Használj másik víruskeresőt. Pl. NOD32. Avval még nem volt ilyen.

System32\x
aha ez a conficker virus
akkor csinald eztet meg
http://www.virus-stell.com/2010/04/conficker.html
amit a Malwarebytes talal,torolni a logot tedd ide es a combofix logjat is,

Olvasgattam az Avast fórumot is kissé
Pénzért vett Avast CD is akadozik stb. káromkodnak rendesen páran

Persze ujrarakom és megy
Egy érdkesség
Blokkol valami rootkitt-et/System32\x/ és karanténbe teszi
Aztán minden oldalhoz mégis beugrik a tárcsázó és csatlakoznom kell
Ha ujrainditom a gépet, ez megszünik, virust nem talál ha futtatom

Valami azért ráragad ebböl a hálózatra?

by horex

nem horex,,ezttet,nem virus vagy rootkit okozza,,,it az Avast korul van a problema,,hogy miert esik mindig le nemtudom,,de talalkoztam evel a problemaval a forumonkon,eleg gyakran van pontosan ez a hiba,,,mindig segit az ujra telepites,,,talan az Avastnal van a problem,
udv

ROOTREPEAL (c) AD, 2007-2010
==================================================
Report Save Time: 2010/06/02 11:10
Program Version: Version 2.0.0.0
Windows Version: Windows XP SP2
==================================================

DRIVERS
-------------------
File Invisible dump_atapi.sys 0xf6afc000 C:\WINDOWS\System32\Drivers\dump_atapi.sys, 98304 bytes
File Invisible dump_WMILIB.SYS 0xf8a52000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS, 8192 bytes
File Invisible PROCEXP.SYS 0xf8a68000 C:\WINDOWS\system32\Drivers\PROCEXP.SYS, 5856 bytes
File Invisible rootrepeal.sys 0xec195000 C:\WINDOWS\system32\drivers\rootrepeal.sys, 49152 bytes

PROCESSES
-------------------
4 - System
152 - C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
232 - C:\PROGRAM FILES\UNLOCKER\UNLOCKERASSISTANT.EXE
244 - C:\PROGRAM FILES\DU METER\DUMETER.EXE
252 - C:\PROGRAM FILES\DRCS_XP\DRCS.EXE
272 - C:\PROGRAM FILES\PC TOOLS FIREWALL PLUS\FIREWALLGUI.EXE
344 - C:\Program Files\Ahead\InCD\InCD.exe
408 - C:\PROGRAM FILES\KWORLD\PC-TV FM\REMOTECTL.EXE
604 - C:\WINDOWS\SYSTEM32\ALG.EXE
828 - C:\WINDOWS\SYSTEM32\SMSS.EXE
876 - C:\PROGRAM FILES\PC TOOLS FIREWALL PLUS\FWSERVICE.EXE
940 - C:\WINDOWS\SYSTEM32\CSRSS.EXE
964 - C:\WINDOWS\SYSTEM32\WINLOGON.EXE
1008 - C:\WINDOWS\SYSTEM32\SERVICES.EXE
1020 - C:\WINDOWS\SYSTEM32\LSASS.EXE
1176 - C:\WINDOWS\SYSTEM32\SVCHOST.EXE
1260 - C:\WINDOWS\SYSTEM32\SVCHOST.EXE
1304 - C:\PROGRAM FILES\CYBERLINK\SHARED FILES\RICHVIDEO.EXE
1416 - C:\WINDOWS\SYSTEM32\SVCHOST.EXE
1440 - C:\Program Files\Ahead\InCD\InCDsrv.exe
1668 - C:\WINDOWS\EXPLORER.EXE
1752 - C:\WINDOWS\SYSTEM32\SVCHOST.EXE
1844 - C:\WINDOWS\SYSTEM32\SVCHOST.EXE
2668 - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
4028 - C:\Program Files\Alwil Software\Avast5\avastUI.exe
5084 - C:\Documents and Settings\apple\Asztal\RootRepeal.exe

FILES
-------------------

STEALTH CODE
-------------------

HIDDEN SERVICES
-------------------

SSDT
-------------------
SYSCALL OK, INT 0x2E OK, ServiceTable OK, Driver IAT OK
NtAllocateVirtualMemory C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b6b94
NtAssignProcessToJobObject C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b6586
NtClose C:\WINDOWS\System32\Drivers\aswSP.SYS 0xf32cec7a
NtConnectPort C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b65da
NtCreateFile C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b6640
NtCreateKey C:\WINDOWS\System32\Drivers\aswSP.SYS 0xf32ceb36
NtCreateProcess C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b672e
NtCreateProcessEx C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b67ba
NtCreateThread C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b684a
NtDebugActiveProcess C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b6980
NtDeleteKey C:\WINDOWS\System32\Drivers\aswSP.SYS 0xf32cf0ea
NtDeleteValueKey C:\WINDOWS\System32\Drivers\aswSP.SYS 0xf32cf014
NtDuplicateObject C:\WINDOWS\System32\Drivers\aswSP.SYS 0xf32ce70c
NtLoadDriver C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b6a3a
NtOpenKey C:\WINDOWS\System32\Drivers\aswSP.SYS 0xf32cec10
NtOpenProcess C:\WINDOWS\System32\Drivers\aswSP.SYS 0xf32ce64c
NtOpenSection C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b6ae4
NtOpenThread C:\WINDOWS\System32\Drivers\aswSP.SYS 0xf32ce6b0
NtProtectVirtualMemory C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b6bfa
NtQueryValueKey C:\WINDOWS\System32\Drivers\aswSP.SYS 0xf32ced30
NtRenameKey C:\WINDOWS\System32\Drivers\aswSP.SYS 0xf32cf1b8
NtRestoreKey C:\WINDOWS\System32\Drivers\aswSP.SYS 0xf32cecf0
NtResumeThread C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b6cb6
NtSecureConnectPort C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b6d74
NtSetValueKey C:\WINDOWS\System32\Drivers\aswSP.SYS 0xf32cee70
NtSuspendProcess C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b6dde
NtSystemDebugControl C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b6e30
NtTerminateProcess C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b6e90
NtWriteVirtualMemory C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b6ef4

SHADOW SSDT
-------------------
NtUserMessageCall C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b6f52
NtUserPostMessage C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b6fbe
NtUserPostThreadMessage C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b7022
NtUserSetWindowsHookEx C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b70f6
NtUserSetWinEventHook C:\WINDOWS\system32\drivers\PCTAppEvent.sys 0xf40b7086

CALLBACKS
-------------------

hm,ez renben van,,mast nem latok,,de meg megnezuk a rootkiteket.
tolds le
RootRepeal Beta tedd az asztalra.
* mindent bezarsz es futtatod RootRepeal.exe
* kinyilt ablakban klik Report jobb oldalon lent.
* kliknite scan.
* a kovetkezo ablakban bepipazol mindent-klik ok
* a program befejezi a scant,,a logot tedd az asztalra,,aztan tedd ide.

Aszongya vizsgálták már
http://www.virustotal.com/hu/analisis/9 ... 1275304959

Teszteld le a www.virustotal.com
C:\WINDOWS\WMSysPr9.prx
a linket a tesztrol tedd ide.

Se warez se pornó. ez utóbbi néha, de nem köthető az AVast kilövéséhez
AV-t nem tudtam pl feltenni a szomszéd gépére, 2 változat is kiszállt valami hibauzenettel
Avira felment rá

OTL logfile created on: 2010.06.02. 9:25:47 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\apple\Asztal
Windows XP Professional Edition Szervizcsomag 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040E | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.

