kisebb-sajáttőke

Magazine
Go Back   Számítógép Juice > Számítógépes szoftver > Vírus, kémprogram és biztonság
Reload this Page

Vírus: iexplore.exe rendszer folyamat

Regisztráció Oldaltérkép Spy Tagok listája Donate Keres Mai hozzászólások Megjelöl Fórumok Olvas Fórum Szabályok

Register


 Default 

Vírus: iexplore.exe rendszer folyamat




Reply
Oldal 1 / 2 1 2
 
Téma eszközök
  #1  
Old November 6, 2008, 02:16
Új tag Csoport
  
Nem úgy tűnik, hogy közel iexplore.exe akkor is, ha nincs a Windows Intéző megnyitott. Hirdetések mindig felbukkan időről időre. Én is hallottam hangokat ad / zaj a háttérben. Ez bosszantó, és úgy érzem, mint a rendszer teljesítményét is lelassult. Kérem, segítsen. Ez az én HijackThis log:

Naplózás a HijackThis v1.99.1
Scan mentése 4:15:28, a 11/6/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Futó folyamatok:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ System32 \ Services.exe
C: \ WINDOWS \ System32 \ Lsass.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe
C: \ Program Files \ Common Files \ Ulead Systems \ automatikus felismerése \ monitor.exe
C: \ WINDOWS \ RTHDCPL.EXE
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C:: \ Program Files \ ASUS \ AASP \ 1.00.61 \ aaCenter.exe
C: \ WINDOWS \ System32 \ Rundll32.exe
C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
C: \ WINDOWS \ System32 \ Ctfmon.exe
C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe
C: \ PROGRA ~ 1 \ COMMON ~ 1 \ Nokia \ MPAPI \ MPAPI3s.exe
C: \ WINDOWS \ System32 \ Spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ WINDOWS \ System32 \ nvsvc32.exe
C: \ WINDOWS \ System32 \ PSIService.exe
C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Winamp \ winamp.exe
C: \ Program Files \ Real \ RealPlayer \ RealPlay.exe
C: \ WINDOWS \ System32 \ s1S8Dh6X.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ HijackThis \ HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
Az O2 - BHO: IE2EMBHO Class - (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E) - C: \ Program Files \ easyMule \ modules \ IE2EM.dll
O2 - BHO: RealPlayer letöltése és Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [Ai Nap] "C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe"
O4 - HKLM \ .. \ Run: [CPU Power Monitor] "C: \ Program Files \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe"
O4 - HKLM \ .. \ Run: [CPU Level Up help] C: \ Program Files \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe
"O4 - HKLM \ .. \ Run: [ASUS Energiatakarékossági]" C: \ Program Files \ ASUS \ AI Suite \ EnergySaving \ PwSave.exe "
O4 - HKLM \ .. \ Run: [Ulead automatikus felismerése v2] C: \ Program Files \ Common Files \ Ulead Systems \ automatikus felismerése \ monitor.exe
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [NvCplDaemon] Rundll32.exe C: \ WINDOWS \ System32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] Rundll32.exe C: \ WINDOWS \ System32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [NSLauncher] C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe / startup
O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe
"O4 - HKCU \ .. \ Run: [\ \ MING3 \ Epson Stylus C120 Series] C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32x86 \ 3 \ E_FATIC CA.EXE / FU" C: \ DOCUME ~ 1 \ MKJ \ LOCALS ~ 1 \ Temp \ E_S13.tmp "/ EF" HKCU "
O4 - HKCU \ .. \ Run: [PcSync] C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe / NoDialog
O8 - Extra context menu item: Hozzáadás a Google Photos Screensa & ver - res: / / C: \ WINDOWS \ System32 \ GPhotos.scr/200
O8 - Extra context menu item: Download by easyMule - C: \ Program Files \ easyMule \ IE2EM.htm
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (fájl hiányzik)
O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (fájl hiányzik)
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O10 - Unknown file in Winsock LSP: c: \ Program Files \ Bonjour \ mdnsnsp.dll
O11 - Beállítások csoport: [INTERNATIONAL] International *
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Fotó Feltöltő 5 Control) -- http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl osztály) -- http://www.update.microsoft.com/wind...?1224821007296
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl osztály) -- http://www.update.microsoft.com/micr...?1224825458984
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: livecall - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
O18 - Protocol: msnim - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
O20 - Winlogon Notify: dimsntfy -% SystemRoot% \ System32 \ dimsntfy.dll (fájl hiányzik)
O20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll
O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ System32 \ WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Ellenőrző Szolgálat (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown tulajdonos - C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe "/ service (file missing)
O23 - Service: avast! Web Scanner - Unknown tulajdonos - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe "/ service (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ System32 \ nvsvc32.exe
O23 - Service: ProtexisLicensing - Ismeretlen tulajdonos - C: \ WINDOWS \ System32 \ PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
  #2  
Old November 6, 2008, 09:37
Moderátor Csoport
  
Letöltés CCleaner Slim és menthetjük az asztalra.
Amikor a fájl mentésre került, akkor az asztalra, és kattintson duplán a ccsetupxxx_slim.exe
Kövesse az instrukciókat, hogy telepítse a programot.
A telepítés akkor:
  • Kattintson duplán a CCleaner parancsikonra az asztalon, hogy elindítsa a programot.
  • Kattintson a Opciók blokk a bal oldalon, majd válassza Cookies.
    • Alatt A sütik a TörlésKi minden cookie-t kíván végleg megtartják
    • Kattintson a jobb nyíl > hogy azok a Sütik hogy tartsa ablakban.
  • Bemegy Opciók > Részletes unellenőriz Csak törölni fájlokat a Windows Temp mappa idősebb, mint 48 órát
  • Kattints Tisztitószerek a bal oldalon, majd Run Tisztitószerek A jobb futtatni a programot.
  • Fontos: Győződjön meg arról, hogy MINDEN böngészőablakukat zárva kiválasztása előtt Run Tisztitószerek
  • Vigyázat: Nem javasolt, hogy használja a "Registry" funkciót, ha nem nagyon ismerik a cégbíróságon.
  • Kilépés CCleaner miután befejezte a folyamatot.

----------

Most telepítse az új változat HijackThis és elküldeni a log-ból ez.

Letöltés TrendMicro HijackThis.exe (HJT) az asztalra.
  • Kattintsunk duplán a HJTInstall.
  • Kattintson a Telepítés gombra.
  • Ez automatikusan helyet HJT a C: \ Program Files \ TrendMicro \ HijackThis \ HijackThis.exe.
  • A telepítés, HijackThis kell nyitnia, az Ön számára.
  • Kattintson a Van egy rendszer scan, és mentse a log file gomb
  • HijackThis majd scan, majd egy napló nyit a Jegyzettömbben.
  • Másolja, majd illessze be a teljes tartalma a napló a postán.
  • Ne HijackThis volna meg valamit. A legtöbb, amit úgy találja majd ártalmatlan, sőt szükséges.
__________________
  #3  
Old November 6, 2008, 16:19
Új tag Csoport
  
Futottam a CCleaner és reinstalled új változata HijackThis.

