Rossz kép, System 32 Virus??

Bridgetnek · #1 Szeptember 18, 2009, 10:30

Szia

Elkezdtem szerzés egy felugró ablak, hogy a következőket mondta;

globalroot \\ SystemRoot \\ System32 \\ gasfkynqpqxefv.dll vagy nem tervezték, hogy fut a Windows, vagy hibát tartalmaz. Próbálja meg újra telepíteni a programot az eredeti telepítő médiát, vagy forduljon a rendszergazdához vagy a szoftver forgalmazójának támogatást.

E happpened az induló és minden alkalommal, amikor megnyitotta az új programot. Nem tudtam futtatható vizsgálat, a Norton 360, illetve a PC nem hibernálni, vagy aludni és a CPU volt C.39%

Követtem a lépéseket a ragadós és kapott a következő eredményeket;

1] A cc cleaner - sajnos nincs naplója, de ez a pop-up is történt azután, hogy ez a futás és a CPU még 39%

2] A SUPERAntiSpyware
SUPERAntiSpyware Scan Napló
http://www.superantispyware.com
Generated 09/17/2009 at 05:36
Alkalmazás verzió: 4.28.1010
Mag szabályzat Database Version: 4.107
Nyomát szabályzat Database Version: 2047
Vizsgálat típusa: Teljes Scan
Összesen Scan Time: 01:00:07
Memória beolvasott elem: 837
Memória észlelt fenyegetések: 0
Rendszerleíró elemek beolvasott: 7.452
Iktató észlelt fenyegetések: 10
File beolvasott tételek: 42.921
File észlelt fenyegetések: 17
Trojan.Agent / Gen-Downloader [Csomagolt]
HKLM \\ Software \\ Microsoft \\ Windows \\ CurrentVersion \\ Explorer \\ Browser Helper Objects \\ (C3D409DF-0316-4FC0-89E2-DBDD885232A0)
HKCR \\ CLSID \\ (C3D409DF-0316-4FC0-89E2-DBDD885232A0)
HKCR \\ CLSID \\ (C3D409DF-0316-4FC0-89E2-DBDD885232A0)
HKCR \\ CLSID \\ (C3D409DF-0316-4FC0-89E2-DBDD885232A0) \\ InprocServer32
HKCR \\ CLSID \\ (C3D409DF-0316-4FC0-89E2-DBDD885232A0) \\ InprocServer32 # ThreadingModel
HKCR \\ CLSID \\ (C3D409DF-0316-4FC0-89E2-DBDD885232A0) \\ ProgID
HKCR \\ CLSID \\ (C3D409DF-0316-4FC0-89E2-DBDD885232A0) \\ typelib
HKCR \\ glok
HKCR \\ typelib \\ (1ABA6D39-508C-483C-8466-9A9E69BC708F)
C: \\ WINDOWS \\ SYSTEM32 \\ YXHL0.DLL
HKU \\ S-1-5-21-2227595457-2267991824-3093425638-1000 \\ Software \\ Microsoft \\ Windows \\ CurrentVersion \\ Ext \\ Stats \\ (C3D409DF-0316-4FC0-89E2-DBDD885232A0)
Adware.Tracking Cookie
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Cookies \\ Low \\ bridget@ad.yieldmanager [1]. Txt
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Cookies \\ Low \\ Bridget @ adviva [1]. Txt
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Cookies \\ Low \\ Bridget @ atdmt [2]. Txt
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Cookies \\ Low \\ Bridget @ casalemedia [1]. Txt
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Cookies \\ Low \\ bridget@content.yieldmanager [2]. Txt
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Cookies \\ Low \\ bridget@content.yieldmanager [3]. Txt
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Cookies \\ Low \\ Bridget @ doubleclick [2]. Txt
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Cookies \\ Low \\ bridget@eas.apm.emediate [2]. Txt
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Cookies \\ Low \\ Bridget @ media6degrees [1]. Txt
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Cookies \\ Low \\ Bridget @ revsci [2]. Txt
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Cookies \\ Low \\ bridget@saletrack.co [1]. Txt
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Cookies \\ Low \\ bridget@server.iad.liveperson [1]. Txt
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Cookies \\ Low \\ bridget@server.iad.liveperson [3]. Txt
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Cookies \\ Low \\ Bridget @ specificclick [1]. Txt
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Cookies \\ Low \\ bridget@tracking.summitmedia.co [1]. Txt
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Cookies \\ Low \\ bridget@www.googleadservices [1]. Txt

, és még mindig megvolt a pukkanás, és a CPU 39%

3] A Malwarebites Anti-Malware a
A Malwarebytes 'Anti-Malware 1,41
Adatbázis verzió: 2816
A Windows 6.0.6001 Service Pack 1 -
17/09/2009 18:37:02
mbam-log-2009-09-17 (18-37-02). txt
Vizsgálat típusa: Teljes vizsgálat (C: \\ | D: \\ |)
Tárgyakat beolvasott: 255.926
Eltelt idő: 43 perc (ek), 4 second (s)
Memóriafolyamatok Infected: 0
Fertőzött memória modulok: 0
Fertőzött rendszerleíró kulcsok: 1
Fertőzött rendszerleíró értékek: 6
Fertőzött rednszerleíró elemek: 0
Fertőzött mappák: 4
Fertőzött fájlok: 7
Memória folyamatok Infected:
(Nem észleltem rosszindulatú elemeket)
Fertőzött memória modulok:
(Nem észleltem rosszindulatú elemeket)
Fertőzött rendszerleíró kulcsok:
HKEY_CURRENT_USER \\ SOFTWARE \\ BILEVSE (Rogue.RegTidy) -> Karanténba és sikeresen törölve.
Fertőzött rendszerleíró értékek:
: HKEY_LOCAL_MACHINE \\ SOFTWARE \\ MSN \\ BN (Trojan.Ambler) -> Karanténba és sikeresen törölve.
: HKEY_LOCAL_MACHINE \\ SOFTWARE \\ MSN \\ D1 (Trojan.Ambler) -> Karanténba és sikeresen törölve.
: HKEY_LOCAL_MACHINE \\ SOFTWARE \\ MSN \\ D2 (Trojan.Ambler) -> Karanténba és sikeresen törölve.
: HKEY_LOCAL_MACHINE \\ SOFTWARE \\ MSN \\ D3 (Trojan.Ambler) -> Karanténba és sikeresen törölve.
: HKEY_LOCAL_MACHINE \\ SOFTWARE \\ MSN \\ gd (Trojan.Ambler) -> Karanténba és sikeresen törölve.
: HKEY_LOCAL_MACHINE \\ SOFTWARE \\ MSN \\ pr (Trojan.Ambler) -> Karanténba és sikeresen törölve.
Fertőzött rednszerleíró elemek:
(Nem észleltem rosszindulatú elemeket)
Fertőzött mappák:
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ BILEVSE (Rogue.RegTidy) -> Karanténba és sikeresen törölve.
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ BILEVSE \\ RegistryConvoy2009 (Rogue.RegTidy) -> Karanténba és sikeresen törölve.
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ BILEVSE \\ RegistryConvoy2009 \\ Backup (Rogue.RegTidy) -> Karanténba és sikeresen törölve.
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ BILEVSE \\ RegistryConvoy2009 \\ Backup \\ Registry (Rogue.RegTidy) -> Karanténba és sikeresen törölve.
Fertőzött fájlok:
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ BILEVSE \\ RegistryConvoy2009 \\ Backup \\ Registry \\ 20090917101407.reg (Rogue.RegTidy) -> Karanténba és sikeresen törölve.
C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Internet Explorer \\ Quick Launch.lnk (Rogue.Multiple) -> Karanténba és sikeresen törölve.
C: \\ Windows \\ System32 \\ c2d.dat (Malware.Trace) -> Karanténba és sikeresen törölve.
C: \\ Windows \\ System32 \\ idm.dat (Malware.Trace) -> Karanténba és sikeresen törölve.
C: \\ Windows \\ System32 \\ jc.dat (Malware.Trace) -> Karanténba és sikeresen törölve.
C: \\ Windows \\ System32 \\ q1.dat (Malware.Trace) -> Karanténba és sikeresen törölve.
C: \\ Windows \\ System32 \\ xd.dat (Malware.Trace) -> Karanténba és sikeresen törölve.

Ezt követően már nincs felugró ablakban megjelenő és a CPU normális.

