Terminál Fórum - Téma megtekintése

Megválaszolatlan hozzászólások | Aktív témák

Pontos idő: hétf. jan. 06, 2025 2:33

stell, help me

Moderátorok: Wiki, Moderátorok

Oldal: 28 / 39

[ 1923 hozzászólás ]

Oldal Előző 1 ... 25, 26, 27, 28, 29, 30, 31 ... 39 Következő

Nyomtatóbarát verzió

Előző téma | Következő téma

stell, help me

Szerző	Üzenet
stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	ok van e meg problem??ha igen akkor mi.
vas. jan. 31, 2010 12:04

Sanyi46 arany tag Csatlakozott: csüt. aug. 21, 2008 19:07 Hozzászólások: 326	All processes killed ========== OTL ========== ADS C:\Documents and Settings\All Users\Application Data\TEMP:ECF54A0E deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51 deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Sanyi ->Temp folder emptied: 32768 bytes ->Temporary Internet Files folder emptied: 4109273 bytes ->FireFox cache emptied: 97855265 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 97,00 mb OTL by OldTimer - Version 3.1.27.1 log created on 01312010_112239 Files\Folders moved on Reboot... Registry entries deleted on Reboot...
vas. jan. 31, 2010 11:51

Sanyi46 arany tag Csatlakozott: csüt. aug. 21, 2008 19:07 Hozzászólások: 326	ComboFix 10-01-30.05 - Sanyi 010.01.31. 11:36:27.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.36.1038.18.2048.1572 [GMT 1:00] Running from: c:\documents and settings\Sanyi\Asztal\ComboFix.exe AV: ESET NOD32 Antivirus 4.0 On-access scanning disabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: Outpost Firewall Pro disabled {8A20CA2A-9E02-4A64-923B-0A38208EB7FD} * Resident AV is active . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-468654346-3896344689-1811577296-1000 c:\documents and settings\Sanyi\Application Data\inst.exe . ((((((((((((((((((((((((( Files Created from 2009-12-28 to 2010-01-31 ))))))))))))))))))))))))))))))) . 2010-01-31 10:22 . 2010-01-31 10:22 -------- d-----w- C:\_OTL 2010-01-31 05:52 . 2010-01-31 05:52 -------- d-----w- c:\documents and settings\Sanyi\Local Settings\Application Data\Help 2010-01-31 05:26 . 2010-01-31 06:28 -------- d--h--w- c:\windows\system32\GroupPolicy 2010-01-29 20:53 . 2010-01-29 20:54 -------- d-----w- c:\windows\system32\NtmsData 2010-01-29 20:15 . 2010-01-29 20:15 -------- d-----w- c:\program files\SmartPCTools 2010-01-28 19:25 . 2010-01-28 19:25 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys 2010-01-28 19:25 . 2010-01-28 19:25 47360 ----a-w- c:\documents and settings\Sanyi\Application Data\pcouffin.sys 2010-01-28 19:25 . 2010-01-28 19:27 -------- d-----w- c:\documents and settings\Sanyi\Application Data\Vso 2010-01-28 19:25 . 2007-03-18 20:37 65602 ----a-w- c:\windows\system32\cook3260.dll 2010-01-28 19:25 . 2006-09-29 12:26 176165 ----a-w- c:\windows\system32\drv23260.dll 2010-01-28 19:25 . 2006-09-29 12:25 208935 ----a-w- c:\windows\system32\drv33260.dll 2010-01-28 19:25 . 2006-09-29 12:24 217127 ----a-w- c:\windows\system32\drv43260.dll 2010-01-28 19:25 . 2006-05-20 16:16 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll 2010-01-28 19:25 . 2006-05-11 19:21 626688 ----a-w- c:\windows\system32\vp7vfw.dll 2010-01-28 19:25 . 2002-12-10 02:20 102439 ----a-w- c:\windows\system32\sipr3260.dll 2010-01-28 19:24 . 2010-01-28 19:25 -------- d-----w- c:\program files\VSO 2010-01-28 17:50 . 2010-01-28 17:50 -------- d-----w- c:\program files\RocketDock 2010-01-28 17:47 . 2009-08-24 20:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe 2010-01-28 17:38 . 2010-01-28 17:38 -------- d-----w- c:\documents and settings\Sanyi\Application Data\URSoft 2010-01-28 17:38 . 2010-01-31 10:41 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2010-01-28 17:38 . 2010-01-28 17:38 -------- d-----w- c:\program files\Your Uninstaller 2010 2010-01-27 20:47 . 2010-01-27 20:47 84198 ----a-w- c:\windows\system32\perfc040.dat 2010-01-27 20:47 . 2010-01-27 20:47 395348 ----a-w- c:\windows\system32\perfh040.dat 2010-01-26 16:26 . 2010-01-26 16:26 -------- d-----w- C:\Windows XP 2010-01-25 11:01 . 2008-04-13 09:45 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys 2010-01-25 09:59 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll 2010-01-24 18:11 . 2010-01-28 17:47 -------- d-----w- c:\program files\Ashampoo 2010-01-24 17:50 . 2010-01-24 17:50 -------- d-----w- c:\documents and settings\Sanyi\Local Settings\Application Data\ESET 2010-01-24 15:17 . 2010-01-24 15:17 -------- d-----w- c:\program files\Trend Micro 2010-01-24 07:40 . 2003-06-19 00:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll 2010-01-24 07:40 . 2003-06-19 00:31 17920 ----a-w- c:\windows\system32\mdimon.dll 2010-01-24 07:39 . 2010-01-24 07:39 -------- d-----w- c:\windows\SHELLNEW 2010-01-24 07:39 . 2010-01-24 07:39 -------- d-----w- c:\program files\Microsoft.NET 2010-01-23 20:39 . 2010-01-23 20:40 -------- d-----w- c:\program files\Memory Improve Master 2010-01-23 20:32 . 2010-01-23 20:32 -------- d-----w- c:\documents and settings\Sanyi\Application Data\translateclient 2010-01-23 20:32 . 2010-01-23 20:32 -------- d-----w- c:\program files\Translate Client 2010-01-23 20:19 . 2010-01-23 20:19 -------- d-----w- c:\windows\ie8updates 2010-01-23 12:28 . 2006-07-10 20:00 8704 ----a-w- c:\windows\system32\CNMVS75.DLL 2010-01-23 12:28 . 2006-07-10 20:00 59392 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP75.DLL 2010-01-23 12:28 . 2006-07-10 20:00 20992 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD75.DLL 2010-01-23 12:28 . 2006-07-10 20:00 139776 ----a-w- c:\windows\system32\CNMLM75.DLL 2010-01-23 12:28 . 2005-03-08 09:17 90112 ----a-w- c:\windows\system32\CNMCP75.exe 2010-01-23 12:17 . 2008-04-13 09:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys 2010-01-23 12:17 . 2008-04-13 09:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2010-01-23 12:14 . 2010-01-23 12:14 -------- d-----w- c:\program files\Foxit Software 2010-01-23 12:11 . 2010-01-23 12:11 -------- d-----w- c:\documents and settings\Sanyi\Application Data\IObit 2010-01-23 12:11 . 2010-01-23 12:11 -------- d-----w- c:\program files\IObit 2010-01-23 10:37 . 2010-01-23 10:37 -------- d-----w- c:\program files\uTorrent 2010-01-23 10:37 . 2010-01-31 09:14 -------- d-----w- c:\documents and settings\Sanyi\Application Data\uTorrent 2010-01-23 10:32 . 2009-12-21 19:09 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2010-01-23 10:32 . 2009-12-21 19:09 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2010-01-23 10:32 . 2009-12-21 19:09 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll 2010-01-23 10:32 . 2009-12-21 19:09 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2010-01-23 10:32 . 2009-12-21 19:09 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2010-01-23 10:32 . 2009-12-21 19:09 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll 2010-01-23 07:08 . 2010-01-23 07:08 -------- d-----w- c:\documents and settings\Sanyi\Local Settings\Application Data\Thunderbird 2010-01-23 07:08 . 2010-01-23 07:08 -------- d-----w- c:\documents and settings\Sanyi\Application Data\Thunderbird 2010-01-23 07:08 . 2010-01-30 22:30 -------- d-----w- c:\program files\Mozilla Thunderbird 2010-01-23 07:03 . 2010-01-23 07:03 -------- d-----w- c:\program files\WinSnap 2010-01-23 06:55 . 2010-01-23 12:10 -------- d-----w- c:\documents and settings\Sanyi\Application Data\Godlike 2010-01-23 06:55 . 2010-01-23 06:55 -------- d-----w- c:\program files\Godlike Developers 2010-01-23 06:44 . 2010-01-23 06:44 -------- d-----w- c:\program files\PowerISO 2010-01-23 06:30 . 2010-01-23 06:58 -------- d-----w- c:\program files\Total Commander 2008 Final Edition by K-ED 2010-01-23 05:33 . 2010-01-28 09:21 -------- d-----w- c:\documents and settings\Sanyi\Application Data\dvdcss 2010-01-23 05:30 . 2008-04-14 07:02 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll 2010-01-23 05:28 . 2010-01-23 05:28 -------- d-----w- c:\program files\Windows Media Connect 2 2010-01-23 05:26 . 2010-01-23 05:27 -------- d-----w- c:\windows\system32\drivers\UMDF 2010-01-23 05:26 . 2010-01-23 05:26 -------- d-----w- c:\windows\system32\LogFiles 2010-01-23 05:13 . 2010-01-23 05:13 -------- d-sh--w- c:\documents and settings\Sanyi\PrivacIE 2010-01-23 05:09 . 2010-01-23 05:09 -------- d-sh--w- c:\documents and settings\Sanyi\IETldCache 2010-01-23 05:07 . 2009-01-07 17:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2010-01-23 05:07 . 2010-01-23 05:07 -------- dc-h--w- c:\windows\ie8 2010-01-23 05:00 . 2010-01-23 05:00 -------- d-----w- c:\program files\UPHClean 2010-01-23 04:48 . 2010-01-23 04:50 -------- d-----w- c:\documents and settings\Sanyi\Application Data\vlc 2010-01-23 04:47 . 2010-01-23 04:47 -------- d-----w- c:\program files\VideoLAN 2010-01-22 21:02 . 2010-01-23 05:56 -------- d-----w- c:\program files\Unlocker 2010-01-22 20:49 . 2010-01-22 20:49 0 ----a-w- c:\windows\nsreg.dat 2010-01-22 20:49 . 2010-01-22 20:49 -------- d-----w- c:\documents and settings\Sanyi\Local Settings\Application Data\Mozilla 2010-01-22 20:42 . 2010-01-22 20:42 -------- d-sh--w- c:\documents and settings\Sanyi\UserData 2010-01-22 19:34 . 2010-01-22 19:34 -------- d-----w- c:\program files\ESET 2010-01-22 19:34 . 2010-01-22 19:34 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET 2010-01-22 19:26 . 2009-07-23 10:56 714752 ----a-w- c:\windows\system32\drivers\SandBox.sys 2010-01-22 19:25 . 2009-07-13 12:19 256792 ----a-w- c:\windows\system32\drivers\afwcore.sys 2010-01-22 19:25 . 2010-01-22 19:26 -------- d-----w- c:\windows\system32\Filt 2010-01-22 19:25 . 2009-02-18 16:30 31128 ----a-w- c:\windows\system32\drivers\afw.sys 2010-01-22 19:25 . 2010-01-22 19:25 -------- d-----w- c:\program files\Agnitum 2010-01-22 19:25 . 2010-01-22 19:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Agnitum . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-29 06:33 . 2010-01-22 18:30 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-01-27 20:20 . 2010-01-27 20:20 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ 2010-01-24 20:38 . 2010-01-22 18:01 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-01-24 08:28 . 2010-01-22 18:47 14376 ----a-w- c:\documents and settings\Sanyi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-23 20:21 . 2001-10-26 11:00 84198 ----a-w- c:\windows\system32\perfc00E.dat 2010-01-23 20:21 . 2001-10-26 11:00 395348 ----a-w- c:\windows\system32\perfh00E.dat 2010-01-23 06:16 . 2010-01-22 18:55 -------- d-----w- c:\documents and settings\Sanyi\Application Data\GHISLER 2010-01-22 18:46 . 2010-01-22 18:46 -------- d-----w- c:\documents and settings\Sanyi\Application Data\ATI 2010-01-22 18:46 . 2010-01-22 18:46 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI 2010-01-22 18:33 . 2010-01-22 18:33 0 ----a-w- c:\windows\ativpsrm.bin 2010-01-22 18:32 . 2010-01-22 18:30 -------- d-----w- c:\program files\ATI Technologies 2010-01-22 18:31 . 2010-01-22 18:28 -------- d-----w- c:\program files\Common Files\InstallShield 2010-01-22 18:02 . 2010-01-22 18:02 -------- d-----w- c:\program files\microsoft frontpage 2010-01-22 17:58 . 2010-01-22 17:58 21948 ----a-w- c:\windows\system32\emptyregdb.dat 2010-01-22 05:32 . 2001-10-26 20:25 77891 ----a-w- c:\windows\system32\usrmlnka.exe 2010-01-22 05:25 . 2010-01-22 05:25 999424 ----a-w- c:\windows\system32\syssetup.dll 2010-01-22 05:25 . 2010-01-22 05:25 286208 ----a-w- c:\windows\system32\wmpdxm.dll 2010-01-22 05:24 . 2010-01-22 05:24 604160 ----a-w- c:\windows\system32\wmspdmod.dll 2010-01-22 05:24 . 2010-01-22 05:24 938496 ----a-w- c:\windows\system32\wmnetmgr.dll 2010-01-22 05:24 . 2010-01-22 05:24 100864 ----a-w- c:\windows\system32\logagent.exe 2010-01-22 05:24 . 2010-01-22 05:24 58880 ----a-w- c:\windows\system32\msasn1.dll 2010-01-22 05:24 . 2010-01-22 05:24 271360 ----a-w- c:\windows\system32\oakley.dll 2010-01-22 05:24 . 2010-01-22 05:24 79872 ----a-w- c:\windows\system32\raschap.dll 2010-01-22 05:24 . 2010-01-22 05:24 150528 ----a-w- c:\windows\system32\rastls.dll 2010-01-22 05:24 . 2010-01-22 05:24 247326 ----a-w- c:\windows\system32\strmdll.dll 2010-01-22 05:23 . 2010-01-22 05:23 205312 ----a-w- c:\windows\system32\mswebdvd.dll 2010-01-22 05:23 . 2010-01-22 05:23 58880 ----a-w- c:\windows\system32\atl.dll 2010-01-22 05:23 . 2010-01-22 05:23 134144 ----a-w- c:\windows\system32\wkssvc.dll 2010-01-22 05:23 . 2010-01-22 05:23 1294848 ----a-w- c:\windows\system32\quartz.dll 2010-01-22 05:23 . 2010-01-22 05:23 84992 ----a-w- c:\windows\system32\avifil32.dll 2010-01-22 05:23 . 2010-01-22 05:23 2146816 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-01-22 05:23 . 2010-01-22 05:23 585216 ----a-w- c:\windows\system32\rpcrt4.dll 2010-01-22 05:23 . 2010-01-22 05:23 1859712 ----a-w- c:\windows\system32\win32k.sys 2010-01-22 05:22 . 2010-01-22 05:22 1438720 ----a-w- c:\windows\system32\query.dll 2010-01-22 05:22 . 2010-01-22 05:22 348672 ----a-w- c:\windows\system32\localspl.dll 2010-01-22 05:22 . 2010-01-22 05:22 82432 ----a-w- c:\windows\system32\tlntsess.exe 2010-01-22 05:22 . 2010-01-22 05:22 354304 ----a-w- c:\windows\system32\winhttp.dll 2010-01-22 05:22 . 2010-01-22 05:22 333952 ----a-w- c:\windows\system32\drivers\srv.sys 2010-01-22 05:22 . 2010-01-22 05:22 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-01-22 05:20 . 2010-01-22 05:20 272512 ----a-w- c:\windows\system32\drivers\bthport.sys 2010-01-22 05:18 . 2010-01-22 17:59 691712 ----a-w- c:\windows\system32\inetcomm.dll 2010-01-22 05:18 . 2010-01-22 05:18 253952 ----a-w- c:\windows\system32\es.dll 2010-01-22 05:18 . 2010-01-22 05:18 203136 ----a-w- c:\windows\system32\drivers\RMCast.sys 2009-12-21 19:09 . 2008-04-14 07:02 916480 ----a-w- c:\windows\system32\wininet.dll 2009-11-21 16:03 . 2008-04-14 07:01 471552 ----a-w- c:\windows\AppPatch\aclayers.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Memory Improve Master"="c:\program files\Memory Improve Master\MemoryImproveMaster.exe" [2009-03-16 5095424] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] "Registry Repair Wizard Scheduler"="c:\program files\SmartPCTools\Registry Repair Wizard\RCHelper.exe" [2009-11-05 1540352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-20 98304] "OutpostMonitor"="c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe" [2009-07-28 1257800] "OutpostFeedBack"="c:\program files\Agnitum\Outpost Firewall Pro\feedback.exe" [2009-07-24 436552] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-11 2054360] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2009-10-26 15872] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-07-27 180224] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\ Translate Client.lnk - c:\program files\Translate Client\translateclient.exe [2009-7-10 360448] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoStartMenuSubFolders"= 0 (0x0) "NoCommonGroups"= 0 (0x0) "NoPrinters"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "NoChangeAnimation"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009.09.11. 7:23 108792] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009.09.11. 7:26 96408] R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [2010.01.22. 20:26 714752] R2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [2010.01.22. 20:25 1312584] R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009.09.11. 7:24 735960] R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [2010.01.22. 20:25 31128] R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2010.01.22. 20:25 256792] S3 ASWFilt;ASWFilt;c:\windows\system32\Filt\ASWFilt.dll [2010.01.22. 20:26 33920] S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\DfSdkS.exe [2010.01.28. 18:47 406016] --- Other Services/Drivers In Memory --- Deregistered - uphcleanhlp . . ------- Supplementary Scan ------- . IE: E&xportálás Microsoft Excel formátumba - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Save Page As PDF ... - file://c:\program files\Nitro PDF\PDF Download\nitroweb.htm IE: {{96538116-AB8C-4879-9F21-BD2BFE22A414} - {DC6169B9-3397-4D01-8639-07F1A34BAF99} - FF - ProfilePath - c:\documents and settings\Sanyi\Application Data\Mozilla\Firefox\Profiles\rqlumwfo.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.hu/firefox?client=fir ... u:official . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-31 11:42 Windows 5.1.2600 Szervizcsomag 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(908) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3748) c:\windows\system32\WININET.dll c:\program files\RocketDock\RocketDock.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe c:\program files\UPHClean\uphclean.exe . ************************************************************************ . Completion time: 2010-01-31 11:44:40 - machine was rebooted ComboFix-quarantined-files.txt 2010-01-31 10:44 Pre-Run: 25 868 951 552 bájt szabad Post-Run: 25 814 269 952 bájt szabad WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe ; ;Warning: Boot.ini is used on Windows XP and earlier operating systems. ;Warning: Use BCDEDIT.exe to modify Windows Vista boot options. ; [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional - magyar" /NOEXECUTE=OPTIN /FASTDETECT - - End Of File - - B7D398B0F81EE4F50EBE09506F650495
vas. jan. 31, 2010 11:51