Naplózás A Trend Micro HijackThis v2.0.2
Scan mentése 6:18:15, on 11/6/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Futó folyamatok:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ System32 \ Services.exe
C: \ WINDOWS \ System32 \ Lsass.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe
C: \ Program Files \ Common Files \ Ulead Systems \ automatikus felismerése \ monitor.exe
C: \ WINDOWS \ RTHDCPL.EXE
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C:: \ Program Files \ ASUS \ AASP \ 1.00.61 \ aaCenter.exe
C: \ WINDOWS \ System32 \ Rundll32.exe
C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
C: \ WINDOWS \ System32 \ Ctfmon.exe
C: \ WINDOWS \ System32 \ Spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ WINDOWS \ System32 \ nvsvc32.exe
C: \ WINDOWS \ System32 \ PSIService.exe
C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ s1S8Dh6X.exe
C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ AcroRd32.exe
C: \ PROGRA ~ 1 \ COMMON ~ 1 \ pcsuite \ DATALA ~ 1 \ DATALA ~ 1.EXE
C: \ WINDOWS \ System32 \ conime.exe
C: \ Program Files \ CCleaner \ CCleaner.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ System32 \ wuauclt.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
Az O2 - BHO: IE2EMBHO Class - (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E) - C: \ Program Files \ easyMule \ modules \ IE2EM.dll
O2 - BHO: RealPlayer letöltése és Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [Ai Nap] "C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe"
O4 - HKLM \ .. \ Run: [CPU Power Monitor] "C: \ Program Files \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe"
O4 - HKLM \ .. \ Run: [CPU Level Up help] C: \ Program Files \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe
"O4 - HKLM \ .. \ Run: [ASUS Energiatakarékossági]" C: \ Program Files \ ASUS \ AI Suite \ EnergySaving \ PwSave.exe "
O4 - HKLM \ .. \ Run: [Ulead automatikus felismerése v2] C: \ Program Files \ Common Files \ Ulead Systems \ automatikus felismerése \ monitor.exe
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [NvCplDaemon] Rundll32.exe C: \ WINDOWS \ System32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] Rundll32.exe C: \ WINDOWS \ System32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [NSLauncher] C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe / startup
O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe
"O4 - HKCU \ .. \ Run: [\ \ MING3 \ Epson Stylus C120 Series] C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32x86 \ 3 \ E_FATIC CA.EXE / FU" C: \ DOCUME ~ 1 \ MKJ \ LOCALS ~ 1 \ Temp \ E_S13.tmp "/ EF" HKCU "
O4 - HKCU \ .. \ Run: [PcSync] C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe / NoDialog
"O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2009] C: \ Program Files \ Uniblue \ RegistryBooster \ RegistryBooster.exe / S
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'Default user')
O8 - Extra context menu item: Hozzáadás a Google Photos Screensa & ver - res: / / C: \ WINDOWS \ System32 \ GPhotos.scr/200
O8 - Extra context menu item: Download by easyMule - C: \ Program Files \ easyMule \ IE2EM.htm
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O15 - ESC Megbízható zóna: http:// *. update.microsoft.com
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Fotó Feltöltő 5 Control) -- http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl osztály) -- http://www.update.microsoft.com/wind...?1224821007296
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl osztály) -- http://www.update.microsoft.com/micr...?1224825458984
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Ellenőrző Szolgálat (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ System32 \ nvsvc32.exe
O23 - Service: ProtexisLicensing - Ismeretlen tulajdonos - C: \ WINDOWS \ System32 \ PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
--
End of file - 7422 bytes



Mi a következő lépés?

Köszönöm a segítséget.
  #4  
Old November 6, 2008, 16:53
Moderátor Csoport
  
A gyanús fájlokat olvasni

Kérjük, látogasson el a VirSCAN.org ingyenes on-line keresési szolgáltatás
(Ha egynél több fájlt igényeit vizsgálva meg kell tenni, és külön-külön az egyes rönkök posted egy)

1. Másolja be a következő elérési utat a A gyanús fájlokat olvasni körzet az oldal tetején.
Kód:
C: \ WINDOWS \ System32 \ s1S8Dh6X.exe
2. A feltöltés helyén, kattintson egyszer belül az ablak mellett Tallózás.
3. Sajtó Ctrl + V a billentyűzetet (mindkettő egy időben), hogy be a fájl elérési útját be az ablakon.
4. Kattintson a Feltöltés gombra.
Ez elvégzi a scan több különböző víruskereső motorok.
A fájl esetleg majd be a sorba, amely rendszerint kevesebb, mint egy percig, hogy világos.
Fontos: Várja meg, amíg az összes szkennelés motorok teljes.
5. Miután befejeződött a Szkennelés lapozzunk lefelé, és kattintson a Másolás a vágólapra gombra. Ez a link másolatát a jelentés a vágólapra.
6. Illessze be a tartalmát a vágólapra a következő választ.
__________________
  #5  
Old November 6 2008, 17:19
Új tag Csoport
  
Itt van a vágólapra infó a fájl s1S8Dh6X.exe.

Fájl információ Fájlnév: s1S8Dh6X.exeFile Méret: 62.464 byteFile Típus: PE32 futtatható MS Windows (GUI) Intel 80386 32-bitMD5: 895f4e2eed5a30e317460e66989042d0SHA1: 8d133ba222ce2d511ff28d900586e79041a8b4cfScanner eredmények Scanner eredmény: 8% Scanner (3 / 39) megállapította, malware Időpont: 2008 / 11/06 19:15:08 (EST) MegjegyzésSzkennerMotor VerSig VerSig dátumaSzkennelés eredményeIdőa-squared4.0.0.232008.11.032008-11-03--
1.832AhnLab V32008.11.07.012008.11.072008-11-07--
0.987AntiVir7.9.0.267.1.0.492008-11-06--
1.503Antiy2.0.1820081106.15602992008-11-06--
0.122Arcavir1.0.52008110611442008-11-06--
1.227Authentium5.1.12008110611422008-11-06--
1.367AVAST! 3.0.1081106-02008-11-06--
0.725AVG7.5.52.442270.9.0/17722008-11-06Clicker.TXO
1.691BitDefender7.60825.20709477.217192008-11-07--
3.401CA (VET) 9.0.0.14331.6.61952008-11-06--
7.230ClamAV0.9485842008-11-07--
0.021Comodo2.112.0.0.6992008-11-06--
0.422CP Secure1.1.0.7152008.11.062008-11-06--
6.447Dr.Web4.44.0.91702008.11.062008-11-06--
3.465ewido4.0.0.22008.11.062008-11-06--
3.024F-Prot4.4.4.56200811062008-11-06--
1.293F-Secure5.51.61002008.11.06.112008-11-06--
3.681Fortinet2.81-3.1179.6922008-11-06--
0.215GData19.1393/19.94200811072008-11-07--
2.739IkarusT3.1.01.452008.11.06.718072008-11-06--
3.517JiangMin11.0.7062008.11.062008-11-06--
1.312Kaspersky5.5.102008.11.062008-11-06--
0.034KingSoft2008.9.8.182008.11.6.202008-11-06--
0.690McAfee5.3.0054262008-11-06--
2.352Microsoft1.41042008.11.072008-11-07--
8.785mks_vir2.012008.11.062008-11-06--
2.720Norman5.93.015.93.002008-11-06--
5.480nProtect2008-11-06,0023828662008-11-06--
5.379Panda9.05.012008.11.062008-11-06--
3.744Quick Heal9.502008.09.122008-09-12--
2.520Rising20.021.02.32.002008-11-06--
3.054Sophos2.80.04.352008-11-07Mal / EncPk-CZ
1.881Sunbelt3.1.1783.223742008-11-04--
1.058Symantec1.3.0.2420081106.0042008-11-06Infostealer
0.046The Hacker6.3.1.1v001432008-11-06--
0.445Trend Micro8.700-10045.642.172008-11-06--
0.028VBA323.12.8.920081106.17172008-11-06--
1.390ViRobot200811052008.11.052008-11-05--
0.398VirusBuster4.5.11.1010.90.27/6712492008-11-06--
0.876Thanks
  #6  
Old November 6, 2008, 17:30
Új tag Csoport
  
http://virscan.org/report/3510c11282...b9674c0c1.html

amit a link a beolvasott fájlt.
  #7  
Old November 6, 2008, 17:39
Moderátor Csoport
  
Letöltés ComboFix a köv az egyik a lenti linkeket. Győződjön meg róla, top menteni a Desktop.

Link # 1
Link # 2

** Megjegyzés: Fontos, hogy a telefon közvetlenül az asztalra

Zárjon be minden megnyitott webböngészők. (Firefox, Internet Explorer, stb) ComboFix megkezdése előtt.

Ideiglenesen kikapcsol öné antivirus, És minden AntiSpyware valós idejű védelem előtt elvégzi a vizsgálatot. Kattints ez a kapcsolat listájának megtekintéséhez biztonsági programokat kell, hogy a fogyatékkal élők és az, hogyan lehet letiltani őket.

Kattintson duplán combofix.exe és kövesse az instrukciókat.

