Hello Stell segítenél nekem? Valami gubanc van a géppel,lassú és van úgy,hogy a monitorról eltűnik a kép mintha kikapcsolódna.Lehet hogy nem elég érthető amit mondani akarok,de jó lenne ha át néznéd ,hátha megoldható a probléma.Előre is köszönöm!

Ok, renben,,csak azert, mert igy ossze keverednek a logok,
nincsen mit.
udv.

Köszönöm és bocsánat a log-ért akkor. Legközelebb inkább megvárom mi a teendő.

ezeket a fiokokat ismered??
User: DZH~1.OLY
User: qwerty

Tisztisd ki a gepet a CCleaneral:
http://virus-stell.blogspot.com/2010/04/ccleaner.html
futtasd a combofixet:
http://virus-stell.blogspot.com/2010/04/combofix.html
a logjat majd tedd ide, ha ma nem, akkor majd holnap megnezem.

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
DllUnregisterServer procedure not found in C:\WINDOWS\system32\_000008_.tmp.dll
C:\WINDOWS\system32\_000008_.tmp.dll moved successfully.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP110.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP121.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP74C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEA.tmp folder moved successfully.
C:\WINDOWS\Temp\sdb16D.tmp moved successfully.
C:\WINDOWS\Temp\sdb5.tmp moved successfully.
C:\WINDOWS\Temp\sdb9A.tmp moved successfully.
C:\WINDOWS\Temp\sdbE3.tmp moved successfully.
C:\WINDOWS\Temp\testtime.tmp moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully.
C:\WINDOWS\tasks\ChicaPC-fix-Feketebárány-Startup.job moved successfully.
C:\WINDOWS\tasks\GlaryInitialize.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1500820517-1177238915-1003Core.job moved successfully.
C:\WINDOWS\tasks\MemOptimizer-02BB2F56CB964deb8996194DE7EB5275.job moved successfully.
C:\Program Files\Eset\ESET NOD32 Antivirus folder moved successfully.
C:\Program Files\Eset folder moved successfully.
C:\WINDOWS\system32\drivers\nod32drv.sys moved successfully.
File move failed. C:\WINDOWS\system32\DRIVERS\ehdrv.sys scheduled to be moved on reboot.
File move failed. C:\WINDOWS\system32\DRIVERS\eamon.sys scheduled to be moved on reboot.
File/Folder C:\WINDOWS\system32\drivers\aswTdi.sys not found.
C:\Program Files\Anti Trojan Elite folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\'Ashampoo AntiSpyWare 2 Guard'\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti Trojan Elite\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ashampoo Core Tuner\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLD.EXE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\WINDOWS\system32\ZoneLabs\vsmon.exe deleted successfully.
========== SERVICES/DRIVERS ==========
Error: Unable to stop service ehdrv!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ehdrv deleted successfully.
Error: Unable to stop service epfwtdir!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\epfwtdir deleted successfully.
Service nod32drv stopped successfully!
Service nod32drv deleted successfully!
Error: Unable to stop service eamon!
Unable to delete service\driver key eamon.
Service sp_rsdrv2 stopped successfully!
Service sp_rsdrv2 deleted successfully!
Service aswTdi stopped successfully!
Service aswTdi deleted successfully!
Service ATE_PROCMON stopped successfully!
Service ATE_PROCMON deleted successfully!
Service ekrn stopped successfully!
Service ekrn deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: DZH~1.OLY

User: Feketeb

User: Feketebárány
->Temp folder emptied: 4363361 bytes
->Temporary Internet Files folder emptied: 4408158 bytes
->Java cache emptied: 659837 bytes
->FireFox cache emptied: 96193713 bytes
->Flash cache emptied: 1890 bytes

User: Feketeb�r�ny

User: LocalService
->Temp folder emptied: 2086436 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 2025696 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: qwerty

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 72608842 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 174,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

Restore points cleared and new OTM Restore Point set!

OTM by OldTimer - Version 3.1.15.0 log created on 08202010_220406

Files moved on Reboot...
File move failed. C:\WINDOWS\system32\DRIVERS\ehdrv.sys scheduled to be moved on reboot.
File move failed. C:\WINDOWS\system32\DRIVERS\eamon.sys scheduled to be moved on reboot.

Registry entries deleted on Reboot...

lusta bagoly,a kek halalt ez a driver csinalja:
Emu10k1m.sys with description Creative SB Live! Adapter Driver =a Hang kartya,
leszedni a geprol es at telepiteni.

Lusta bagoly,-epen mashova , kel teni a logot, mert igy keveredik, es zavar, koszi.

Barika
Szed le a geprol az ASHAMPO -programot,
Tolds le eztet a programot az azsztalra:
http://oldtimer.geekstogo.com/OTM.exe
Futtasd-a bal ablakjaba masold be a zold textet-es klik a piros gombra MOVEIT a restart utan tedd ide a logjat.

Ez pedig pár nappal ezelőtti eredmény:

Debugging Details:
------------------


READ_ADDRESS: 00000004

CURRENT_IRQL: 2

FAULTING_IP:
+2aa952f00f9dfdc
891cf3ed 3b7204 cmp esi,dword ptr [edx+4]

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0xD1

TRAP_FRAME: ba4d3c28 -- (.trap 0xffffffffba4d3c28)
ErrCode = 00000000
eax=00000000 ebx=89a4f590 ecx=00000000 edx=00000000 esi=88f34f50 edi=b95b8890
eip=891cf3ed esp=ba4d3c9c ebp=ba4d3ca4 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246
891cf3ed 3b7204 cmp esi,dword ptr [edx+4] ds:0023:00000004=????????
Resetting default scope

LAST_CONTROL_TRANSFER: from 891cf3ed to 805446e0

STACK_TEXT:
ba4d3c28 891cf3ed badb0d00 00000000 00000000 nt!KiTrap0E+0x238
WARNING: Frame IP not in any known module. Following frames may be wrong.
ba4d3ca4 b95916fb 892cea0c 00000010 00000000 0x891cf3ed
ba4d3ce4 b95959ee 00000010 89c131e8 00000000 emu10k1m+0x186fb
ba4d3d18 b9582b9a 00000000 00000000 00000000 emu10k1m+0x1c9ee
ba4d3d28 80545e6f 89a4f60c 00000000 89a4f5fc emu10k1m+0x9b9a
ba4d3d50 80545d54 00000000 0000000e 00000000 nt!KiRetireDpcList+0x61
ba4d3d54 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x28


STACK_COMMAND: kb

FOLLOWUP_IP:
emu10k1m+186fb
b95916fb ?? ???

SYMBOL_STACK_INDEX: 2

SYMBOL_NAME: emu10k1m+186fb

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: emu10k1m

IMAGE_NAME: emu10k1m.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 0

FAILURE_BUCKET_ID: 0xD1_emu10k1m+186fb

BUCKET_ID: 0xD1_emu10k1m+186fb

Followup: MachineOwner
---------

Kérlek nézz rá ezekre, ha van időd, köszönöm.

Úgy látszik én is állandó vendéged leszek, hála annak, hogy rengeteg programot telepítek a gépemre. Most megint a kékhalálok szórakoztatnak. Megcsináltam a kékhalál elemzést a múltkori alapján ezzel is időt spórolva. Ime:

Debugging Details:
------------------


OVERLAPPED_MODULE: Address regions for 'Udfs' and 'kmixer.sys' overlap

READ_ADDRESS: 00000004

CURRENT_IRQL: 2

FAULTING_IP:
+2aa952f00f9dfdc
895f43ed ?? ???

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0xD1

TRAP_FRAME: ba4d3c28 -- (.trap 0xffffffffba4d3c28)
ErrCode = 00000000
eax=00000000 ebx=8a25e590 ecx=00000000 edx=00000000 esi=894bd360 edi=b92a8890
eip=895f43ed esp=ba4d3c9c ebp=ba4d3ca4 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246
895f43ed ?? ???
Resetting default scope

LAST_CONTROL_TRANSFER: from 895f43ed to 805446e0

STACK_TEXT:
ba4d3c28 895f43ed badb0d00 00000000 894bf518 nt!KiTrap0E+0x238
WARNING: Frame IP not in any known module. Following frames may be wrong.
ba4d3c98 894bc620 c1a29137 ba4d3ce4 b92816fb 0x895f43ed
ba4d3ca4 b92816fb 8989ca0c 00000010 00000000 0x894bc620
ba4d3ce4 b92859ee 00000010 8ab7e108 00000000 Unknown_Module_b9269000+0x186fb
ba4d3d18 b9272b9a 00000000 00000000 00000000 Unknown_Module_b9269000+0x1c9ee
ba4d3d28 80545e6f 8a25e60c 00000000 8a25e5fc Unknown_Module_b9269000+0x9b9a
ba4d3d50 80545d54 00000000 0000000e 00000000 nt!KiRetireDpcList+0x61
ba4d3d54 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x28


STACK_COMMAND: kb

FOLLOWUP_IP:
Unknown_Module_b9269000+186fb
b92816fb ?? ???

SYMBOL_STACK_INDEX: 3

SYMBOL_NAME: Unknown_Module_b9269000+186fb

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: Unknown_Module_b9269000

IMAGE_NAME: Unknown_Module_b9269000

DEBUG_FLR_IMAGE_TIMESTAMP: 0

FAILURE_BUCKET_ID: 0xD1_Unknown_Module_b9269000+186fb

BUCKET_ID: 0xD1_Unknown_Module_b9269000+186fb

Followup: MachineOwner
---------

ok, meg írd ide hogy melyik antivírust használod, a VIPRET. mert a rendszer tele van , AV-driverekel,,es ezeket most kipucoljuk,