4] A HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan mentése 17:55:03, on 18/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Futó folyamatok:
C: \\ Windows \\ System32 \\ Dwm.exe
C: \\ Windows \\ explorer.exe
C: \\ Windows \\ System32 \\ taskeng.exe
C: \\ Windows \\ System32 \\ rundll32.exe
C: \\ Windows \\ RtHDVCpl.exe
C: \\ Program Files \\ Acer \\ Empowering Technology \\ SysMonitor.exe
C: \\ Program Files \\ Acer \\ Empowering Technology \\ Framework.Launcher.exe
C:: \\ Program Files \\ Acer \\ Empowering Technology \\ eDataSecurity \\ x86 \\ eDSLoader.exe
C: \\ Program Files \\ NewTech Infosystems \\ NTI Backup Most 5 \\ BkupTray.exe
C: \\ Program Files \\ Google \\ Google Desktop Search \\ GoogleDesktop.exe
C: \\ Program Files \\ Common Files \\ Real \\ Update_OB \\ realsched.exe
C: \\ Program Files \\ Common Files \\ Symantec Shared \\ ccSvcHst.exe
C: \\ Program Files \\ Java \\ jre1.5.0_17 \\ bin \\ jusched.exe
C: \\ Program Files \\ Downloader Radio \\ Radio Downloader.exe
C: \\ Program Files \\ Google \\ GoogleToolbarNotifier \\ GoogleToolbarNotifier.exe
C: \\ Windows \\ ehome \\ ehtray.exe
C: \\ Program Files \\ Kontiki \\ KHost.exe
C: \\ Program Files \\ Electronic Arts \\ EADM \\ Core.exe
C: \\ Program Files \\ Windows Sidebar \\ sidebar.exe
C: \\ Program Files \\ Windows Media Player \\ wmpnscfg.exe
C: \\ Windows \\ ehome \\ ehmsas.exe
C: \\ Program Files \\ SUPERAntiSpyware \\ SUPERAntiSpyware.exe
C: \\ Program Files \\ BBC iPlayer Desktop \\ BBC iPlayer Desktop.exe
C: \\ Program Files \\ Microsoft Office \\ Office12 \\ ONENOTEM.EXE
C: \\ Program Files \\ Google \\ Google Desktop Search \\ GoogleDesktop.exe
C: \\ Program Files \\ Google \\ Google Desktop Search \\ GoogleDesktop.exe
C: \\ Program Files \\ Windows Media Player \\ Wmplayer.exe A
C: \\ Program Files \\ Internet Explorer \\ iexplore.exe
C: \\ Program Files \\ Internet Explorer \\ iexplore.exe
C: \\ Program Files \\ Internet Explorer \\ iexplore.exe
C: \\ Program Files \\ Internet Explorer \\ iexplore.exe
C: \\ Program Files \\ Internet Explorer \\ iexplore.exe
C: \\ Program Files \\ Google \\ Google Toolbar \\ GoogleToolbarUser_32.exe
C: \\ Windows \\ System32 \\ taskeng.exe
C: \\ Windows \\ System32 \\ Macromed \\ Flash \\ FlashUtil10b.exe
C: \\ Program Files \\ Radio Downloader \\ dependencies \\ lame.exe
C: \\ Windows \\ System32 \\ SearchFilterHost.exe
C:: \\ Program Files \\ Trend Micro \\ HijackThis \\ HijackThis.exe
Az R1 - HKCU \\ Software \\ Microsoft \\ Internet Explorer \\ Main, Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=...m=aspire_x3200
Az R1 - HKLM \\ Software \\ Microsoft \\ Internet Explorer \\ Main, Default_Page_URL = http://en.uk.acer.yahoo.com
Az R1 - HKLM \\ Software \\ Microsoft \\ Internet Explorer \\ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
Az R1 - HKLM \\ Software \\ Microsoft \\ Internet Explorer \\ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \\ Software \\ Microsoft \\ Internet Explorer \\ Main, Start Page = http://en.uk.acer.yahoo.com
R0 - HKLM \\ Software \\ Microsoft \\ Internet Explorer \\ Search, SearchAssistant =
R0 - HKLM \\ Software \\ Microsoft \\ Internet Explorer \\ Search, CustomizeSearch =
R0 - HKCU \\ Software \\ Microsoft \\ Internet Explorer \\ Toolbar, LinksFolderName =
R3 - URLSearchHook: Alawar.com Toolbar - (511131f1-4629-4254-a85f-ed7b6d75dd3c) - C: \\ Program Files \\ Alawar.com \\ tbAlaw.dll
Az O1 - Hosts::: 1 localhost -
Az O2 - BHO: (no name) - (02478D38-C3F9-4efb-9B51-7695ECA05670) - (no file)
Az O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \\ Program Files \\ Common Files \\ Adobe \\ Acrobat \\ ActiveX \\ AcroIEHelperShim.dll
Az O2 - BHO: Alawar.com Toolbar - (511131f1-4629-4254-a85f-ed7b6d75dd3c) - C: \\ Program Files \\ Alawar.com \\ tbAlaw.dll
Az O2 - BHO: (no name) - (5C255C8A-E604-49b4-9D64-90988571CECB) - (no file)
Az O2 - BHO: NKH 2,0 IE BHO - (602ADB0E-4AFF-4217-8AA1-95DAC4DFA408) - C: \\ Program Files \\ Common Files \\ Symantec Shared \\ coShared \\ Browser \\ 2,6 \\ coIEPlg.dll
Az O2 - BHO: A Symantec Intrusion Prevention - (6D53EC84-6AAE-4787-AEEE-F4628F01010C) - C: \\ PROGRA ~ 1 \\ COMMON ~ 1 \\ SYMANT ~ 1 \\ IDS \\ IPSBHO.dll
Az O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \\ Program Files \\ Java \\ jre1.5.0_17 \\ bin \\ ssv.dll
Az O2 - BHO: ShowBarObj Class - (83A2F9B1-01A2-4AA5-87D1-45B6B8505E96) - C: \\ Program Files \\ Acer \\ Empowering Technology \\ eDataSecurity \\ x86 \\ ActiveToolBand.dll
Az O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \\ Program Files \\ Common Files \\ Microsoft Shared \\ Windows Live \\ WindowsLiveLogin.dll
Az O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \\ Program Files \\ Google \\ Google Toolbar \\ GoogleToolbar_32.dll
Az O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \\ Program Files \\ Google \\ GoogleToolbarNotifier \\ 5.2.4204.1700 \\ swg.dll
Az O2 - BHO: Google Dictionary Compression sdch - (C84D72FE-E17D-4195-BB24-76C02E2E7C4E) - C: \\ Program Files \\ Google \\ Google Toolbar \\ Component \\ fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Acer eDataSecurity Management - (5CBE3B7C-1E47-477e-A7DD-396DB0476E29) - C: \\ Program Files \\ Acer \\ Empowering Technology \\ eDataSecurity \\ x86 \\ eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - (7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA) - C: \\ Program Files \\ Common Files \\ Symantec Shared \\ coShared \\ Browser \\ 2,6 \\ CoIEPlg.dll
O3 - Toolbar: Google Toolbar - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - C: \\ Program Files \\ Google \\ Google Toolbar \\ GoogleToolbar_32.dll
O3 - Toolbar: Alawar.com Toolbar - (511131f1-4629-4254-a85f-ed7b6d75dd3c) - C: \\ Program Files \\ Alawar.com \\ tbAlaw.dll
Background O4 - HKLM \\ .. \\ Run: [Windows Defender]% ProgramFiles% \\ Windows Defender \\ MSASCui.exe elrejtés
Background O4 - HKLM \\ .. \\ Run: [NvCplDaemon] RUNDLL32.EXE C: \\ Windows \\ System32 \\ NvCpl.dll, NvStartup
Background O4 - HKLM \\ .. \\ Run: [NvMediaCenter] RUNDLL32.EXE C: \\ Windows \\ System32 \\ NvMcTray.dll, NvTaskbarInit
Background O4 - HKLM \\ .. \\ Run: [RtHDVCpl] RtHDVCpl.exe
"O4 - HKLM \\ .. \\ Run: [Acer Empowering Technology Monitor] C: \\ Program Files \\ Acer \\ Empowering Technology \\ SysMonitor.exe
Background O4 - HKLM \\ .. \\ Run: [EmpoweringTechnology] C: \\ Program Files \\ Acer \\ Empowering Technology \\ Framework.Launcher.exe boot
Background O4 - HKLM \\ .. \\ Run: [eDataSecurity Loader] C: \\ Program Files \\ Acer \\ Empowering Technology \\ eDataSecurity \\ x86 \\ eDSloader.exe
"O4 - HKLM \\ .. \\ Run: [PCMMediaSharing] C: \\ Program Files \\ Acer Arcade Live \\ Acer HomeMedia Connect \\ Kernel \\ DMS \\ PCMMediaSharing.exe
"O4 - HKLM \\ .. \\ Run: [BkupTray]" C: \\ Program Files \\ NewTech Infosystems \\ NTI Backup Most 5 \\ BkupTray.exe "
Background O4 - HKLM \\ .. \\ Run: [WarReg_PopUp] C: \\ Program Files \\ Acer \\ WR_PopUp \\ WarReg_PopUp.exe
"O4 - HKLM \\ .. \\ Run: [Google Desktop Search]" C: \\ Program Files \\ Google \\ Google Desktop Search \\ GoogleDesktop.exe "/ startup
"O4 - HKLM \\ .. \\ Run: [TkBellExe]" C: \\ Program Files \\ Common Files \\ Real \\ Update_OB \\ realsched.exe "-osboot
"O4 - HKLM \\ .. \\ Run: [WinampAgent]" C: \\ Program Files \\ Common Files \\ Symantec Shared \\ ccApp.exe "
"O4 - HKLM \\ .. \\ Run: [osCheck]" C: \\ Program Files \\ Norton 360 \\ osCheck.exe "
"O4 - HKLM \\ .. \\ Run: [SunJavaUpdateSched]" C: \\ Program Files \\ Java \\ jre1.5.0_17 \\ bin \\ jusched.exe "
"O4 - HKLM \\ .. \\ Run: [Adobe Reader Speed Launcher]" C: \\ Program Files \\ Adobe \\ Reader 9.0 \\ Reader \\ Reader_sl.exe "
"O4 - HKLM \\ .. \\ Run: [Rádió Downloader]" C: \\ Program Files \\ Downloader Radio \\ Radio Downloader.exe "/ hidemainwindow
"O4 - HKLM \\ .. \\ Run: [Malwarebytes Anti-Malware (reboot)]" C: \\ Program Files \\ Malwarebytes 'Anti-Malware \\ mbam.exe "/ runcleanupscript
"O4 - HKCU \\ .. \\ Run: [swg] C: \\ Program Files \\ Google \\ GoogleToolbarNotifier \\ GoogleToolbarNotifier.exe"
"O4 - HKCU \\ .. \\ Run: [ehTray.exe] C: \\ Windows \\ ehome \\ ehTray.exe
"O4 - HKCU \\ .. \\ Run: [KDX] C: \\ Program Files \\ Kontiki \\ KHost.exe-all
"O4 - HKCU \\ .. \\ Run: [EA Core]" C: \\ Program Files \\ Electronic Arts \\ EADM \\ Core.exe "-silent
"O4 - HKCU \\ .. \\ Run: [Sidebar] C: \\ Program Files \\ Windows Sidebar \\ sidebar.exe / autorun
"O4 - HKCU \\ .. \\ Run: [WMPNSCFG] C: \\ Program Files \\ Windows Media Player \\ WMPNSCFG.exe
"O4 - HKCU \\ .. \\ Run: [SUPERAntiSpyware] C: \\ Program Files \\ SUPERAntiSpyware \\ SUPERAntiSpyware.exe
Background O4 - HKUS \\ S-1-5-19 \\ .. \\ Run: [Sidebar]% ProgramFiles% \\ Windows Sidebar \\ sidebar.exe / detectMem (User 'HELYI SZOLGÁLTATÁS')
Background O4 - HKUS \\ S-1-5-19 \\ .. \\ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'HELYI SZOLGÁLTATÁS')
Background O4 - HKUS \\ S-1-5-20 \\ .. \\ Run: [Sidebar]% ProgramFiles% \\ Windows Sidebar \\ sidebar.exe / detectMem (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - Startup: BBC iPlayer Desktop.lnk = C: \\ Program Files \\ BBC iPlayer Desktop \\ BBC iPlayer Desktop.exe
"O4 - Startup: OneNote 2007 Screen Clipper és Launcher.lnk = C: \\ Program Files \\ Microsoft Office \\ Office12 \\ ONENOTEM.EXE
O8 - Extra context menu item: Hozzáadás a Google Photos Screensa & ver - res: / / C: \\ Windows \\ System32 \\ GPhotos.scr/200
O8 - Extra context menu item: E & xportálás a Microsoft Excel - res: / / C: \\ PROGRA ~ 1 \\ MICROS ~ 2 \\ Office12 \\ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \\ PROGRA ~ 1 \\ Java \\ JRE15 ~ 1.0_1 \\ bin \\ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \\ PROGRA ~ 1 \\ Java \\ JRE15 ~ 1.0_1 \\ bin \\ ssv.dll
O9 - Extra button: Send to OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \\ PROGRA ~ 1 \\ MICROS ~ 2 \\ Office12 \\ ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S & end to OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \\ PROGRA ~ 1 \\ MICROS ~ 2 \\ Office12 \\ ONBttnIE.dll
O9 - Extra button: Kutatás - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \\ PROGRA ~ 1 \\ MICROS ~ 2 \\ Office12 \\ REFIEBAR.DLL
Ø10 - Unknown file in Winsock LSP: c: \\ windows \\ system32 \\ nvlsp.dll
Ø10 - Unknown file in Winsock LSP: c: \\ windows \\ system32 \\ nvlsp.dll
Ø10 - Unknown file in Winsock LSP: c: \\ windows \\ system32 \\ nvlsp.dll
Ø10 - Unknown file in Winsock LSP: c: \\ windows \\ system32 \\ nvlsp.dll
O13 - Gopher Prefix:
Ø16 - DPF: (149E45D8-163E-4189-86FC-45022AB2B6C9) (DRM SpinTop Control) -- file: / / / C: / Program% 20Files/Faerie% 20...es/stg_drm.ocx
Ø16 - DPF: (67DABFBF-D0AB-41FA-9C46-CC0F21721616) (DivXBrowserPlugin Object) -- http://download.divx.com/player/DivXBrowserPlugin.cab
Ø16 - DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) (Java Runtime Environment 1.5.0) -- http://javadl-esd.sun.com/update/1.5...ndows-i586.cab
Ø16 - DPF: (BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B) (Zylom Játékok lejátszó) -- http://game01.zylom.com/activex/zylomgamesplayer.cab
Ø16 - DPF: (CC450D71-CC90-424C-8638-1F2DBAC87A54) (ArmHelper Control) -- file: / / / C: / Program% 20Files/Burger% 20.../armhelper.ocx
Ø16 - DPF: (CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7) -- http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab
Ø16 - DPF: (E2883E8F-472F-4FB0-9522-AC9BF37916A7) -- http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Ø20 - AppInit_DLLs: C: \\ PROGRA ~ 1 \\ Google \\ GOOGLE ~ 1 \\ GOEC62 ~ 1.DLL
Ø20 - Winlogon Notify:! SASWinLogon - C: \\ Program Files \\ SUPERAntiSpyware \\ SASWINLO.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C: \\ Program Files \\ Acer Arcade Live \\ Acer HomeMedia Connect \\ Kernel \\ DMS \\ CLMSServer.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \\ Program Files \\ Symantec \\ LiveUpdate \\ AluSchedulerSvc.exe
O23 - Service: NTI Backup Most 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C: \\ Program Files \\ NewTech Infosystems \\ NTI Backup Most 5 \\ Client \\ Agentsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \\ Program Files \\ Common Files \\ Symantec Shared \\ ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \\ Program Files \\ Common Files \\ Symantec Shared \\ ccSvcHst.exe
O23 - Service: Symantec Lic NETCONNECT szolgáltatás (CLTNetCnService) - Symantec Corporation - C: \\ Program Files \\ Common Files \\ Symantec Shared \\ ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C: \\ Program Files \\ Common Files \\ Symantec Shared \\ VAScanner \\ comHost.exe
O23 - Service: eDataSecurity Service - Egis átvette - C: \\ Program Files \\ Acer \\ Empowering Technology \\ eDataSecurity \\ x86 \\ eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Ismeretlen tulajdonos - C: \\ Program Files \\ Acer \\ Empowering Technology \\ Service \\ ETService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown tulajdonos - C: \\ Program Files \\ bin32 \\ nSvcAppFlt.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C: \\ Program Files \\ Google \\ Google Desktop Search \\ GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c9a4d9901f2af0) (gupdate1c9a4d9901f2af0) - Google Inc. - C: \\ Program Files \\ Google \\ Update \\ GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C: \\ Program Files \\ Google \\ Common \\ Google Updater \\ GoogleUpdaterService.exe
O23 - Service: KService - Kontiki Inc. - C: \\ Program Files \\ Kontiki \\ KService.exe
O23 - Service: LightScribeService közvetlen lemez-feliratozás Szolgálat (LightScribeService) - Hewlett-Packard Company - C: \\ Program Files \\ Common Files \\ LightScribe \\ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \\ Program Files \\ Symantec \\ LiveUpdate \\ LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C: \\ Program Files \\ Common Files \\ Symantec Shared \\ ccSvcHst.exe
O23 - Service: ForceWare IP service (nSvcIp) - Ismeretlen tulajdonos - C: \\ Program Files \\ bin32 \\ nSvcIp.exe
O23 - Service: Most 5 NTI Backup Backup Service (NTIBackupSvc) - NewTech Infosystems, Inc. - C: \\ Program Files \\ NewTech Infosystems \\ NTI Backup Most 5 \\ BackupSvc.exe
O23 - Service: NTI Backup Most 5 Scheduler Service (NTISchedulerSvc) - Ismeretlen tulajdonos - C: \\ Program Files \\ NewTech Infosystems \\ NTI Backup Most 5 \\ SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C: \\ Windows \\ System32 \\ nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service (CRVS) (RichVideo) - Ismeretlen tulajdonos - C: \\ Program Files \\ CyberLink \\ Shared Files \\ RichVideo.exe
O23 - Service: Symantec Core LC - Ismeretlen tulajdonos - C: \\ PROGRA ~ 1 \\ COMMON ~ 1 \\ SYMANT ~ 1 \\ CCPD-LC \\ symlcsvc.exe
--
End of file - 13448 bájt

Azt is megtett egy átkutat-val Norton 360, amely nem állapított meg semmit.

Van a probléma megoldódott, vagy nem kell tennem valamit?

Sok köszönet

**evilfantasy** · #2 Szeptember 18, 2009, 15:51

Üdvözöljük a CJ.

Kattintson a jobb egérgombbal, és válassza a HijackThis Futtatás rendszergazdaként

Ezután válassza ki Csinál egy rendszer scan csak

Tegyünk egy pipa a következő bejegyzéseket: (ha van)

Az O2 - BHO: (no name) - (5C255C8A-E604-49b4-9D64-90988571CECB) - (no file)

Fontos: Zárja be az összes megnyitott ablakot, kivéve a HijackThis majd kattintson Javítás ellenőrzik.

A kitöltött exit HijackThis.

----------

Ha már van ComboFix ne felejtse el törölni, és letölt egy új példányt.

Letöltés ComboFixÂ © by köv az egyik az alábbi linkeken. Győződjön meg róla, top mentse el a Iskolapad.

Link # 1
Link # 2

** Megjegyzés: Fontos, hogy a megtakarított egyenesen az asztalra

Zárjon be minden megnyitott webböngészők. (Firefox, Internet Explorer, stb) megkezdése előtt ComboFix.

