_USER \ Software \ Microsoft \ affltid (Malware.Trace) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affltid (Malware.Trace) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affri (Malware.Trace) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ MS Juan (Malware.Trace) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ FCOVM (Trojan.Vundo) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RemoveRP (Trojan.Vundo) -> Karanténba és sikeresen törölve.
Fertőzött rendszerleíró értékek:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ BMafb2445c (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run \ ntuser (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ ntuser (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_USERS \. DEFAULT \ SOFTWARE \ Microsoft \ Windows \ Cur rentVersion \ Run \ ntuser (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_USERS \. DEFAULT \ SOFTWARE \ Microsoft \ Windows \ Cur rentVersion \ Run \ Autoload (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run \ Autoload (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ Autoload (Trojan.Agent) -> Karanténba és sikeresen törölve.
Registry adatokat Infected:
(Nem észlelhető rosszindulatú elem)
Fertőzött mappák:
(Nem észlelhető rosszindulatú elem)
A fertőzött fájlok:
C: \ Documents and Settings \ LocalService \ Local Settings \ Temporary Internet Files \ Content.IE5 \ GHIJKLMN \ fordulóban [1]. Jpg (Trojan.Madcode) -> Karanténba és sikeresen törölve.
C: \ System Volume Information \ _Restore (B4EDD13F-A6F1-41A1-814E-E5C94DDA45B5) \ RP8 \ A0002994.exe (Trojan.Downloader) -> Karanténba és sikeresen törölve.
C: \ WINDOWS \ System32 \ iupdate.exe (Trojan.Madcode) -> Karanténba és sikeresen törölve.
C: \ WINDOWS \ System32 \ kchkioor.dll (Trojan.Agent) -> Delete on reboot.
C: \ WINDOWS \ System32 \ Drivers \ Ctfmon.exe (Trojan.Agent) -> Karanténba és sikeresen törölve.
C: \ WINDOWS \ System32 \ pac.txt (Malware.Trace) -> Karanténba és sikeresen törölve.
C: \ WINDOWS \ System32 \ Drivers \ spools.exe (Trojan.Agent) -> Karanténba és sikeresen törölve.
C: \ Documents and Settings \ Danny \ cftmon.exe (Trojan.Agent) -> Karanténba és sikeresen törölve.
C: \ Documents and Settings \ roz \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> Karanténba és sikeresen törölve.
C: \ Documents and Settings \ LocalService \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> Karanténba és sikeresen törölve.
C: \ Documents and Settings \ Danny \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> Karanténba és sikeresen törölve.

**RB211** · #6 Április 5 2008, 00:51

Ó OK I didnt tudatában volt, hogy feltesszük őket együtt. Bocs srácok ... Itt vannak:

