Rendben, máris csinálom, akkor normál módban..

nem,,ez csak atlagos informaciot ad csinald avval amit irtam,

A fenti MINIDUMP logot a Bluescreenwiewwel mentettem el, és másoltam be ide... Az nem lesz jó?

Letöltöttem. A kérdésem, hogy most csökkentett módban vagyok hálózaton. Menjek normál módba és ott indítsam a programot, hogy megmutassa a korábbi kékhalált? Vagy várjak normál módban egy újat?
Elnézést a bugyuta kérdésért, csak mindent pontosan szeretnék csinálni, és nem elrontani.

ok,elmesz az oldalamra es megcsinalod a kek halal elemzeset a logjat ted ide,rendes windowsban.
http://sites.google.com/site/stellmajds ... /kek-halal

A többit nem másolom be csak a végét:

C:\WINDOWS\system32\dmband.dll - Igen
C:\WINDOWS\system32\dmcompos.dll - Igen
C:\WINDOWS\system32\dmconfig.dll - Igen
C:\WINDOWS\system32\dmdlgs.dll - Igen
C:\WINDOWS\system32\dmdskmgr.dll - Igen
C:\WINDOWS\system32\dmdskres.dll - Igen
C:\WINDOWS\system32\dmime.dll - Igen
C:\WINDOWS\system32\dmintf.dll - Igen
C:\WINDOWS\system32\dmloader.dll - Igen
C:\WINDOWS\system32\dmocx.dll - Igen
C:\WINDOWS\system32\dmremote.exe - Igen
C:\WINDOWS\system32\dmscript.dll - Igen
C:\WINDOWS\system32\dmserver.dll - Igen
C:\WINDOWS\system32\dmstyle.dll - Igen
C:\WINDOWS\system32\dmsynth.dll - Igen
C:\WINDOWS\system32\dmusic.dll - Igen
C:\WINDOWS\system32\dmutil.dll - Igen
C:\WINDOWS\system32\dmview.ocx - Igen
C:\WINDOWS\system32\dns-sd.exe - Igen
C:\WINDOWS\system32\dnsapi.dll - Igen

-----------------------------------------------------------------------------
Ellenőrzés eredménye
-----------------------------------------------------------------------------
Ellenőrzött: 632
Fertőzött: 0
Módosított: 0
Gyanús: 0
Reklám: 0
Telefonáló: 0
Megtévesztő: 0
Kockázatos: 0
Behatoló-program: 0
Helyreállítva: 0
Törölve: 0
Átnevezve: 0
Áthelyezve: 0
Kihagyva: 0
Ellenőrzés sebessége: 3738 Kb/s
Ellenőrzés ideje: 00:00:44
-----------------------------------------------------------------------------

Felhasználó félbeszakította az ellenőrzést! - nincs vírusfertőzés
=============================================================================
Teljes vizsgálat statisztikája
=============================================================================
Ellenőrzött: 632
Fertőzött: 0
Módosított: 0
Gyanús: 0
Reklám: 0
Telefonáló: 0
Megtévesztő: 0
Kockázatos: 0
Behatoló-program: 0
Helyreállítva: 0
Törölve: 0
Átnevezve: 0
Áthelyezve: 0
Kihagyva: 0
Ellenőrzés sebessége: 3224 Kb/s
Ellenőrzés ideje: 00:00:51
======================


ITT FÉLBESZAKÍTOTTAM ÉS ÚJRAINDITVA ELLENŐRIZTEM A HEURISZTIKUS PIPÁT, HOGY KI LEGYEN VÉVE...
Ekkor indult újra a vizsgálat és akkor írta ki azt a 5t235xp.exe hibát észlelt...

Ma délután újra elindítottam és egyszer csak csökkentett módban kékhalál lett:(

==================================================
Dump File : Mini020810-01.dmp
Crash Time : 2010.02.08. 16:57:50
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x0000001c
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x80540545
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+69545
File Description : NT - kernel és rendszer
Product Name : Microsoft® Windows® operációs rendszer
Company : Microsoft Corporation
File Version : 5.1.2600.5857 (xpsp_sp3_gdr.090804-1435)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini020810-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================



Nem tudom ez mitől lehet, talán windows javítás, vagy frissítés a microsoft oldaláról segítene?
Mit tegyek most szerinted? Köszönöm a válaszod előre is.

>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/_rels/presentation.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/_rels/slideLayout11.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/_rels/slideLayout2.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideMasters/_rels/slideMaster1.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/_rels/slideLayout1.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/_rels/slideLayout4.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/_rels/slideLayout5.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/_rels/slideLayout10.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/_rels/slideLayout9.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/_rels/slideLayout8.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/_rels/slideLayout7.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/_rels/slideLayout6.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/_rels/slideLayout3.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/slideLayout10.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/slideLayout8.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/slideLayout2.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/slideLayout9.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/slideLayout4.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/slideLayout1.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/slideLayout5.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/slideLayout6.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/slideLayout7.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/theme/_rels/theme1.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/media/image1.jpeg - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/theme/themeManager.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/theme/theme1.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/theme/themeThumbnail.jpeg - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/docProps/thumbnail.jpeg - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/theme/auxiliaryThemeThumbnail.jpeg - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/theme/_rels/themeManager.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/media/image2.jpeg - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/slideLayout11.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideLayouts/slideLayout3.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/slideMasters/slideMaster1.xml - Igen
C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx - Igen
C:\Program Files\Microsoft Office\Document Themes 12\Metro.thmx - csomagolt ZIP
>C:\Program Files\Microsoft Office\Document Themes 12\Metro.thmx/[Content_Types].xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Metro.thmx/_rels/.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Metro.thmx/theme/_rels/presentation.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Metro.thmx/theme/presentation.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Metro.thmx/theme/slideLayouts/_rels/slideLayout11.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Metro.thmx/theme/slideLayouts/_rels/slideLayout2.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Metro.thmx/theme/slideMasters/_rels/slideMaster1.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Metro.thmx/theme/slideLayouts/_rels/slideLayout1.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Metro.thmx/theme/slideLayouts/_rels/slideLayout4.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Metro.thmx/theme/slideLayouts/_rels/slideLayout5.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Metro.thmx/theme/slideLayouts/_rels/slideLayout10.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Metro.thmx/theme/slideLayouts/_rels/slideLayout9.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Metro.thmx/theme/slideLayouts/_rels/slideLayout8.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Metro.thmx/theme/slideLayouts/_rels/slideLayout7.xml.rels - Igen

>C:\Program Files\Microsoft Office\Document Themes 12\Flow.thmx/theme/theme/themeThumbnail.jpeg - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Flow.thmx/theme/theme/auxiliaryThemeThumbnail.jpeg - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Flow.thmx/theme/theme/_rels/themeManager.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Flow.thmx/theme/slideLayouts/slideLayout11.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Flow.thmx/theme/slideLayouts/slideLayout3.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Flow.thmx/theme/slideLayouts/slideLayout1.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Flow.thmx/theme/slideMasters/slideMaster1.xml - Igen
C:\Program Files\Microsoft Office\Document Themes 12\Flow.thmx - Igen
C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx - csomagolt ZIP
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/[Content_Types].xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/_rels/.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/_rels/presentation.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/presentation.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/_rels/slideLayout11.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/_rels/slideLayout2.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideMasters/_rels/slideMaster1.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/_rels/slideLayout1.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/_rels/slideLayout4.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/_rels/slideLayout5.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/_rels/slideLayout10.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/_rels/slideLayout9.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/_rels/slideLayout8.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/_rels/slideLayout7.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/_rels/slideLayout6.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/_rels/slideLayout3.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/slideLayout10.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/slideLayout3.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/slideLayout9.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/slideLayout1.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/slideLayout4.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/slideLayout2.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/slideLayout6.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/slideLayout7.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/slideLayout5.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/theme/_rels/theme1.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/theme/themeManager.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/theme/theme1.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/media/image1.jpeg - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/docProps/thumbnail.jpeg - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/theme/themeThumbnail.jpeg - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/theme/auxiliaryThemeThumbnail.jpeg - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/theme/_rels/themeManager.xml.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/slideLayout11.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideLayouts/slideLayout8.xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx/theme/slideMasters/slideMaster1.xml - Igen
C:\Program Files\Microsoft Office\Document Themes 12\Foundry.thmx - Igen
C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx - csomagolt ZIP
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/[Content_Types].xml - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/_rels/.rels - Igen
>C:\Program Files\Microsoft Office\Document Themes 12\Median.thmx/theme/presentation.xml - Igen

Üdvözöllek Stell!

Tegnap éjszaka a teljes vizsgálatkor egyszer csak megállt, és
ez a hiba ablak ugrott fel:

5t235xp.exe hibát észlelt, ezért leáll.
AppName 5t235xp.exe Modname: ntdll.dll
ModVer: 5.1.2600.5755 Offset: 00028c0b
(Megnéztem, és a CURELT itt állt éppen: C:/Windows/$NtServicePack unistall $/user32.dll)

Bemásolom a CURELT log fájlt is.

igen,kiveni a pipat a heuristikus elol.
egyelore nincsen mit koszonod.

Idáig gondolkodtam, de mégiscsak úgy értelmezem, hogy csak pipát
kivenni a HEURISZTIKUS vizsgálat elöl, tehát ne legyen bepipálva...
Mást nem csinálok, akkor így fut.. Köszönöm, holnap majd jelentkezem, NAGYON SZÉP ÉJSZAKÁT!!

Bocsánat, de szerintem nagyon félreértettem az oldaladon leírtat:(

Tehát a HEURISZTIKUS LEGYEN BEPIPÁLVA!!
és alatta az ELLENŐRIZETLEN FÁJLOK legyenek ELTÁVOLÍTVA (.ZIP, .CAB.....) ugye jól értem?

Egyébként eddig az expressz scan (DRWEB) nem talált semmit vírust:)

Most megy majd a teljes ellenőrzés a drwebbel, csak azt kérdezném, hogy a honlapod szerint törölni kell a pipát a HEURISZTIKUS VIZSGÁLATNÁL? Tehát anélkül fusson?
Mást beállítást úgy olvastam, nem kell már tenni.. Remélem mindent jól értettem. Köszönöm nagyon!

ok,eleg holnap majd benezek,,a Cureital ha talal ugy ahogy a utasitasba van,gyogyitani a gyogyithatatlant at heljezni,,nincsen mitt koszonod
udv.

OTL: (sokáig vártam, majd restartoltam) Most ráengedem a Drwebcureltet csökkentett módban. Köszönöm hálásan neked, majd az enyémen is futtatom a combofixet holnap. EZER KÖSZÖNET MÉGEGYSZER STELL!!!!!!!!!!!!!!!!!!!!



All processes killed
========== OTL ==========
Unable to set value : HKU\S-1-5-21-436374069-682003330-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-436374069-682003330-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ not found.
File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Berni

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33438 bytes

User: Maxnor
->Temp folder emptied: 25065 bytes
->Temporary Internet Files folder emptied: 32768 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 7114119 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Rendszergazda
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Sberni
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Vendég
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1183744 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3072 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33728 bytes
RecycleBin emptied: 212228 bytes

Total Files Cleaned = 8,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.1.28.0 log created on 02072010_191023

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

restartolni a fiad gepet,,es majd add logot ha nemis irjal,,es kiprobalni a geppet,,ha jo is lesz futtasatok le a DR.WEB CUREIT programot,mert latok ot hogy volt a geppen Mebroot troja fertozes,,es nemjol volt eltavolitva ,,biztosan a Fixmbr parancsal,mert ot marad a malicious kod a 62 sectorba,,ok futasd le a combofixet a gepeden es ted ide a logot.

Edit\az ESET az jo,,olvasd el az oldalomon miert virusoso a gepp.es hogy ha nemis talal a virusvedelem semmit az nem a virusirto hibaja,

Pl. most futattam le az én gépemen a Malwarebytest, mert fiam gépéből ide-oda tettük a pentdrive-ot, és biztosan nálam is vírusos, de semmit nem talált...
Azért majd az enyémen is lefuttassam később a COMBOFIXET? Segítesz majd ha 1-2 nap múlva bemásolom ugyanígy a log fájlt?

Nagyon köszönöm! ........ fiam gépén még mindig OTL "Processing complete!" áll...

Köszönöm, elvileg már végzett az OTL, alul kiírva "Processing complete!", de egy jó ideje így áll, (EZ RENDBEN VAN, HOGY ILYEN SOKÁIG ÁLL?) gondolom majd újraindul, és lesz log fájl... Ide teszem...

Megnéztem az oldaladat, és azt szeretném tőled megtudni, hogy melyik vírusírtót javasolod a gépre állandó őrzőnek?
Fent van most a Malwarebytes, de ESET letörölve lett.

igen minden maradhat ugy ahogy van,csak most a RuNFIX gombot nyomod be

Az OTL program maradt megnyitva ugyanazokkal a beállításokkal, pipákkal amiket megadtál (7 days, scan all users....). Ezek maradhatnak ugyanígy amikor bemásolom, és futtatom a KÓDOT?

Köszönöm NEKED NAGYON!!!!!!! Hálás vagyok a segítségedért, megcsinálok mindent ahogy írtad, és aztán hírt adok a gépről...

Futtasd az OTL programot>az ablakjabba Customscan/Fixes masold be a zold textet es klik RUNFIX>a logot a restart utan ted ide



Szed le a combofixet>start>futtatas masold be combofix /uninstall

Az oldalomon megtalalod a WEBCUREIT scenert pucold at a gepet sokaig fogg tartani ezert eleg akkor ha leszidod,,de enszerintem mar jonak kenne lennie,,probald ki es ird le,ha jo e,
it van a Cureit
http://sites.google.com/site/stellmajds ... -programok

EXTRAS log:



OTL Extras logfile created on: 2010.02.07. 17:26:26 - Run 2
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Documents and Settings\Maxnor\Asztal
Windows XP Professional Edition Szervizcsomag 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040E | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 72,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,57 Gb Total Space | 11,52 Gb Free Space | 30,66% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 57,45 Gb Free Space | 29,42% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 1,87 Gb Total Space | 0,49 Gb Free Space | 25,91% Space Free | Partition Type: FAT