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	futasd az OTL programot az ablakba custon\mscan/fixes ted be a textet es most klik RunFix a logot a restart utan ted ide Kód: :OTL @Alternate Data Stream - 167 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ECF54A0E @Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51 :commands [purity] [emptytemp] [start explorer] [Reboot] utana futasd le a Combofixet Idézet: Toldsle ezt a combofixett ted az ASZTALRA,mindent bezarsz kapcsold ki a ha van akorr a Spyware Terminator pajzat es +SpybotTeaTimer pajzat is ha van., .Nemfuthatt semmi program,Futatod mint rendszergazda rendesen Windowsba-2x-klik ikona combofix>beleegyezes...... Es mostan csak nezni fogod nembabralni semmitt a gepp sajatt maga restartoll befejezi a scent ,csinall combofix .txt,eztett ide teszed es http://download.bleepingcomputer.com/sUBs/ComboFix.exe
vas. jan. 31, 2010 11:21

Sanyi46 arany tag Csatlakozott: csüt. aug. 21, 2008 19:07 Hozzászólások: 326	Bocs stell, de több részletben sikerült
vas. jan. 31, 2010 11:04

Sanyi46 arany tag Csatlakozott: csüt. aug. 21, 2008 19:07 Hozzászólások: 326	[2010.01.22 06:18:15 \| 000,203,136 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys ========== Files Created - No Company Name ========== [2010.01.31 07:30:21 \| 000,000,560 \| RHS- \| C] () -- C:\Documents and Settings\All Users\ntuser.pol [2010.01.31 06:53:23 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\exctrlst.INI [2010.01.29 21:15:50 \| 000,000,811 \| ---- \| C] () -- C:\Documents and Settings\Sanyi\Asztal\Registry Repair Wizard 2009.lnk [2010.01.28 20:25:59 \| 000,001,044 \| ---- \| C] () -- C:\Documents and Settings\Sanyi\Application Data\vso_ts_preview.xml [2010.01.28 20:25:38 \| 000,000,034 \| ---- \| C] () -- C:\Documents and Settings\Sanyi\Application Data\pcouffin.log [2010.01.28 20:25:31 \| 000,087,608 \| ---- \| C] () -- C:\Documents and Settings\Sanyi\Application Data\inst.exe [2010.01.28 20:25:31 \| 000,007,887 \| ---- \| C] () -- C:\Documents and Settings\Sanyi\Application Data\pcouffin.cat [2010.01.28 20:25:31 \| 000,001,144 \| ---- \| C] () -- C:\Documents and Settings\Sanyi\Application Data\pcouffin.inf [2010.01.27 21:47:58 \| 000,395,348 \| ---- \| C] () -- C:\WINDOWS\System32\perfh040.dat [2010.01.27 21:47:58 \| 000,084,198 \| ---- \| C] () -- C:\WINDOWS\System32\perfc040.dat [2010.01.27 17:43:48 \| 000,383,592 \| RHS- \| C] () -- C:\gdrop [2010.01.27 17:43:47 \| 000,171,136 \| RHS- \| C] () -- C:\xeldr [2010.01.26 15:55:02 \| 000,438,840 \| RHS- \| C] () -- C:\bootxe1 [2010.01.26 15:55:02 \| 000,204,528 \| RHS- \| C] () -- C:\XELD1 [2010.01.26 15:55:02 \| 000,009,216 \| RHS- \| C] () -- C:\XELD1.1st [2010.01.26 14:46:30 \| 000,002,562 \| ---- \| C] () -- C:\WINDOWS\diagwrn.xml [2010.01.26 14:46:30 \| 000,001,908 \| ---- \| C] () -- C:\WINDOWS\diagerr.xml [2010.01.24 08:40:06 \| 000,000,388 \| ---- \| C] () -- C:\WINDOWS\ODBC.INI [2010.01.23 21:32:07 \| 000,001,743 \| ---- \| C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult\Translate Client.lnk [2010.01.23 13:28:12 \| 000,008,704 \| ---- \| C] () -- C:\WINDOWS\System32\CNMVS75.DLL [2010.01.23 06:26:42 \| 000,000,000 \| -H-- \| C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2010.01.22 21:49:16 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\nsreg.dat [2010.01.22 20:40:57 \| 000,000,546 \| ---- \| C] () -- C:\Documents and Settings\All Users\Asztal\t-online.hu.lnk [2010.01.22 20:25:45 \| 000,000,049 \| ---- \| C] () -- C:\WINDOWS\transp.gif [2010.01.22 19:55:40 \| 000,000,545 \| ---- \| C] () -- C:\WINDOWS\UC.PIF [2010.01.22 19:55:40 \| 000,000,545 \| ---- \| C] () -- C:\WINDOWS\RAR.PIF [2010.01.22 19:55:40 \| 000,000,545 \| ---- \| C] () -- C:\WINDOWS\PKZIP.PIF [2010.01.22 19:55:40 \| 000,000,545 \| ---- \| C] () -- C:\WINDOWS\PKUNZIP.PIF [2010.01.22 19:55:40 \| 000,000,545 \| ---- \| C] () -- C:\WINDOWS\NOCLOSE.PIF [2010.01.22 19:55:40 \| 000,000,545 \| ---- \| C] () -- C:\WINDOWS\LHA.PIF [2010.01.22 19:55:40 \| 000,000,545 \| ---- \| C] () -- C:\WINDOWS\ARJ.PIF [2010.01.22 19:51:27 \| 000,004,444 \| ---- \| C] () -- C:\WINDOWS\System32\pid.PNF [2010.01.22 19:51:18 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls [2010.01.22 19:51:18 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_28603.nls [2010.01.22 19:51:17 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_857.nls [2010.01.22 19:51:17 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_857.nls [2010.01.22 19:51:17 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls [2010.01.22 19:51:17 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_28599.nls [2010.01.22 19:51:17 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls [2010.01.22 19:51:17 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10081.nls [2010.01.22 19:51:16 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_869.nls [2010.01.22 19:51:16 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_869.nls [2010.01.22 19:51:16 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_866.nls [2010.01.22 19:51:16 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_866.nls [2010.01.22 19:51:16 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_855.nls [2010.01.22 19:51:16 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_855.nls [2010.01.22 19:51:16 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_737.nls [2010.01.22 19:51:16 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_737.nls [2010.01.22 19:51:16 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_875.nls [2010.01.22 19:51:16 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_875.nls [2010.01.22 19:51:16 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls [2010.01.22 19:51:16 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\C_28597.NLS [2010.01.22 19:51:16 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls [2010.01.22 19:51:16 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\C_28595.NLS [2010.01.22 19:51:16 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls [2010.01.22 19:51:16 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\C_28594.NLS [2010.01.22 19:51:16 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls [2010.01.22 19:51:16 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10017.nls [2010.01.22 19:51:16 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls [2010.01.22 19:51:16 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10007.nls [2010.01.22 19:51:16 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls [2010.01.22 19:51:16 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10006.nls [2010.01.22 19:51:11 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls [2010.01.22 19:51:11 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_20127.nls [2010.01.22 19:51:09 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls [2010.01.22 19:51:09 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10082.nls [2010.01.22 19:51:09 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls [2010.01.22 19:51:09 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10029.nls [2010.01.22 19:51:09 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls [2010.01.22 19:51:09 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10010.nls [2010.01.22 19:51:02 \| 000,001,793 \| ---- \| C] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2010.01.22 19:50:48 \| 000,144,484 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\netfx.cat [2010.01.22 19:50:48 \| 000,105,628 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat [2010.01.22 19:50:48 \| 000,034,747 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat [2010.01.22 19:50:48 \| 000,010,027 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2010.01.22 19:50:48 \| 000,008,599 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2010.01.22 19:50:48 \| 000,007,382 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2010.01.22 19:50:47 \| 001,246,411 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT [2010.01.22 19:50:47 \| 000,809,684 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2010.01.22 19:50:47 \| 000,399,670 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010.01.22 19:50:47 \| 000,037,509 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2010.01.22 19:50:47 \| 000,033,765 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2010.01.22 19:50:47 \| 000,016,825 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2010.01.22 19:50:47 \| 000,013,497 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010.01.22 19:50:47 \| 000,012,363 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2010.01.22 19:50:47 \| 000,007,334 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2010.01.22 19:50:46 \| 002,032,727 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2010.01.22 19:50:46 \| 000,634,302 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2010.01.22 19:50:05 \| 000,106,216 \| ---- \| C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.01.22 19:49:39 \| 000,000,364 \| RHS- \| C] () -- C:\boot.ini [2010.01.22 19:49:35 \| 000,000,824 \| ---- \| C] () -- C:\WINDOWS\System32\$winnt$.inf [2010.01.22 19:33:47 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\ativpsrm.bin [2010.01.22 19:21:50 \| 000,000,178 \| -HS- \| C] () -- C:\Documents and Settings\Sanyi\ntuser.ini [2010.01.22 19:21:48 \| 001,835,008 \| ---- \| C] () -- C:\Documents and Settings\Sanyi\NTUSER.DAT [2010.01.22 19:04:25 \| 000,002,048 \| --S- \| C] () -- C:\WINDOWS\bootstat.dat [2010.01.22 19:04:19 \| 000,028,288 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\xjis.nls [2010.01.22 19:03:54 \| 000,083,748 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\prcp.nls [2010.01.22 19:03:54 \| 000,083,748 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\prc.nls [2010.01.22 19:03:38 \| 001,158,818 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2010.01.22 19:03:38 \| 000,047,066 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\ksc.nls [2010.01.22 19:03:33 \| 000,196,665 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2010.01.22 19:03:24 \| 013,463,552 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2010.01.22 19:03:19 \| 000,094,208 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2010.01.22 19:03:07 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2010.01.22 19:03:07 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2010.01.22 19:03:07 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2010.01.22 19:03:06 \| 000,177,698 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls [2010.01.22 19:03:06 \| 000,173,602 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls [2010.01.22 19:03:06 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2010.01.22 19:03:06 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2010.01.22 19:03:06 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2010.01.22 19:03:06 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2010.01.22 19:03:06 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls [2010.01.22 19:03:06 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2010.01.22 19:03:05 \| 000,180,770 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls [2010.01.22 19:03:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2010.01.22 19:03:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2010.01.22 19:03:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2010.01.22 19:03:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2010.01.22 19:03:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2010.01.22 19:03:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2010.01.22 19:03:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2010.01.22 19:03:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2010.01.22 19:03:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2010.01.22 19:03:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls [2010.01.22 19:03:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2010.01.22 19:03:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2010.01.22 19:03:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2010.01.22 19:03:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2010.01.22 19:03:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2010.01.22 19:03:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2010.01.22 19:03:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2010.01.22 19:03:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2010.01.22 19:03:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2010.01.22 19:03:03 \| 000,189,986 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls [2010.01.22 19:03:03 \| 000,187,938 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2010.01.22 19:03:03 \| 000,186,402 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2010.01.22 19:03:03 \| 000,185,378 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2010.01.22 19:03:03 \| 000,180,258 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2010.01.22 19:03:03 \| 000,180,258 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls [2010.01.22 19:03:03 \| 000,173,602 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2010.01.22 19:03:03 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2010.01.22 19:03:03 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2010.01.22 19:03:02 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2010.01.22 19:03:02 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2010.01.22 19:03:02 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2010.01.22 19:03:02 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2010.01.22 19:03:02 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2010.01.22 19:03:02 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2010.01.22 19:03:02 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2010.01.22 19:03:02 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2010.01.22 19:03:02 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2010.01.22 19:03:01 \| 000,195,618 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls [2010.01.22 19:03:01 \| 000,177,698 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls [2010.01.22 19:03:01 \| 000,173,602 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls [2010.01.22 19:03:01 \| 000,162,850 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls [2010.01.22 19:03:01 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2010.01.22 19:03:01 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2010.01.22 19:03:01 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2010.01.22 19:03:01 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2010.01.22 19:03:01 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2010.01.22 19:03:00 \| 000,082,172 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls [2010.01.22 19:03:00 \| 000,066,728 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\big5.nls [2010.01.22 19:01:52 \| 000,002,855 \| ---- \| C] () -- C:\WINDOWS\System32\CONFIG.NT [2010.01.22 19:01:52 \| 000,000,000 \| RHS- \| C] () -- C:\MSDOS.SYS [2010.01.22 19:01:52 \| 000,000,000 \| RHS- \| C] () -- C:\IO.SYS [2010.01.22 19:01:52 \| 000,000,000 \| ---- \| C] () -- C:\CONFIG.SYS [2010.01.22 19:01:52 \| 000,000,000 \| ---- \| C] () -- C:\AUTOEXEC.BAT [2010.01.22 19:01:48 \| 000,023,392 \| ---- \| C] () -- C:\WINDOWS\System32\nscompat.tlb [2010.01.22 19:01:48 \| 000,016,832 \| ---- \| C] () -- C:\WINDOWS\System32\amcompat.tlb [2010.01.22 19:01:47 \| 000,316,640 \| ---- \| C] () -- C:\WINDOWS\WMSysPr9.prx [2010.01.22 19:00:42 \| 000,000,488 \| RH-- \| C] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010.01.22 19:00:42 \| 000,000,488 \| RH-- \| C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010.01.22 19:00:36 \| 000,000,749 \| RH-- \| C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010.01.22 19:00:36 \| 000,000,749 \| RH-- \| C] () -- C:\WINDOWS\WindowsShell.Manifest [2010.01.22 19:00:36 \| 000,000,749 \| RH-- \| C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010.01.22 19:00:36 \| 000,000,749 \| RH-- \| C] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010.01.22 19:00:36 \| 000,000,749 \| RH-- \| C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010.01.22 19:00:36 \| 000,000,749 \| RH-- \| C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010.01.22 19:00:04 \| 000,048,680 \| -HS- \| C] () -- C:\WINDOWS\winnt256.bmp [2010.01.22 18:59:57 \| 000,000,984 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf [2010.01.22 18:59:13 \| 000,380,416 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll [2010.01.22 18:58:24 \| 000,021,948 \| ---- \| C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010.01.22 18:57:48 \| 000,093,702 \| ---- \| C] () -- C:\WINDOWS\System32\subrange.uce [2010.01.22 18:57:48 \| 000,016,740 \| ---- \| C] () -- C:\WINDOWS\System32\shiftjis.uce [2010.01.22 18:57:48 \| 000,012,876 \| ---- \| C] () -- C:\WINDOWS\System32\korean.uce [2010.01.22 18:57:47 \| 000,060,458 \| ---- \| C] () -- C:\WINDOWS\System32\ideograf.uce [2010.01.22 18:57:47 \| 000,024,006 \| ---- \| C] () -- C:\WINDOWS\System32\gb2312.uce [2010.01.22 18:57:47 \| 000,022,984 \| ---- \| C] () -- C:\WINDOWS\System32\bopomofo.uce [2010.01.22 18:57:47 \| 000,008,484 \| ---- \| C] () -- C:\WINDOWS\System32\kanji_2.uce [2010.01.22 18:57:47 \| 000,006,948 \| ---- \| C] () -- C:\WINDOWS\System32\kanji_1.uce [2010.01.22 18:57:46 \| 000,003,286 \| ---- \| C] () -- C:\WINDOWS\System32\tslabels.h [2010.01.22 18:57:46 \| 000,001,161 \| ---- \| C] () -- C:\WINDOWS\System32\usrlogon.cmd [2010.01.22 18:57:45 \| 000,000,768 \| ---- \| C] () -- C:\WINDOWS\System32\msdtcprf.h [2010.01.22 18:57:38 \| 000,063,488 \| ---- \| C] () -- C:\WINDOWS\System32\wmimgmt.msc [2006.01.08 15:53:24 \| 000,005,120 \| ---- \| C] () -- C:\WINDOWS\System32\hash2.dll ========== LOP Check ========== [2010.01.22 20:25:11 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Agnitum [2010.01.27 21:20:21 \| 000,000,000 \| -H-D \| M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ [2010.01.22 20:34:47 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\ESET [2010.01.31 07:40:05 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010.01.23 07:16:16 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\Sanyi\Application Data\GHISLER [2010.01.23 13:10:26 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\Sanyi\Application Data\Godlike [2010.01.23 13:11:44 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\Sanyi\Application Data\IObit [2010.01.23 08:08:15 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\Sanyi\Application Data\Thunderbird [2010.01.23 21:32:39 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\Sanyi\Application Data\translateclient [2010.01.28 18:38:26 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\Sanyi\Application Data\URSoft [2010.01.31 10:14:23 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\Sanyi\Application Data\uTorrent [2010.01.28 20:27:25 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\Sanyi\Application Data\Vso ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\.exe > < %SYSTEMDRIVE%\eventlog.dll /s /md5 > [2008.04.14 08:01:52 \| 000,056,320 \| ---- \| M] (Microsoft Corporation) MD5=4BFA2DC223A814CCD1D07C6A0E26C72B -- C:\WINDOWS\system32\eventlog.dll [2008.04.14 08:01:52 \| 000,056,320 \| ---- \| M] (Microsoft Corporation) MD5=4BFA2DC223A814CCD1D07C6A0E26C72B -- C:\WINDOWS\system32\dllcache\eventlog.dll < %SYSTEMDRIVE%\scecli.dll /s /md5 > [2008.04.14 08:02:00 \| 000,186,880 \| ---- \| M] (Microsoft Corporation) MD5=4F6A0B812BD286E97E26DF3E225ABCFB -- C:\WINDOWS\system32\scecli.dll [2008.04.14 08:02:00 \| 000,186,880 \| ---- \| M] (Microsoft Corporation) MD5=4F6A0B812BD286E97E26DF3E225ABCFB -- C:\WINDOWS\system32\dllcache\scecli.dll < %SYSTEMDRIVE%\netlogon.dll /s /md5 > [2008.04.14 08:01:58 \| 000,407,040 \| ---- \| M] (Microsoft Corporation) MD5=A792F49B07A36D7F64D236C45BAC4A50 -- C:\WINDOWS\system32\netlogon.dll [2008.04.14 08:01:58 \| 000,407,040 \| ---- \| M] (Microsoft Corporation) MD5=A792F49B07A36D7F64D236C45BAC4A50 -- C:\WINDOWS\system32\dllcache\netlogon.dll < %SYSTEMDRIVE%\cngaudit.dll /s /md5 > < %SYSTEMDRIVE%\sceclt.dll /s /md5 > < %SYSTEMDRIVE%\ntelogon.dll /s /md5 > < %SYSTEMDRIVE%\logevent.dll /s /md5 > < %SYSTEMDRIVE%\iaStor.sys /s /md5 > < %SYSTEMDRIVE%\nvstor.sys /s /md5 > < %SYSTEMDRIVE%\atapi.sys /s /md5 > [2008.04.13 10:40:32 \| 000,096,512 \| ---- \| M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys < %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 > < %SYSTEMDRIVE%\viasraid.sys /s /md5 > < %SYSTEMDRIVE%\AGP440.sys /s /md5 > < %SYSTEMDRIVE%\vaxscsi.sys /s /md5 > < %SYSTEMDRIVE%\nvatabus.sys /s /md5 > < %SYSTEMDRIVE%\viamraid.sys /s /md5 > < %SYSTEMDRIVE%\nvata.sys /s /md5 > < %SYSTEMDRIVE%\perfnet.dll /s /md5 > [2008.04.14 08:02:00 \| 000,018,432 \| ---- \| M] (Microsoft Corporation) MD5=7B1E0EF93DB3AA7CD8565E88C39CC8C1 -- C:\WINDOWS\system32\perfnet.dll [2008.04.14 08:02:00 \| 000,018,432 \| ---- \| M] (Microsoft Corporation) MD5=7B1E0EF93DB3AA7CD8565E88C39CC8C1 -- C:\WINDOWS\system32\dllcache\perfnet.dll < %SYSTEMROOT%\. /mp /s > < %SYSTEMROOT%\system32\.dll /lockedfiles > [2009.05.15 23:39:20 \| 000,442,368 \| ---- \| M] (Advanced Micro Devices, Inc.) Unable to obtain MD5* -- C:\WINDOWS\system32\ATIDEMGX.dll < %SYSTEMROOT%\Tasks\*.job /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 167 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ECF54A0E @Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51 < End of report >
vas. jan. 31, 2010 11:03