SUPERAntiSpyware Scan Napló
http://www.superantispyware.com
Generálva 04/04/2008 at 10:06
Alkalmazás verzió: 4.0.1154
Az alapvető szabályok Database Version: 3431
Trace szabályzat Database Version: 1423
Beolvasás típusa: Complete Scan
Összesen beolvasási idő: 01:41:45
Memória beolvasott elem: 703
Memória észlelt fenyegetések: 1
Iktatási tételek Beolvasott: 5826
Rendszerleíróadatbázis észlelt fenyegetések: 43
Fájl elem Beolvasott: 289779
File észlelt fenyegetések: 158
Adware.Vundo Változat / Resident
C: \ WINDOWS \ SYSTEM32 \ MLJJJ.DLL
C: \ WINDOWS \ SYSTEM32 \ MLJJJ.DLL
Trojan.WinFixer
HKLM \ Software \ Classes \ CLSID \ (09888678-51D6-42FC-9437-CBBFDA0B86EA)
HKCR \ CLSID \ (09888678-51D6-42FC-9437-CBBFDA0B86EA)
HKCR \ CLSID \ (09888678-51D6-42FC-9437-CBBFDA0B86EA) \ InprocServer32
HKCR \ CLSID \ (09888678-51D6-42FC-9437-CBBFDA0B86EA) \ InprocServer32 # ThreadingModel
HKLM \ Software \ Classes \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B)
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B)
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B) \ InprocServer32
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B) \ InprocServer32 # ThreadingModel
C: \ WINDOWS \ SYSTEM32 \ JKKLL.DLL
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (09888678-51D6-42FC-9437-CBBFDA0B86EA)
Adware.Vundo Variant
HKLM \ Software \ Classes \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9) \ InprocServer32
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9) \ InprocServer32 # ThreadingModel
C: \ WINDOWS \ SYSTEM32 \ TUVSQPQ.DLL
HKLM \ Software \ Classes \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2) \ InprocServer32
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2) \ InprocServer32 # ThreadingModel
C: \ WINDOWS \ SYSTEM32 \ YAYWUVW.DLL
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ ShellExecuteHooks # (D85530E8-D39D-49D0-9F36-300D594556D2)
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ ShellExecuteHooks # (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
Unclassified.Unknown Származás
HKLM \ Software \ Classes \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ InprocServer32
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ ProgID
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ Programmable
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ typelib
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ VersionIndependentProgID
C: \ PROGRA ~ 1 \ DAP \ SBSEARCH.DLL
HKU \ S-1-5-21-73586283-1326574676-839522115-1004 \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ SearchHook.SrchHook.1
HKCR \ SearchHook.SrchHook
HKCR \ typelib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6)
HKCR \ typelib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1,0
HKCR \ typelib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ 0
HKCR \ typelib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ 0 \ win32
HKCR \ typelib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ FLAGS
HKCR \ typelib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ HELPDIR
Adware.Tracking Cookie
C: \ Documents and Settings \ Danny \ Cookies \ danny @ kiszolgáló-rendszer [1]. Txt
C: \ Documents and Settings \ Danny \ Cookies \ danny @ tribalfusion [1]. Txt
C: \ Documents and Settings \ Danny \ Cookies \ danny @ DoubleClick [1]. Txt
C: \ Documents and Settings \ Danny \ Cookies \ danny@bs.serving-sys [1]. Txt
C: \ Documents and Settings \ Danny \ Cookies \ danny@bs.serving-sys [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@ad.yieldmanager [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@ad.zanox [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz @ adnetserver [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@ads.alpharooms [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@ads1.alpharooms [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@ads2.alpharooms [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@ads3.alpharooms [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@ads4.alpharooms [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz @ Szexpartner [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz @ gostats [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz @ hornymatches [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz @ indexstats [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz @ indexstats [3]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz @ linksynergy [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@media2.mediafileshost [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz @ statcounter [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@statse.webtrendslive [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@tracking.summitmedia.co [1]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@webstats.wthosting.co [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@www.admedia365 [2]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@www.admedia365 [3]. Txt
C: \ Documents and Settings \ roz \ Cookies \ roz@www.hxtrack [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
H: \ Docs & Újabbak Sets \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Docs & Újabbak Sets \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Docs & Újabbak Sets \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
H: \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
Trojan.Unknown Származás
C: \ WINDOWS \ System32 \ nGpxx01
HKLM \ Software \ xpre
HKLM \ Software \ xpre # execount
Adware.VXGame-Trace
HKU \ S-1-5-21-73586283-1326574676-839522115-1005 \ Software \ kernelexe
Adware.Vundo Változat / Rel
C: \ WINDOWS \ SYSTEM32 \ ACCDD.INI
C: \ WINDOWS \ SYSTEM32 \ ACCDD.INI2
C: \ WINDOWS \ SYSTEM32 \ ILKKJ.INI
C: \ WINDOWS \ SYSTEM32 \ ILKKJ.INI2
C: \ WINDOWS \ SYSTEM32 \ JJJLM.INI
C: \ WINDOWS \ SYSTEM32 \ JJJLM.INI2
C: \ WINDOWS \ SYSTEM32 \ LLKKJ.INI
C: \ WINDOWS \ SYSTEM32 \ LLKKJ.INI2
C: \ WINDOWS \ SYSTEM32 \ LNNMP.INI2
C: \ WINDOWS \ SYSTEM32 \ MCRH.TMP
C: \ WINDOWS \ SYSTEM32 \ RRQSS.INI
C: \ WINDOWS \ SYSTEM32 \ VVVWA.INI2
Adware.Vundo-változat
C: \ WINDOWS \ SYSTEM32 \ DDCCA.DLL
C: \ WINDOWS \ SYSTEM32 \ SSQRR.DLL
Fenyegetés Trace.Known Források
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ index [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ alulról [2]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_t1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ CAXOO75T.htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ xrest [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ ajax [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ verx [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_brd-top-1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ vezetők [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ errorhandler [2]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i701_line2 [1]. Jpg
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_boton1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ errorhandler [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ niż [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ errorhandler [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_btn-jellemzők [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_cor bal-1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_icon3 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ crypt [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ ablak [1]. Js
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ tiszta [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_bg1 [1]. Gif
SZ: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ stats [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ top [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ SDWBGNOV \ main_02 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ CASL6F4X.htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_line2 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_cor jobbra-1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ AHGZAXI5 \ ajánljuk [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_icon5 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ stílusok [5]. Css
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ ZLGK0BFB \ off_2 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_bg2 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ fejlődés [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_btn-áttekintés [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ index [5]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ stats [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_bg3 [1]. Jpg
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 8NKJEV4R \ bottom_r_2 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ sürgős [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ errorhandler [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ AC_RunActiveContent [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ midle [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ stílusok [2]. Css
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_boton4 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_btn vásárlás [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ spacer [4]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ ajax [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ G92ZKB2T \ Mark [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CX8VSB4B \ bottom_r [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ crypt [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ errsnd [1]. Swf
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CX8VSB4B \ bottom_l [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_brd-top-1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ crypt [2]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ AHGZAXI5 \ secpan [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_btn hazai [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ CAUJABA1.htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ AC_ActiveX [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_line3 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ chec [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_icon1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ ajax [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_btn-download [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ ZLGK0BFB \ x [2]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ CA3MKJZH.htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_BG [1]. Jpg
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_line1 [1]. Jpg
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_brd-bot-1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_pc [1]. Jpg
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_boton2 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_brd-bot-1 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_bg4 [1]. Jpg
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ vezetők [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_btn-updates [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ vezetők [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ UR2NQ1UR \ figyelmeztető [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ Flash [1]. Js
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_spacer [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ AL6HK9M7 \ main_06 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ head_r_back [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ pajzs [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_line3 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i701_boton2 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ flash_detect [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ játszani. [1] js
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ UR2NQ1UR \ main_10 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ main_05 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ át [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ G92ZKB2T \ main_07 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ EJ23EDUF \ closebutton [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 8NKJEV4R \ main_03 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ ban_2 [1]. Swf
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ logo2 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ adatok [1]. Htm
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ off_back [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ AL6HK9M7 \ letöltés [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ main_04 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ felugró [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ left_3 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ bottom_l_2 [1]. Gif
C: \ Documents and Settings \ roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ Z81HJ8WK \ right_2 [1]. Gif