Computer Name: MAXNOR
Current User Name: Maxnor
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\8.0\ACDSee8.exe" "%1" (ACD Systems Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{045ACD95-9D51-4309-A556-21A6A9617974}" = Advanced Outlook Express DBX Recovery
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0C98E73E-D495-CA87-EF1D-50D3A719351E}" = CCC Help Dutch
"{0CEC06EF-5052-4CE8-8256-74AE363A4238}" = Adobe Creative Suite 3 Master Collection
"{0FF1802B-4FE0-81D5-D28F-5095543CB57B}" = Skins
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"{11964613-805F-432D-A12B-169554B793E7}" = Nokia Connectivity Cable Driver
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"{173A4BD8-B1E5-252A-FE86-C84C7E7B5F2E}" = CCC Help English
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
"{1DDB76B6-9B33-47DE-8577-78EBFD3E2FF3}" = Adobe Setup
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live feltöltőeszköz
"{20D1D37A-817B-3A45-FDF5-507BD8A79680}" = CCC Help Chinese Traditional
"{21879F6C-52F6-7A6F-6736-A7C912653608}" = CCC Help Danish
"{21E4AB1F-C62E-C5C1-96A3-F4378A763C5B}" = CCC Help Chinese Standard
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23430AE3-6FFF-47CF-B7E7-1552FC61DF39}" = Philips Flat Panel Adjust
"{236BB7C4-4419-42FD-040E-1E257A25E34D}" = Adobe Photoshop CS2
"{246BA842-1DA8-4860-9F0B-623D0FEDBD3E}_is1" = Pixel Vistas PhotoLift 2.0
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{2743B5EB-7C1C-36CC-FBBB-A02F2F4EC52D}" = ccc-utility
"{29175B05-7490-48E3-88D8-C8C8BA63D7FA}" = Splinter Cell Pandora Tomorrow MultiPlayer Demo
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{350C97C5-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{377D6C92-9E3B-44A0-8232-41A17138AC9F}" = Windows Live Toolbar
"{38DCE347-CE45-219E-56AD-30FCB04CF71A}" = CCC Help Hungarian
"{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}" = Adobe Setup
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3D6293F2-53DA-45A1-B7F4-1843CA3B2658}" = Darkest of Days
"{3EBC0693-0A27-4B50-90A1-A8B688911C7A}" = Samsung PC Studio 3
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3F425F12-3A1B-4511-97B2-E2BB4701B745}" = Crysis Wars(R)
"{3F9FCFE0-4979-6377-771D-E8A3F3B197E7}" = CCC Help Portuguese
"{4089999C-6CB7-4F9D-A2F6-DB158DBF91FB}" = Rome - Total War(TM)
"{43E506CC-6633-4F2A-8D8E-4A95D2384393}" = Crysis Wars(R) Patch
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4A4D90A7-A1BD-464C-B383-1FF5E67F5A85}" = WingMan Software
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5A180ED5-0AC1-410A-B790-5E0319CD0A93}" = Sentinel Protection Installer 7.4.0
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = The Saboteur™
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5D63D27F-09D7-4420-9479-DD247CC31496}" = Windows Live Essentials
"{5F723D64-4042-ABAE-2A9E-1FEBA1FE4B00}" = CCC Help Korean
"{61709405-4DB8-410C-53DC-A76945D7EBC1}" = CCC Help Turkish
"{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}" = SPORE™ Galaktikus kalandok
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6CDB4B41-9244-EC3F-5FBC-550A8BC697F4}" = CCC Help Japanese
"{6D431157-ED9D-4AB1-A2C9-1FAA0A04419F}" = Windows Live Messenger
"{6EF0B467-8FDD-845E-F168-C7F0C6124C26}" = CCC Help Finnish
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{733EB793-0840-4D69-97AA-6934FC79DB16}" = Windows Live bejelentkezési segéd
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.3.4.106e
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{79469AEF-FF16-C52B-F7F8-E1E203A036E5}" = CCC Help Italian
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C6999B2-1A35-4F2C-8DB7-3CB46B640CC9}" = ConsumerUpdate
"{7F9783DE-C0E9-4971-AE44-D34A2E03F877}" = Windows Live Writer
"{8014763A-94BD-4CC3-8F86-35BD73C127B9}" = eSATA300 TX2 Windows Driver 1.0.0260.38
"{816DAA3A-B289-4736-BE15-AFDE0A228618}" = Windows Live Sync
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83E08A1E-963B-8846-8082-88B996FC060E}" = CCC Help Swedish
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}" = Adobe Flash Player 9 Plugin
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0010-040E-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Hungarian) 12
"{90120000-0015-040E-0000-0000000FF1CE}" = Microsoft Office Access MUI (Hungarian) 2007
"{90120000-0015-040E-0000-0000000FF1CE}_ENTERPRISE_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040E-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Hungarian) 2007
"{90120000-0016-040E-0000-0000000FF1CE}_ENTERPRISE_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040E-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Hungarian) 2007
"{90120000-0018-040E-0000-0000000FF1CE}_ENTERPRISE_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040E-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Hungarian) 2007
"{90120000-0019-040E-0000-0000000FF1CE}_ENTERPRISE_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040E-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Hungarian) 2007
"{90120000-001A-040E-0000-0000000FF1CE}_ENTERPRISE_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040E-0000-0000000FF1CE}" = Microsoft Office Word MUI (Hungarian) 2007
"{90120000-001B-040E-0000-0000000FF1CE}_ENTERPRISE_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_ENTERPRISE_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040E-0000-0000000FF1CE}" = Microsoft Office Proofing (Hungarian) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-040E-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Hungarian) 2007
"{90120000-0044-040E-0000-0000000FF1CE}_ENTERPRISE_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040E-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Hungarian) 2007
"{90120000-006E-040E-0000-0000000FF1CE}_ENTERPRISE_{B3C14F81-2C4A-400D-9ECE-55A667F8F737}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040E-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Hungarian) 2007
"{90120000-00A1-040E-0000-0000000FF1CE}_ENTERPRISE_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-040E-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Hungarian) 2007
"{90120000-00BA-040E-0000-0000000FF1CE}_ENTERPRISE_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9578C0CD-8108-4379-9026-4601F59859A0}" = Google Earth Pro
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{99A40651-0BC2-4095-8F9A-A40FAB224FEF}" = PC Connectivity Solution
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9ABF04DC-A40D-B4DA-189B-89497B599AB7}" = CCC Help French
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56C31A-C9C8-394C-0804-670B0D2E0E1F}" = CCC Help Norwegian
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A125590D-AAC6-4A73-BFFA-0966BF5308ED}" = Windows Live Családbiztonság
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A38048C6-89D1-44EC-BC95-E95DD4A19B5E}" = QuarkXPress 7.0
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}" = Nokia PC Suite
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AC38B36B-90F8-4C1F-8AC9-236B851B8871}" = Genuine Fractals 5.0
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1038-7B44-A81000000003}" = Adobe Reader 8.1.0 - Hungarian
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B59A1FFA-4EE2-805D-7B48-806DE73AAE03}" = CCC Help Thai
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BC0AEB49-94F7-4C0D-9ABC-AB45D32A6366}" = Windows Live Mail
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{C5961323-A2E5-4FAB-B92D-DBF6C282F0F5}" = Logitech Gaming Software 5.01
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C81B5303-B5CA-4A6B-AE2E-6356884533AA}" = Iratmintatár CD
"{C87E0D98-7955-4BF0-A6B0-5D81146A9CB8}" = Samsung PC Studio 3
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFA76A76-03CF-43AC-AAB4-E2E3DACE4E02}" = Vodafone Mobile Connect Lite Runtime Components
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1C2B2A9-6FC3-69A6-DDCC-10179BD2A978}" = CCC Help German
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D5C8DB90-573F-A4E4-6EBF-728B634E3E07}" = CCC Help Polish
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DD4C0A88-E905-44CC-A558-5BBE656DEDC8}" = Altiris Philips SmartManage Agent
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}" = Command & Conquer™ Red Alert™ 3 Uprising
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DFA3E72F-DE47-4530-B0A0-7C7529DC5631}" = Anno 1404 (Demo)
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E83971BF-8FEE-F2A6-E0CC-5187C1ECBD4D}" = CCC Help Greek
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{E9C6DC23-56C9-2B27-5FEC-4EEDD107D2D6}" = ccc-core-static
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F01D5ED5-D53A-4468-B428-149DC2CB3110}" = Adobe Dreamweaver CS3
"{F07717A3-8376-AA87-6BE2-D560F1EBABF0}" = CCC Help Spanish
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F371C899-B40A-811A-2825-30BE7E941CC9}" = CCC Help Czech
"{F523AC89-AD65-4B20-907B-925A05C08897}" = Windows Live Fotótár
"{F530581E-12FE-43B4-A28D-E5257AAD63E6}" = O&O Defrag Professional
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition
"{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = VideoStudio
"{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}" = Adobe Contribute CS3
"{FD88D501-1F0A-4DA4-A13A-6437411EE0C3}" = ACDSee 6.0 Standard
"{FE5CECF3-A8A6-4A31-A1EB-8C20409D5281}" = Microsoft .NET Framework 2.0 Language Pack - HUN
"{FF6486A6-608F-F80C-BE5C-17D07E2D49BF}" = CCC Help Russian
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows illesztőprogram-csomag - Nokia Modem (02/15/2007 3.1)
"4077F884D1BB007055BDB83B621D87220A73F30F" = Windows illesztőprogram-csomag - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
"8AD51A41BEE6AF46CD7481F4460B914727172F64" = Windows illesztőprogram-csomag - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe Acrobat 8 Professional" = Adobe Acrobat 8.1.2 Professional
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-040E-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = ATI - Szoftver eltávolító
"ATI Display Driver" = ATI Display Driver
"AutoFX Suites" = AutoFX Suites
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows illesztőprogram-csomag - Nokia Modem (02/15/2007 3.1)
"bio_hun" = Bioshock magyarítás v1.1a
"BSPlayerp" = BS.Player PRO
"BulletProof FTP_is1" = BulletProof FTP
"CCleaner" = CCleaner (remove only)
"CD8424B9400BFF7D34AA18F816C71322AC4BDAA7" = Windows illesztőprogram-csomag - Nokia Modem (05/24/2007 6.84.0.1)
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"Crysis Wars(R)" = Crysis Wars(R)
"Crysis Wars(R) Patch" = Crysis Wars(R) Patch
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DD PlayCam" = DD PlayCam
"DriverAgent.exe" = DriverAgent by TouchStone Software
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FaceSwapper_is1" = FaceSwapper v1.0
"Fraps" = Fraps
"Free Ram Optimizer XP_is1" = Free Ram Optimizer XP 1.0
"Google Chrome" = Google Chrome
"Hamachi" = Hamachi 1.0.1.5
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = Ulead VideoStudio 11
"Left 4 Dead" = Left 4 Dead
"Magic ISO Maker v5.5 (build 0274)" = Magic ISO Maker v5.5 (build 0274)
"Magic Video Studio_is1" = Magic Video Studio Trial Version (English) 8.0.3.18
"MagicDisc 2.7.105" = MagicDisc 2.7.105
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - HUN" = Microsoft .NET Framework 2.0 Language Pack - HUN
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"OE-Mail Recovery_is1" = OE-Mail Recovery 1.7
"OpenAL" = OpenAL
"Outlook Express Backup Expert_is1" = Outlook Express Backup Expert 1.40
"PFConfig" = PFConfig 1.0.163
"Portrait Professional Max 6_is1" = Portrait Professional Max 6.3
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"RegCure" = RegCure 2.0.0.0
"Revo Uninstaller" = Revo Uninstaller 1.71
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"save2pc Pro Demo_is1" = save2pc Pro Demo 3.61
"Shockwave" = Shockwave
"Steam App 18800" = Zero Gear Demo
"Steam App 500" = Left 4 Dead
"Steam App 510" = Left 4 Dead Dedicated Server
"Steam App 513" = Left 4 Dead Authoring Tools
"Szótár V8_is1" = Szótár program eltávolítása
"Totalcmd" = Total Commander (Remove or Repair)
"UltraISO_is1" = UltraISO Premium V8.63
"VentriloMIX" = VentriloMIX
"Virtual Painter 5 (for Photoshop)" = Virtual Painter 5 (for Photoshop)
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPatrol" = WinPatrol 2008
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Worms Armageddon - New Edition" = Worms Armageddon - New Edition
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"Xfire" = Xfire (remove only)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2010.02.06. 10:36:37 | Computer Name = MAXNOR | Source = EventSystem | ID = 4609
Description = A COM+ eseményrendszer rossz visszatérő kódot észlelt a belső feldolgozás
során. HRESULT: 8007043C a(z) 44 / d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp
sorból. Forduljon a Microsoft technikai tanácsadásához, és jelezze a hibá

Error - 2010.02.06. 12:23:04 | Computer Name = MAXNOR | Source = Application Error | ID = 1000
Description = Hibás alkalmazás: ad-aware.exe, verzió: 7.1.0.11, hibás modul: lavalicense.dll,
verzió: 7.1.0.2, memóriacím: 0x0000ccfb.

Error - 2010.02.07. 6:53:06 | Computer Name = MAXNOR | Source = Application Error | ID = 1000
Description = Hibás alkalmazás: wgatray.exe, verzió: 1.9.40.0, hibás modul: unknown,
verzió: 0.0.0.0, memóriacím: 0x4bfdc66d.

Error - 2010.02.07. 6:53:20 | Computer Name = MAXNOR | Source = Application Error | ID = 1000
Description = Hibás alkalmazás: explorer.exe, verzió: 6.0.2900.5512, hibás modul:
shlwapi.dll, verzió: 6.0.2900.5512, memóriacím: 0x00032ff5.

Error - 2010.02.07. 6:53:49 | Computer Name = MAXNOR | Source = Application Error | ID = 1000
Description = Hibás alkalmazás: drwtsn32.exe, verzió: 5.1.2600.0, hibás modul: dbghelp.dll,
verzió: 5.1.2600.5512, memóriacím: 0x0001295d.

Error - 2010.02.07. 7:54:51 | Computer Name = MAXNOR | Source = pctsSvc.exe | ID = 0
Description =

Error - 2010.02.07. 9:48:05 | Computer Name = MAXNOR | Source = Google Update | ID = 20
Description =

Error - 2010.02.07. 10:27:06 | Computer Name = MAXNOR | Source = Userenv | ID = 1512
Description = A Windows nem tudja eltávolítani a memóriából a rendszerleíró-adatbázist.
A rendszerleíró-adatbázis által elfoglalt memória nem szabadult fel. Ezt gyakran
felhasználói fióknéven futó szolgáltatások okozzák. Próbálja meg azt, hogy a szolgáltatásokat
a LocalService vagy a NetworkService fióknéven történő futásra állítja be. Ha a
probléma továbbra is fennáll, lépjen kapcsolatba a rendszergazdával. RÉSZLETEK
- Nincs elég rendszererőforrás a kért szolgáltatás befejezéséhez.

Error - 2010.02.07. 11:26:40 | Computer Name = MAXNOR | Source = MsiInstaller | ID = 10005
Description = Product: ESET Smart Security -- Error 5004. Enter a valid password
to continue uninstallation.

Error - 2010.02.07. 11:27:12 | Computer Name = MAXNOR | Source = MsiInstaller | ID = 10005
Description = Product: ESET Smart Security -- Error 5004. Enter a valid password
to continue uninstallation.

[ OSession Events ]
Error - 2007.08.20. 2:29:01 | Computer Name = NORMAX | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2007.10.16. 10:20:07 | Computer Name = NORMAX | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 42
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2008.08.05. 18:49:51 | Computer Name = MAXNOR | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 7235
seconds with 3120 seconds of active time. This session ended with a crash.

Error - 2009.02.13. 4:10:34 | Computer Name = MAXNOR | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 19
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2010.02.07. 10:40:31 | Computer Name = MAXNOR | Source = DCOM | ID = 10005
Description = A DCOM a következő hibát észlelte :"%1084" netman szolgáltatásnak
"" paraméterekkel való indítása közben. Ezért a következő kiszolgálót nem sikerült
futtatni: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 2010.02.07. 10:42:00 | Computer Name = MAXNOR | Source = DCOM | ID = 10005
Description = A DCOM a következő hibát észlelte :"%1084" StiSvc szolgáltatásnak
"" paraméterekkel való indítása közben. Ezért a következő kiszolgálót nem sikerült
futtatni: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 2010.02.07. 10:43:11 | Computer Name = MAXNOR | Source = Service Control Manager | ID = 7031
Description = A(z) Lavasoft Ad-Aware Service szolgáltatás váratlanul leállt. Ez
a(z) 1. alkalommal fordult elő. 5000 milliszekundumon belül a következő ellenintézkedés
történik: A szolgáltatás újraindítása.

Error - 2010.02.07. 10:43:41 | Computer Name = MAXNOR | Source = DCOM | ID = 10005
Description = A DCOM a következő hibát észlelte :"%1084" netman szolgáltatásnak
"" paraméterekkel való indítása közben. Ezért a következő kiszolgálót nem sikerült
futtatni: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 2010.02.07. 10:49:23 | Computer Name = MAXNOR | Source = Service Control Manager | ID = 7031
Description = A(z) Lavasoft Ad-Aware Service szolgáltatás váratlanul leállt. Ez
a(z) 2. alkalommal fordult elő. 10000 milliszekundumon belül a következő ellenintézkedés
történik: A szolgáltatás újraindítása.

Error - 2010.02.07. 10:55:44 | Computer Name = MAXNOR | Source = DCOM | ID = 10005
Description = A DCOM a következő hibát észlelte :"%1084" EventSystem szolgáltatásnak
"" paraméterekkel való indítása közben. Ezért a következő kiszolgálót nem sikerült
futtatni: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2010.02.07. 10:57:44 | Computer Name = MAXNOR | Source = Service Control Manager | ID = 7000
Description = A szolgáltatás (NTPort Library Driver) a következő hiba következtében
leállt: %%2

Error - 2010.02.07. 11:04:50 | Computer Name = MAXNOR | Source = Service Control Manager | ID = 7031
Description = A(z) Lavasoft Ad-Aware Service szolgáltatás váratlanul leállt. Ez
a(z) 1. alkalommal fordult elő. 5000 milliszekundumon belül a következő ellenintézkedés
történik: A szolgáltatás újraindítása.

Error - 2010.02.07. 11:05:25 | Computer Name = MAXNOR | Source = Service Control Manager | ID = 7031
Description = A(z) Lavasoft Ad-Aware Service szolgáltatás váratlanul leállt. Ez
a(z) 2. alkalommal fordult elő. 10000 milliszekundumon belül a következő ellenintézkedés
történik: A szolgáltatás újraindítása.

Error - 2010.02.07. 11:05:50 | Computer Name = MAXNOR | Source = Service Control Manager | ID = 7034
Description = A(z) Lavasoft Ad-Aware Service szolgáltatás váratlanul leállt. Ez
a(z) 3. alkalommal fordult elő.