A Windows XP rendszerek telepíteni a helyreállítási konzolt:

- Ha a Windows XP operációs rendszert használ, és ne már a helyreállítási konzolt telepítette, kérjük, hogy az Ön internet-kapcsolat (ha lehetséges), és kattintson Igen.
- Ha valami miatt az internet nem működik kattintson Nem.
-- Ha nem Windows XP, akkor nem kéri.
- Amikor a rendszer kéri, hogy elfogadja az EULA kattintson OK.
- Elfogadom a Microsoft végfelhasználói licencszerződés (Click Igen).
- Amikor azt mondják, hogy az RC van telepítve kattintson IGEN hogy folytassa a szkennelés malware.

Ha kész ComboFix fog log Önnek.
A Post ComboFix napló a következő választ.

Fontos: Ne mouseclick ComboFix az ablakon, miközben az fut. Ez okozhatja, hogy az istálló.

Ne felejtsük el újra, hogy a víruskereső és AntiSpyware során ComboFix kész.
__________________
  #8  
Old November 6, 2008, 17:57
Új tag Csoport
  
ComboFix Napló

ComboFix 08-11-05.02 - MKJ 2008-11-06 19:51:34.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3144 [GMT -5:00]
Running from: c: \ documents and settings \ MKJ \ Desktop \ ComboFix.exe
.
((((((((((((((((((((((((( Létrehozott fájlok 2008/10/07-tól a 2008/11/07 ))))))))))) ))))))))))))))))))))
.
2008-11-06 18:15. 2008-11-06 18:15 <DIR> d -------- C: \ Program Files \ CCleaner
2008-11-06 03:51. 2008-11-06 03:51 <DIR> d -------- C: \ Program Files \ Trend Micro
2008-11-06 03:22. 2008-11-06 03:22 <DIR> d -------- C: \ Program Files \ ALWIL Software
2008-11-06 02:10. 2008-11-06 02:10 <DIR> d -------- C: \ Program Files \ Reference Assemblies
2008-11-06 02:07. 2008-11-06 02:07 <DIR> dr-h ----- C: \ AHCache
2008-11-05 23:11. 2008-11-06 02:12 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ Uniblue
2008-11-05 22:05. 2008-11-05 22:05 <DIR> d -------- C: \ Documents and Settings \ Rendszergazda \ Application Data \ Malwarebytes
2008-11-05 22:04. 2008-11-05 22:04 <DIR> d -------- C: \ Documents and Settings \ Rendszergazda
2008-11-05 16:34. 2008-11-05 16:34 <DIR> d -------- C: \ Program Files \ Xanga Feltöltő
2008-11-05 16:34. 2008-11-05 16:34 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \. Xuploader
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- C: \ Program Files \ Malwarebytes 'Anti-Malware
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ Malwarebytes
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-11-05 16:08. 2008-10-22 16:10 38.496 - a ------ C: \ Windows \ System32 \ drivers \ mbamswissarmy.sys
2008-11-05 16:08. 2008-10-22 16:10 15.504 - a ------ C: \ Windows \ System32 \ drivers \ mbam.sys
2008-11-05 15:38. 2008-11-05 15:38 62.464 - a ------ C: \ Windows \ System32 \ s1S8Dh6X.exe
2008-11-01 16:18. 2008-11-01 16:18 <DIR> d -------- C: \ Windows \ System32 \ Iosubsys
2008-11-01 16:18. 2008-11-01 16:18 <DIR> d -------- C: \ Program Files \ Google
2008-10-28 02:00. 2008-10-28 02:00 <DIR> d -------- C: \ Program Files \ MSXML 4.0 szolgáltatás
2008-10-28 01:19. 2008-10-28 01:19 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ Nokia
2008-10-28 01:19. 2008-10-28 01:19 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ Datalayer
2008-10-28 01:18. 2008-10-30 05:43 <DIR> d -------- C: \ documents and settings \ MKJ \ Phone Browser mappában
2008-10-28 00:55. 2008-10-28 00:55 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ DivX
2008-10-28 00:54. 2008-10-28 00:54 <DIR> d -------- C: \ Program Files \ Windows Media Components
2008-10-28 00:54. 2005-06-10 09:43 73.728 - a ------ C: \ Windows \ System32 \ ISUSPM.cpl
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- C: \ Program Files \ DIFX
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- C: \ Program Files \ Common Files \ Nokia
2008-10-28 00:50. 2008-10-28 00:58 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ PC Suite programot
2008-10-28 00:50. 2008-10-28 00:58 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PC Suite programot
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Downloaded Telepítések
2008-10-28 00:50. 2006-05-29 07:26 127.488 - a ------ C: \ Windows \ System32 \ drivers \ nmwcd.sys
2008-10-28 00:50. 2006-05-29 07:26 50.688 - a ------ C: \ Windows \ System32 \ nmwcdcls.dll
2008-10-28 00:50. 2006-05-29 07:26 30.720 - a ------ C: \ Windows \ System32 \ nmwcdcocls.dll
2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ C: \ Windows \ System32 \ drivers \ nmwcdcm.sys
2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ C: \ Windows \ System32 \ drivers \ nmwcdcj.sys
2008-10-28 00:50. 2006-05-29 07:26 8.704 - a ------ C: \ Windows \ System32 \ drivers \ nmwcdc.sys
2008-10-28 00:50. 2006-05-29 07:26 4.608 - a ------ C: \ Windows \ System32 \ nmwcdlog.dll
2008-10-28 00:49. 2008-10-28 00:49 <DIR> d -------- C: \ Windows \ Downloaded Telepítések
2008-10-28 00:49. 2008-10-28 00:51 <DIR> d -------- C: \ Program Files \ Nokia
2008-10-28 00:49. 2008-10-28 00:50 <DIR> d -------- C: \ Program Files \ Common Files \ pcsuite címen
2008-10-27 23:54. 2008-10-27 23:54 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ EPSON
2008-10-27 21:55. 2008-10-27 21:55 <DIR> d -------- C: \ Program Files \ Ventrilo
2008-10-27 21:55. 2008-10-27 21:55 <DIR> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard
2008-10-27 21:55. 2008-10-27 21:56 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ Ventrilo
2008-10-27 21:13. 2008-11-06 19:50 160.100 - a ------ C: \ Windows \ System32 \ nvapps.xml
2008-10-27 21:05. 2008-11-05 16:09 <DIR> da ------ C: \ Documents and Settings \ All Users \ Application Data \ TEMP
2008-10-26 23:48. 2008-11-06 05:29 <DIR> d -------- C: \ Program Files \ easyMule
2008-10-26 13:53. 2008-10-26 13:53 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ Viewpoint
2008-10-25 19:37. 2008-10-25 19:37 <DIR> d -------- C: \ Program Files \ iPod
2008-10-25 19:37. 2008-10-25 19:37 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ Apple Computer
2008-10-25 19:37. 2008-04-17 12:12 107.368 - a ------ C: \ Windows \ System32 \ GEARAspi.dll
2008-10-25 19:37. 2008-04-17 12:12 15.464 - a ------ C: \ Windows \ System32 \ drivers \ GEARAspiWDM.sys
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Program Files \ QuickTime
2008-10-25 19:36. 2008-10-25 19:37 <DIR> d -------- C: \ Program Files \ iTunes
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Program Files \ Bonjour -
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Program Files \ Apple Software Update
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple Computer
2008-10-25 19:36. 2008-10-25 19:37 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ (3276BE95_AF08_429F_A64F_CA64CB79BCF6)
2008-10-25 19:35. 2008-10-25 19:36 <DIR> d -------- C: \ Program Files \ Common Files \ Apple
2008-10-25 19:35. 2008-10-25 19:35 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple
2008-10-24 18:11. 2007-07-30 18:19 271.224 - a ------ C: \ Windows \ System32 \ mucltui.dll
2008-10-24 18:11. 2007-07-30 18:19 30.072 - a ------ C: \ Windows \ System32 \ mucltui.dll.mui
2008-10-24 15:39. 2008-10-24 15:39 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Blizzard
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- C: \ Program Files \ Real
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- C: \ Program Files \ Common Files \ xing megosztott
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- C: \ Program Files \ Common Files \ Real
2008-10-24 14:07. 2008-10-24 14:07 <DIR> d -------- C: \ documents and settings \ MKJ \ Logs
2008-10-24 13:59. 2008-10-24 13:59 <DIR> d -------- C: \ Logs
2008-10-24 10:05. 2008-10-27 21:15 <DIR> d -------- C: \ windows \ nView
2008-10-24 10:05. 2008-01-10 01:30 442.368-ra ------ C: \ Windows \ System32 \ nvusmb.exe
2008-10-24 10:05. 2008-03-06 15:23 442.368 - a ------ C: \ Windows \ System32 \ NVUNINST.EXE
2008-10-24 10:05. 2008-03-19 04:04 442.368 - a ------ C: \ Windows \ System32 \ nvudisp.exe
2008-10-24 10:05. 2007-09-27 22:32 356.352-ra ------ C: \ Windows \ System32 \ nvusmu.exe
2008-10-24 10:05. 2008-01-03 17:26 17.737 - a ------ C: \ Windows \ System32 \ nvdisp.nvu
2008-10-24 10:05. 2007-10-12 03:53 13.312-ra ------ C: \ Windows \ System32 \ drivers \ nvsmu.sys
2008-10-24 10:05. 2007-12-07 03:12 5.836 - a ------ C: \ Windows \ System32 \ nvnrm.nvu
2008-10-24 10:05. 2008-01-16 17:17 3.948-ra ------ C: \ Windows \ System32 \ drivers \ nvphy.bin
2008-10-24 10:05. 2007-12-07 01:34 2.016-ra ------ C: \ Windows \ System32 \ nvsmb.nvu
2008-10-24 10:05. 2007-09-12 01:14 659-ra ------ C: \ Windows \ System32 \ nvsmu.nvu
2008-10-24 10:04. 2008-10-23 22:44 35.647 - a ------ C: \ windows \ Ascd_log.ini
.
(((((((((((((((((((((((((((((((((((((((( Find3M Jelentés )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-06 10:37 --------- d ----- wc: \ Program Files \ AIMTunes
2008-11-04 21:36 --------- d ----- wc: \ Program Files \ World of Warcraft -
2008-10-28 05:55 --------- d ----- wc: \ Program Files \ Common Files \ Ulead Systems
2008-10-28 05:55 --------- d ----- wc: \ documents and settings \ MKJ \ Application Data \ Ulead Systems
2008-10-28 05:54 --------- d ----- wc: \ Program Files \ Ulead Systems
2008-10-28 05:54 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ Ulead Systems
2008-10-28 05:53 --------- d - h - wc: \ Program Files \ InstallShield Installation Information
2008-10-28 05:02 --------- d ----- wc: \ Program Files \ Common Files \ Adobe
2008-10-24 19:24 499.712 ---- aw C: \ Windows \ System32 \ Msvcp71.dll
2008-10-24 19:24 348.160 ---- aw C: \ Windows \ System32 \ Msvcr71.dll
2008-10-24 14:51 --------- d ----- wc: \ Program Files \ microsoft frontpage
2008-10-24 07:55 --------- d ----- wc: \ Program Files \ MSN Messenger programba
2008-10-24 06:09 --------- d ----- wc: \ Program Files \ Microsoft CAPICOM 2.1.0.2
2008-10-24 05:44 --------- d ----- wc: \ Program Files \ Winamp -
2008-10-24 05:44 --------- d ----- wc: \ documents and settings \ MKJ \ Application Data \ Winamp -
2008-10-24 05:40 --------- d ----- wc: \ documents and settings \ MKJ \ Application Data \ acccore
2008-10-24 05:39 --------- d ----- wc: \ Program Files \ AIM6
2008-10-24 05:39 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ AOL Letöltések
2008-10-24 05:38 --------- d ----- wc: \ Program Files \ Viewpoint
2008-10-24 05:38 --------- d ----- wc: \ Program Files \ Common Files \ AOL
2008-10-24 05:38 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ Viewpoint
2008-10-24 05:38 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ AOL OCP -
2008-10-24 05:38 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ AOL
2008-10-24 05:38 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ acccore
2008-10-24 05:32 --------- d ----- wc: \ Program Files \ Common Files \ Blizzard Entertainment