Malwarebytes' Anti-Malware 1,10
Adatbázis verzió: 592
Beolvasás típusa: Full Scan (A: \ | C: \ | D: \ | E: \ | H: \ | I: \ | J: \ |)
Beolvasott Objects: 336027
Eltelt idő: 1 óra (k), 8 perc (ek), 1 másodperc (ek)
Memory Processes Infected: 5
Fertőzött memória modulok: 0
Fertőzött rendszerleíró kulcsok: 10
Fertőzött rendszerleíró értékek: 7
Registry adatokat Infected: 0
Fertőzött mappák: 0
Fertőzött fájlok: 11
Memory Processes Infected:
C: \ WINDOWS \ System32 \ Drivers \ Ctfmon.exe (Trojan.Agent) -> kirakodott folyamat sikeres volt.
C: \ WINDOWS \ System32 \ Drivers \ Ctfmon.exe (Trojan.Agent) -> kirakodott folyamat sikeres volt.
C: \ Documents and Settings \ Danny \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> kirakodott folyamat sikeres volt.
C: \ Documents and Settings \ Danny \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> kirakodott folyamat sikeres volt.
C: \ Documents and Settings \ Danny \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> kirakodott folyamat sikeres volt.
Fertőzött memória modulok:
(Nem észlelhető rosszindulatú elem)
Fertőzött rendszerleíró kulcsok:
HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet001 \ Services \ s chedule (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet002 \ Services \ s chedule (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ szolgáltatásokra es \ ütemezése (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_CURRENT_USER \ Software \ Microsoft \ affri (Malware.Trace) -> Karanténba és sikeresen törölve.
HKEY_CURRENT_USER \ Software \ Microsoft \ affltid (Malware.Trace) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affltid (Malware.Trace) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affri (Malware.Trace) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ MS Juan (Malware.Trace) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ FCOVM (Trojan.Vundo) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RemoveRP (Trojan.Vundo) -> Karanténba és sikeresen törölve.
Fertőzött rendszerleíró értékek:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ BMafb2445c (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run \ ntuser (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ ntuser (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_USERS \. DEFAULT \ SOFTWARE \ Microsoft \ Windows \ Cur rentVersion \ Run \ ntuser (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_USERS \. DEFAULT \ SOFTWARE \ Microsoft \ Windows \ Cur rentVersion \ Run \ Autoload (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run \ Autoload (Trojan.Agent) -> Karanténba és sikeresen törölve.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ Autoload (Trojan.Agent) -> Karanténba és sikeresen törölve.
Registry adatokat Infected:
(Nem észlelhető rosszindulatú elem)
Fertőzött mappák:
(Nem észlelhető rosszindulatú elem)
A fertőzött fájlok:
C: \ Documents and Settings \ LocalService \ Local Settings \ Temporary Internet Files \ Content.IE5 \ GHIJKLMN \ fordulóban [1]. Jpg (Trojan.Madcode) -> Karanténba és sikeresen törölve.
C: \ System Volume Information \ _Restore (B4EDD13F-A6F1-41A1-814E-E5C94DDA45B5) \ RP8 \ A0002994.exe (Trojan.Downloader) -> Karanténba és sikeresen törölve.
C: \ WINDOWS \ System32 \ iupdate.exe (Trojan.Madcode) -> Karanténba és sikeresen törölve.
C: \ WINDOWS \ System32 \ kchkioor.dll (Trojan.Agent) -> Delete on reboot.
C: \ WINDOWS \ System32 \ Drivers \ Ctfmon.exe (Trojan.Agent) -> Karanténba és sikeresen törölve.
C: \ WINDOWS \ System32 \ pac.txt (Malware.Trace) -> Karanténba és sikeresen törölve.
C: \ WINDOWS \ System32 \ Drivers \ spools.exe (Trojan.Agent) -> Karanténba és sikeresen törölve.
C: \ Documents and Settings \ Danny \ cftmon.exe (Trojan.Agent) -> Karanténba és sikeresen törölve.
C: \ Documents and Settings \ roz \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> Karanténba és sikeresen törölve.
C: \ Documents and Settings \ LocalService \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> Karanténba és sikeresen törölve.
C: \ Documents and Settings \ Danny \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> Karanténba és sikeresen törölve.