< End of report >

IV. RÉSZ



========== Files - Modified Within 7 Days ==========

File not found -- C:\Documents and Settings\Maxnor\Dokumentumok\Maxnor.
[2010.02.07 17:23:49 | 000,004,725 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.02.07 17:00:54 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Maxnor\Asztal\OTL.exe
[2010.02.07 16:48:05 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.02.07 15:57:37 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.02.07 15:57:30 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.02.07 15:57:30 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.02.07 15:57:28 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.02.07 15:57:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.02.07 15:57:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.02.07 15:57:10 | 000,219,120 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010.02.07 15:57:06 | 000,625,730 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2010.02.07 15:55:49 | 013,893,632 | ---- | M] () -- C:\Documents and Settings\Maxnor\ntuser.dat
[2010.02.07 15:55:49 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Maxnor\ntuser.ini
[2010.02.07 14:54:32 | 000,077,312 | ---- | M] () -- C:\Documents and Settings\Maxnor\Asztal\mbr.exe
[2010.02.06 20:28:47 | 000,000,063 | ---- | M] () -- C:\WINDOWS\System32\everest_cpl.ini
[2010.02.06 19:43:08 | 003,849,084 | R--- | M] () -- C:\Documents and Settings\Maxnor\Asztal\ComboFix.exe
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.02.07 16:19:36 | 000,077,312 | ---- | C] () -- C:\Documents and Settings\Maxnor\Asztal\mbr.exe
[2010.02.07 15:39:41 | 003,849,084 | R--- | C] () -- C:\Documents and Settings\Maxnor\Asztal\ComboFix.exe
[2010.02.07 12:56:35 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.02.07 12:56:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.02.07 12:56:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.02.07 12:56:35 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.02.07 12:56:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.01.22 02:33:06 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009.12.24 13:45:44 | 001,420,840 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009.11.28 20:21:30 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrK.sys
[2009.09.13 14:11:04 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009.08.07 18:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.07.03 13:51:02 | 000,001,734 | ---- | C] () -- C:\WINDOWS\TSearch.INI
[2009.06.18 20:31:17 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.06.18 20:31:16 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.06.10 17:54:12 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.06.10 17:54:11 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.05.18 19:06:08 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Maxnor\Application Data\vso_ts_preview.xml
[2009.05.18 19:05:17 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Maxnor\Application Data\pcouffin.log
[2009.05.18 19:05:04 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Maxnor\Application Data\pcouffin.cat
[2009.05.18 19:05:04 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Maxnor\Application Data\pcouffin.inf
[2009.05.07 12:52:34 | 000,000,122 | ---- | C] () -- C:\WINDOWS\WA.INI
[2009.05.01 09:44:17 | 000,210,456 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009.05.01 09:44:17 | 000,206,360 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009.05.01 09:44:17 | 000,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009.05.01 09:44:17 | 000,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009.05.01 09:44:17 | 000,194,072 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009.05.01 09:44:17 | 000,026,136 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009.04.25 17:37:43 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Multimedia manager.INI
[2009.03.04 13:00:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OODCNT.INI
[2009.01.24 11:32:51 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\Maxnor\Application Data\default.rss
[2009.01.24 11:32:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Maxnor\Application Data\downloads.m3u
[2008.11.25 11:18:36 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008.10.27 21:37:57 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Maxnor\Application Data\PnkBstrK.sys
[2008.10.19 09:22:13 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\45EDAAE599.sys
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.09.28 12:50:04 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2008.09.28 12:50:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2008.09.28 12:50:04 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2008.09.28 12:50:04 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2008.06.11 15:46:29 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008.06.02 17:09:13 | 000,127,488 | ---- | C] () -- C:\WINDOWS\System32\nzMedia.dll
[2008.05.12 12:52:48 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2008.05.12 12:50:19 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008.03.15 09:34:43 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2008.03.02 14:11:49 | 000,000,063 | ---- | C] () -- C:\WINDOWS\System32\everest_cpl.ini
[2008.03.01 13:45:58 | 000,000,596 | ---- | C] () -- C:\WINDOWS\u3dedit4.INI
[2008.02.09 10:51:41 | 000,000,037 | ---- | C] () -- C:\WINDOWS\progman.ini
[2008.01.10 15:31:26 | 000,001,071 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2007.12.24 22:10:32 | 000,138,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007.11.29 23:30:28 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007.11.29 23:28:24 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007.11.29 23:28:24 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2007.11.28 22:52:32 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007.11.12 08:09:10 | 000,001,353 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007.10.23 12:30:12 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2007.09.06 21:45:20 | 000,092,660 | ---- | C] () -- C:\WINDOWS\System32\BASS.DLL
[2007.08.24 00:08:47 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Maxnor\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.07.27 15:50:26 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007.07.24 19:03:07 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007.07.18 19:19:37 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.07.18 17:45:22 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Maxnor\Local Settings\Application Data\fusioncache.dat
[2007.07.17 12:06:32 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007.07.13 19:54:32 | 000,000,101 | ---- | C] () -- C:\WINDOWS\hwm.ini
[2007.07.13 01:23:10 | 000,000,692 | ---- | C] () -- C:\Documents and Settings\Maxnor\Local Settings\Application Data\FASTWiz.html
[2007.07.13 01:00:44 | 000,004,725 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.07.12 23:52:43 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007.03.29 22:00:40 | 000,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2006.01.04 18:52:11 | 000,286,208 | ---- | C] () -- C:\WINDOWS\System32\cncs232.dll
[2002.03.20 21:01:06 | 000,006,688 | R--- | C] () -- C:\WINDOWS\System32\Digita.sys
[2002.03.20 21:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2002.03.20 21:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2002.03.20 21:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll
[2002.03.20 21:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll
[2001.11.29 23:18:34 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\SFTrans.dll
[2001.11.29 23:18:34 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\CCTrans.dll
[2001.11.29 23:18:34 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\rubberovine.dll
[1997.06.14 01:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2007.09.08 11:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2009.09.03 21:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Activision
[2008.10.07 07:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2009.04.27 18:47:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009.04.10 13:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009.04.10 13:15:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2008.03.29 09:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009.02.01 15:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FlashFXP
[2007.10.07 20:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009.05.01 09:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2009.01.24 11:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2009.01.01 10:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009.02.23 15:05:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010.01.31 17:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2010.02.07 12:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009.09.14 14:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2009.05.01 09:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2010.01.17 03:00:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}
[2009.08.31 21:29:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{5794CDCB-FAB7-4C15-9069-4D8AC02592DE}
[2010.01.28 18:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\ACD Systems
[2008.03.29 10:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Anthropics
[2008.09.26 14:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Autodesk
[2007.07.20 17:06:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\BinarySense
[2010.01.18 13:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Bioshock
[2010.01.28 19:49:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\BitTorrent
[2008.10.06 09:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Blender Foundation
[2009.07.17 01:56:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\BPFTP
[2010.01.04 18:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\BSplayer PRO
[2009.06.25 14:52:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\DAEMON Tools
[2009.06.25 14:53:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\DAEMON Tools Lite
[2009.06.29 12:08:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\DAEMON Tools Pro
[2010.01.26 18:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\DNA
[2009.06.24 22:09:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\ESET
[2009.12.09 19:38:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\FlashFXP
[2008.02.05 22:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\FreeCall
[2007.07.27 15:50:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Leadertech
[2008.03.05 12:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\MICROSEC e-Szigno
[2008.06.10 12:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\MorphoLogic
[2009.01.01 10:08:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Nokia
[2007.12.30 12:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Nokia Multimedia Player
[2007.10.20 08:22:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\onOne Software
[2008.05.10 08:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\PC Suite
[2008.03.27 22:47:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Petroglyph
[2007.09.19 09:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Quark
[2009.07.16 13:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Red Alert 3 Uprising
[2008.05.12 12:53:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Samsung
[2009.12.11 23:14:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\SPORE
[2007.10.17 06:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Teleca
[2007.09.06 21:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\TERMINAL Studio
[2008.09.03 18:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Thinstall
[2009.01.16 15:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Ubisoft
[2009.05.01 19:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Ulead Systems
[2008.09.16 20:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Uniblue
[2009.12.08 01:45:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\uTorrent
[2009.05.23 12:38:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\Vso
[2008.09.28 14:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\VSRevoGroup
[2009.02.06 11:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maxnor\Application Data\WinPatrol
[2010.01.31 14:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rendszergazda\Application Data\ACD Systems
[2010.02.06 17:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rendszergazda\Application Data\Simply Super Software
[2009.08.02 17:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sberni\Application Data\ESET
[2010.01.21 16:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sberni\Application Data\PC Suite
[2009.08.02 17:02:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sberni\Application Data\Ulead Systems
[2010.02.07 15:27:08 | 000,010,484 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 155 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
< End of report >

III. RÉSZ


O18 - Protocol\Handler\bw-0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\offline-8876480 {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Jelenlegi saját honlap) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Maxnor\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Maxnor\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.07.12 20:52:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008.10.21 12:14:12 | 000,000,115 | ---- | M] () - C:\Autoexec.nat -- [ NTFS ]
O32 - AutoRun File - [2010.02.07 00:37:51 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.02.07 00:37:51 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 7 Days ==========

File not found -- C:\Documents and Settings\Maxnor\Dokumentumok\Maxnor.
[2010.02.07 17:23:02 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Maxnor\Asztal\OTL.exe
[2010.02.07 16:29:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010.02.07 16:15:38 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.02.07 15:54:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.02.07 12:56:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.02.07 12:56:35 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.02.07 12:56:35 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.02.07 12:56:35 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.02.07 12:56:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.02.07 01:10:43 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Maxnor\Recent
[2010.02.07 00:37:51 | 000,000,000 | R--D | C] -- C:\autorun.inf
[2010.02.07 00:21:24 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010.02.06 20:30:40 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.01.23 09:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009.11.15 21:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009.11.15 21:42:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2009.09.02 08:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009.09.02 07:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009.05.18 19:05:04 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Maxnor\Application Data\pcouffin.sys
[2009.01.30 20:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009.01.30 20:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009.01.02 18:50:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Xfire
[2008.09.08 08:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2008.09.04 09:50:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\ESET
[2007.12.10 10:12:51 | 001,261,568 | ---- | C] (PHILIPS ) -- C:\Program Files\FP_Setup4.3.exe
[2007.07.19 09:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

II: RÉSZ



========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-436374069-682003330-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-436374069-682003330-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = hu
IE - HKU\S-1-5-21-436374069-682003330-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 46 51 42 DE D9 A1 CA 01 [binary data]
IE - HKU\S-1-5-21-436374069-682003330-725345543-1003\S-1-5-21-436374069-682003330-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird


O1 HOSTS File: ([2010.02.07 15:57:30 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader hivatkozássúgó) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - Reg Error: Value error. File not found
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKU\S-1-5-21-436374069-682003330-725345543-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-436374069-682003330-725345543-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-436374069-682003330-725345543-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe ()
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-436374069-682003330-725345543-1003..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech)
O4 - Startup: C:\Documents and Settings\Maxnor\Start Menu\Programs\Indítópult\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Maxnor\Start Menu\Programs\Indítópult\OneNote-tartalomjegyzék.onetoc2 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-436374069-682003330-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-436374069-682003330-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-436374069-682003330-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-436374069-682003330-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-436374069-682003330-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Append to existing PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xportálás a Microsoft Excel programba - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Küldés blogba - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Küldés blogba a Windows Live Writer programmal - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found
O9 - Extra Button: Küldés a OneNote programba - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Kül&dés a OneNote programba - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/download/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microso ... 4321175536 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 4321148052 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://engine.netanday.it/ajax_webcam/codec/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://driveragent.com/files/driveragent.cab (Driver Agent ActiveX Control)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/Mi ... b56986.cab (Minesweeper Flags Class)
O18 - Protocol\Handler\bw+0 {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw+0s {c909b30d-0394-4980-9d82-2fc82471b68b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )

NEM ENGEDI, CSAK TÖBB DARABBAN:

I.RÉSZ


OTL logfile created on: 2010.02.07. 17:26:26 - Run 2
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Documents and Settings\Maxnor\Asztal
Windows XP Professional Edition Szervizcsomag 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040E | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 72,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,57 Gb Total Space | 11,52 Gb Free Space | 30,66% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 57,45 Gb Free Space | 29,42% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 1,87 Gb Total Space | 0,49 Gb Free Space | 25,91% Space Free | Partition Type: FAT

Computer Name: MAXNOR
Current User Name: Maxnor
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.02.07 17:00:54 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Maxnor\Asztal\OTL.exe
PRC - [2010.01.30 11:36:10 | 000,215,104 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
PRC - [2009.07.02 12:04:08 | 000,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2009.05.19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009.02.18 19:06:51 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2008.10.25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2008.09.24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008.04.14 17:02:16 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.07.13 13:33:30 | 000,032,768 | ---- | M] (Logitech) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2007.05.10 16:08:00 | 016,342,528 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2007.04.27 06:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
PRC - [2007.04.27 00:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
PRC - [2006.11.02 19:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006.02.28 11:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2005.02.17 06:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe


========== Modules (SafeList) ==========

MOD - [2010.02.07 17:00:54 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Maxnor\Asztal\OTL.exe
MOD - [2007.07.13 13:33:29 | 000,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\Maxnor\Local Settings\temp\IadHide5.dll
MOD - [2006.05.03 21:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (WMPNetworkSvc)
SRV - File not found [Disabled | Stopped] -- -- (UleadBurningHelper)
SRV - File not found [On_Demand | Stopped] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - File not found [On_Demand | Stopped] -- -- (IDriverT)
SRV - File not found [On_Demand | Stopped] -- -- (gusvc)
SRV - File not found [On_Demand | Stopped] -- -- (FLEXnet Licensing Service)
SRV - File not found [Disabled | Stopped] -- -- (Capture Device Service)
SRV - File not found [On_Demand | Stopped] -- -- (Adobe LM Service)
SRV - [2010.01.30 11:36:10 | 000,215,104 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PnkBstrB.exe -- (PnkBstrB)
SRV - [2009.09.02 07:55:21 | 000,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1ca2b9a66c579fa) Google frissítési szolgáltatás (gupdate1ca2b9a66c579fa)
SRV - [2009.08.05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009.07.02 12:12:00 | 000,593,920 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2009.07.02 12:04:08 | 000,602,112 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2009.05.19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009.02.18 19:06:51 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2008.11.04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.11.03 11:45:46 | 001,332,480 | ---- | M] (O&O Software GmbH) [Disabled | Stopped] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2008.10.25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008.09.24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008.06.02 12:26:46 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2007.12.06 20:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Disabled | Stopped] -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)
SRV - [2007.06.15 15:55:00 | 000,300,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.04.27 06:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer)
SRV - [2007.04.27 00:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer)
SRV - [2007.03.20 15:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2006.11.02 19:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.02.28 11:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Running] -- -- (epfwtdi)
DRV - File not found [Kernel | Disabled | Running] -- -- (Epfwndis)
DRV - File not found [Kernel | Disabled | Running] -- -- (epfw)
DRV - File not found [Kernel | Disabled | Running] -- -- (ehdrv)
DRV - File not found [File_System | Disabled | Running] -- -- (eamon)
DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2010.01.30 11:36:46 | 000,138,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009.08.05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009.07.02 12:49:32 | 004,125,696 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.06.25 14:40:20 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.06.18 20:31:17 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.06.18 20:31:16 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.05.18 19:05:04 | 000,047,360 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin)
DRV - [2009.04.25 18:40:01 | 000,024,616 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009.04.25 18:40:01 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2009.04.25 17:46:10 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.03.15 11:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.02.11 19:33:09 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.09.03 11:09:24 | 000,160,792 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctfw2.sys -- (pctfw2)
DRV - [2008.07.28 16:19:28 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008.05.15 02:24:32 | 000,171,520 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinavt2.sys -- (ATIAVAIW)
DRV - [2008.04.13 19:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008.04.13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB audio-illesztőprogram (WDM)
DRV - [2008.04.13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.11.29 23:30:24 | 000,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007.11.13 11:25:54 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007.09.13 20:41:28 | 000,051,608 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2007.09.13 20:41:20 | 000,014,744 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2007.09.13 20:41:12 | 000,029,208 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2007.09.13 20:41:02 | 000,029,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2007.09.13 20:40:54 | 000,019,352 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2007.09.08 11:14:08 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2007.07.20 20:07:54 | 000,014,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2007.07.13 11:50:49 | 000,023,600 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TVICHW32.SYS -- (TVICHW32)
DRV - [2007.06.25 10:43:38 | 000,098,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117obex.sys -- (s117obex)
DRV - [2007.06.25 10:43:36 | 000,108,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mdm.sys -- (s117mdm)
DRV - [2007.06.25 10:43:36 | 000,100,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mgmt.sys -- (s117mgmt) Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM)
DRV - [2007.06.25 10:43:36 | 000,098,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117unic.sys -- (s117unic) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM)
DRV - [2007.06.25 10:43:36 | 000,022,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117nd5.sys -- (s117nd5) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS)
DRV - [2007.06.25 10:43:26 | 000,014,888 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mdfl.sys -- (s117mdfl)
DRV - [2007.06.25 10:43:22 | 000,082,984 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117bus.sys -- (s117bus) Sony Ericsson Device 117 driver (WDM)
DRV - [2007.06.21 12:51:08 | 000,100,992 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007.05.10 16:28:00 | 004,419,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.05.02 10:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007.05.02 10:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007.05.02 10:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007.04.27 06:40:00 | 000,090,688 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
DRV - [2007.04.13 16:42:16 | 000,068,096 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- D:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2007.03.01 09:05:38 | 000,090,496 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.02.22 10:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007.02.22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007.02.22 10:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2007.02.16 03:27:10 | 000,044,928 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2006.02.07 12:52:58 | 000,006,912 | R--- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\JGOGO.sys -- (JGOGO)
DRV - [2005.12.20 10:57:40 | 000,027,008 | ---- | M] (Philips Consumer Electronics Co.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aexpamdrv.sys -- (AEXPAM)
DRV - [2004.11.18 12:49:14 | 000,024,786 | ---- | M] (EUTRON) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eusk2par.sys -- (eusk2par)
DRV - [2004.11.18 11:49:14 | 000,045,534 | ---- | M] (EUTRON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\eusk3usb.sys -- (eusk3usb)
DRV - [2001.10.26 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001.10.26 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001.10.26 13:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001.10.26 13:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [1999.09.10 11:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI32)

ok,most egy kicsit mast fogok csinalni,,ezert ted ide a logot es ccc 1-ora mulva it lesszek.

Rendben, elindult 10 perc és kész.

Letolteni az asztalra>OTListIt2>> OTL
http://oldtimer.geekstogo.com/OTL.exe
-Futatni
- file age at valtoztani 30 > 7day ra.
-bepipazni
-Scan all users.
-Lop check.
-Purity check.
-v sekciobaExtra Registry>bepotyozni>Use SafeList
-KLIK>Run Scan
-scan t [5-10 perc mulva kesz]>ted a hozaszolasodba >>
-OTL.txt (az asztalon lesz).
-Extras.txt [a talcan lesz]

MBR:



Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spkc.sys >>UNKNOWN [0x8A5F8938]<<
kernel: MBR read successfully
user & kernel MBR OK
malicious code @ sector 0x1d1c4581 size 0x1a8 !
copy of MBR has been found in sector 62 !
PE file found in sector at 0x01D1C4581 !

------------------------------------

Ez már normál módban ment le...

Végül is csökkentett módban ment le, és előtte le kellett állítanom az ESET ekrn.exe fájlát, mert a processzor 100%-on volt, és az egér is alig mozgott:(

Tehát a COMBO FIX:

ComboFix 10-02-05.04 - Maxnor 010.02.07. 15:49:24.2.2 - x86 MINIMAL
Running from: c:\documents and settings\Maxnor\Asztal\ComboFix.exe
Command switches used :: c:\documents and settings\Maxnor\Asztal\CFScript.txt

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
"c:\windows\Tasks\Crysis Wars(R) Updates.job"
"c:\windows\Tasks\RegCure Program Check.job"
"c:\windows\Tasks\RegCure Startup.job"
"c:\windows\Tasks\RegCure.job"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Tasks\Crysis Wars(R) Updates.job
c:\windows\Tasks\RegCure Program Check.job
c:\windows\Tasks\RegCure Startup.job
c:\windows\Tasks\RegCure.job

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_LIVETURBINEMESSAGESERVICE
-------\Legacy_LIVETURBINENETWORKSERVICE
-------\Service_LiveTurbineMessageService
-------\Service_LiveTurbineNetworkService


((((((((((((((((((((((((( Files Created from 2010-01-07 to 2010-02-07 )))))))))))))))))))))))))))))))
.