Sanyi46 arany tag Csatlakozott: csüt. aug. 21, 2008 19:07 Hozzászólások: 326	[2010.01.22 18:57:29 \| 000,030,720 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll [2010.01.22 18:57:29 \| 000,028,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll [2010.01.22 18:57:29 \| 000,028,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll [2010.01.22 18:57:29 \| 000,009,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe [2010.01.22 18:57:29 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe [2010.01.22 18:57:29 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe [2010.01.22 18:57:29 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe [2010.01.22 18:57:29 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll [2010.01.22 18:57:29 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll [2010.01.22 18:57:29 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\Com [2010.01.22 18:57:28 \| 000,625,664 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll [2010.01.22 18:57:28 \| 000,625,664 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll [2010.01.22 18:57:28 \| 000,226,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll [2010.01.22 18:57:28 \| 000,226,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll [2010.01.22 18:57:28 \| 000,110,592 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll [2010.01.22 18:57:28 \| 000,110,592 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll [2010.01.22 18:57:28 \| 000,085,504 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll [2010.01.22 18:57:28 \| 000,085,504 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll [2010.01.22 18:57:28 \| 000,059,392 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll [2010.01.22 18:57:28 \| 000,059,392 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll [2010.01.22 18:57:27 \| 001,267,200 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll [2010.01.22 18:57:27 \| 001,267,200 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll [2010.01.22 18:57:27 \| 000,539,648 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll [2010.01.22 18:57:27 \| 000,539,648 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll [2010.01.22 18:57:27 \| 000,167,424 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll [2010.01.22 18:57:27 \| 000,167,424 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll [2010.01.22 18:57:26 \| 000,498,688 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll [2010.01.22 18:57:24 \| 000,145,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll [2010.01.22 18:57:24 \| 000,144,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll [2010.01.22 18:57:24 \| 000,132,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll [2010.01.22 18:57:24 \| 000,097,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll [2010.01.22 18:57:24 \| 000,062,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll [2010.01.22 18:57:24 \| 000,061,952 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll [2010.01.22 18:57:24 \| 000,041,472 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll [2010.01.22 18:57:23 \| 000,366,080 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe [2010.01.22 18:57:23 \| 000,273,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll [2010.01.22 18:57:23 \| 000,197,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll [2010.01.22 18:57:23 \| 000,196,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe [2010.01.22 18:57:23 \| 000,178,176 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll [2010.01.22 18:57:23 \| 000,156,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll [2010.01.22 18:57:23 \| 000,140,800 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll [2010.01.22 18:57:23 \| 000,126,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe [2010.01.22 18:57:23 \| 000,118,272 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe [2010.01.22 18:57:23 \| 000,088,576 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll [2010.01.22 18:57:23 \| 000,060,928 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll [2010.01.22 18:57:23 \| 000,043,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll [2010.01.22 18:57:23 \| 000,018,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll [2010.01.22 18:57:23 \| 000,007,680 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll [2010.01.22 18:57:22 \| 000,531,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll [2010.01.22 18:57:22 \| 000,214,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll [2010.01.22 18:57:22 \| 000,199,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll [2010.01.22 18:57:22 \| 000,178,176 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll [2010.01.22 18:57:22 \| 000,131,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll [2010.01.22 18:57:22 \| 000,086,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll [2010.01.22 18:57:22 \| 000,071,680 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll [2010.01.22 18:57:22 \| 000,036,352 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe [2010.01.22 18:57:21 \| 000,237,056 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll [2010.01.22 18:57:21 \| 000,212,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll [2010.01.22 18:57:21 \| 000,124,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll [2010.01.22 18:57:21 \| 000,092,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll [2010.01.22 18:57:21 \| 000,047,104 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll [2010.01.22 18:57:21 \| 000,024,576 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll [2010.01.22 18:57:21 \| 000,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe [2010.01.22 18:57:20 \| 000,247,808 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll [2010.01.22 18:57:20 \| 000,185,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll [2010.01.22 18:57:19 \| 001,359,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll [2010.01.22 18:57:19 \| 000,058,880 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll [2010.01.22 18:57:19 \| 000,058,880 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll [2010.01.22 18:57:19 \| 000,056,320 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll [2010.01.22 18:57:19 \| 000,056,320 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll [2010.01.22 18:57:19 \| 000,017,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll [2010.01.22 18:57:19 \| 000,017,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll [2010.01.22 18:57:18 \| 000,186,880 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll [2010.01.22 18:57:18 \| 000,186,880 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll [2010.01.22 18:57:13 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Dokumentumok\Videók [2010.01.22 18:36:08 \| 000,222,848 \| ---- \| C] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\smwdm.sys [2010.01.22 06:34:28 \| 001,571,840 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfcfiles.dll [2010.01.22 06:25:16 \| 000,999,424 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\syssetup.dll [2010.01.22 06:25:01 \| 000,286,208 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll [2010.01.22 06:25:00 \| 010,841,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.dll [2010.01.22 06:24:37 \| 002,458,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvcore.dll [2010.01.22 06:24:37 \| 002,458,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvcore.dll [2010.01.22 06:24:31 \| 000,604,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll [2010.01.22 06:24:31 \| 000,604,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll [2010.01.22 06:24:25 \| 000,938,496 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmnetmgr.dll [2010.01.22 06:24:25 \| 000,938,496 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmnetmgr.dll [2010.01.22 06:24:24 \| 000,100,864 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\logagent.exe [2010.01.22 06:24:24 \| 000,100,864 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe [2010.01.22 06:24:09 \| 000,058,880 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll [2010.01.22 06:24:07 \| 000,271,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\oakley.dll [2010.01.22 06:24:07 \| 000,271,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll [2010.01.22 06:24:04 \| 000,150,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rastls.dll [2010.01.22 06:24:04 \| 000,150,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll [2010.01.22 06:24:04 \| 000,079,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\raschap.dll [2010.01.22 06:24:04 \| 000,079,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll [2010.01.22 06:24:02 \| 000,247,326 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmdll.dll [2010.01.22 06:24:02 \| 000,247,326 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll [2010.01.22 06:23:52 \| 000,205,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll [2010.01.22 06:23:52 \| 000,205,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll [2010.01.22 06:23:42 \| 000,058,880 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl.dll [2010.01.22 06:23:28 \| 000,134,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wkssvc.dll [2010.01.22 06:23:25 \| 001,294,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\quartz.dll [2010.01.22 06:23:25 \| 001,294,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quartz.dll [2010.01.22 06:23:21 \| 000,084,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifil32.dll [2010.01.22 06:23:21 \| 000,084,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\avifil32.dll [2010.01.22 06:23:15 \| 002,146,816 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe [2010.01.22 06:23:04 \| 000,585,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll [2010.01.22 06:23:01 \| 001,859,712 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys [2010.01.22 06:23:01 \| 001,859,712 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys [2010.01.22 06:22:56 \| 001,438,720 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\query.dll [2010.01.22 06:22:56 \| 001,438,720 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.dll [2010.01.22 06:22:51 \| 008,482,816 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll [2010.01.22 06:22:35 \| 000,348,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\localspl.dll [2010.01.22 06:22:35 \| 000,348,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localspl.dll [2010.01.22 06:22:32 \| 000,119,808 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\t2embed.dll [2010.01.22 06:22:32 \| 000,119,808 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll [2010.01.22 06:22:32 \| 000,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\fontsub.dll [2010.01.22 06:22:32 \| 000,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll [2010.01.22 06:22:30 \| 000,082,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsess.exe [2010.01.22 06:22:30 \| 000,082,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsess.exe [2010.01.22 06:22:26 \| 000,354,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll [2010.01.22 06:22:23 \| 000,147,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll [2010.01.22 06:22:21 \| 001,010,176 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll [2010.01.22 06:22:21 \| 000,056,832 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secur32.dll [2010.01.22 06:22:15 \| 000,333,952 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2010.01.22 06:22:12 \| 000,339,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2010.01.22 06:21:55 \| 000,138,496 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys [2010.01.22 06:21:52 \| 000,286,720 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll [2010.01.22 06:21:41 \| 000,035,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\sc.exe [2010.01.22 06:21:40 \| 000,285,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\pdh.dll [2010.01.22 06:21:32 \| 000,733,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll [2010.01.22 06:21:32 \| 000,733,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll [2010.01.22 06:21:22 \| 001,172,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll [2010.01.22 06:21:18 \| 001,447,424 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2010.01.22 06:21:14 \| 000,105,472 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32spl.dll [2010.01.22 06:21:14 \| 000,105,472 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32spl.dll [2010.01.22 06:21:14 \| 000,074,752 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msw3prt.dll [2010.01.22 06:21:14 \| 000,074,752 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msw3prt.dll [2010.01.22 06:21:12 \| 000,074,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscms.dll [2010.01.22 06:21:12 \| 000,074,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscms.dll [2010.01.22 06:21:09 \| 000,066,560 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxclu.dll [2010.01.22 06:21:09 \| 000,066,560 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxclu.dll [2010.01.22 06:21:02 \| 000,225,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys [2010.01.22 06:21:02 \| 000,225,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys [2010.01.22 06:21:01 \| 000,361,600 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys [2010.01.22 06:21:00 \| 000,246,784 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll [2010.01.22 06:21:00 \| 000,147,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll [2010.01.22 06:18:18 \| 000,253,952 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\es.dll [2010.01.22 06:18:15 \| 000,203,136 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\RMCast.sys [2010.01.22 06:18:15 \| 000,203,136 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys ========== Files - Modified Within 30 Days ========== [2010.01.31 10:14:58 \| 000,548,864 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Sanyi\Asztal\OTL.exe [2010.01.31 07:49:24 \| 000,002,206 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2010.01.31 07:39:49 \| 000,000,006 \| -H-- \| M] () -- C:\WINDOWS\tasks\SA.DAT [2010.01.31 07:39:47 \| 000,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2010.01.31 07:36:11 \| 001,835,008 \| ---- \| M] () -- C:\Documents and Settings\Sanyi\NTUSER.DAT [2010.01.31 07:36:11 \| 000,000,178 \| -HS- \| M] () -- C:\Documents and Settings\Sanyi\ntuser.ini [2010.01.31 07:31:26 \| 000,000,560 \| RHS- \| M] () -- C:\Documents and Settings\All Users\ntuser.pol [2010.01.31 06:53:23 \| 000,000,000 \| ---- \| M] () -- C:\WINDOWS\exctrlst.INI [2010.01.30 23:58:14 \| 003,744,440 \| -H-- \| M] () -- C:\Documents and Settings\Sanyi\Local Settings\Application Data\IconCache.db [2010.01.29 21:15:50 \| 000,000,811 \| ---- \| M] () -- C:\Documents and Settings\Sanyi\Asztal\Registry Repair Wizard 2009.lnk [2010.01.28 20:27:24 \| 000,001,044 \| ---- \| M] () -- C:\Documents and Settings\Sanyi\Application Data\vso_ts_preview.xml [2010.01.28 20:25:31 \| 000,087,608 \| ---- \| M] () -- C:\Documents and Settings\Sanyi\Application Data\inst.exe [2010.01.28 20:25:31 \| 000,047,360 \| ---- \| M] (VSO Software) -- C:\WINDOWS\System32\drivers\pcouffin.sys [2010.01.28 20:25:31 \| 000,047,360 \| ---- \| M] (VSO Software) -- C:\Documents and Settings\Sanyi\Application Data\pcouffin.sys [2010.01.28 20:25:31 \| 000,007,887 \| ---- \| M] () -- C:\Documents and Settings\Sanyi\Application Data\pcouffin.cat [2010.01.28 20:25:31 \| 000,001,144 \| ---- \| M] () -- C:\Documents and Settings\Sanyi\Application Data\pcouffin.inf [2010.01.28 08:08:39 \| 000,002,562 \| ---- \| M] () -- C:\WINDOWS\diagwrn.xml [2010.01.28 08:08:39 \| 000,001,908 \| ---- \| M] () -- C:\WINDOWS\diagerr.xml [2010.01.27 21:47:58 \| 000,395,348 \| ---- \| M] () -- C:\WINDOWS\System32\perfh040.dat [2010.01.27 21:47:58 \| 000,392,296 \| ---- \| M] () -- C:\WINDOWS\System32\perfh009.dat [2010.01.27 21:47:58 \| 000,084,198 \| ---- \| M] () -- C:\WINDOWS\System32\perfc040.dat [2010.01.27 21:47:58 \| 000,058,596 \| ---- \| M] () -- C:\WINDOWS\System32\perfc009.dat [2010.01.27 17:43:48 \| 000,383,592 \| RHS- \| M] () -- C:\gdrop [2010.01.27 17:43:47 \| 000,171,136 \| RHS- \| M] () -- C:\xeldr [2010.01.26 16:01:46 \| 000,438,840 \| RHS- \| M] () -- C:\bootxe1 [2010.01.26 16:01:46 \| 000,204,528 \| RHS- \| M] () -- C:\XELD1 [2010.01.26 16:01:46 \| 000,009,216 \| RHS- \| M] () -- C:\XELD1.1st [2010.01.26 15:29:34 \| 000,000,364 \| RHS- \| M] () -- C:\boot.ini [2010.01.24 09:28:20 \| 000,014,376 \| ---- \| M] () -- C:\Documents and Settings\Sanyi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2010.01.24 09:27:58 \| 000,106,216 \| ---- \| M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.01.24 08:40:06 \| 000,000,388 \| ---- \| M] () -- C:\WINDOWS\ODBC.INI [2010.01.23 21:32:07 \| 000,001,743 \| ---- \| M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult\Translate Client.lnk [2010.01.23 21:21:42 \| 000,395,348 \| ---- \| M] () -- C:\WINDOWS\System32\perfh00E.dat [2010.01.23 21:21:42 \| 000,084,198 \| ---- \| M] () -- C:\WINDOWS\System32\perfc00E.dat [2010.01.23 21:21:41 \| 000,902,696 \| ---- \| M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010.01.23 06:28:46 \| 000,023,392 \| ---- \| M] () -- C:\WINDOWS\System32\nscompat.tlb [2010.01.23 06:28:46 \| 000,016,832 \| ---- \| M] () -- C:\WINDOWS\System32\amcompat.tlb [2010.01.23 06:28:41 \| 000,000,507 \| ---- \| M] () -- C:\WINDOWS\win.ini [2010.01.23 06:26:42 \| 000,000,000 \| -H-- \| M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2010.01.22 21:49:16 \| 000,000,000 \| ---- \| M] () -- C:\WINDOWS\nsreg.dat [2010.01.22 20:40:57 \| 000,000,546 \| ---- \| M] () -- C:\Documents and Settings\All Users\Asztal\t-online.hu.lnk [2010.01.22 19:51:27 \| 000,004,444 \| ---- \| M] () -- C:\WINDOWS\System32\pid.PNF [2010.01.22 19:51:18 \| 000,000,231 \| ---- \| M] () -- C:\WINDOWS\system.ini [2010.01.22 19:33:47 \| 000,000,000 \| ---- \| M] () -- C:\WINDOWS\ativpsrm.bin [2010.01.22 19:04:25 \| 000,000,824 \| ---- \| M] () -- C:\WINDOWS\System32\$winnt$.inf [2010.01.22 19:01:52 \| 000,002,855 \| ---- \| M] () -- C:\WINDOWS\System32\CONFIG.NT [2010.01.22 19:01:52 \| 000,000,000 \| RHS- \| M] () -- C:\MSDOS.SYS [2010.01.22 19:01:52 \| 000,000,000 \| RHS- \| M] () -- C:\IO.SYS [2010.01.22 19:01:52 \| 000,000,000 \| ---- \| M] () -- C:\WINDOWS\control.ini [2010.01.22 19:01:52 \| 000,000,000 \| ---- \| M] () -- C:\CONFIG.SYS [2010.01.22 19:01:52 \| 000,000,000 \| ---- \| M] () -- C:\AUTOEXEC.BAT [2010.01.22 19:01:47 \| 000,316,640 \| ---- \| M] () -- C:\WINDOWS\WMSysPr9.prx [2010.01.22 19:01:38 \| 000,004,249 \| ---- \| M] () -- C:\WINDOWS\ODBCINST.INI [2010.01.22 19:00:42 \| 000,000,488 \| RH-- \| M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010.01.22 19:00:42 \| 000,000,488 \| RH-- \| M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010.01.22 19:00:36 \| 000,000,749 \| RH-- \| M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010.01.22 19:00:36 \| 000,000,749 \| RH-- \| M] () -- C:\WINDOWS\WindowsShell.Manifest [2010.01.22 19:00:36 \| 000,000,749 \| RH-- \| M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010.01.22 19:00:36 \| 000,000,749 \| RH-- \| M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010.01.22 19:00:36 \| 000,000,749 \| RH-- \| M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010.01.22 19:00:36 \| 000,000,749 \| RH-- \| M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010.01.22 18:58:23 \| 000,021,948 \| ---- \| M] () -- C:\WINDOWS\System32\emptyregdb.dat [2010.01.22 18:58:13 \| 000,000,037 \| ---- \| M] () -- C:\WINDOWS\vbaddin.ini [2010.01.22 18:58:13 \| 000,000,036 \| ---- \| M] () -- C:\WINDOWS\vb.ini [2010.01.22 06:34:28 \| 001,571,840 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\sfcfiles.dll [2010.01.22 06:34:10 \| 002,025,472 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe [2010.01.22 06:34:10 \| 000,063,744 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mf.sys [2010.01.22 06:34:10 \| 000,052,736 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\wzcsapi.dll [2010.01.22 06:34:10 \| 000,051,712 \| ---- \| M] (Microsoft Corp.) -- C:\WINDOWS\System32\dmutil.dll [2010.01.22 06:34:10 \| 000,050,176 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\cnbjmon.dll [2010.01.22 06:34:10 \| 000,041,600 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk6.sys [2010.01.22 06:34:10 \| 000,035,328 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\pid.dll [2010.01.22 06:34:10 \| 000,025,728 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd2.sys [2010.01.22 06:34:10 \| 000,025,600 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd.sys [2010.01.22 06:34:10 \| 000,025,344 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sonydcam.sys [2010.01.22 06:34:10 \| 000,020,992 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\hid.dll [2010.01.22 06:34:10 \| 000,015,872 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbintel.sys [2010.01.22 06:34:10 \| 000,015,360 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\pjlmon.dll [2010.01.22 06:32:34 \| 000,323,641 \| ---- \| M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrdtea.dll [2010.01.22 06:32:34 \| 000,262,528 \| ---- \| M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\drivers\cinemst2.sys [2010.01.22 06:32:34 \| 000,157,696 \| ---- \| M] () -- C:\WINDOWS\System32\paqsp.dll [2010.01.22 06:32:34 \| 000,147,968 \| ---- \| M] (RioPort) -- C:\WINDOWS\System32\mdwmdmsp.dll [2010.01.22 06:32:34 \| 000,102,457 \| ---- \| M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrv42a.dll [2010.01.22 06:32:34 \| 000,086,073 \| ---- \| M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrfaxa.dll [2010.01.22 06:32:34 \| 000,077,891 \| ---- \| M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrmlnka.exe [2010.01.22 06:32:34 \| 000,077,890 \| ---- \| M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrdpa.dll [2010.01.22 06:32:34 \| 000,077,883 \| ---- \| M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrrtosa.dll [2010.01.22 06:32:34 \| 000,072,192 \| ---- \| M] (S3/Diamond Multimedia) -- C:\WINDOWS\System32\sprio800.dll [2010.01.22 06:32:34 \| 000,070,656 \| ---- \| M] (S3/Diamond Multimedia) -- C:\WINDOWS\System32\sprio600.dll [2010.01.22 06:32:34 \| 000,069,700 \| ---- \| M] ( U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrshuta.exe [2010.01.22 06:32:34 \| 000,069,699 \| ---- \| M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrcoina.dll [2010.01.22 06:32:34 \| 000,069,632 \| ---- \| M] (S3/Diamond Multimedia) -- C:\WINDOWS\System32\spnike.dll [2010.01.22 06:32:34 \| 000,061,508 \| ---- \| M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrprbda.exe [2010.01.22 06:32:34 \| 000,061,500 \| ---- \| M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrcntra.dll [2010.01.22 06:32:34 \| 000,058,112 \| ---- \| M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys [2010.01.22 06:32:34 \| 000,057,856 \| ---- \| M] () -- C:\WINDOWS\System32\dvdplay.exe [2010.01.22 06:32:34 \| 000,053,305 \| ---- \| M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrlbva.dll [2010.01.22 06:32:34 \| 000,051,712 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tosdvd.sys [2010.01.22 06:32:34 \| 000,049,211 \| ---- \| M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrvpa.dll [2010.01.22 06:32:34 \| 000,049,211 \| ---- \| M] ( U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrsdpia.dll [2010.01.22 06:32:34 \| 000,049,209 \| ---- \| M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrv80a.dll [2010.01.22 06:32:34 \| 000,045,116 \| ---- \| M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrvoica.dll [2010.01.22 06:32:34 \| 000,041,019 \| ---- \| M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrsvpia.dll [2010.01.22 06:32:34 \| 000,021,376 \| ---- \| M] (Toshiba Corporation) -- C:\WINDOWS\System32\drivers\tsbvcap.sys [2010.01.22 06:32:34 \| 000,013,824 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\wowfaxui.dll [2010.01.22 06:32:34 \| 000,012,288 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fsvga.sys [2010.01.22 06:32:34 \| 000,012,032 \| ---- \| M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\riodrv.sys [2010.01.22 06:32:34 \| 000,012,032 \| ---- \| M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\rio8drv.sys [2010.01.22 06:32:34 \| 000,012,032 \| ---- \| M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\nikedrv.sys [2010.01.22 06:32:34 \| 000,011,776 \| ---- \| M] (Compaq Computer Corporation) -- C:\WINDOWS\System32\drivers\cpqdap01.sys [2010.01.22 06:32:34 \| 000,008,192 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\streamci.dll [2010.01.22 06:32:34 \| 000,003,200 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\wowfax.dll [2010.01.22 06:25:02 \| 000,999,424 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\syssetup.dll [2010.01.22 06:25:01 \| 000,286,208 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll [2010.01.22 06:25:00 \| 010,841,088 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.dll [2010.01.22 06:24:37 \| 002,458,112 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvcore.dll [2010.01.22 06:24:37 \| 002,458,112 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvcore.dll [2010.01.22 06:24:31 \| 000,604,160 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll [2010.01.22 06:24:31 \| 000,604,160 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll [2010.01.22 06:24:25 \| 000,938,496 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmnetmgr.dll [2010.01.22 06:24:25 \| 000,938,496 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmnetmgr.dll [2010.01.22 06:24:24 \| 000,100,864 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\logagent.exe [2010.01.22 06:24:24 \| 000,100,864 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe [2010.01.22 06:24:09 \| 000,058,880 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll [2010.01.22 06:24:07 \| 000,271,360 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\oakley.dll [2010.01.22 06:24:07 \| 000,271,360 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll [2010.01.22 06:24:04 \| 000,150,528 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\rastls.dll [2010.01.22 06:24:04 \| 000,150,528 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll [2010.01.22 06:24:04 \| 000,079,872 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\raschap.dll [2010.01.22 06:24:04 \| 000,079,872 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll [2010.01.22 06:24:02 \| 000,247,326 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\strmdll.dll [2010.01.22 06:24:02 \| 000,247,326 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll [2010.01.22 06:23:52 \| 000,205,312 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll [2010.01.22 06:23:52 \| 000,205,312 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll [2010.01.22 06:23:42 \| 000,058,880 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl.dll [2010.01.22 06:23:28 \| 000,134,144 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wkssvc.dll [2010.01.22 06:23:25 \| 001,294,848 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\quartz.dll [2010.01.22 06:23:25 \| 001,294,848 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quartz.dll [2010.01.22 06:23:21 \| 000,084,992 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifil32.dll [2010.01.22 06:23:21 \| 000,084,992 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\avifil32.dll [2010.01.22 06:23:15 \| 002,146,816 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe [2010.01.22 06:23:08 \| 000,268,288 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll [2010.01.22 06:23:04 \| 000,585,216 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll [2010.01.22 06:23:01 \| 001,859,712 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys [2010.01.22 06:23:01 \| 001,859,712 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys [2010.01.22 06:22:56 \| 001,438,720 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\query.dll [2010.01.22 06:22:56 \| 001,438,720 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.dll [2010.01.22 06:22:51 \| 008,482,816 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll [2010.01.22 06:22:35 \| 000,348,672 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\localspl.dll [2010.01.22 06:22:35 \| 000,348,672 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localspl.dll [2010.01.22 06:22:30 \| 000,082,432 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsess.exe [2010.01.22 06:22:30 \| 000,082,432 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsess.exe [2010.01.22 06:22:26 \| 000,354,304 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll [2010.01.22 06:22:21 \| 001,010,176 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll [2010.01.22 06:22:15 \| 000,333,952 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2010.01.22 06:22:12 \| 000,339,456 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2010.01.22 06:21:55 \| 000,138,496 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys [2010.01.22 06:21:52 \| 000,286,720 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll [2010.01.22 06:21:49 \| 002,067,968 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll [2010.01.22 06:21:41 \| 000,035,328 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\sc.exe [2010.01.22 06:21:40 \| 000,285,184 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\pdh.dll [2010.01.22 06:21:14 \| 000,105,472 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32spl.dll [2010.01.22 06:21:14 \| 000,105,472 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32spl.dll [2010.01.22 06:21:14 \| 000,074,752 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\msw3prt.dll [2010.01.22 06:21:14 \| 000,074,752 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msw3prt.dll [2010.01.22 06:21:12 \| 000,074,240 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mscms.dll [2010.01.22 06:21:12 \| 000,074,240 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscms.dll [2010.01.22 06:21:10 \| 000,091,648 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll [2010.01.22 06:21:10 \| 000,091,648 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll [2010.01.22 06:21:09 \| 000,956,928 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll [2010.01.22 06:21:09 \| 000,956,928 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll [2010.01.22 06:21:09 \| 000,161,792 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll [2010.01.22 06:21:09 \| 000,161,792 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll [2010.01.22 06:21:09 \| 000,066,560 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxclu.dll [2010.01.22 06:21:09 \| 000,066,560 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxclu.dll [2010.01.22 06:21:07 \| 000,428,032 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll [2010.01.22 06:21:07 \| 000,428,032 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll [2010.01.22 06:21:06 \| 000,058,880 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll [2010.01.22 06:21:06 \| 000,058,880 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll [2010.01.22 06:21:02 \| 000,225,856 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys [2010.01.22 06:21:02 \| 000,225,856 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys [2010.01.22 06:21:01 \| 000,361,600 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys [2010.01.22 06:21:00 \| 000,246,784 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll [2010.01.22 06:21:00 \| 000,147,968 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll [2010.01.22 06:18:21 \| 000,691,712 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll [2010.01.22 06:18:18 \| 000,253,952 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\es.dll [2010.01.22 06:18:15 \| 000,203,136 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\RMCast.sys
vas. jan. 31, 2010 11:02