Átmenetileg kikapcsol öné vírusvédelmi és minden kémprogram - valós idejű védelem előtt teljesítő a gépét. Kattintsunk ezt a linket listájának megtekintéséhez a biztonsági programokat, ezért le kell tiltani és hogyan kell kikapcsolni őket.

Dupla kattintás combofix.exe és kövesse az utasításokat.
Vista felhasználóinak Right-Click be ComboFix.exe és válasszuk a Futtatás rendszergazdaként (kap egy UAC gyors, kérjük, hogy azt)
Amikor kész ComboFix fog készíteni egy napló az Ön számára.
Elküldeni a ComboFix napló itt a következő választ.

Fontos: Nem mouseclick ComboFix ablaka futása. Okozhat, hogy elakad.

Ne feledje, hogy újra lehetővé teszi a vírusok és kémprogramok elleni védelmet, ha ComboFix elkészült.

Ha nem sikerül a ComboFix használat, lásd a Hogyan kell használni ComboFix

Bridgetnek · #3 Szeptember 19, 2009, 01:12

Köszönet a fogadtatás és a segítséget.

ComboFix 09-09-18.02 - Bridget 19/09/2009 8:55.1.3 - NTFSx86
MicrosoftÂ ® Windows Vistaâ "˘ Home Premium 6.0.6001.1.1252.44.1033.18.2814.1714 [GMT 1:00]
Running from: C: \\ Users \\ Bridget \\ Desktop \\ ComboFix.exe
SP: SUPERAntiSpyware * kompatibilis * (Frissítve) (222A897C-5018-402e-943F-7E7AC8560DA7)
SP: A Windows Defender * kompatibilis * (Frissítve) (D68DDC3A-831F-4FAE-9E44-DA132C1ACF46)
.
Egyéb ((((((((((((((((((((((((((((((((((((((( törlések ))))))))) ))))))))))))))))))))))))))))))))))))))))
.
c: \\ $ recycle.bin \\ S-1-5-21-2227595457-2267991824-3093425638-500
c: \\ $ recycle.bin \\ S-1-5-21-2760852498-2543259003-1422614318-1000
c: \\ Users \\ Bridget \\ AppData \\ Roaming \\. #
c: \\ Users \\ Bridget \\ AppData \\ Roaming \\. # \\ MBX @ 238C @ 1D328E8. # # #
c: \\ Users \\ Bridget \\ AppData \\ Roaming \\. # \\ MBX @ 238C @ 1D32918. # # #
c: \\ Users \\ Bridget \\ AppData \\ Roaming \\. # \\ MBX @ 238C @ 1D32948. # # #
c: \\ windows \\ system32 \\ drivers \\ gasfkywiwwcqku.sys
c: \\ windows \\ system32 \\ gasfkybbaekenc.dat
c: \\ windows \\ system32 \\ gasfkynqpqxefv.dll
c: \\ windows \\ system32 \\ gasfkypoxhuobr.dll
c: \\ windows \\ system32 \\ gasfkytexmenis.dat
c: \\ windows \\ system32 \\ gasfkyxnvynskt.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers / Services )))))))) )))))))))))))))))))))))))))))))))))))))))
.
------- \\ Legacy_gasfkyppseivtx
------- \\ Service_gasfkyppseivtx