Results of screen317's Security Check version 0.99.5
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
VIPRE Antivirus
Outpost Firewall Pro 2009
Antivirus out of date! (On Access scanning disabled!)
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner
Java(TM) 6 Update 19
Out of date Java installed!
Adobe Flash Player 10.1.53.64
Adobe Reader 9.2 - Hungarian
Out of date Adobe Reader installed!
Mozilla Firefox (3.6.
````````````````````````````````
Process Check:
objlist.exe by Laurent
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

Igen, ahogy latom, ősze jártad a magyar, ügynevezet vírus tanácsadókat, mert a gépeden , minden vírusirtó program bol van ami csak létezik, csodálkozom , hogy ez a rendszer meg nem omolt össze.
meg legy szives futtasd le ezt a programot es a logjat tedd ide.
http://screen317.spywareinfoforum.org/SecurityCheck.exe

Logfile of random's system information tool 1.08 (written by random/random)
Run by Feketebárány at 2010-08-20 20:47:09
Microsoft Windows XP Professional Szervizcsomag 3
System drive C: has 12 GB (20%) free of 58 GB
Total RAM: 2047 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:48: Barika, on 2010.08.20.
Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files\Sunbelt Software\VIPRE\SBPIMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Downloads\RSIT.exe
C:\Program Files\trend micro\Feketebárány.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://startlap.hu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [OutpostMonitor] "C:\PROGRA~1\Agnitum\Outpost Firewall Pro\op_mon.exe" /tray /noservice
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [SBAMTray] "C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe"
O4 - HKLM\..\RunOnce: [SpeedStartup] C:\Program Files\Speed Startup\speedstartup.exe runonce
O4 - HKCU\..\Run: [SpeedStartup] C:\Program Files\Speed Startup\speedstartup.exe bootup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportálás a Microsoft Excel programba - res://C:\PROGRA~1\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Outpost Firewall Pro Gyorshangolás - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpost firewall pro\wl_hook.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\Outpost Firewall Pro\acs.exe
O23 - Service: Logikai lemezkezelő felügyeleti szolgáltatás (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Eseménynapló (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: IMAPI CD-égető COM-szolgáltatás (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: NetMeeting távoli asztalmegosztás (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Hálózati DDE (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: Hálózati DDE DSDM (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: VIPRE Antivirus (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
O23 - Service: SB Recovery Service (SBPIMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBPIMSvc.exe
O23 - Service: Intelligens kártya (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Unknown owner - C:\Program Files\Spyware Terminator\sp_rsser.exe (file missing)
O23 - Service: Teljesítménynaplók és riasztások (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\system32\tlntsvr.exe
O23 - Service: Kötet árnyékmásolata (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: WMI teljesítményadapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 6543 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\ChicaPC-fix-Feketebárány-Startup.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1500820517-1177238915-1003Core.job
C:\WINDOWS\tasks\MemOptimizer-02BB2F56CB964deb8996194DE7EB5275.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-23 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-23 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"OutpostMonitor"=C:\PROGRA~1\Agnitum\Outpost Firewall Pro\op_mon.exe [2010-02-11 2447488]
"OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe [2010-02-09 439784]
"SBAMTray"=C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe [2010-04-30 1291600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpeedStartup"=C:\Program Files\Speed Startup\speedstartup.exe [2008-01-01 2236408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpeedStartup"=C:\Program Files\Speed Startup\speedstartup.exe [2008-01-01 2236408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe [2010-06-13 231888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\'Ashampoo AntiSpyWare 2 Guard']
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe [2009-07-15 2376536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti Trojan Elite]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ashampoo Core Tuner]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ashampoo HDD Control Guard]
C:\Program Files\Ashampoo\Ashampoo HDD Control\HDDControlGuard.exe [2009-03-13 844288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DefragTaskBar]
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe [2008-10-09 173408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DevconDefaultDB]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLD.EXE]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-11-16 2054360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Feketebárány\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-03-07 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-01-26 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-10-04 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFPrintServer_Pro_LL]
C:\Program Files\Companion Suite Pro LL\MFPrintServer.exe [2006-05-04 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFServices_Pro_LL]
C:\Program Files\Companion Suite Pro LL\MFServices.exe [2006-05-04 335872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mspwr]
C:\WINDOWS\system32\PuXpMan2.exe [2008-06-02 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-01-26 57393]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefaultMIDI]
C:\WINDOWS\MIDIDef.exe [2002-01-14 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UIWatcher]
C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe [2009-06-24 2529624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINDVDPatch]
C:\WINDOWS\system32\CTHELPER.EXE [2002-02-07 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AshampooDefragService"=2
"TapiSrv"=3
"NMSAccessU"=2
"NMIndexingService"=3
"Nero BackItUp Scheduler 4.0"=2
"Nero BackItUp Scheduler 3"=2
"LightScribeService"=2
"IswSvc"=2
"CiSvc"=3
"Browser"=2
"wampmysqld"=3
"wampapache"=3
"vsmon"=2
"iPod Service"=3
"Apple Mobile Device"=2
"StarWindServiceAE"=2
"AASW2_Service"=2
"WMPNetworkSvc"=3
"ServiceLayer"=3
"ose"=3
"odserv"=3
"NOD32krn"=2
"JavaQuickStarterService"=2
"idsvc"=3
"ekrn"=2
"EhttpSrv"=3
"DfSdkS"=3
"Creative Service for CDROM Access"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\agnitum\outpost firewall pro\wl_hook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBAMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBPIMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDesktop"=0
"NoStartMenuPinnedList"=1
"NoStartMenuMFUprogramsList"=1
"StartmenuLogoff"=0
"NoStartMenuSubFolders"=0
"NoCommonGroups"=1
"NoPrinterTabs"=0
"NoDeletePrinter"=0
"NoAddPrinter"=0
"NoPrinters"=0
"NoNetworkConnections"=1
"NoFavoritesMenu"=1
"NoRun"=0
"NoFind"=0
"NoClose"=0
"NoSetFolders"=0
"NoViewContextMenu"=0
"NoToolbarCustomize"=0
"NoRecentDocsNetHood"=0
"NoChangeAnimation"=0
"NoChangeKeyboardNavigationIndicators"=0
"NoThemesTab"=0
"HideClock"=0
"NoUserNameInStartMenu"=0
"NoDrives"=0
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveTrack"=1
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoFind"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=0
""=
"NoDriveTypeAutoRun"=0x5F000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:TrueVector Service"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP4\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP4\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\Program Files\FlashGet\FlashGet.exe"="C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:Flashget"
"C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home 2010.SP2\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home 2010.SP2\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-08-19 20:21:33 ----D---- C:\Documents and Settings\Feketebárány\Application Data\TOMI2.THE GATES OF FATE
2010-08-19 20:21:26 ----D---- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
2010-08-19 17:49:51 ----D---- C:\Program Files\Mystery Island II
2010-08-18 11:08:18 ----D---- C:\Documents and Settings\All Users\Application Data\Gogii
2010-08-16 23:53:48 ----A---- C:\WINDOWS\ntbtlog.txt
2010-08-16 23:41:00 ----D---- C:\Program Files\Registry Mechanic
2010-08-16 23:24:19 ----D---- C:\Program Files\Common Files\PC Tools
2010-08-16 21:13:53 ----D---- C:\Documents and Settings\Feketebárány\Application Data\Malwarebytes
2010-08-16 21:13:29 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-08-16 21:13:27 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-08-16 21:13:21 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-16 21:13:21 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-08-16 20:18:28 ----D---- C:\Program Files\trend micro
2010-08-16 20:18:08 ----D---- C:\rsit
2010-08-16 18:42:26 ----D---- C:\Documents and Settings\Feketebárány\Application Data\Glass Eye
2010-08-15 21:44:33 ----D---- C:\Documents and Settings\Feketebárány\Application Data\ERS G-Studio
2010-08-13 23:11:55 ----D---- C:\Documents and Settings\Feketebárány\Application Data\SunRay Games
2010-08-13 06:55:06 ----D---- C:\Documents and Settings\Feketebárány\Application Data\ShaoLin
2010-08-12 03:06:19 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-12 03:06:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-12 03:05:54 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-12 03:05:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-12 03:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-12 03:03:23 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-12 03:01:37 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-12 03:01:27 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-11 07:12:14 ----D---- C:\Documents and Settings\All Users\Application Data\Exorcist DS 7
2010-08-10 00:03:33 ----D---- C:\Program Files\LeeGTs Games
2010-08-09 18:30:35 ----D---- C:\Documents and Settings\Feketebárány\Application Data\Enki Games
2010-08-09 15:51:19 ----D---- C:\Documents and Settings\Feketebárány\Application Data\GameHouse
2010-08-09 15:51:19 ----D---- C:\Documents and Settings\All Users\Application Data\GameHouse
2010-08-07 22:59:16 ----D---- C:\Documents and Settings\All Users\Application Data\Intenium
2010-08-07 18:01:46 ----D---- C:\Documents and Settings\All Users\Application Data\MumboJumbo
2010-08-06 11:01:09 ----A---- C:\WINDOWS\system32\drivers\sbapifs.sys
2010-08-06 11:01:08 ----A---- C:\WINDOWS\system32\drivers\sbaphd.sys
2010-08-06 10:47:58 ----D---- C:\Documents and Settings\All Users\Application Data\Sunbelt
2010-08-06 10:47:46 ----D---- C:\Documents and Settings\Feketebárány\Application Data\Sunbelt
2010-08-06 10:43:36 ----A---- C:\WINDOWS\system32\drivers\sbtis.sys
2010-08-06 05:14:59 ----D---- C:\VIPRERESCUE
2010-08-06 04:38:19 ----D---- C:\Program Files\Sunbelt Software
2010-08-06 02:53:45 ----A---- C:\WINDOWS\system32\drivers\SandBox.sys
2010-08-06 02:53:35 ----A---- C:\WINDOWS\system32\drivers\afwcore.sys
2010-08-06 02:52:25 ----A---- C:\WINDOWS\system32\drivers\afw.sys
2010-08-06 02:52:17 ----D---- C:\WINDOWS\system32\Filt
2010-08-06 02:52:17 ----D---- C:\Program Files\Agnitum
2010-08-06 02:51:41 ----D---- C:\Documents and Settings\All Users\Application Data\Agnitum
2010-08-06 02:47:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-05 12:10:33 ----D---- C:\Documents and Settings\Feketebárány\Application Data\Enlightenus2_BFG
2010-08-03 23:03:19 ----D---- C:\Documents and Settings\Feketebárány\Application Data\SolSuite
2010-08-03 23:03:19 ----D---- C:\Documents and Settings\All Users\Application Data\TreeCardGames
2010-08-03 23:02:13 ----D---- C:\Program Files\SolSuite
2010-08-03 22:50:00 ----D---- C:\Documents and Settings\All Users\Application Data\ChicaLogic
2010-08-03 22:17:59 ----D---- C:\Documents and Settings\Feketebárány\Application Data\she_is_a_shadow
2010-08-02 23:09:04 ----D---- C:\Program Files\Spyware Terminator
2010-08-01 18:27:50 ----D---- C:\Documents and Settings\All Users\Application Data\Particles
2010-08-01 18:27:12 ----D---- C:\Documents and Settings\Feketebárány\Application Data\Specialbit
2010-08-01 10:16:02 ----D---- C:\Documents and Settings\Feketebárány\Application Data\MagicIndie
2010-07-31 08:16:56 ----D---- C:\Documents and Settings\Feketebárány\Application Data\ERS Game Studios
2010-07-29 23:16:20 ----D---- C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
2010-07-29 15:48:51 ----D---- C:\Documents and Settings\Feketebárány\Application Data\Vast Studios
2010-07-28 20:13:51 ----D---- C:\Documents and Settings\Feketebárány\Application Data\MysteriousCaseOfJekyllAndHyde
2010-07-24 09:20:15 ----D---- C:\Documents and Settings\Feketebárány\Application Data\Gold Casual Games
2010-07-23 15:58:15 ----D---- C:\Documents and Settings\All Users\Application Data\Simajo The Travel Móstery Game
2010-07-23 12:58:54 ----A---- C:\WINDOWS\system32\javaws.exe
2010-07-23 12:58:54 ----A---- C:\WINDOWS\system32\javaw.exe
2010-07-23 12:58:54 ----A---- C:\WINDOWS\system32\java.exe
2010-07-23 10:45:59 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia
2010-07-23 10:44:58 ----D---- C:\Program Files\Jade Rousseau - The Fall of Sant Antonio
2010-07-22 22:15:42 ----D---- C:\Documents and Settings\Feketebárány\Application Data\Orneon
2010-07-21 22:29:17 ----D---- C:\Documents and Settings\Feketebárány\Application Data\MAGIX
2010-07-21 22:27:33 ----A---- C:\WINDOWS\installation.ini
2010-07-21 22:26:26 ----A---- C:\WINDOWS\system32\drivers\disksec.sys
2010-07-21 22:26:17 ----A---- C:\WINDOWS\system32\TTIC32.dll
2010-07-21 22:26:17 ----A---- C:\WINDOWS\system32\TTI32.dll
2010-07-21 22:26:17 ----A---- C:\WINDOWS\system32\STRING32.dll
2010-07-21 22:26:17 ----A---- C:\WINDOWS\system32\MXRestore.exe
2010-07-21 22:26:17 ----A---- C:\WINDOWS\system32\mgxcdr.txt
2010-07-21 22:26:17 ----A---- C:\WINDOWS\system32\DLLTPO32.dll
2010-07-21 22:26:17 ----A---- C:\WINDOWS\system32\DLLRES32.dll
2010-07-21 22:26:17 ----A---- C:\WINDOWS\system32\DLLRD32.dll
2010-07-21 22:26:17 ----A---- C:\WINDOWS\system32\DLLPTL32.dll
2010-07-21 22:26:16 ----A---- C:\WINDOWS\system32\DLLPRJ32.dll
2010-07-21 22:26:16 ----A---- C:\WINDOWS\system32\DLLPRF32.dll
2010-07-21 22:26:16 ----A---- C:\WINDOWS\system32\DLLPNT32.dll
2010-07-21 22:26:16 ----A---- C:\WINDOWS\system32\DLLMSC32.dll
2010-07-21 22:26:16 ----A---- C:\WINDOWS\system32\DLLIX.dll
2010-07-21 22:26:16 ----A---- C:\WINDOWS\system32\DLLISO32.dll
2010-07-21 22:26:16 ----A---- C:\WINDOWS\system32\DLLIO32.dll
2010-07-21 22:26:16 ----A---- C:\WINDOWS\system32\DLLIMG32.dll
2010-07-21 22:26:16 ----A---- C:\WINDOWS\system32\DLLDRV32.dll
2010-07-21 22:26:16 ----A---- C:\WINDOWS\system32\DLLDIR32.dll
2010-07-21 22:26:16 ----A---- C:\WINDOWS\system32\DLLDEV32.dll
2010-07-21 22:26:16 ----A---- C:\WINDOWS\system32\DLLCPY32.dll
2010-07-21 22:26:16 ----A---- C:\WINDOWS\system32\DLLCDF32.dll
2010-07-21 22:26:15 ----A---- C:\WINDOWS\system32\DLLCDA32.dll
2010-07-21 22:26:15 ----A---- C:\WINDOWS\system32\DLLAV32.dll
2010-07-21 22:25:40 ----A---- C:\WINDOWS\system32\msxml4a.dll
2010-07-21 22:25:13 ----D---- C:\Documents and Settings\All Users\Application Data\MAGIX
2010-07-21 22:24:58 ----D---- C:\Program Files\MAGIX
2010-07-21 22:24:58 ----A---- C:\WINDOWS\system32\DLLDEV32i.dll
2010-07-21 22:23:54 ----D---- C:\Program Files\Common Files\MAGIX Services
2010-07-21 21:43:04 ----D---- C:\docindexCD
2010-07-21 19:13:05 ----D---- C:\Documents and Settings\All Users\Application Data\Far Mills
2010-07-21 19:10:49 ----D---- C:\Program Files\Journalistic Stories

======List of files/folders modified in the last 1 months======

2010-08-20 20:46:35 ----D---- C:\Downloads
2010-08-20 10:00:44 ----D---- C:\WINDOWS\Temp
2010-08-20 09:49:36 ----A---- C:\WINDOWS\win.ini
2010-08-20 09:49:36 ----A---- C:\WINDOWS\system.ini
2010-08-20 01:01:36 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-19 18:16:49 ----D---- C:\WINDOWS
2010-08-19 18:12:51 ----HD---- C:\WINDOWS\inf
2010-08-19 18:12:47 ----D---- C:\WINDOWS\system32\drivers
2010-08-19 18:12:47 ----D---- C:\WINDOWS\system32
2010-08-19 18:06:10 ----D---- C:\WINDOWS\nview
2010-08-19 18:06:10 ----D---- C:\WINDOWS\Help
2010-08-19 18:06:01 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-08-19 17:50:00 ----SHD---- C:\WINDOWS\Installer
2010-08-19 17:49:51 ----RD---- C:\Program Files
2010-08-18 11:07:54 ----D---- C:\games
2010-08-17 00:04:47 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-08-16 23:49:50 ----D---- C:\WINDOWS\system32\config
2010-08-16 23:48:26 ----D---- C:\Documents and Settings\Feketebárány\Application Data\Registry Mechanic
2010-08-16 23:24:50 ----SD---- C:\WINDOWS\Tasks
2010-08-16 23:24:19 ----AD---- C:\Program Files\Common Files
2010-08-16 21:37:20 ----D---- C:\WINDOWS\Debug
2010-08-16 21:37:19 ----D---- C:\WINDOWS\Minidump
2010-08-16 21:33:18 ----D---- C:\Program Files\CCleaner
2010-08-16 21:32:26 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-08-16 20:26:24 ----SH---- C:\boot.ini
2010-08-14 12:23:45 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-12 22:00:11 ----A---- C:\WINDOWS\avisplitter.ini
2010-08-12 03:06:21 ----D---- C:\WINDOWS\system32\dllcache
2010-08-12 03:06:17 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-12 03:03:56 ----D---- C:\Program Files\Internet Explorer
2010-08-12 03:03:48 ----D---- C:\WINDOWS\ie8updates
2010-08-12 03:01:38 ----D---- C:\Program Files\Movie Maker
2010-08-06 04:07:51 ----D---- C:\Program Files\Eset
2010-08-06 02:46:05 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2010-08-06 02:46:03 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-08-06 02:44:20 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-06 02:20:45 ----D---- C:\WINDOWS\Internet Logs
2010-08-06 02:20:44 ----D---- C:\Documents and Settings\Feketebárány\Application Data\CheckPoint
2010-08-06 02:06:34 ----D---- C:\Program Files\Direct Audio Converter & CD Ripper
2010-08-06 02:06:33 ----D---- C:\Program Files\MAdModule
2010-08-06 00:00:01 ----D---- C:\WINDOWS\system32\NtmsData
2010-08-05 22:15:06 ----D---- C:\WINDOWS\Registration
2010-08-05 20:22:07 ----D---- C:\Program Files\TC UP
2010-08-03 20:09:31 ----A---- C:\WINDOWS\system32\MRT.exe
2010-08-01 16:13:45 ----D---- C:\Program Files\Games
2010-08-01 10:50:40 ----D---- C:\Documents and Settings\Feketebárány\Application Data\PlayFirst
2010-08-01 10:50:40 ----D---- C:\Documents and Settings\All Users\Application Data\PlayFirst
2010-07-27 08:30:29 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-26 09:02:58 ----D---- C:\TESZT
2010-07-24 21:40:27 ----D---- C:\Program Files\Mozilla Firefox
2010-07-23 12:58:35 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-07-22 08:26:10 ----D---- C:\Documents and Settings\Feketebárány\Application Data\Total Eclipse
2010-07-21 20:47:33 ----D---- C:\WINDOWS\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Intel AGP buszszűrő; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-02-08 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-11-16 96408]
R1 intelppm;Intel processzor illesztőprogramja; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 lfxnt;lfxnt; \??\C:\WINDOWS\system32\drivers\lfxnt.sys []