Naplózás A Trend Micro HijackThis v2.0.2
Beolvasás mentett 08:45:34, a 05/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Futó folyamatok:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ System32 \ Services.exe
C: \ WINDOWS \ System32 \ Lsass.exe
C: \ WINDOWS \ System32 \ Ati2evxx.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Ati2evxx.exe
C: \ WINDOWS \ System32 \ Spoolsv.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ AMD \ RAIDXpert \ kikötőgátak \ extra \ win32 \ Wrapper.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
C: \ Program Files \ AMD \ RAIDXpert \ _jvm \ bin \ java.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ WINDOWS \ System32 \ Rundll32.exe
C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe
C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe
C: \ PROGRA ~ 1 \ Yahoo! \ YOP \ yop.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ycommon.exe
C: \ Program Files \ SPAMfighter \ SFAgent.exe
C: \ Program Files \ BT Broadband Desktop Help \ bin \ BTHelpNotifier.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
C: \ Program Files \ SPAMfighter \ sfus.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ MOM.EXE
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Spool \ Drivers \ W32x86 \ 3 \ hpztsb0 4.exe
C: \ WINDOWS \ System32 \ wltrysvc.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ PROGRA ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
C: \ WINDOWS \ System32 \ bcmwltry.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe
C: \ Program Files \ Microsoft IntelliType Pro \ dpupdchk.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ System32 \ Ctfmon.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
C: \ Program Files \ DNS \ btdna.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ PROGRA ~ 1 \ Yahoo! \ YOP \ SSDK02.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ WINDOWS \ System32 \ Msiexec.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
C: \ Program Files \ NETGEAR WG311v2 adapter_azonosítója \ wlancfg5.exe
C: \ Program Files \ BT Broadband Desktop Help \ bin \ mpbtn.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ javaw.exe
C: \ WINDOWS \ System32 \ wuauclt.exe
C: \ WINDOWS \ System32 \ wuauclt.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ ccc.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://news.bbc.co.uk/sport1/hi/football/default.stm
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ int ernet Beállítások, ProxyOverride = 127.0.0.1; *. helyi
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn0 \ yt.dll
O2 - BHO: (no name) - (3CAB59B4-55A3-4737-9FD5-B93C6430BF75) - C: \ WINDOWS \ System32 \ sjmxcfmu.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn0 \ yt.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ AskSBar \ bar \ 1.bin \ ASKSBAR.DLL
O4 - HKLM \ .. \ Run: [C6501Sound] Rundll32 c6501.cpl, CMICtrlWnd
O4 - HKLM \ .. \ Run: [btbb_wcm_McciTrayApp] C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
O4 - HKLM \ .. \ Run: [YBrowser] C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe
O4 - HKLM \ .. \ Run: [HPHUPD08] C: \ Program Files \ HP \ Digital Imaging \ (33D6CC28-9F75-4d1b-A11D-98895B3A3729) \ hphupd08.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [MediaLifeService] "C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe"
O4 - HKLM \ .. \ Run: [LBP Samsung SM] "C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe" / autorun
O4 - HKLM \ .. \ Run: [YOP] C: \ PROGRA ~ 1 \ Yahoo! \ YOP \ yop.exe / autostart
O4 - HKLM \ .. \ Run: [SPAMfighter Agent] "C: \ Program Files \ SPAMfighter \ SFAgent.exe" update késéshez 60
O4 - HKLM \ .. \ Run: [btbb_McciTrayApp] C: \ Program Files \ BT Broadband Desktop Help \ bin \ BTHelpNotifier.exe
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe"
O4 - HKLM \ .. \ Run: [amd_dc_opt] C: \ Program Files \ AMD \ Dual-Core Optimizer \ amd_dc_opt.exe
O4 - HKLM \ .. \ Run: [HPDJ Tálca Utility] C: \ WINDOWS \ System32 \ Spool \ Drivers \ W32x86 \ 3 \ hpztsb0 4.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / Indítópult
O4 - HKLM \ .. \ Run: [SideWinderTrayV4] C: \ PROGRA ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [itype] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe" / minimalizáltak
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [swg] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNS \ btdna.exe"
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / háttér
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'Default user')
O4 - Startup: MP3 Rocket (Minimalizált). Lnk = C: \ Program Files \ MP3 Rocket \ MP3Rocket.exe
O4 - Global Startup: BT Broadband Desktop Help.lnk = C: \ Program Files \ BT Broadband Desktop Help \ bin \ matcli.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C: \ Program Files \ NETGEAR WG311v2 adapter_azonosítója \ wlancfg5.exe
O8 - Extra context menu item: & Clean Traces - C: \ Program Files \ DAP \ Adatbiztonság csomag \ dapcleanerie.htm
O8 - Extra context menu item: & Letöltés a & DAP - C: \ Program Files \ DAP \ dapextie.htm
O8 - Extra context menu item: Download & all with DAP - C: \ Program Files \ DAP \ dapextie2.htm
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra button: BT Yahoo! Services - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ PROGRA ~ 1 \ Yahoo! \ Common \ yiesrvc.dll
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) - C: \ Program Files \ Yahoo! \ Common \ Yinsthelper20073151.dll
O16 - DPF: (6F15128C-E66A-490C-B848-5000B5ABEEAC) (HP Download Manager) -- https: / / h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
O16 - DPF: (BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B) (Zylom Játékok lejátszó) -- http://game07.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...nt/swflash.cab
O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O20 - Winlogon Notify: tuvsqpq - tuvsqpq.dll (fájl hiányzik)
O20 - Winlogon Notify: yaywuvw - yaywuvw.dll (fájl hiányzik)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
O23 - Service: AMD RAIDXpert (AMDRAIDXpert) - Ismeretlen tulajdonos - C: \ Program Files \ AMD \ RAIDXpert \ kikötőgátak \ extra \ win32 \ Wrapper.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Ati Hotkey Poller - ATI Technologies Inc. - C: \ WINDOWS \ System32 \ Ati2evxx.exe
O23 - Service: ATI Smart - Unknown tulajdonos - C: \ WINDOWS \ System32 \ ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Grisoft sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: PML Driver HPZ12 - Ismeretlen tulajdonos - C: \ WINDOWS \ System32 \ HPZipm12.exe (fájl hiányzik)
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C: \ Program Files \ SPAMfighter \ sfus.exe
O23 - Service: WLTRYSVC - Ismeretlen tulajdonos - C: \ WINDOWS \ System32 \ wltrysvc.exe
O23 - Service: YPCService - Yahoo! Inc. - C: \ WINDOWS \ System32 \ YPCSER ~ 1.EXE
--
End of file - 10856 bytes

Nagyon köszönöm

**evilfantasy** · #7 Április 5 2008, 01:27

Úgy néz ki, mint volt egy csomó eltávolították, még mindig vannak kérdéses bejegyzéseket a Hijackthis napló így kell futtatni néhány különböző eszközöket.

Letöltés Vundofix.exe az asztalra.

Double-click VundoFix.exe futtatni azt.
Amikor VundoFix nyílik meg, kattintson a Scan for Vundo gombra.
Miután ez megtörtént szkennelés, kattintson a Eltávolítás Vundo gombra.
Hamarosan kapni fog egy gyors kérve, ha el akarja távolítani a fájlokat, kattintson IGEN
Miután az Igen gombra kattint, az asztalon megy üres, mert kezdődik eltávolítása Vundo.
Amikor befejezte, akkor azonnali leállítása, hogy a számítógépet, kattintson a OK.
Fordítsa vissza a számítógépet.
Please post a tartalmát a C: \vundofix.txt és egy új HiJackThis napló.

Megjegyzés: Lehetséges, hogy VundoFix ütközött egy fájlt nem tudott eltávolítani. Ebben az esetben VundoFix fog az újraindítás, egyszerűen kövesse a fenti utasításokat Induló "Kattintson a Scan for Vundo gomb", ha VundoFix jelenik meg reboot.

Kérjük Vundo befejezni, néha ez is több igazolványok

----------

Letöltés SDFix.exe és menthetjük az asztalra.