((((((((((((((((((((((((( Létrehozott fájlok 2009/08/19-tól a 2009/09/19 ))))))))))) ))))))))))))))))))))
.
2009-09-19 08:01. 2009-09-19 08:01 -------- d ----- w C: \\ Users \\ Default \\ AppData \\ Local \\ Temp
2009-09-18 16:54. 2009-09-18 16:54 -------- d ----- w C: \\ Program Files \\ Trend Micro
2009-09-17 16:50. 2009-09-17 16:50 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Malwarebytes
2009-09-17 16:50. 2009-09-10 13:54 38224 ---- aw-c: \\ windows \\ system32 \\ drivers \\ mbamswissarmy.sys
2009-09-17 16:50. 2009-09-17 16:50 -------- d ----- w C: \\ Program Files \\ Malwarebytes 'Anti-Malware
2009-09-17 16:50. 2009-09-17 16:50 -------- d ----- w-c: \\ programdata \\ Malwarebytes
2009-09-17 16:50. 2009-09-10 13:53 19160 ---- aw-c: \\ windows \\ system32 \\ drivers \\ mbam.sys
2009-09-17 15:31. 2009-09-17 15:31 -------- d ----- w-c: \\ programdata \\ SUPERAntiSpyware.com
2009-09-17 15:30. 2009-09-17 15:30 -------- d ----- w C: \\ Program Files \\ SUPERAntiSpyware
2009-09-17 15:30. 2009-09-17 15:30 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ SUPERAntiSpyware.com
2009-09-17 15:29. 2009-09-17 15:29 -------- d ----- w C: \\ Program Files \\ Common Files \\ Wise Installation Wizard
2009-09-17 15:21. 2009-09-17 15:21 -------- d ----- w C: \\ Program Files \\ CCleaner
2009-09-17 09:43. 2009-09-17 09:43 -------- d ----- w C: \\ Users \\ Bridget \\ Documents - Copy (1)
2009-09-17 09:43. 2009-09-17 09:43 -------- d ----- w C: \\ Users \\ Bridget \\ Desktop - Copy (1)
2009-09-17 09:43. 2009-09-17 09:43 -------- d ----- w C: \\ Users \\ Bridget \\ Contacts - Copy (1)
2009-09-17 09:43. 2009-09-17 09:43 -------- d ----- w C: \\ Users \\ Bridget \\ uspy - Copy (1) bekezdésének
2009-09-16 17:58. 2009-09-16 17:58 -------- d ----- w-c: \\ programdata \\ WindowsSearch
2009-09-16 11:58. 2009-09-16 11:58 -------- d ----- w-c: \\ programdata \\ Playrix Szórakozás
2009-09-16 11:21. 2009-09-16 11:21 -------- d ----- w-c: \\ programdata \\ Sandlot Játékok
2009-09-16 11:21. 2009-09-16 11:21 -------- d ----- w-c: \\ windows \\ Cake Mania Vissza a Bakery
2009-09-16 11:14. 2009-09-16 11:19 -------- d ----- w-c: \\ programdata \\ Brainiversity2
2009-09-16 11:13. 2009-09-16 11:13 -------- d ----- w-c: \\ windows \\ Brainiversity 2
2009-09-16 09:02. 2009-09-16 09:06 -------- d ----- w-c: \\ programdata \\ Nick Chase A Detective Story
2009-09-16 08:54. 2009-09-16 08:54 -------- d ----- w-c: \\ windows \\ Nick Chase A Detective Story
2009-09-16 08:53. 2009-09-16 08:53 -------- d ----- w-c: \\ windows \\ Nick Chase egy detektív Story stratégiai útmutató
2009-09-15 20:24. 2009-09-16 20:01 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ BitZipper
2009-09-15 19:44. 2009-09-15 19:44 -------- d ----- w-c: \\ windows \\ Keys Manhattan
2009-09-15 14:43. 2009-09-15 14:43 -------- d ----- w C: \\ Program Files \\ GameHouse
2009-09-14 13:30. 2009-09-14 13:30 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Princess Isabella
2009-09-14 12:16. 2009-09-14 12:16 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Local \\ Grubby Games
2009-09-14 12:16. 2009-09-14 13:15 -------- d ----- w C: \\ Program Files \\ My Tribe
2009-09-13 19:00. 2009-09-13 19:00 -------- d ----- w-c: \\ programdata \\ Azureus
2009-09-13 19:00. 2009-09-16 18:19 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Azureus
2009-09-13 10:29. 2009-09-13 10:29 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Local \\www.nerdoftheherd.com
2009-09-13 09:28. 2009-09-13 09:28 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\www.nerdoftheherd.com
2009-09-13 09:28. 2009-09-13 09:28 -------- d ----- w C: \\ Program Files \\ Downloader Rádió
2009-09-10 15:00. 2009-09-16 20:04 -------- d ----- w C: \\ Program Files \\ Carl The Caveman
2009-09-10 12:28. 2009-09-10 12:31 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ EnchantedCavern
2009-09-10 09:27. 2009-09-10 09:27 -------- d ----- w-c: \\ programdata \\ Mysteries of Horus
2009-09-09 16:04. 2009-09-09 16:07 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Faerie Solitaire
2009-09-09 12:59. 2009-09-09 12:59 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Boolat Játékok
2009-09-09 08:03. 2009-08-14 17:07 897608 ---- aw-c: \\ windows \\ system32 \\ drivers \\ tcpip.sys
2009-09-09 08:03. 2009-08-14 16:29 104960 ---- aw-c: \\ windows \\ system32 \\ netiohlp.dll
2009-09-09 08:02. 2009-08-14 14:16 9728----- aw C: \\ Windows \\ System32 \\ TCPSVCS.EXE
2009-09-09 08:02. 2009-08-14 14:16 27136 ---- aw-c: \\ windows \\ system32 \\ Netstat.exe segédprogrammal
2009-09-09 08:02. 2009-08-14 14:16 19968 ---- aw-c: \\ windows \\ system32 \\ ARP.EXE
2009-09-09 08:02. 2009-08-14 14:16 8704----- aw C: \\ Windows \\ System32 \\ HOSTNAME.EXE
2009-09-09 08:02. 2009-08-14 14:16 10240 ---- aw-c: \\ windows \\ system32 \\ finger.exe
2009-09-09 08:02. 2009-08-14 16:29 17920 ---- aw-c: \\ windows \\ system32 \\ netevent.dll
2009-09-09 08:02. 2009-08-14 14:16 17920 ---- aw-c: \\ windows \\ system32 \\ ROUTE.EXE
2009-09-09 08:02. 2009-08-14 14:16 11264 ---- aw-c: \\ windows \\ system32 \\ MRINFO.EXE
2009-09-09 08:02. 2009-07-11 19:32 513024 ---- aw-c: \\ windows \\ system32 \\ wlansvc.dll
2009-09-09 08:02. 2009-07-11 19:32 302592 ---- aw-c: \\ windows \\ system32 \\ wlansec.dll
2009-09-09 08:02. 2009-07-11 19:32 293376 ---- aw-c: \\ windows \\ system32 \\ wlanmsm.dll
2009-09-09 08:02. 2009-07-11 19:29 127488 ---- aw-c: \\ windows \\ system32 \\ L2SecHC.dll
2009-09-09 08:01. 2009-06-10 12:11 2868224 ---- aw-c: \\ windows \\ system32 \\ mf.dll
2009-09-07 04:37. 2009-09-07 04:37 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ V-Games
2009-09-05 16:03. 2009-09-05 16:42 -------- d ----- w-c: \\ programdata \\ FarmFrenzy3
2009-09-04 18:31. 2009-09-04 18:31 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Enchanted Katya
2009-09-04 16:32. 2009-09-04 17:32 -------- d ----- w-c: \\ programdata \\ VirtualFarm
2009-09-04 14:04. 2009-09-04 14:05 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ BeachPartyCraze
2009-09-04 12:38. 2009-09-05 13:39 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ gaijin Ent
2009-09-02 21:44. 2009-08-28 12:39 28672 ---- aw-c: \\ windows \\ system32 \\ Apphlpdm.dll
2009-09-02 21:44. 2009-08-28 10:15 4240384 ---- aw-c: \\ windows \\ system32 \\ GameUXLegacyGDFs.dll
2009-09-02 12:27. 2009-09-02 12:27 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Alawar
2009-09-02 10:43. 2009-09-02 10:43 -------- d ----- w C: \\ Program Files \\ Conduit
2009-09-02 10:43. 2009-09-02 10:43 -------- d ----- w C: \\ Program Files \\ Alawar.com
2009-09-02 09:00. 2009-09-02 09:01 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ SprillRichiEng
2009-09-02 08:57. 2009-09-02 08:58 -------- d ----- w-c: \\ programdata \\ DreamFarm
2009-08-30 18:41. 2009-09-14 21:56 -------- d ----- w-c: \\ programdata \\ AlawarGameBox
2009-08-30 18:41. 2009-09-02 10:44 -------- d ----- w-c: \\ programdata \\ AlawarWrapper
2009-08-30 18:41. 2009-09-10 16:40 -------- d ----- w C: \\ Program Files \\ Alawar
2009-08-26 11:58. 2009-06-22 10:22 2048----- aw C: \\ Windows \\ System32 \\ tzres.dll
2009-08-25 13:46. 2009-08-25 13:46 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Local \\ 7Wonders2
2009-08-23 16:15. 2009-08-23 16:15 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Local \\ AlwaysNeat
2009-08-22 20:22. 2009-08-22 20:58 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ iWin_JanesRealty
2009-08-22 14:06. 2009-08-22 14:06 -------- d ----- w-c: \\ programdata \\ hitpointstudios
2009-08-22 10:37. 2009-08-22 13:55 -------- d ----- w C: \\ Program Files \\ Chuzzle Deluxe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-19 08:01. 2009-03-22 10:37 -------- d ----- w-c: \\ programdata \\ Kontiki
2009-09-19 07:55. 2009-03-14 19:16 -------- d ----- w-c: \\ programdata \\ Google Updater alkalmazás
2009-09-19 07:54. 2009-09-19 07:54 6736----- aw C: \\ windows \\ system32 \\ drivers \\ PROCEXP90.SYS
2009-09-16 19:35. 2008-04-30 17:43 -------- d - h - w C: \\ Program Files \\ InstallShield Installation Information
2009-09-15 14:43. 2009-08-13 15:01 -------- d ----- w-c: \\ programdata \\ HipSoft
2009-09-14 12:42. 2009-03-10 20:17 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Big Fish Games
2009-09-12 18:52. 2009-03-08 15:05 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Spotify
2009-09-10 16:43. 2008-04-30 18:14 -------- d ----- w C: \\ Program Files \\ Acer GameZone
2009-09-10 16:37. 2009-08-13 14:52 -------- d ----- w C: \\ Program Files \\ RealArcade
2009-09-10 16:33. 2009-08-12 11:25 -------- d ----- w-c: \\ programdata \\ Media Center Programok
2009-09-09 21:15. 2006-11-02 11:18 -------- d ----- w C: \\ Program Files \\ Windows Mail
2009-09-09 21:15. 2009-05-04 20:27 -------- d ----- w C: \\ Program Files \\ Microsoft Silverlight
2009-09-09 10:48. 2009-08-03 19:55 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ YoudaGames
2009-08-25 12:27. 2009-03-10 21:06 -------- d ----- w-c: \\ programdata \\ PlayFirst
2009-08-23 17:26. 2009-08-23 17:26 0 --- ha-w-c: \\ windows \\ system32 \\ drivers \\ Msft_User_WpdMtpDr_01_00_00.Wdf
2009-08-22 16:48. 2009-03-10 21:06 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ PlayFirst
2009-08-21 08:05. 2009-03-19 19:03 -------- d ----- w C: \\ Program Files \\ Common Files \\ Adobe AIR -
2009-08-19 16:24. 2009-08-19 16:24 -------- d ----- w C: \\ Program Files \\ ReflexiveArcade
2009-08-19 14:42. 2009-05-04 22:58 -------- d ----- w-c: \\ programdata \\ Trymedia
2009-08-18 20:13. 2009-08-18 20:13 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Gamers Digital
2009-08-18 20:13. 2009-08-18 20:13 -------- d ----- w-c: \\ programdata \\ Gamers Digital
2009-08-18 17:59. 2009-08-18 17:59 -------- d ----- w-c: \\ programdata \\ GameHouse
2009-08-18 15:56. 2009-08-13 16:26 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Flood Light Játékok
2009-08-18 15:56. 2009-08-13 16:26 -------- d ----- w-c: \\ programdata \\ Flood Light Játékok
2009-08-17 15:43. 2009-08-17 15:43 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ RealArcade_Janes_Realty
2009-08-16 18:41. 2009-08-16 18:41 -------- d ----- w-c: \\ programdata \\ Gogii
2009-08-16 16:25. 2009-08-16 16:25 -------- d ----- w-c: \\ programdata \\ MumboJumbo
2009-08-16 14:44. 2009-08-16 14:44 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Aveyond 3
2009-08-16 13:41. 2009-08-16 13:41 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ SulusGames
2009-08-16 13:41. 2009-08-16 13:41 -------- d ----- w-c: \\ programdata \\ SulusGames
2009-08-15 15:38. 2009-08-15 15:38 -------- d ----- w-c: \\ programdata \\ PlayfulAge
2009-08-15 15:28. 2009-08-15 15:28 -------- d ----- w-c: \\ programdata \\ RealArcade
2009-08-15 15:28. 2009-08-15 15:28 -------- d ----- w-c: \\ programdata \\ Zylom
2009-08-15 15:28. 2009-08-15 15:28 -------- d ----- w C: \\ Program Files \\ Zylom Játékok
2009-08-15 15:28. 2009-03-07 19:02 -------- d ----- w C: \\ Program Files \\ Google -
2009-08-15 15:26. 2009-08-15 15:26 -------- d ----- w C: \\ Program Files \\ Desktop BBC iPlayer
2009-08-13 14:48. 2009-08-13 14:46 -------- d ----- w C: \\ Program Files \\ Retro64 Játékok
2009-08-11 19:19. 2009-08-11 19:19 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ SpinTop
2009-08-11 16:23. 2009-08-11 16:23 -------- d ----- w C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Merscom
2009-08-11 16:23. 2009-08-11 16:23 -------- d ----- w-c: \\ programdata \\ Merscom
2009-08-09 17:37. 2009-03-10 19:22 70 ---- aw-c: \\ Users \\ Bridget \\ AppData \\ Roaming \\ wklnhst.dat
2009-08-09 10:12. 2009-03-07 15:09 -------- d ----- w C: \\ Program Files \\ bfgclient
2009-08-08 19:31. 2009-08-08 19:31 -------- d ----- w-c: \\ programdata \\ Bilbo
2009-08-02 22:31. 2009-08-02 22:31 -------- d ----- w-c: \\ programdata \\ GoBit Játékok
2009-08-02 16:20. 2009-03-07 19:02 90376----- aw C: \\ Users \\ Bridget \\ AppData \\ Local \\ GDIPFONTCACHEV1.DAT
2009-07-31 11:33. 2009-03-08 12:40 -------- d ----- w C: \\ Program Files \\ Messenger Plus! Él
2009-07-23 18:01. 2009-07-23 18:01 124488 --- ha-w-c: \\ windows \\ system32 \\ mlfcache.dat
2009-07-21 21:52. 2009-07-29 07:08 915456 ---- aw-c: \\ windows \\ system32 \\ Wininet.dll
2009-07-21 21:47. 2009-07-29 07:08 109056 ---- aw-c: \\ windows \\ system32 \\ iesysprep.dll
2009-07-21 21:47. 2009-07-29 07:08 71680 ---- aw-c: \\ windows \\ system32 \\ iesetup.dll
2009-07-21 20:13. 2009-07-29 07:08 133632 ---- aw-c: \\ windows \\ system32 \\ ieUnatt.exe
2009-07-17 14:35. 2009-08-12 06:42 71680 ---- aw-c: \\ windows \\ system32 \\ atl.dll
2009-07-14 13:00. 2009-08-12 06:41 313344 ---- aw-c: \\ windows \\ system32 \\ wmpdxm.dll
2009-07-14 12:59. 2009-08-12 06:41 4096----- aw C: \\ Windows \\ System32 \\ dxmasf.dll
2009-07-14 12:58. 2009-08-12 06:41 7680----- aw C: \\ Windows \\ System32 \\ spwmp.dll
2009-07-14 10:59. 2009-08-12 06:41 8147456 ---- aw-c: \\ windows \\ system32 \\ wmploc.DLL
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & legit default bejegyzések nem jelennek meg
REGEDIT4
[HKEY_CURRENT_USER \\ Software \\ Microsoft \\ Internet Explorer \\ URLSearchHooks]
: "(511131f1-4629-4254-a85f-ed7b6d75dd3c)" = "c: \\ Program Files \\ Alawar.com \\ tbAlaw.dll" [2008-09-15 1784856]
[HKEY_CLASSES_ROOT \\ CLSID \\ (511131f1-4629-4254-a85f-ed7b6d75dd3c)]
[HKEY_LOCAL_MACHINE \\ ~ \\ Browser Helper Objects \\ (511131f1-4629-4254-a85f-ed7b6d75dd3c)]
2008-09-15 05:47 1784856 ---- aw-c: \\ Program Files \\ Alawar.com \\ tbAlaw.dll
[HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ Internet Explorer \\ Toolbar]
: "(511131f1-4629-4254-a85f-ed7b6d75dd3c)" = "c: \\ Program Files \\ Alawar.com \\ tbAlaw.dll" [2008-09-15 1784856]
[HKEY_CLASSES_ROOT \\ CLSID \\ (511131f1-4629-4254-a85f-ed7b6d75dd3c)]
[HKEY_CURRENT_USER \\ Software \\ Microsoft \\ Internet Explorer \\ Toolbar \\ nyújtott webböngésző]
: "(511131F1-4629-4254-A85F-ED7B6D75DD3C)" = "c: \\ Program Files \\ Alawar.com \\ tbAlaw.dll" [2008-09-15 1784856]
[HKEY_CLASSES_ROOT \\ CLSID \\ (511131f1-4629-4254-a85f-ed7b6d75dd3c)]