Sanyi46 arany tag Csatlakozott: csüt. aug. 21, 2008 19:07 Hozzászólások: 326	[2010.01.22 19:02:39 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\xircom [2010.01.22 19:02:39 \| 000,000,000 \| ---D \| C] -- C:\Program Files\xerox [2010.01.22 19:02:39 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\srchasst [2010.01.22 19:02:39 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\speechengines [2010.01.22 19:02:39 \| 000,000,000 \| ---D \| C] -- C:\Program Files\msn gaming zone [2010.01.22 19:02:39 \| 000,000,000 \| ---D \| C] -- C:\Program Files\microsoft frontpage [2010.01.22 19:02:24 \| 000,128,000 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsvc2.dll [2010.01.22 19:02:04 \| 000,000,000 \| -H-D \| C] -- C:\WINDOWS\$hf_mig$ [2010.01.22 19:01:49 \| 000,000,000 \| --SD \| M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2010.01.22 19:01:49 \| 000,000,000 \| --SD \| M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2010.01.22 19:01:38 \| 000,112,128 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll [2010.01.22 19:00:52 \| 000,000,000 \| -HSD \| C] -- C:\Documents and Settings\All Users\DRM [2010.01.22 19:00:42 \| 000,000,000 \| --SD \| C] -- C:\WINDOWS\Downloaded Program Files [2010.01.22 19:00:42 \| 000,000,000 \| R--D \| C] -- C:\WINDOWS\Offline Web Pages [2010.01.22 19:00:28 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Online Services [2010.01.22 19:00:14 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\DirectX [2010.01.22 19:00:07 \| 000,099,840 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe [2010.01.22 19:00:07 \| 000,035,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe [2010.01.22 19:00:07 \| 000,021,504 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll [2010.01.22 19:00:07 \| 000,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll [2010.01.22 19:00:07 \| 000,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll [2010.01.22 19:00:07 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll [2010.01.22 18:59:57 \| 000,047,104 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe [2010.01.22 18:59:57 \| 000,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll [2010.01.22 18:59:57 \| 000,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll [2010.01.22 18:59:56 \| 000,040,960 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe [2010.01.22 18:59:56 \| 000,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe [2010.01.22 18:59:56 \| 000,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe [2010.01.22 18:59:55 \| 000,065,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll [2010.01.22 18:59:55 \| 000,065,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll [2010.01.22 18:59:54 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Services [2010.01.22 18:59:51 \| 000,073,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe [2010.01.22 18:59:51 \| 000,065,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll [2010.01.22 18:59:51 \| 000,040,960 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll [2010.01.22 18:59:51 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll [2010.01.22 18:59:51 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll [2010.01.22 18:59:51 \| 000,000,000 \| --SD \| C] -- C:\WINDOWS\Tasks [2010.01.22 18:59:50 \| 000,235,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll [2010.01.22 18:59:50 \| 000,025,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll [2010.01.22 18:59:50 \| 000,023,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll [2010.01.22 18:59:50 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe [2010.01.22 18:59:50 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\MSSoap [2010.01.22 18:59:49 \| 000,093,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx [2010.01.22 18:59:48 \| 000,759,296 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll [2010.01.22 18:59:47 \| 000,096,256 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll [2010.01.22 18:59:47 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\Macromed [2010.01.22 18:59:46 \| 001,675,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe [2010.01.22 18:59:46 \| 000,244,224 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll [2010.01.22 18:59:46 \| 000,221,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll [2010.01.22 18:59:46 \| 000,033,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll [2010.01.22 18:59:45 \| 000,786,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe [2010.01.22 18:59:45 \| 000,364,544 \| ---- \| C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll [2010.01.22 18:59:45 \| 000,226,816 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll [2010.01.22 18:59:45 \| 000,064,000 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe [2010.01.22 18:59:45 \| 000,010,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll [2010.01.22 18:59:44 \| 000,327,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll [2010.01.22 18:59:44 \| 000,327,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll [2010.01.22 18:59:44 \| 000,209,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll [2010.01.22 18:59:44 \| 000,184,320 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll [2010.01.22 18:59:44 \| 000,184,320 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll [2010.01.22 18:59:44 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll [2010.01.22 18:59:44 \| 000,004,639 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe [2010.01.22 18:59:43 \| 001,929,952 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll [2010.01.22 18:59:43 \| 000,575,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll [2010.01.22 18:59:43 \| 000,575,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll [2010.01.22 18:59:43 \| 000,217,816 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl [2010.01.22 18:59:43 \| 000,168,448 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe [2010.01.22 18:59:43 \| 000,168,448 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe [2010.01.22 18:59:43 \| 000,053,472 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe [2010.01.22 18:59:43 \| 000,035,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll [2010.01.22 18:59:43 \| 000,035,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll [2010.01.22 18:59:43 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll [2010.01.22 18:59:43 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll [2010.01.22 18:59:42 \| 000,409,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll [2010.01.22 18:59:42 \| 000,018,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll [2010.01.22 18:59:42 \| 000,018,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll [2010.01.22 18:59:42 \| 000,008,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll [2010.01.22 18:59:42 \| 000,008,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll [2010.01.22 18:59:42 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll [2010.01.22 18:59:42 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll [2010.01.22 18:59:40 \| 004,267,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll [2010.01.22 18:59:40 \| 000,325,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll [2010.01.22 18:59:40 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll [2010.01.22 18:59:40 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll [2010.01.22 18:59:39 \| 000,502,272 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll [2010.01.22 18:59:39 \| 000,402,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll [2010.01.22 18:59:39 \| 000,167,936 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll [2010.01.22 18:59:39 \| 000,007,680 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll [2010.01.22 18:59:38 \| 003,558,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2010.01.22 18:59:38 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Movie Maker [2010.01.22 18:59:21 \| 000,566,272 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll [2010.01.22 18:59:21 \| 000,122,368 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll [2010.01.22 18:59:21 \| 000,051,712 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe [2010.01.22 18:59:21 \| 000,030,720 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll [2010.01.22 18:59:21 \| 000,029,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe [2010.01.22 18:59:21 \| 000,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll [2010.01.22 18:59:21 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll [2010.01.22 18:59:17 \| 000,151,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe [2010.01.22 18:59:17 \| 000,045,568 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll [2010.01.22 18:59:17 \| 000,045,568 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll [2010.01.22 18:59:17 \| 000,043,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll [2010.01.22 18:59:17 \| 000,043,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll [2010.01.22 18:59:17 \| 000,029,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll [2010.01.22 18:59:17 \| 000,029,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll [2010.01.22 18:59:16 \| 000,102,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll [2010.01.22 18:59:16 \| 000,043,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll [2010.01.22 18:59:16 \| 000,043,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll [2010.01.22 18:59:16 \| 000,038,400 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll [2010.01.22 18:59:13 \| 000,171,008 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe [2010.01.22 18:59:12 \| 000,769,024 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe [2010.01.22 18:59:12 \| 000,744,448 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2010.01.22 18:59:12 \| 000,018,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe [2010.01.22 18:59:11 \| 000,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll [2010.01.22 18:59:10 \| 000,384,000 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe [2010.01.22 18:59:10 \| 000,240,640 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll [2010.01.22 18:59:10 \| 000,240,640 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll [2010.01.22 18:59:10 \| 000,171,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll [2010.01.22 18:59:10 \| 000,129,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys [2010.01.22 18:59:10 \| 000,073,472 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys [2010.01.22 18:59:10 \| 000,067,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll [2010.01.22 18:59:10 \| 000,023,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe [2010.01.22 18:59:10 \| 000,023,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe [2010.01.22 18:59:10 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\Restore [2010.01.22 18:59:09 \| 000,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll [2010.01.22 18:59:09 \| 000,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll [2010.01.22 18:59:09 \| 000,034,560 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll [2010.01.22 18:59:09 \| 000,034,560 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll [2010.01.22 18:59:09 \| 000,032,768 \| ---- \| C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll [2010.01.22 18:59:09 \| 000,032,768 \| ---- \| C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll [2010.01.22 18:59:08 \| 000,229,376 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll [2010.01.22 18:59:08 \| 000,069,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll [2010.01.22 18:59:08 \| 000,069,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll [2010.01.22 18:59:08 \| 000,040,960 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll [2010.01.22 18:59:08 \| 000,032,768 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe [2010.01.22 18:59:08 \| 000,028,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll [2010.01.22 18:59:08 \| 000,028,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll [2010.01.22 18:59:08 \| 000,028,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll [2010.01.22 18:59:07 \| 000,385,024 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll [2010.01.22 18:59:07 \| 000,221,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll [2010.01.22 18:59:07 \| 000,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll [2010.01.22 18:59:07 \| 000,057,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll [2010.01.22 18:59:07 \| 000,045,056 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll [2010.01.22 18:59:06 \| 000,274,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll [2010.01.22 18:59:06 \| 000,188,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll [2010.01.22 18:59:06 \| 000,172,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll [2010.01.22 18:59:06 \| 000,151,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll [2010.01.22 18:59:06 \| 000,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll [2010.01.22 18:59:06 \| 000,077,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll [2010.01.22 18:59:06 \| 000,057,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll [2010.01.22 18:59:05 \| 001,036,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe [2010.01.22 18:59:05 \| 000,000,000 \| ---D \| C] -- C:\Program Files\NetMeeting [2010.01.22 18:59:04 \| 000,510,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll [2010.01.22 18:59:04 \| 000,254,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll [2010.01.22 18:59:04 \| 000,252,928 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll [2010.01.22 18:59:04 \| 000,252,928 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll [2010.01.22 18:59:04 \| 000,105,984 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll [2010.01.22 18:59:04 \| 000,105,984 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll [2010.01.22 18:59:04 \| 000,085,504 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll [2010.01.22 18:59:04 \| 000,046,080 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe [2010.01.22 18:59:04 \| 000,032,768 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll [2010.01.22 18:59:04 \| 000,030,208 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe [2010.01.22 18:59:03 \| 000,691,712 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll [2010.01.22 18:59:03 \| 000,086,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll [2010.01.22 18:59:03 \| 000,060,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe [2010.01.22 18:59:03 \| 000,049,152 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll [2010.01.22 18:59:03 \| 000,049,152 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll [2010.01.22 18:59:02 \| 000,104,448 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll [2010.01.22 18:59:01 \| 002,513,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll [2010.01.22 18:59:01 \| 000,193,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll [2010.01.22 18:59:01 \| 000,073,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe [2010.01.22 18:59:01 \| 000,060,928 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe [2010.01.22 18:59:01 \| 000,035,840 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll [2010.01.22 18:59:01 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Outlook Express [2010.01.22 18:59:00 \| 000,278,016 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll [2010.01.22 18:59:00 \| 000,086,016 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll [2010.01.22 18:59:00 \| 000,086,016 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll [2010.01.22 18:59:00 \| 000,073,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll [2010.01.22 18:59:00 \| 000,073,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll [2010.01.22 18:59:00 \| 000,065,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll [2010.01.22 18:59:00 \| 000,065,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll [2010.01.22 18:59:00 \| 000,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe [2010.01.22 18:59:00 \| 000,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe [2010.01.22 18:58:59 \| 000,278,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll [2010.01.22 18:58:59 \| 000,278,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll [2010.01.22 18:58:58 \| 000,216,064 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe [2010.01.22 18:58:58 \| 000,176,128 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll [2010.01.22 18:58:58 \| 000,086,016 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe [2010.01.22 18:58:58 \| 000,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll [2010.01.22 18:58:58 \| 000,049,152 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll [2010.01.22 18:58:58 \| 000,032,768 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll [2010.01.22 18:58:58 \| 000,024,576 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe [2010.01.22 18:58:58 \| 000,020,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe [2010.01.22 18:58:57 \| 000,554,008 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll [2010.01.22 18:58:57 \| 000,217,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll [2010.01.22 18:58:57 \| 000,069,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll [2010.01.22 18:58:56 \| 000,487,424 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll [2010.01.22 18:58:56 \| 000,204,800 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll [2010.01.22 18:58:56 \| 000,094,208 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll [2010.01.22 18:58:56 \| 000,077,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll [2010.01.22 18:58:56 \| 000,024,576 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll [2010.01.22 18:58:56 \| 000,020,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll [2010.01.22 18:58:56 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll [2010.01.22 18:58:56 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll [2010.01.22 18:58:55 \| 000,315,392 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll [2010.01.22 18:58:55 \| 000,233,472 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll [2010.01.22 18:58:55 \| 000,200,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll [2010.01.22 18:58:55 \| 000,180,224 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll [2010.01.22 18:58:55 \| 000,102,400 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll [2010.01.22 18:58:55 \| 000,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb [2010.01.22 18:58:55 \| 000,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb [2010.01.22 18:58:55 \| 000,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb [2010.01.22 18:58:55 \| 000,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb [2010.01.22 18:58:55 \| 000,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb [2010.01.22 18:58:55 \| 000,057,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll [2010.01.22 18:58:55 \| 000,057,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll [2010.01.22 18:58:55 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll [2010.01.22 18:58:55 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll [2010.01.22 18:58:55 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll [2010.01.22 18:58:55 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll [2010.01.22 18:58:55 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll [2010.01.22 18:58:54 \| 000,536,576 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll [2010.01.22 18:58:54 \| 000,200,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll [2010.01.22 18:58:54 \| 000,118,784 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll [2010.01.22 18:58:54 \| 000,036,864 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll [2010.01.22 18:58:54 \| 000,028,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll [2010.01.22 18:58:54 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll [2010.01.22 18:58:54 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll [2010.01.22 18:58:53 \| 000,331,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll [2010.01.22 18:58:53 \| 000,155,648 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll [2010.01.22 18:58:53 \| 000,143,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll [2010.01.22 18:58:53 \| 000,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll [2010.01.22 18:58:53 \| 000,053,248 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll [2010.01.22 18:58:53 \| 000,024,576 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll [2010.01.22 18:58:53 \| 000,020,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll [2010.01.22 18:58:53 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll [2010.01.22 18:58:53 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll [2010.01.22 18:58:53 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\System [2010.01.22 18:58:52 \| 000,638,816 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe [2010.01.22 18:58:52 \| 000,068,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll [2010.01.22 18:58:52 \| 000,018,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe [2010.01.22 18:58:52 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Microsoft Shared [2010.01.22 18:58:51 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Dokumentumok\Képek [2010.01.22 18:58:51 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Internet Explorer [2010.01.22 18:58:09 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Registration [2010.01.22 18:58:03 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Dokumentumok\Zene [2010.01.22 18:58:03 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Windows Media Player [2010.01.22 18:57:57 \| 000,139,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe [2010.01.22 18:57:57 \| 000,139,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe [2010.01.22 18:57:57 \| 000,044,544 \| ---- \| C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll [2010.01.22 18:57:57 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe [2010.01.22 18:57:57 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe [2010.01.22 18:57:56 \| 000,230,400 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll [2010.01.22 18:57:56 \| 000,230,400 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll [2010.01.22 18:57:56 \| 000,073,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll [2010.01.22 18:57:56 \| 000,073,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll [2010.01.22 18:57:56 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll [2010.01.22 18:57:56 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll [2010.01.22 18:57:56 \| 000,013,312 \| ---- \| C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll [2010.01.22 18:57:55 \| 000,035,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe [2010.01.22 18:57:55 \| 000,035,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe [2010.01.22 18:57:47 \| 000,605,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll [2010.01.22 18:57:47 \| 000,605,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll [2010.01.22 18:57:47 \| 000,080,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe [2010.01.22 18:57:47 \| 000,080,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe [2010.01.22 18:57:47 \| 000,010,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe [2010.01.22 18:57:47 \| 000,010,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe [2010.01.22 18:57:46 \| 000,033,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe [2010.01.22 18:57:46 \| 000,033,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe [2010.01.22 18:57:46 \| 000,022,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe [2010.01.22 18:57:46 \| 000,022,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe [2010.01.22 18:57:46 \| 000,017,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe [2010.01.22 18:57:46 \| 000,017,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe [2010.01.22 18:57:46 \| 000,017,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe [2010.01.22 18:57:46 \| 000,017,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe [2010.01.22 18:57:46 \| 000,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe [2010.01.22 18:57:46 \| 000,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe [2010.01.22 18:57:46 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe [2010.01.22 18:57:46 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe [2010.01.22 18:57:46 \| 000,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe [2010.01.22 18:57:46 \| 000,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe [2010.01.22 18:57:46 \| 000,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe [2010.01.22 18:57:46 \| 000,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe [2010.01.22 18:57:46 \| 000,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe [2010.01.22 18:57:46 \| 000,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe [2010.01.22 18:57:46 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll [2010.01.22 18:57:46 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll [2010.01.22 18:57:45 \| 000,023,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe [2010.01.22 18:57:45 \| 000,023,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe [2010.01.22 18:57:45 \| 000,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb [2010.01.22 18:57:45 \| 000,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe [2010.01.22 18:57:45 \| 000,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe [2010.01.22 18:57:45 \| 000,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll [2010.01.22 18:57:45 \| 000,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll [2010.01.22 18:57:44 \| 000,045,568 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll [2010.01.22 18:57:40 \| 000,116,224 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll [2010.01.22 18:57:40 \| 000,076,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll [2010.01.22 18:57:40 \| 000,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll [2010.01.22 18:57:40 \| 000,059,904 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb [2010.01.22 18:57:40 \| 000,052,224 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll [2010.01.22 18:57:40 \| 000,031,232 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb [2010.01.22 18:57:40 \| 000,018,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll [2010.01.22 18:57:40 \| 000,013,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe [2010.01.22 18:57:40 \| 000,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll [2010.01.22 18:57:39 \| 000,273,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll [2010.01.22 18:57:39 \| 000,061,952 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll [2010.01.22 18:57:39 \| 000,059,904 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll [2010.01.22 18:57:39 \| 000,053,248 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll [2010.01.22 18:57:39 \| 000,040,960 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll [2010.01.22 18:57:39 \| 000,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe [2010.01.22 18:57:38 \| 000,120,320 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll [2010.01.22 18:57:37 \| 000,350,208 \| ---- \| C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll [2010.01.22 18:57:37 \| 000,132,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe [2010.01.22 18:57:37 \| 000,132,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe [2010.01.22 18:57:37 \| 000,124,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe [2010.01.22 18:57:37 \| 000,124,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe [2010.01.22 18:57:36 \| 000,544,768 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe [2010.01.22 18:57:36 \| 000,345,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe [2010.01.22 18:57:36 \| 000,345,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe [2010.01.22 18:57:36 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Windows NT [2010.01.22 18:57:35 \| 000,139,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys [2010.01.22 18:57:35 \| 000,094,208 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll [2010.01.22 18:57:35 \| 000,094,208 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll [2010.01.22 18:57:35 \| 000,053,248 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll [2010.01.22 18:57:35 \| 000,053,248 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll [2010.01.22 18:57:35 \| 000,021,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys [2010.01.22 18:57:35 \| 000,012,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys [2010.01.22 18:57:34 \| 002,067,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll [2010.01.22 18:57:34 \| 000,290,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll [2010.01.22 18:57:34 \| 000,290,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll [2010.01.22 18:57:34 \| 000,136,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll [2010.01.22 18:57:34 \| 000,136,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll [2010.01.22 18:57:33 \| 000,677,888 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe [2010.01.22 18:57:33 \| 000,677,888 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe [2010.01.22 18:57:33 \| 000,147,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll [2010.01.22 18:57:33 \| 000,147,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll [2010.01.22 18:57:33 \| 000,142,336 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe [2010.01.22 18:57:33 \| 000,067,072 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe [2010.01.22 18:57:33 \| 000,067,072 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe [2010.01.22 18:57:33 \| 000,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll [2010.01.22 18:57:33 \| 000,013,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe [2010.01.22 18:57:33 \| 000,013,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe [2010.01.22 18:57:32 \| 000,296,960 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll [2010.01.22 18:57:32 \| 000,087,176 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll [2010.01.22 18:57:32 \| 000,087,176 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll [2010.01.22 18:57:32 \| 000,062,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe [2010.01.22 18:57:32 \| 000,062,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe [2010.01.22 18:57:32 \| 000,039,424 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll [2010.01.22 18:57:32 \| 000,039,424 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll [2010.01.22 18:57:32 \| 000,020,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe [2010.01.22 18:57:32 \| 000,020,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe [2010.01.22 18:57:32 \| 000,019,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll [2010.01.22 18:57:32 \| 000,019,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll [2010.01.22 18:57:32 \| 000,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll [2010.01.22 18:57:32 \| 000,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll [2010.01.22 18:57:31 \| 000,956,928 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll [2010.01.22 18:57:31 \| 000,956,928 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll [2010.01.22 18:57:31 \| 000,428,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll [2010.01.22 18:57:31 \| 000,428,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll [2010.01.22 18:57:31 \| 000,161,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll [2010.01.22 18:57:31 \| 000,161,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll [2010.01.22 18:57:31 \| 000,091,648 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll [2010.01.22 18:57:31 \| 000,091,648 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll [2010.01.22 18:57:31 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\MsDtc [2010.01.22 18:57:30 \| 000,058,880 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll [2010.01.22 18:57:30 \| 000,058,880 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll [2010.01.22 18:57:30 \| 000,011,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll [2010.01.22 18:57:30 \| 000,011,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll [2010.01.22 18:57:30 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe [2010.01.22 18:57:29 \| 000,195,072 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll [2010.01.22 18:57:29 \| 000,097,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll [2010.01.22 18:57:29 \| 000,097,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll [2010.01.22 18:57:29 \| 000,060,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll [2010.01.22 18:57:29 \| 000,060,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll [2010.01.22 18:57:29 \| 000,034,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll [2010.01.22 18:57:29 \| 000,034,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll [2010.01.22 18:57:29 \| 000,030,720 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
vas. jan. 31, 2010 11:01