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2010-02-11 15424]
R1 SandBox;SandBox; \??\C:\WINDOWS\system32\drivers\SandBox.sys []
R1 sbaphd;sbaphd; C:\WINDOWS\system32\drivers\sbaphd.sys [2010-01-04 13400]
R1 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys []
R1 SbTis;SbTis; C:\WINDOWS\system32\drivers\sbtis.sys [2010-04-28 204632]
R1 VD_FileDisk;VD_FileDisk; C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
R1 WS2IFSL;Windows Socket 2.0 - nem IFS-t szolgáltató támogatási környezet; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-05-07 12032]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R2 sbapifs;sbapifs; C:\WINDOWS\system32\drivers\sbapifs.sys [2010-01-04 69720]
R3 afw;Agnitum firewall driver; C:\WINDOWS\system32\DRIVERS\afw.sys [2009-02-18 31128]
R3 afwcore;afwcore; C:\WINDOWS\system32\drivers\afwcore.sys [2009-11-02 257304]
R3 ASWFilt;ASWFilt; \??\C:\WINDOWS\system32\Filt\ASWFilt.dll []
R3 ctljystk;Creative SBLive! Játékport; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager illesztőprogram (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 hidusb;Microsoft HID osztályú illesztőprogram; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Egér HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-05-07 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-13 1897408]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-06-16 83968]
R3 sfman;Creative SoundFont Manager illesztőprogram (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 USBSTOR;USB háttértár illesztőprogramja; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB univerzális állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys []
S1 kbdhid;Billentyűzet HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
S2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2010-02-11 512096]
S2 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 abzcj43d;abzcj43d; C:\WINDOWS\system32\drivers\abzcj43d.sys []
S3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps gyors Ethernet adapter; C:\WINDOWS\system32\DRIVERS\AN983.sys [2008-04-13 36224]
S3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-03-22 114944]
S3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-03-22 11068]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-03-22 211724]
S3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-03-22 156604]
S3 LFXACT;Companion Suite Pro LL F@X activities; C:\WINDOWS\System32\Drivers\LFXACT.sys [2006-05-04 20488]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 rtl8139;Realtek RTL8139(A/B/C) alapú PCI gyors Ethernet-adapter NT illesztőprogramja; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home 2010.SP2\WNt500x86\Sandra.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbccgp;Microsoft USB általános szülő-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER osztály; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2010-02-04 99152]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S3 XMLDIUSB;XML USB Device Interface; C:\WINDOWS\System32\Drivers\XMLDIUSB.sys [2006-05-04 31879]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\Outpost Firewall Pro\acs.exe [2010-02-11 1338160]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-08-16 632792]
R2 SBPIMSvc;SB Recovery Service; C:\Program Files\Sunbelt Software\VIPRE\SBPIMSvc.exe [2010-04-30 181584]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 SBAMSvc;VIPRE Antivirus; C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe [2010-04-30 2730120]
S2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe []
S3 aspnet_state;ASP.NET-állapotszolgáltatás; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S4 AASW2_Service;Ashampoo AntiSpyWare 2 Service; C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe [2009-07-15 749912]
S4 AshampooDefragService;Ashampoo Defrag Service; C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe [2008-10-09 750944]
S4 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
S4 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-01-09 410976]
S4 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-23 153376]
S4 NetTcpPortSharing;Net.Tcp portmegosztási szolgáltatás; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMSAccessU;NMSAccessU; C:\Program Files\BurnAware Free\nmsaccessu.exe [2008-05-03 71096]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S4 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe []
S4 WMPNetworkSvc;A Windows Media Player hálózatmegosztási szolgáltatása; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-10 919040]

-----------------EOF-----------------

En szerintem, ha mar nincsen probléma a gépeddel akkor mar ,ok.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Adatbázis verzió: 4428

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

2010.08.14. 19:19:26
mbam-log-2010-08-14 (19-19-26).txt

Vizsgálat típusa: Teljes vizsgálat (C:\|D:\|E:\|F:\|G:\|)
Átvizsgált objektumok: 241993
Eltelt idő: 42 perc, 15 másodperc

Fertőzött memóriafolyamatok: 0
Fertőzött memória modulok: 0
Fertőzött Rendszerleíró kulcsok: 0
Fertőzött Rendszerleíró értékek: 0
Fertőzött Rendszerleíró adatelemek: 0
Fertőzött mappák: 0
Fertőzött fájlok: 0

Fertőzött memóriafolyamatok:
(Nem találhatók rosszindulatú elemek)

Fertőzött memória modulok:
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró kulcsok:
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró értékek:
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró adatelemek:
(Nem találhatók rosszindulatú elemek)

Fertőzött mappák:
(Nem találhatók rosszindulatú elemek)

Fertőzött fájlok:
(Nem találhatók rosszindulatú elemek)

ok, futtasd le a Malwarebytest, teljes viszgalat, a logjat tedd ide,,amit talal, torold ki,,
http://virus-stell.blogspot.com/2010/04 ... lware.html

Futtasd az OTL, progit az ablakjaba masold be a zold textet-es most klik-RunFix
Add majd logot , tedd ide.

Udv
pilaka, nyis uj temat itt a szecurity topicban es tedd oda az RSIT-logjat.
http://virus-stell.blogspot.com/2010/04/rsit.html

Szia .az előző problémám megoldódott...
Most itt vagyok egy ismerős gépénél és teljesen le van lassulva és a netsebessége is minimális első lépésben a Spyware doctor 160 kártevőt talált ....hogyan tovább?

Szia.
Igen,a win-7-ugyanugy mint mas OP-rendszeren,
http://oldtimer.geekstogo.com/OTL.exe
- futtasd
-bepipazni-64-bit
-Scan all users.
-Lop check.
-Purity check.
-v sekciiExtra Registry>bepotyozni>Use SafeList
-az ablakjaba Custom Scans/Fixes>masold be a zold textet-klik- Run SCAN
-logokat tedd ide.
-OTL.txt (az asztalon lesz).
-Extras.txt [a talcan lesz]

Üdv stell rég jártam erre,vírusok még tombolnak?Nálam is lehet van megint valami,milyen elemzőket használtok most?Mit futtassak le? 64bit win7 van a gépen

Szia .az előző problémám megoldódott...
Most itt vagyok egy ismerős gépénél és teljesen le van lassulva és a netsebessége is minimális első lépésben a Spyware doctor 160 kártevőt talállt ....hogyan tovább?

Futtasd a OTL-progit-klik-cleanup-yes-yes
Tisztisd ki a gepet az ATF-cleaneral:
http://virus-stell.blogspot.com/2010/04 ... ztito.html
nincsen mit.
Udv.

most még jónak tünik minden. CD/DVD olvasásnál nem vehető észre hogy probléma lenne. ha jelentkezik valami hiba irok.
köszönöm hogy segitettél.

Na probald ki,,es ird meg .
amugy ott neked problema van a CD/DVD-olvasasahoz-,vagy hibas a kabel,,vagy valami mas-driver.

All processes killed
========== OTL ==========
Service EhttpSrv stopped successfully!
Service EhttpSrv deleted successfully!
File C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe not found.
HKU\S-1-5-21-790525478-813497703-1708537768-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-790525478-813497703-1708537768-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKU\S-1-5-21-790525478-813497703-1708537768-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKU\S-1-5-21-790525478-813497703-1708537768-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: "Bing" removed from browser.search.defaultenginename
Prefs.js: "Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.conduit.com/?ctid=CT2269050&SearchSource=13" removed from browser.startup.homepage
Prefs.js: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14 removed from extensions.enabledItems
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=" removed from keyword.URL
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com deleted successfully.
File C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird not found.
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully.
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully.
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\lib folder moved successfully.
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully.
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully.
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully.
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully.
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully.
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully.
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\searchplugins\bing.xml moved successfully.
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\searchplugins\conduit.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Cmaudio deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Free YouTube Download\ deleted successfully.
C:\Documents and Settings\User\Application Data\DVDVideoSoftIEHelpers\youtubedownload.htm moved successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Free YouTube to Mp3 Converter\ deleted successfully.
C:\Documents and Settings\User\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm moved successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Documents and Settings\All Users\Application Data\ESET\ESET NOD32 Antivirus\Stats folder moved successfully.
C:\Documents and Settings\All Users\Application Data\ESET\ESET NOD32 Antivirus folder moved successfully.
C:\Documents and Settings\All Users\Application Data\ESET folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: User
->Temp folder emptied: 13991526 bytes
->Temporary Internet Files folder emptied: 19405424 bytes
->Java cache emptied: 1874791 bytes
->FireFox cache emptied: 89491201 bytes
->Flash cache emptied: 2858 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 165666308 bytes

Total Files Cleaned = 277,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: User
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.9.1 log created on 08132010_121447

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

ki kell cserelned az IDE-kabelokat.
Futtasd az OTL-progit-az ablakjaba masold be a zold textet es most klik-RunFix a restart utan a logot tedd ide:

OTL Extras logfile created on: 2010.08.13. 11:20:42 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\User\Dokumentumok\Letöltések
Windows XP Professional Edition Szervizcsomag 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040E | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.

511,00 Mb Total Physical Memory | 260,00 Mb Available Physical Memory | 51,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 20,39 Gb Free Space | 52,19% Space Free | Partition Type: NTFS
Drive D: | 193,82 Gb Total Space | 111,02 Gb Free Space | 57,28% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 4,14 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-E60B5B51DA
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-790525478-813497703-1708537768-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe" = C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Távsegítség - Windows Messenger és beszédkapcsolat -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live feltöltőeszköz
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{350C940e-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5D63D27F-09D7-4420-9479-DD247CC31496}" = Windows Live Essentials
"{6A61CE0C-0A94-4487-00B8-99C6FD2D32AA}" = 2006 FIFA World Cup (TM)
"{6A69D94E-C569-4154-9643-72E94D1DDFDA}" = XPS Essentials Pack
"{6D431157-ED9D-4AB1-A2C9-1FAA0A04419F}" = Windows Live Messenger
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{733EB793-0840-4D69-97AA-6934FC79DB16}" = Windows Live bejelentkezési segéd
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FC113D5-64A6-40EE-9A39-DAB4650457A8}" = Microsoft .NET Framework 1.1 Hungarian Language Pack
"{9011040E-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1038-7B44-A92000000001}" = Adobe Reader 9.2 - Hungarian
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D98C0C51-F9BB-4EE4-B791-22BF6EE31038}" = Nero 7 Ultra Edition
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner
"C-Media Audio Driver" = C-Media WDM Audio Driver
"EPSON Printer and Utilities" = EPSON nyomtatószoftver
"FIFA World Cup 06 Magyarosítás - FVM" = FIFA World Cup 06 Magyarosítás - FVM
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Studio_is1" = Free Studio version 4.8
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.3
"Grand Theft Auto: San Andreas hun" = Grand Theft Auto: San Andreas hun [Honosítás]
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.8.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6." = Mozilla Firefox (3.6.
"Nero8Lite_is1" = Nero 8 Micro 8.3.6.0
"PhotoScape" = PhotoScape
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiváló
"XpsEP" = XPS Essentials Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"YouTube Downloader_is1" = YouTube Downloader 2.3

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2010.06.03. 14:36:05 | Computer Name = USER-E60B5B51DA | Source = Windows Search Service | ID = 3013
Description = A szórótábla <C:\DOCUMENTS AND SETTINGS\USER\DOKUMENTUMOK\DVDVIDEOSOFT\FREEYOUTUBETOMP3CONVERTER\FEKETE
VONAT- HIP HOP ZENE.MP3> bejegyzését nem sikerült frissíteni. Környezet: alkalmazás,
SystemIndex katalógus Részletek: Egy rendszerhez csatlakoztatott eszköz nem működik.
(0x8007001f)

Error - 2010.06.07. 6:04:45 | Computer Name = USER-E60B5B51DA | Source = Application Hang | ID = 1002
Description = Nem válaszoló alkalmazás: rundll32.exe, verzió: 5.1.2600.5512, nem
válaszoló modul: hungapp, verzió: 0.0.0.0, memóriacím: 0x00000000.

Error - 2010.06.08. 3:18:09 | Computer Name = USER-E60B5B51DA | Source = MsiInstaller | ID = 11704
Description = Termék: FIFA 10 – Hiba 1704. A(z) ESET NOD32 Antivirus egy telepítési
folyamata jelenleg fel van függesztve. A folytatáshoz vissza kell vonnod az említett
telepítés által végrehajtott változtatásokat. Szeretnéd visszavonni a változtatásokat?

Error - 2010.06.08. 16:10:20 | Computer Name = USER-E60B5B51DA | Source = Application Error | ID = 1005
Description = A Windows az alábbi okok valamelyike miatt nem fér hozzá a(z) E:\0000039277.GIF
fájlhoz: hiba van a hálózati kapcsolatban, a fájlt tároló lemezen vagy a számítógépre
telepített tárolóillesztő programokban. A Windows bezárta a(z) 0000039277.GIF programot
a hiba miatt. Program: 0000039277.GIF Fájl: E:\0000039277.GIF A hibaérték a További
adatok szakaszban látható. Felhasználói művelet 1. Nyissa meg újból a fájlt. Lehet,
hogy átmeneti problémáról van szó, amely megjavul a program újraindításával. 2.
Ha a fájl továbbra sem hozzáférhető, és - a hálózaton található, a rendszergazdának
kell ellenőriznie, hogy nem a hálózatban van-e a hiba és a kiszolgáló elérhető-e.
-
cserélhető lemezen van (például hajlékonylemezen vagy CD-ROM-on), ellenőrizze,
hogy a lemez megfelelően van-e behelyezve a számítógépbe. 3. Ellenőrizze és javítsa
a fájlrendszert a CHKDSK futtatásával. A CHKDSK futtatásához kattintson a Start
menü Futtatás parancsára, írja be a CMD parancsot, majd kattintson az OK gombra.
A parancssorba írja be a CHKDSK /F parancsot, és nyomja le az ENTER billentyűt.
4.
Ha a hiba továbbra is fennáll, állítsa vissza a fájlt egy biztonsági másolatból.
5.
Állapítsa meg, hogy a lemezen lévő többi fájl megnyitható-e. Ha nem, valószínűleg
a lemez hibás. A merevlemez hibája esetén forduljon a rendszergazdához vagy a hardver
forgalmazójához további segítségért. További adatok Hibaérték: C000009C Lemeztípus:
5

Error - 2010.06.08. 16:10:39 | Computer Name = USER-E60B5B51DA | Source = Application Error | ID = 1000
Description = Hibás alkalmazás: PhotoScape.exe, verzió: 1.0.0.1294, hibás modul:
gdi32.dll, verzió: 5.1.2600.5698, memóriacím: 0x0001050c.

Error - 2010.06.08. 16:12:26 | Computer Name = USER-E60B5B51DA | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application ois.exe, version 11.0.8161.0, stamp 46031e2f,
faulting module gdi32.dll, version 5.1.2600.5698, stamp 490071d9, debug? 0, fault
address 0x0001050c.

Error - 2010.06.21. 9:28:26 | Computer Name = USER-E60B5B51DA | Source = Application Hang | ID = 1002
Description = Nem válaszoló alkalmazás: firefox.exe, verzió: 1.9.2.3743, nem válaszoló
modul: hungapp, verzió: 0.0.0.0, memóriacím: 0x00000000.

Error - 2010.06.21. 11:13:02 | Computer Name = USER-E60B5B51DA | Source = Windows Search Service | ID = 3013
Description = A szórótábla <C:\DOCUMENTS AND SETTINGS\USER\DOKUMENTUMOK\BEÉRKEZETT
FÁJLOK\PHOTOTHUMB.DB-JOURNAL> bejegyzését nem sikerült frissíteni. Környezet: alkalmazás,
SystemIndex katalógus Részletek: Egy rendszerhez csatlakoztatott eszköz nem működik.
(0x8007001f)

Error - 2010.06.27. 12:25:53 | Computer Name = USER-E60B5B51DA | Source = Windows Search Service | ID = 3013
Description = A szórótábla <C:\DOCUMENTS AND SETTINGS\USER\ASZTAL\PHOTOTHUMB.DB-JOURNAL>
bejegyzését nem sikerült frissíteni. Környezet: alkalmazás, SystemIndex katalógus

Részletek:
Egy
rendszerhez csatlakoztatott eszköz nem működik. (0x8007001f)

Error - 2010.07.04. 1:34:49 | Computer Name = USER-E60B5B51DA | Source = Windows Search Service | ID = 3013
Description = A szórótábla <C:\DOCUMENTS AND SETTINGS\USER\RECENT\PETIKE DOLGOZIK.LNK>
bejegyzését nem sikerült frissíteni. Környezet: alkalmazás, SystemIndex katalógus

Részletek:
Egy
rendszerhez csatlakoztatott eszköz nem működik. (0x8007001f)

[ System Events ]
Error - 2010.08.11. 13:05:10 | Computer Name = USER-E60B5B51DA | Source = Cdrom | ID = 262151
Description = Hibás blokk az eszközön (\Device\CdRom1).

Error - 2010.08.11. 13:05:12 | Computer Name = USER-E60B5B51DA | Source = Cdrom | ID = 262151
Description = Hibás blokk az eszközön (\Device\CdRom1).

Error - 2010.08.11. 13:06:10 | Computer Name = USER-E60B5B51DA | Source = Cdrom | ID = 262151
Description = Hibás blokk az eszközön (\Device\CdRom0).

Error - 2010.08.11. 13:06:35 | Computer Name = USER-E60B5B51DA | Source = Cdrom | ID = 262151
Description = Hibás blokk az eszközön (\Device\CdRom0).

Error - 2010.08.11. 13:07:05 | Computer Name = USER-E60B5B51DA | Source = Cdrom | ID = 262151
Description = Hibás blokk az eszközön (\Device\CdRom0).

Error - 2010.08.11. 13:07:55 | Computer Name = USER-E60B5B51DA | Source = Cdrom | ID = 262151
Description = Hibás blokk az eszközön (\Device\CdRom0).

Error - 2010.08.11. 13:08:16 | Computer Name = USER-E60B5B51DA | Source = Cdrom | ID = 262151
Description = Hibás blokk az eszközön (\Device\CdRom0).

Error - 2010.08.11. 13:08:38 | Computer Name = USER-E60B5B51DA | Source = Cdrom | ID = 262151
Description = Hibás blokk az eszközön (\Device\CdRom0).

Error - 2010.08.11. 13:09:39 | Computer Name = USER-E60B5B51DA | Source = Cdrom | ID = 262151
Description = Hibás blokk az eszközön (\Device\CdRom0).

Error - 2010.08.11. 13:12:03 | Computer Name = USER-E60B5B51DA | Source = Cdrom | ID = 262151
Description = Hibás blokk az eszközön (\Device\CdRom0).


< End of report >

OTL logfile created on: 2010.08.13. 11:20:41 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\User\Dokumentumok\Letöltések