[HKEY_LOCAL_MACHINE \\ Software \\ Microsoft \\ Windows \\ CurrentVersion \\ Explorer \\ shelliconoverlayidentifiers \\ egisPSDP]
@ = "(30A0A3F6-38AC-4C53-BB8B-0D95238E25BA)" -
[HKEY_CLASSES_ROOT \\ CLSID \\ (30A0A3F6-38AC-4C53-BB8B-0D95238E25BA)]
2008-03-05 06:38 121392----- aw C: \\ Program Files \\ Acer \\ Empowering Technology \\ eDataSecurity \\ x86 \\ PSDProtect.dll
[HKEY_CURRENT_USER \\ SOFTWARE \\ Microsoft \\ Windows \\ CurrentVersion \\ Run]
: "swg" = "c: \\ Program Files \\ Google \\ GoogleToolbarNotifier \\ GoogleToolbarNotifier.exe" [2009-03-07 68856]
: "ehTray.exe" = "c: \\ windows \\ ehome \\ ehTray.exe" [2008-01-21 125952]
: "KDX" = "c: \\ Program Files \\ Kontiki \\ KHost.exe" [2008-02-27 1032376]
"Az EA Core" = "c: \\ Program Files \\ Electronic Arts \\ EADM \\ Core.exe" [2009-09-03 3342336]
: "Oldalsáv" = "c: \\ Program Files \\ Windows Sidebar \\ sidebar.exe" [2008-01-21 1233920]
: "WMPNSCFG" = "c: \\ Program Files \\ Windows Media Player \\ WMPNSCFG.exe" [2008-01-21 202240]
[HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ Windows \\ CurrentVersion \\ Run]
: "A Windows Defender" = "c: \\ Program Files \\ Windows Defender \\ MSASCui.exe" [2008-01-21 1008184]
: "NvCplDaemon" = "c: \\ windows \\ system32 \\ NvCpl.dll" [2008-04-22 13535776]
: "NvMediaCenter" = "c: \\ windows \\ system32 \\ NvMcTray.dll" [2008-04-22 92704]
: "Acer Empowering Technology Monitor" = "c: \\ Program Files \\ Acer \\ Empowering Technology \\ SysMonitor.exe" [2008-04-25 319488]
: "EmpoweringTechnology" = "c: \\ Program Files \\ Acer \\ Empowering Technology \\ Framework.Launcher.exe" [2008-04-25 319488]
: "eDataSecurity Loader" = "c: \\ Program Files \\ Acer \\ Empowering Technology \\ eDataSecurity \\ x86 \\ eDSloader.exe" [2008-03-05 526896]
: "PCMMediaSharing" = "c: \\ Program Files \\ Acer Arcade Live \\ Acer HomeMedia Connect \\ Kernel \\ DMS \\ PCMMediaSharing.exe" [2008-01-26 204908]
: "BkupTray" = "c: \\ Program Files \\ NewTech Infosystems \\ NTI Backup Most 5 \\ BkupTray.exe" [2008-04-26 28672]
: "WarReg_PopUp" = "c: \\ Program Files \\ Acer \\ WR_PopUp \\ WarReg_PopUp.exe" [2008-01-29 303104]
"Google Desktop Search" = "c: \\ Program Files \\ Google \\ Google Desktop Search \\ GoogleDesktop.exe" [2009-03-07 24064]
: "TkBellExe" = "c: \\ Program Files \\ Common Files \\ Real \\ Update_OB \\ realsched.exe" [2009-04-08 185896]
: "WinampAgent" = "c: \\ Program Files \\ Common Files \\ Symantec Shared \\ ccApp.exe" [2008-10-17 51048]
: "osCheck" = "c: \\ Program Files \\ Norton 360 \\ osCheck.exe" [2008-02-26 988512]
: "SunJavaUpdateSched" = "c: \\ Program Files \\ Java \\ jre1.5.0_17 \\ bin \\ jusched.exe" [2008-11-10 75264]
: "Adobe Reader Speed Launcher" = "c: \\ Program Files \\ Adobe \\ Reader 9.0 \\ Reader \\ Reader_sl.exe" [2009-02-27 35696]
"Radio Downloader" = "c: \\ Program Files \\ Downloader Radio \\ Radio Downloader.exe" [2009-09-08 462848]
: "Malwarebytes Anti-Malware (reboot)" = "c: \\ Program Files \\ Malwarebytes 'Anti-Malware \\ mbam.exe" [2009-09-10 1312080]
: "RtHDVCpl" = "RtHDVCpl.exe" - c: \\ windows \\ RtHDVCpl.exe [2008-03-26 5369856]
c: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Microsoft \\ Windows \\ Start Menu \\ Programs \\ Startup \\
BBC iPlayer Desktop.lnk - C: \\ Program Files \\ BBC iPlayer Desktop \\ BBC iPlayer Desktop.exe [2009-8-15 95744]
OneNote 2007 Screen Clipper és Launcher.lnk - C: \\ Program Files \\ Microsoft Office \\ Office12 \\ ONENOTEM.EXE [2007-12-7 101440]
[HKEY_LOCAL_MACHINE \\ Software \\ Microsoft \\ Windows \\ CurrentVersion \\ Policies \\ System]
: "EnableUIADesktopToggle" = 0 (0x0)
[HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ Windows \\ CurrentVersion \\ Explorer \\ ShellExecuteHooks]
: "(5AE067D3-9AFB-48E0-853A-EBB7F4A000DA)" = "c: \\ Program Files \\ SUPERAntiSpyware \\ SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE \\ Software \\ Microsoft \\ Windows NT \\ CurrentVersion \\ Winlogon \\ Notify \\! SASWinLogon]
2009-09-03 14:21 548352----- aw C: \\ Program Files \\ SUPERAntiSpyware \\ SASWINLO.dll
[HKEY_LOCAL_MACHINE \\ Software \\ Microsoft \\ Windows NT \\ CurrentVersion \\ Windows]
: "AppInit_DLLs" = c: \\ progra ~ 1 \\ Google \\ GOOGLE ~ 1 \\ GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE \\ Software \\ Microsoft \\ Windows NT \\ CurrentVersion \\ drivers32]
"mixer" = wdmaud.drv
[HKEY_LOCAL_MACHINE \\ SYSTEM \\ CurrentControlSet \\ Control \\ SafeBoot \\ Minimal \\ WinDefend]
@ = "Service"
[HKEY_LOCAL_MACHINE \\ Software \\ Microsoft \\ security center \\ Monitoring \\ McAfeeAntiSpyware]
: "DisableMonitoring" = dword: 00000001
[HKEY_LOCAL_MACHINE \\ ~ \\ Services \\ SharedAccess \\ Parameters \\ firewallpolicy \\ DomainProfile]
: "EnableFirewall" = 0 (0x0)
[HKEY_LOCAL_MACHINE \\ ~ \\ Services \\ SharedAccess \\ Parameters \\ firewallpolicy \\ FirewallRules]
"(D3692F7A-3336-4A52-9AC8-D45490E3EB8A)" = C: \\ Program Files \\ Acer Arcade Live \\ Acer Arcade Live Főoldal \\ Acer Arcade Live.exe: Acer Arcade Live
"(243FFA08-5426-4f5b-94BF-3945D214DD96)" = C: \\ Program Files \\ Acer Arcade Live \\ Acer DV Magician \\ DV Magician.exe Acer: Acer DV Magician
"(B4A3B392-B908-464C-BFC2-0C417FAA70D9)" = C: \\ Program Files \\ Acer Arcade Live \\ Acer Bemutató DVD \\ Acer DVD.exe Bemutató: Acer Bemutató DVD -
: "(97414256-6445-4A9B-BC74-408604FAB17C)" = C: \\ Program Files \\ Acer Arcade Live \\ Acer VideoMagician \\ Acer VideoMagician.exe: Acer VideoMagician
: "(4ED16562-0615-48B1-AC8E-05BC3A23E135)" = C: \\ Program Files \\ Acer Arcade Live \\ Acer HomeMedia \\ Acer HomeMedia.exe: Acer HomeMedia
"(E1E01B63-F1FB-4B36-BA30-CDB10E548CEC)" = C: \\ Program Files \\ Acer Arcade Live \\ Acer HomeMedia Connect \\ Acer HomeMedia Connect.exe: Acer HomeMedia Connect
: "(743EA48C-C01F-4597-9052-06834043091D)" = C: \\ Program Files \\ Acer Arcade Live \\ Acer HomeMedia Connect \\ Kernel \\ DMS \\ CLMSServer.EXE: Acer HomeMedia Connect szolgáltatás
"(A2E36676-EDED-4A8D-9F3E-8098AFB6529F)" = C: \\ Program Files \\ Acer Arcade Live \\ Acer HomeMedia Trial Creator \\ Acer HomeMedia Trial Creator.exe: Acer HomeMedia Trial Creator
: "(10C0EEFA-1216-401D-B580-) 095802BB4A43" = UDP: c: \\ Program Files \\ Microsoft Office \\ Office12 \\ ONENOTE.EXE: Microsoft Office OneNote
: "(95CA98DF-615B-42AC-A4A6-1E55EFC6FE3E)" = TCP: c: \\ Program Files \\ Microsoft Office \\ Office12 \\ ONENOTE.EXE: Microsoft Office OneNote
: "(22E82D22-3523-427D-A3B2-DF2CBD1B901F)" = C: \\ Program Files \\ Acer Arcade Live \\ Acer DVDivine \\ Acer DVDivine.exe: Acer DVDivine
: "(E183FBCF-E24B-487D-97D9-D6A92C780A2C)" = UDP: c: \\ Program Files \\ NewTech Infosystems \\ NTI Backup Most 5 \\ SchedulerSvc.exe: SchedulerSvc.exe
: "(7D07127C-6E08-4080-A37C-E6BCCBD40345)" = UDP: c: \\ Program Files \\ NewTech Infosystems \\ NTI Backup Most 5 \\ BackupSvc.exe: BackupSvc.exe
"(27599BCC-45B2-4BCD-B02B-D52F4B5715B3)" = UDP: c: \\ Program Files \\ NewTech Infosystems \\ NTI Backup Most 5 \\ Client \\ Agentsvc.exe: AgentSvc.exe
: "(3C996F5F-2994-490B-A2DF-DB4CFC3E5FA9)" = TCP: c: \\ Program Files \\ Infosystems NewTech \\ NTI Backup Most 5 \\ SchedulerSvc.exe: SchedulerSvc.exe
: "(5E83A1B2-0380-45D8-B6A4-8CE998513DBA)" = TCP: c: \\ Program Files \\ NewTech Infosystems \\ NTI Backup Most 5 \\ Client \\ Agentsvc.exe: AgentSvc.exe
"(A35A5E06-5EA8-4FA2-AB82-) 3F99591BBF11" = TCP: c: \\ Program Files \\ NewTech Infosystems \\ NTI Backup Most 5 \\ BackupSvc.exe: BackupSvc.exe
: "(58295DD0-0B24-4017-B00E-) E3A667CC1362" = UDP: c: \\ Program Files \\ Kontiki \\ KService.exe: Service Delivery Manager
: "(BC846947-2867-41F8-84F1-80FC4B69273A)" = TCP: c: \\ Program Files \\ Kontiki \\ KService.exe: Service Delivery Manager
[HKEY_LOCAL_MACHINE \\ ~ \\ Services \\ SharedAccess \\ Parameters \\ firewallpolicy \\ StandardProfile]
: "EnableFirewall" = 0 (0x0)
R1 IDSvix86; Symantec Intrusion Prevention Driver: c: \\ PROGRA ~ 2 \\ Symantec \\ definíció ~ 1 \\ SymcData \\ ipsdefs \\ 20090910,001 \\ IDSvix86.sys [11/09/2009 06:22 272432]
R1 SASDIFSV; SASDIFSV, c: \\ Program Files \\ SUPERAntiSpyware \\ sasdifsv.sys [04/09/2009 14:50 9968]
R1 SASKUTIL; SASKUTIL: c: \\ Program Files \\ SUPERAntiSpyware \\ SASKUTIL.SYS [04/09/2009 14:49 74480]
R2 Acer HomeMedia Connect Service; Acer HomeMedia Connect szolgáltatás: c: \\ Program Files \\ Acer Arcade Live \\ Acer HomeMedia Connect \\ Kernel \\ DMS \\ CLMSServer.exe [30/04/2008 19:12 269448]
R2 BUNAgentSvc; NTI Backup most 5 Agent Service; c: \\ Program Files \\ NewTech Infosystems \\ NTI Backup Most 5 \\ Client \\ Agentsvc.exe [03/03/2008 21:11 16384]
R2 ETService; Empowering Technology Service; c: \\ Program Files \\ Acer \\ Empowering Technology \\ Service \\ ETService.exe [30/04/2008 19:02 24576]
R2 LiveUpdate Notice; LiveUpdate Notice: c: \\ Program Files \\ Common Files \\ Symantec Shared \\ CCSVCHST.EXE [18/02/2008 20:37 149352]
R2 NTIBackupSvc; NTI Backup Most 5 Backup Service; c: \\ Program Files \\ Infosystems NewTech \\ NTI Backup Most 5 \\ BackupSvc.exe [26/04/2008 05:36 45056]
R3 COH_Mon; COH_Mon: c: \\ windows \\ System32 \\ drivers \\ COH_Mon.sys [13/01/2008 03:32 23888]
R3 EraserUtilRebootDrv; EraserUtilRebootDrv: c: \\ Program Files \\ Common Files \\ Symantec Shared \\ EENGINE \\ EraserUtilRebootDrv.sys [02/09/2009 22:35 102448]
R3 netr28u; RT2870 USB Wireless LAN Card Driver for Vista: c: \\ windows \\ System32 \\ drivers \\ netr28u.sys [16/08/2007 07:49 552448]
R3 NVHDA; szolgálat NVIDIA High Definition Audio Driver; c: \\ windows \\ System32 \\ drivers \\ nvhda32v.sys [30/04/2008 03:28 43552]
R3 SYMNDISV; SYMNDISV: c: \\ windows \\ System32 \\ drivers \\ symndisv.sys [19/02/2009 13:31 41008]
S2 gupdate1c9a4d9901f2af0; Google Update Service (gupdate1c9a4d9901f2af0), c: \\ Program Files \\ Google \\ Update \\ GoogleUpdate.exe [14/03/2009 20:17 133104]
S2 NTISchedulerSvc; NTI Backup Most 5 Scheduler Service; c: \\ Program Files \\ NewTech Infosystems \\ NTI Backup Most 5 \\ SchedulerSvc.exe [26/04/2008 05:36 131072]
S3 GoogleDesktopManager-080708-050100; Google Desktop 5.7.808.7150 Manager c: \\ Program Files \\ Google \\ Google Desktop Search \\ GoogleDesktop.exe [07/03/2009 20:02 24064]
S3 s115bus; Sony Ericsson Device 115 driver (WDM), c: \\ windows \\ System32 \\ drivers \\ s115bus.sys [23/04/2007 13:54 83208]
S3 SASENUM; SASENUM, c: \\ Program Files \\ SUPERAntiSpyware \\ SASENUM.SYS [04/09/2009 14:50 7408]
--- Egyéb szolgáltatások / Drivers In Memory ---
* NewlyCreated * - COMHOST
[HKEY_LOCAL_MACHINE \\ Software \\ Microsoft \\ Active Setup \\ Installed Components \\> (60B49E34-C7CC-11D0-8953-00A0C90347FF)]
"c: \\ windows \\ System32 \\ rundll32.exe" "c: \\ windows \\ System32 \\ iedkcs32.dll", BrandIEActiveSetup FELIRATKOZÁS
.
Tartalmát az "Ütemezett feladatok" mappába
2009/09/19 c: \\ windows \\ Tasks \\ Software Updater.job Google
- C: \\ Program Files \\ Google \\ Common \\ Google Updater \\ GoogleUpdaterService.exe [2009-03-07 22:16]
2009/09/19 c: \\ windows \\ Tasks \\ GoogleUpdateTaskMachineCore.job
- C: \\ Program Files \\ Google \\ Update \\ GoogleUpdate.exe [2009-03-14 19:17]
2009/09/19 c: \\ windows \\ Tasks \\ GoogleUpdateTaskMachineUA.job
- C: \\ Program Files \\ Google \\ Update \\ GoogleUpdate.exe [2009-03-14 19:17]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp: / / www.google.com/
uDefault_Search_URL = hxxp: / / www.google.com / hu
mStart Page = hxxp: / / en.uk.acer.yahoo.com
uSearchURL, (Default) = hxxp: / / www.google.com/search?q =% s
IE: Add to Google Photos Screensa & ver - c: \\ windows \\ system32 \\ GPhotos.scr/200
IE: E & xportálás a Microsoft Excel - C: \\ PROGRA ~ 1 \\ MICROS ~ 2 \\ Office12 \\ EXCEL.EXE/3000
LSP:% SystemRoot% \\ System32 \\ nvLsp.dll
DPF: (BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B) - hxxp: / / game01.zylom.com/activex/zylomgamesplayer.cab
.
************************************************** ************************
szkennelés rejtett folyamatok ...
szkennelés hidden autostart entries ...
szkennelés rejtett fájlokat ...
scan sikeresen befejeződött
rejtett fájlok:
************************************************** ************************
.
--------------------- LOCKED Registry Keys ---------------------
[HKEY_LOCAL_MACHINE \\ SYSTEM \\ ControlSet001 \\ Control \\ Class \\ (4D36E96D-E325-11CE-BFC1-08002BE10318) \\ 0000 \\ AllUserSettings]
@ Denied: (A) (Users)
@ Denied: (A) (mindenki)
Hozhatja @: (B 1 2 3 4 5) (S-1-5-20)
: "BlindDial" = dword: 00000000
[HKEY_LOCAL_MACHINE \\ SYSTEM \\ ControlSet001 \\ Control \\ Class \\ (4D36E96D-E325-11CE-BFC1-08002BE10318) \\ 0001 \\ AllUserSettings]
@ Denied: (A) (Users)
@ Denied: (A) (mindenki)
Hozhatja @: (B 1 2 3 4 5) (S-1-5-20)
: "BlindDial" = dword: 00000000
.
--------------------- DLL Loaded Under Running Processes ---------------------
- - - - - - -> 'Explorer.exe' (2344)
c: \\ Program Files \\ Acer \\ Empowering Technology \\ eDataSecurity \\ x86 \\ PSDProtect.dll
c: \\ Program Files \\ Acer \\ Empowering Technology \\ eDataSecurity \\ x86 \\ sysenv.dll
c: \\ windows \\ System32 \\ NLSData0009.dll
c: \\ windows \\ system32 \\ wpdshserviceobj.dll
.
------------------------ Other Running Processes ----------------------- --
.
c: \\ windows \\ System32 \\ nvvsvc.exe
c: \\ windows \\ System32 \\ audiodg.exe
c: \\ windows \\ System32 \\ rundll32.exe
c: \\ Program Files \\ Acer \\ Empowering Technology \\ eDataSecurity \\ x86 \\ eDSService.exe
c: \\ Program Files \\ Kontiki \\ KService.exe
c: \\ Program Files \\ Common Files \\ LightScribe \\ LSSrvc.exe
c: \\ Program Files \\ CyberLink \\ Shared Files \\ RichVideo.exe
c: \\ Program Files \\ bin32 \\ nSvcAppFlt.exe
c: \\ Program Files \\ bin32 \\ nSvcIp.exe
c: \\ windows \\ System32 \\ WUDFHost.exe
c: \\ Program Files \\ Symantec \\ LiveUpdate \\ AluSchedulerSvc.exe
.
************************************************** ************************
.
Befejezésének időpontja: 2009-09-19 9:05 - gép újraindul, volt
ComboFix-karantén-files.txt 2009-09-19 08:05
Pre-Run: 220.700.200.960 byte szabad
Post-Run: 220.456.841.216 byte szabad
342 --- EOF --- 2009-09-09 21:23