511,00 Mb Total Physical Memory | 296,00 Mb Available Physical Memory | 58,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 5,85 Gb Total Space | 1,11 Gb Free Space | 19,02% Space Free | Partition Type: FAT32
Drive D: | 68,68 Gb Total Space | 55,26 Gb Free Space | 80,46% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
Drive F: | 17,12 Gb Total Space | 9,24 Gb Free Space | 53,97% Space Free | Partition Type: FAT32
Drive G: | 1,01 Gb Total Space | 0,46 Gb Free Space | 45,32% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BSAFTPZ-8C1F5DD
Current User Name: apple
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.02 09:22:56 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\apple\Asztal\OTL.exe
PRC - [2010.05.06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009.02.23 09:49:16 | 002,652,056 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
PRC - [2008.12.11 15:58:44 | 000,146,800 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe
PRC - [2008.05.02 06:15:48 | 000,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2004.09.13 11:51:06 | 001,450,096 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCD.exe
PRC - [2004.09.13 11:49:42 | 001,192,050 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe
PRC - [2004.08.25 10:26:48 | 001,465,856 | ---- | M] (Hagel Technologies) -- C:\Program Files\DU Meter\DUMeter.exe
PRC - [2004.08.17 15:47:58 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2001.10.09 16:41:14 | 000,143,360 | ---- | M] () -- C:\Program Files\KWorld\PC-TV FM\RemoteCtl.exe
PRC - [2001.04.22 18:19:28 | 000,315,392 | ---- | M] (Dalton Electronics) -- C:\Program Files\drcs_xp\DRCS.exe


========== Modules (SafeList) ==========

MOD - [2010.06.02 09:22:56 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\apple\Asztal\OTL.exe
MOD - [2008.05.02 06:15:36 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2004.08.17 15:42:00 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004.08.03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008.12.11 15:58:44 | 000,146,800 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)
SRV - [2004.09.13 11:49:42 | 001,192,050 | ---- | M] (Ahead Software AG) [Auto | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrvR) InCD Helper (read only)
SRV - [2004.09.13 11:49:42 | 001,192,050 | ---- | M] (Ahead Software AG) [Auto | Running] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)


========== Driver Services (SafeList) ==========

DRV - [2010.05.06 22:39:24 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.05.06 22:34:28 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.05.06 22:34:00 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.05.06 22:33:48 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.05.06 22:33:30 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.01.21 09:38:32 | 000,095,640 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2008.12.18 12:16:56 | 000,073,840 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2008.12.11 08:38:22 | 000,159,600 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2008.09.22 11:29:18 | 000,097,408 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctfw.sys -- (SFilter)
DRV - [2004.09.13 11:54:54 | 000,027,648 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDrm.sys -- (incdrm)
DRV - [2004.09.13 11:54:46 | 000,028,672 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2004.09.13 11:54:06 | 000,093,440 | ---- | M] (Ahead Software AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2004.08.26 09:35:26 | 000,183,534 | ---- | M] (Inside Out Networks) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\edgeser.sys -- (EdgeSer)
DRV - [2004.08.17 16:02:36 | 000,063,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mf.sys -- (mf)
DRV - [2004.08.03 23:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004.08.03 22:32:24 | 000,010,880 | ---- | M] (Aureal, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\admjoy.sys -- (admjoy)
DRV - [2004.08.03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004.01.21 15:53:22 | 000,027,110 | ---- | M] (Inside Out Networks) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ionenum.sys -- (Ionenum)
DRV - [2001.11.06 08:20:00 | 000,265,512 | R--- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BT848.sys -- (BT848)
DRV - [2001.08.17 20:19:14 | 000,747,392 | ---- | M] (Aureal, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\adm8830.sys -- (wdm_au8830) Aureal Vortex 8830 audio-illesztőprogram (WDM)
DRV - [2001.03.07 12:30:00 | 000,018,944 | R--- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\bttuner.sys -- (BTTUNER)
DRV - [1999.07.21 11:28:00 | 000,013,308 | R--- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btxbar.sys -- (BTXBAR)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2010.05.31 20:35:56 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [DRCS] C:\Program Files\drcs_xp\DRCS.exe (Dalton Electronics)
O4 - HKLM..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe (Hagel Technologies)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Ahead Software AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKCU..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult\PC-TV FM Remote Control.lnk = C:\Program Files\KWorld\PC-TV FM\RemoteCtl.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Jelenlegi saját honlap) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Lanka.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Lanka.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.07.31 13:11:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.07.31 11:44:56 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)

========== Files/Folders - Created Within 7 Days ==========

[2010.06.02 09:22:52 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\apple\Asztal\OTL.exe
[2010.06.02 08:31:32 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.06.02 08:31:32 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.06.02 08:31:32 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.06.02 08:31:31 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.06.02 08:31:31 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.06.02 08:31:31 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.06.02 08:31:30 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.06.02 08:31:18 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.06.02 08:31:18 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010.06.01 21:57:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\apple\Local Settings\Application Data\Ahead
[2010.06.01 17:33:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\apple\Application Data\Ahead
[2010.06.01 16:34:32 | 002,146,304 | ---- | C] (Ahead Software AG) -- C:\WINDOWS\UNMRW.exe
[2010.06.01 16:34:30 | 000,027,648 | ---- | C] (Ahead Software AG) -- C:\WINDOWS\System32\drivers\InCDrm.sys
[2010.06.01 16:34:01 | 002,146,304 | ---- | C] (Ahead Software AG) -- C:\WINDOWS\NuNinst.exe
[2010.06.01 16:33:57 | 000,093,440 | ---- | C] (Ahead Software AG) -- C:\WINDOWS\System32\drivers\InCDfs.sys
[2010.06.01 16:33:57 | 000,028,672 | ---- | C] (Ahead Software AG) -- C:\WINDOWS\System32\drivers\InCDpass.sys
[2010.06.01 16:33:57 | 000,007,680 | ---- | C] (Ahead Software AG) -- C:\WINDOWS\System32\drivers\InCDrec.sys
[2010.06.01 16:33:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\InCD
[2010.06.01 16:29:10 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2010.06.01 16:29:02 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2010.06.01 16:29:02 | 000,364,544 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\TwnLib4.dll
[2010.06.01 16:29:02 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2010.06.01 16:29:01 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2010.06.01 16:29:01 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2010.06.01 16:28:59 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll
[2010.06.01 16:28:55 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2010.06.01 16:28:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2010.06.01 16:28:49 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2010.06.01 14:30:08 | 000,000,000 | -HSD | C] -- C:\Recycled
[2010.05.31 20:37:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.05.31 20:31:05 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.05.31 20:31:05 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.05.31 20:31:05 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.05.31 20:31:05 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.05.30 13:43:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{0AAEEE77-0A0D-46F3-9981-B304A513B9DF}
[2010.05.30 13:43:24 | 000,000,000 | ---D | C] -- C:\Program Files\VateraPST2
[2010.05.30 13:43:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\VateraPst
[2010.05.30 07:54:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\apple\Application Data\K-Meleon
[2010.05.30 07:54:47 | 000,353,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2010.05.30 07:49:56 | 000,000,000 | ---D | C] -- C:\melon
[2010.05.30 07:47:44 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010.05.30 07:42:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\apple\Recent
[2010.05.27 23:24:35 | 000,082,432 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4r.dll
[2010.05.27 23:24:35 | 000,044,544 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll
[2010.05.27 07:45:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010.05.26 23:14:59 | 000,000,000 | ---D | C] -- C:\Program Files\Snapshot
[2010.05.26 20:42:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2010.06.02 09:24:58 | 000,012,836 | ---- | M] () -- C:\WINDOWS\THPTBL.DTA
[2010.06.02 09:24:58 | 000,000,720 | ---- | M] () -- C:\WINDOWS\FMCFG.DTA
[2010.06.02 09:24:56 | 000,001,983 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010.06.02 09:22:56 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\apple\Asztal\OTL.exe
[2010.06.02 08:32:16 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.02 08:31:34 | 000,001,610 | ---- | M] () -- C:\Documents and Settings\All Users\Asztal\avast! Free Antivirus.lnk
[2010.06.02 08:31:32 | 000,002,904 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.06.02 08:29:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.02 08:29:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.02 08:29:04 | 003,407,872 | -H-- | M] () -- C:\Documents and Settings\apple\NTUSER.DAT
[2010.06.02 08:28:56 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\apple\ntuser.ini
[2010.06.02 08:28:54 | 004,792,266 | -H-- | M] () -- C:\Documents and Settings\apple\Local Settings\Application Data\IconCache.db
[2010.06.01 20:51:24 | 000,192,350 | ---- | M] () -- C:\niki.jpg
[2010.06.01 16:33:00 | 000,001,123 | ---- | M] () -- C:\Documents and Settings\All Users\Asztal\Nero StartSmart.lnk
[2010.06.01 16:32:30 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010.05.31 22:54:40 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Asztal\Skype.lnk
[2010.05.31 20:36:06 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.05.31 20:14:12 | 003,701,740 | R--- | M] () -- C:\Documents and Settings\apple\Asztal\ComboFix.exe
[2010.05.31 20:06:56 | 000,000,538 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.05.31 20:06:56 | 000,000,290 | RHS- | M] () -- C:\boot.ini
[2010.05.31 16:52:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.30 13:43:30 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\VateraPST2 Updates.job
[2010.05.30 13:43:26 | 000,000,555 | ---- | M] () -- C:\Documents and Settings\All Users\Asztal\VateraPST2.lnk
[2010.05.30 07:43:20 | 000,052,844 | ---- | M] () -- C:\cc_20100530_074302.reg
[2010.05.30 00:19:06 | 000,000,183 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2010.05.28 13:42:04 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\apple\Asztal\Parancsikon - snapshot.lnk
[2010.05.28 13:21:18 | 000,000,031 | ---- | M] () -- C:\snap.bat
[2010.05.26 22:10:06 | 000,000,084 | ---- | M] () -- C:\WINDOWS\winamp.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.02 08:31:32 | 000,001,610 | ---- | C] () -- C:\Documents and Settings\All Users\Asztal\avast! Free Antivirus.lnk
[2010.06.01 20:51:22 | 000,192,350 | ---- | C] () -- C:\niki.jpg
[2010.06.01 17:25:18 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.01 16:34:33 | 000,055,925 | ---- | C] () -- C:\WINDOWS\UNMRW.cfg
[2010.06.01 16:34:02 | 000,056,041 | ---- | C] () -- C:\WINDOWS\NuNinst.cfg
[2010.06.01 16:32:59 | 000,001,123 | ---- | C] () -- C:\Documents and Settings\All Users\Asztal\Nero StartSmart.lnk
[2010.05.31 20:31:05 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.05.31 20:31:05 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.05.31 20:31:05 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.05.31 20:31:05 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.05.31 20:31:05 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.05.31 20:14:10 | 003,701,740 | R--- | C] () -- C:\Documents and Settings\apple\Asztal\ComboFix.exe
[2010.05.30 13:43:28 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\VateraPST2 Updates.job
[2010.05.30 13:43:25 | 000,000,555 | ---- | C] () -- C:\Documents and Settings\All Users\Asztal\VateraPST2.lnk
[2010.05.30 07:43:10 | 000,052,844 | ---- | C] () -- C:\cc_20100530_074302.reg
[2010.05.28 13:42:03 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\apple\Asztal\Parancsikon - snapshot.lnk
[2010.05.28 13:19:16 | 000,000,031 | ---- | C] () -- C:\snap.bat
[2010.05.19 19:07:20 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.05.19 19:07:20 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.05.15 18:07:16 | 000,006,399 | ---- | C] () -- C:\WINDOWS\fwupgrade.ini
[2010.05.10 23:06:03 | 000,000,084 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2010.05.08 19:52:07 | 000,000,183 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2009.07.31 15:59:20 | 000,001,983 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2009.07.31 13:44:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2009.07.31 13:44:45 | 000,744,928 | ---- | C] () -- C:\WINDOWS\System32\SV221BW.DLL
[2009.07.31 13:44:45 | 000,225,832 | ---- | C] () -- C:\WINDOWS\System32\TL221BW.DLL
[2009.07.31 13:41:12 | 000,155,648 | ---- | C] () -- C:\WINDOWS\878Map.drv
[2009.07.31 13:37:26 | 000,265,512 | R--- | C] () -- C:\WINDOWS\System32\drivers\BT848.sys
[2004.09.16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004.09.16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2004.08.17 15:47:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004.07.17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