Windows XP Professional Edition Szervizcsomag 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040E | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.

511,00 Mb Total Physical Memory | 260,00 Mb Available Physical Memory | 51,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 20,39 Gb Free Space | 52,19% Space Free | Partition Type: NTFS
Drive D: | 193,82 Gb Total Space | 111,02 Gb Free Space | 57,28% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 4,14 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-E60B5B51DA
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.08.13 11:18:52 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Dokumentumok\Letöltések\OTL.exe
PRC - [2010.07.25 09:17:56 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.06.28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009.09.30 19:58:42 | 000,026,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2008.05.26 22:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008.04.15 13:00:00 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.16 09:27:38 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.05.16 09:27:16 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2005.11.09 00:00:38 | 000,128,920 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe


========== Modules (SafeList) ==========

MOD - [2010.08.13 11:18:52 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Dokumentumok\Letöltések\OTL.exe
MOD - [2008.04.15 13:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)


========== Driver Services (SafeList) ==========

DRV - [2010.06.28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.06.28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.06.28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.06.28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.06.28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.06.28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.05.07 12:26:46 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2010.05.07 12:24:31 | 000,664,064 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.04.13 12:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.13 12:36:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008.04.13 10:34:32 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2001.08.17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-790525478-813497703-1708537768-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2269050
IE - HKU\S-1-5-21-790525478-813497703-1708537768-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-790525478-813497703-1708537768-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = hu
IE - HKU\S-1-5-21-790525478-813497703-1708537768-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 20 74 3B 3B 15 CB 01 [binary data]
IE - HKU\S-1-5-21-790525478-813497703-1708537768-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2269050&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.08.03 12:43:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.25 09:18:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010.05.06 19:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2010.08.12 21:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\extensions
[2010.05.06 20:43:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.07.25 22:44:18 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.05.12 12:37:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.05.06 20:43:23 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\searchplugins\bing.xml
[2010.07.26 13:22:11 | 000,000,873 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\69o3twrp.default\searchplugins\conduit.xml
[2010.08.12 21:53:52 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.05.20 12:53:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.05.20 12:52:18 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.04.01 19:13:57 | 000,000,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010.04.01 19:13:57 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\polymeta.xml
[2010.04.01 19:13:57 | 000,001,628 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\sztaki-en-hu.xml
[2010.04.01 19:13:57 | 000,000,974 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\vatera.xml
[2010.04.01 19:13:57 | 000,001,189 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-hu.xml

O1 HOSTS File: ([2008.04.15 13:00:00 | 000,000,687 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKLM..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKU\S-1-5-21-790525478-813497703-1708537768-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-790525478-813497703-1708537768-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-813497703-1708537768-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\User\Application Data\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\User\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/Messenger ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 3153230884 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.66.85.120 85.67.159.35
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Jelenlegi saját honlap) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Lanka.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Lanka.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.05.06 15:23:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafikus leképezés (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dinamikus HTML-adatkapcsolások a Javához
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java-osztályok
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Windows XP biztonsági frissítés - KB923789
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8FC113D5-64A6-40EE-9A39-DAB4650457A8} - .NET Framework
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Feladatütemező
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2010.08.11 14:26:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Asztal\Caramel - Lélekdonor (2010)
[2010.08.06 12:25:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\User\Recent
[2010.08.06 11:55:45 | 000,000,000 | ---D | C] -- C:\_OTM
[2010.07.30 13:49:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010.07.28 20:32:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Ahead
[2010.07.28 20:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Ahead
[2010.07.28 20:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2010.07.28 20:21:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2010.07.28 14:32:14 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010.07.28 13:20:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\RcIncidents
[2010.07.25 22:44:25 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010.07.25 22:44:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Conduit
[2010.07.14 13:03:14 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe

========== Files - Modified Within 30 Days ==========

[2010.08.13 10:40:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.08.13 10:39:49 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.13 10:39:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.08.12 22:10:58 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\User\NTUSER.DAT
[2010.08.12 22:10:45 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\User\ntuser.ini
[2010.08.12 20:22:55 | 000,117,760 | -H-- | M] () -- C:\Documents and Settings\User\Asztal\photothumb.db
[2010.08.12 18:36:24 | 000,000,156 | ---- | M] () -- C:\Documents and Settings\User\default.pls
[2010.08.12 18:36:12 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.08.12 12:15:07 | 000,196,960 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.08.12 12:01:27 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.08.12 12:00:29 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.08.12 11:56:40 | 001,060,154 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.08.12 11:56:40 | 000,469,066 | ---- | M] () -- C:\WINDOWS\System32\perfh00E.dat
[2010.08.12 11:56:40 | 000,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.08.12 11:56:40 | 000,109,322 | ---- | M] () -- C:\WINDOWS\System32\perfc00E.dat
[2010.08.12 11:56:40 | 000,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.08.10 13:08:12 | 008,966,341 | ---- | M] () -- C:\Documents and Settings\User\Asztal\Inna - Sun Is Up 2010 (By Play & Win).mp3
[2010.08.06 17:07:24 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.06 12:23:11 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\User\Asztal\CCleaner.lnk
[2010.08.02 13:44:49 | 000,027,764 | ---- | M] () -- C:\Documents and Settings\User\Asztal\Image2.jpg
[2010.08.02 13:41:34 | 000,048,519 | ---- | M] () -- C:\Documents and Settings\User\Asztal\Image1.jpg
[2010.08.02 13:38:21 | 000,047,468 | ---- | M] () -- C:\Documents and Settings\User\Asztal\Image0.jpg
[2010.08.02 13:35:12 | 000,027,105 | ---- | M] () -- C:\Documents and Settings\User\Asztal\Image.jpg
[2010.07.28 20:31:23 | 000,002,353 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk
[2010.07.28 20:31:23 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Asztal\Nero StartSmart.lnk
[2010.07.28 20:31:23 | 000,002,323 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk
[2010.07.28 20:31:23 | 000,002,305 | ---- | M] () -- C:\Documents and Settings\All Users\Asztal\Nero Home.lnk
[2010.07.27 08:30:29 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2010.07.25 23:20:59 | 004,277,722 | -H-- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\IconCache.db
[2010.07.25 20:33:48 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\User\Asztal\DVDVideoSoft Free Studio.lnk

========== Files Created - No Company Name ==========

[2010.08.12 11:44:39 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010.08.10 11:37:08 | 008,966,341 | ---- | C] () -- C:\Documents and Settings\User\Asztal\Inna - Sun Is Up 2010 (By Play & Win).mp3
[2010.08.07 16:07:50 | 000,000,156 | ---- | C] () -- C:\Documents and Settings\User\default.pls
[2010.08.02 13:44:48 | 000,027,764 | ---- | C] () -- C:\Documents and Settings\User\Asztal\Image2.jpg
[2010.08.02 13:41:33 | 000,048,519 | ---- | C] () -- C:\Documents and Settings\User\Asztal\Image1.jpg
[2010.08.02 13:38:20 | 000,047,468 | ---- | C] () -- C:\Documents and Settings\User\Asztal\Image0.jpg
[2010.08.02 13:35:11 | 000,027,105 | ---- | C] () -- C:\Documents and Settings\User\Asztal\Image.jpg
[2010.07.28 20:31:23 | 000,002,353 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk
[2010.07.28 20:31:23 | 000,002,335 | ---- | C] () -- C:\Documents and Settings\All Users\Asztal\Nero StartSmart.lnk
[2010.07.28 20:31:23 | 000,002,323 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk
[2010.07.28 20:31:23 | 000,002,305 | ---- | C] () -- C:\Documents and Settings\All Users\Asztal\Nero Home.lnk
[2010.05.29 14:22:26 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010.05.07 20:00:27 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.05.07 12:26:45 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2010.05.07 12:24:31 | 000,664,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.05.07 12:24:31 | 000,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd2557.sys
[2010.05.06 17:29:34 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.05.06 17:29:29 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.05.06 17:28:52 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.05.06 17:28:52 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.05.06 17:28:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.05.06 17:27:55 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.05.06 17:27:54 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.05.06 16:50:55 | 000,001,058 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2010.05.06 16:41:30 | 000,000,388 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.05.26 22:22:42 | 000,016,288 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 22:22:40 | 000,023,334 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 22:22:38 | 000,015,770 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2003.04.10 13:01:36 | 000,005,581 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2003.02.19 01:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll

========== LOP Check ==========

[2010.06.07 11:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010.05.06 17:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010.05.07 11:40:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2010.07.25 20:34:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DVDVideoSoftIEHelpers
[2010.05.26 20:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Leadertech
[2010.08.13 10:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\uTorrent
[2010.05.06 16:00:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Desktop Search
[2010.06.08 20:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Search

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008.12.19 01:49:13 | 017,817,560 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.12.19 01:49:13 | 017,817,560 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.13 12:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008.04.15 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4BFA2DC223A814CCD1D07C6A0E26C72B -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: IASTOR.SYS >
[2008.12.19 01:46:04 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\WINDOWS\NLDRV\008\iastor.sys
[2008.12.19 01:46:10 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\WINDOWS\NLDRV\009\iastor.sys

< MD5 for: NETLOGON.DLL >
[2008.04.15 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=A792F49B07A36D7F64D236C45BAC4A50 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVGTS.SYS >
[2008.12.19 01:46:25 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=37954CD1D0AFC11BECD149F7C3EC88C2 -- C:\WINDOWS\NLDRV\014\nvgts.sys
[2008.12.19 01:46:27 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=EA98BFE4931BD13D747D647C1859796E -- C:\WINDOWS\NLDRV\015\nvgts.sys

< MD5 for: NVRD32.SYS >
[2008.12.19 01:46:26 | 000,133,152 | ---- | M] (NVIDIA Corporation) MD5=BEF704AA9E17D176A46DDF77C6A52194 -- C:\WINDOWS\NLDRV\014\nvrd32.sys

< MD5 for: SCECLI.DLL >
[2008.04.15 13:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=4F6A0B812BD286E97E26DF3E225ABCFB -- C:\WINDOWS\system32\scecli.dll

< MD5 for: VIAMRAID.SYS >
[2008.12.19 01:46:30 | 000,117,248 | ---- | M] (VIA Technologies inc,.ltd) MD5=00046AA2E396EDC2238556E740A8E5AF -- C:\WINDOWS\NLDRV\021\viamraid.sys

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.05.07 12:26:46 | 000,223,128 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dtscsi.sys
[2010.05.07 12:24:31 | 000,664,064 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
[2010.05.07 12:24:31 | 000,096,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd2557.sys

< %systemroot%\System32\config\*.sav >
[2010.05.06 17:09:29 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.05.06 17:09:29 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.05.06 17:09:29 | 000,434,176 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\drivers\*.sys /90 >
[2010.06.28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys
[2010.06.28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys
[2010.06.28 22:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon.sys
[2010.06.28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys
[2010.06.28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys
[2010.06.28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys
[2010.06.28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys
[2010.06.21 17:27:11 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys
< End of report >

például egy mappát 3 percig nyit meg. az internetre is elég sokat kell várni. képeket nehezen jeleniti meg.
a programot már futtatom.

Udv;

Mi az a mindent?/
tedd ide enek a logjat:
http://oldtimer.geekstogo.com/OTL.exe
- futtasd
-bepipazni
-Scan all users.
-Lop check.
-Purity check.
-v sekciiExtra Registry>bepotyozni>Use SafeList
-az ablakba Custom Scans/Fixes>tedd be a zold textet- klik Run SCAN
-
-OTL.txt (az asztalon lesz.
-Extras.txt [a talcan lesz]

szia Stell.
megint elöjött a probléma. indutás után 1-2 óráig nagyon lassú a gép mindent percekig tölt be.

Szia
start-futtatás-másold be ezt a parancsot
cmd /c ipconfig -all >log.txt&start log.txt
a logjat tedd a privátba.

Szia , a "stell fóruma" már le van zárva? Sehol nem lehet hozzászólást írni és 3 hónapja nincsennek új hsz.-ek.

Az a gondom , hogy az egyik gépem nem hajlandó hálózati kapcsolatot létesíteni.2 hálókártya van a gépen , egyik sem akar kapcsolatot létesíteni sem internetet(UPC kábelnet) sem TeamViewer belső hálózatot.Kipróbáltam más kábellel és oda csatlakoztatni , ahol más gépen működik a hálózat , de semmi eredmény .Megpróbál kapcsolatot létesíteni a kártya ,de nem sikerült.Megpróbáltam kikapcsolt tűzfallal , végigfuttattam a Malwerbytest és a SpywareDoctort , de semmi különöset nem találtak...

Nincsen mit.
Udv

mostmár sokkal gyorsabb lett. nincs semmi gond.
köszönöm a segitséget:)

Szed le a geprol:ezt a Toolbart-a vezerlo pulton keresztuL.
C:\Program Files\DVDVideoSoftTB
Tisztisd ki a CCleaneral es az ATF-cleaneral.aztan ird meg mi van.
http://virus-stell.blogspot.com/2010/04/ccleaner.html
http://virus-stell.blogspot.com/2010/04 ... ztito.html

elég lassan tölti be az internetet. más probléma nincs. és itt a log is.

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP195.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1DC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP29.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2CC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2FB.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP33B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP41B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP64D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP69.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBF.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEB.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI160.tmp moved successfully.
C:\WINDOWS\Installer\MSI18C.tmp moved successfully.
C:\WINDOWS\Installer\MSI250.tmp moved successfully.
C:\WINDOWS\Installer\MSIF0.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltD68.tmp moved successfully.
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service ekrn stopped successfully!
Service ekrn deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: User
->Temp folder emptied: 668467114 bytes
->Temporary Internet Files folder emptied: 25640863 bytes
->Java cache emptied: 2673588 bytes
->FireFox cache emptied: 61172149 bytes
->Flash cache emptied: 9843 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2968249 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 50208200 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 7456414922 bytes

Total Files Cleaned = 7 885,00 mb


OTM by OldTimer - Version 3.1.15.0 log created on 08062010_115545

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Todsle az asztalra-futtasd-a bal ablakba masold be a zold textet es klik-MOVEIT-a logot a restrt utan tedd ide:
http://oldtimer.geekstogo.com/OTM.exe


Van e problem a geppel?/probald ki es ird le.

Szia Stell!
Légyszives nézd meg ezt a logot.

Logfile of random's system information tool 1.07 (written by random/random)
Run by User at 2010-08-06 11:05:14
Microsoft Windows XP Professional Szervizcsomag 3
System drive C: has 17 GB (43%) free of 40 GB
Total RAM: 511 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:05:28, on 2010.08.06.
Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\User\Dokumentumok\Letöltések\RSIT.exe