Sanyi46 arany tag Csatlakozott: csüt. aug. 21, 2008 19:07 Hozzászólások: 326	[2010.01.22 19:04:13 \| 000,009,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll [2010.01.22 19:04:12 \| 000,366,080 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll [2010.01.22 19:04:12 \| 000,074,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll [2010.01.22 19:04:12 \| 000,048,256 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll [2010.01.22 19:04:12 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll [2010.01.22 19:04:12 \| 000,004,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll [2010.01.22 19:04:11 \| 000,426,041 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll [2010.01.22 19:04:11 \| 000,086,073 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll [2010.01.22 19:04:10 \| 000,103,936 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll [2010.01.22 19:04:10 \| 000,014,336 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe [2010.01.22 19:04:09 \| 000,185,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll [2010.01.22 19:04:09 \| 000,033,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll [2010.01.22 19:04:09 \| 000,019,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys [2010.01.22 19:04:08 \| 000,021,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys [2010.01.22 19:04:08 \| 000,013,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys [2010.01.22 19:04:07 \| 000,046,592 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll [2010.01.22 19:04:07 \| 000,046,592 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll [2010.01.22 19:04:07 \| 000,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll [2010.01.22 19:04:06 \| 000,101,376 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll [2010.01.22 19:04:06 \| 000,045,568 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll [2010.01.22 19:04:05 \| 000,143,422 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll [2010.01.22 19:04:05 \| 000,039,936 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll [2010.01.22 19:04:05 \| 000,010,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll [2010.01.22 19:04:05 \| 000,008,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe [2010.01.22 19:04:05 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll [2010.01.22 19:04:04 \| 000,464,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll [2010.01.22 19:04:04 \| 000,358,400 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll [2010.01.22 19:04:04 \| 000,259,072 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll [2010.01.22 19:04:04 \| 000,188,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll [2010.01.22 19:04:04 \| 000,033,280 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe [2010.01.22 19:04:04 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll [2010.01.22 19:04:03 \| 000,236,544 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe [2010.01.22 19:04:03 \| 000,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll [2010.01.22 19:04:03 \| 000,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll [2010.01.22 19:04:03 \| 000,010,752 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll [2010.01.22 19:04:03 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll [2010.01.22 19:04:03 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll [2010.01.22 19:04:02 \| 000,038,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll [2010.01.22 19:04:02 \| 000,031,744 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll [2010.01.22 19:04:02 \| 000,031,744 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll [2010.01.22 19:04:02 \| 000,029,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll [2010.01.22 19:04:02 \| 000,026,624 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll [2010.01.22 19:04:02 \| 000,026,624 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll [2010.01.22 19:04:02 \| 000,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll [2010.01.22 19:04:02 \| 000,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll [2010.01.22 19:04:02 \| 000,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll [2010.01.22 19:04:01 \| 000,030,208 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll [2010.01.22 19:04:01 \| 000,030,208 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll [2010.01.22 19:04:01 \| 000,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll [2010.01.22 19:04:01 \| 000,025,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll [2010.01.22 19:04:01 \| 000,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll [2010.01.22 19:03:59 \| 000,221,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll [2010.01.22 19:03:59 \| 000,057,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll [2010.01.22 19:03:59 \| 000,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll [2010.01.22 19:03:58 \| 000,080,384 \| ---- \| C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2010.01.22 19:03:58 \| 000,080,384 \| ---- \| C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2010.01.22 19:03:58 \| 000,029,184 \| ---- \| C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2010.01.22 19:03:58 \| 000,009,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll [2010.01.22 19:03:57 \| 000,028,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll [2010.01.22 19:03:57 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll [2010.01.22 19:03:56 \| 000,023,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe [2010.01.22 19:03:56 \| 000,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe [2010.01.22 19:03:55 \| 000,020,736 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys [2010.01.22 19:03:55 \| 000,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe [2010.01.22 19:03:55 \| 000,009,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe [2010.01.22 19:03:54 \| 000,007,680 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll [2010.01.22 19:03:53 \| 000,131,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll [2010.01.22 19:03:53 \| 000,020,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll [2010.01.22 19:03:53 \| 000,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll [2010.01.22 19:03:53 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll [2010.01.22 19:03:52 \| 000,036,927 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll [2010.01.22 19:03:52 \| 000,031,744 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll [2010.01.22 19:03:51 \| 000,038,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll [2010.01.22 19:03:50 \| 000,053,248 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll [2010.01.22 19:03:50 \| 000,045,056 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll [2010.01.22 19:03:49 \| 000,229,439 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll [2010.01.22 19:03:48 \| 000,119,808 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe [2010.01.22 19:03:46 \| 001,875,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex [2010.01.22 19:03:46 \| 000,040,960 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe [2010.01.22 19:03:45 \| 000,098,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll [2010.01.22 19:03:42 \| 000,007,680 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe [2010.01.22 19:03:41 \| 000,092,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys [2010.01.22 19:03:41 \| 000,092,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll [2010.01.22 19:03:41 \| 000,086,016 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll [2010.01.22 19:03:41 \| 000,037,888 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll [2010.01.22 19:03:41 \| 000,026,624 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll [2010.01.22 19:03:40 \| 000,065,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll [2010.01.22 19:03:40 \| 000,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll [2010.01.22 19:03:39 \| 000,033,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll [2010.01.22 19:03:39 \| 000,023,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll [2010.01.22 19:03:39 \| 000,022,016 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll [2010.01.22 19:03:39 \| 000,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll [2010.01.22 19:03:38 \| 000,070,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll [2010.01.22 19:03:37 \| 000,009,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll [2010.01.22 19:03:37 \| 000,007,680 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll [2010.01.22 19:03:37 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll [2010.01.22 19:03:37 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll [2010.01.22 19:03:37 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll [2010.01.22 19:03:37 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll [2010.01.22 19:03:37 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll [2010.01.22 19:03:36 \| 000,026,624 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll [2010.01.22 19:03:36 \| 000,018,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll [2010.01.22 19:03:36 \| 000,009,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll [2010.01.22 19:03:36 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll [2010.01.22 19:03:36 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll [2010.01.22 19:03:36 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll [2010.01.22 19:03:35 \| 000,257,024 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll [2010.01.22 19:03:35 \| 000,035,840 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll [2010.01.22 19:03:35 \| 000,009,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll [2010.01.22 19:03:34 \| 000,471,102 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll [2010.01.22 19:03:34 \| 000,315,455 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll [2010.01.22 19:03:34 \| 000,102,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll [2010.01.22 19:03:34 \| 000,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe [2010.01.22 19:03:33 \| 000,274,489 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll [2010.01.22 19:03:33 \| 000,262,200 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe [2010.01.22 19:03:33 \| 000,233,527 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe [2010.01.22 19:03:33 \| 000,208,952 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe [2010.01.22 19:03:33 \| 000,155,705 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe [2010.01.22 19:03:33 \| 000,045,109 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe [2010.01.22 19:03:32 \| 000,811,064 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll [2010.01.22 19:03:32 \| 000,716,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll [2010.01.22 19:03:32 \| 000,368,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll [2010.01.22 19:03:32 \| 000,307,257 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe [2010.01.22 19:03:32 \| 000,081,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll [2010.01.22 19:03:32 \| 000,057,398 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe [2010.01.22 19:03:31 \| 000,340,023 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime [2010.01.22 19:03:31 \| 000,311,359 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe [2010.01.22 19:03:31 \| 000,102,463 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll [2010.01.22 19:03:31 \| 000,079,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll [2010.01.22 19:03:31 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll [2010.01.22 19:03:31 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe [2010.01.22 19:03:31 \| 000,003,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll [2010.01.22 19:03:30 \| 000,145,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll [2010.01.22 19:03:30 \| 000,060,928 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll [2010.01.22 19:03:30 \| 000,025,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll [2010.01.22 19:03:30 \| 000,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll [2010.01.22 19:03:24 \| 000,268,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll [2010.01.22 19:03:24 \| 000,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll [2010.01.22 19:03:24 \| 000,008,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll [2010.01.22 19:03:23 \| 000,039,936 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll [2010.01.22 19:03:23 \| 000,032,256 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll [2010.01.22 19:03:22 \| 000,400,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll [2010.01.22 19:03:22 \| 000,397,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll [2010.01.22 19:03:22 \| 000,246,272 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll [2010.01.22 19:03:22 \| 000,193,024 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll [2010.01.22 19:03:22 \| 000,155,136 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll [2010.01.22 19:03:21 \| 000,562,688 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll [2010.01.22 19:03:21 \| 000,268,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe [2010.01.22 19:03:21 \| 000,058,368 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll [2010.01.22 19:03:21 \| 000,031,744 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll [2010.01.22 19:03:21 \| 000,023,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll [2010.01.22 19:03:21 \| 000,023,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll [2010.01.22 19:03:21 \| 000,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe [2010.01.22 19:03:21 \| 000,008,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll [2010.01.22 19:03:21 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll [2010.01.22 19:03:20 \| 000,451,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll [2010.01.22 19:03:20 \| 000,285,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll [2010.01.22 19:03:20 \| 000,234,496 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe [2010.01.22 19:03:20 \| 000,142,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe [2010.01.22 19:03:20 \| 000,137,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll [2010.01.22 19:03:20 \| 000,111,616 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll [2010.01.22 19:03:20 \| 000,072,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll [2010.01.22 19:03:20 \| 000,026,624 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll [2010.01.22 19:03:19 \| 000,126,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll [2010.01.22 19:03:19 \| 000,024,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe [2010.01.22 19:03:19 \| 000,020,541 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll [2010.01.22 19:03:19 \| 000,007,680 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll [2010.01.22 19:03:19 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll [2010.01.22 19:03:18 \| 000,618,605 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll [2010.01.22 19:03:18 \| 000,043,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll [2010.01.22 19:03:18 \| 000,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe [2010.01.22 19:03:17 \| 000,105,984 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll [2010.01.22 19:03:17 \| 000,093,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe [2010.01.22 19:03:17 \| 000,025,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys [2010.01.22 19:03:17 \| 000,025,600 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe [2010.01.22 19:03:17 \| 000,014,336 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll [2010.01.22 19:03:17 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll [2010.01.22 19:03:16 \| 000,514,587 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll [2010.01.22 19:03:16 \| 000,057,856 \| ---- \| C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll [2010.01.22 19:03:16 \| 000,045,056 \| ---- \| C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll [2010.01.22 19:03:16 \| 000,031,744 \| ---- \| C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll [2010.01.22 19:03:12 \| 000,042,496 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe [2010.01.22 19:03:11 \| 000,057,399 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe [2010.01.22 19:03:11 \| 000,056,832 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe [2010.01.22 19:03:11 \| 000,033,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll [2010.01.22 19:03:11 \| 000,020,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll [2010.01.22 19:03:11 \| 000,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe [2010.01.22 19:03:10 \| 000,024,064 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll [2010.01.22 19:03:09 \| 000,838,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll [2010.01.22 19:03:08 \| 001,677,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll [2010.01.22 19:03:08 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe [2010.01.22 19:03:08 \| 000,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe [2010.01.22 19:03:08 \| 000,013,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe [2010.01.22 19:03:08 \| 000,009,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe [2010.01.22 19:03:07 \| 000,054,528 \| ---- \| C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2010.01.22 19:03:00 \| 000,045,568 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll [2010.01.22 19:02:59 \| 000,029,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll [2010.01.22 19:02:59 \| 000,009,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll [2010.01.22 19:02:58 \| 000,374,272 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll [2010.01.22 19:02:58 \| 000,332,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll [2010.01.22 19:02:58 \| 000,010,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll [2010.01.22 19:02:57 \| 000,109,568 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll [2010.01.22 19:02:57 \| 000,045,056 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll [2010.01.22 19:02:57 \| 000,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll [2010.01.22 19:02:56 \| 000,050,176 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll [2010.01.22 19:02:56 \| 000,029,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll [2010.01.22 19:02:56 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll [2010.01.22 19:02:56 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll [2010.01.22 19:02:53 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll [2010.01.22 19:02:53 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll [2010.01.22 19:02:52 \| 002,134,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll [2010.01.22 19:02:52 \| 000,189,952 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll [2010.01.22 19:02:52 \| 000,032,827 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe [2010.01.22 19:02:52 \| 000,008,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll [2010.01.22 19:02:51 \| 000,020,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll [2010.01.22 19:02:51 \| 000,016,437 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe [2010.01.22 19:02:49 \| 000,077,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx [2010.01.22 19:02:48 \| 000,837,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll [2010.01.22 19:02:48 \| 000,068,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll [2010.01.22 19:02:48 \| 000,019,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll [2010.01.22 19:02:48 \| 000,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll [2010.01.22 19:02:48 \| 000,007,680 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe [2010.01.22 19:02:47 \| 000,171,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll [2010.01.22 19:02:47 \| 000,133,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll [2010.01.22 19:02:47 \| 000,064,512 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll [2010.01.22 19:02:47 \| 000,030,720 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe [2010.01.22 19:02:47 \| 000,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe [2010.01.22 19:02:47 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll [2010.01.22 19:02:46 \| 000,598,071 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll [2010.01.22 19:02:46 \| 000,212,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll [2010.01.22 19:02:46 \| 000,068,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll [2010.01.22 19:02:46 \| 000,020,538 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe [2010.01.22 19:02:46 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll [2010.01.22 19:02:45 \| 000,876,653 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll [2010.01.22 19:02:45 \| 000,188,494 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe [2010.01.22 19:02:45 \| 000,109,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe [2010.01.22 19:02:45 \| 000,049,212 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll [2010.01.22 19:02:45 \| 000,032,826 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll [2010.01.22 19:02:45 \| 000,020,541 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll [2010.01.22 19:02:45 \| 000,014,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe [2010.01.22 19:02:44 \| 000,184,435 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll [2010.01.22 19:02:44 \| 000,147,513 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll [2010.01.22 19:02:44 \| 000,102,509 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll [2010.01.22 19:02:44 \| 000,082,035 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll [2010.01.22 19:02:44 \| 000,049,210 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll [2010.01.22 19:02:44 \| 000,041,020 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll [2010.01.22 19:02:43 \| 000,278,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx [2010.01.22 19:02:43 \| 000,188,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe [2010.01.22 19:02:43 \| 000,095,744 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx [2010.01.22 19:02:43 \| 000,076,800 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx [2010.01.22 19:02:43 \| 000,047,104 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll [2010.01.22 19:02:42 \| 000,290,816 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll [2010.01.22 19:02:42 \| 000,043,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll [2010.01.22 19:02:42 \| 000,020,540 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll [2010.01.22 19:02:42 \| 000,016,439 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe [2010.01.22 19:02:42 \| 000,016,439 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe [2010.01.22 19:02:41 \| 000,020,540 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
vas. jan. 31, 2010 10:59