2010-02-07 11:18 . 2010-02-07 11:18 -------- d-----w- c:\documents and settings\Rendszergazda\Local Settings\Application

Data\O&O
2010-02-06 23:21 . 2010-02-07 11:57 -------- d-----w- C:\UsbFix
2010-02-06 16:13 . 2010-02-06 16:13 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\Simply Super

Software
2010-02-06 16:13 . 2008-09-20 17:50 2552384 ----a-w- c:\documents and settings\Rendszergazda\Application Data\Simply Super

Software\Trojan Remover\xlcE.exe
2010-02-06 14:36 . 2010-02-06 14:36 -------- d-----w- c:\documents and settings\Rendszergazda\Local Settings\Application

Data\Identities
2010-01-31 16:38 . 2010-01-31 16:38 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\Malwarebytes
2010-01-31 16:01 . 2010-01-31 16:01 -------- d-----w- c:\documents and settings\All Users\Application Data\RegCure
2010-01-31 15:21 . 2010-01-31 15:21 -------- d-sh--w- c:\documents and settings\Rendszergazda\PrivacIE
2010-01-31 14:45 . 2010-02-06 17:12 -------- d-----r- c:\documents and settings\Rendszergazda\Dokumentumok
2010-01-31 14:25 . 2010-01-31 14:25 -------- d-----w- c:\program files\Lavalys
2010-01-31 13:56 . 2010-01-31 13:56 -------- d-----w- c:\documents and settings\Rendszergazda\Local Settings\Application

Data\GHISLER
2010-01-31 13:56 . 2010-01-31 13:56 -------- d-----w- c:\documents and settings\Rendszergazda\Local Settings\Application

Data\ACDSee
2010-01-31 13:56 . 2010-01-31 13:56 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\ACD Systems
2010-01-30 16:05 . 2010-01-30 16:05 -------- d-----w- c:\program files\Common Files\ABBYY
2010-01-28 17:24 . 2010-01-28 17:24 -------- d-----w- c:\documents and settings\Maxnor\Local Settings\Application Data\ACDSee
2010-01-28 17:23 . 2010-01-28 21:51 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-01-28 17:23 . 2010-01-28 17:23 -------- d-----w- c:\program files\ACD Systems
2010-01-23 05:25 . 2010-01-29 22:16 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-01-23 00:03 . 2010-01-23 00:03 -------- d-----w- c:\program files\AGEIA Technologies
2010-01-23 00:02 . 2010-01-23 00:02 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-22 23:35 . 2010-01-23 00:02 -------- d-----w- c:\program files\Common Files\BioWare
2010-01-22 01:33 . 2010-01-22 01:33 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-01-21 15:43 . 2010-01-21 15:43 -------- d-----w- c:\documents and settings\Sberni\Application Data\PC Suite
2010-01-13 09:52 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-07 11:55 . 2009-06-11 19:21 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-02-04 10:54 . 2007-07-12 21:40 102400 ----a-w- c:\windows\DUMP979c.tmp
2010-01-31 15:22 . 2007-07-12 21:39 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-30 16:07 . 2007-07-23 08:34 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-30 15:27 . 2007-07-12 21:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-30 15:07 . 2007-07-12 21:40 102400 ----a-w- c:\windows\DUMP8f30.tmp
2010-01-30 10:36 . 2007-12-24 21:10 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-01-30 10:36 . 2008-04-13 21:07 -------- d-----w- c:\documents and settings\Maxnor\Application Data\Xfire
2010-01-30 10:36 . 2007-12-24 21:10 215104 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-01-29 23:26 . 2009-09-02 21:47 -------- d-----w- c:\documents and settings\Maxnor\Application Data\Skype
2010-01-29 23:26 . 2009-09-02 21:48 -------- d-----w- c:\documents and settings\Maxnor\Application Data\skypePM
2010-01-28 18:49 . 2009-06-17 22:38 -------- d-----w- c:\documents and settings\Maxnor\Application Data\BitTorrent
2010-01-28 17:26 . 2007-09-09 19:34 -------- d-----w- c:\documents and settings\Maxnor\Application Data\ACD Systems
2010-01-28 02:05 . 2007-07-17 11:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-01-27 16:03 . 2007-07-12 22:57 155560 ----a-w- c:\documents and settings\Maxnor\Local Settings\Application

Data\GDIPFONTCACHEV1.DAT
2010-01-26 17:50 . 2008-09-21 08:29 -------- d-----w- c:\program files\P2P_Torrent
2010-01-26 17:50 . 2009-12-24 12:45 1420840 ----a-w- c:\documents and settings\LocalService\Local Settings\Application

Data\FontCache3.0.0.0.dat
2010-01-26 17:49 . 2009-06-17 22:37 -------- d-----w- c:\documents and settings\Maxnor\Application Data\DNA
2010-01-26 16:24 . 2007-07-16 14:23 -------- d-----w- c:\program files\Intel
2010-01-26 15:39 . 2009-06-17 22:37 -------- d-----w- c:\program files\DNA
2010-01-26 14:40 . 2008-05-06 13:19 1984 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-25 15:24 . 2009-12-21 17:15 155560 ----a-w- c:\documents and settings\LocalService\Local Settings\Application

Data\GDIPFONTCACHEV1.DAT
2010-01-22 23:23 . 2008-02-29 13:34 -------- d-----w- c:\program files\Windows Live
2010-01-22 23:14 . 2008-09-28 01:39 -------- d-----w- c:\program files\Common Files\SafeNet Sentinel
2010-01-22 23:13 . 2008-11-24 13:30 -------- d-----w- c:\program files\Common Files\Nero
2010-01-21 21:07 . 2009-04-19 20:28 -------- d-----w- c:\documents and settings\Maxnor\Application Data\InstallShield

Installation Information
2010-01-18 12:22 . 2009-04-19 21:14 -------- d-----w- c:\documents and settings\Maxnor\Application Data\Bioshock
2010-01-17 02:00 . 2009-08-30 19:57 -------- dc-h--w- c:\documents and settings\All Users\Application

Data\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}
2010-01-04 17:39 . 2009-05-06 18:27 -------- d-----w- c:\documents and settings\Maxnor\Application Data\BSplayer PRO
2009-12-25 11:47 . 2001-10-26 12:00 545690 ----a-w- c:\windows\system32\perfh00E.dat
2009-12-25 11:47 . 2001-10-26 12:00 157868 ----a-w- c:\windows\system32\perfc00E.dat
2009-12-22 04:08 . 2009-12-22 04:08 376320 ----a-r- c:\documents and settings\Maxnor\Application

Data\Microsoft\Installer\{52B65911-1559-4ED5-9461-46957FDD48CD}\Icon52B659113.exe
2009-12-22 04:08 . 2009-12-22 04:08 -------- d-sh--w- c:\documents and settings\All Users\Application Data\SecuROM
2009-12-22 03:52 . 2007-10-07 19:10 -------- d-----w- c:\program files\DIFX
2009-12-21 19:09 . 2001-10-26 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-14 21:13 . 2009-12-14 21:13 -------- d-----w- c:\documents and settings\Maxnor\Application Data\Malwarebytes
2009-12-14 21:13 . 2009-12-14 21:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-14 21:12 . 2009-12-14 21:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-11 22:14 . 2009-12-11 22:14 -------- d-----w- c:\documents and settings\Maxnor\Application Data\SPORE
2009-12-09 18:38 . 2009-12-09 18:38 -------- d-----w- c:\documents and settings\Maxnor\Application Data\FlashFXP
2009-12-09 18:38 . 2009-12-09 18:38 -------- d-----w- c:\program files\FlashFXP
2009-12-03 15:14 . 2009-12-14 21:13 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 15:13 . 2009-12-14 21:12 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-21 16:03 . 2001-10-26 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 08:46 . 2009-11-21 08:46 86016 ----a-w- c:\windows\system32\frapsvid.dll
2009-11-21 01:12 . 2009-11-28 19:21 22328 ----a-w- c:\windows\system32\PnkBstrK.sys
2006-10-31 07:40 . 2007-12-10 09:12 1261568 ------w- c:\program files\FP_Setup4.3.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-13 32768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-10 16342528]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
"Nokia.PCSync"="d:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

c:\documents and settings\Maxnor\Start Menu\Programs\Indˇt˘pult\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-1-30 113664]
OneNote-tartalomjegyz‚k.onetoc2 [2009-9-16 3656]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Maxnor^Start Menu^Programs^Indítópult^HDDlife.lnk]
backup=c:\windows\pss\HDDlife.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Maxnor^Start Menu^Programs^Indítópult^MagicDisc.lnk]
backup=c:\windows\pss\MagicDisc.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2008-01-11 18:54 623992 ----a-w- d:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2007-06-18 13:10 271360 ----a-w- d:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UleadBurningHelper"=2 (0x2)
"PnkBstrA"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=

R2 gupdate1ca2b9a66c579fa;Google frissítési szolgáltatás (gupdate1ca2b9a66c579fa);c:\program files\Google\Update\GoogleUpdate.exe

[2009-09-02 133104]
R3 AEXPAM;Philips SmartManage Service;c:\windows\system32\Drivers\aexpamdrv.sys [2005-12-20 27008]
R3 ATICDSDr;ATICDSDr;c:\docume~1\RENDSZ~1\LOCALS~1\Temp\ATICDSDr.sys [x]
R3 eusk3usb;SmartKey 3 USB;c:\windows\system32\Drivers\eusk3usb.sys [2004-11-18 45534]
R3 fsssvc;Windows Live Családbiztonság szolgáltatás;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2009-04-25 13224]
R3 TCCrystalCpuInfo;TCCrystalCpuInfo;c:\docume~1\Maxnor\LOCALS~1\Temp\TCCpuInfo.sys [x]
R4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common

Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-06-25 721904]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\Drivers\eusk2par.sys [2004-11-18 24786]
S1 pctfw2;pctfw2;c:\windows\system32\drivers\pctfw2.sys [2008-09-03 160792]
S2 ekrn;ESET Service;d:\program files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
S2 SentinelKeysServer;Sentinel Keys Server;c:\program files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe

[2007-04-26 316992]

.
Contents of the 'Scheduled Tasks' folder

2010-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-02 06:55]

2010-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-02 06:55]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Append to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - d:\program files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - d:\program files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportálás a Microsoft Excel programba - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop

Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://engine.netanday.it/ajax_webcam/codec/AMC.cab
.
- - - - ORPHANS REMOVED - - - -

AddRemove-HijackThis - m:\norbi_gep\hijackthis\HijackThis.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-07 15:58
Windows 5.1.2600 Szervizcsomag 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spkc.sys >>UNKNOWN [0x8A5F8938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb80fcf28
\Driver\ACPI -> ACPI.sys @ 0xb7e66cb8
\Driver\atapi -> atapi.sys @ 0xb7dfbb40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xb7cf1bb0
PacketIndicateHandler -> NDIS.sys @ 0xb7ce0a0d
SendHandler -> NDIS.sys @ 0xb7cf4b40
user & kernel MBR OK
malicious code @ sector 0x1d1c4581 size 0x1a8 !
copy of MBR has been found in sector 62 !
PE file found in sector at 0x01D1C4581 !

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-436374069-682003330-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-436374069-682003330-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell

Extensions\Approved\{538BD0BA-2FF8-58C4-E0D0-500F08E6B4EC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2B46E70F-CDA7-473E-89F6-DC9630A2390B}\Instance\{6FDDC324-4E03-4B@E

-B185-*D77768Dţ90B}]
"CLSID"="{6FDDC324-4E03-4BFE-B185-3D77768DC90B}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{346355E1-7094-4321-BBE2-2EBE8BF08981}\V*rsionIndependentProgID]
@="ISInstallDriver.StringTable"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="ezt is toroltem, mert nagyon hosszu volt"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1292)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2292)
c:\windows\system32\WININET.dll
c:\docume~1\Maxnor\LOCALS~1\Temp\IadHide5.dll
c:\windows\System32\themeui.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
d:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
d:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
d:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_hun.nlr
d:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\PSIService.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
c:\windows\RTHDCPL.EXE
.
**************************************************************************
.
Completion time: 2010-02-07 16:01:31 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-07 15:01
ComboFix2.txt 2010-02-07 12:57

Pre-Run: 12 341 866 496 bájt szabad
Post-Run: 12 285 820 928 bájt szabad

- - End Of File - - CF99459C0172A1927C2B2D52A1537624

ok,majd ted ide a mbr.exe logjat is oda allora leirtam ahol
a combofix script van.

Köszönöm, már megy a COMBOFIX...
Bemásolom, amint készen van!

Most mar normal modban csinald.

Rendben, köszönöm, már csinálom is, csak azt kérdezném, hogy most normál módban megy a gép... Ebben csináljam, vagy indítsam újra, és csökkentett módban?

Szerkesed az Elso combofix logjat es torold ki a hosszu sort.

Kinyitunk - Notepadot (Jegyzetfüzetet)igy: Start>futtatás>beírod: notepad
és bemásolod- a Kód: címszó alatt található zöld textet(Kód: szó nélkül), aztán a notepadba beillesztett textet elmentjük scriptnek az asztalra , úgy:- Fájl>Mentés Másként>Fájlnév>CFScript.txt>Fájl típusa>Minden fájl>Mentés.(Ásztálra),.Kész, az astalon lévő CFScript txt húzzunk rá a ComboFix ikonnyara. Es mostan megcsinalod eztett:

A combofix maga elindul es lehet hogy restartol es befejezi a scent.Amit majd ad ted ide.



Tolds le az asztalra:
http://www2.gmer.net/mbr/mbr.exe

start>>.futtatasba masold be ezt a parancsot:

cmd /c mbr.exe -t >log.txt&start log.txt
log.txt ted ide.

Kitöröltem a hosszú sorokat, de ha szükséges külön le is mentettem...

Már rövidítve:


ComboFix 10-02-05.04 - Rendszergazda 010.02.07. 12:59:38.1.2 - x86 MINIMAL
Running from: d:\norbigep\STELL\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Maxnor\Application Data\inst.exe
c:\windows\OPTIONS\CABS\_desktop.ini
c:\windows\system32\BReWErS.dll
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\twain_32.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_NPF


((((((((((((((((((((((((( Files Created from 2010-01-07 to 2010-02-07 )))))))))))))))))))))))))))))))
.