Double click SDFix.exe és azt a fájlokat a% systemdrive%
(Meghajtó, amely tartalmazza a Windows könyvtárban, jellemzően C: \ SDFix)

Kérem, majd újraindítani a számítógépet Safe Mode by doing a következők:

Indítsa újra a számítógépet
Meghallgatását követően a számítógépen sípolás induláskor, de mielőtt a Windows-ikon jelenik meg, érintse meg az F8 billentyűt folyamatosan;
Ehelyett a Windows loading mint a normál, az Advanced Options menü jelenik meg;
Válasszuk ki az első lehetőség, hogy a Windows csökkentett módban, majd nyomja meg Enter.
Válassz szokásos számláját.
Nyissuk meg a mappát, és ki SDFix duplakattintásra RunThis.bat kezdeni a forgatókönyvet.
Típus Y kezdődik a cleanup folyamat.
Ez eltávolít minden Trojan Szolgáltatások és bejegyzéseit, hogy úgy találja, majd gyorsan nyomjuk meg a gombot, újraindít.
Nyomja meg bármelyik gombot, és akkor újra a számítógéphez.
Amikor a számítógép újraindul a Fixtool fog újra és teljes az eltávolítási folyamat akkor kijelző BefejezettNyomjuk meg a gombot, hogy vessen véget a forgatókönyvet és a terhelés az asztalon az ikonokat.
Amint az asztali ikonok betölteni a SDFix jelentést fog megnyílni a képernyőn, és mentse a SDFix mappát Report.txt
(Report.txt is másolt a vágólapra.)
Végül adjuk hozzá a tartalmát a Report.txt a következő post.

----------

Most fut egy új Hijackthis beolvasás és a sok log együtt a többiekkel.

Is hadd tudja, hogy a dolgok most.

**RB211** · #8 Április 5 2008, 02:23

Következő két OK.

VundoFix V7.0.3
Beolvasás indítása 10:07:05 05/04/2008
Listázási fájlokat találtak, míg a szkennelés ....
C: \ WINDOWS \ System32 \ anthkpru.dll
Kezdet eltávolítása ...
Kísérlete, hogy törli a C: \ WINDOWS \ System32 \ anthkpru.dll
C: \ WINDOWS \ System32 \ anthkpru.dll törölve lett!
Teljesítő javítások foglalkozik.
Kész!

Naplózás A Trend Micro HijackThis v2.0.2
Beolvasás mentett 10:18:53, a 05/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Futó folyamatok:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ System32 \ Services.exe
C: \ WINDOWS \ System32 \ Lsass.exe
C: \ WINDOWS \ System32 \ Ati2evxx.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Ati2evxx.exe
C: \ WINDOWS \ System32 \ Spoolsv.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ AMD \ RAIDXpert \ kikötőgátak \ extra \ win32 \ Wrapper.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
C: \ Program Files \ AMD \ RAIDXpert \ _jvm \ bin \ java.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ WINDOWS \ System32 \ Rundll32.exe
C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ycommon.exe
C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ PROGRA ~ 1 \ Yahoo! \ YOP \ yop.exe
C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
C: \ Program Files \ SPAMfighter \ SFAgent.exe
C: \ Program Files \ SPAMfighter \ sfus.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ wltrysvc.exe
C: \ WINDOWS \ System32 \ bcmwltry.exe
C: \ Program Files \ BT Broadband Desktop Help \ bin \ BTHelpNotifier.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ MOM.EXE
C: \ WINDOWS \ System32 \ Spool \ Drivers \ W32x86 \ 3 \ hpztsb0 4.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ PROGRA ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Program Files \ Microsoft IntelliPoint \ dpupdchk.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ PROGRA ~ 1 \ Yahoo! \ YOP \ SSDK02.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ WINDOWS \ System32 \ Ctfmon.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
C: \ Program Files \ DNS \ btdna.exe
C: \ WINDOWS \ System32 \ Msiexec.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ ccc.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ BT Broadband Desktop Help \ bin \ mpbtn.exe
C: \ Program Files \ NETGEAR WG311v2 adapter_azonosítója \ wlancfg5.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ javaw.exe
C: \ WINDOWS \ System32 \ wuauclt.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ System32 \ wuauclt.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://news.bbc.co.uk/sport1/hi/football/default.stm
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ int ernet Beállítások, ProxyOverride = 127.0.0.1; *. helyi
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn0 \ yt.dll
O2 - BHO: (no name) - (3CAB59B4-55A3-4737-9FD5-B93C6430BF75) - C: \ WINDOWS \ System32 \ sjmxcfmu.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn0 \ yt.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ AskSBar \ bar \ 1.bin \ ASKSBAR.DLL
O4 - HKLM \ .. \ Run: [C6501Sound] Rundll32 c6501.cpl, CMICtrlWnd
O4 - HKLM \ .. \ Run: [btbb_wcm_McciTrayApp] C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
O4 - HKLM \ .. \ Run: [YBrowser] C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe
O4 - HKLM \ .. \ Run: [HPHUPD08] C: \ Program Files \ HP \ Digital Imaging \ (33D6CC28-9F75-4d1b-A11D-98895B3A3729) \ hphupd08.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [MediaLifeService] "C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe"
O4 - HKLM \ .. \ Run: [LBP Samsung SM] "C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe" / autorun
O4 - HKLM \ .. \ Run: [YOP] C: \ PROGRA ~ 1 \ Yahoo! \ YOP \ yop.exe / autostart
O4 - HKLM \ .. \ Run: [SPAMfighter Agent] "C: \ Program Files \ SPAMfighter \ SFAgent.exe" update késéshez 60
O4 - HKLM \ .. \ Run: [btbb_McciTrayApp] C: \ Program Files \ BT Broadband Desktop Help \ bin \ BTHelpNotifier.exe
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe"
O4 - HKLM \ .. \ Run: [amd_dc_opt] C: \ Program Files \ AMD \ Dual-Core Optimizer \ amd_dc_opt.exe
O4 - HKLM \ .. \ Run: [HPDJ Tálca Utility] C: \ WINDOWS \ System32 \ Spool \ Drivers \ W32x86 \ 3 \ hpztsb0 4.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / Indítópult
O4 - HKLM \ .. \ Run: [SideWinderTrayV4] C: \ PROGRA ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
O4 - HKLM \ .. \ Run: [itype] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe" / minimalizáltak
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [swg] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNS \ btdna.exe"
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / háttér
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'Default user')
O4 - Startup: MP3 Rocket (Minimalizált). Lnk = C: \ Program Files \ MP3 Rocket \ MP3Rocket.exe
O4 - Global Startup: BT Broadband Desktop Help.lnk = C: \ Program Files \ BT Broadband Desktop Help \ bin \ matcli.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C: \ Program Files \ NETGEAR WG311v2 adapter_azonosítója \ wlancfg5.exe
O8 - Extra context menu item: & Clean Traces - C: \ Program Files \ DAP \ Adatbiztonság csomag \ dapcleanerie.htm
O8 - Extra context menu item: & Letöltés a & DAP - C: \ Program Files \ DAP \ dapextie.htm
O8 - Extra context menu item: Download & all with DAP - C: \ Program Files \ DAP \ dapextie2.htm
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra button: BT Yahoo! Services - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ PROGRA ~ 1 \ Yahoo! \ Common \ yiesrvc.dll
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) - C: \ Program Files \ Yahoo! \ Common \ Yinsthelper20073151.dll
O16 - DPF: (6F15128C-E66A-490C-B848-5000B5ABEEAC) (HP Download Manager) -- https: / / h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
O16 - DPF: (BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B) (Zylom Játékok lejátszó) -- http://game07.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...nt/swflash.cab
O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O20 - Winlogon Notify: tuvsqpq - tuvsqpq.dll (fájl hiányzik)
O20 - Winlogon Notify: yaywuvw - yaywuvw.dll (fájl hiányzik)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
O23 - Service: AMD RAIDXpert (AMDRAIDXpert) - Ismeretlen tulajdonos - C: \ Program Files \ AMD \ RAIDXpert \ kikötőgátak \ extra \ win32 \ Wrapper.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Ati Hotkey Poller - ATI Technologies Inc. - C: \ WINDOWS \ System32 \ Ati2evxx.exe
O23 - Service: ATI Smart - Unknown tulajdonos - C: \ WINDOWS \ System32 \ ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Grisoft sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: PML Driver HPZ12 - Ismeretlen tulajdonos - C: \ WINDOWS \ System32 \ HPZipm12.exe (fájl hiányzik)
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C: \ Program Files \ SPAMfighter \ sfus.exe
O23 - Service: WLTRYSVC - Ismeretlen tulajdonos - C: \ WINDOWS \ System32 \ wltrysvc.exe
O23 - Service: YPCService - Yahoo! Inc. - C: \ WINDOWS \ System32 \ YPCSER ~ 1.EXE
--
End of file - 10853 bytes