C:\Program Files\trend micro\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2269050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: Windows Live bejelentkezési segítség - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\User\Application Data\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\User\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/Messenger ... E_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3153230884
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui előbetöltője - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Komponenskategóriák gyorsítótárazási szolgáltatása - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Logikai lemezkezelő felügyeleti szolgáltatás (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: Eseménynapló (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: IMAPI CD-égető COM-szolgáltatás (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NetMeeting távoli asztalmegosztás (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Távoli asztal súgó-munkamenetének kezelője (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Intelligens kártya (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Teljesítménynaplók és riasztások (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Kötet árnyékmásolata (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: WMI teljesítményadapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: A Windows Media Player hálózatmegosztási szolgáltatása (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 9003 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll [2010-04-27 2393184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live bejelentkezési segítség - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-20 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-20 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll [2010-04-27 2393184]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2005-11-09 128920]
"EPSON Stylus DX3800 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE [2005-02-08 98304]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-15 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-06-12 322352]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-05-16 153136]

C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-12-19 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Távsegítség - Windows Messenger és beszédkapcsolat"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2010-08-03 14:18:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-07-30 13:49:09 ----D---- C:\Program Files\MSXML 4.0
2010-07-28 20:27:11 ----D---- C:\Documents and Settings\User\Application Data\Ahead
2010-07-28 20:25:44 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2010-07-28 20:21:12 ----D---- C:\Program Files\Common Files\Ahead
2010-07-28 14:32:14 ----D---- C:\Program Files\Windows Live Safety Center
2010-07-25 22:44:25 ----D---- C:\Program Files\Conduit
2010-07-25 22:44:21 ----D---- C:\Program Files\DVDVideoSoftTB
2010-07-15 12:26:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$

======List of files/folders modified in the last 1 months======

2010-08-06 11:05:22 ----D---- C:\Program Files\trend micro
2010-08-06 11:05:21 ----D---- C:\WINDOWS\Prefetch
2010-08-06 11:04:10 ----D---- C:\Documents and Settings\User\Application Data\uTorrent
2010-08-06 10:36:42 ----D---- C:\WINDOWS\Temp
2010-08-06 10:33:50 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-06 10:31:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-06 10:14:44 ----D---- C:\WINDOWS
2010-08-05 16:01:02 ----HD---- C:\WINDOWS\inf
2010-08-03 22:56:21 ----D---- C:\WINDOWS\system32
2010-08-03 14:18:50 ----D---- C:\WINDOWS\system32\dllcache
2010-08-03 12:44:22 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-30 13:50:18 ----SHD---- C:\WINDOWS\Installer
2010-07-30 13:50:16 ----SHD---- C:\Config.Msi
2010-07-30 13:50:09 ----D---- C:\WINDOWS\WinSxS
2010-07-30 13:49:09 ----RD---- C:\Program Files
2010-07-29 13:50:20 ----A---- C:\WINDOWS\NeroDigital.ini
2010-07-28 20:23:59 ----D---- C:\WINDOWS\system32\drivers
2010-07-28 20:21:13 ----D---- C:\Program Files\Nero
2010-07-28 20:21:13 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2010-07-28 20:21:12 ----D---- C:\Program Files\Common Files
2010-07-27 08:30:29 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-25 20:34:05 ----D---- C:\Documents and Settings\User\Application Data\DVDVideoSoftIEHelpers
2010-07-25 20:33:48 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-07-25 20:31:32 ----RSD---- C:\WINDOWS\assembly
2010-07-25 20:31:10 ----D---- C:\Program Files\DVDVideoSoft
2010-07-25 09:18:10 ----D---- C:\Program Files\Mozilla Firefox
2010-07-20 18:51:47 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-07-15 12:27:18 ----A---- C:\WINDOWS\imsins.BAK
2010-07-15 12:25:45 ----D---- C:\Program Files\Common Files\Microsoft Shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 kbdhid;Billentyűzet HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2010-05-07 223128]
R3 EL90XBC;3Com EtherLink XL 90XB/C adapter Driver; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 HidUsb;Microsoft HID osztályú illesztőprogram; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Egér HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART illesztőprogram; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-13 1897408]
R3 usbccgp;Microsoft USB általános szülő-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 bővített állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-15 30208]
R3 usbhub;Microsoft USB szabványos hub-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-15 59520]
R3 usbohci;Microsoft USB nyílt állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-15 17152]
S3 usbprint;Microsoft USB PRINTER osztály; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-képolvasó illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB háttértár illesztőprogramja; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-12-19 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-12-19 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-20 153376]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe []
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;A Windows Media Player hálózatmegosztási szolgáltatása; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-10 919040]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Sanyi46
nem a te hibad,
nincsen mit.
udv

bmsco

Az atol fugg hogy hol netezel,ha torrent,warez,porno,crack akkor,,lefuttatni ezek utan a Malwarebytes-programot,de elote frissiteni
nincsen mit,
udv.

Köszönöm stell a segítséget, kb mennyi időközönként érdemes mélebben átnézni a gépet (úgy mint most) vírusok után kutatva?

mégegyszer köszi

Bocs stell, mára ígértem a combofíx logot,de az ísmerősöm gépe megadta magát még a combofix futtatása előtt.
Sajnálom, hogy nem tudtuk végigcsinálni a "méregtelenítést"

Üdv
Sanyi46

Ez most mar renben van,,a masik vincsit nem vizsgalja ez a program,,csak azt amejen a rendszer van,,a masikon biztos adatok vannak,es ha fertozes lenne ot akkor a virusedelem bejelentene,,,
szed le a geprol a combofixet,,mivel hogy nincsen az asztalon,itt van neked d:\irando\Prg\virus irto progik\ComboFix.exe
ezert jobb klik a combofix.exe re es nevezd at uninstall
2x klik es futtasd,a combofix letelepitodig a geprol,,
Tisztitsd ki a gepet;
1:CCleaneral
http://virus-stell.blogspot.com/2010/04/ccleaner.html
2:
http://www.virus-stell.com/2010/05/temp ... itasa.html
3:
http://virus-stell.blogspot.com/2010/04 ... ztito.html

es aztan csinalj torezedes mentest,,
es enszerintem ok,

itt is van:

.\debug.cpp(238) : Debug log started at 29.07.2010 - 19:48:10
.\boot_cleaner.cpp(675) : Bootkit Remover
.\boot_cleaner.cpp(676) : (c) 2009 eSage Lab
.\boot_cleaner.cpp(677) : www.esagelab.com
.\boot_cleaner.cpp(681) : Program version: 1.1.0.0
.\boot_cleaner.cpp(688) : OS Version: Microsoft Windows XP Professional Szervizcsomag 3 (build 2600)
.\debug.cpp(248) : **********************************************
.\debug.cpp(249) : *** [ LOADED MODULES INFORMATION ] ***********
.\debug.cpp(250) : **********************************************
.\debug.cpp(256) : 0x804d7000 0x0020d000 "\WINDOWS\system32\ntkrnlpa.exe"
.\debug.cpp(256) : 0x806e4000 0x00020d00 "\WINDOWS\system32\hal.dll"
.\debug.cpp(256) : 0xb85a8000 0x00002000 "\WINDOWS\system32\KDCOM.DLL"
.\debug.cpp(256) : 0xb84b8000 0x00003000 "\WINDOWS\system32\BOOTVID.dll"
.\debug.cpp(256) : 0xb7eb4000 0x000f3000 "spzq.sys"
.\debug.cpp(256) : 0xb85aa000 0x00002000 "\WINDOWS\System32\Drivers\WMILIB.SYS"
.\debug.cpp(256) : 0xb7e9c000 0x00018000 "\WINDOWS\System32\Drivers\SCSIPORT.SYS"
.\debug.cpp(256) : 0xb7e6e000 0x0002e000 "ACPI.sys"
.\debug.cpp(256) : 0xb7e5d000 0x00011000 "pci.sys"
.\debug.cpp(256) : 0xb80a8000 0x0000a000 "isapnp.sys"
.\debug.cpp(256) : 0xb80b8000 0x00010000 "ohci1394.sys"
.\debug.cpp(256) : 0xb80c8000 0x0000e000 "\WINDOWS\system32\DRIVERS\1394BUS.SYS"
.\debug.cpp(256) : 0xb84bc000 0x00003000 "compbatt.sys"
.\debug.cpp(256) : 0xb84c0000 0x00004000 "\WINDOWS\system32\DRIVERS\BATTC.SYS"
.\debug.cpp(256) : 0xb8670000 0x00001000 "pciide.sys"
.\debug.cpp(256) : 0xb8328000 0x00007000 "\WINDOWS\system32\DRIVERS\PCIIDEX.SYS"
.\debug.cpp(256) : 0xb85ac000 0x00002000 "intelide.sys"
.\debug.cpp(256) : 0xb80d8000 0x0000b000 "MountMgr.sys"
.\debug.cpp(256) : 0xb7e3e000 0x0001f000 "ftdisk.sys"
.\debug.cpp(256) : 0xb85ae000 0x00002000 "dmload.sys"
.\debug.cpp(256) : 0xb7e18000 0x00026000 "dmio.sys"
.\debug.cpp(256) : 0xb8330000 0x00005000 "PartMgr.sys"
.\debug.cpp(256) : 0xb80e8000 0x0000d000 "VolSnap.sys"
.\debug.cpp(256) : 0xb7e00000 0x00018000 "atapi.sys"
.\debug.cpp(256) : 0xb80f8000 0x00009000 "disk.sys"
.\debug.cpp(256) : 0xb8108000 0x0000d000 "\WINDOWS\system32\DRIVERS\CLASSPNP.SYS"
.\debug.cpp(256) : 0xb7de0000 0x00020000 "fltmgr.sys"
.\debug.cpp(256) : 0xb7dce000 0x00012000 "sr.sys"
.\debug.cpp(256) : 0xb84c4000 0x00003000 "CLBStor.sys"
.\debug.cpp(256) : 0xb8118000 0x00009000 "PxHelp20.sys"
.\debug.cpp(256) : 0xb7db7000 0x00017000 "KSecDD.sys"
.\debug.cpp(256) : 0xb7d2a000 0x0008d000 "Ntfs.sys"
.\debug.cpp(256) : 0xb7cfd000 0x0002d000 "NDIS.sys"
.\debug.cpp(256) : 0xb85b0000 0x00002000 "sfhlp01.sys"
.\debug.cpp(256) : 0xb85b2000 0x00002000 "prosync1.sys"
.\debug.cpp(256) : 0xb7ce0000 0x0001d000 "prohlp02.sys"
.\debug.cpp(256) : 0xb7cc6000 0x0001a000 "Mup.sys"
.\debug.cpp(256) : 0xb8128000 0x0000b000 "agp440.sys"
.\debug.cpp(256) : 0xb7537000 0x0000a000 "\SystemRoot\system32\DRIVERS\intelppm.sys"
.\debug.cpp(256) : 0xb6cfd000 0x007b7000 "\SystemRoot\system32\DRIVERS\nv4_mini.sys"
.\debug.cpp(256) : 0xb6ce9000 0x00014000 "\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS"
.\debug.cpp(256) : 0xb8468000 0x00006000 "\SystemRoot\system32\DRIVERS\usbuhci.sys"
.\debug.cpp(256) : 0xb6cc5000 0x00024000 "\SystemRoot\system32\DRIVERS\USBPORT.SYS"
.\debug.cpp(256) : 0xb8470000 0x00008000 "\SystemRoot\system32\DRIVERS\usbehci.sys"
.\debug.cpp(256) : 0xb6c9d000 0x00028000 "\SystemRoot\system32\DRIVERS\HDAudBus.sys"
.\debug.cpp(256) : 0xb7527000 0x0000b000 "\SystemRoot\system32\DRIVERS\imapi.sys"
.\debug.cpp(256) : 0xb7517000 0x00010000 "\SystemRoot\system32\DRIVERS\cdrom.sys"
.\debug.cpp(256) : 0xb8188000 0x0000f000 "\SystemRoot\system32\DRIVERS\redbook.sys"
.\debug.cpp(256) : 0xb6c7a000 0x00023000 "\SystemRoot\system32\DRIVERS\ks.sys"
.\debug.cpp(256) : 0xb6c57000 0x00023000 "\SystemRoot\system32\DRIVERS\Rtenicxp.sys"
.\debug.cpp(256) : 0xb85e8000 0x00002000 "\SystemRoot\system32\DRIVERS\ASACPI.sys"
.\debug.cpp(256) : 0xb8198000 0x0000d000 "\SystemRoot\system32\DRIVERS\i8042prt.sys"
.\debug.cpp(256) : 0xb8478000 0x00007000 "\SystemRoot\system32\DRIVERS\kbdclass.sys"
.\debug.cpp(256) : 0xb81a8000 0x00010000 "\SystemRoot\system32\DRIVERS\serial.sys"
.\debug.cpp(256) : 0xb7c82000 0x00004000 "\SystemRoot\system32\DRIVERS\serenum.sys"
.\debug.cpp(256) : 0xb87de000 0x00001000 "\SystemRoot\system32\DRIVERS\audstub.sys"
.\debug.cpp(256) : 0xb81b8000 0x0000d000 "\SystemRoot\system32\DRIVERS\rasl2tp.sys"
.\debug.cpp(256) : 0xb7c7e000 0x00003000 "\SystemRoot\system32\DRIVERS\ndistapi.sys"
.\debug.cpp(256) : 0xb6c40000 0x00017000 "\SystemRoot\system32\DRIVERS\ndiswan.sys"
.\debug.cpp(256) : 0xb81c8000 0x0000b000 "\SystemRoot\system32\DRIVERS\raspppoe.sys"
.\debug.cpp(256) : 0xb81d8000 0x0000c000 "\SystemRoot\system32\DRIVERS\raspptp.sys"
.\debug.cpp(256) : 0xb8480000 0x00005000 "\SystemRoot\system32\DRIVERS\TDI.SYS"
.\debug.cpp(256) : 0xb6c2f000 0x00011000 "\SystemRoot\system32\DRIVERS\psched.sys"
.\debug.cpp(256) : 0xb81e8000 0x00009000 "\SystemRoot\system32\DRIVERS\msgpc.sys"
.\debug.cpp(256) : 0xb8488000 0x00005000 "\SystemRoot\system32\DRIVERS\ptilink.sys"
.\debug.cpp(256) : 0xb8490000 0x00005000 "\SystemRoot\system32\DRIVERS\raspti.sys"
.\debug.cpp(256) : 0xb6bff000 0x00030000 "\SystemRoot\system32\DRIVERS\rdpdr.sys"
.\debug.cpp(256) : 0xb81f8000 0x0000a000 "\SystemRoot\system32\DRIVERS\termdd.sys"
.\debug.cpp(256) : 0xb8498000 0x00006000 "\SystemRoot\system32\DRIVERS\mouclass.sys"
.\debug.cpp(256) : 0xb85ea000 0x00002000 "\SystemRoot\system32\DRIVERS\swenum.sys"
.\debug.cpp(256) : 0xb6ba1000 0x0005e000 "\SystemRoot\system32\DRIVERS\update.sys"
.\debug.cpp(256) : 0xb7c62000 0x00004000 "\SystemRoot\system32\DRIVERS\mssmbios.sys"
.\debug.cpp(256) : 0xb8208000 0x0000a000 "\SystemRoot\System32\Drivers\NDProxy.SYS"
.\debug.cpp(256) : 0xb8248000 0x0000f000 "\SystemRoot\system32\DRIVERS\usbhub.sys"
.\debug.cpp(256) : 0xb85ec000 0x00002000 "\SystemRoot\system32\DRIVERS\USBD.SYS"
.\debug.cpp(256) : 0xb42ff000 0x00150000 "\SystemRoot\system32\drivers\viahduaa.sys"
.\debug.cpp(256) : 0xb42db000 0x00024000 "\SystemRoot\system32\drivers\portcls.sys"
.\debug.cpp(256) : 0xb8258000 0x0000f000 "\SystemRoot\system32\drivers\drmk.sys"
.\debug.cpp(256) : 0xb4187000 0x00154000 "\SystemRoot\system32\drivers\monfilt.sys"
.\debug.cpp(256) : 0xb85f0000 0x00002000 "\SystemRoot\System32\Drivers\Fs_Rec.SYS"
.\debug.cpp(256) : 0xb872a000 0x00001000 "\SystemRoot\System32\Drivers\Null.SYS"
.\debug.cpp(256) : 0xb85f2000 0x00002000 "\SystemRoot\System32\Drivers\Beep.SYS"
.\debug.cpp(256) : 0xb84a8000 0x00006000 "\SystemRoot\System32\drivers\vga.sys"
.\debug.cpp(256) : 0xb85f4000 0x00002000 "\SystemRoot\System32\Drivers\mnmdd.SYS"
.\debug.cpp(256) : 0xb85f6000 0x00002000 "\SystemRoot\System32\DRIVERS\RDPCDD.sys"
.\debug.cpp(256) : 0xb84b0000 0x00005000 "\SystemRoot\System32\Drivers\Msfs.SYS"
.\debug.cpp(256) : 0xb8350000 0x00008000 "\SystemRoot\System32\Drivers\Npfs.SYS"
.\debug.cpp(256) : 0xb8580000 0x00003000 "\SystemRoot\system32\DRIVERS\rasacd.sys"
.\debug.cpp(256) : 0xb412c000 0x00013000 "\SystemRoot\system32\DRIVERS\ipsec.sys"
.\debug.cpp(256) : 0xb40d3000 0x00059000 "\SystemRoot\system32\DRIVERS\tcpip.sys"
.\debug.cpp(256) : 0xb40ad000 0x00026000 "\SystemRoot\system32\DRIVERS\ipnat.sys"
.\debug.cpp(256) : 0xb8268000 0x0000a000 "\SystemRoot\System32\Drivers\aswTdi.SYS"
.\debug.cpp(256) : 0xb4085000 0x00028000 "\SystemRoot\system32\DRIVERS\netbt.sys"
.\debug.cpp(256) : 0xb8594000 0x00003000 "\SystemRoot\System32\drivers\ws2ifsl.sys"
.\debug.cpp(256) : 0xb4063000 0x00022000 "\SystemRoot\System32\drivers\afd.sys"
.\debug.cpp(256) : 0xb8278000 0x00009000 "\SystemRoot\system32\DRIVERS\netbios.sys"
.\debug.cpp(256) : 0xb4038000 0x0002b000 "\SystemRoot\system32\DRIVERS\rdbss.sys"
.\debug.cpp(256) : 0xb8288000 0x0000e000 "\SystemRoot\System32\drivers\prodrv06.sys"
.\debug.cpp(256) : 0xb8738000 0x00001000 "\SystemRoot\System32\Drivers\PQNTDrv.SYS"
.\debug.cpp(256) : 0xb3f00000 0x00070000 "\SystemRoot\system32\DRIVERS\mrxsmb.sys"
.\debug.cpp(256) : 0xb8298000 0x0000b000 "\SystemRoot\System32\Drivers\Fips.SYS"
.\debug.cpp(256) : 0xb7ca2000 0x00003000 "\SystemRoot\system32\DRIVERS\hidusb.sys"
.\debug.cpp(256) : 0xb82a8000 0x00009000 "\SystemRoot\system32\DRIVERS\HIDCLASS.SYS"
.\debug.cpp(256) : 0xb8358000 0x00007000 "\SystemRoot\system32\DRIVERS\HIDPARSE.SYS"
.\debug.cpp(256) : 0xb82b8000 0x00009000 "\SystemRoot\system32\DRIVERS\wanarp.sys"
.\debug.cpp(256) : 0xb7c92000 0x00003000 "\SystemRoot\system32\DRIVERS\mouhid.sys"
.\debug.cpp(256) : 0xb7c8e000 0x00003000 "\SystemRoot\system32\DRIVERS\IPFilter.sys"
.\debug.cpp(256) : 0xb3ed9000 0x00027000 "\SystemRoot\System32\Drivers\aswSP.SYS"
.\debug.cpp(256) : 0xb8398000 0x00006000 "\SystemRoot\System32\Drivers\Aavmker4.SYS"
.\debug.cpp(256) : 0xb82e8000 0x00010000 "\SystemRoot\System32\Drivers\Cdfs.SYS"
.\debug.cpp(256) : 0xb3ec1000 0x00018000 "\SystemRoot\System32\Drivers\dump_atapi.sys"
.\debug.cpp(256) : 0xb85fa000 0x00002000 "\SystemRoot\System32\Drivers\dump_WMILIB.SYS"
.\debug.cpp(256) : 0xbf800000 0x001c4000 "\SystemRoot\System32\win32k.sys"
.\debug.cpp(256) : 0xb6563000 0x00003000 "\SystemRoot\System32\drivers\Dxapi.sys"
.\debug.cpp(256) : 0xb83a8000 0x00005000 "\SystemRoot\System32\watchdog.sys"
.\debug.cpp(256) : 0xbd000000 0x00012000 "\SystemRoot\System32\drivers\dxg.sys"
.\debug.cpp(256) : 0xb873d000 0x00001000 "\SystemRoot\System32\drivers\dxgthk.sys"
.\debug.cpp(256) : 0xbd012000 0x005a3000 "\SystemRoot\System32\nv4_disp.dll"
.\debug.cpp(256) : 0xbffa0000 0x00046000 "\SystemRoot\System32\ATMFD.DLL"
.\debug.cpp(256) : 0xb655f000 0x00003000 "\SystemRoot\System32\Drivers\aswFsBlk.SYS"
.\debug.cpp(256) : 0xb3c59000 0x0000c000 "\SystemRoot\system32\DRIVERS\fssfltr_tdi.sys"
.\debug.cpp(256) : 0xb3b91000 0x00004000 "\SystemRoot\system32\DRIVERS\ndisuio.sys"
.\debug.cpp(256) : 0xb3962000 0x00017000 "\SystemRoot\System32\Drivers\aswMon2.SYS"
.\debug.cpp(256) : 0xb34ed000 0x00015000 "\SystemRoot\system32\drivers\wdmaud.sys"
.\debug.cpp(256) : 0xb3882000 0x0000f000 "\SystemRoot\system32\drivers\sysaudio.sys"
.\debug.cpp(256) : 0xb3472000 0x0002d000 "\SystemRoot\system32\DRIVERS\mrxdav.sys"
.\debug.cpp(256) : 0xb85c4000 0x00002000 "\SystemRoot\System32\Drivers\TBPanel.SYS"
.\debug.cpp(256) : 0xb3303000 0x00057000 "\SystemRoot\system32\DRIVERS\srv.sys"
.\debug.cpp(256) : 0xb8458000 0x00005000 "\SystemRoot\System32\Drivers\aswRdr.SYS"
.\debug.cpp(256) : 0xb2eb2000 0x00041000 "\SystemRoot\System32\Drivers\HTTP.sys"
.\debug.cpp(256) : 0xb2201000 0x00011000 "\SystemRoot\System32\Drivers\Udfs.SYS"
.\debug.cpp(256) : 0xb1853000 0x0002b000 "\SystemRoot\system32\drivers\kmixer.sys"
.\debug.cpp(256) : 0x7c900000 0x000b4000 "\WINDOWS\system32\ntdll.dll"
.\debug.cpp(263) : **********************************************
.\debug.cpp(307) : *** [ DEVICE OBJECTS INFORMATION ] ***********
.\debug.cpp(308) : **********************************************
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\D:"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi3:"
.\debug.cpp(400) : Destination="\Device\Ide\IdePort3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY1"
.\debug.cpp(400) : Destination="\Device\Video0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomHL-DT-ST_DVDRAM_GSA-H42L________________SL00____#324b364536433448323020382020202020202020#{1186654d-47b8-48b9-beb9-7df113ae3c67}"
.\debug.cpp(400) : Destination="\Device\Ide\IdeDeviceP0T1L0-3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDIS"
.\debug.cpp(400) : Destination="\Device\Ndis"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{486aa911-0526-11df-aac8-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume5"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ffbb6e3f-ccfe-4d84-90d9-421418b03a8e}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWSP"
.\debug.cpp(400) : Destination="\Device\aswSP"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY2"