2008-10-24 05:20 --------- d ----- wc: \ Program Files \ Windows Media Connect 2
2008-10-24 05:10 --------- d ----- wc: \ Program Files \ DivX
2008-10-24 05:08 --------- d ----- wc: \ Program Files \ DefilerPak
2008-10-24 04:37 --------- d ----- wc: \ Program Files \ Realtek
2008-10-24 04:33 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ Symantec
2008-10-24 04:18 --------- d ----- wc: \ Program Files \ Common Files \ Symantec Shared
2008-10-24 03:58 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ InstallShield
2008-10-24 03:57 --------- d ----- wc: \ Program Files \ Common Files \ InstallShield
2008-10-24 03:54 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ Corel
2008-10-24 03:33 --------- d ----- wc: \ Program Files \ ASUS
2008-10-24 03:08 315.392 ---- aw C: \ windows \ HideWin.exe
2008-10-24 03:08 --------- d ----- wc: \ program files \ profile
2008-10-24 00:18 2.302.017 ---- aw C: \ Windows \ System32 \ GPhotos.scr
2008-09-23 22:46 245.408 ---- aw C: \ Windows \ System32 \ unicows.dll
2008-09-15 12:12 1.846.400 ---- aw C: \ Windows \ System32 \ Win32k.sys
2008-09-08 10:41 333.824 ---- aw C: \ Windows \ System32 \ Drivers \ Srv.sys
2008-08-29 14:18 87.336 ---- aw C: \ windows \ system32 \ dns-sd.exe
2008-08-29 13:53 61.440 ---- aw C: \ Windows \ System32 \ dnssd.dll
2008-08-26 07:24 826.368 ---- aw C: \ Windows \ System32 \ Wininet.dll
2008-08-14 10:09 2.145.280 ---- aw C: \ Windows \ System32 \ ntoskrnl.exe
2008-08-14 09:33 2.023.936 ---- aw C: \ Windows \ System32 \ Ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Megjegyzés * empty entries & legit default bejegyzések nem jelennek meg
REGEDIT4
[HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E)]
2008-10-23 02:37 147928 - a ------ C: \ Program Files \ easyMule \ modules \ IE2EM.dll
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
: "CTFMON.EXE" = "c: \ windows \ system32 \ CTFMON.EXE" [2008-04-13 15360]
"\ \ MING3 \ EPSON Stylus C120 Series "=" c: \ windows \ System32 \ spool \ DRIVERS \ W32x86 \ 3 \ E_FATICCA.EXE "[2007-03-12 182272]
"PcSync" = "C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe" [2006-06-27 1449984]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
: "PHIME2002ASync" = "c: \ windows \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE" [2004-08-04 455168]
: "PHIME2002A" = "c: \ windows \ System32 \ IME \ TINTLGNT \ TIN TSETP.EXE" [2004-08-04 455168]
: "Ai Nap" = "c: \ Program Files \ ASUS \ AI Suite \ AiNap \ AiNap.exe" [2008-01-28 1413120]
: "CPU Power Monitor" = "c: \ Program Files \ ASUS \ AI Suite \ AiGear3 \ CpuPowerMonitor.exe" [2008-01-09 627200]
"CPU Level Up help" = "c: \ Program Files \ ASUS \ AI Suite \ CpuLevelUpHelp.exe" [2007-11-30 881152]
"ASUS Energy Saving" = "c: \ Program Files \ ASUS \ AI Suite \ EnergySaving \ PwSave.exe" [2008-01-28 1352704]
: "Ulead automatikus felismerése v2" = "c: \ Program Files \ Common Files \ Ulead Systems \ automatikus felismerése \ monitor.exe" [2006-11-29 90112]
: "TkBellExe" = "c: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe" [2008-10-24 185872]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008-09-06 413696]
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008-10-01 289576]
: "NvCplDaemon" = "c: \ windows \ system32 \ NvCpl.dll" [2008-01-03 13508608]
: "NvMediaCenter" = "c: \ windows \ system32 \ NvMcTray. Dll" [2008-01-03 86016]
"Adobe Reader Speed Launcher" = "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe" [2008-01-11 39792]
"NSLauncher" = "C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe" [2006-11-28 2658304]
"avast!" = "c: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp. exe" [2008-07-19 78008]
: "RTHDCPL" = "RTHDCPL.EXE" [2008/05/07 c: \ windows \ RTHDCPL.exe]
"nwiz" = "nwiz.exe" [2008/01/03 c: \ windows \ system32 \ nwiz.exe]
[HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ Run]
: "CTFMON.EXE" = "c: \ windows \ System32 \ CTFMON.EXE" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ drivers32]
"msacm.dvacm" = c: \ PROGRA ~ 1 \ COMMON ~ 1 \ ULEADS ~ 1 \ Vio \ Dvacm.acm
"msacm.divxa32" = DivXa32.acm
: "msacm.ulmp3acm" = c: \ progra ~ 1 \ COMMON ~ 1 \ ULEADS ~ 1 \ MPEG \ ulmp3acm.acm
: "msacm.mpegacm" = c: \ progra ~ 1 \ COMMON ~ 1 \ ULEADS ~ 1 \ MPEG \ mpegacm.acm
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnet3.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnet3 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnet3 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx30SP1setup.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx30SP1setup [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx30SP1setup [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx35.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx35setup.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx35setup [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx35setup [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx35 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx35 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3setup.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3setup [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3setup [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3_ia64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3_ia64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3_ia64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3_x64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3_x64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3_x64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_ia64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_ia64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_ia64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_x64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_x64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_x64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_x86.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_x86 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_x86 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_ia64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_ia64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_ia64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_x64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_x64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_x64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_x86.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_x86 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_x86 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx30SP1_x64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx30SP1_x64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx30SP1_x64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx30SP1_x86.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx30SP1_x86 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx30SP1_x86 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_ia64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_ia64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_ia64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_x64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_x64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_x64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_x86.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_x86 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_x86 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ standardprofile \ AuthorizedApplications \ List]
"% windir% \ \ System32 \ \ Sessmgr.exe" =
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"c: \ \ Program Files \ \ AIM6 \ \ aim6.exe" =
"c: \ \ Program Files \ \ \ World of Warcraft \ \ WoW-2.3.0-enUS-downloader.exe" =
"c: \ \ Program Files \ \ MSN Messenger \ \ msnmsgr.exe" =
"c: \ \ Program Files \ \ MSN Messenger \ \ livecall.exe" =
"c: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" =
"c: \ \ Program Files \ \ iTunes \ \ iTunes.exe" =
"c: \ \ Program Files \ \ \ easyMule \ \ emule.exe" =
[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ standardprofile \ GloballyOpenPorts \ List]
"3724: TCP" = 3724: TCP: Blizzard Downloader: 3724
: "12178: TCP" = 12178: TCP: BitComet 12.178 TCP
: "12178: UDP" = 12178: UDP: BitComet 12.178 UDP
R1 aswSP; avast! Self Protection; c: \ windows \ system32 \ drivers \ aswSP.sys [2008-07-19 78416]
R2 aswFsBlk; aswFsBlk: c: \ windows \ system32 \ DRIVERS \ aswF sBlk.sys [2008-07-19 20560]
R2 Viewpoint Manager Service; Viewpoint Manager Service; c: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe [2007-01-04 24652]
R3 NVHDA; szolgálat NVIDIA High Definition Audio Driver; c: \ windows \ system32 \ drivers \ nvhda32.sys [2008-05-04 38560]
.
Tartalma az "Ütemezett feladatok" mappába
2008/11/01 c: \ windows \ Tasks \ AppleSoftwareUpdate.job
- C: \ Program Files \ Apple Software Update \ SoftwareUpdate.exe [2008-07-30 11:34]
2008/11/06 c: \ windows \ Tasks \ At1.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At10.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At11.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At12.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At13.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At14.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At15.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At16.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06: c: \ windows \ feladatok \ At17.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At18.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At19.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At2.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/07 c: \ windows \ Tasks \ At20.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At21.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At22.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At23.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At24.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At3.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At4.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At5.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At6.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At7.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At8.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 c: \ windows \ Tasks \ At9.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
.
- - - - ÁRVAELLÁTÁS REMOVED - - - --
HKCU-Run-Uniblue RegistryBooster 2009 - C: \ Program Files \ Uniblue \ RegistryBooster \ RegistryBooster.exe
MSConfigStartUp-Uniblue RegistryBooster 2009 - C: \ Program Files \ Uniblue \ RegistryBooster \ RegistryBooster.exe