**evilfantasy** · #9 Április 5 2008, 02:36

SDFix napló?

**RB211** · #10 Április 5 2008, 02:51

OK SDFix és a legutolsó mesterlövész:

Egészségére

SDFix: Version 1,166
Run Danny on 05/04/2008 at 10:38
Microsoft Windows XP [Version 5/1/2600]
Running From: C: \ sdfix \ SDFix
Checking Szolgáltatások :

Restoring Windows Registry Values
Restoring Windows Default Hosts File
Újraindítás

Checking Files :
Trojan Files Found:
C: \ WINDOWS \ Temp \ 1852.tmp.lst - Törölve
C: \ WINDOWS \ Temp \ 2723.tmp.lst - Törölve
C: \ WINDOWS \ Temp \ 2F76.tmp.lst - Törölve
C: \ WINDOWS \ Temp \ 541A.tmp.lst - Törölve
C: \ WINDOWS \ Temp \ 580D.tmp.lst - Törölve
C: \ WINDOWS \ Temp \ 6E54.tmp.lst - Törölve
C: \ WINDOWS \ fetchuserid.exe - Törölve

Folder C: \ Program Files \ drmupgds - Removed

Removing Temp Files
ADS Check :

Utolsó ellenőrzés :
CatchMe 0.3.1344.2 W2K/XP/Vista - Rootkit / stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-05 10:44:19
5/1/2600 Windows Service Pack 2 NTFS
szkennelés rejtett folyamatok ...
scanning hidden services & rendszer méhkas ...
scanning hidden registry entries ...
scanning hidden files ...
scan sikeresen befejeződött
Rejtett folyamatok: 0
rejtett szolgáltatás: 0
hidden files: 0

Hátralévő Szolgáltatások :