Azonban most, amikor megpróbálom megnyitni IE felugró ablakban mond
Szabálytalan műveletet kísérlet egy olyan rendszerleíró kulcs van jelölve törlésre.

Szintén a Norton 360, SuperAnti

Bridgetnek · #4 Szeptember 19, 2009, 01:17

ÉN tud fuss a fájlokat mint ügyintéző mintha

Bridgetnek · #5 Szeptember 19, 2009, 03:04

Valójában minden programot próbálok futtatni jön fel

Szabálytalan műveletet kísérlet egy olyan rendszerleíró kulcs van jelölve törlésre.

**evilfantasy** · #6 Szeptember 19, 2009, 14:27

Letöltés DDS-tól | ITT | vagy | ITT | vagy | ITT | és mentsd el az asztalra.

Vista felhasználóinak jobb kettyenés-ra dds és válasszuk a Futtatás rendszergazdaként (kap egy UAC gyors, kérjük, hogy azt)

* XP felhasználóknak Dupla kettyenés-on dds futtatható.
* Ha a víruskereső vagy tűzfal blokkolja próbálja DDS akkor legyen szíves hagyja őket futni.
* Ha kész DDS nyitja meg két (2) logs.

1) DDS.txt
2) Attach.txt

* Save mindkét bejelentkezik az asztalra.
* Kérjük másolja be az egész tartalmát is bejelentkezik a következő választ.

Megjegyzés: DDS fogja Önt, hogy tegye a Attach.txt napló mellékleteként.
Kérjük, csak a post it, mint bármilyen más napló példánya, és illessze be a választ.