.
Kiegészítő Scan ------- -------
.
R0 -: HKCU-Main, Start Page = about: blank
R1 -: HKCU-Internet beállítások ProxyOverride = *. helyi
O8 -: Add to Google Photos Screensa & ver - c: \ windows \ system32 \ GPhotos.scr/200
O8 -: Letöltés által easyMule - C: \ Program Files \ easyMule \ IE2EM.htm
.
************************************************** ************************
CatchMe 0.3.1367 W2K/XP/Vista - Rootkit / stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-06 19:54:20
5/1/2600 Windows Service Pack 3 NTFS
szkennelés rejtett folyamatok ...
scanning hidden autostart entries ...
scanning hidden files ...
scan sikeresen befejeződött
hidden files: 0
************************************************** ************************
.
Teljesítés ideje: 2008-11-06 19:54:45
ComboFix-karantén-files.txt 2008-11-07 00:54:42
Pre-Run: 41621639168 byte szabad
Post-Run: 41699291136 byte szabad
396 --- EOF --- 2008-10-28 07:00:21
  #9  
Old November 6, 2008, 18:28
Moderátor Csoport
  
Megjegyzés: Az alábbi utasításokat hoztak létre külön erre a felhasználót. Ha nem ez a felhasználó, NEM alábbi irányokba, mivel azok károsíthatják a működését a rendszer

Törölje ezeket a fájlokat / mappákat, az alábbiak szerint:

1. Menj a Start > Fut > Type Notepad.exe , és kattintson OK megnyitásához Jegyzettömbbe.
Azt kell a Jegyzettömb, nem Wordpad.
2. Másolja az alábbi szöveget a kód mezőbe, kiemelve az összes szöveget, és nyomja meg Ctrl + C

Kód:
Killall:: File:: c: \ windows \ system32 \ s1S8Dh6X.exe c: \ windows \ Tasks \ At1.job c: \ windows \ Tasks \ At10.job c: \ windows \ Tasks \ At11.job c: \ windows \ Tasks \ At12.job c: \ windows \ Tasks \ At13.job c: \ windows \ Tasks \ At14.job c: \ windows \ Tasks \ At15.job c: \ windows \ Tasks \ At16.job c: \ windows \ Tasks \ At17.job c: \ windows \ Tasks \ At18.job c: \ windows \ Tasks \ At19.job c: \ windows \ Tasks \ At2.job c: \ windows \ Tasks \ At20.job c: \ windows \ Tasks \ At21.job c: \ windows \ Tasks \ At22.job c: \ windows \ Tasks \ At23.job c: \ windows \ Tasks \ At24.job c: \ windows \ Tasks \ At3.job c: \ windows \ Tasks \ At4.job c: \ windows \ Tasks \ At5.job c: \ windows \ Tasks \ At6.job c: \ windows \ Tasks \ At7.job c: \ windows \ Tasks \ At8.job c: \ windows \ Tasks \ At9.job
3. Ugrás a Jegyzettömb ablak, és kattintson Szerkesztés > Beillesztés
4. Ezután kattintson a Fájl > Ment
5. A fájl neve CFScript.txt - Mentsük a fájlt az asztalra
6. Ezután húzza a CFScript (tartsuk lenyomva a bal egérgombot, miközben húzza a fájlt), és dobja el (engedje el a bal egérgombot) a ComboFix.exe mint látod a screenshot alább. Fontos: Végezze el ezt az utasítást figyelmesen!