Authorized Application Key Export:
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ szolgáltatásokra es \ SharedAccess \ Parameters \ firewallpolicy \ standard profil \ authorizedapplications \ list]
"C: \ \ Program Files \ \ BitTorrent \ \ bittorrent.exe" = "C: \ \ Program Files \ \ BitTorrent \ \ bittorrent.exe: *: Enabled: BitTor rent"
"C: \ \ Program Files \ \ DNA \ \ btdna.exe" = "C: \ \ Program Files \ \ DNA \ \ btdna.exe: *: Enabled: DNS"
"C: \ \ Program Files \ \ ICQ \ \ Icq.exe" = "C: \ \ Program Files \ \ ICQ \ \ Icq.exe: *: Enabled: ICQ"
"C: \ \ Program Files \ \ Yahoo! \ \ Messenger \ \ YahooMessenger.exe" = "C: \ \ Program Files \ \ Yahoo! \ \ Messenger \ \ YahooMessenger.exe: *: Ena Bled: Yahoo! Messenger"
"C: \ \ Program Files \ \ LimeWire \ \ LimeWire.exe" = "C: \ \ Program Files \ \ LimeWire \ \ LimeWire.exe: *: Enabled: LimeWire"
"D: \ \ Program Files \ \ Microsoft Games \ \ Flight Simulator 9 \ \ fs9.exe" = "D: \ \ Program Files \ \ Microsoft Games \ \ Flight Simulator 9 \ \ fs9.exe: *: Enabled: Microsoft Flight Simulator "
"C: \ \ WINDOWS \ \ System32 \ \ dpnsvr.exe" = "C: \ \ WINDOWS \ \ System32 \ \ dpnsvr.exe: *: Enabled: Microsoft DirectPlay8 Server"
"C: \ \ Program Files \ \ Kontiki \ \ KService.exe" = "C: \ \ Program Files \ \ Kontiki \ \ KService.exe: *: Enabled: Delivery Manager Service"
"C: \ \ Program Files \ \ Ubisoft \ \ Gearbox Software \ \ BrothersInArmsEiB \ \ System \ \ EiB.exe" = "C: \ \ Program Files \ \ Ubisoft \ \ Gearbox Software \ \ BrothersInArmsEiB \ \ System \ \ EBB . exe: *: Ena Bled: Brothers In Arms Earned In Blood "
"C: \ \ Valve \ \ Condition Zero \ \ czero.exe" = "C: \ \ Valve \ \ Condition Zero \ \ czero.exe: *: Enabled: Condition Zero Indítóikon"
"C: \ \ Program Files \ \ Java \ \ jre1.6.0_04 \ \ bin \ \ javaw.exe" = "C: \ \ Pro gramm Files \ \ Java \ \ jre1.6.0_04 \ \ bin \ \ javaw. exe: *: Enabled: Java (TM) Platform SE bináris "
"C: \ \ Program Files \ \ DAP \ \ DAP.exe" = "C: \ \ Program Files \ \ DAP \ \ DAP.exe: *: Enabled: Download Accelerator Plus (DAP)
"% windir% \ \ System32 \ \ Sessmgr.exe" = "% windir% \ \ syste M32 \ \ Sessmgr.exe: *: Enabled: @ xpsp2res.dll, -22019"
"C: \ \ Program Files \ \ SpeedBit Video Accelerator \ \ VideoAccelerator.exe" = "C: \ \ Program Files \ \ SpeedBit Video Accelerator \ \ VideoAccelerator.exe: *: Enabled: VideoA ccelerator"
"C: \ \ Program Files \ \ SpeedBit Video Accelerator \ \ VideoAcceleratorEngine.exe" = "C: \ \ Prog ram Files \ \ SpeedBit Video Accelerator \ \ VideoAcceleratorEngine.exe: *: Enabled: VideoAcceleratorService"
"C: \ \ Program Files \ \ Java \ \ jre1.6.0_05 \ \ bin \ \ javaw.exe" = "C: \ \ Pro gramm Files \ \ Java \ \ jre1.6.0_05 \ \ bin \ \ javaw. exe: *: Enabled: Java (TM) Platform SE bináris "
"C: \ \ Program Files \ \ iTunes \ \ iTunes.exe" = "C: \ \ Program Files \ \ iTunes \ \ iTunes.exe: *: Enabled: iTunes"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ szolgáltatásokra es \ SharedAccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ list]
"% windir% \ \ System32 \ \ Sessmgr.exe" = "% windir% \ \ syste M32 \ \ Sessmgr.exe: *: Enabled: @ xpsp2res.dll, -22019"
Hátralévő Files :

File mentések: - C: \ sdfix \ SDFix \ mentések \ backups.zip
Rejtett fájlok tulajdonságai :
Kedd 5 február 2008 4.348 A.SH. --- "C: \ Documents and Settings \ All Users \ DRM \ DRMv1.bak"
Hétfő 28 január 2008 0 A.SH. --- "C: \ Documents and Settings \ All Users \ DRM \ Cache \ Indiv01.tmp"
Kész!