========== LOP Check ==========

[2009.07.31 14:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009.11.12 11:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hagel Technologies
[2010.05.03 14:38:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010.05.21 10:48:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2010.05.30 13:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VateraPst
[2010.05.30 13:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{0AAEEE77-0A0D-46F3-9981-B304A513B9DF}
[2010.05.30 13:43:30 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\VateraPST2 Updates.job

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
[2004.08.17 15:46:56 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=9BF16BF2A92E9946C034947E45C6FB4E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2004.08.17 15:46:56 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=9BF16BF2A92E9946C034947E45C6FB4E -- C:\WINDOWS\system32\eventlog.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 17:46:56 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=9BF16BF2A92E9946C034947E45C6FB4E -- C:\WINDOWS\system32\dllcache\eventlog.dll

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2004.08.17 15:47:26 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=DE117DA3508ECAAECEA21901DBA31DAB -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2004.08.17 15:47:26 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=DE117DA3508ECAAECEA21901DBA31DAB -- C:\WINDOWS\system32\scecli.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 17:47:26 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=DE117DA3508ECAAECEA21901DBA31DAB -- C:\WINDOWS\system32\dllcache\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2004.08.17 15:47:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=38A4E873DEBBA38F1E7E8D9D6AF593D8 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2004.08.17 15:47:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=38A4E873DEBBA38F1E7E8D9D6AF593D8 -- C:\WINDOWS\system32\netlogon.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 17:47:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=38A4E873DEBBA38F1E7E8D9D6AF593D8 -- C:\WINDOWS\system32\dllcache\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< %SYSTEMDRIVE%\viamraid.sys /s /md5 >

< %SYSTEMDRIVE%\nvata.sys /s /md5 >

< %SYSTEMROOT%\*. /mp /s >

< %SYSTEMROOT%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMROOT%\Tasks\*.job /lockedfiles >
< End of report >

Szia
Biztosan sokkat pornozol,,vagy crackolsz,vagy warez,vagy hasonlo butasagok,,
Letölteni az asztalra>OTListIt2>> http://oldtimer.geekstogo.com/OTL.exe
-Futtatni
-file age át változtatni 30 > 7day rá.
-bepipázni:
*Scan all users.
*Lop check.
*Purity check.
-v szekcióba Extra Registry>bepöttyözni>Use SafeList
-alol az ablakba masold be a zold textet
-KLIKK>Run Scan

a logjat tedd ide,

Üdv Stell
Tegnapelött kilőtte magát az Avast
Felraktam ujból, ma megint kilőtte
Eseménynaplóban semmi

Mi a fene ez?? Kezdem unni

by horex

Ok,nincsen mit,
udv

Rendben, köszönöm. Keriot nem találtam csak ezt a Sunbelt Személyi Tűzfalat. Ez ugye elvileg a Kerio csak más cég csinálja.

Igen,ez uj forum,ezert volt hiba,,,akkor ok,,en szerintem mar nincsen virus,,,de probald ki es majd ird meg a hejzettet.

Ö izé, azért nem jelentkeztem napokig mert akárhányszor a terminál fórumra akartam jönni ez fogadott: "Szolgáltatásunk átmenetileg nem elérhető, kérjük szíves türelmét." Aztán most google-be beírtam a terminál fórumot ott rátaláltam erre az új külsejü fórumra. Ez most mi?
Csináltam egy memtest-et ahogy kérted a memtest86+ 4.10-es verzióval. Alapbeállításokkal ment egy éjszakát kb 9 órát 7x ért végig a teszt, de nem volt error. Akkor megnézem ezt a KERIO tűzfalat, jókat hallottam róla. Ezzel készen leszünk akkor vagy még van vírus is a gépemen és azt is le kell gyilkolni?

It nem arrol van szo hogy rosz,hanem hogy a geped nem szereti a ZoneAlarmot,osze akad ,es ez csinalta a kekhalalt,,ha nem tetszik a PCTOOLS akkor telepitsd a KERIO-tuzfalat,,,ido van eleg,

Most el kell mennem elintézni valamit, majd este mikor megjövök megcsinálom amit írtál aztán vagy ma vagy holnap folytatjuk, hanem gond. Köszönöm.

Ennyire rossz a ZoneAlarm tűzfal? PCTools volt fent mert Te mondtad, de annyira idegesített, mert mindig 28 ezer ablak ugrott fel minden programindításkor, és egy csomónál nem lehetett beállítani, hogy jegyezze meg (pipa négyzetben). Teljes képernyős játékoknál meg ez a felugró ablak a háttérben szépen megfagyasztotta a játékot, odafagyott az aktuális kép a képernyőre és a se ctrl+alt+del se alt+F4 nem segített mivel a kép miatt nem láttam. Nem értek annyira a tűzfalakhoz, de nem lehet beállítani azt, hogy csak kívűlről védjen a futó programokat a gépemen ne nézze vagy az akkor semmit sem ér?