2010-02-07 11:18 . 2010-02-07 11:18 -------- d-----w- c:\documents and settings\Rendszergazda\Local Settings\Application Data\O&O
2010-02-06 23:21 . 2010-02-07 11:57 -------- d-----w- C:\UsbFix
2010-02-06 16:13 . 2010-02-06 16:13 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\Simply Super Software
2010-02-06 16:13 . 2008-09-20 17:50 2552384 ----a-w- c:\documents and settings\Rendszergazda\Application Data\Simply Super Software\Trojan Remover\xlcE.exe
2010-02-06 14:36 . 2010-02-06 14:36 -------- d-----w- c:\documents and settings\Rendszergazda\Local Settings\Application Data\Identities
2010-01-31 16:38 . 2010-01-31 16:38 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\Malwarebytes
2010-01-31 16:01 . 2010-01-31 16:01 -------- d-----w- c:\documents and settings\All Users\Application Data\RegCure
2010-01-31 15:21 . 2010-01-31 15:21 -------- d-sh--w- c:\documents and settings\Rendszergazda\PrivacIE
2010-01-31 14:45 . 2010-02-06 17:12 -------- d-----r- c:\documents and settings\Rendszergazda\Dokumentumok
2010-01-31 14:25 . 2010-01-31 14:25 -------- d-----w- c:\program files\Lavalys
2010-01-31 13:56 . 2010-01-31 13:56 -------- d-----w- c:\documents and settings\Rendszergazda\Local Settings\Application Data\GHISLER
2010-01-31 13:56 . 2010-01-31 13:56 -------- d-----w- c:\documents and settings\Rendszergazda\Local Settings\Application Data\ACDSee
2010-01-31 13:56 . 2010-01-31 13:56 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\ACD Systems
2010-01-30 16:05 . 2010-01-30 16:05 -------- d-----w- c:\program files\Common Files\ABBYY
2010-01-28 17:24 . 2010-01-28 17:24 -------- d-----w- c:\documents and settings\Maxnor\Local Settings\Application Data\ACDSee
2010-01-28 17:23 . 2010-01-28 21:51 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-01-28 17:23 . 2010-01-28 17:23 -------- d-----w- c:\program files\ACD Systems
2010-01-23 05:25 . 2010-01-29 22:16 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-01-23 00:03 . 2010-01-23 00:03 -------- d-----w- c:\program files\AGEIA Technologies
2010-01-23 00:02 . 2010-01-23 00:02 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-22 23:35 . 2010-01-23 00:02 -------- d-----w- c:\program files\Common Files\BioWare
2010-01-22 01:33 . 2010-01-22 01:33 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-01-21 15:43 . 2010-01-21 15:43 -------- d-----w- c:\documents and settings\Sberni\Application Data\PC Suite
2010-01-13 09:52 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-07 11:55 . 2009-06-11 19:21 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-02-04 10:54 . 2007-07-12 21:40 102400 ----a-w- c:\windows\DUMP979c.tmp
2010-01-31 15:22 . 2007-07-12 21:39 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-30 16:07 . 2007-07-23 08:34 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-30 15:27 . 2007-07-12 21:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-30 15:07 . 2007-07-12 21:40 102400 ----a-w- c:\windows\DUMP8f30.tmp
2010-01-30 10:36 . 2007-12-24 21:10 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-01-30 10:36 . 2008-04-13 21:07 -------- d-----w- c:\documents and settings\Maxnor\Application Data\Xfire
2010-01-30 10:36 . 2007-12-24 21:10 215104 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-01-29 23:26 . 2009-09-02 21:47 -------- d-----w- c:\documents and settings\Maxnor\Application Data\Skype
2010-01-29 23:26 . 2009-09-02 21:48 -------- d-----w- c:\documents and settings\Maxnor\Application Data\skypePM
2010-01-28 18:49 . 2009-06-17 22:38 -------- d-----w- c:\documents and settings\Maxnor\Application Data\BitTorrent
2010-01-28 17:26 . 2007-09-09 19:34 -------- d-----w- c:\documents and settings\Maxnor\Application Data\ACD Systems
2010-01-28 02:05 . 2007-07-17 11:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-01-27 16:03 . 2007-07-12 22:57 155560 ----a-w- c:\documents and settings\Maxnor\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-26 17:50 . 2008-09-21 08:29 -------- d-----w- c:\program files\P2P_Torrent
2010-01-26 17:50 . 2009-12-24 12:45 1420840 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-26 17:49 . 2009-06-17 22:37 -------- d-----w- c:\documents and settings\Maxnor\Application Data\DNA
2010-01-26 16:24 . 2007-07-16 14:23 -------- d-----w- c:\program files\Intel
2010-01-26 15:39 . 2009-06-17 22:37 -------- d-----w- c:\program files\DNA
2010-01-26 14:40 . 2008-05-06 13:19 1984 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-25 15:24 . 2009-12-21 17:15 155560 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-22 23:23 . 2008-02-29 13:34 -------- d-----w- c:\program files\Windows Live
2010-01-22 23:14 . 2008-09-28 01:39 -------- d-----w- c:\program files\Common Files\SafeNet Sentinel
2010-01-22 23:13 . 2008-11-24 13:30 -------- d-----w- c:\program files\Common Files\Nero
2010-01-21 21:07 . 2009-04-19 20:28 -------- d-----w- c:\documents and settings\Maxnor\Application Data\InstallShield Installation Information
2010-01-18 12:22 . 2009-04-19 21:14 -------- d-----w- c:\documents and settings\Maxnor\Application Data\Bioshock
2010-01-17 02:00 . 2009-08-30 19:57 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}
2010-01-04 17:39 . 2009-05-06 18:27 -------- d-----w- c:\documents and settings\Maxnor\Application Data\BSplayer PRO
2009-12-25 11:47 . 2001-10-26 12:00 545690 ----a-w- c:\windows\system32\perfh00E.dat
2009-12-25 11:47 . 2001-10-26 12:00 157868 ----a-w- c:\windows\system32\perfc00E.dat
2009-12-22 04:08 . 2009-12-22 04:08 376320 ----a-r- c:\documents and settings\Maxnor\Application Data\Microsoft\Installer\{52B65911-1559-4ED5-9461-46957FDD48CD}\Icon52B659113.exe
2009-12-22 04:08 . 2009-12-22 04:08 -------- d-sh--w- c:\documents and settings\All Users\Application Data\SecuROM
2009-12-22 03:52 . 2007-10-07 19:10 -------- d-----w- c:\program files\DIFX
2009-12-21 19:09 . 2001-10-26 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-14 21:13 . 2009-12-14 21:13 -------- d-----w- c:\documents and settings\Maxnor\Application Data\Malwarebytes
2009-12-14 21:13 . 2009-12-14 21:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-14 21:12 . 2009-12-14 21:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-11 22:14 . 2009-12-11 22:14 -------- d-----w- c:\documents and settings\Maxnor\Application Data\SPORE
2009-12-09 18:38 . 2009-12-09 18:38 -------- d-----w- c:\documents and settings\Maxnor\Application Data\FlashFXP
2009-12-09 18:38 . 2009-12-09 18:38 -------- d-----w- c:\program files\FlashFXP
2009-12-03 15:14 . 2009-12-14 21:13 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 15:13 . 2009-12-14 21:12 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-21 16:03 . 2001-10-26 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 08:46 . 2009-11-21 08:46 86016 ----a-w- c:\windows\system32\frapsvid.dll
2009-11-21 01:12 . 2009-11-28 19:21 22328 ----a-w- c:\windows\system32\PnkBstrK.sys
2006-10-31 07:40 . 2007-12-10 09:12 1261568 ------w- c:\program files\FP_Setup4.3.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-13 32768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-10 16342528]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"egui"="d:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2007-10-19 286720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
"Nokia.PCSync"="d:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

c:\documents and settings\Maxnor\Start Menu\Programs\Indˇt˘pult\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-1-30 113664]
OneNote-tartalomjegyz‚k.onetoc2 [2009-9-16 3656]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Maxnor^Start Menu^Programs^Indítópult^HDDlife.lnk]
backup=c:\windows\pss\HDDlife.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Maxnor^Start Menu^Programs^Indítópult^MagicDisc.lnk]
backup=c:\windows\pss\MagicDisc.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeCall
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2008-01-11 18:54 623992 ----a-w- d:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2007-06-18 13:10 271360 ----a-w- d:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UleadBurningHelper"=2 (0x2)
"PnkBstrA"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=

R2 gupdate1ca2b9a66c579fa;Google frissítési szolgáltatás (gupdate1ca2b9a66c579fa);c:\program files\Google\Update\GoogleUpdate.exe [2009-09-02 133104]
R3 AEXPAM;Philips SmartManage Service;c:\windows\system32\Drivers\aexpamdrv.sys [2005-12-20 27008]
R3 ATICDSDr;ATICDSDr;c:\docume~1\RENDSZ~1\LOCALS~1\Temp\ATICDSDr.sys [x]
R3 eusk3usb;SmartKey 3 USB;c:\windows\system32\Drivers\eusk3usb.sys [2004-11-18 45534]
R3 fsssvc;Windows Live Családbiztonság szolgáltatás;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2009-04-25 13224]
R3 LiveTurbineMessageService;Turbine Message Service - Live; [x]
R3 LiveTurbineNetworkService;Turbine Network Service - Live; [x]
R3 TCCrystalCpuInfo;TCCrystalCpuInfo;c:\docume~1\Maxnor\LOCALS~1\Temp\TCCpuInfo.sys [x]
R4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-06-25 721904]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\Drivers\eusk2par.sys [2004-11-18 24786]
S1 pctfw2;pctfw2;c:\windows\system32\drivers\pctfw2.sys [2008-09-03 160792]
S2 ekrn;ESET Service;d:\program files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
S2 SentinelKeysServer;Sentinel Keys Server;c:\program files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2007-04-26 316992]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9a99bd14-899c-11dc-b755-001a4d45b35d}]
\Shell\AutoRun\command - L:\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8bc8c48-600b-11dd-9e9d-001a4d45b35d}]
\Shell\AutoRun\command - H:\VMC_PBStarter.exe
.
Contents of the 'Scheduled Tasks' folder

2010-01-17 c:\windows\Tasks\Crysis Wars(R) Updates.job
- c:\windows\Installer\Crysis Wars(R) Updates for All Users.lnk [2009-08-30 19:57]

2010-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-02 06:55]

2010-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-02 06:55]

2010-02-07 c:\windows\Tasks\RegCure Program Check.job
- d:\program files\RegCure\RegCure.exe [2009-09-21 15:38]

2010-02-07 c:\windows\Tasks\RegCure Startup.job
- d:\program files\RegCure\RegCure.exe [2009-09-21 15:38]

2010-01-31 c:\windows\Tasks\RegCure.job
- d:\program files\RegCure\RegCure.exe [2009-09-21 15:38]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Append to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportálás a Microsoft Excel programba - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://engine.netanday.it/ajax_webcam/codec/AMC.cab
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{00021492-0000-0000-C000-000000000046} - (no file)
HKCU-RunOnce-InstallShieldSetup - c:\documents and settings\Maxnor\Application Data\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe
Notify-khfDwuUk - (no file)
SafeBoot-Wdf01000.sys
AddRemove-SpecOps US Army Green Berets - d:\program files\SpecOps US Army Green Berets\Uninst.isu



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-07 13:51
Windows 5.1.2600 Szervizcsomag 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spow.sys >>UNKNOWN [0x8A5F8938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb80fcf28
\Driver\ACPI -> ACPI.sys @ 0xb7e66cb8
\Driver\atapi -> atapi.sys @ 0xb7dfbb40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xb7cf1bb0
PacketIndicateHandler -> NDIS.sys @ 0xb7ce0a0d
SendHandler -> NDIS.sys @ 0xb7cf4b40
user & kernel MBR OK
malicious code @ sector 0x1d1c4581 size 0x1a8 !
copy of MBR has been found in sector 62 !
PE file found in sector at 0x01D1C4581 !

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-436374069-682003330-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-436374069-682003330-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{538BD0BA-2FF8-58C4-E0D0-500F08E6B4EC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-436374069-682003330-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:d2,e4,68,d9,5a,5a,69,6f,e2,9a,e6,ec,d7,80,a9,f2,73,07,af,62,4b,
74,c7,73,ea,79,af,63,40,5c,45,2e,8c,6d,50,d1,50,15,fb,6b,1a,62,fa,80,5d,c1,\
"rkeysecu"=hex:3c,6b,a6,cb,4a,b8,a1,78,aa,9f,0d,11,91,1b,4e,74

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2B46E70F-CDA7-473E-89F6-DC9630A2390B}\Instance\{6FDDC324-4E03-4B@E-B185-*D77768Dţ90B}]
"CLSID"="{6FDDC324-4E03-4BFE-B185-3D77768DC90B}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{346355E1-7094-4321-BBE2-2EBE8BF08981}\V*rsionIndependentProgID]
@="ISInstallDriver.StringTable"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="Ezt itt ki is töröltem, de külön elmentettem ha szükséges!!!"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1292)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(4032)
c:\windows\system32\WININET.dll
c:\docume~1\Maxnor\LOCALS~1\Temp\IadHide5.dll
c:\windows\System32\themeui.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
d:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
d:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
d:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_hun.nlr
d:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\PSIService.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
c:\windows\RTHDCPL.EXE
c:\program files\totalcmd\TOTALCMD.EXE
.
**************************************************************************
.
Completion time: 2010-02-07 13:57:19 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-07 12:56

Pre-Run: 11 779 076 096 bájt szabad
Post-Run: 12 355 874 816 bájt szabad

- - End Of File - - E801D283E597ED091D47E7B9A1C9A6E6

Meg valamit,legy szives csinalj szerkesztest ahol a combofix logja van es torold le ezt a hosszu sort
"OODEFRAG11.00.00.01WORKSTATION"=,,,,,,,,,,,,
mert szet huzta a keppet,koszi,

Először is EZER KÖSZÖNET NEKED, hogy időt szánsz rám!!!!!!!

Rendben, nem telepítek semmit sem, most is áll normál módban még:)

Másik gépen lefuttatom COMBOFIXET, de természetesen nem teszem most fel, előbb sikerüljön a fiam gépét valahogyan megjavítani, remélem sikerül...

egyelore netelepis semmit a SYSINTERNALS tol,mert valami programot akartal telepiteni es keri a telepitest,ne egyez belle,at nezzem a logot,kipucoljuk a geppet,es majd ide leirom hogyan tovabb,ha baj van a masik geppel is akor futtahatod a combofixet,,de a logjat egyelore ne ted ide hogy nekevweredjenek,ok

A gép most normál módban kapcsolt vissza, egyenlőre áll, kékhalál még nincs, de felugrott egy ablak:

(Handle License Agreement) SYSINTERNALS SOFTWARE LICENSE TERMS

Ez nem tudom mi, elfogadjam vagy nem?

Köszönöm Neked előre is!!!

(Az én hirtelen leállt gépemen is futtassam szerinted a COMBOFIXET csökkentett módban?)

Elnézést, közben az én gépem is leállt (1-2 perc után kikapcsolt, kék halál nem volt... most portalanítottam, egyenlőre még megy), és bajlódtam mivel ezzel dolgozom is:(
Internet is csak ezen van a fiam beteg gépén most csak csökkentett mód, netet kihúztam... Lehet az én gépem is beteg lett:(
Nem tudom jól csináltuk-e, a combofix.exe fájlt az asztalról indítottuk, csak közben felugrott az USBfix is:( lehet hogy baj, de azt leállítottam..

COMBO FIX log fájl:
ComboFix 10-02-05.04 - Rendszergazda 010.02.07. 12:59:38.1.2 - x86 MINIMAL
Running from: d:\norbigep\STELL\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Maxnor\Application Data\inst.exe
c:\windows\OPTIONS\CABS\_desktop.ini
c:\windows\system32\BReWErS.dll
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\twain_32.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_NPF


((((((((((((((((((((((((( Files Created from 2010-01-07 to 2010-02-07 )))))))))))))))))))))))))))))))
.

2010-02-07 11:18 . 2010-02-07 11:18 -------- d-----w- c:\documents and settings\Rendszergazda\Local Settings\Application Data\O&O
2010-02-06 23:21 . 2010-02-07 11:57 -------- d-----w- C:\UsbFix
2010-02-06 16:13 . 2010-02-06 16:13 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\Simply Super Software
2010-02-06 16:13 . 2008-09-20 17:50 2552384 ----a-w- c:\documents and settings\Rendszergazda\Application Data\Simply Super Software\Trojan Remover\xlcE.exe
2010-02-06 14:36 . 2010-02-06 14:36 -------- d-----w- c:\documents and settings\Rendszergazda\Local Settings\Application Data\Identities
2010-01-31 16:38 . 2010-01-31 16:38 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\Malwarebytes
2010-01-31 16:01 . 2010-01-31 16:01 -------- d-----w- c:\documents and settings\All Users\Application Data\RegCure
2010-01-31 15:21 . 2010-01-31 15:21 -------- d-sh--w- c:\documents and settings\Rendszergazda\PrivacIE
2010-01-31 14:45 . 2010-02-06 17:12 -------- d-----r- c:\documents and settings\Rendszergazda\Dokumentumok
2010-01-31 14:25 . 2010-01-31 14:25 -------- d-----w- c:\program files\Lavalys
2010-01-31 13:56 . 2010-01-31 13:56 -------- d-----w- c:\documents and settings\Rendszergazda\Local Settings\Application Data\GHISLER
2010-01-31 13:56 . 2010-01-31 13:56 -------- d-----w- c:\documents and settings\Rendszergazda\Local Settings\Application Data\ACDSee
2010-01-31 13:56 . 2010-01-31 13:56 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\ACD Systems
2010-01-30 16:05 . 2010-01-30 16:05 -------- d-----w- c:\program files\Common Files\ABBYY
2010-01-28 17:24 . 2010-01-28 17:24 -------- d-----w- c:\documents and settings\Maxnor\Local Settings\Application Data\ACDSee
2010-01-28 17:23 . 2010-01-28 21:51 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-01-28 17:23 . 2010-01-28 17:23 -------- d-----w- c:\program files\ACD Systems
2010-01-23 05:25 . 2010-01-29 22:16 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-01-23 00:03 . 2010-01-23 00:03 -------- d-----w- c:\program files\AGEIA Technologies
2010-01-23 00:02 . 2010-01-23 00:02 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-22 23:35 . 2010-01-23 00:02 -------- d-----w- c:\program files\Common Files\BioWare
2010-01-22 01:33 . 2010-01-22 01:33 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-01-21 15:43 . 2010-01-21 15:43 -------- d-----w- c:\documents and settings\Sberni\Application Data\PC Suite
2010-01-13 09:52 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-07 11:55 . 2009-06-11 19:21 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-02-04 10:54 . 2007-07-12 21:40 102400 ----a-w- c:\windows\DUMP979c.tmp
2010-01-31 15:22 . 2007-07-12 21:39 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-30 16:07 . 2007-07-23 08:34 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-30 15:27 . 2007-07-12 21:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-30 15:07 . 2007-07-12 21:40 102400 ----a-w- c:\windows\DUMP8f30.tmp
2010-01-30 10:36 . 2007-12-24 21:10 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-01-30 10:36 . 2008-04-13 21:07 -------- d-----w- c:\documents and settings\Maxnor\Application Data\Xfire
2010-01-30 10:36 . 2007-12-24 21:10 215104 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-01-29 23:26 . 2009-09-02 21:47 -------- d-----w- c:\documents and settings\Maxnor\Application Data\Skype
2010-01-29 23:26 . 2009-09-02 21:48 -------- d-----w- c:\documents and settings\Maxnor\Application Data\skypePM
2010-01-28 18:49 . 2009-06-17 22:38 -------- d-----w- c:\documents and settings\Maxnor\Application Data\BitTorrent
2010-01-28 17:26 . 2007-09-09 19:34 -------- d-----w- c:\documents and settings\Maxnor\Application Data\ACD Systems
2010-01-28 02:05 . 2007-07-17 11:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-01-27 16:03 . 2007-07-12 22:57 155560 ----a-w- c:\documents and settings\Maxnor\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-26 17:50 . 2008-09-21 08:29 -------- d-----w- c:\program files\P2P_Torrent
2010-01-26 17:50 . 2009-12-24 12:45 1420840 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-26 17:49 . 2009-06-17 22:37 -------- d-----w- c:\documents and settings\Maxnor\Application Data\DNA
2010-01-26 16:24 . 2007-07-16 14:23 -------- d-----w- c:\program files\Intel
2010-01-26 15:39 . 2009-06-17 22:37 -------- d-----w- c:\program files\DNA
2010-01-26 14:40 . 2008-05-06 13:19 1984 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-25 15:24 . 2009-12-21 17:15 155560 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-22 23:23 . 2008-02-29 13:34 -------- d-----w- c:\program files\Windows Live
2010-01-22 23:14 . 2008-09-28 01:39 -------- d-----w- c:\program files\Common Files\SafeNet Sentinel
2010-01-22 23:13 . 2008-11-24 13:30 -------- d-----w- c:\program files\Common Files\Nero
2010-01-21 21:07 . 2009-04-19 20:28 -------- d-----w- c:\documents and settings\Maxnor\Application Data\InstallShield Installation Information
2010-01-18 12:22 . 2009-04-19 21:14 -------- d-----w- c:\documents and settings\Maxnor\Application Data\Bioshock
2010-01-17 02:00 . 2009-08-30 19:57 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}
2010-01-04 17:39 . 2009-05-06 18:27 -------- d-----w- c:\documents and settings\Maxnor\Application Data\BSplayer PRO
2009-12-25 11:47 . 2001-10-26 12:00 545690 ----a-w- c:\windows\system32\perfh00E.dat
2009-12-25 11:47 . 2001-10-26 12:00 157868 ----a-w- c:\windows\system32\perfc00E.dat
2009-12-22 04:08 . 2009-12-22 04:08 376320 ----a-r- c:\documents and settings\Maxnor\Application Data\Microsoft\Installer\{52B65911-1559-4ED5-9461-46957FDD48CD}\Icon52B659113.exe
2009-12-22 04:08 . 2009-12-22 04:08 -------- d-sh--w- c:\documents and settings\All Users\Application Data\SecuROM
2009-12-22 03:52 . 2007-10-07 19:10 -------- d-----w- c:\program files\DIFX
2009-12-21 19:09 . 2001-10-26 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-14 21:13 . 2009-12-14 21:13 -------- d-----w- c:\documents and settings\Maxnor\Application Data\Malwarebytes
2009-12-14 21:13 . 2009-12-14 21:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-14 21:12 . 2009-12-14 21:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-11 22:14 . 2009-12-11 22:14 -------- d-----w- c:\documents and settings\Maxnor\Application Data\SPORE
2009-12-09 18:38 . 2009-12-09 18:38 -------- d-----w- c:\documents and settings\Maxnor\Application Data\FlashFXP
2009-12-09 18:38 . 2009-12-09 18:38 -------- d-----w- c:\program files\FlashFXP
2009-12-03 15:14 . 2009-12-14 21:13 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 15:13 . 2009-12-14 21:12 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-21 16:03 . 2001-10-26 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 08:46 . 2009-11-21 08:46 86016 ----a-w- c:\windows\system32\frapsvid.dll
2009-11-21 01:12 . 2009-11-28 19:21 22328 ----a-w- c:\windows\system32\PnkBstrK.sys
2006-10-31 07:40 . 2007-12-10 09:12 1261568 ------w- c:\program files\FP_Setup4.3.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-13 32768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-10 16342528]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"egui"="d:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2007-10-19 286720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
"Nokia.PCSync"="d:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