és

Naplózás A Trend Micro HijackThis v2.0.2
Beolvasás mentett 10:48:43, a 05/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Futó folyamatok:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ System32 \ Csrss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ System32 \ Services.exe
C: \ WINDOWS \ System32 \ Lsass.exe
C: \ WINDOWS \ System32 \ Ati2evxx.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Ati2evxx.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Spoolsv.exe
C: \ Program Files \ AMD \ RAIDXpert \ kikötőgátak \ extra \ win32 \ Wrapper.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ Program Files \ AMD \ RAIDXpert \ _jvm \ bin \ java.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
C: \ Program Files \ SPAMfighter \ sfus.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ wltrysvc.exe
C: \ WINDOWS \ System32 \ bcmwltry.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ System32 \ alg.exe
C: \ WINDOWS \ System32 \ wuauclt.exe
C: \ WINDOWS \ System32 \ Rundll32.exe
C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
C: \ WINDOWS \ System32 \ wuauclt.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ycommon.exe
C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe
C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe
C: \ PROGRA ~ 1 \ Yahoo! \ YOP \ yop.exe
C: \ Program Files \ SPAMfighter \ SFAgent.exe
C: \ Program Files \ BT Broadband Desktop Help \ bin \ BTHelpNotifier.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ MOM.EXE
C: \ WINDOWS \ System32 \ Msiexec.exe
C: \ WINDOWS \ System32 \ Spool \ Drivers \ W32x86 \ 3 \ hpztsb0 4.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ PROGRA ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Program Files \ Microsoft IntelliType Pro \ dpupdchk.exe
C: \ PROGRA ~ 1 \ Yahoo! \ YOP \ SSDK02.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ System32 \ wbem \ wmiprvse.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ WINDOWS \ System32 \ Ctfmon.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ DNS \ btdna.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Program Files \ BT Broadband Desktop Help \ bin \ mpbtn.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
C: \ Program Files \ NETGEAR WG311v2 adapter_azonosítója \ wlancfg5.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ javaw.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ ccc.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ WINDOWS \ System32 \ wbem \ wmiprvse.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://news.bbc.co.uk/sport1/hi/football/default.stm
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ int ernet Beállítások, ProxyOverride = 127.0.0.1; *. helyi
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn0 \ yt.dll
O2 - BHO: (no name) - (3CAB59B4-55A3-4737-9FD5-B93C6430BF75) - C: \ WINDOWS \ System32 \ sjmxcfmu.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn0 \ yt.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ AskSBar \ bar \ 1.bin \ ASKSBAR.DLL
O4 - HKLM \ .. \ Run: [C6501Sound] Rundll32 c6501.cpl, CMICtrlWnd
O4 - HKLM \ .. \ Run: [btbb_wcm_McciTrayApp] C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
O4 - HKLM \ .. \ Run: [YBrowser] C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe
O4 - HKLM \ .. \ Run: [HPHUPD08] C: \ Program Files \ HP \ Digital Imaging \ (33D6CC28-9F75-4d1b-A11D-98895B3A3729) \ hphupd08.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [MediaLifeService] "C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe"
O4 - HKLM \ .. \ Run: [LBP Samsung SM] "C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe" / autorun
O4 - HKLM \ .. \ Run: [YOP] C: \ PROGRA ~ 1 \ Yahoo! \ YOP \ yop.exe / autostart
O4 - HKLM \ .. \ Run: [SPAMfighter Agent] "C: \ Program Files \ SPAMfighter \ SFAgent.exe" update késéshez 60
O4 - HKLM \ .. \ Run: [btbb_McciTrayApp] C: \ Program Files \ BT Broadband Desktop Help \ bin \ BTHelpNotifier.exe
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe"
O4 - HKLM \ .. \ Run: [amd_dc_opt] C: \ Program Files \ AMD \ Dual-Core Optimizer \ amd_dc_opt.exe
O4 - HKLM \ .. \ Run: [HPDJ Tálca Utility] C: \ WINDOWS \ System32 \ Spool \ Drivers \ W32x86 \ 3 \ hpztsb0 4.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / Indítópult
O4 - HKLM \ .. \ Run: [SideWinderTrayV4] C: \ PROGRA ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
O4 - HKLM \ .. \ Run: [itype] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe" / minimalizáltak
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [swg] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNS \ btdna.exe"
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / háttér
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'Default user')
O4 - Startup: MP3 Rocket (Minimalizált). Lnk = C: \ Program Files \ MP3 Rocket \ MP3Rocket.exe
O4 - Global Startup: BT Broadband Desktop Help.lnk = C: \ Program Files \ BT Broadband Desktop Help \ bin \ matcli.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C: \ Program Files \ NETGEAR WG311v2 adapter_azonosítója \ wlancfg5.exe
O8 - Extra context menu item: & Clean Traces - C: \ Program Files \ DAP \ Adatbiztonság csomag \ dapcleanerie.htm
O8 - Extra context menu item: & Letöltés a & DAP - C: \ Program Files \ DAP \ dapextie.htm
O8 - Extra context menu item: Download & all with DAP - C: \ Program Files \ DAP \ dapextie2.htm
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra button: BT Yahoo! Services - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ PROGRA ~ 1 \ Yahoo! \ Common \ yiesrvc.dll
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) - C: \ Program Files \ Yahoo! \ Common \ Yinsthelper20073151.dll
O16 - DPF: (6F15128C-E66A-490C-B848-5000B5ABEEAC) (HP Download Manager) -- https: / / h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
O16 - DPF: (BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B) (Zylom Játékok lejátszó) -- http://game07.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...nt/swflash.cab
O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O20 - Winlogon Notify: tuvsqpq - tuvsqpq.dll (fájl hiányzik)
O20 - Winlogon Notify: yaywuvw - yaywuvw.dll (fájl hiányzik)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
O23 - Service: AMD RAIDXpert (AMDRAIDXpert) - Ismeretlen tulajdonos - C: \ Program Files \ AMD \ RAIDXpert \ kikötőgátak \ extra \ win32 \ Wrapper.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Ati Hotkey Poller - ATI Technologies Inc. - C: \ WINDOWS \ System32 \ Ati2evxx.exe
O23 - Service: ATI Smart - Unknown tulajdonos - C: \ WINDOWS \ System32 \ ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Grisoft sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: PML Driver HPZ12 - Ismeretlen tulajdonos - C: \ WINDOWS \ System32 \ HPZipm12.exe (fájl hiányzik)
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C: \ Program Files \ SPAMfighter \ sfus.exe
O23 - Service: WLTRYSVC - Ismeretlen tulajdonos - C: \ WINDOWS \ System32 \ wltrysvc.exe
O23 - Service: YPCService - Yahoo! Inc. - C: \ WINDOWS \ System32 \ YPCSER ~ 1.EXE
--
End of file - 11044 bytes

Hasonló szálak
Szál	Thread Starter	Fórum	Válaszok	Utolsó hozzászólás
Lassabb internet sebesség este a kábelen	kojowilliams	Hálózatépítés, Modems & VoIP	1	25. május 2009 14:18
Gyorsan javul játékok készségek lassabban mozgó játék!	NeuroDrive	PC és konzol játékok	1	4. február 2009 04:19
PC lassabb, mint a világ leglassabb dolog!	iszap	Vírus, kémprogram és biztonság	40	20. november 2008 06:35
Vannak külső hardrives lassabb, mint a belső?	dubs89	Drives & Removable Media	3	29. december 2007 14:05

Téma eszközök
Show Nyomtatható verzió Küldés e-mailben