Ok,szed le a geprol a ZoneAlarm tuzfalat,,es hasznald ezt a Removert is
http://www.zonealarm.com.au/main/kb_dis ... KBID=11433

Aztan hejete rakd fel a PCTOOLS tuzfalat,,
Minden esetre csinaljal MEMTESTET.

Szóval az első analízis az a 23-ai kékhalál a második meg előtte volt 19-én.

Biztos ami biztos megcsináltam ezt is.

Debugging Details:
------------------


IRP_ADDRESS: 8a5b0008

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0x44

PROCESS_NAME: winlogon.exe

LAST_CONTROL_TRANSFER: from 804f18dc to 804f9f33

STACK_TEXT:
ad259748 804f18dc 00000044 8a5b0008 00000d64 nt!KeBugCheckEx+0x1b
ad259780 8056edc4 e220c150 e220c170 00000000 nt!IopfCompleteRequest+0x2ce
ad2597b0 8056ee0e 8a5b0008 e220c150 00000000 nt!FsRtlNotifyCompleteIrp+0x124
ad2597d8 8056f715 e220c150 0000010b e2279008 nt!FsRtlNotifyCompleteIrpList+0x3c
ad259820 b9d56b8a 8a8bf140 8a7c5400 e2279268 nt!FsRtlNotifyCleanup+0x63
ad259a30 b9d3cd4d ad259a4c 88f44b98 00000000 Ntfs!NtfsCommonCleanup+0x92e
ad259ba8 acfd669f 8a7c5020 88f44b98 8a7dca98 Ntfs!NtfsFsdCleanup+0xcf
WARNING: Stack unwind information not available. Following frames may be wrong.
ad259bc0 804ef18f 8a7c5020 88f44b98 8a8b7268 aswSP+0x1569f
ad259bd0 b9dbfbbf 8a7bc840 8a7dcc18 ad259c1c nt!IopfCallDriver+0x31
ad259be0 804ef18f 8a7dc9e0 88f44b98 88f44b98 sr!SrCleanup+0xb3
ad259bf0 b9dd109e 88f4b008 8a8b7818 88f44d70 nt!IopfCallDriver+0x31
ad259c1c 804ef18f 8a7bc840 88f44b98 88f44d94 fltMgr!FltpDispatch+0x152
ad259c2c aa08b9e3 8a6d9648 8a302bc0 88f44ba8 nt!IopfCallDriver+0x31
ad259c50 aa085a34 89cf8480 88f44b98 ad259ca0 aswMon2+0x69e3
ad259c60 804ef18f 89cf8480 88f44b98 88f44b98 aswMon2+0xa34
ad259c70 80583953 8a6d9630 00000070 8a8d6730 nt!IopfCallDriver+0x31
ad259ca0 805bca0a 8a6d4908 89cf8480 00160001 nt!IopCloseFile+0x26b
ad259cd4 805bc333 8a6d4908 00000001 8a8d6730 nt!ObpDecrementHandleCount+0xd8
ad259cfc 805bc3d1 e1cc3f08 8a6d9648 000001f4 nt!ObpCloseHandleTableEntry+0x14d
ad259d44 805bc509 000001f4 00000001 00000000 nt!ObpCloseHandle+0x87
ad259d58 8054161c 000001f4 00b3ffb4 7c90e4f4 nt!NtClose+0x1d
ad259d58 7c90e4f4 000001f4 00b3ffb4 7c90e4f4 nt!KiFastCallEntry+0xfc
00b3ffb4 00000000 00000000 00000000 00000000 0x7c90e4f4


STACK_COMMAND: kb

FOLLOWUP_IP:
aswSP+1569f
acfd669f ?? ???

SYMBOL_STACK_INDEX: 7

SYMBOL_NAME: aswSP+1569f

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: aswSP

IMAGE_NAME: aswSP.SYS

DEBUG_FLR_IMAGE_TIMESTAMP: 4be328e2

FAILURE_BUCKET_ID: 0x44_aswSP+1569f

BUCKET_ID: 0x44_aswSP+1569f

Followup: MachineOwner
---------

Debugging Details:
------------------


READ_ADDRESS: 00000002

CURRENT_IRQL: 2

FAULTING_IP:
wanarp!WanpSendPackets+88
ba1cd390 3930 cmp dword ptr [eax],esi

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0xD1

PROCESS_NAME: vsmon.exe

LAST_CONTROL_TRANSFER: from ba1cd707 to ba1cd390

STACK_TEXT:
aa0c15cc ba1cd707 8a6d8ea0 88f644f8 892d34f8 wanarp!WanpSendPackets+0x88
aa0c1610 ad077adc 8a6d8ea0 aa0c1700 00000001 wanarp!WanIpTransmit+0x14f
aa0c174c ad05e305 ad095b34 89236160 89a82020 tcpip!IPTransmit+0x723
aa0c17ec ad05e0cc 8a6adba0 89236160 890520c0 tcpip!UDPSend+0x41b
aa0c1810 ad05e132 000c1834 89052008 89a82060 tcpip!TdiSendDatagram+0xd5
aa0c1848 ad05a881 890520c0 89052154 89052154 tcpip!UDPSendDatagram+0x4f
aa0c1864 acff72d6 8a4d4120 890520c0 acffe782 tcpip!TCPDispatchInternalDeviceControl+0xff
WARNING: Stack unwind information not available. Following frames may be wrong.
aa0c19fc 804ef18f 8a4d4120 890520c0 89f49fb0 vsdatant+0x5b2d6
aa0c1a90 acf7cba3 aa0c1b00 ba1be530 0007fe67 nt!IopfCallDriver+0x31
aa0c1aa8 804ef18f 8a4d4120 890520c0 8907eef0 afd!AfdCopyBufferArrayToBuffer+0x3a
aa0c1b10 acf7cb5e 80562134 027af850 acf7cb5e nt!IopfCallDriver+0x31
aa0c1c5c 80580487 88d90bf8 00000001 027af720 afd!AfdFastIoDeviceControl+0x2a7
aa0c1d00 80579274 00000518 000006f4 00000000 nt!IopXxxControlFile+0x255
aa0c1d34 8054161c 00000518 000006f4 00000000 nt!NtDeviceIoControlFile+0x2a
aa0c1d34 7c90e4f4 00000518 000006f4 00000000 nt!KiFastCallEntry+0xfc
027af810 00000000 00000000 00000000 00000000 0x7c90e4f4


STACK_COMMAND: kb

FOLLOWUP_IP:
wanarp!WanpSendPackets+88
ba1cd390 3930 cmp dword ptr [eax],esi

SYMBOL_STACK_INDEX: 0

SYMBOL_NAME: wanarp!WanpSendPackets+88

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: wanarp

IMAGE_NAME: wanarp.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 48025790

FAILURE_BUCKET_ID: 0xD1_wanarp!WanpSendPackets+88

BUCKET_ID: 0xD1_wanarp!WanpSendPackets+88

Followup: MachineOwner
---------



Volt egy másik kék halál is 19-én. Arról is csináljak ilyen analízist?

Hehe, egyszerre írtunk szóval nem láttam csak most a 2. hozzászólásod. Rendben akkor csinálom azt.

van ido,majd holnap megnezem,,de ne toltsed azt a nagy fajlt amibe az iso-van,,hanem azt tolds le amit adtam,16.9mb.

Igazán nem tudom miért kérdezek hülyeségeket. Elég egyértelműen le van írva mi a teendő. Elkezdtem a letöltés kb még fél óra míg lent lesz. Majd jelentkezem az eredménnyel. Egy frankó kis vihar is közeledik felénk szóval áramszünet is várható.

http://msdl.microsoft.com/download/symb ... .1.404.msi
Nem,tolds le eztet es csinald ugy ahogy le van irva a blogomba.