c:\documents and settings\Maxnor\Start Menu\Programs\Indˇt˘pult\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-1-30 113664]
OneNote-tartalomjegyz‚k.onetoc2 [2009-9-16 3656]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Maxnor^Start Menu^Programs^Indítópult^HDDlife.lnk]
backup=c:\windows\pss\HDDlife.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Maxnor^Start Menu^Programs^Indítópult^MagicDisc.lnk]
backup=c:\windows\pss\MagicDisc.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeCall
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2008-01-11 18:54 623992 ----a-w- d:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2007-06-18 13:10 271360 ----a-w- d:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UleadBurningHelper"=2 (0x2)
"PnkBstrA"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=

R2 gupdate1ca2b9a66c579fa;Google frissítési szolgáltatás (gupdate1ca2b9a66c579fa);c:\program files\Google\Update\GoogleUpdate.exe [2009-09-02 133104]
R3 AEXPAM;Philips SmartManage Service;c:\windows\system32\Drivers\aexpamdrv.sys [2005-12-20 27008]
R3 ATICDSDr;ATICDSDr;c:\docume~1\RENDSZ~1\LOCALS~1\Temp\ATICDSDr.sys [x]
R3 eusk3usb;SmartKey 3 USB;c:\windows\system32\Drivers\eusk3usb.sys [2004-11-18 45534]
R3 fsssvc;Windows Live Családbiztonság szolgáltatás;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2009-04-25 13224]
R3 LiveTurbineMessageService;Turbine Message Service - Live; [x]
R3 LiveTurbineNetworkService;Turbine Network Service - Live; [x]
R3 TCCrystalCpuInfo;TCCrystalCpuInfo;c:\docume~1\Maxnor\LOCALS~1\Temp\TCCpuInfo.sys [x]
R4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-06-25 721904]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\Drivers\eusk2par.sys [2004-11-18 24786]
S1 pctfw2;pctfw2;c:\windows\system32\drivers\pctfw2.sys [2008-09-03 160792]
S2 ekrn;ESET Service;d:\program files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
S2 SentinelKeysServer;Sentinel Keys Server;c:\program files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2007-04-26 316992]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9a99bd14-899c-11dc-b755-001a4d45b35d}]
\Shell\AutoRun\command - L:\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8bc8c48-600b-11dd-9e9d-001a4d45b35d}]
\Shell\AutoRun\command - H:\VMC_PBStarter.exe
.
Contents of the 'Scheduled Tasks' folder

2010-01-17 c:\windows\Tasks\Crysis Wars(R) Updates.job
- c:\windows\Installer\Crysis Wars(R) Updates for All Users.lnk [2009-08-30 19:57]

2010-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-02 06:55]

2010-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-02 06:55]

2010-02-07 c:\windows\Tasks\RegCure Program Check.job
- d:\program files\RegCure\RegCure.exe [2009-09-21 15:38]

2010-02-07 c:\windows\Tasks\RegCure Startup.job
- d:\program files\RegCure\RegCure.exe [2009-09-21 15:38]

2010-01-31 c:\windows\Tasks\RegCure.job
- d:\program files\RegCure\RegCure.exe [2009-09-21 15:38]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Append to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportálás a Microsoft Excel programba - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://engine.netanday.it/ajax_webcam/codec/AMC.cab
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{00021492-0000-0000-C000-000000000046} - (no file)
HKCU-RunOnce-InstallShieldSetup - c:\documents and settings\Maxnor\Application Data\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe
Notify-khfDwuUk - (no file)
SafeBoot-Wdf01000.sys
AddRemove-SpecOps US Army Green Berets - d:\program files\SpecOps US Army Green Berets\Uninst.isu



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-07 13:51
Windows 5.1.2600 Szervizcsomag 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spow.sys >>UNKNOWN [0x8A5F8938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb80fcf28
\Driver\ACPI -> ACPI.sys @ 0xb7e66cb8
\Driver\atapi -> atapi.sys @ 0xb7dfbb40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xb7cf1bb0
PacketIndicateHandler -> NDIS.sys @ 0xb7ce0a0d
SendHandler -> NDIS.sys @ 0xb7cf4b40
user & kernel MBR OK
malicious code @ sector 0x1d1c4581 size 0x1a8 !
copy of MBR has been found in sector 62 !
PE file found in sector at 0x01D1C4581 !

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-436374069-682003330-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-436374069-682003330-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{538BD0BA-2FF8-58C4-E0D0-500F08E6B4EC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-436374069-682003330-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:d2,e4,68,d9,5a,5a,69,6f,e2,9a,e6,ec,d7,80,a9,f2,73,07,af,62,4b,
74,c7,73,ea,79,af,63,40,5c,45,2e,8c,6d,50,d1,50,15,fb,6b,1a,62,fa,80,5d,c1,\
"rkeysecu"=hex:3c,6b,a6,cb,4a,b8,a1,78,aa,9f,0d,11,91,1b,4e,74

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2B46E70F-CDA7-473E-89F6-DC9630A2390B}\Instance\{6FDDC324-4E03-4B@E-B185-*D77768Dţ90B}]
"CLSID"="{6FDDC324-4E03-4BFE-B185-3D77768DC90B}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{346355E1-7094-4321-BBE2-2EBE8BF08981}\V*rsionIndependentProgID]
@="ISInstallDriver.StringTable"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="AE252C6ABE354E4FDD46B413D613A35066FAFB2BF9D8FD249366FC883EEF8900B2FAD6EC0D246408445DA2F9B848245483571BB8EF7422FEB85718B1F64C9B3EDD885410325E271814EC865C098C6F1FE71BCA3D0B8346BF65765A55EFCB87217C87942266DE4490B6D957782B5248813AF42509FA14669D1E59A3F34A359CDF1095DC7454C281C74A685D9378310813547298EEE5558D8E987826139571B9734C37C45C9A4FB3D9204737F13CE59A2FC40AE847649DDDCEC2B1EB3B598F59199AD23A34CBE8C7A13D0356DDB6D00075CE12ACED83640DDFB9C54F780F4083CF9631FDD8F09C3BC4DB9181281B75CD4868494DC14448FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B9808A2D97226D213B555BA7FD869164D67947F178A836B839CFE19E841BBFB462758DC14B5F3AE4C3E15204E27C7A44DE6AC7E45FB2A8D25C3015F9ECA56D05D889DBE04A752043E31FED6C0507E367C0EED07F39CBF84E8A66B9DCCC02A853B5DABE2D8E8488266751AF8E117EB7E7FD5FC8FDDD90F8CB5AE9B626FD14B7CD8DDF60AEE05D4516B32161E8C83150ACE7262A280DBC738F63E11CB446030EC31B7198AE53BD76CFA81457064D165B9E88949E01EFA7EED1A28EE0FCF03B661458B4E4CA37E162347701CAE4DF2AA43CEB67E7E3DC4A8E692B57D73D7839E3917ED784D4DF7BA9A020335AAEF8B97AD8609F53FA5FB22B15722A857E8620DA6AEE71B1ED102D1C866AC4E493A7341579903C6826994AA2EE19C80A8514F8A30197761E5602CCD79AF59C907DDB724EF959B2C3558B9661432C9386E243382B0630D15DB6CB9034E9EE5ACF14E199D7C0D3F045A09465B6DC9C2A8BEB9A746D7240D294FAF232B3A7826A1A9468B70D6944B518AD4CE761530924D45AB7A09287152B21F2513E304065DF5E742B842AA4693BC705A9785BFEEB946445930E4F7662869C20D6AAEC892C71DF583FB1E78BE5F8F4BFD193DF295AAD70FE77C5471A3CFAB416B3B70776F93AA308F66F216A16938EDE282B407B7CFE80F3B4DB995CC7FF8BA89CD73D4F260590BAE3B122C92DF4B417334E62AE98406BE813E583409DE77DD719CE4F673C6880C6E75B1B5BC677E3E5FC4B2DE47175EAF2723D876848BEDF0F45855CB4E50B84D213FED85CD152DF598FCDCFA704DC7846282C7556E174BCDA8643A11E4798FFD597A4340F5F6558A545A0CA6055F38F7281715217A842061E357EEDB9A36D7DEF2BB95DD6C889BB48C8ECB62AE774BD4334F15FB6150212C427EAE93D9EA7FC609CAA9AB693F453F817F8B7D95B742FA85CC805C5DE3274424D71B730D7396A07E24ABCA2C813E0832469F9E6AB20160DE66F38D2EA22FD3AE17BA0DA61CD5EAF6"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1292)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(4032)
c:\windows\system32\WININET.dll
c:\docume~1\Maxnor\LOCALS~1\Temp\IadHide5.dll
c:\windows\System32\themeui.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
d:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
d:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
d:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_hun.nlr
d:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\PSIService.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
c:\windows\RTHDCPL.EXE
c:\program files\totalcmd\TOTALCMD.EXE
.
**************************************************************************
.
Completion time: 2010-02-07 13:57:19 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-07 12:56

Pre-Run: 11 779 076 096 bájt szabad
Post-Run: 12 355 874 816 bájt szabad

- - End Of File - - E801D283E597ED091D47E7B9A1C9A6E6
---------------------------------

Segíts kérlek!

udv
csokkentet modban futtasd a combofixet

Malwarebytes Anti-Malware 1.42

3 db Fertőzött fájlt talált:

- Backdoor.Bot
- Trojan.Agent
- Trojan.Agent

Mindhármat a System Volume Information/_restore......... és még sok szám.. Kitöröltem őket.
Ha fontos a log fájl, akkor bemásolom ezt is.. Köszönöm!

BlueScreenView szintén lefuttattam, ezt is bemásolom:

==================================================
Dump File : Mini012510-02.dmp
Crash Time : 2010.01.25. 20:14:25
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xe8c20084
Parameter 2 : 0x00000000
Parameter 3 : 0xbd24d37a
Parameter 4 : 0x00000001
Caused By Driver : ati3duag.dll
Caused By Address : ati3duag.dll+5f37a
File Description : ati3duag.dll
Product Name : ATI Technologies Inc. Radeon DirectX Universal Driver
Company : ATI Technologies Inc.
File Version : 6.14.10.0678
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012510-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012610-01.dmp
Crash Time : 2010.01.26. 16:39:15
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xbf845b31
Parameter 3 : 0x9db3acb0
Parameter 4 : 0x00000000
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+45b31
File Description : Többfelhasználós Win32 illesztőprogram
Product Name : Microsoft&reg; Windows&reg; operációs rendszer
Company : Microsoft Corporation
File Version : 5.1.2600.5863 (xpsp_sp3_gdr.090814-1258)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012610-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012710-01.dmp
Crash Time : 2010.01.27. 16:51:54
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0xf92dccbc
Parameter 2 : 0x00000001
Parameter 3 : 0x00000000
Parameter 4 : 0x80505f17
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+2ef17
File Description : NT - kernel és rendszer
Product Name : Microsoft&reg; Windows&reg; operációs rendszer
Company : Microsoft Corporation
File Version : 5.1.2600.5857 (xpsp_sp3_gdr.090804-1435)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012710-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012710-02.dmp
Crash Time : 2010.01.27. 17:02:23
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xdfe04cf8
Parameter 2 : 0x00000000
Parameter 3 : 0xaaabf64a
Parameter 4 : 0x00000000
Caused By Driver : portcls.sys
Caused By Address : portcls.sys+264a
File Description : Port Class (Class Driver for Port/Miniport Devices)
Product Name : Microsoft&reg; Windows&reg; Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012710-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012710-03.dmp
Crash Time : 2010.01.27. 17:47:17
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0x80000003
Parameter 2 : 0xaa834e49
Parameter 3 : 0xa688d65c
Parameter 4 : 0x00000000
Caused By Driver : pctfw2.sys
Caused By Address : pctfw2.sys+1e4a
File Description : PC Tools TDI Driver
Product Name : PC Tools TDI Driver
Company : PC Tools
File Version : 4, 0, 0, 43
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012710-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012710-04.dmp
Crash Time : 2010.01.27. 18:48:32
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xe6558658
Parameter 2 : 0x00000001
Parameter 3 : 0xbd216381
Parameter 4 : 0x00000001
Caused By Driver : ati3duag.dll
Caused By Address : ati3duag.dll+28381
File Description : ati3duag.dll
Product Name : ATI Technologies Inc. Radeon DirectX Universal Driver
Company : ATI Technologies Inc.
File Version : 6.14.10.0678
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012710-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012710-05.dmp
Crash Time : 2010.01.27. 18:55:27
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x00140017
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0x00140017
Caused By Driver : portcls.sys
Caused By Address : portcls.sys+10e27
File Description : Port Class (Class Driver for Port/Miniport Devices)
Product Name : Microsoft&reg; Windows&reg; Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012710-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012710-06.dmp
Crash Time : 2010.01.27. 20:56:46
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x805b0f0e
Parameter 3 : 0xa7335bb4
Parameter 4 : 0x00000000
Caused By Driver : dxg.sys
Caused By Address : dxg.sys+9389
File Description : DirectX Graphics Driver
Product Name : Microsoft&reg; Windows&reg; Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2105)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012710-06.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012810-01.dmp
Crash Time : 2010.01.28. 15:07:00
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc000001d
Parameter 2 : 0xaa910e51
Parameter 3 : 0xb84f3c71
Parameter 4 : 0x00000000
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+de51
File Description : TCP/IP Protocol Driver
Product Name : Microsoft&reg; Windows&reg; Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012810-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012810-02.dmp
Crash Time : 2010.01.28. 20:55:16
Bug Check String : BAD_POOL_HEADER
Bug Check Code : 0x00000019
Parameter 1 : 0x00000020
Parameter 2 : 0xe44c0090
Parameter 3 : 0xe44c0428
Parameter 4 : 0x0c730075
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+3f4a1
File Description : NT File System Driver
Product Name : Microsoft&reg; Windows&reg; Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012810-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012810-03.dmp
Crash Time : 2010.01.28. 21:49:06
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x4540550a
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0xb824be40
Caused By Driver : Epfwndis.sys
Caused By Address : Epfwndis.sys+3e40
File Description : ESET Personal Firewall NDIS filter
Product Name : ESET Smart Security
Company : ESET
File Version : 4.0.314
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012810-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012810-04.dmp
Crash Time : 2010.01.28. 22:07:50
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x03c33114
Parameter 2 : 0x00000008
Parameter 3 : 0x00000000
Parameter 4 : 0xaac32e44
Caused By Driver : RtkHDAud.sys
Caused By Address : RtkHDAud.sys+1dfe44
File Description : Realtek(r) High Definition Audio Function Driver
Product Name : Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)
Company : Realtek Semiconductor Corp.
File Version : 5.10.0.5413 built by: WinDDK
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012810-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012810-05.dmp
Crash Time : 2010.01.28. 23:02:01
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xaa8e365e
Parameter 3 : 0xa6de793c
Parameter 4 : 0x00000000
Caused By Driver : portcls.sys
Caused By Address : portcls.sys+1065e
File Description : Port Class (Class Driver for Port/Miniport Devices)
Product Name : Microsoft&reg; Windows&reg; Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012810-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012810-06.dmp
Crash Time : 2010.01.28. 23:13:40
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0x9c10403a
Parameter 2 : 0x00000001
Parameter 3 : 0x8a559bfb
Parameter 4 : 0x00000000
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+41bb4
File Description : TCP/IP Protocol Driver
Product Name : Microsoft&reg; Windows&reg; Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012810-06.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012910-01.dmp
Crash Time : 2010.01.29. 15:19:20
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xe567f574
Parameter 2 : 0x00000000
Parameter 3 : 0xbd2543a2
Parameter 4 : 0x00000001
Caused By Driver : ati3duag.dll
Caused By Address : ati3duag.dll+663a2
File Description : ati3duag.dll
Product Name : ATI Technologies Inc. Radeon DirectX Universal Driver
Company : ATI Technologies Inc.
File Version : 6.14.10.0678
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012910-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012910-02.dmp
Crash Time : 2010.01.29. 16:42:37
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x00000001
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0x00000001
Caused By Driver : epfwtdi.sys
Caused By Address : epfwtdi.sys+8c81
File Description : ESET Personal Firewall TDI filter
Product Name : ESET Smart Security
Company : ESET
File Version : 4.0.314
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012910-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012910-03.dmp
Crash Time : 2010.01.29. 16:45:47
Bug Check String : RDR_FILE_SYSTEM
Bug Check Code : 0x00000027
Parameter 1 : 0xbaad00a3
Parameter 2 : 0xa682e9f4
Parameter 3 : 0xa682e6f0
Parameter 4 : 0x804f162a
Caused By Driver : rdbss.sys
Caused By Address : rdbss.sys+7747
File Description : Redirected Drive Buffering SubSystem Driver
Product Name : Microsoft&reg; Windows&reg; Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012910-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012910-04.dmp
Crash Time : 2010.01.29. 17:07:24
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x00000000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0x00000000
Caused By Driver :
Caused By Address :
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012910-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012910-05.dmp
Crash Time : 2010.01.29. 17:14:41
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc000001d
Parameter 2 : 0xaa8ffe51
Parameter 3 : 0xb84f7c71
Parameter 4 : 0x00000000
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+de51
File Description : TCP/IP Protocol Driver
Product Name : Microsoft&reg; Windows&reg; Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012910-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012910-06.dmp
Crash Time : 2010.01.29. 18:47:31
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x000002d8
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0xaaa748d1
Caused By Driver : RtkHDAud.sys
Caused By Address : RtkHDAud.sys+908d1
File Description : Realtek(r) High Definition Audio Function Driver
Product Name : Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)
Company : Realtek Semiconductor Corp.
File Version : 5.10.0.5413 built by: WinDDK
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012910-06.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012910-07.dmp
Crash Time : 2010.01.29. 19:18:32
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0x80000003
Parameter 2 : 0xaa812e49
Parameter 3 : 0xa7a5d65c
Parameter 4 : 0x00000000
Caused By Driver : pctfw2.sys
Caused By Address : pctfw2.sys+1e4a
File Description : PC Tools TDI Driver
Product Name : PC Tools TDI Driver
Company : PC Tools
File Version : 4, 0, 0, 43
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012910-07.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012910-08.dmp
Crash Time : 2010.01.29. 19:57:24
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x00000000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0x00000000
Caused By Driver :
Caused By Address :
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012910-08.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012910-09.dmp
Crash Time : 2010.01.29. 22:10:23
Bug Check String : PFN_LIST_CORRUPT
Bug Check Code : 0x0000004e
Parameter 1 : 0x00000099
Parameter 2 : 0x0004b7d9
Parameter 3 : 0x00000001
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+22f43
File Description : NT - kernel és rendszer
Product Name : Microsoft&reg; Windows&reg; operációs rendszer
Company : Microsoft Corporation
File Version : 5.1.2600.5857 (xpsp_sp3_gdr.090804-1435)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012910-09.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini012910-10.dmp
Crash Time : 2010.01.29. 23:05:26
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x00000820
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0xaaacce40
Caused By Driver : RtkHDAud.sys
Caused By Address : RtkHDAud.sys+3ee40
File Description : Realtek(r) High Definition Audio Function Driver
Product Name : Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)
Company : Realtek Semiconductor Corp.
File Version : 5.10.0.5413 built by: WinDDK
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini012910-10.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini013010-01.dmp
Crash Time : 2010.01.30. 0:00:23
Bug Check String : ATTEMPTED_WRITE_TO_READONLY_MEMORY
Bug Check Code : 0x100000be
Parameter 1 : 0xaacab440
Parameter 2 : 0x1a100121
Parameter 3 : 0x80551060
Parameter 4 : 0x0000000a
Caused By Driver :
Caused By Address :
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini013010-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini013010-02.dmp
Crash Time : 2010.01.30. 0:33:24
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x539f8580
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0x539f8580
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+9e4d
File Description : TCP/IP Protocol Driver
Product Name : Microsoft&reg; Windows&reg; Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini013010-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini013010-03.dmp
Crash Time : 2010.01.30. 0:42:52
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc000001d
Parameter 2 : 0xaa292002
Parameter 3 : 0xb84d38c8
Parameter 4 : 0x00000000
Caused By Driver : RtkHDAud.sys
Caused By Address : RtkHDAud.sys+a6e43
File Description : Realtek(r) High Definition Audio Function Driver
Product Name : Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)
Company : Realtek Semiconductor Corp.
File Version : 5.10.0.5413 built by: WinDDK
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini013010-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini013010-04.dmp
Crash Time : 2010.01.30. 0:45:43
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x4e8cd333
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0xaaaed647
Caused By Driver : RtkHDAud.sys
Caused By Address : RtkHDAud.sys+91647
File Description : Realtek(r) High Definition Audio Function Driver
Product Name : Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)
Company : Realtek Semiconductor Corp.
File Version : 5.10.0.5413 built by: WinDDK
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini013010-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini013010-05.dmp
Crash Time : 2010.01.30. 0:54:56
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x00000000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0xaa9a4e48
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+e48
File Description : TCP/IP Protocol Driver
Product Name : Microsoft&reg; Windows&reg; Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini013010-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini013010-06.dmp
Crash Time : 2010.01.30. 10:48:05
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xaaa44650
Parameter 3 : 0xa6e5ca94
Parameter 4 : 0x00000000
Caused By Driver : portcls.sys
Caused By Address : portcls.sys+10650
File Description : Port Class (Class Driver for Port/Miniport Devices)
Product Name : Microsoft&reg; Windows&reg; Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini013010-06.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini013010-07.dmp
Crash Time : 2010.01.30. 16:15:06
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x8fe12681
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0xaaac88d3
Caused By Driver : RtkHDAud.sys
Caused By Address : RtkHDAud.sys+908d3
File Description : Realtek(r) High Definition Audio Function Driver
Product Name : Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)
Company : Realtek Semiconductor Corp.
File Version : 5.10.0.5413 built by: WinDDK
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini013010-07.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini013010-08.dmp
Crash Time : 2010.01.30. 17:02:15
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc000001d
Parameter 2 : 0xbf802649
Parameter 3 : 0xa76f2c0c
Parameter 4 : 0x00000000
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+2649
File Description : Többfelhasználós Win32 illesztőprogram
Product Name : Microsoft&reg; Windows&reg; operációs rendszer
Company : Microsoft Corporation
File Version : 5.1.2600.5863 (xpsp_sp3_gdr.090814-1258)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini013010-08.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini013110-01.dmp
Crash Time : 2010.01.31. 14:27:41
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x388a529f
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0xb7518e63
Caused By Driver : HIDCLASS.SYS
Caused By Address : HIDCLASS.SYS+2e63
File Description : Hid Class Library
Product Name : Microsoft&reg; Windows&reg; Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini013110-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================


A MAI NAPON ÚJRA LEFUTTATVA:

==================================================
Dump File : Mini013110-01.dmp
Crash Time : 2010.01.31. 17:50:54
Bug Check String : BAD_POOL_HEADER
Bug Check Code : 0x00000019
Parameter 1 : 0x00000020
Parameter 2 : 0x8952ab10
Parameter 3 : 0x8952ab28
Parameter 4 : 0x1a030001
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+22f43
File Description : NT - kernel és rendszer
Product Name : Microsoft&reg; Windows&reg; operációs rendszer
Company : Microsoft Corporation
File Version : 5.1.2600.5857 (xpsp_sp3_gdr.090804-1435)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini013110-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini020210-01.dmp
Crash Time : 2010.02.02. 9:32:07
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000270
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x806e6a16
Caused By Driver : hal.dll
Caused By Address : hal.dll+2a16
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft&reg; Windows&reg; Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini020210-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini020410-01.dmp
Crash Time : 2010.02.04. 12:00:25
Bug Check String : UNEXPECTED_KERNEL_MODE_TRAP
Bug Check Code : 0x1000007f
Parameter 1 : 0x0000000d
Parameter 2 : 0x00000000
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+81e44
File Description : Többfelhasználós Win32 illesztőprogram
Product Name : Microsoft&reg; Windows&reg; operációs rendszer
Company : Microsoft Corporation
File Version : 5.1.2600.5863 (xpsp_sp3_gdr.090814-1258)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\minidump\Mini020410-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

DRIVER WIEW ezt adja ki, sajnos nem tudom fontos, vagy nem, de kétségbeesésembe futtattam ezt is, és bemásolom:(



==================================================
Illesztőprogram neve: ACPI.sys
Cím : 0xf748f000
Fájl típus : Rendszer illesztőprogram
Leírás : ACPI illesztőprogram NT-hez
Verzió : 5.1.2600.5512 (xpsp.080413-2111)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; operációs rendszer
Módosítás dátuma : 2008.04.14. 16:33:25
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\drivers\ACPI.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: almgvtx4.SYS
Cím : 0xb8511000
Fájl típus : Rendszer illesztőprogram
Leírás : IDE/ATAPI Port Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:40:30
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\Drivers\almgvtx4.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: atapi.sys
Cím : 0xf796f000
Fájl típus : Rendszer illesztőprogram
Leírás : IDE/ATAPI Port Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:40:30
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\drivers\atapi.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: ATMFD.DLL
Cím : 0xbffa0000
Fájl típus : Illesztőprogram
Leírás : Windows NT OpenType/Type 1 Font Driver
Verzió : 5.1 Build 226
Cég : Adobe Systems Incorporated
Termék név : Adobe Type Manager
Módosítás dátuma : 2008.04.14. 17:00:11
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\ATMFD.DLL
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: Beep.SYS
Cím : 0xf79c9000
Fájl típus : Rendszer illesztőprogram
Leírás : BEEP Driver
Verzió : 5.1.2600.0 (XPClient.010817-1148)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2001.10.26. 13:00:00
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\Drivers\Beep.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: BOOTVID.dll
Cím : 0xf7897000
Fájl típus : Képernyő illesztőprogram
Leírás : VGA Boot Driver
Verzió : 5.1.2600.0 (xpclient.010817-1148)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2001.10.26. 13:00:00
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\BOOTVID.dll
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: Cdfs.SYS
Cím : 0xb8622000
Fájl típus : Rendszer illesztőprogram
Leírás : CD-ROM File System Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2111)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 20:14:21
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\Drivers\Cdfs.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: cdrom.sys
Cím : 0xf7887000
Fájl típus : Rendszer illesztőprogram
Leírás : SCSI CD-ROM Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:40:46
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\DRIVERS\cdrom.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: CLASSPNP.SYS
Cím : 0xf7647000
Fájl típus : Rendszer illesztőprogram
Leírás : SCSI Class System Dll
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 20:16:22
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\DRIVERS\CLASSPNP.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: daemon.dll
Cím : 0x10000000
Fájl típus : Ismeretlen
Leírás :
Verzió :
Cég :
Termék név :
Módosítás dátuma : N/A
Létrehozás dátuma : N/A
Fájlnév : C:\Program Files\DAEMON Tools Lite\daemon.dll
Fájl attributum :
==================================================

==================================================
Illesztőprogram neve: disk.sys
Cím : 0xf7637000
Fájl típus : Rendszer illesztőprogram
Leírás : PnP Disk Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:40:47
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\drivers\disk.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: dmio.sys
Cím : 0xf7832000
Fájl típus : Rendszer illesztőprogram
Leírás : NT Lemezkezelő I/O illesztője
Verzió : 2600.5512.503.0
Cég : Microsoft Corp., Veritas Software
Termék név : VERITAS&reg; NT Lemezkezelő
Módosítás dátuma : 2008.04.14. 16:41:33
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\drivers\dmio.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: dmload.sys
Cím : 0xf798b000
Fájl típus : Rendszer illesztőprogram
Leírás : NT Disk Manager Startup Driver
Verzió : 2600.0.503.0
Cég : Microsoft Corp., Veritas Software.
Termék név : Logical Disk Manager for Windows NT
Módosítás dátuma : 2001.10.26. 13:00:00
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\drivers\dmload.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: dump_atapi.sys
Cím : 0xb82ac000
Fájl típus : Ismeretlen
Leírás :
Verzió :
Cég :
Termék név :
Módosítás dátuma : N/A
Létrehozás dátuma : N/A
Fájlnév : C:\WINDOWS\System32\Drivers\dump_atapi.sys
Fájl attributum :
==================================================

==================================================
Illesztőprogram neve: dump_WMILIB.SYS
Cím : 0xf79dd000
Fájl típus : Ismeretlen
Leírás :
Verzió :
Cég :
Termék név :
Módosítás dátuma : N/A
Létrehozás dátuma : N/A
Fájlnév : C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Fájl attributum :
==================================================

==================================================
Illesztőprogram neve: Dxapi.sys
Cím : 0xb839e000
Fájl típus : Rendszer illesztőprogram
Leírás : DirectX API Driver
Verzió : 5.1.2600.0 (xpclient.010817-1148)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2001.10.26. 13:00:00
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\drivers\Dxapi.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: dxg.sys
Cím : 0xbd000000
Fájl típus : Rendszer illesztőprogram
Leírás : DirectX Graphics Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2105)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:38:29
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\drivers\dxg.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: dxgthk.sys
Cím : 0xb85ee000
Fájl típus : Rendszer illesztőprogram
Leírás : DirectX Graphics Driver Thunk
Verzió : 5.1.2600.0 (xpclient.010817-1148)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2001.10.26. 13:00:00
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\drivers\dxgthk.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: Fastfat.SYS
Cím : 0xb82c4000
Fájl típus : Rendszer illesztőprogram
Leírás : Fast FAT File System Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2111)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 20:14:29
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\Drivers\Fastfat.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: fdc.sys
Cím : 0xf77cf000
Fájl típus : Rendszer illesztőprogram
Leírás : Floppy Disk Controller Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:40:25
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\DRIVERS\fdc.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: flpydisk.sys
Cím : 0xf7777000
Fájl típus : Rendszer illesztőprogram
Leírás : Floppy Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:40:25
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\DRIVERS\flpydisk.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: fltmgr.sys
Cím : 0xf794f000
Fájl típus : Rendszer illesztőprogram
Leírás : Microsoft Filesystem Filter Manager
Verzió : 5.1.2600.5512 (xpsp.080413-2111)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:32:59
Létrehozás dátuma : 2004.08.04. 7:01:19
Fájlnév : C:\WINDOWS\system32\drivers\fltmgr.sys
Fájl attributum :
==================================================

==================================================
Illesztőprogram neve: framebuf.dll
Cím : 0xbff70000
Fájl típus : Képernyő illesztőprogram
Leírás : Framebuffer Display Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.14. 17:00:27
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\framebuf.dll
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: Fs_Rec.SYS
Cím : 0xf79c5000
Fájl típus : Rendszer illesztőprogram
Leírás : File System Recognizer Driver
Verzió : 5.1.2600.0 (xpclient.010817-1148)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2001.10.26. 13:00:00
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: ftdisk.sys
Cím : 0xf7858000
Fájl típus : Rendszer illesztőprogram
Leírás : Hibatűrő illesztőprogram
Verzió : 5.1.2600.0 (XPClient.010817-1148)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; operációs rendszer
Módosítás dátuma : 2001.10.26. 13:00:00
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\drivers\ftdisk.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: hal.dll
Cím : 0x806ff000
Fájl típus : Dinamikusan kapcsolódó eljáráskönyvtár
Leírás : Hardware Abstraction Layer DLL
Verzió : 5.1.2600.5512 (xpsp.080413-2111)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:31:28
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\hal.dll
Fájl attributum :
==================================================

==================================================
Illesztőprogram neve: HDAudBus.sys
Cím : 0xb85b6000
Fájl típus : Hang illesztőprogram
Leírás : High Definition Audio Bus Driver v1.0a
Verzió : 5.10.01.5013 built by: WinDDK
Cég : Windows (R) Server 2003 DDK provider
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 17:36:05
Létrehozás dátuma : 2005.01.07. 16:07:18
Fájlnév : C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
Fájl attributum :
==================================================

==================================================
Illesztőprogram neve: HIDCLASS.SYS
Cím : 0xb8632000
Fájl típus : Dinamikusan kapcsolódó eljáráskönyvtár
Leírás : Hid Class Library
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:45:26
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\DRIVERS\HIDCLASS.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: HIDPARSE.SYS
Cím : 0xb8366000
Fájl típus : Dinamikusan kapcsolódó eljáráskönyvtár
Leírás : Hid Parsing Library
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:45:22
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\DRIVERS\HIDPARSE.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: hidusb.sys
Cím : 0xf792f000
Fájl típus : Dinamikusan kapcsolódó eljáráskönyvtár
Leírás : USB Miniport Driver for Input Devices
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:45:27
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\DRIVERS\hidusb.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: i8042prt.sys
Cím : 0xf741e000
Fájl típus : Rendszer illesztőprogram
Leírás : i8082-port illesztőprogramja
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; operációs rendszer
Módosítás dátuma : 2008.04.14. 16:38:14
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\DRIVERS\i8042prt.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: imapi.sys
Cím : 0xf740e000
Fájl típus : Rendszer illesztőprogram
Leírás : IMAPI Kernel Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:40:58
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\DRIVERS\imapi.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: isapnp.sys
Cím : 0xf75f7000
Fájl típus : Rendszer illesztőprogram
Leírás : PNP ISA busz illesztője
Verzió : 5.1.2600.5512 (xpsp.080413-2111)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; operációs rendszer
Módosítás dátuma : 2008.04.14. 16:40:20
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\drivers\isapnp.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: JGOGO.sys
Cím : 0xf798d000
Fájl típus : Rendszer illesztőprogram
Leírás : SCSI Port upper filter driver
Verzió : 5.0.3790.1
Cég : JMicron
Termék név : SCSI Port upper filter driver
Módosítás dátuma : 2006.02.07. 12:52:58
Létrehozás dátuma : 2007.07.12. 22:39:59
Fájlnév : C:\WINDOWS\system32\drivers\JGOGO.sys
Fájl attributum : R
==================================================