ComboFix kezdődik végrehajtásához, kövesse az instrukciókat.
Újraindítás után (amennyiben azt kéri, hogy reboot), majd egy naplót az Ön számára.
Post hogy log (Combofix.txt) a következő választ.

Megjegyzés: Ne mouseclick ComboFix az ablakon, miközben az fut. Ezt okozhatja a rendszer befagyasztja
__________________
  #10  
Old November 6, 2008, 18:37
Új tag Csoport
  
ComboFix Napló

ComboFix 08-11-05.02 - MKJ 2008-11-06 20:31:01.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2458 [GMT -5:00]
Running from: c: \ documents and settings \ MKJ \ Desktop \ ComboFix.exe
Parancs kapcsolók használni:: c: \ documents and settings \ MKJ \ Desktop \ CFScript.txt
* Létrehozott egy új visszaállítási pontot
Kép:
c: \ windows \ system32 \ s1S8Dh6X.exe
c: \ windows \ feladatok \ At1.job
c: \ windows \ feladatok \ At10.job
c: \ windows \ feladatok \ At11.job
c: \ windows \ feladatok \ At12.job
c: \ windows \ feladatok \ At13.job
c: \ windows \ feladatok \ At14.job
c: \ windows \ feladatok \ At15.job
c: \ windows \ feladatok \ At16.job
c: \ windows \ feladatok \ At17.job
c: \ windows \ feladatok \ At18.job
c: \ windows \ feladatok \ At19.job
c: \ windows \ feladatok \ At2.job
c: \ windows \ feladatok \ At20.job
c: \ windows \ feladatok \ At21.job
c: \ windows \ feladatok \ At22.job
c: \ windows \ feladatok \ At23.job
c: \ windows \ feladatok \ At24.job
c: \ windows \ feladatok \ At3.job
c: \ windows \ feladatok \ At4.job
c: \ windows \ feladatok \ At5.job
c: \ windows \ feladatok \ At6.job
c: \ windows \ feladatok \ At7.job
c: \ windows \ feladatok \ At8.job
c: \ windows \ feladatok \ At9.job
.
Egyéb ((((((((((((((((((((((((((((((((((((((( Törlések ))))))))) ))))))))))))))))))))))))))))))))))))))))
.
c: \ windows \ system32 \ s1S8Dh6X.exe
c: \ windows \ feladatok \ At1.job
c: \ windows \ feladatok \ At10.job
c: \ windows \ feladatok \ At11.job
c: \ windows \ feladatok \ At12.job
c: \ windows \ feladatok \ At13.job
c: \ windows \ feladatok \ At14.job
c: \ windows \ feladatok \ At15.job
c: \ windows \ feladatok \ At16.job
c: \ windows \ feladatok \ At17.job
c: \ windows \ feladatok \ At18.job
c: \ windows \ feladatok \ At19.job
c: \ windows \ feladatok \ At2.job
c: \ windows \ feladatok \ At20.job
c: \ windows \ feladatok \ At21.job
c: \ windows \ feladatok \ At22.job
c: \ windows \ feladatok \ At23.job
c: \ windows \ feladatok \ At24.job
c: \ windows \ feladatok \ At3.job
c: \ windows \ feladatok \ At4.job
c: \ windows \ feladatok \ At5.job
c: \ windows \ feladatok \ At6.job
c: \ windows \ feladatok \ At7.job
c: \ windows \ feladatok \ At8.job
c: \ windows \ feladatok \ At9.job
.
((((((((((((((((((((((((( Létrehozott fájlok 2008/10/07-tól a 2008/11/07 ))))))))))) ))))))))))))))))))))
.
2008-11-06 18:15. 2008-11-06 18:15 <DIR> d -------- C: \ Program Files \ CCleaner
2008-11-06 03:51. 2008-11-06 03:51 <DIR> d -------- C: \ Program Files \ Trend Micro
2008-11-06 03:22. 2008-11-06 03:22 <DIR> d -------- C: \ Program Files \ ALWIL Software
2008-11-06 02:10. 2008-11-06 02:10 <DIR> d -------- C: \ Program Files \ Reference Assemblies
2008-11-06 02:07. 2008-11-06 02:07 <DIR> dr-h ----- C: \ AHCache
2008-11-05 23:11. 2008-11-06 02:12 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ Uniblue
2008-11-05 22:05. 2008-11-05 22:05 <DIR> d -------- C: \ Documents and Settings \ Rendszergazda \ Application Data \ Malwarebytes
2008-11-05 22:04. 2008-11-05 22:04 <DIR> d -------- C: \ Documents and Settings \ Rendszergazda
2008-11-05 16:34. 2008-11-05 16:34 <DIR> d -------- C: \ Program Files \ Xanga Feltöltő
2008-11-05 16:34. 2008-11-05 16:34 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \. Xuploader
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- C: \ Program Files \ Malwarebytes 'Anti-Malware
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ Malwarebytes
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-11-05 16:08. 2008-10-22 16:10 38.496 - a ------ C: \ Windows \ System32 \ drivers \ mbamswissarmy.sys
2008-11-05 16:08. 2008-10-22 16:10 15.504 - a ------ C: \ Windows \ System32 \ drivers \ mbam.sys
2008-11-01 16:18. 2008-11-01 16:18 <DIR> d -------- C: \ Windows \ System32 \ Iosubsys
2008-11-01 16:18. 2008-11-01 16:18 <DIR> d -------- C: \ Program Files \ Google
2008-10-28 02:00. 2008-10-28 02:00 <DIR> d -------- C: \ Program Files \ MSXML 4.0 szolgáltatás
2008-10-28 01:19. 2008-10-28 01:19 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ Nokia
2008-10-28 01:19. 2008-10-28 01:19 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ Datalayer
2008-10-28 01:18. 2008-10-30 05:43 <DIR> d -------- C: \ documents and settings \ MKJ \ Phone Browser mappában
2008-10-28 00:55. 2008-10-28 00:55 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ DivX
2008-10-28 00:54. 2008-10-28 00:54 <DIR> d -------- C: \ Program Files \ Windows Media Components
2008-10-28 00:54. 2005-06-10 09:43 73.728 - a ------ C: \ Windows \ System32 \ ISUSPM.cpl
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- C: \ Program Files \ DIFX
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- C: \ Program Files \ Common Files \ Nokia
2008-10-28 00:50. 2008-10-28 00:58 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ PC Suite programot
2008-10-28 00:50. 2008-10-28 00:58 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PC Suite programot
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Downloaded Telepítések
2008-10-28 00:50. 2006-05-29 07:26 127.488 - a ------ C: \ Windows \ System32 \ drivers \ nmwcd.sys
2008-10-28 00:50. 2006-05-29 07:26 50.688 - a ------ C: \ Windows \ System32 \ nmwcdcls.dll
2008-10-28 00:50. 2006-05-29 07:26 30.720 - a ------ C: \ Windows \ System32 \ nmwcdcocls.dll
2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ C: \ Windows \ System32 \ drivers \ nmwcdcm.sys
2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ C: \ Windows \ System32 \ drivers \ nmwcdcj.sys
2008-10-28 00:50. 2006-05-29 07:26 8.704 - a ------ C: \ Windows \ System32 \ drivers \ nmwcdc.sys
2008-10-28 00:50. 2006-05-29 07:26 4.608 - a ------ C: \ Windows \ System32 \ nmwcdlog.dll
2008-10-28 00:49. 2008-10-28 00:49 <DIR> d -------- C: \ Windows \ Downloaded Telepítések
2008-10-28 00:49. 2008-10-28 00:51 <DIR> d -------- C: \ Program Files \ Nokia
2008-10-28 00:49. 2008-10-28 00:50 <DIR> d -------- C: \ Program Files \ Common Files \ pcsuite címen
2008-10-27 23:54. 2008-10-27 23:54 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ EPSON
2008-10-27 21:55. 2008-10-27 21:55 <DIR> d -------- C: \ Program Files \ Ventrilo
2008-10-27 21:55. 2008-10-27 21:55 <DIR> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard
2008-10-27 21:55. 2008-10-27 21:56 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ Ventrilo
2008-10-27 21:13. 2008-11-06 20:34 160.100 - a ------ C: \ Windows \ System32 \ nvapps.xml
2008-10-27 21:05. 2008-11-05 16:09 <DIR> da ------ C: \ Documents and Settings \ All Users \ Application Data \ TEMP
2008-10-26 23:48. 2008-11-06 05:29 <DIR> d -------- C: \ Program Files \ easyMule
2008-10-26 13:53. 2008-10-26 13:53 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ Viewpoint
2008-10-25 19:37. 2008-10-25 19:37 <DIR> d -------- C: \ Program Files \ iPod
2008-10-25 19:37. 2008-10-25 19:37 <DIR> d -------- C: \ documents and settings \ MKJ \ Application Data \ Apple Computer
2008-10-25 19:37. 2008-04-17 12:12 107.368 - a ------ C: \ Windows \ System32 \ GEARAspi.dll
2008-10-25 19:37. 2008-04-17 12:12 15.464 - a ------ C: \ Windows \ System32 \ drivers \ GEARAspiWDM.sys
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Program Files \ QuickTime
2008-10-25 19:36. 2008-10-25 19:37 <DIR> d -------- C: \ Program Files \ iTunes
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Program Files \ Bonjour -