.\debug.cpp(400) : Destination="\Device\Video1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPPOEMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\00000046"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_23#_1#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination="\Device\00000055"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmIoDaemon"
.\debug.cpp(400) : Destination="\Device\DmControl\DmIoDaemon"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\aswSP_Pot2"
.\debug.cpp(400) : Destination="\Device\aswSP_Pot2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY3"
.\debug.cpp(400) : Destination="\Device\Video2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ip"
.\debug.cpp(400) : Destination="\Device\Ip"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\E:"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume4"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPSECDev"
.\debug.cpp(400) : Destination="\Device\IPSEC"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY4"
.\debug.cpp(400) : Destination="\Device\Video3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&33d5ef4b&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination="\Device\USBPDO-4"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_NDISWANIP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\00000045"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_23#_3#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination="\Device\00000057"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ATKACPI"
.\debug.cpp(400) : Destination="\Device\ATKACPI"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CLBStor"
.\debug.cpp(400) : Destination="\Device\CLBStor"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&SignatureF130F130Offset272C5ECC00Length130BAEB400#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWMON"
.\debug.cpp(400) : Destination="\Device\aswMon"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDPROXY"
.\debug.cpp(400) : Destination="\Device\NDProxy"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#DiskSAMSUNG_HD502HJ_________________________1AJ100E4#32534230394a5341304234343830202020202020#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\Ide\IdeDeviceP3T0L0-1b"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi4:"
.\debug.cpp(400) : Destination="\Device\Ide\IdePort4"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_3A3C&SUBSYS_82D41043&REV_00#3&11583659&0&D7#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0005"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_3A37&SUBSYS_82D41043&REV_00#3&11583659&0&D0#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0002"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CDR4_XP"
.\debug.cpp(400) : Destination="\Device\PxHelperDevice0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e99e5bf2-8c74-11df-80f0-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{3c0d501a-140b-11d1-b40f-00a0c9223196}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\RdpDrDvMgr"
.\debug.cpp(400) : Destination="\Device\RdpDrDvMgr"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SFHLP01I"
.\debug.cpp(400) : Destination="\Device\SFHLP01I"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&SignatureC9B0C9AOffset30D3CBAE00Length30D3CAB200#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume5"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CompositeBattery"
.\debug.cpp(400) : Destination="\Device\CompositeBattery"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\F:"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume5"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#DiskSAMSUNG_SP2504C_________________________VT100-50#30535139314a5050333333393337202020202020#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\Ide\IdeDeviceP2T0L0-10"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi5:"
.\debug.cpp(400) : Destination="\Device\Ide\IdePort5"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\COM1"
.\debug.cpp(400) : Destination="\Device\Serial0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{E808EE0A-820C-413E-88B5-9A32738E7556}"
.\debug.cpp(400) : Destination="\Device\{E808EE0A-820C-413E-88B5-9A32738E7556}"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WMIDataDevice"
.\debug.cpp(400) : Destination="\Device\WMIDataDevice"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043837A&REV_1000#4&8ad042a&0&0001#{86841137-ed8e-4d97-9975-f2ed56b4430e}"
.\debug.cpp(400) : Destination="\Device\0000008c"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_23#_0#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination="\Device\00000054"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{26ef2047-0601-11df-84a3-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PIPE"
.\debug.cpp(400) : Destination="\Device\NamedPipe"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c5066e-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination="\Device\KSENUM#00000002"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{2eb07ea0-7e70-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\G:"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PSched"
.\debug.cpp(400) : Destination="\Device\PSched"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\UNC"
.\debug.cpp(400) : Destination="\Device\Mup"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_051d&Pid_0002#3B0948X29244__#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
.\debug.cpp(400) : Destination="\Device\USBPDO-8"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPNAT"
.\debug.cpp(400) : Destination="\Device\IPNAT"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_3A35&SUBSYS_82D41043&REV_00#3&11583659&0&E9#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0011"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{1A5B8631-D82B-42FA-ABDF-0F757017D059}"
.\debug.cpp(400) : Destination="\Device\{1A5B8631-D82B-42FA-ABDF-0F757017D059}"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD0"
.\debug.cpp(400) : Destination="\Device\USBFDO-0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWTDI"
.\debug.cpp(400) : Destination="\Device\ASWTDI"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ProDrv06"
.\debug.cpp(400) : Destination="\Device\ProDrv06"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Tcp"
.\debug.cpp(400) : Destination="\Device\Tcp"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_10DE&DEV_0615&SUBSYS_040110B0&REV_A2#4&399d3c6a&0&0008#{5b45201d-f2f2-4f3b-85bb-30ff1f953599}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0019"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FltMgrMsg"
.\debug.cpp(400) : Destination="\FileSystem\Filters\FltMgrMsg"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\LCD"
.\debug.cpp(400) : Destination="\Device\VideoPdo0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD1"
.\debug.cpp(400) : Destination="\Device\USBFDO-1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PTIMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\0000004b"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PhysicalDrive0"
.\debug.cpp(400) : Destination="\Device\Harddisk0\DR0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_045e&Pid_006a&Col01#6&23e28f36&0&0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination="\Device\00000093"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PRN"
.\debug.cpp(400) : Destination="\DosDevices\LPT1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB20#4&290cafbe&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination="\Device\USBPDO-7"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_3A39&SUBSYS_82D41043&REV_00#3&11583659&0&D2#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0004"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD2"
.\debug.cpp(400) : Destination="\Device\USBFDO-2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{53172480-4791-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0001#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\00000049"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{486aa910-0526-11df-aac8-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume4"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\H:"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume6"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PhysicalDrive1"
.\debug.cpp(400) : Destination="\Device\Harddisk1\DR1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043837A&REV_1000#4&8ad042a&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}"
.\debug.cpp(400) : Destination="\Device\0000008c"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\sysaudio"
.\debug.cpp(400) : Destination="\Device\sysaudio"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0303#4&cb33808&0#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination="\Device\0000007e"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e99e5bf5-8c74-11df-80f0-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume6"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\fsWrap"
.\debug.cpp(400) : Destination="\Device\FsWrap"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0002#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\0000004a"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD3"
.\debug.cpp(400) : Destination="\Device\USBFDO-3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{97ebaacb-95bd-11d0-a3ea-00a0c9223196}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{B736A52A-1353-48FB-B33F-91AD06A7F813}"
.\debug.cpp(400) : Destination="\Device\{B736A52A-1353-48FB-B33F-91AD06A7F813}"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CdRom0"
.\debug.cpp(400) : Destination="\Device\CdRom0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&SignatureC9B0C9AOffset7E00Length30D3CAB200#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume4"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD4"
.\debug.cpp(400) : Destination="\Device\USBFDO-4"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_051d&Pid_0002#6&219d4532&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}"
.\debug.cpp(400) : Destination="\Device\00000092"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\fssfltr"
.\debug.cpp(400) : Destination="\Device\fssfltr"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_3A3A&SUBSYS_82D41043&REV_00#3&11583659&0&EF#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0013"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD5"
.\debug.cpp(400) : Destination="\Device\USBFDO-5"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_3A34&SUBSYS_82D41043&REV_00#3&11583659&0&E8#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0010"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#FixedButton#2&daba3ff&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination="\Device\0000005b"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0C0C#aa#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination="\Device\0000005a"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Global"
.\debug.cpp(400) : Destination="\GLOBAL??"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_045e&Pid_006a&Col02#6&23e28f36&0&0001#{4d1e55b2-f16f-11cf-88cb-001111000030}"
.\debug.cpp(400) : Destination="\Device\00000094"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0501#1#{86e0d1e0-8089-11d0-9ce4-08003e301f73}"
.\debug.cpp(400) : Destination="\Device\0000007f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD6"
.\debug.cpp(400) : Destination="\Device\USBFDO-6"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PxHelperDevice0"
.\debug.cpp(400) : Destination="\Device\PxHelperDevice0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\I:"
.\debug.cpp(400) : Destination="\Device\CdRom0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50671-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination="\Device\KSENUM#00000002"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e99e5bf0-8c74-11df-80f0-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD7"
.\debug.cpp(400) : Destination="\Device\USBFDO-7"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&1bd273f9&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination="\Device\USBPDO-2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ProHlp02"
.\debug.cpp(400) : Destination="\Device\ProHlp02"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomHL-DT-ST_DVDRAM_GSA-H42L________________SL00____#324b364536433448323020382020202020202020#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\Ide\IdeDeviceP0T1L0-3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Cardex"
.\debug.cpp(400) : Destination="\Device\Cardex"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ad809c00-7b88-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{9ea331fa-b91b-45f8-9285-bd2bc77afcde}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{36743395-5E87-4E0A-9B39-D6EA4167457C}"
.\debug.cpp(400) : Destination="\Device\{36743395-5E87-4E0A-9B39-D6EA4167457C}"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{3e227e76-690d-11d2-8161-0000f8775bf1}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&SignatureF130F130Offset7E00LengthEC1FAB600#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e99e5bf3-8c74-11df-80f0-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume4"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0501#1#{4d36e978-e325-11ce-bfc1-08002be10318}"
.\debug.cpp(400) : Destination="\Device\0000007f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{39A51361-5097-4E71-9F50-100B52DEB791}"
.\debug.cpp(400) : Destination="\Device\{39A51361-5097-4E71-9F50-100B52DEB791}"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&SignatureC9B0C9AOffset61A796DE00Length12C8842200#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume6"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomHL-DT-ST_DVDRAM_GSA-H42L________________SL00____#324b364536433448323020382020202020202020#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\Ide\IdeDeviceP0T1L0-3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50674-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination="\Device\KSENUM#00000002"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\AAVMKER4"
.\debug.cpp(400) : Destination="\Device\AavmKer4"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e99e5bef-8c74-11df-80f0-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\CdRom0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_L2TPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\00000044"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_23#_2#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination="\Device\00000056"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SFHLP01"
.\debug.cpp(400) : Destination="\Device\SFHLP01"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MbDlDp32"
.\debug.cpp(400) : Destination="\Device\PxHelperDevice0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmConfig"
.\debug.cpp(400) : Destination="\Device\DmControl\DmConfig"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MountPointManager"
.\debug.cpp(400) : Destination="\Device\MountPointManager"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WanArp"
.\debug.cpp(400) : Destination="\Device\WANARP"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e99e5bf1-8c74-11df-80f0-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\RealTekCard"
.\debug.cpp(400) : Destination="\Device\RealTekCard"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#ftdisk#0000#{53f5630e-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\00000004"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{8ac05bb4-f827-11de-831c-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USNTracker"
.\debug.cpp(400) : Destination="\Device\USNTracker"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{6162B91D-9DA9-41EF-84F8-D5A029ED52CB}"
.\debug.cpp(400) : Destination="\Device\{6162B91D-9DA9-41EF-84F8-D5A029ED52CB}"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmTrace"
.\debug.cpp(400) : Destination="\Device\DmControl\DmTrace"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{8ac05bae-f827-11de-831c-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\CdRom0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043837A&REV_1000#4&8ad042a&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination="\Device\0000008c"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB20#4&3097edfd&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination="\Device\USBPDO-3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDISWANIP"
.\debug.cpp(400) : Destination="\Device\NdisWanIp"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#dmio#0000#{53f5630e-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\00000003"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043837A&REV_1000#4&8ad042a&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination="\Device\0000008c"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&SignatureF130F130OffsetEC1FBB200Length186A629C00#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{bf963d80-c559-11d0-8a2b-00a0c9255ac1}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}"
.\debug.cpp(400) : Destination="\Device\KSENUM#00000002"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_10EC&DEV_8168&SUBSYS_83671043&REV_02#4&20515db1&0&00E5#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0021"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&14d59eda&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination="\Device\USBPDO-6"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_3A38&SUBSYS_82D41043&REV_00#3&11583659&0&D1#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0003"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi0:"
.\debug.cpp(400) : Destination="\Device\Ide\IdePort0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{4747b320-62ce-11cf-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPTPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\00000047"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK1"
.\debug.cpp(400) : Destination="\Device\ParTechInc0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_045e&Pid_006a&Col01#6&23e28f36&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}"
.\debug.cpp(400) : Destination="\Device\00000093"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDISTAPI"
.\debug.cpp(400) : Destination="\Device\NdisTapi"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NdisWan"
.\debug.cpp(400) : Destination="\Device\NdisWan"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi1:"
.\debug.cpp(400) : Destination="\Device\Ide\IdePort1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPMULTICAST"
.\debug.cpp(400) : Destination="\Device\IPMULTICAST"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{8B8B1A86-5864-4B00-A680-B04562145EB8}"
.\debug.cpp(400) : Destination="\Device\{8B8B1A86-5864-4B00-A680-B04562145EB8}"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK2"
.\debug.cpp(400) : Destination="\Device\ParTechInc1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmLoader"
.\debug.cpp(400) : Destination="\Device\DmLoader"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_045e&Pid_006a#5&35eda8e7&0&1#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
.\debug.cpp(400) : Destination="\Device\USBPDO-9"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_3A36&SUBSYS_82D41043&REV_00#3&11583659&0&EA#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0012"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&67e9d0c&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination="\Device\USBPDO-0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK3"
.\debug.cpp(400) : Destination="\Device\ParTechInc2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ProSync1"