Bridgetnek · #7 Szeptember 20, 2009, 01:42

DDS (Ver_09-07-30,01) - NTFSx86
Működteti a Bridget 9:40:16.31 on 20/09/2009
Az Internet Explorer: 8.0.6001.18813 BrowserJavaVersion: 1.5.0_17
MicrosoftÂ ® Windows Vistaâ "˘ Home Premium 6.0.6001.1.1252.44.1033.18.2814.1702 [GMT 1:00]
SP: A Windows Defender * kompatibilis * (Frissítve) (D68DDC3A-831F-4FAE-9E44-DA132C1ACF46)
SP: SUPERAntiSpyware fogyatékkal * * (Frissítve) (222A897C-5018-402e-943F-7E7AC8560DA7)
Futás Folyamat ============== ===============
C: \\ Windows \\ System32 \\ wininit.exe
C: \\ Windows \\ System32 \\ lsm.exe
C: \\ Windows \\ System32 \\ svchost.exe-k DcomLaunch
C: \\ Windows \\ System32 \\ nvvsvc.exe
C: \\ Windows \\ System32 \\ svchost.exe-k rpcss
C: \\ Windows \\ System32 \\ svchost.exe-k LocalServiceNetworkRestricted
C: \\ Windows \\ System32 \\ svchost.exe-k LocalSystemNetworkRestricted
C: \\ Windows \\ System32 \\ svchost.exe-k netsvcs
C: \\ Windows \\ System32 \\ svchost.exe-k GPSvcGroup
C: \\ Windows \\ System32 \\ SLsvc.exe
C: \\ Windows \\ System32 \\ svchost.exe-k LocalService
C: \\ Windows \\ System32 \\ svchost.exe-k NetworkService
C: \\ Windows \\ System32 \\ rundll32.exe
C: \\ Windows \\ System32 \\ spoolsv.exe
C: \\ Program Files \\ Common Files \\ Symantec Shared \\ ccSvcHst.exe
C: \\ Windows \\ System32 \\ svchost.exe-k LocalServiceNoNetwork
C: \\ Program Files \\ Acer Arcade Live \\ Acer HomeMedia Connect \\ Kernel \\ DMS \\ CLMSServer.exe
C: \\ Program Files \\ NewTech Infosystems \\ NTI Backup Most 5 \\ Client \\ Agentsvc.exe
C:: \\ Program Files \\ Acer \\ Empowering Technology \\ eDataSecurity \\ x86 \\ eDSService.exe
C: \\ Program Files \\ Acer \\ Empowering Technology \\ Service \\ ETService.exe
C: \\ Program Files \\ Kontiki \\ KService.exe
C: \\ Program Files \\ Common Files \\ LightScribe \\ LSSrvc.exe
C: \\ Program Files \\ NewTech Infosystems \\ NTI Backup Most 5 \\ BackupSvc.exe
C: \\ Windows \\ System32 \\ svchost.exe-k NetworkServiceNetworkRestricted
C: \\ Program Files \\ CyberLink \\ Shared Files \\ RichVideo.exe
C: \\ Windows \\ System32 \\ svchost.exe-k imgsvc
C: \\ Windows \\ System32 \\ svchost.exe-k WerSvcGroup
C: \\ Windows \\ System32 \\ SearchIndexer.exe
C: \\ Program Files \\ bin32 \\ nSvcAppFlt.exe
C: \\ Program Files \\ bin32 \\ nSvcIp.exe
C: \\ Windows \\ System32 \\ WUDFHost.exe
C:: \\ Program Files \\ Symantec \\ LiveUpdate \\ AluSchedulerSvc.exe
C: \\ Windows \\ System32 \\ taskeng.exe
C: \\ Windows \\ System32 \\ taskeng.exe
C: \\ Windows \\ System32 \\ Dwm.exe
C: \\ Windows \\ Explorer.exe
C: \\ Program Files \\ Internet Explorer \\ iexplore.exe
C: \\ Program Files \\ Google \\ Google Toolbar \\ GoogleToolbarUser_32.exe
C: \\ Program Files \\ Google \\ GoogleToolbarNotifier \\ GoogleToolbarNotifier.exe
C: \\ Program Files \\ Common Files \\ Symantec Shared \\ ccSvcHst.exe
C: \\ Program Files \\ Internet Explorer \\ iexplore.exe
C: \\ Program Files \\ Windows Media Player \\ Wmplayer.exe A
C: \\ PROGRA ~ 1 \\ COMMON ~ 1 \\ SYMANT ~ 1 \\ CCPD-LC \\ symlcsvc.exe
C: \\ Program Files \\ Internet Explorer \\ iexplore.exe
C: \\ Program Files \\ Internet Explorer \\ iexplore.exe
C: \\ Program Files \\ Internet Explorer \\ iexplore.exe
C: \\ Program Files \\ TweetDeck \\ TweetDeck.exe
C: \\ Program Files \\ Internet Explorer \\ iexplore.exe
C: \\ Windows \\ System32 \\ Macromed \\ Flash \\ FlashUtil10b.exe
C: \\ Program Files \\ Internet Explorer \\ iexplore.exe
C: \\ Windows \\ System32 \\ SearchProtocolHost.exe
C: \\ Windows \\ System32 \\ SearchFilterHost.exe
C: \\ Windows \\ System32 \\ SearchProtocolHost.exe
C: \\ Windows \\ System32 \\ Dllhost.exe
C: \\ Windows \\ System32 \\ Dllhost.exe
C: \\ Windows \\ System32 \\ Dllhost.exe
C: \\ Users \\ Bridget \\ Desktop \\ dds.com
C: \\ Windows \\ System32 \\ wbem \\ wmiprvse.exe
Pszeudo-jelentés HJT ============== ===============
uStart Page = hxxp: / / www.google.com/
uDefault_Search_URL = hxxp: / / www.google.com / hu
mStart Page = hxxp: / / en.uk.acer.yahoo.com
uSearchURL, (Default) = hxxp: / / www.google.com/search?q =% s
uURLSearchHooks: Alawar.com Toolbar: (511131f1-4629-4254-a85f-ed7b6d75dd3c) - C: \\ Program Files \\ alawar.com \\ tbAlaw.dll
mURLSearchHooks: Alawar.com Toolbar: (511131f1-4629-4254-a85f-ed7b6d75dd3c) - C: \\ Program Files \\ alawar.com \\ tbAlaw.dll
BHO: (02478D38-C3F9-4efb-9B51-7695ECA05670) - No File
BHO: Adobe PDF-Link Helper: (18df081c-e8ad-4283-A596-fa578c2ebdc3) - C: \\ Program Files \\ Common Files \\ Adobe \\ Acrobat \\ ActiveX \\ AcroIEHelperShim.dll
BHO: Alawar.com Toolbar: (511131f1-4629-4254-a85f-ed7b6d75dd3c) - C: \\ Program Files \\ alawar.com \\ tbAlaw.dll
BHO: NKH 2,0 IE BHO: (602adb0e-4aff-4217-8aa1-95dac4dfa408) - C: \\ Program Files \\ Common Files \\ Symantec Shared \\ coshared \\ Browser \\ 2,6 \\ coIEPlg.dll
BHO: A Symantec Intrusion Prevention: (6d53ec84-6aae-4787-aeee-f4628f01010c) - C: \\ PROGRA ~ 1 \\ common ~ 1 \\ symant ~ 1 \\ ids \\ IPSBHO.dll
BHO: SSVHelper osztály: (761497bb-d6f0-462c-b6eb-d4daf1d92d43) - C: \\ Program Files \\ Java \\ jre1.5.0_17 \\ bin \\ ssv.dll
BHO: ShowBarObj osztály: (83a2f9b1-4aa5-01a2-87d1-45b6b8505e96) - C: \\ Program Files \\ Acer \\ Empowering Technology \\ eDataSecurity \\ x86 \\ ActiveToolBand.dll
BHO: Windows Live Sign-in Helper: (9030d464-4c02-4abf-8ecc-5164760863c6) - C: \\ Program Files \\ Common Files \\ Microsoft Shared \\ Windows Live \\ WindowsLiveLogin.dll
BHO: Google Toolbar Helper: (aa58ed58-01dd-4d91-8333-cf10577473f7) - C: \\ Program Files \\ Google \\ Google eszköztár \\ GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: (af69de43-7d58-4638-b6fa-ce66b5ad205d) - C: \\ Program Files \\ Google \\ GoogleToolbarNotifier \\ 5.2.4204.1700 \\ swg.dll
BHO: Google Dictionary Compression sdch: (c84d72fe-e17d-4195-bb24-76c02e2e7c4e) - C: \\ Program Files \\ Google \\ Google Toolbar \\ komponens \\ fastsearch_B7C5AC242193BB3E.dll
A TB: Acer eDataSecurity Management: (5cbe3b7c-1e47-477e-a7dd-396db0476e29) - C: \\ Program Files \\ Acer \\ Empowering Technology \\ eDataSecurity \\ x86 \\ eDStoolbar.dll
TB: Show Norton Toolbar: (7febefe3-6b19-4349-98d2-ffb09d4b49ca) - C: \\ Program Files \\ Common Files \\ Symantec Shared \\ coshared \\ Browser \\ 2,6 \\ CoIEPlg.dll
TB: A Google Toolbar: (2318c2b1-4965-11D4-9b18-009027a5cd4f) - C: \\ Program Files \\ Google \\ Google eszköztár \\ GoogleToolbar_32.dll
A TB: Alawar.com Toolbar: (511131f1-4629-4254-a85f-ed7b6d75dd3c) - C: \\ Program Files \\ alawar.com \\ tbAlaw.dll
uRun: [swg] C: \\ Program Files \\ Google \\ GoogleToolbarNotifier \\ GoogleToolbarNotifier.exe "
uRun: [ehTray.exe] c: \\ windows \\ ehome \\ ehTray.exe
uRun: [KDX] C: \\ Program Files \\ kontiki \\ KHost.exe-all
uRun: [EA Core] "C: \\ Program Files \\ Electronic Arts \\ eadm \\ Core.exe"-silent
uRun: [Sidebar] C: \\ Program Files \\ Windows Sidebar \\ sidebar.exe / autorun
uRun: [WMPNSCFG] C: \\ Program Files \\ Windows Media Player \\ WMPNSCFG.exe
mRun: [Windows Defender]% ProgramFiles% \\ Windows Defender \\ MSASCui.exe elrejtés
mRun: [NvCplDaemon] RUNDLL32.EXE c: \\ windows \\ system32 \\ NvCpl.dll, NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c: \\ windows \\ system32 \\ NvMcTray.dll, NvTaskbarInit
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Acer Empowering Technology Monitor] C: \\ Program Files \\ Acer \\ Empowering Technology \\ SysMonitor.exe
mRun: [EmpoweringTechnology] C: \\ Program Files \\ Acer \\ Empowering Technology \\ Framework.Launcher.exe boot
mRun: [eDataSecurity Loader] C: \\ Program Files \\ Acer \\ Empowering Technology \\ eDataSecurity \\ x86 \\ eDSloader.exe
mRun: [PCMMediaSharing] C: \\ Program Files \\ Acer Arcade él \\ acer homemedia csatlakozni \\ kernel \\ DMS \\ PCMMediaSharing.exe
mRun: [BkupTray] "C: \\ Program Files \\ newtech Infosystems \\ NTI hát most 5 \\ BkupTray.exe"
mRun: [WarReg_PopUp] C: \\ Program Files \\ acer \\ wr_popup \\ WarReg_PopUp.exe
mRun: [Google Desktop Search] "C: \\ Program Files \\ Google \\ Google Desktop Search \\ GoogleDesktop.exe" / startup
mRun: [TkBellExe] "C: \\ Program Files \\ Common Files \\ valódi \\ update_ob \\ realsched.exe"-osboot
mRun: [WinampAgent] "C: \\ Program Files \\ Common Files \\ Symantec Shared \\ ccApp.exe"
mRun: [osCheck] "C: \\ Program Files \\ Norton 360 \\ osCheck.exe"
mRun: [SunJavaUpdateSched] "C: \\ Program Files \\ Java \\ jre1.5.0_17 \\ bin \\ jusched.exe"
mRun: [Adobe Reader Speed Launcher] "C: \\ Program Files \\ Adobe \\ Reader 9.0 \\ Reader \\ Reader_sl.exe"
mRun: [Rádió Downloader] "C: \\ Program Files \\ rádió letöltött \\ Radio Downloader.exe" / hidemainwindow
mRun: [Malwarebytes Anti-Malware (reboot)] "C: \\ Program Files \\ Malwarebytes" anti-malware \\ mbam.exe "/ runcleanupscript
StartupFolder: c: \\ users \\ Bridget \\ AppData \\ Roaming \\ MICROS ~ 1 \\ windows \\ startm ~ 1 \\ programs \\ startup \\ bbcipl ~ 1.lnk - C: \\ Program Files \\ BBC iPlayer desktop \\ BBC iPlayer Desktop.exe
StartupFolder: c: \\ users \\ Bridget \\ AppData \\ Roaming \\ MICROS ~ 1 \\ windows \\ startm ~ 1 \\ programs \\ startup \\ onenot ~ 1.lnk - C: \\ Program Files \\ Microsoft Office \\ Office12 \\ ONENOTEM.EXE
mPolicies-rendszer: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa & ver - c: \\ windows \\ system32 \\ GPhotos.scr/200
IE: E & xportálás a Microsoft Excel - C: \\ PROGRA ~ 1 \\ MICROS ~ 2 \\ Office12 \\ EXCEL.EXE/3000
IE: (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - (CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC) - C: \\ PROGRA ~ 1 \\ java \\ jre15 ~ 1.0_1 \\ bin \\ ssv.dll
IE: (2670000A-7350-4f3c-8081-5663EE0C6C49) - (48E73304-E1D6-4330-914c-F5F514E3486C) - C: \\ PROGRA ~ 1 \\ MICROS ~ 2 \\ Office12 \\ ONBttnIE.dll
IE: (92780B25-18CC-41C8-B9BE-3C9C571A8263) - (FF059E31-CC5A-4E2E-BF3B-96E929D65503) - C: \\ PROGRA ~ 1 \\ MICROS ~ 2 \\ Office12 \\ REFIEBAR.DLL
LSP:% SystemRoot% \\ System32 \\ nvLsp.dll
DPF: (149E45D8-163E-4189-86FC-45022AB2B6C9) -- file: / / / C: / Program% 20Files/Faerie% 20...es/stg_drm.ocx
DPF: (67DABFBF-D0AB-41FA-9C46-CC0F21721616) - hxxp: / / download.divx.com / lejátszó / DivXBrowserPlugin.cab
DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) - hxxp: / / javadl-esd.sun.com/update/1.5.0/jinstall-1_5-windows-i586.cab
DPF: (BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B) - hxxp: / / game01.zylom.com/activex/zylomgamesplayer.cab
DPF: (CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA) - hxxp: / / java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab
DPF: (CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA) - hxxp: / / java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab
DPF: (CC450D71-CC90-424C-8638-1F2DBAC87A54) -- file: / / / C: / Program% 20Files/Burger% 20.../armhelper.ocx
DPF: (CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7) - hxxp: / / wwwimages.adobe.com / www.adobe.com / products / acrobat / nos / gp.cab
DPF: (E2883E8F-472F-4FB0-9522-AC9BF37916A7) - hxxp: / / platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Értesítés:! SASWinLogon - C: \\ Program Files \\ SUPERAntiSpyware \\ SASWINLO.dll
AppInit_DLLs: c: \\ progra ~ 1 \\ Google \\ google ~ 1 \\ GoogleDesktopNetwork3.dll
SEH: SABShellExecuteHook osztály: (5ae067d3-9afb-48e0-853a-ebb7f4a000da) - C: \\ Program Files \\ SUPERAntiSpyware \\ SASSEH.DLL
============= SZOLGÁLTATÁSOK / DRIVERS ===============
R1 IDSvix86; Symantec Intrusion Prevention Driver: c: \\ PROGRA ~ 2 \\ symantec \\ definíció ~ 1 \\ symcdata \\ ipsdefs \\ 20090910,001 \\ IDSvix86.sys [2009-9-11 272432]
R1 SASDIFSV; SASDIFSV: c: \\ Program Files \\ SUPERAntiSpyware \\ sasdifsv.sys [2009-9-4 9968]
R1 SASKUTIL; SASKUTIL: c: \\ Program Files \\ SUPERAntiSpyware \\ SASKUTIL.SYS [2009-9-4 74480]
R2 Acer HomeMedia Connect Service; Acer HomeMedia Connect szolgáltatás: c: \\ Program Files \\ Acer Arcade él \\ acer homemedia csatlakozni \\ kernel \\ dms \\ CLMSServer.exe [2008-4-30 269448]
R2 BUNAgentSvc; NTI Backup Most 5 Agent Service; c: \\ Program Files \\ newtech Infosystems \\ NTI hát most 5 \\ Client \\ Agentsvc.exe [2008-3-3 16384]
R2 ETService; Empowering Technology Service; c: \\ Program Files \\ Acer \\ Empowering Technology \\ szolgálati \\ ETService.exe [2008-4-30 24576]
R2 LiveUpdate Notice; LiveUpdate Notice: c: \\ Program Files \\ Common Files \\ Symantec Shared \\ CCSVCHST.EXE [2008-2-18 149352]
R2 NTIBackupSvc; NTI Backup Most 5 Backup Service; c: \\ Program Files \\ newtech Infosystems \\ NTI hát most 5 \\ BackupSvc.exe [2008-4-26 45056]
R3 EraserUtilRebootDrv; EraserUtilRebootDrv: c: \\ Program Files \\ Common Files \\ Symantec Shared \\ eengine \\ EraserUtilRebootDrv.sys [2009-9-2 102448]
R3 netr28u; RT2870 USB Wireless LAN Card Driver for Vista: c: \\ windows \\ system32 \\ drivers \\ netr28u.sys [2007-8-16 552448]
R3 NVHDA; szolgálat NVIDIA High Definition Audio Driver; c: \\ windows \\ system32 \\ drivers \\ nvhda32v.sys [2008-4-30 43552]
R3 SASENUM; SASENUM: c: \\ Program Files \\ SUPERAntiSpyware \\ SASENUM.SYS [2009-9-4 7408]
R3 SYMNDISV; SYMNDISV: c: \\ windows \\ system32 \\ drivers \\ symndisv.sys [2009-2-19 41008]
S2 gupdate1c9a4d9901f2af0; Google Update Service (gupdate1c9a4d9901f2af0), c: \\ program files \\ google \\ update \\ GoogleUpdate.exe [2009-3-14 133104]
S2 NTISchedulerSvc; NTI Backup Most 5 Scheduler Service; c: \\ Program Files \\ newtech Infosystems \\ NTI hát most 5 \\ SchedulerSvc.exe [2008-4-26 131072]
S3 COH_Mon; COH_Mon: c: \\ windows \\ system32 \\ drivers \\ COH_Mon.sys [2008-1-13 23888]
S3 GoogleDesktopManager-080708-050100; Google Desktop 5.7.808.7150 Manager c: \\ Program Files \\ Google \\ Google Desktop Search \\ GoogleDesktop.exe [2009-3-7 24064]
S3 s115bus; Sony Ericsson Device 115 driver (WDM), c: \\ windows \\ system32 \\ drivers \\ s115bus.sys [2007-4-23 83208]
=============== Létrehozva Utolsó 30 ================
2009-09-19 09:03 <DIR> - d ----- C: \\ $ RECYCLE.BIN
2009-09-19 08:54 229.888 ------- a c: \\ windows \\ PEV.exe
2009-09-19 08:54 161.792 ------- a c: \\ windows \\ SWREG.exe
2009-09-19 08:54 98.816 ------- a c: \\ windows \\ sed.exe
2009-09-18 17:54 <DIR> - d ----- C: \\ Program Files \\ Trend Micro
2009-09-17 18:39 225.454.949 ------- a c: \\ windows \\ MEMORY.DMP
2009-09-17 17:50 <DIR> - d ----- C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Malwarebytes
2009-09-17 17:50 38.224 ------- a c: \\ windows \\ system32 \\ drivers \\ mbamswissarmy.sys
2009-09-17 17:50 19.160 ------- a c: \\ windows \\ system32 \\ drivers \\ mbam.sys
2009-09-17 17:50 <DIR> - d ----- c: \\ programdata \\ Malwarebytes
2009-09-17 17:50 <DIR> - d ----- C: \\ Program Files \\ Malwarebytes 'Anti-Malware
2009-09-17 17:50 <DIR> - d ----- C: \\ PROGRA ~ 2 \\ Malwarebytes
2009-09-17 16:31 <DIR> - d ----- c: \\ programdata \\ SUPERAntiSpyware.com
2009-09-17 16:31 <DIR> - d ----- C: \\ PROGRA ~ 2 \\ SUPERAntiSpyware.com
2009-09-17 16:30 <DIR> - d ----- C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ SUPERAntiSpyware.com
2009-09-17 16:30 <DIR> - d ----- C: \\ Program Files \\ SUPERAntiSpyware
2009-09-17 16:29 <DIR> - d ----- C: \\ Program Files \\ Common Files \\ Wise Installation Wizard
2009-09-17 16:21 <DIR> - d ----- C: \\ Program Files \\ CCleaner
2009-09-17 10:43 <DIR> - d ----- C: \\ Users \\ Bridget \\ Documents - Copy (1)
2009-09-17 10:43 <DIR> - d ----- C: \\ Users \\ Bridget \\ Desktop - Copy (1)
2009-09-17 10:43 <DIR> - d ----- C: \\ Users \\ Bridget \\ uspy - Copy (1) bekezdésének
2009-09-17 10:43 <DIR> - d ----- C: \\ Users \\ Bridget \\ Contacts - Copy (1)
2009-09-16 21:19 144 Egy ------- C: \\ windows \\ system32 \\ hfxsd
2009-09-16 18:58 <DIR> - d ----- c: \\ programdata \\ WindowsSearch
2009-09-16 12:58 <DIR> - d ----- c: \\ programdata \\ Playrix Szórakozás
2009-09-16 12:58 <DIR> - d ----- C: \\ PROGRA ~ 2 \\ Playrix Szórakozás
2009-09-16 12:21 <DIR> - d ----- c: \\ programdata \\ Sandlot Játékok
2009-09-16 12:21 <DIR> - d ----- C: \\ PROGRA ~ 2 \\ Sandlot Játékok
2009-09-16 12:21 <DIR> - d ----- c: \\ windows \\ Cake Mania Vissza a Bakery
2009-09-16 12:14 <DIR> - d ----- c: \\ programdata \\ Brainiversity2
2009-09-16 12:14 <DIR> - d ----- C: \\ PROGRA ~ 2 \\ Brainiversity2
2009-09-16 12:13 <DIR> - d ----- c: \\ windows \\ Brainiversity 2
2009-09-16 10:02 <DIR> - d ----- c: \\ programdata \\ Nick Chase A Detective Story
2009-09-16 10:02 <DIR> - d ----- C: \\ PROGRA ~ 2 \\ Nick Chase A Detective Story
2009-09-16 09:54 <DIR> - d ----- c: \\ windows \\ Nick Chase A Detective Story
2009-09-16 09:53 <DIR> - d ----- c: \\ windows \\ Nick Chase egy detektív Story stratégiai útmutató
2009-09-15 21:24 <DIR> - d ----- C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ BitZipper
2009-09-15 20:44 <DIR> - d ----- c: \\ windows \\ Keys Manhattan
2009-09-15 15:43 <DIR> - d ----- C: \\ Program Files \\ GameHouse
2009-09-14 14:30 <DIR> - d ----- C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Princess Isabella
2009-09-14 13:16 <DIR> - d ----- C: \\ Program Files \\ My Tribe
2009-09-13 20:00 <DIR> - d ----- c: \\ programdata \\ Azureus
2009-09-13 20:00 <DIR> - d ----- C: \\ PROGRA ~ 2 \\ Azureus
2009-09-13 20:00 <DIR> - d ----- C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Azureus
2009-09-13 10:28 <DIR> - d ----- C: \\ Users \\ Bridget \\ AppData \\ Roaming \\www.nerdoftheherd.com
2009-09-13 10:28 <DIR> - d ----- C: \\ Program Files \\ Downloader Rádió
2009-09-10 16:00 <DIR> - d ----- C: \\ Program Files \\ Carl The Caveman
2009-09-10 13:28 <DIR> - d ----- C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ EnchantedCavern
2009-09-10 10:27 <DIR> - d ----- c: \\ programdata \\ Mysteries of Horus
2009-09-10 10:27 <DIR> - d ----- C: \\ PROGRA ~ 2 \\ Mysteries of Horus
2009-09-09 17:04 <DIR> - d ----- C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Faerie Solitaire
2009-09-09 13:59 <DIR> - d ----- C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Boolat Játékok
2009-09-09 09:03 897.608 ------- a c: \\ windows \\ system32 \\ drivers \\ tcpip.sys
2009-09-09 09:03 104.960 ------- a c: \\ windows \\ system32 \\ netiohlp.dll
2009-09-09 09:01 2.868.224 ------- a c: \\ windows \\ system32 \\ mf.dll
2009-09-07 05:37 <DIR> - d ----- C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ V-Games
2009-09-05 17:03 <DIR> - d ----- c: \\ programdata \\ FarmFrenzy3
2009-09-05 17:03 <DIR> - d ----- C: \\ PROGRA ~ 2 \\ FarmFrenzy3
2009-09-04 19:31 <DIR> - d ----- C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Enchanted Katya
2009-09-04 17:32 <DIR> - d ----- c: \\ programdata \\ VirtualFarm
2009-09-04 17:32 <DIR> - d ----- C: \\ PROGRA ~ 2 \\ VirtualFarm
2009-09-04 15:04 <DIR> - d ----- C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ BeachPartyCraze
2009-09-04 13:38 <DIR> - d ----- C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ gaijin Ent
2009-09-02 22:44 28.672 A ------- c: \\ windows \\ system32 \\ Apphlpdm.dll
2009-09-02 22:44 4.240.384 ------- a c: \\ windows \\ system32 \\ GameUXLegacyGDFs.dll
2009-09-02 13:27 <DIR> - d ----- C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ Alawar
2009-09-02 11:43 <DIR> - d ----- C: \\ Program Files \\ Conduit
2009-09-02 11:43 <DIR> - d ----- C: \\ Program Files \\ Alawar.com
2009-09-02 10:00 <DIR> - d ----- C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ SprillRichiEng
2009-09-02 09:57 <DIR> - d ----- c: \\ programdata \\ DreamFarm
2009-09-02 09:57 <DIR> - d ----- C: \\ PROGRA ~ 2 \\ DreamFarm
2009-08-30 19:41 <DIR> - d ----- c: \\ programdata \\ AlawarGameBox
2009-08-30 19:41 <DIR> - d ----- C: \\ PROGRA ~ 2 \\ AlawarGameBox
2009-08-30 19:41 <DIR> - d ----- c: \\ programdata \\ AlawarWrapper
2009-08-30 19:41 <DIR> - d ----- C: \\ PROGRA ~ 2 \\ AlawarWrapper
2009-08-30 19:41 <DIR> - d ----- C: \\ Program Files \\ Alawar
2009-08-26 12:58 2.048 A ------- c: \\ windows \\ system32 \\ tzres.dll
2009-08-23 18:26 0 --- A --- H c: \\ windows \\ system32 \\ drivers \\ Msft_User_WpdMtpDr_01_00_00.Wdf
2009-08-22 21:22 <DIR> - d ----- C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ iWin_JanesRealty
2009-08-22 15:06 <DIR> - d ----- c: \\ programdata \\ hitpointstudios
2009-08-22 15:06 <DIR> - d ----- C: \\ PROGRA ~ 2 \\ hitpointstudios
2009-08-22 11:37 <DIR> - d ----- C: \\ Program Files \\ Chuzzle Deluxe
==================== ==================== Find3M
2009-08-28 13:39 173.056 ------- a c: \\ windows \\ apppatch \\ AcXtrnal.dll
2009-08-28 13:38 2.153.984 ------- a c: \\ windows \\ apppatch \\ Acgenral.dll
2009-08-28 13:38 541.696 ------- a c: \\ windows \\ apppatch \\ AcLayers.dll
2009-08-28 13:38 459.776 ------- a c: \\ windows \\ apppatch \\ AcSpecfc.dll
2009-08-14 17:29 17.920 A ------- c: \\ windows \\ system32 \\ netevent.dll
2009-08-14 15:16 17.920 A ------- c: \\ windows \\ system32 \\ ROUTE.EXE
2009-08-14 15:16 9.728 A ------- c: \\ windows \\ system32 \\ TCPSVCS.EXE
2009-08-14 15:16 11.264 A ------- c: \\ windows \\ system32 \\ MRINFO.EXE
2009-08-14 15:16 27.136 A ------- c: \\ windows \\ system32 \\ Netstat.exe segédprogrammal
2009-08-14 15:16 19.968 A ------- c: \\ windows \\ system32 \\ ARP.EXE
2009-08-14 15:16 10.240 A ------- c: \\ windows \\ system32 \\ finger.exe
2009-08-14 15:16 8.704 A ------- c: \\ windows \\ system32 \\ HOSTNAME.EXE
2009-08-09 18:37 70 ------- a C: \\ Users \\ Bridget \\ AppData \\ Roaming \\ wklnhst.dat
2009-07-23 19:01 124.488 egy h --- --- c: \\ windows \\ system32 \\ mlfcache.dat
2009-07-21 22:52 915.456 ------- a c: \\ windows \\ system32 \\ Wininet.dll
2009-07-21 22:47 109.056 ------- a c: \\ windows \\ system32 \\ iesysprep.dll
2009-07-21 22:47 71.680 A ------- c: \\ windows \\ system32 \\ iesetup.dll
2009-07-21 21:13 133.632 ------- a c: \\ windows \\ system32 \\ ieUnatt.exe
2009-07-17 15:35 71.680 A ------- c: \\ windows \\ system32 \\ atl.dll
2009-07-14 14:00 313.344 ------- a c: \\ windows \\ system32 \\ wmpdxm.dll
2009-07-14 13:59 4.096 A ------- c: \\ windows \\ system32 \\ dxmasf.dll
2009-07-14 13:58 7.680 A ------- c: \\ windows \\ system32 \\ spwmp.dll
2009-07-14 11:59 8.147.456 ------- a c: \\ windows \\ system32 \\ wmploc.DLL
2009-07-11 20:32 513.024 ------- a c: \\ windows \\ system32 \\ wlansvc.dll
2009-07-11 20:32 302.592 ------- a c: \\ windows \\ system32 \\ wlansec.dll
2009-07-11 20:32 293.376 ------- a c: \\ windows \\ system32 \\ wlanmsm.dll
2009-07-11 20:29 127.488 ------- a c: \\ windows \\ system32 \\ L2SecHC.dll
2009-06-16 10:25 143.360 ------- a c: \\ windows \\ inf \\ infstrng.dat
2009-06-16 10:25 51.200 ------- a c: \\ windows \\ inf \\ infpub.dat
2009-06-16 10:25 86.016 ------- a c: \\ windows \\ inf \\ infstor.dat
2009-03-07 14:19 665.600 ------- a c: \\ windows \\ inf \\ drvindex.dat
2008-01-21 03:43 174 a - sh --- C: \\ Program Files \\ desktop.ini
2006-11-02 13:42 287.440 ------- a c: \\ windows \\ inf \\ Perflib \\ 0.409 \\ perfi.dat
2006-11-02 13:42 287.440 ------- a c: \\ windows \\ inf \\ Perflib \\ 0.409 \\ perfh.dat
2006-11-02 13:42 30.674 ------- a c: \\ windows \\ inf \\ Perflib \\ 0.409 \\ perfd.dat
2006-11-02 13:42 30.674 ------- a c: \\ windows \\ inf \\ Perflib \\ 0.409 \\ perfc.dat
2006-11-02 10:20 287.440 ------- a c: \\ windows \\ inf \\ Perflib \\ 0000 \\ perfi.dat
2006-11-02 10:20 287.440 ------- a c: \\ windows \\ inf \\ Perflib \\ 0000 \\ perfh.dat
2006-11-02 10:20 30.674 ------- a c: \\ windows \\ inf \\ Perflib \\ 0000 \\ perfd.dat
2006-11-02 10:20 30.674 ------- a c: \\ windows \\ inf \\ Perflib \\ 0000 \\ perfc.dat
============= CÉL: 9:41:01.49 ===============