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Program Files \ Apple Software Update
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple Computer
2008-10-25 19:36. 2008-10-25 19:37 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ (3276BE95_AF08_429F_A64F_CA64CB79BCF6)
2008-10-25 19:35. 2008-10-25 19:36 <DIR> d -------- C: \ Program Files \ Common Files \ Apple
2008-10-25 19:35. 2008-10-25 19:35 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple
2008-10-24 18:11. 2007-07-30 18:19 271.224 - a ------ C: \ Windows \ System32 \ mucltui.dll
2008-10-24 18:11. 2007-07-30 18:19 30.072 - a ------ C: \ Windows \ System32 \ mucltui.dll.mui
2008-10-24 15:39. 2008-10-24 15:39 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Blizzard
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- C: \ Program Files \ Real
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- C: \ Program Files \ Common Files \ xing megosztott
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- C: \ Program Files \ Common Files \ Real
2008-10-24 14:07. 2008-10-24 14:07 <DIR> d -------- C: \ documents and settings \ MKJ \ Logs
2008-10-24 13:59. 2008-10-24 13:59 <DIR> d -------- C: \ Logs
2008-10-24 10:05. 2008-10-27 21:15 <DIR> d -------- C: \ windows \ nView
2008-10-24 10:05. 2008-01-10 01:30 442.368-ra ------ C: \ Windows \ System32 \ nvusmb.exe
2008-10-24 10:05. 2008-03-06 15:23 442.368 - a ------ C: \ Windows \ System32 \ NVUNINST.EXE
2008-10-24 10:05. 2008-03-19 04:04 442.368 - a ------ C: \ Windows \ System32 \ nvudisp.exe
2008-10-24 10:05. 2007-09-27 22:32 356.352-ra ------ C: \ Windows \ System32 \ nvusmu.exe
2008-10-24 10:05. 2008-01-03 17:26 17.737 - a ------ C: \ Windows \ System32 \ nvdisp.nvu
2008-10-24 10:05. 2007-10-12 03:53 13.312-ra ------ C: \ Windows \ System32 \ drivers \ nvsmu.sys
2008-10-24 10:05. 2007-12-07 03:12 5.836 - a ------ C: \ Windows \ System32 \ nvnrm.nvu
2008-10-24 10:05. 2008-01-16 17:17 3.948-ra ------ C: \ Windows \ System32 \ drivers \ nvphy.bin
2008-10-24 10:05. 2007-12-07 01:34 2.016-ra ------ C: \ Windows \ System32 \ nvsmb.nvu
2008-10-24 10:05. 2007-09-12 01:14 659-ra ------ C: \ Windows \ System32 \ nvsmu.nvu
2008-10-24 10:04. 2008-10-23 22:44 35.647 - a ------ C: \ windows \ Ascd_log.ini
.
(((((((((((((((((((((((((((((((((((((((( Find3M Jelentés )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-06 10:37 --------- d ----- wc: \ Program Files \ AIMTunes
2008-11-04 21:36 --------- d ----- wc: \ Program Files \ World of Warcraft -
2008-10-28 05:55 --------- d ----- wc: \ Program Files \ Common Files \ Ulead Systems
2008-10-28 05:55 --------- d ----- wc: \ documents and settings \ MKJ \ Application Data \ Ulead Systems
2008-10-28 05:54 --------- d ----- wc: \ Program Files \ Ulead Systems
2008-10-28 05:54 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ Ulead Systems
2008-10-28 05:53 --------- d - h - wc: \ Program Files \ InstallShield Installation Information
2008-10-28 05:02 --------- d ----- wc: \ Program Files \ Common Files \ Adobe
2008-10-24 19:24 499.712 ---- aw C: \ Windows \ System32 \ Msvcp71.dll
2008-10-24 19:24 348.160 ---- aw C: \ Windows \ System32 \ Msvcr71.dll
2008-10-24 14:51 --------- d ----- wc: \ Program Files \ microsoft frontpage
2008-10-24 07:55 --------- d ----- wc: \ Program Files \ MSN Messenger programba
2008-10-24 06:09 --------- d ----- wc: \ Program Files \ Microsoft CAPICOM 2.1.0.2
2008-10-24 05:44 --------- d ----- wc: \ Program Files \ Winamp -
2008-10-24 05:44 --------- d ----- wc: \ documents and settings \ MKJ \ Application Data \ Winamp -
2008-10-24 05:40 --------- d ----- wc: \ documents and settings \ MKJ \ Application Data \ acccore
2008-10-24 05:39 --------- d ----- wc: \ Program Files \ AIM6
2008-10-24 05:39 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ AOL Letöltések
2008-10-24 05:38 --------- d ----- wc: \ Program Files \ Viewpoint
2008-10-24 05:38 --------- d ----- wc: \ Program Files \ Common Files \ AOL
2008-10-24 05:38 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ Viewpoint
2008-10-24 05:38 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ AOL OCP -
2008-10-24 05:38 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ AOL
2008-10-24 05:38 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ acccore
2008-10-24 05:32 --------- d ----- wc: \ Program Files \ Common Files \ Blizzard Entertainment
2008-10-24 05:20 --------- d ----- wc: \ Program Files \ Windows Media Connect 2
2008-10-24 05:10 --------- d ----- wc: \ Program Files \ DivX
2008-10-24 05:08 --------- d ----- wc: \ Program Files \ DefilerPak
2008-10-24 04:37 --------- d ----- wc: \ Program Files \ Realtek
2008-10-24 04:33 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ Symantec
2008-10-24 04:18 --------- d ----- wc: \ Program Files \ Common Files \ Symantec Shared
2008-10-24 03:58 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ InstallShield
2008-10-24 03:57 --------- d ----- wc: \ Program Files \ Common Files \ InstallShield
2008-10-24 03:54 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ Corel
2008-10-24 03:33 --------- d ----- wc: \ Program Files \ ASUS
2008-10-24 03:08 315.392 ---- aw C: \ windows \ HideWin.exe
2008-10-24 03:08 --------- d ----- wc: \ program files \ profile
2008-10-24 00:18 2.302.017 ---- aw C: \ Windows \ System32 \ GPhotos.scr
2008-09-23 22:46 245.408 ---- aw C: \ Windows \ System32 \ unicows.dll
2008-09-15 12:12 1.846.400 ---- aw C: \ Windows \ System32 \ Win32k.sys
2008-09-08 10:41 333.824 ---- aw C: \ Windows \ System32 \ Drivers \ Srv.sys
2008-08-29 14:18 87.336 ---- aw C: \ windows \ system32 \ dns-sd.exe
2008-08-29 13:53 61.440 ---- aw C: \ Windows \ System32 \ dnssd.dll
2008-08-26 07:24 826.368 ---- aw C: \ Windows \ System32 \ Wininet.dll
2008-08-14 10:09 2.145.280 ---- aw C: \ Windows \ System32 \ ntoskrnl.exe
2008-08-14 09:33 2.023.936 ---- aw C: \ Windows \ System32 \ Ntkrnlpa.exe
.
((((((((((((((((((((((((((((( Snapshot@2008-11-06_19.54.31.75 )))))))))) )))))))))))))))))))))))))))))))
.
- 2008-11-06 23:26:54 49.198 ---- aw C: \ Windows \ System32 \ perfc009.dat
+ 2008-11-07 00:54:48 49.198 ---- aw C: \ Windows \ System32 \ perfc009.dat
- 2008-11-06 23:26:54 390.094 ---- aw C: \ Windows \ System32 \ perfh009.dat
+ 2008-11-07 00:54:48 390.094 ---- aw C: \ Windows \ System32 \ perfh009.dat
+ 2008-11-07 01:33:47 16.384 ---- atw C: \ Windows \ Temp \ Perflib_Perfdata_584.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Megjegyzés * empty entries & legit default bejegyzések nem jelennek meg
REGEDIT4
[HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E)]
2008-10-23 02:37 147928 - a ------ C: \ Program Files \ easyMule \ modules \ IE2EM.dll
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
: "CTFMON.EXE" = "c: \ windows \ system32 \ CTFMON.EXE" [2008-04-13 15360]
"\ \ MING3 \ EPSON Stylus C120 Series "=" c: \ windows \ System32 \ spool \ DRIVERS \ W32x86 \ 3 \ E_FATICCA.EXE "[2007-03-12 182272]
"PcSync" = "C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe" [2006-06-27 1449984]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
: "PHIME2002ASync" = "c: \ windows \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE" [2004-08-04 455168]
: "PHIME2002A" = "c: \ windows \ System32 \ IME \ TINTLGNT \ TIN TSETP.EXE" [2004-08-04 455168]
: "Ai Nap" = "c: \ Program Files \ ASUS \ AI Suite \ AiNap \ AiNap.exe" [2008-01-28 1413120]
: "CPU Power Monitor" = "c: \ Program Files \ ASUS \ AI Suite \ AiGear3 \ CpuPowerMonitor.exe" [2008-01-09 627200]
"CPU Level Up help" = "c: \ Program Files \ ASUS \ AI Suite \ CpuLevelUpHelp.exe" [2007-11-30 881152]
"ASUS Energy Saving" = "c: \ Program Files \ ASUS \ AI Suite \ EnergySaving \ PwSave.exe" [2008-01-28 1352704]