Na most lett időm ehez. Szóval nekem most le kell töltenem azt a 620 MB-os WDK-t majd kiírni CD-re és onnan installálni? Mert a Microsoft oldalán azt írja hogy az a debugger a része ennek a WDK-nak.

ok
most csinalj kekhalal elemzest
http://www.virus-stell.com/2010/04/kek- ... mzese.html

Egy másik érdekes jelenség, hogy pár napja csináltam egy töredezettségmentesítést és az eredmény az lett, hogy ugyanannyira töredezett lett utána csak máshogy nézett ki. Tudom hogy ez hülyén hangzott, de gondolom érted.
Nem hiszem el, hogy ennyire balfék vagyok és összeszedek miden fránya vírust meg trojant meg miegymást.

Meg csinált egy info.txt-t is azt is bemásolom.

info.txt logfile of random's system information tool 1.06 2010-05-25 05:24:35

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
-->MsiExec.exe /I{9AA761E6-CA51-4FF2-A552-D51638BF0595}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACDSee Trial-->C:\PROGRA~1\ACDSYS~1\ACDSee\UNWISE.EXE C:\PROGRA~1\ACDSYS~1\ACDSee\INSTALL.LOG
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001}
Alexander-->E:\Games\Alexander\uninstall.exe
Alien Shooter - Vengeance-->C:\Games\Alien Shooter 2\Uninstall\uninstall.exe /C "/U:C:\Games\Alien Shooter 2\Uninstall\uninstall.xml"
Apple Application Support-->MsiExec.exe /I{553255F3-78FD-40F1-A6F8-6882140265FE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assassin's Creed-->C:\Program Files\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x0009 -removeonly
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avant Browser (remove only)-->"C:\Program Files\Avant Browser\uninst.exe"
avast! Free Antivirus-->C:\Program Files\Avast5\aswRunDll.exe "C:\Program Files\Avast5\Setup\setiface.dll" RunSetup
AVG Anti-Rootkit Free-->C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe
AVI Movie Player-->C:\Program Files\AVI Movie Player\uninstall.exe
Catalyst Control Center - Branding-->MsiExec.exe /I{CF929EEB-CE39-4F06-B1BF-F51FC617A2B2}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
ColdFear-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C14901F-ED9D-40B5-8FE5-1BAF3D31F73B}\setup.exe" -l0x9 -removeonly
Command & Conquer 3-->MsiExec.exe /I{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}
Command & Conquer™ 3: Kane's Wrath-->MsiExec.exe /I{CC2422C9-F7B5-4175-B295-5EC2283AA674}
Conquest: Frontier Wars-->"E:\Games\Conquest Frontier Wars\UNINSTAL.EXE" /runtemp /addremove
Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
Dawn of War - Soulstorm-->"C:\Program Files\InstallShield Installation Information\{20533183-D42D-4261-A125-956736FBEA8C}\setup.exe" -runfromtemp -l0x0009 -removeonly
Dead Space™-->MsiExec.exe /X{4D87DC92-C328-46EC-A7B4-9C88129DC696}
Diablo II-->C:\WINDOWS\DIIUnin.exe C:\WINDOWS\DIIUnin.dat
Driver Sweeper 2.0.5-->"C:\Program Files\Driver Sweeper\unins000.exe"
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
Earth 2150 - Lost Souls-->C:\Games\EARTH2~1\UNWISE.EXE /U C:\Games\EARTH2~1\INSTALL.LOG
EasyCleaner-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
EVEREST Ultimate Edition v5.01-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
ffdshow [rev 3014] [2009-06-20]-->"C:\Program Files\ffdshow\unins000.exe"
foobar2000 v0.9.6.9-->"C:\Program Files\foobar2000\uninstall.exe" _?=C:\Program Files\foobar2000
Fraps-->"C:\Fraps\uninstall.exe"
Half-Life 2-->"C:\Games\Steam\steam.exe" steam://uninstall/220
Hamachi 1.0.2.2-->C:\Program Files\Hamachi\uninstall.exe
Heart Of Darkness-->E:\Games\HEARTO~1\UNWISE.EXE E:\Games\HEARTO~1\INSTALL.LOG
Heroes of Annihilated Empires-->"E:\Games\Heroes of AE\unins000.exe"
ImgBurn-->"C:\Program Files\ImgBurn\uninstall.exe"
Indeo® Software-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ligos\Indeo\Uninst.isu" -c"C:\Program Files\Ligos\Indeo\Indeo System Files\indounin.dll"
IsoBuster 2.3-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
jv16 PowerTools 2008-->"C:\Program Files\jv16 PowerTools 2008\unins000.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - HUN-->MsiExec.exe /I{D13EB4BD-8A13-35D1-9850-C29AF6D91CD1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - HUN-->MsiExec.exe /I{18B29862-C3E7-3AFC-831F-039FB8717BC5}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5 Language Pack - hun-->MsiExec.exe /I{27E8FE87-158D-30A8-A385-A68756C1F9D8}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
Microsoft Office 2000 SR-1 Professional-->MsiExec.exe /I{0001040E-78E1-11D2-B60F-006097C998E7}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual J# 2.0 Redistributable Package-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package\install.exe
Mozilla Firefox (3.5.9)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MPlayer-->"C:\Program Files\MPlayer\Uninstall.exe" "C:\Program Files\MPlayer\install.log"
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Nero 7 Ultra Edition-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301033}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nyelvi csomag a Microsoft .NET-keretrendszer 3.5-ös verziójához – HUN-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - hun\setup.exe
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
PeerBlock 1.0.0 (r181)-->"C:\Program Files\PeerBlock\unins000.exe"
PeerGuardian 2.0-->"C:\Program Files\PeerGuardian2\unins000.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\SETUP.EXE -runfromtemp -l0x000e -removeonly
RegSupreme Pro 1.0-->"C:\Program Files\RegSupreme Pro\unins000.exe"
Rise Of Legends-->C:\Program Files\InstallShield Installation Information\{CADDE354-C78C-46CB-A006-E2B178EFC271}\setup.exe -runfromtemp -l0x040e
Rogue Trooper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5B6C0B5-EC21-4E7C-9B4B-6DD162BE5AEC}\setup.exe"
Runes of Magic-->"E:\Games\Runes of Magic\unins000.exe"
SeaTools for Windows-->MsiExec.exe /I{98613C99-1399-416C-A07C-1EE1C585D872}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Source SDK Base - Orange Box-->"C:\Games\Steam\steam.exe" steam://uninstall/218
Star Wars Republic Commando-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}\Setup.exe" -l0x9
Starcraft-->C:\WINDOWS\SCunin.exe C:\WINDOWS\SCunin.dat
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Supreme Commander - Forged Alliance-->C:\Program Files\InstallShield Installation Information\{31D95937-B237-405D-920C-A3EF4E482395}\setup.exe -runfromtemp -l0x0009 -removeonly
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
Titan Quest Immortal Throne-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}\setup.exe" -l0x9 -removeonly
Titan Quest-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}\setup.exe" -l0x9 -removeonly
Tomb Raider: Anniversary 1.0-->e:\Games\Tomb Raider - Anniversary\uninsttra.exe
Tomb Raider: Legend 1.2-->e:\Games\Tomb Raider - Legend\uninsttrl.exe
TQ Defiler-->MsiExec.exe /I{10209B87-55D6-493E-A30A-12A265AA324E}
TQVault-->MsiExec.exe /I{51592501-CFCE-4570-A0B8-8B14E40BF23A}
Tzar-->C:\WINDOWS\IsUninst.exe -fe:\games\Tzar\Uninst.isu
Universe at War Earth Assault-->"C:\Program Files\InstallShield Installation Information\{D4658131-9D1A-4395-876D-968E38FE8ED5}\setup.exe" -runfromtemp -l0x0409 -removeonly
Universe at War Earth Assault-->MsiExec.exe /X{D4658131-9D1A-4395-876D-968E38FE8ED5}
USB Gamepad-->C:\Program Files\SM2F91\uninst.exe
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Video Card Stability Test-->C:\Program Files\Video Card Stability Test\uninstall.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
War Front magyar verzió-->"E:\Games\War Front Turning Point\unins000.exe"
Windows Commander (Remove or Repair)-->c:\wincmd\wcuninst.exe
Windows illesztőprogram-csomag - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_80A891E3966D00DC24D225AB848FFBB3BF5D9FF3\amdk8.inf
Windows Internet Explorer 7 biztonsági frissítés - KB950759-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Windows Live bejelentkezési segéd-->MsiExec.exe /I{733EB793-0840-4D69-97AA-6934FC79DB16}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{5D63D27F-09D7-4420-9479-DD247CC31496}
Windows Live feltöltőeszköz-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Messenger-->MsiExec.exe /X{6D431157-ED9D-4AB1-A2C9-1FAA0A04419F}
Windows Live Writer-->MsiExec.exe /X{7F9783DE-C0E9-4971-AE44-D34A2E03F877}
Windows XP biztonsági frissítés - KB923789-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Windows XP biztonsági frissítés - KB950760-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB950762-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB951376-v2-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB951698-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Windows XP frissítés - KB898461-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Windows XP frissítés - KB942763-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
WinPatrol 2009-->C:\PROGRA~1\WINPAT~1\Setup.exe /remove /q0
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
xp-AntiSpy 3.97-3-->C:\Program Files\xp-AntiSpy\Uninstall.exe
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

======Security center information======

AV: avast! Antivirus

======System event log======

Computer Name: GIGABYTE-B9A0E7
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Szervizcsomag 3 Multiprocessor Free.