==================================================
Illesztőprogram neve: jraid.sys
Cím : 0xf7627000
Fájl típus : Rendszer illesztőprogram
Leírás : JMicron JMB36X RAID Driver
Verzió : 1.17.13.01 built by: WinDDK
Cég : JMicron Technology Corp.
Termék név : JMicron JMB36X RAID Driver
Módosítás dátuma : 2007.02.16. 3:27:10
Létrehozás dátuma : 2007.07.12. 22:39:59
Fájlnév : C:\WINDOWS\system32\drivers\jraid.sys
Fájl attributum : R
==================================================

==================================================
Illesztőprogram neve: kbdclass.sys
Cím : 0xf77ef000
Fájl típus : Rendszer illesztőprogram
Leírás : Billentyűzetosztály illesztőprogramja
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; operációs rendszer
Módosítás dátuma : 2008.04.14. 16:40:51
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\DRIVERS\kbdclass.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: KDCOM.DLL
Cím : 0xf7987000
Fájl típus : Kommunikációs illesztőprogram
Leírás : Kernel Debugger HW Extension DLL
Verzió : 5.1.2600.0 (xpclient.010817-1148)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2001.10.26. 13:00:00
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\KDCOM.DLL
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: ks.sys
Cím : 0xb856f000
Fájl típus : Illesztőprogram
Leírás : Kernel CSA Library
Verzió : 5.3.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft(R) Windows(R) Operating System
Módosítás dátuma : 2008.04.13. 20:16:36
Létrehozás dátuma : 2007.07.12. 23:52:43
Fájlnév : C:\WINDOWS\System32\DRIVERS\ks.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: KSecDD.sys
Cím : 0xb87e9000
Fájl típus : Rendszer illesztőprogram
Leírás : Kernel Security Support Provider Interface
Verzió : 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2009.06.24. 12:18:41
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\drivers\KSecDD.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: mcdbus.sys
Cím : 0xb84c4000
Fájl típus : Rendszer illesztőprogram
Leírás : MagicISO SCSI Host Controller
Verzió : 2.7.105.132
Cég : MagicISO, Inc.
Termék név : MagicISO SCSI Host Controller
Módosítás dátuma : 2008.07.28. 16:19:28
Létrehozás dátuma : 2009.04.19. 11:10:46
Fájlnév : C:\WINDOWS\system32\DRIVERS\mcdbus.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: mouclass.sys
Cím : 0xf775f000
Fájl típus : Rendszer illesztőprogram
Leírás : Mouse Class illesztőprogram
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; operációs rendszer
Módosítás dátuma : 2008.04.14. 16:33:44
Létrehozás dátuma : 2001.10.26. 20:01:42
Fájlnév : C:\WINDOWS\System32\DRIVERS\mouclass.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: mouhid.sys
Cím : 0xf793f000
Fájl típus : Dinamikusan kapcsolódó eljáráskönyvtár
Leírás : HID Mouse Filter illesztőprogram
Verzió : 5.1.2600.0 (XPClient.010817-1148)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; operációs rendszer
Módosítás dátuma : 2001.10.26. 13:00:00
Létrehozás dátuma : 2001.10.26. 20:01:42
Fájlnév : C:\WINDOWS\System32\DRIVERS\mouhid.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: MountMgr.sys
Cím : 0xf7607000
Fájl típus : Rendszer illesztőprogram
Leírás : Mount Manager
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:39:46
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\drivers\MountMgr.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: Msfs.SYS
Cím : 0xf77ff000
Fájl típus : Rendszer illesztőprogram
Leírás : Mailslot driver
Verzió : 5.1.2600.5512 (xpsp.080413-2111)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:32:39
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\Drivers\Msfs.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: mssmbios.sys
Cím : 0xb86da000
Fájl típus : Rendszer illesztőprogram
Leírás : System Management BIOS Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2111)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:36:46
Létrehozás dátuma : 2004.08.04. 7:07:47
Fájlnév : C:\WINDOWS\System32\DRIVERS\mssmbios.sys
Fájl attributum :
==================================================

==================================================
Illesztőprogram neve: Mup.sys
Cím : 0xb8702000
Fájl típus : Hálózat illesztőprogram
Leírás : Multiple UNC Provider driver
Verzió : 5.1.2600.5512 (xpsp.080413-2111)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 20:17:05
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\drivers\Mup.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: NDIS.sys
Cím : 0xb871c000
Fájl típus : Hálózat illesztőprogram
Leírás : NDIS 5.1 wrapper driver
Verzió : 5.1.2600.5512 (xpsp.080413-0852)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 20:20:37
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\drivers\NDIS.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: Npfs.SYS
Cím : 0xf780f000
Fájl típus : Rendszer illesztőprogram
Leírás : NPFS Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2111)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:32:39
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\Drivers\Npfs.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: ntdll.dll
Cím : 0x7c900000
Fájl típus : Dinamikusan kapcsolódó eljáráskönyvtár
Leírás : NT réteg DLL
Verzió : 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; operációs rendszer
Módosítás dátuma : 2009.02.09. 11:54:16
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\ntdll.dll
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: Ntfs.sys
Cím : 0xb8749000
Fájl típus : Rendszer illesztőprogram
Leírás : NT File System Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2111)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 20:15:53
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\drivers\Ntfs.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: ntoskrnl.exe
Cím : 0x804d7000
Fájl típus : Alkalmazás
Leírás : NT - kernel és rendszer
Verzió : 5.1.2600.5857 (xpsp_sp3_gdr.090804-1435)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; operációs rendszer
Módosítás dátuma : 2009.08.04. 18:29:36
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\ntoskrnl.exe
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: Null.SYS
Cím : 0xf7a7b000
Fájl típus : Rendszer illesztőprogram
Leírás : NULL Driver
Verzió : 5.1.2600.0 (XPClient.010817-1148)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2001.10.26. 13:00:00
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\Drivers\Null.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: PartMgr.sys
Cím : 0xf770f000
Fájl típus : Rendszer illesztőprogram
Leírás : Partition Manager
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:40:49
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\drivers\PartMgr.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: pci.sys
Cím : 0xf747e000
Fájl típus : Dinamikusan kapcsolódó eljáráskönyvtár
Leírás : NT - Plug and Play PCI-enumeráló
Verzió : 5.1.2600.5512 (xpsp.080413-2111)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; operációs rendszer
Módosítás dátuma : 2008.04.14. 16:44:26
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\drivers\pci.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: pciide.sys
Cím : 0xf7a4f000
Fájl típus : Rendszer illesztőprogram
Leírás : Általános PCI IDE buszillesztő
Verzió : 5.1.2600.0 (XPClient.010817-1148)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; operációs rendszer
Módosítás dátuma : 2001.10.26. 19:10:22
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\drivers\pciide.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: PCIIDEX.SYS
Cím : 0xf7707000
Fájl típus : Rendszer illesztőprogram
Leírás : PCI IDE Bus Driver Extension
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:40:29
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\DRIVERS\PCIIDEX.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: pfc.sys
Cím : 0xf7943000
Fájl típus : Telepíthető illesztőprogram
Leírás : Padus(R) ASPI Shell
Verzió : 2, 5, 0, 202
Cég : Padus, Inc.
Termék név : Padus(R) ASPI Shell
Módosítás dátuma : 2007.09.08. 11:14:08
Létrehozás dátuma : 2007.09.08. 11:14:08
Fájlnév : C:\WINDOWS\system32\drivers\pfc.sys
Fájl attributum :
==================================================

==================================================
Illesztőprogram neve: PxHelp20.sys
Cím : 0xf7657000
Fájl típus : Dinamikusan kapcsolódó eljáráskönyvtár
Leírás : Px Engine Device Driver for Windows 2000/XP
Verzió : 3.00.56a
Cég : Sonic Solutions
Termék név : PxHelp20
Módosítás dátuma : 2007.11.29. 23:30:24
Létrehozás dátuma : 2007.12.29. 13:08:14
Fájlnév : C:\WINDOWS\system32\drivers\PxHelp20.sys
Fájl attributum :
==================================================

==================================================
Illesztőprogram neve: rdpdr.sys
Cím : 0xb84e1000
Fájl típus : Illesztőprogram
Leírás : Microsoft RDP Device redirector
Verzió : 5.1.2600.5512 (xpsp.080413-2111)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:32:51
Létrehozás dátuma : 2007.07.12. 20:49:37
Fájlnév : C:\WINDOWS\System32\DRIVERS\rdpdr.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: redbook.sys
Cím : 0xf7877000
Fájl típus : Rendszer illesztőprogram
Leírás : RedbookAudio szűrő illesztője
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; operációs rendszer
Módosítás dátuma : 2008.04.14. 16:36:26
Létrehozás dátuma : 2007.07.12. 22:45:43
Fájlnév : C:\WINDOWS\System32\DRIVERS\redbook.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: SCSIPORT.SYS
Cím : 0xf74bd000
Fájl típus : Rendszer illesztőprogram
Leírás : SCSI Port Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:40:30
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\Drivers\SCSIPORT.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: spoi.sys
Cím : 0xf74d5000
Fájl típus : Ismeretlen
Leírás :
Verzió :
Cég :
Termék név :
Módosítás dátuma : N/A
Létrehozás dátuma : N/A
Fájlnév : C:\WINDOWS\system32\drivers\spoi.sys
Fájl attributum :
==================================================

==================================================
Illesztőprogram neve: sr.sys
Cím : 0xf7a3d000
Fájl típus : Rendszer illesztőprogram
Leírás : Rendszer-visszaállítás fájlrendszeri szűrő-illesztőprogramja
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; operációs rendszer
Módosítás dátuma : 2008.04.14. 16:44:25
Létrehozás dátuma : 2007.07.12. 20:51:05
Fájlnév : C:\WINDOWS\system32\drivers\sr.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: swenum.sys
Cím : 0xf79b7000
Fájl típus : Illesztőprogram
Leírás : Plug and Play Software Device Enumerator
Verzió : 5.3.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft(R) Windows(R) Operating System
Módosítás dátuma : 2008.04.13. 19:39:53
Létrehozás dátuma : 2007.07.12. 23:52:43
Fájlnév : C:\WINDOWS\System32\DRIVERS\swenum.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: termdd.sys
Cím : 0xb8682000
Fájl típus : Rendszer illesztőprogram
Leírás : Terminal Server Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2111)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.14. 17:02:52
Létrehozás dátuma : 2007.07.12. 20:49:37
Fájlnév : C:\WINDOWS\System32\DRIVERS\termdd.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: update.sys
Cím : 0xb8466000
Fájl típus : Rendszer illesztőprogram
Leírás : Update Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:39:46
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\DRIVERS\update.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: USBD.SYS
Cím : 0xf79bf000
Fájl típus : Dinamikusan kapcsolódó eljáráskönyvtár
Leírás : Universal Serial Bus Driver
Verzió : 5.1.2600.0 (XPClient.010817-1148)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2001.10.26. 13:00:00
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\DRIVERS\USBD.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: usbehci.sys
Cím : 0xf77bf000
Fájl típus : Dinamikusan kapcsolódó eljáráskönyvtár
Leírás : EHCI eUSB Miniport Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:45:35
Létrehozás dátuma : 2004.08.04. 7:08:37
Fájlnév : C:\WINDOWS\system32\DRIVERS\usbehci.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: usbhub.sys
Cím : 0xb8662000
Fájl típus : Dinamikusan kapcsolódó eljáráskönyvtár
Leírás : Default Hub Driver for USB
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:45:37
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\DRIVERS\usbhub.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: USBPORT.SYS
Cím : 0xb8592000
Fájl típus : Dinamikusan kapcsolódó eljáráskönyvtár
Leírás : USB 1.1 & 2.0 Port Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:45:36
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\DRIVERS\USBPORT.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: USBSTOR.SYS
Cím : 0xb8376000
Fájl típus : Dinamikusan kapcsolódó eljáráskönyvtár
Leírás : USB Mass Storage Class Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:45:38
Létrehozás dátuma : 2007.07.13. 0:57:45
Fájlnév : C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: usbuhci.sys
Cím : 0xf778f000
Fájl típus : Dinamikusan kapcsolódó eljáráskönyvtár
Leírás : UHCI USB Miniport Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:45:35
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\DRIVERS\usbuhci.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: vga.sys
Cím : 0xf77d7000
Fájl típus : Képernyő illesztőprogram
Leírás : VGA/Super VGA Video Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:44:40
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\drivers\vga.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: VIDEOPRT.SYS
Cím : 0xb833a000
Fájl típus : Képernyő illesztőprogram
Leírás : Video Port Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:44:40
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\drivers\VIDEOPRT.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: VolSnap.sys
Cím : 0xf7617000
Fájl típus : Rendszer illesztőprogram
Leírás : Kötet árnyékmásolatának illesztőprogramja
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; operációs rendszer
Módosítás dátuma : 2008.04.14. 16:35:41
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\system32\drivers\VolSnap.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: watchdog.sys
Cím : 0xf776f000
Fájl típus : Dinamikusan kapcsolódó eljáráskönyvtár
Leírás : Watchdog Driver
Verzió : 5.1.2600.5512 (xpsp.080413-2108)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2008.04.13. 19:44:59
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\watchdog.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: win32k.sys
Cím : 0xbf800000
Fájl típus : Rendszer illesztőprogram
Leírás : Többfelhasználós Win32 illesztőprogram
Verzió : 5.1.2600.5863 (xpsp_sp3_gdr.090814-1258)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; operációs rendszer
Módosítás dátuma : 2009.08.14. 16:16:16
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\win32k.sys
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: WmBEnum.sys
Cím : 0xb86d6000
Fájl típus : Illesztőprogram
Leírás : Logitech WingMan Virtual Bus Enumerator Driver
Verzió : 5.01.248
Cég : Logitech Inc.
Termék név : Logitech Gaming Software
Módosítás dátuma : 2007.09.13. 20:40:54
Létrehozás dátuma : 2000.05.11. 11:25:42
Fájlnév : C:\WINDOWS\system32\drivers\WmBEnum.sys
Fájl attributum :
==================================================

==================================================
Illesztőprogram neve: WMILIB.SYS
Cím : 0xf7989000
Fájl típus : Rendszer illesztőprogram
Leírás : WMILIB WMI support library Dll
Verzió : 5.1.2600.0 (XPClient.010817-1148)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2001.10.26. 13:00:00
Létrehozás dátuma : 2001.10.26. 13:00:00
Fájlnév : C:\WINDOWS\System32\Drivers\WMILIB.SYS
Fájl attributum : A
==================================================

==================================================
Illesztőprogram neve: WmXlCore.sys
Cím : 0xb8672000
Fájl típus : Illesztőprogram
Leírás : Logitech WingMan Translation Driver
Verzió : 5.01.248
Cég : Logitech Inc.
Termék név : Logitech Gaming Software
Módosítás dátuma : 2007.09.13. 20:41:28
Létrehozás dátuma : 2000.05.11. 11:25:18
Fájlnév : C:\WINDOWS\system32\drivers\WmXlCore.sys
Fájl attributum :
==================================================

==================================================
Illesztőprogram neve: WudfPf.sys
Cím : 0xb87d6000
Fájl típus : Rendszer illesztőprogram
Leírás : Windows Driver Foundation - User-mode Driver Framework Platform Driver
Verzió : 6.0.5730.0 (winmain.060915-1845)
Cég : Microsoft Corporation
Termék név : Microsoft&reg; Windows&reg; Operating System
Módosítás dátuma : 2006.09.15. 21:29:52
Létrehozás dátuma : 2006.09.28. 17:55:50
Fájlnév : C:\WINDOWS\system32\drivers\WudfPf.sys
Fájl attributum :
==================================================

Szia Stell, nagyon szépen kérlek, ha tudsz segíts! A fiam gépe már csak csökkentett módban indul, mert normálban 1 perc után kék halál:(



Hijackthis ezt adja ki:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:17:52, on 2010.02.06.
Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
M:\NORBI_GEP\hijackthis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: 87.229.98.104 launcher.worldofwarcraft.com
O1 - Hosts: 87.229.98.104 status.wow-europe.com
O2 - BHO: Adobe PDF Reader hivatkozássúgó - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live bejelentkezési segítség - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [] C:\Windows\sys32\wininfo.exe
O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "D:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-436374069-682003330-725345543-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportálás a Microsoft Excel programba - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra button: Küldés blogba - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Küldés blogba a Windows Live Writer programmal - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Küldés a OneNote programba - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Kül&dés a OneNote programba - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 4321175536
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4321148052
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://engine.netanday.it/ajax_webcam/codec/AMC.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O18 - Protocol: bw+0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: offline-8876480 - {C909B30D-0394-4980-9D82-2FC82471B68B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O20 - Winlogon Notify: khfDwuUk - C:\WINDOWS\
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google frissítési szolgáltatás (gupdate1ca2b9a66c579fa) (gupdate1ca2b9a66c579fa) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google Inc. - (no file)
O23 - Service: Turbine Message Service - Live (LiveTurbineMessageService) - Unknown owner - (no file)
O23 - Service: Turbine Network Service - Live (LiveTurbineNetworkService) - Unknown owner - (no file)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 21797 bytes

Nagyon megköszönöm előre is a segítséged ha van időd ránézni!!!!!!!!

csinald igy
1:start-futtatas masold be az ablakba
combofix /uninstall
2:Futasd az OTL programot klik Cleanup,yes,,yes,

a javito konzolat tavolids el igy
http://sites.google.com/site/stellmajds ... litasa--xp

nincsen mit udv.

Köszönöm,hogy a vasárnap délelőtt egy részét rám szántad.
Azt kérdezném,hogy a C:\OTL és cmdcons és Qoobox mappákat törölhetem-e?
Nagyon köszönöm a segítséged
Üdv