: "Ulead automatikus felismerése v2" = "c: \ Program Files \ Common Files \ Ulead Systems \ automatikus felismerése \ monitor.exe" [2006-11-29 90112]
: "TkBellExe" = "c: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe" [2008-10-24 185872]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008-09-06 413696]
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008-10-01 289576]
: "NvCplDaemon" = "c: \ windows \ system32 \ NvCpl.dll" [2008-01-03 13508608]
: "NvMediaCenter" = "c: \ windows \ system32 \ NvMcTray. Dll" [2008-01-03 86016]
"Adobe Reader Speed Launcher" = "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe" [2008-01-11 39792]
"NSLauncher" = "C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe" [2006-11-28 2658304]
: "RTHDCPL" = "RTHDCPL.EXE" [2008/05/07 c: \ windows \ RTHDCPL.exe]
"nwiz" = "nwiz.exe" [2008/01/03 c: \ windows \ system32 \ nwiz.exe]
[HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ Run]
: "CTFMON.EXE" = "c: \ windows \ System32 \ CTFMON.EXE" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ drivers32]
"msacm.dvacm" = c: \ PROGRA ~ 1 \ COMMON ~ 1 \ ULEADS ~ 1 \ Vio \ Dvacm.acm
"msacm.divxa32" = DivXa32.acm
: "msacm.ulmp3acm" = c: \ progra ~ 1 \ COMMON ~ 1 \ ULEADS ~ 1 \ MPEG \ ulmp3acm.acm
: "msacm.mpegacm" = c: \ progra ~ 1 \ COMMON ~ 1 \ ULEADS ~ 1 \ MPEG \ mpegacm.acm
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnet3.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnet3 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnet3 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx30SP1setup.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx30SP1setup [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx30SP1setup [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx35.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx35setup.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx35setup [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx35setup [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx35 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx35 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3setup.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3setup [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3setup [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3_ia64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3_ia64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3_ia64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3_x64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3_x64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx3_x64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ dotnetfx [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_ia64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_ia64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_ia64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_x64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_x64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_x64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_x86.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_x86 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP1_x86 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_ia64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_ia64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_ia64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_x64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_x64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_x64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_x86.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_x86 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx20SP2_x86 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx30SP1_x64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx30SP1_x64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx30SP1_x64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx30SP1_x86.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx30SP1_x86 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx30SP1_x86 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_ia64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_ia64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_ia64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_x64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_x64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_x64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_x86.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_x86 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx35_x86 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx64.exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx64 [1]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ NetFx64 [2]. Exe]
: "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ standardprofile \ AuthorizedApplications \ List]
"% windir% \ \ System32 \ \ Sessmgr.exe" =
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"c: \ \ Program Files \ \ AIM6 \ \ aim6.exe" =
"c: \ \ Program Files \ \ \ World of Warcraft \ \ WoW-2.3.0-enUS-downloader.exe" =
"c: \ \ Program Files \ \ MSN Messenger \ \ msnmsgr.exe" =
"c: \ \ Program Files \ \ MSN Messenger \ \ livecall.exe" =
"c: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" =
"c: \ \ Program Files \ \ iTunes \ \ iTunes.exe" =
"c: \ \ Program Files \ \ \ easyMule \ \ emule.exe" =
[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ standardprofile \ GloballyOpenPorts \ List]
"3724: TCP" = 3724: TCP: Blizzard Downloader: 3724
: "12178: TCP" = 12178: TCP: BitComet 12.178 TCP
: "12178: UDP" = 12178: UDP: BitComet 12.178 UDP
R1 aswSP; avast! Self Protection; c: \ windows \ system32 \ drivers \ aswSP.sys [2008-07-19 78416]
R2 aswFsBlk; aswFsBlk: c: \ windows \ system32 \ DRIVERS \ aswF sBlk.sys [2008-07-19 20560]
R2 Viewpoint Manager Service; Viewpoint Manager Service; c: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe [2007-01-04 24652]
R3 NVHDA; szolgálat NVIDIA High Definition Audio Driver; c: \ windows \ system32 \ drivers \ nvhda32.sys [2008-05-04 38560]
.
Tartalma az "Ütemezett feladatok" mappába
2008/11/01 c: \ windows \ Tasks \ AppleSoftwareUpdate.job
- C: \ Program Files \ Apple Software Update \ SoftwareUpdate.exe [2008-07-30 11:34]
.
************************************************** ************************
CatchMe 0.3.1367 W2K/XP/Vista - Rootkit / stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-06 20:34:11
5/1/2600 Windows Service Pack 3 NTFS
szkennelés rejtett folyamatok ...
scanning hidden autostart entries ...
scanning hidden files ...
scan sikeresen befejeződött
hidden files: 0
************************************************** ************************
.
------------------------ Other Running Processes ----------------------- --
.
C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
c: \ Windows \ System32 \ nvsvc32.exe
c: \ Windows \ System32 \ PSIService.exe
c: \ Program Files \ ASUS \ AASP \ 1.00.61 \ aaCenter.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
c: \ Windows \ System32 \ Rundll32.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
c: \ PROGRA ~ 1 \ COMMON ~ 1 \ Nokia \ MPAPI \ MPAPI3s.exe
.
************************************************** ************************
.
Teljesítés ideje: 2008-11-06 20:36:06 - gép újraindul, volt
ComboFix-karantén-files.txt 2008-11-07 01:36:02
ComboFix2.txt 2008-11-07 00:54:46
Pre-Run: 41668276224 byte szabad
Post-Run: 41678303232 byte szabad
418 --- EOF --- 2008-10-28 07:00:21

Köszönöm
Reply
Oldal 1 / 2 1 2

Register
Téma eszközök



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Számítógép Juice.
Kapcsolat -- Adatvédelem -- Sitemap -- Felső

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd. SEO by vBSEO © 2009, Crawlability, Inc.