Record Number: 28922
Source Name: EventLog
Time Written: 20100425134621.000000+120
Event Type: információ
User:

Computer Name: GIGABYTE-B9A0E7
Event Code: 6006
Message: Az Eseménynapló szolgáltatás leállt.

Record Number: 28921
Source Name: EventLog
Time Written: 20100425134424.000000+120
Event Type: információ
User:

Computer Name: GIGABYTE-B9A0E7
Event Code: 20159
Message: A felhasználó (tankboy01@axelero.hu) által a következővel létesített kapcsolat bontva lett: ADSL Net (használt eszköz: PPPoE4-0).

Record Number: 28920
Source Name: RemoteAccess
Time Written: 20100425134422.000000+120
Event Type: információ
User:

Computer Name: GIGABYTE-B9A0E7
Event Code: 7036
Message: A(z) Ati HotKey Poller szolgáltatás állapota: "leállítva".

Record Number: 28919
Source Name: Service Control Manager
Time Written: 20100425134401.000000+120
Event Type: információ
User:

Computer Name: GIGABYTE-B9A0E7
Event Code: 1074
Message: A folyamat (winlogon.exe) GIGABYTE-B9A0E7 újraindítását kezdeményezte a következő miatt: Nem található cím ehhez az okhoz

Másodlagos ok: 0xff

Leállítás típusa: Újraindítás

Megjegyzés:

Record Number: 28918
Source Name: USER32
Time Written: 20100425134401.000000+120
Event Type: információ
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: GIGABYTE-B9A0E7
Event Code: 1022
Message: Termék: Microsoft .NET Framework 3.0 Service Pack 1 - a(z) 'NET Framework WPF 3' frissítés sikeresen telepítve.

Record Number: 921
Source Name: MsiInstaller
Time Written: 20080930091525.000000+120
Event Type: információ
User: GIGABYTE-B9A0E7\gigabyte

Computer Name: GIGABYTE-B9A0E7
Event Code: 1022
Message: Termék: Microsoft .NET Framework 3.0 Service Pack 1 - a(z) '.NET Framework WCF' frissítés sikeresen telepítve.

Record Number: 920
Source Name: MsiInstaller
Time Written: 20080930091525.000000+120
Event Type: információ
User: GIGABYTE-B9A0E7\gigabyte

Computer Name: GIGABYTE-B9A0E7
Event Code: 1022
Message: Termék: Microsoft .NET Framework 3.0 Service Pack 1 - a(z) '.NET Framework XPS' frissítés sikeresen telepítve.

Record Number: 919
Source Name: MsiInstaller
Time Written: 20080930091525.000000+120
Event Type: információ
User: GIGABYTE-B9A0E7\gigabyte

Computer Name: GIGABYTE-B9A0E7
Event Code: 1022
Message: Termék: Microsoft .NET Framework 3.0 Service Pack 1 - a(z) 'NET Framework WPF 3 x86' frissítés sikeresen telepítve.

Record Number: 918
Source Name: MsiInstaller
Time Written: 20080930091525.000000+120
Event Type: információ
User: GIGABYTE-B9A0E7\gigabyte

Computer Name: GIGABYTE-B9A0E7
Event Code: 1022
Message: Termék: Microsoft .NET Framework 3.0 Service Pack 1 - a(z) 'NET Framework WPF 2' frissítés sikeresen telepítve.

Record Number: 917
Source Name: MsiInstaller
Time Written: 20080930091525.000000+120
Event Type: információ
User: GIGABYTE-B9A0E7\gigabyte

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
"tvdumpflags"=8

-----------------EOF-----------------

Logfile of random's system information tool 1.07 (written by random/random)
Run by gigabyte at 2010-05-25 05:24:18
Microsoft Windows XP Professional Szervizcsomag 3
System drive C: has 9 GB (14%) free of 68 GB
Total RAM: 3582 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:24:33, on 2010.05.25.
Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Avast5\avastUI.exe
C:\Program Files\WinPatrol\winpatrol.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\gigabyte\Asztal\RSIT.exe
C:\Program Files\trend micro\gigabyte.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live bejelentkezési segítség - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Küldés blogba - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Küldés blogba a Windows Live Writer programmal - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{429FA8C1-689C-4CAE-8EB6-4DAE8911C054}: NameServer = 84.2.46.1 84.2.44.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui előbetöltője - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Komponenskategóriák gyorsítótárazási szolgáltatása - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast5\AvastSvc.exe
O23 - Service: Logikai lemezkezelő felügyeleti szolgáltatás (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Eseménynapló (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMAPI CD-égető COM-szolgáltatás (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: NetMeeting távoli asztalmegosztás (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Távoli asztal súgó-munkamenetének kezelője (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Intelligens kártya (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Teljesítménynaplók és riasztások (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\system32\tlntsvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Kötet árnyékmásolata (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: WMI teljesítményadapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 6535 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live bejelentkezési segítség - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-13 98304]
"avast5"=C:\PROGRA~1\Avast5\avastUI.exe [2010-05-06 2815192]
"WinPatrol"=C:\Program Files\WinPatrol\winpatrol.exe [2009-07-27 341312]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-11-22 1037192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-04-01 2010864]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
c:\program files\creative\sblive\program\adgjdet.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2008-11-07 21633320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Games\Steam\Steam.exe [2010-05-19 1238352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
c:\windows\updreg.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^gigabyte^Start Menu^Programs^Indítópult^hamachi.lnk]
C:\PROGRA~1\Hamachi\hamachi.exe [2010-05-18 619048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^gigabyte^Start Menu^Programs^Indítópult^WinFlip.lnk]
C:\WinFlip\WinFlip.exe [2008-05-21 483328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-08-14 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-19 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"HonorAutorunSetting"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"HonorAutorunSetting"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2010-05-25 05:24:19 ----D---- C:\Program Files\trend micro
2010-05-25 05:24:18 ----D---- C:\rsit
2010-05-18 22:14:44 ----D---- C:\Program Files\Hamachi
2010-05-15 14:07:17 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2010-05-15 14:07:16 ----D---- C:\Program Files\DVD Shrink
2010-05-10 22:42:56 ----A---- C:\WINDOWS\system32\sfman32.dll
2010-05-10 22:39:39 ----A---- C:\WINDOWS\CTRegRun.exe
2010-05-10 22:28:57 ----D---- C:\Program Files\Creative
2010-05-09 06:47:17 ----D---- C:\Documents and Settings\gigabyte\Application Data\CheckPoint
2010-05-09 06:47:02 ----D---- C:\Program Files\CheckPoint
2010-05-09 06:47:00 ----A---- C:\WINDOWS\system32\vsregexp.dll
2010-05-09 06:46:59 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2010-05-09 06:46:59 ----A---- C:\WINDOWS\system32\zlcomm.dll
2010-05-09 06:46:54 ----A---- C:\WINDOWS\system32\zpeng25.dll
2010-05-09 06:46:54 ----A---- C:\WINDOWS\system32\vsxml.dll
2010-05-09 06:46:54 ----A---- C:\WINDOWS\system32\vswmi.dll
2010-05-09 06:46:53 ----A---- C:\WINDOWS\system32\vspubapi.dll
2010-05-09 06:46:53 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2010-05-09 06:46:52 ----D---- C:\Program Files\Zone Labs
2010-05-09 06:45:45 ----A---- C:\WINDOWS\system32\vsutil.dll
2010-05-09 06:45:45 ----A---- C:\WINDOWS\system32\vsinit.dll
2010-05-09 06:45:45 ----A---- C:\WINDOWS\system32\vsdata.dll
2010-04-29 22:19:39 ----D---- C:\Program Files\Common Files\Apple
2010-04-29 22:19:13 ----D---- C:\Program Files\QuickTime
2010-04-29 22:19:12 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-04-28 14:20:08 ----D---- C:\Program Files\DAEMON Tools Lite
2010-04-28 14:19:08 ----D---- C:\Documents and Settings\gigabyte\Application Data\DAEMON Tools Lite
2010-04-28 14:18:51 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2010-04-27 23:06:03 ----A---- C:\StartUpLite.exe