.\debug.cpp(400) : Destination="\Device\ProSync1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Shadow"
.\debug.cpp(400) : Destination="\Device\LanmanRedirector"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FltMgr"
.\debug.cpp(400) : Destination="\FileSystem\Filters\FltMgr"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FtControl"
.\debug.cpp(400) : Destination="\Device\FtControl"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\C:"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\aswSP_Avar"
.\debug.cpp(400) : Destination="\Device\aswSP_Avar"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWRDR"
.\debug.cpp(400) : Destination="\Device\ASWRDR"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MAILSLOT"
.\debug.cpp(400) : Destination="\Device\MailSlot"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\AUX"
.\debug.cpp(400) : Destination="\DosDevices\COM1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PQNTDRV"
.\debug.cpp(400) : Destination="\Device\PQNTDRV"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ndisuio"
.\debug.cpp(400) : Destination="\Device\Ndisuio"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#RDP_MOU#0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination="\Device\0000004e"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi2:"
.\debug.cpp(400) : Destination="\Device\Ide\IdePort2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NUL"
.\debug.cpp(400) : Destination="\Device\Null"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&3141bc6c&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination="\Device\USBPDO-1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\GLOBALROOT"
.\debug.cpp(400) : Destination=""

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPFILTER"
.\debug.cpp(400) : Destination="\Device\MSH_Filter"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#RDP_KBD#0000#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination="\Device\0000004d"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e99e5bf4-8c74-11df-80f0-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume5"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{486aa912-0526-11df-aac8-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume6"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043837A&REV_1000#4&8ad042a&0&0001#{65e8773d-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination="\Device\0000008c"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&1d34232f&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination="\Device\USBPDO-5"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmInfo"
.\debug.cpp(400) : Destination="\Device\DmControl\DmInfo"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{26ef2046-0601-11df-84a3-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume2"

.\debug.cpp(451) : **********************************************
.\boot_cleaner.cpp(815) : Restoring boot code at \\.\PhysicalDrive0...
.\boot_cleaner.cpp(902) : OK
.\boot_cleaner.cpp(1242) : Done;

és a másik vincsimmel mi a helyzet, mert ez csak most amin a rendszer van az lett ellenőrizve. egyébként csak win xp pro van a gépemen. Amikor elindítom akkor csak egy vinyó jelenik meg benne, de igazából kettő van a gépemben.

Egy hideg sör mindig jólesik.

meg itt vagyok
Nincsen a gepedre linux-telepitve??GRUB-csak ez az egy OP-Rendszer van,??,Ha igen akkor csomagold ki az ASZTALRA a bootkitremovert,,es -klik-start-klik-futtatas- masold be ezt a parancsot:
"%userprofile%\asztal\remover.exe" fix \\.\PhysicalDrive0
enter
Restart-futtasd ujra a bootkit removert es a logjat tedd ide.

ezt írta:

.\debug.cpp(238) : Debug log started at 29.07.2010 - 18:11:35
.\boot_cleaner.cpp(675) : Bootkit Remover
.\boot_cleaner.cpp(676) : (c) 2009 eSage Lab
.\boot_cleaner.cpp(677) : www.esagelab.com
.\boot_cleaner.cpp(681) : Program version: 1.1.0.0
.\boot_cleaner.cpp(688) : OS Version: Microsoft Windows XP Professional Szervizcsomag 3 (build 2600)
.\debug.cpp(248) : **********************************************
.\debug.cpp(249) : *** [ LOADED MODULES INFORMATION ] ***********
.\debug.cpp(250) : **********************************************
.\debug.cpp(256) : 0x804d7000 0x0020d000 "\WINDOWS\system32\ntkrnlpa.exe"
.\debug.cpp(256) : 0x806e4000 0x00020d00 "\WINDOWS\system32\hal.dll"
.\debug.cpp(256) : 0xb85a8000 0x00002000 "\WINDOWS\system32\KDCOM.DLL"
.\debug.cpp(256) : 0xb84b8000 0x00003000 "\WINDOWS\system32\BOOTVID.dll"
.\debug.cpp(256) : 0xb7eb4000 0x000f3000 "spzq.sys"
.\debug.cpp(256) : 0xb85aa000 0x00002000 "\WINDOWS\System32\Drivers\WMILIB.SYS"
.\debug.cpp(256) : 0xb7e9c000 0x00018000 "\WINDOWS\System32\Drivers\SCSIPORT.SYS"
.\debug.cpp(256) : 0xb7e6e000 0x0002e000 "ACPI.sys"
.\debug.cpp(256) : 0xb7e5d000 0x00011000 "pci.sys"
.\debug.cpp(256) : 0xb80a8000 0x0000a000 "isapnp.sys"
.\debug.cpp(256) : 0xb80b8000 0x00010000 "ohci1394.sys"
.\debug.cpp(256) : 0xb80c8000 0x0000e000 "\WINDOWS\system32\DRIVERS\1394BUS.SYS"
.\debug.cpp(256) : 0xb84bc000 0x00003000 "compbatt.sys"
.\debug.cpp(256) : 0xb84c0000 0x00004000 "\WINDOWS\system32\DRIVERS\BATTC.SYS"
.\debug.cpp(256) : 0xb8670000 0x00001000 "pciide.sys"
.\debug.cpp(256) : 0xb8328000 0x00007000 "\WINDOWS\system32\DRIVERS\PCIIDEX.SYS"
.\debug.cpp(256) : 0xb85ac000 0x00002000 "intelide.sys"
.\debug.cpp(256) : 0xb80d8000 0x0000b000 "MountMgr.sys"
.\debug.cpp(256) : 0xb7e3e000 0x0001f000 "ftdisk.sys"
.\debug.cpp(256) : 0xb85ae000 0x00002000 "dmload.sys"
.\debug.cpp(256) : 0xb7e18000 0x00026000 "dmio.sys"
.\debug.cpp(256) : 0xb8330000 0x00005000 "PartMgr.sys"
.\debug.cpp(256) : 0xb80e8000 0x0000d000 "VolSnap.sys"
.\debug.cpp(256) : 0xb7e00000 0x00018000 "atapi.sys"
.\debug.cpp(256) : 0xb80f8000 0x00009000 "disk.sys"
.\debug.cpp(256) : 0xb8108000 0x0000d000 "\WINDOWS\system32\DRIVERS\CLASSPNP.SYS"
.\debug.cpp(256) : 0xb7de0000 0x00020000 "fltmgr.sys"
.\debug.cpp(256) : 0xb7dce000 0x00012000 "sr.sys"
.\debug.cpp(256) : 0xb84c4000 0x00003000 "CLBStor.sys"
.\debug.cpp(256) : 0xb8118000 0x00009000 "PxHelp20.sys"
.\debug.cpp(256) : 0xb7db7000 0x00017000 "KSecDD.sys"
.\debug.cpp(256) : 0xb7d2a000 0x0008d000 "Ntfs.sys"
.\debug.cpp(256) : 0xb7cfd000 0x0002d000 "NDIS.sys"
.\debug.cpp(256) : 0xb85b0000 0x00002000 "sfhlp01.sys"
.\debug.cpp(256) : 0xb85b2000 0x00002000 "prosync1.sys"
.\debug.cpp(256) : 0xb7ce0000 0x0001d000 "prohlp02.sys"
.\debug.cpp(256) : 0xb7cc6000 0x0001a000 "Mup.sys"
.\debug.cpp(256) : 0xb8128000 0x0000b000 "agp440.sys"
.\debug.cpp(256) : 0xb7537000 0x0000a000 "\SystemRoot\system32\DRIVERS\intelppm.sys"
.\debug.cpp(256) : 0xb6cfd000 0x007b7000 "\SystemRoot\system32\DRIVERS\nv4_mini.sys"
.\debug.cpp(256) : 0xb6ce9000 0x00014000 "\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS"
.\debug.cpp(256) : 0xb8468000 0x00006000 "\SystemRoot\system32\DRIVERS\usbuhci.sys"
.\debug.cpp(256) : 0xb6cc5000 0x00024000 "\SystemRoot\system32\DRIVERS\USBPORT.SYS"
.\debug.cpp(256) : 0xb8470000 0x00008000 "\SystemRoot\system32\DRIVERS\usbehci.sys"
.\debug.cpp(256) : 0xb6c9d000 0x00028000 "\SystemRoot\system32\DRIVERS\HDAudBus.sys"
.\debug.cpp(256) : 0xb7527000 0x0000b000 "\SystemRoot\system32\DRIVERS\imapi.sys"
.\debug.cpp(256) : 0xb7517000 0x00010000 "\SystemRoot\system32\DRIVERS\cdrom.sys"
.\debug.cpp(256) : 0xb8188000 0x0000f000 "\SystemRoot\system32\DRIVERS\redbook.sys"
.\debug.cpp(256) : 0xb6c7a000 0x00023000 "\SystemRoot\system32\DRIVERS\ks.sys"
.\debug.cpp(256) : 0xb6c57000 0x00023000 "\SystemRoot\system32\DRIVERS\Rtenicxp.sys"
.\debug.cpp(256) : 0xb85e8000 0x00002000 "\SystemRoot\system32\DRIVERS\ASACPI.sys"
.\debug.cpp(256) : 0xb8198000 0x0000d000 "\SystemRoot\system32\DRIVERS\i8042prt.sys"
.\debug.cpp(256) : 0xb8478000 0x00007000 "\SystemRoot\system32\DRIVERS\kbdclass.sys"
.\debug.cpp(256) : 0xb81a8000 0x00010000 "\SystemRoot\system32\DRIVERS\serial.sys"
.\debug.cpp(256) : 0xb7c82000 0x00004000 "\SystemRoot\system32\DRIVERS\serenum.sys"
.\debug.cpp(256) : 0xb87de000 0x00001000 "\SystemRoot\system32\DRIVERS\audstub.sys"
.\debug.cpp(256) : 0xb81b8000 0x0000d000 "\SystemRoot\system32\DRIVERS\rasl2tp.sys"
.\debug.cpp(256) : 0xb7c7e000 0x00003000 "\SystemRoot\system32\DRIVERS\ndistapi.sys"
.\debug.cpp(256) : 0xb6c40000 0x00017000 "\SystemRoot\system32\DRIVERS\ndiswan.sys"
.\debug.cpp(256) : 0xb81c8000 0x0000b000 "\SystemRoot\system32\DRIVERS\raspppoe.sys"
.\debug.cpp(256) : 0xb81d8000 0x0000c000 "\SystemRoot\system32\DRIVERS\raspptp.sys"
.\debug.cpp(256) : 0xb8480000 0x00005000 "\SystemRoot\system32\DRIVERS\TDI.SYS"
.\debug.cpp(256) : 0xb6c2f000 0x00011000 "\SystemRoot\system32\DRIVERS\psched.sys"
.\debug.cpp(256) : 0xb81e8000 0x00009000 "\SystemRoot\system32\DRIVERS\msgpc.sys"
.\debug.cpp(256) : 0xb8488000 0x00005000 "\SystemRoot\system32\DRIVERS\ptilink.sys"
.\debug.cpp(256) : 0xb8490000 0x00005000 "\SystemRoot\system32\DRIVERS\raspti.sys"
.\debug.cpp(256) : 0xb6bff000 0x00030000 "\SystemRoot\system32\DRIVERS\rdpdr.sys"
.\debug.cpp(256) : 0xb81f8000 0x0000a000 "\SystemRoot\system32\DRIVERS\termdd.sys"
.\debug.cpp(256) : 0xb8498000 0x00006000 "\SystemRoot\system32\DRIVERS\mouclass.sys"
.\debug.cpp(256) : 0xb85ea000 0x00002000 "\SystemRoot\system32\DRIVERS\swenum.sys"
.\debug.cpp(256) : 0xb6ba1000 0x0005e000 "\SystemRoot\system32\DRIVERS\update.sys"
.\debug.cpp(256) : 0xb7c62000 0x00004000 "\SystemRoot\system32\DRIVERS\mssmbios.sys"
.\debug.cpp(256) : 0xb8208000 0x0000a000 "\SystemRoot\System32\Drivers\NDProxy.SYS"
.\debug.cpp(256) : 0xb8248000 0x0000f000 "\SystemRoot\system32\DRIVERS\usbhub.sys"
.\debug.cpp(256) : 0xb85ec000 0x00002000 "\SystemRoot\system32\DRIVERS\USBD.SYS"
.\debug.cpp(256) : 0xb42ff000 0x00150000 "\SystemRoot\system32\drivers\viahduaa.sys"
.\debug.cpp(256) : 0xb42db000 0x00024000 "\SystemRoot\system32\drivers\portcls.sys"
.\debug.cpp(256) : 0xb8258000 0x0000f000 "\SystemRoot\system32\drivers\drmk.sys"
.\debug.cpp(256) : 0xb4187000 0x00154000 "\SystemRoot\system32\drivers\monfilt.sys"
.\debug.cpp(256) : 0xb85f0000 0x00002000 "\SystemRoot\System32\Drivers\Fs_Rec.SYS"
.\debug.cpp(256) : 0xb872a000 0x00001000 "\SystemRoot\System32\Drivers\Null.SYS"
.\debug.cpp(256) : 0xb85f2000 0x00002000 "\SystemRoot\System32\Drivers\Beep.SYS"
.\debug.cpp(256) : 0xb84a8000 0x00006000 "\SystemRoot\System32\drivers\vga.sys"
.\debug.cpp(256) : 0xb85f4000 0x00002000 "\SystemRoot\System32\Drivers\mnmdd.SYS"
.\debug.cpp(256) : 0xb85f6000 0x00002000 "\SystemRoot\System32\DRIVERS\RDPCDD.sys"
.\debug.cpp(256) : 0xb84b0000 0x00005000 "\SystemRoot\System32\Drivers\Msfs.SYS"
.\debug.cpp(256) : 0xb8350000 0x00008000 "\SystemRoot\System32\Drivers\Npfs.SYS"
.\debug.cpp(256) : 0xb8580000 0x00003000 "\SystemRoot\system32\DRIVERS\rasacd.sys"
.\debug.cpp(256) : 0xb412c000 0x00013000 "\SystemRoot\system32\DRIVERS\ipsec.sys"
.\debug.cpp(256) : 0xb40d3000 0x00059000 "\SystemRoot\system32\DRIVERS\tcpip.sys"
.\debug.cpp(256) : 0xb40ad000 0x00026000 "\SystemRoot\system32\DRIVERS\ipnat.sys"
.\debug.cpp(256) : 0xb8268000 0x0000a000 "\SystemRoot\System32\Drivers\aswTdi.SYS"
.\debug.cpp(256) : 0xb4085000 0x00028000 "\SystemRoot\system32\DRIVERS\netbt.sys"
.\debug.cpp(256) : 0xb8594000 0x00003000 "\SystemRoot\System32\drivers\ws2ifsl.sys"
.\debug.cpp(256) : 0xb4063000 0x00022000 "\SystemRoot\System32\drivers\afd.sys"
.\debug.cpp(256) : 0xb8278000 0x00009000 "\SystemRoot\system32\DRIVERS\netbios.sys"
.\debug.cpp(256) : 0xb4038000 0x0002b000 "\SystemRoot\system32\DRIVERS\rdbss.sys"
.\debug.cpp(256) : 0xb8288000 0x0000e000 "\SystemRoot\System32\drivers\prodrv06.sys"
.\debug.cpp(256) : 0xb8738000 0x00001000 "\SystemRoot\System32\Drivers\PQNTDrv.SYS"
.\debug.cpp(256) : 0xb3f00000 0x00070000 "\SystemRoot\system32\DRIVERS\mrxsmb.sys"
.\debug.cpp(256) : 0xb8298000 0x0000b000 "\SystemRoot\System32\Drivers\Fips.SYS"
.\debug.cpp(256) : 0xb7ca2000 0x00003000 "\SystemRoot\system32\DRIVERS\hidusb.sys"
.\debug.cpp(256) : 0xb82a8000 0x00009000 "\SystemRoot\system32\DRIVERS\HIDCLASS.SYS"
.\debug.cpp(256) : 0xb8358000 0x00007000 "\SystemRoot\system32\DRIVERS\HIDPARSE.SYS"
.\debug.cpp(256) : 0xb82b8000 0x00009000 "\SystemRoot\system32\DRIVERS\wanarp.sys"
.\debug.cpp(256) : 0xb7c92000 0x00003000 "\SystemRoot\system32\DRIVERS\mouhid.sys"
.\debug.cpp(256) : 0xb7c8e000 0x00003000 "\SystemRoot\system32\DRIVERS\IPFilter.sys"
.\debug.cpp(256) : 0xb3ed9000 0x00027000 "\SystemRoot\System32\Drivers\aswSP.SYS"
.\debug.cpp(256) : 0xb8398000 0x00006000 "\SystemRoot\System32\Drivers\Aavmker4.SYS"
.\debug.cpp(256) : 0xb82e8000 0x00010000 "\SystemRoot\System32\Drivers\Cdfs.SYS"
.\debug.cpp(256) : 0xb3ec1000 0x00018000 "\SystemRoot\System32\Drivers\dump_atapi.sys"
.\debug.cpp(256) : 0xb85fa000 0x00002000 "\SystemRoot\System32\Drivers\dump_WMILIB.SYS"
.\debug.cpp(256) : 0xbf800000 0x001c4000 "\SystemRoot\System32\win32k.sys"
.\debug.cpp(256) : 0xb6563000 0x00003000 "\SystemRoot\System32\drivers\Dxapi.sys"
.\debug.cpp(256) : 0xb83a8000 0x00005000 "\SystemRoot\System32\watchdog.sys"
.\debug.cpp(256) : 0xbd000000 0x00012000 "\SystemRoot\System32\drivers\dxg.sys"
.\debug.cpp(256) : 0xb873d000 0x00001000 "\SystemRoot\System32\drivers\dxgthk.sys"
.\debug.cpp(256) : 0xbd012000 0x005a3000 "\SystemRoot\System32\nv4_disp.dll"
.\debug.cpp(256) : 0xbffa0000 0x00046000 "\SystemRoot\System32\ATMFD.DLL"
.\debug.cpp(256) : 0xb655f000 0x00003000 "\SystemRoot\System32\Drivers\aswFsBlk.SYS"
.\debug.cpp(256) : 0xb3c59000 0x0000c000 "\SystemRoot\system32\DRIVERS\fssfltr_tdi.sys"
.\debug.cpp(256) : 0xb3b91000 0x00004000 "\SystemRoot\system32\DRIVERS\ndisuio.sys"
.\debug.cpp(256) : 0xb3962000 0x00017000 "\SystemRoot\System32\Drivers\aswMon2.SYS"
.\debug.cpp(256) : 0xb34ed000 0x00015000 "\SystemRoot\system32\drivers\wdmaud.sys"
.\debug.cpp(256) : 0xb3882000 0x0000f000 "\SystemRoot\system32\drivers\sysaudio.sys"
.\debug.cpp(256) : 0xb3472000 0x0002d000 "\SystemRoot\system32\DRIVERS\mrxdav.sys"
.\debug.cpp(256) : 0xb85c4000 0x00002000 "\SystemRoot\System32\Drivers\TBPanel.SYS"
.\debug.cpp(256) : 0xb3303000 0x00057000 "\SystemRoot\system32\DRIVERS\srv.sys"
.\debug.cpp(256) : 0xb8458000 0x00005000 "\SystemRoot\System32\Drivers\aswRdr.SYS"
.\debug.cpp(256) : 0xb2eb2000 0x00041000 "\SystemRoot\System32\Drivers\HTTP.sys"
.\debug.cpp(256) : 0xb2201000 0x00011000 "\SystemRoot\System32\Drivers\Udfs.SYS"
.\debug.cpp(256) : 0x7c900000 0x000b4000 "\WINDOWS\system32\ntdll.dll"
.\debug.cpp(263) : **********************************************
.\debug.cpp(307) : *** [ DEVICE OBJECTS INFORMATION ] ***********
.\debug.cpp(308) : **********************************************
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\D:"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{486aa911-0526-11df-aac8-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume5"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDIS"
.\debug.cpp(400) : Destination="\Device\Ndis"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi3:"
.\debug.cpp(400) : Destination="\Device\Ide\IdePort3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY1"
.\debug.cpp(400) : Destination="\Device\Video0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomHL-DT-ST_DVDRAM_GSA-H42L________________SL00____#324b364536433448323020382020202020202020#{1186654d-47b8-48b9-beb9-7df113ae3c67}"
.\debug.cpp(400) : Destination="\Device\Ide\IdeDeviceP0T1L0-3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ffbb6e3f-ccfe-4d84-90d9-421418b03a8e}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWSP"
.\debug.cpp(400) : Destination="\Device\aswSP"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY2"
.\debug.cpp(400) : Destination="\Device\Video1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPPOEMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\00000046"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_23#_1#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination="\Device\00000055"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmIoDaemon"
.\debug.cpp(400) : Destination="\Device\DmControl\DmIoDaemon"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ip"
.\debug.cpp(400) : Destination="\Device\Ip"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\aswSP_Pot2"
.\debug.cpp(400) : Destination="\Device\aswSP_Pot2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY3"
.\debug.cpp(400) : Destination="\Device\Video2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&SignatureF130F130Offset272C5ECC00Length130BAEB400#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\E:"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume4"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPSECDev"
.\debug.cpp(400) : Destination="\Device\IPSEC"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY4"
.\debug.cpp(400) : Destination="\Device\Video3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&33d5ef4b&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination="\Device\USBPDO-4"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_NDISWANIP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\00000045"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_23#_3#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination="\Device\00000057"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ATKACPI"
.\debug.cpp(400) : Destination="\Device\ATKACPI"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CLBStor"
.\debug.cpp(400) : Destination="\Device\CLBStor"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWMON"
.\debug.cpp(400) : Destination="\Device\aswMon"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDPROXY"
.\debug.cpp(400) : Destination="\Device\NDProxy"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#DiskSAMSUNG_HD502HJ_________________________1AJ100E4#32534230394a5341304234343830202020202020#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\Ide\IdeDeviceP3T0L0-1b"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi4:"
.\debug.cpp(400) : Destination="\Device\Ide\IdePort4"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_3A3C&SUBSYS_82D41043&REV_00#3&11583659&0&D7#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0005"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_3A37&SUBSYS_82D41043&REV_00#3&11583659&0&D0#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0002"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CDR4_XP"
.\debug.cpp(400) : Destination="\Device\PxHelperDevice0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&SignatureC9B0C9AOffset30D3CBAE00Length30D3CAB200#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume5"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e99e5bf2-8c74-11df-80f0-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{3c0d501a-140b-11d1-b40f-00a0c9223196}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\RdpDrDvMgr"
.\debug.cpp(400) : Destination="\Device\RdpDrDvMgr"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SFHLP01I"
.\debug.cpp(400) : Destination="\Device\SFHLP01I"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CompositeBattery"
.\debug.cpp(400) : Destination="\Device\CompositeBattery"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\F:"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume5"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WMIDataDevice"
.\debug.cpp(400) : Destination="\Device\WMIDataDevice"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#DiskSAMSUNG_SP2504C_________________________VT100-50#30535139314a5050333333393337202020202020#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\Ide\IdeDeviceP2T0L0-10"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi5:"
.\debug.cpp(400) : Destination="\Device\Ide\IdePort5"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\COM1"
.\debug.cpp(400) : Destination="\Device\Serial0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{E808EE0A-820C-413E-88B5-9A32738E7556}"