Bridgetnek · #8 Szeptember 20, 2009, 01:43

DDS (Ver_09-07-30,01)
MicrosoftÂ ® Windows Vistaâ "˘ Home Premium
Indító eszköz: \\ Device \\ HarddiskVolume2
Install Date: 11/10/2006 08:12:46
System Uptime: 20/09/2009 00:33:54 (9 óra)
Alaplap: Acer | | WMCP78M
Processzor: AMD Phenom (tm) 8450 Triple-Core processzor | Socket AM2 | 2100/200mhz
==== Partíciókat =========================
C: rögzített (NTFS) - 291 GiB összesen 205,274 GiB free.
D: FIXED (NTFS) - 292 GiB összesen 280,498 GiB free.
E: van Kivehető
F: van Kivehető
G: a CD-t (CDFS)
H: a cserélhető
I: eltávolítható
J: eltávolítható
==== Disabled Device Manager tételek =============
==== Rendszer-visszaállítási pont ===================

Telepített programok ==== ======================
Microsoft Office 2007 Service Pack 1 (SP1) szervizcsomaggal
Acer Arcade Live Főoldal
Acer DV Magician
Acer DVDivine
Acer eDataSecurity Management
Acer Empowering Technology alkalmazáscsomag
Acer GameZone konzol DTV 2.0.1.1
Acer HomeMedia
Acer HomeMedia Connect
Acer HomeMedia Trial Creator
Acer ScreenSaver
Acer Bemutató DVD
Acer VideoMagician
Acrobat.com
Aktiválás Segéd a 2007-es Microsoft Office
Adobe AIR -
Az Adobe Flash Player 10 ActiveX -
Megtekintéséhez Adobe Reader 9.1.3
Alawar Game Box
Alawar.com Toolbar
AppCore
Ask.com Search Assistant 1.0.2 -
AV bemenet kiválasztása
Aztec Tribe
Mentési
BBC iPlayer Desktop
BBC iPlayer Download Manager
Belkin F5D8053 N Wireless USB Adapter
Big Fish Games Client
Önkiszolgáló feladat ZoomBrowser EX
Internet Library for Canon ZoomBrowser EX
Canon iP4300
Canon RAW Image Task for ZoomBrowser EX
Canon Digital Photo Professional Utilities 3,0
A Canon Utilities Easy-PhotoPrint EX -
Canon EOS Utility Utilities
Canon Utilities Original Data Security Tools
Canon Utilities PhotoStitch
Canon Utilities WFT-E1/E2 Utility
Canon Utilities ZoomBrowser EX -
ccCommon
CCleaner (remove only)
Őr választás
A DivX Web Player
EA Download Manager
EOS IEEE1394 WIA Driver
EOS USB WIA Driver
EPSON Scan
eSobi v2
Farm Frenzy 3
Farm Frenzy Pizza Party
GearDrvs
Google Chrome
A Google Desktop
Google Earth -
A Google Eszköztár az Internet Explorer
A Google Update Helper
A Google Updater
HijackThis 2.0.2
Hotfix for Microsoft. NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft. NET Framework 3.5 SP1 (KB958484)
Hoyle Card Games Demo
J2SE Runtime Environment 5,0 frissítve 17
Kick N Rush
A LightScribe 1.4.142.1
A LiveUpdate (Symantec Corporation)
A Malwarebytes 'Anti-Malware a
Messenger Plus! Él
Microsoft. NET Framework 3.5 SP1
Microsoft Application Error Reporting
A Microsoft Office Excel MUI (angol) 2007
A Microsoft Office Home and Student 2007
A Microsoft Office OneNote MUI (angol) 2007
A Microsoft Office PowerPoint MUI (angol) 2007
A Microsoft Office Proof (angol) 2007
A Microsoft Office Proof (francia) 2007
A Microsoft Office Proof (spanyol) 2007
A Microsoft Office Proofing (angol) 2007
A Microsoft Office Shared MUI (angol) 2007
A Microsoft Office Shared MUI telepítés Metadata (angol) 2007
A Microsoft Office Word MUI (angol) 2007
Microsoft Silverlight
Microsoft Visual C + + 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C + + 2005 Redistributable
Microsoft Works
A Microsoft WSE 3,0 Runtime
MONOPOLY Build-a-lot Edition (remove only)
MSVCRT
MSXML 4.0 SP2 (KB954430)
Saját Craft Studio
My Tribe
Norton 360
Norton 360 (Symantec Corporation)
Norton 360 HTMLHelp
A Norton Confidential Core
Hát most NTI 5
NTI Backup Now Standard
NTI Media Maker 8
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA GAME System Software 2.8.1
A Picasa 3
PIXresizer 2.0.4 -
Letöltéssegéd rádiót
RealArcade
RealPlayer parancsot
: Realtek High Definition Audio Driver
Restaurant Empire
Biztonsági frissítés a 2007-es Microsoft Office rendszerhez (KB951550)
Biztonsági frissítés a 2007-es Microsoft Office rendszerhez (KB951944)
Biztonsági frissítés a 2007-es Microsoft Office rendszerhez (KB969559)
Biztonsági frissítés a 2007-es Microsoft Office rendszerhez (KB969679)
Biztonsági frissítés a Microsoft Office Excel 2007 (KB969682)
Biztonsági frissítés a Microsoft Office OneNote 2007 (KB950130)
Biztonsági frissítés a Microsoft Office PowerPoint 2007 (KB957789)
Biztonsági frissítés a Microsoft Office 2007 (KB954326)
Biztonsági frissítés a Microsoft Office 2007 (KB969613)
Biztonsági frissítés a Microsoft Office Word 2007 (KB969604)
SPBBC 32bit
Spotify
SUPERAntiSpyware Free Edition
Syberia
Symantec Real Time Protection Storage komponens
Symantec Technical Support Controls
SymNet
A SIMSA "˘ 3
TweetDeck
Frissítés a 2007-es Microsoft Office rendszerhez (KB967642)
Frissítés a Microsoft. NET Framework 3.5 SP1 (KB963707)
Frissítés a Microsoft Office 2007 Segítség a közös jellemzők (KB963673)
Frissítés a Microsoft Office Excel 2007 súgó (KB963678)
Frissítés a Microsoft Office OneNote 2007 súgó (KB963670)
Frissítés a Microsoft Office PowerPoint 2007 súgó (KB963669)
Frissítés a Microsoft Office Script Editor Help (KB963671)
Frissítés a Microsoft Office Word 2007 súgó (KB963665)
VC80CRTRedist - 8.0.50727.762
Webes játékok Player Plugin
A Windows Live Call
A Windows Live Communications Platform
A Windows Live Essentials
A Windows Live Messenger
A Windows Live Sign-in Assistant
Windows Live Upload Tool
ZACEditor
==== End Of File ===========================

tootech · #9 Szeptember 20, 2009, 02:10

Bocsi, hogy az ugró, én csodálkoztam, miért eltávolította ezt - Nem találtam meg a módját, hogy PM akkor ......

Idézet:

Jobb klikk HijackThis, és válassza a Futtatás rendszergazdaként

Ezután válassza ki csinál egy rendszer scan csak

Tegyünk egy pipa a következő bejegyzéseket: (ha van)
Az O2 - BHO: (no name) - (5C255C8A-E604-49b4-9D64-90988571CECB) - (no file)
Fontos: Zárja be az összes megnyitott ablakot kivéve a HijackThis és kattintson Fix ellenőrizni.

A kitöltött exit HijackThis.

**evilfantasy** · #10 Szeptember 20, 2009, 08:34

@ tootech - Meg kell kezdeni egy új témát kérem.

-----

Tovább a Programok telepítése és törlése (Vista a Programok és szolgáltatások), és uninstall:

Ask.com Search Assistant 1.0.2 -

Have a számítógép újraindítása a közelmúltban, és ez a hiba továbbra is történik?

Similar Threads
Szál	Thread Starter	Fórumot	Válaszaival	Last Post
Vírus Operating memória a rendszer	stylishmonk	Vírus, Spyware & Security	24	November 18, 2009 11:29
A tisztítást követően sok vírus és trójai I Can, I Still Don't Ez Control System	blade2buddy	Vírus, Spyware & Security	31	Október 28, 2009 09:09
Bad Image Virus/System32 Corrupt	zookmaster	Vírus, Spyware & Security	1	Augusztus 28, 2009 12:53
Virus: iexplore.exe a rendszer folyamat	mkjuan	Vírus, Spyware & Security	14	November 7, 2008 00:14
IEXPLORE.EXE rendszer vírus? HijackThis log, vess egy pillantást.	samDd	Vírus, Spyware & Security	4	Szeptember 29, 2008 17:13