======List of files/folders modified in the last 1 months======

2010-05-25 05:24:34 ----D---- C:\WINDOWS\Prefetch
2010-05-25 05:24:19 ----RD---- C:\Program Files
2010-05-25 05:23:18 ----A---- C:\WINDOWS\wincmd.ini
2010-05-25 05:23:15 ----D---- C:\Downloads
2010-05-25 05:22:31 ----D---- C:\WINDOWS\Internet Logs
2010-05-25 05:15:00 ----D---- C:\Program Files\Mozilla Firefox
2010-05-25 02:48:15 ----D---- C:\WINDOWS\temp
2010-05-24 18:44:02 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-24 05:27:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-23 19:11:45 ----D---- C:\WINDOWS\Help
2010-05-23 19:08:38 ----D---- C:\WINDOWS\Minidump
2010-05-23 19:08:38 ----D---- C:\WINDOWS
2010-05-21 04:19:09 ----D---- C:\Documents and Settings\gigabyte\Application Data\foobar2000
2010-05-19 20:20:28 ----D---- C:\WINDOWS\system32\config
2010-05-19 07:20:18 ----D---- C:\Documents and Settings\gigabyte\Application Data\uTorrent
2010-05-18 23:28:26 ----D---- C:\Documents and Settings\gigabyte\Application Data\Skype
2010-05-18 23:10:51 ----D---- C:\Documents and Settings\gigabyte\Application Data\Hamachi
2010-05-18 22:31:37 ----RASH---- C:\boot.ini
2010-05-18 22:31:37 ----A---- C:\WINDOWS\win.ini
2010-05-18 22:31:37 ----A---- C:\WINDOWS\system.ini
2010-05-18 22:31:36 ----D---- C:\WINDOWS\pss
2010-05-18 22:14:45 ----D---- C:\WINDOWS\system32\drivers
2010-05-18 22:06:42 ----D---- C:\temp
2010-05-18 20:23:47 ----D---- C:\Documents and Settings\gigabyte\Application Data\skypePM
2010-05-15 14:48:41 ----D---- C:\Documents and Settings\gigabyte\Application Data\Ahead
2010-05-10 22:44:04 ----D---- C:\WINDOWS\security
2010-05-10 22:43:15 ----D---- C:\WINDOWS\system32
2010-05-10 22:19:36 ----HD---- C:\WINDOWS\inf
2010-05-10 22:19:27 ----SHD---- C:\WINDOWS\Installer
2010-05-10 22:19:27 ----D---- C:\Config.Msi
2010-05-10 22:18:37 ----D---- C:\Program Files\HP
2010-05-09 23:29:08 ----A---- C:\WINDOWS\SBWIN.INI
2010-05-09 23:29:07 ----D---- C:\WINDOWS\system32\Defaults
2010-05-09 23:29:07 ----D---- C:\WINDOWS\system32\Data
2010-05-09 23:28:57 ----HD---- C:\Program Files\InstallShield Installation Information
2010-05-09 23:27:39 ----D---- C:\Program Files\Realtek
2010-05-09 23:27:38 ----D---- C:\WINDOWS\system32\RTCOM
2010-05-09 07:27:44 ----D---- C:\Program Files\HijackThis
2010-05-09 06:47:01 ----D---- C:\WINDOWS\system32\ZoneLabs
2010-05-09 05:36:21 ----D---- C:\Program Files\Common Files
2010-05-09 05:34:26 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-05-09 05:18:27 ----D---- C:\Program Files\TQ Defiler
2010-05-07 14:57:48 ----D---- C:\Program Files\Avast5
2010-05-06 22:59:36 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-04-29 22:19:42 ----D---- C:\WINDOWS\WinSxS
2010-04-29 08:06:24 ----D---- C:\Program Files\PeerBlock

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-05-06 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-05-06 164048]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-05-06 46672]
R1 intelppm;Intel processzor illesztőprogramja; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-11-22 486280]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-05-06 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-05-06 100432]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-12-12 279712]
R2 HidUsb;USB Miniport Driver for Input Devices; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-12-12 25888]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-05-06 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-08-14 4485632]
R3 ctljystk;Creative SBLive! Játékport; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager illesztőprogram (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-05-18 25544]
R3 HDAudBus;Microsoft UAA busz-illesztőprogram - High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 mouhid;Egér HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-09-19 101504]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 sfman;Creative SoundFont Manager illesztőprogram (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 usbehci;Microsoft USB 2.0 bővített állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2-engedélyezett hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB univerzális állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 ATITool;ATITool Overclocking Utility; C:\WINDOWS\system32\DRIVERS\ATITool.sys [2006-11-10 24064]
S3 al0bzv2m;al0bzv2m; C:\WINDOWS\system32\drivers\al0bzv2m.sys []
S3 awmpese0;awmpese0; C:\WINDOWS\system32\drivers\awmpese0.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys []
S3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys []
S3 pbfilter;pbfilter; \??\C:\Program Files\PeerBlock\pbfilter.sys []
S3 usbccgp;Microsoft USB általános szülő-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER osztály; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB háttértár illesztőprogramja; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VL807a;VL807a Filter; C:\WINDOWS\system32\DRIVERS\VL807a.sys [2007-06-28 23680]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-19 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-19 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Windows Socket 2.0 - nem IFS-t szolgáltató támogatási környezet; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-08-14 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-11-22 2384240]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Avast5\AvastSvc.exe [2010-05-06 40384]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-08-13 593920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

udv
igen virus,tedd ide az RSIT logjat.

Lehet, hogy az is kevés, ha az MBR fertőzött (esetleg a többi partició).

Újabb probléma van a gépemmel. Egy frankó kis kékhalál az életem mostani megkeserítője. Eddig kétszer volt. Az elsőnek még nem tulajdonítottam nagy jelentőséget biztam benne, hogy csak egyszeri gond, de tévedtem. Ezt írta ki most:

DRIVER_IRQL_NOT_LESS_OR_EQUAL

*** STOP: 0x000000D1 (0x00000002, 0x00000002, 0x00000000, 0xBA1CD390)

*** wanarp.sys - Address BA1CD390 base at BA1C8000, DateStamp 48025790

Mikor újraindítottam a gépet azt írta, hogy a rendszer súlyos hiba után állt helyre és bekerült a naplóba. Belinkelném azt is csak nem tudom hol van ez mert nem a Dr. Watson hibanaplója amit megtaláltam arra már rájöttem.
Stell segíts, ha van időd és kedved. Már erősen gondolkodom egy rendszer újrarakáson, tiszta lappal indulni.

olvasd el eztet figyelmesen
http://windows.microsoft.com/hu-HU/wind ... ity-Center

Fogalmam sincsen miert bolondul az AVAST,probald letesztelni a fontos rendszer fajlkat a www.virustotal.com on

Most már az összes védelem kilőve
MAlware ráeresztve, rendszervisszaállitás, semmi
Eseménynaplóban egy ami érdekes lehet
"Windows biztonsági központ szolgáltatása elindult"
Miért?

Unistall , ujratelepitem, de ez vicc igy

by horex

Höhö
WEB védelem már kilőve, visszakapcsolni nem lehet, semmifle frissités javitás nem segít

by horex

igen igy valahogy ahogya Laci cimbi irja,,A virusvedelem nemjelenti azt hogy mar soha sem lesz virusos a geped olvasd l a blogomban
http://www.virus-stell.com/2010/04/mier ... gepem.html

Csak az ellen tudnak védekezni amit ismernek. Ha olyat szedsz be ami új, megszívhatod. De akkor is, ha sz*ar a vírusírtód. Vagy ki volt kapcsolva.