.\debug.cpp(400) : Destination="\Device\{E808EE0A-820C-413E-88B5-9A32738E7556}"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043837A&REV_1000#4&8ad042a&0&0001#{86841137-ed8e-4d97-9975-f2ed56b4430e}"
.\debug.cpp(400) : Destination="\Device\0000008c"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{26ef2047-0601-11df-84a3-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_23#_0#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination="\Device\00000054"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PIPE"
.\debug.cpp(400) : Destination="\Device\NamedPipe"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c5066e-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination="\Device\KSENUM#00000002"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{2eb07ea0-7e70-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\G:"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PSched"
.\debug.cpp(400) : Destination="\Device\PSched"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\UNC"
.\debug.cpp(400) : Destination="\Device\Mup"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_051d&Pid_0002#3B0948X29244__#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
.\debug.cpp(400) : Destination="\Device\USBPDO-8"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPNAT"
.\debug.cpp(400) : Destination="\Device\IPNAT"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_3A35&SUBSYS_82D41043&REV_00#3&11583659&0&E9#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0011"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{1A5B8631-D82B-42FA-ABDF-0F757017D059}"
.\debug.cpp(400) : Destination="\Device\{1A5B8631-D82B-42FA-ABDF-0F757017D059}"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD0"
.\debug.cpp(400) : Destination="\Device\USBFDO-0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWTDI"
.\debug.cpp(400) : Destination="\Device\ASWTDI"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ProDrv06"
.\debug.cpp(400) : Destination="\Device\ProDrv06"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Tcp"
.\debug.cpp(400) : Destination="\Device\Tcp"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_10DE&DEV_0615&SUBSYS_040110B0&REV_A2#4&399d3c6a&0&0008#{5b45201d-f2f2-4f3b-85bb-30ff1f953599}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0019"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FltMgrMsg"
.\debug.cpp(400) : Destination="\FileSystem\Filters\FltMgrMsg"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\LCD"
.\debug.cpp(400) : Destination="\Device\VideoPdo0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD1"
.\debug.cpp(400) : Destination="\Device\USBFDO-1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PTIMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\0000004b"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{486aa910-0526-11df-aac8-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume4"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PhysicalDrive0"
.\debug.cpp(400) : Destination="\Device\Harddisk0\DR0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_045e&Pid_006a&Col01#6&23e28f36&0&0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination="\Device\00000093"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PRN"
.\debug.cpp(400) : Destination="\DosDevices\LPT1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB20#4&290cafbe&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination="\Device\USBPDO-7"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_3A39&SUBSYS_82D41043&REV_00#3&11583659&0&D2#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0004"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD2"
.\debug.cpp(400) : Destination="\Device\USBFDO-2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{53172480-4791-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0001#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\00000049"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&SignatureC9B0C9AOffset7E00Length30D3CAB200#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume4"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\H:"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume6"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CdRom0"
.\debug.cpp(400) : Destination="\Device\CdRom0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PhysicalDrive1"
.\debug.cpp(400) : Destination="\Device\Harddisk1\DR1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043837A&REV_1000#4&8ad042a&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}"
.\debug.cpp(400) : Destination="\Device\0000008c"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\sysaudio"
.\debug.cpp(400) : Destination="\Device\sysaudio"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0303#4&cb33808&0#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination="\Device\0000007e"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e99e5bf5-8c74-11df-80f0-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume6"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\fsWrap"
.\debug.cpp(400) : Destination="\Device\FsWrap"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0002#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\0000004a"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD3"
.\debug.cpp(400) : Destination="\Device\USBFDO-3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{97ebaacb-95bd-11d0-a3ea-00a0c9223196}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{B736A52A-1353-48FB-B33F-91AD06A7F813}"
.\debug.cpp(400) : Destination="\Device\{B736A52A-1353-48FB-B33F-91AD06A7F813}"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_051d&Pid_0002#6&219d4532&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}"
.\debug.cpp(400) : Destination="\Device\00000092"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD4"
.\debug.cpp(400) : Destination="\Device\USBFDO-4"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_045e&Pid_006a&Col02#6&23e28f36&0&0001#{4d1e55b2-f16f-11cf-88cb-001111000030}"
.\debug.cpp(400) : Destination="\Device\00000094"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\fssfltr"
.\debug.cpp(400) : Destination="\Device\fssfltr"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_3A3A&SUBSYS_82D41043&REV_00#3&11583659&0&EF#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0013"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD5"
.\debug.cpp(400) : Destination="\Device\USBFDO-5"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_3A34&SUBSYS_82D41043&REV_00#3&11583659&0&E8#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0010"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#FixedButton#2&daba3ff&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination="\Device\0000005b"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0C0C#aa#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination="\Device\0000005a"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Global"
.\debug.cpp(400) : Destination="\GLOBAL??"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\I:"
.\debug.cpp(400) : Destination="\Device\CdRom0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0501#1#{86e0d1e0-8089-11d0-9ce4-08003e301f73}"
.\debug.cpp(400) : Destination="\Device\0000007f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD6"
.\debug.cpp(400) : Destination="\Device\USBFDO-6"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PxHelperDevice0"
.\debug.cpp(400) : Destination="\Device\PxHelperDevice0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomHL-DT-ST_DVDRAM_GSA-H42L________________SL00____#324b364536433448323020382020202020202020#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\Ide\IdeDeviceP0T1L0-3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50671-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination="\Device\KSENUM#00000002"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e99e5bf0-8c74-11df-80f0-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD7"
.\debug.cpp(400) : Destination="\Device\USBFDO-7"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&1bd273f9&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination="\Device\USBPDO-2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ProHlp02"
.\debug.cpp(400) : Destination="\Device\ProHlp02"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&SignatureF130F130Offset7E00LengthEC1FAB600#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{3e227e76-690d-11d2-8161-0000f8775bf1}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Cardex"
.\debug.cpp(400) : Destination="\Device\Cardex"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ad809c00-7b88-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{9ea331fa-b91b-45f8-9285-bd2bc77afcde}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{36743395-5E87-4E0A-9B39-D6EA4167457C}"
.\debug.cpp(400) : Destination="\Device\{36743395-5E87-4E0A-9B39-D6EA4167457C}"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e99e5bf3-8c74-11df-80f0-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume4"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&SignatureC9B0C9AOffset61A796DE00Length12C8842200#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume6"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0501#1#{4d36e978-e325-11ce-bfc1-08002be10318}"
.\debug.cpp(400) : Destination="\Device\0000007f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{39A51361-5097-4E71-9F50-100B52DEB791}"
.\debug.cpp(400) : Destination="\Device\{39A51361-5097-4E71-9F50-100B52DEB791}"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomHL-DT-ST_DVDRAM_GSA-H42L________________SL00____#324b364536433448323020382020202020202020#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\Ide\IdeDeviceP0T1L0-3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MountPointManager"
.\debug.cpp(400) : Destination="\Device\MountPointManager"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50674-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination="\Device\KSENUM#00000002"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\AAVMKER4"
.\debug.cpp(400) : Destination="\Device\AavmKer4"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e99e5bef-8c74-11df-80f0-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\CdRom0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_L2TPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\00000044"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_23#_2#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination="\Device\00000056"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SFHLP01"
.\debug.cpp(400) : Destination="\Device\SFHLP01"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MbDlDp32"
.\debug.cpp(400) : Destination="\Device\PxHelperDevice0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmConfig"
.\debug.cpp(400) : Destination="\Device\DmControl\DmConfig"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WanArp"
.\debug.cpp(400) : Destination="\Device\WANARP"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e99e5bf1-8c74-11df-80f0-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\RealTekCard"
.\debug.cpp(400) : Destination="\Device\RealTekCard"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#ftdisk#0000#{53f5630e-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\00000004"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{8ac05bb4-f827-11de-831c-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{8ac05bae-f827-11de-831c-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\CdRom0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USNTracker"
.\debug.cpp(400) : Destination="\Device\USNTracker"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{6162B91D-9DA9-41EF-84F8-D5A029ED52CB}"
.\debug.cpp(400) : Destination="\Device\{6162B91D-9DA9-41EF-84F8-D5A029ED52CB}"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmTrace"
.\debug.cpp(400) : Destination="\Device\DmControl\DmTrace"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&SignatureF130F130OffsetEC1FBB200Length186A629C00#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043837A&REV_1000#4&8ad042a&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination="\Device\0000008c"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043837A&REV_1000#4&8ad042a&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination="\Device\0000008c"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB20#4&3097edfd&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination="\Device\USBPDO-3"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDISWANIP"
.\debug.cpp(400) : Destination="\Device\NdisWanIp"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#dmio#0000#{53f5630e-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination="\Device\00000003"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi0:"
.\debug.cpp(400) : Destination="\Device\Ide\IdePort0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{bf963d80-c559-11d0-8a2b-00a0c9255ac1}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}"
.\debug.cpp(400) : Destination="\Device\KSENUM#00000002"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_10EC&DEV_8168&SUBSYS_83671043&REV_02#4&20515db1&0&00E5#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0021"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&14d59eda&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination="\Device\USBPDO-6"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_3A38&SUBSYS_82D41043&REV_00#3&11583659&0&D1#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0003"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_045e&Pid_006a&Col01#6&23e28f36&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}"
.\debug.cpp(400) : Destination="\Device\00000093"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{4747b320-62ce-11cf-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPTPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination="\Device\00000047"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK1"
.\debug.cpp(400) : Destination="\Device\ParTechInc0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}"
.\debug.cpp(400) : Destination="\Device\0000004f"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDISTAPI"
.\debug.cpp(400) : Destination="\Device\NdisTapi"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NdisWan"
.\debug.cpp(400) : Destination="\Device\NdisWan"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi1:"
.\debug.cpp(400) : Destination="\Device\Ide\IdePort1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPMULTICAST"
.\debug.cpp(400) : Destination="\Device\IPMULTICAST"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{8B8B1A86-5864-4B00-A680-B04562145EB8}"
.\debug.cpp(400) : Destination="\Device\{8B8B1A86-5864-4B00-A680-B04562145EB8}"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK2"
.\debug.cpp(400) : Destination="\Device\ParTechInc1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmLoader"
.\debug.cpp(400) : Destination="\Device\DmLoader"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Shadow"
.\debug.cpp(400) : Destination="\Device\LanmanRedirector"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_045e&Pid_006a#5&35eda8e7&0&1#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
.\debug.cpp(400) : Destination="\Device\USBPDO-9"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_3A36&SUBSYS_82D41043&REV_00#3&11583659&0&EA#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination="\Device\NTPNP_PCI0012"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&67e9d0c&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination="\Device\USBPDO-0"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK3"
.\debug.cpp(400) : Destination="\Device\ParTechInc2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ProSync1"
.\debug.cpp(400) : Destination="\Device\ProSync1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FltMgr"
.\debug.cpp(400) : Destination="\FileSystem\Filters\FltMgr"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FtControl"
.\debug.cpp(400) : Destination="\Device\FtControl"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\C:"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\aswSP_Avar"
.\debug.cpp(400) : Destination="\Device\aswSP_Avar"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWRDR"
.\debug.cpp(400) : Destination="\Device\ASWRDR"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MAILSLOT"
.\debug.cpp(400) : Destination="\Device\MailSlot"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\AUX"
.\debug.cpp(400) : Destination="\DosDevices\COM1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PQNTDRV"
.\debug.cpp(400) : Destination="\Device\PQNTDRV"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ndisuio"
.\debug.cpp(400) : Destination="\Device\Ndisuio"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#RDP_MOU#0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination="\Device\0000004e"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi2:"
.\debug.cpp(400) : Destination="\Device\Ide\IdePort2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NUL"
.\debug.cpp(400) : Destination="\Device\Null"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&3141bc6c&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination="\Device\USBPDO-1"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\GLOBALROOT"
.\debug.cpp(400) : Destination=""

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{486aa912-0526-11df-aac8-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume6"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPFILTER"
.\debug.cpp(400) : Destination="\Device\MSH_Filter"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#RDP_KBD#0000#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination="\Device\0000004d"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{e99e5bf4-8c74-11df-80f0-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume5"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{26ef2046-0601-11df-84a3-806d6172696f}"
.\debug.cpp(400) : Destination="\Device\HarddiskVolume2"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043837A&REV_1000#4&8ad042a&0&0001#{65e8773d-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination="\Device\0000008c"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&1d34232f&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination="\Device\USBPDO-5"

.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmInfo"
.\debug.cpp(400) : Destination="\Device\DmControl\DmInfo"

.\debug.cpp(451) : **********************************************
.\boot_cleaner.cpp(1077) : System volume is \\.\C:
.\boot_cleaner.cpp(1113) : \\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
.\boot_cleaner.cpp(424) : Boot sector MD5 is: d1d2ba68bb9b4db3d59d6b15035d0966
.\boot_cleaner.cpp(1151) :
.\boot_cleaner.cpp(1152) : Size Device Name MBR Status
.\boot_cleaner.cpp(1153) : --------------------------------------------
.\boot_cleaner.cpp(1197) : 232 GB \\.\PhysicalDrive0 Unknown boot code
.\boot_cleaner.cpp(1203) :
.\boot_cleaner.cpp(1209) : Unknown boot code has been found on some of your physical disks.
.\boot_cleaner.cpp(1211) : To inspect the boot code manually, dump the master boot sector:
.\boot_cleaner.cpp(1212) : remover.exe dump <device_name> [output_file]
.\boot_cleaner.cpp(1216) : To disinfect the master boot sector, use the following command:
.\boot_cleaner.cpp(1217) : remover.exe fix <device_name>
.\boot_cleaner.cpp(1220) :
.\boot_cleaner.cpp(1242) : Done;

az az érdekes, hogy csak egy vinyót ismert fel, de kettő van nekem, vagy látta mindkettőt?