Kommentezni meg nem kell.

Ez vicc akkor!

Azért van virusirtom mert védekezek a virus ellen, de ha jön a virus, az meghal
A virusirtó programozók nem tudnak ez ellen védekezni?
Amikor uninstall volt, elugrott az Avast oldalra, ott kommenteztem miért törlöm a programjukat

by horex

Mar most fog futni,adig meg valamivel megnem fertozod a gepet es kilovi az antivirust.

OK, megcsináltam-pucoltam ,nem talált semmi kártékonyt
Feltettem egy ujabb Avastot, fut
Kiváncsi vagyok meddig?

by horex

1:Telepitsd le az AVASTOT a geprol.
2:Tolds le az asztalra
http://www.avast.com/uninstall-utility
3:Restart csokkentet modba,es futtasd le az uninstall,utilityt.Restart ,tisztisd ki a gepet az CCleaner es a ATF-Cleaner programal
http://virus-stell.blogspot.com/2010/04 ... ztito.html
4:Totsel le uj AVASTOT
http://www.virus-stell.com/2010/04/anti ... delem.html
es telepitsd ujra.

Most a "csere" módra katintottam, letölt valamit
Meglátom
by horex

u.i.
Nem sikerult, nem működik

Error processing packages-use full update
Legyen

Itt a logja
"08.05.2010 22:25:53 general: Started: 08.05.2010, 22:25:53
08.05.2010 22:25:53 general: Running setup_ais-221 (545)
08.05.2010 22:25:53 system: Operating system: WindowsXP ver 5.1, build 2600, sp 2.0 [Szervizcsomag 2]
08.05.2010 22:25:53 system: Memory: 79% load. Phys:105868/523504K free, Page:825424/1279192K free, Virt:2068008/2097024K free
08.05.2010 22:25:53 system: Computer WinName: BSAFTPZ-8C1F5DD
08.05.2010 22:25:53 system: Windows Net User: BSAFTPZ-8C1F5DD\apple
08.05.2010 22:25:53 general: Cmdline: /uninstwiz
08.05.2010 22:25:53 general: Old version: 221 (545)
08.05.2010 22:25:53 registry: Deleted registry: Software\Alwil Software\Avast\5.0\UpdateReady
08.05.2010 22:25:53 system: Using temp: C:\DOCUME~1\apple\LOCALS~1\Temp\_asw_aisI.tm~a02428 (2659M free)
08.05.2010 22:25:53 general: SGW32AIS::CheckIfInstalled set m_bAlreadyInstalled to 1
08.05.2010 22:25:53 general: DldSrc set to inet
08.05.2010 22:25:53 internet: SYNCER: Agent=Syncer/5.00 (ais-545;p)
08.05.2010 22:25:53 system: Computer DnsName: bsaftpz-8c1f5dd
08.05.2010 22:25:53 system: Computer Ip Addr: 192.168.1.1
08.05.2010 22:25:53 system: Installed in: C:\Program Files\Alwil Software\Avast5 (2659M free)
08.05.2010 22:25:53 internet: SYNCER: Type: use IE settings
08.05.2010 22:25:53 internet: SYNCER: Auth: another authentication, use WinInet
08.05.2010 22:25:53 package: Part prg_ais-221 is installed
08.05.2010 22:25:53 package: Part vps_win32-10050701 is installed
08.05.2010 22:25:53 package: Part setup_ais-221 is installed
08.05.2010 22:25:53 package: Part jrog-a7 is installed
08.05.2010 22:25:53 package: Part jrog2-0 is installed
08.05.2010 22:25:53 general: LoadState: Edition=1
08.05.2010 22:25:53 general: Old version: 221 (545)
08.05.2010 22:25:55 file: SetExistingFilesBitmap: 377->82->82
08.05.2010 22:25:55 general: GUID: 5d7472a1-0f69-4aa9-a88f-cd9275600657
08.05.2010 22:25:59 general: Server definition(s) loaded for 'main': 374 (maintenance:0)
08.05.2010 22:25:59 general: SelectCurrent: selected server 'Download968 AVAST5 Server' from 'main'
08.05.2010 22:25:59 internet: SYNCER: Type: use IE settings
08.05.2010 22:25:59 internet: SYNCER: Auth: another authentication, use WinInet
08.05.2010 22:26:14 general: Operation set to INST_OP_REPAIR
08.05.2010 22:26:14 general: Entered SetupProcessAIS::Do( INST_OP_REPAIR )
08.05.2010 22:26:14 general: Entered SetupProcessWin32Avast::Do( INST_OP_REPAIR )
08.05.2010 22:26:14 general: Entered SetupProcessWin32::Do( INST_OP_REPAIR )
08.05.2010 22:26:14 general: Entered SetupProcess::Do( INST_OP_REPAIR )
08.05.2010 22:26:14 general: Entered SetupProcessAIS::Do( INST_OP_UPDATE_INSTALL_PACKAGES )
08.05.2010 22:26:14 general: Entered SetupProcessWin32Avast::Do( INST_OP_UPDATE_INSTALL_PACKAGES )
08.05.2010 22:26:14 general: Entering:UpdateInstallPackages
08.05.2010 22:26:14 general: progress thread start
08.05.2010 22:26:14 package: LoadProductVpu: C:\Program Files\Alwil Software\Avast5\Setup\prod-ais.vpx
08.05.2010 22:26:14 package: LoadPartInfo: jrog = jrog-a7 returned 00000000
08.05.2010 22:26:14 package: LoadPartInfo: jrog2 = jrog2-0 returned 00000000
08.05.2010 22:26:14 package: LoadPartInfo: program = prg_ais-221 returned 00000000
08.05.2010 22:26:14 package: LoadPartInfo: setup = setup_ais-221 returned 00000000
08.05.2010 22:26:14 package: LoadPartInfo: vps = vps_win32-10050701 returned 00000000
08.05.2010 22:26:14 package: LoadProductVpu: C:\Program Files\Alwil Software\Avast5\Setup\prod-ais.vpx ended with 00000000
08.05.2010 22:26:14 package: FilterOutExistingFiles: 82 & 82 = 0
08.05.2010 22:26:15 package: IsFullOkay: vps_32-1b4.vpx - not okay (DSA_FileVerify failed 0x2000000B)
08.05.2010 22:26:16 package: Vpu: C:\Program Files\Alwil Software\Avast5\Setup\vps_32-1b4.vpx, size: 37809773. md5: BED16F60D0F186B83D823EDE42169975, computemd5 returned 0x00000000, sig: AC3A8C90FBC66364A313E3998C1555FB22B059FF4AEE97C5800C5C9351434031D1B67D7E2B8097D5 returned 0x00000000
08.05.2010 22:26:16 package: IsFullOkay: vps_32-1b4.vpx - not okay (DSA_FileVerify failed 0x2000000B)
08.05.2010 22:26:16 package: Vpu: C:\Program Files\Alwil Software\Avast5\Setup\vps_32-1b4.vpx, size: 37809773. md5: BED16F60D0F186B83D823EDE42169975, computemd5 returned 0x00000000, sig: AC3A8C90FBC66364A313E3998C1555FB22B059FF4AEE97C5800C5C9351434031D1B67D7E2B8097D5 returned 0x00000000
08.05.2010 22:26:16 package: SetFullAsMarked: Package vps_32 set to 1
08.05.2010 22:26:17 package: ArePartsInstallable: 0
08.05.2010 22:26:17 package: Error processing packages. 0x20000011

by horex

start-vezerlo pult-Programok telepitese / torlese> avast! antivírus> eltavolitas - ezutab valaszt ki javitas funkciot a felugro ablakban, restart,

Semmi nem emgy
X van az ikonon, "Avast védelmének kezelése"-7 védelem kikapcsolva
Hiába kattintok rá, nem kapcsoldnak be




by horex

leirhadnad pontosabban,mivel hogy minden a helyem van a logban..mi nem megy az Avaston??

Lefutott-restart-NEm Megy az Avast

by horex