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	oszt szet keto hozaszolasba mivel hoszu es nemfer be,,
vas. jan. 31, 2010 10:50

Sanyi46 arany tag Csatlakozott: csüt. aug. 21, 2008 19:07 Hozzászólások: 326	CREATERESTOREPOINT Restore point Set: OTL Restore Point (60801987993665536) ========== Files/Folders - Created Within 30 Days ========== [2010.01.31 10:15:50 \| 000,548,864 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\Sanyi\Asztal\OTL.exe [2010.01.31 06:52:01 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Local Settings\Application Data\Help [2010.01.31 06:52:01 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\Help [2010.01.31 06:26:27 \| 000,000,000 \| -H-D \| C] -- C:\WINDOWS\System32\GroupPolicy [2010.01.29 21:53:30 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\NtmsData [2010.01.29 21:15:31 \| 000,000,000 \| ---D \| C] -- C:\Program Files\SmartPCTools [2010.01.28 20:25:31 \| 000,047,360 \| ---- \| C] (VSO Software) -- C:\WINDOWS\System32\drivers\pcouffin.sys [2010.01.28 20:25:31 \| 000,047,360 \| ---- \| C] (VSO Software) -- C:\Documents and Settings\Sanyi\Application Data\pcouffin.sys [2010.01.28 20:25:30 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\Vso [2010.01.28 20:25:30 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Dokumentumok\PcSetup [2010.01.28 20:25:02 \| 001,184,984 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wvc1dmod.dll [2010.01.28 20:25:02 \| 000,626,688 \| ---- \| C] (On2.com) -- C:\WINDOWS\System32\vp7vfw.dll [2010.01.28 20:25:02 \| 000,273,408 \| ---- \| C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\Pncrt.dll [2010.01.28 20:25:02 \| 000,217,127 \| ---- \| C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv43260.dll [2010.01.28 20:25:02 \| 000,208,935 \| ---- \| C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv33260.dll [2010.01.28 20:25:02 \| 000,176,165 \| ---- \| C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv23260.dll [2010.01.28 20:25:02 \| 000,102,439 \| ---- \| C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\sipr3260.dll [2010.01.28 20:25:02 \| 000,065,602 \| ---- \| C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\cook3260.dll [2010.01.28 20:24:56 \| 000,000,000 \| ---D \| C] -- C:\Program Files\VSO [2010.01.28 20:17:44 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Dokumentumok\Dativus [2010.01.28 18:50:31 \| 000,000,000 \| ---D \| C] -- C:\Program Files\RocketDock [2010.01.28 18:47:14 \| 000,028,160 \| ---- \| C] (mst software GmbH, Germany) -- C:\WINDOWS\System32\DfSdkBt.exe [2010.01.28 18:38:26 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\URSoft [2010.01.28 18:38:25 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010.01.28 18:38:10 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Your Uninstaller 2010 [2010.01.28 07:20:28 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\SoftwareDistribution [2010.01.27 21:20:21 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\All Users\Application Data\CanonBJ [2010.01.26 17:26:42 \| 000,000,000 \| ---D \| C] -- C:\Windows XP [2010.01.26 15:39:01 \| 000,000,000 \| -HSD \| C] -- C:\$RECYCLE.BIN [2010.01.25 12:01:15 \| 000,026,368 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys [2010.01.25 10:59:13 \| 000,274,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll [2010.01.25 10:59:13 \| 000,017,248 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui [2010.01.24 19:11:49 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Ashampoo [2010.01.24 18:50:27 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Local Settings\Application Data\ESET [2010.01.24 16:48:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Dokumentumok\Letöltések [2010.01.24 16:38:27 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Asztal\Telepítés nélkül [2010.01.24 16:17:25 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Trend Micro [2010.01.24 08:40:03 \| 000,017,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll [2010.01.24 08:39:24 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\DESIGNER [2010.01.24 08:39:12 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\SHELLNEW [2010.01.24 08:39:11 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Microsoft.NET [2010.01.24 08:39:11 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Microsoft Office [2010.01.23 21:39:29 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Memory Improve Master [2010.01.23 21:32:09 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\translateclient [2010.01.23 21:32:05 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Translate Client [2010.01.23 21:19:45 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\ie8updates [2010.01.23 13:28:12 \| 000,139,776 \| ---- \| C] (CANON INC.) -- C:\WINDOWS\System32\CNMLM75.DLL [2010.01.23 13:28:09 \| 000,090,112 \| ---- \| C] (CANON INC.) -- C:\WINDOWS\System32\CNMCP75.exe [2010.01.23 13:17:18 \| 000,025,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys [2010.01.23 13:14:41 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Foxit Software [2010.01.23 13:11:44 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\IObit [2010.01.23 13:11:41 \| 000,000,000 \| ---D \| C] -- C:\Program Files\IObit [2010.01.23 11:46:54 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\Macromedia [2010.01.23 11:46:54 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\Adobe [2010.01.23 11:37:41 \| 000,000,000 \| ---D \| C] -- C:\Program Files\uTorrent [2010.01.23 11:37:31 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\uTorrent [2010.01.23 11:32:44 \| 001,985,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010.01.23 11:32:44 \| 000,594,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010.01.23 11:32:41 \| 000,055,296 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010.01.23 11:32:33 \| 011,070,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2010.01.23 11:15:24 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\PreInstall [2010.01.23 10:30:36 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\SoftwareDistribution [2010.01.23 10:30:28 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Temp [2010.01.23 08:08:14 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Local Settings\Application Data\Thunderbird [2010.01.23 08:08:14 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\Thunderbird [2010.01.23 08:08:03 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Mozilla Thunderbird [2010.01.23 08:03:10 \| 000,000,000 \| ---D \| C] -- C:\Program Files\WinSnap [2010.01.23 07:55:34 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\Godlike [2010.01.23 07:55:23 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Godlike Developers [2010.01.23 07:44:33 \| 000,000,000 \| ---D \| C] -- C:\Program Files\PowerISO [2010.01.23 07:30:03 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Total Commander 2008 Final Edition by K-ED [2010.01.23 07:12:13 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Yamicsoft [2010.01.23 07:08:55 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\WinRAR [2010.01.23 07:07:56 \| 000,000,000 \| ---D \| C] -- C:\Program Files\WinRAR [2010.01.23 06:33:55 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\dvdcss [2010.01.23 06:30:20 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Sanyi\Dokumentumok\Videók [2010.01.23 06:28:58 \| 000,018,296 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2010.01.23 06:28:33 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Windows Media Connect 2 [2010.01.23 06:26:39 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\drivers\UMDF [2010.01.23 06:26:39 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\LogFiles [2010.01.23 06:25:11 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2010.01.23 06:13:11 \| 000,000,000 \| -HSD \| C] -- C:\Documents and Settings\Sanyi\PrivacIE [2010.01.23 06:09:39 \| 000,000,000 \| -HSD \| C] -- C:\Documents and Settings\Sanyi\IETldCache [2010.01.23 06:08:13 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\WBEM [2010.01.23 06:07:47 \| 000,026,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe [2010.01.23 06:07:06 \| 000,000,000 \| -H-D \| C] -- C:\WINDOWS\ie8 [2010.01.23 06:00:21 \| 000,000,000 \| ---D \| C] -- C:\Program Files\UPHClean [2010.01.23 05:48:28 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\vlc [2010.01.23 05:47:11 \| 000,000,000 \| ---D \| C] -- C:\Program Files\VideoLAN [2010.01.22 22:02:01 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Unlocker [2010.01.22 21:56:17 \| 000,000,000 \| -HSD \| C] -- C:\RECYCLER [2010.01.22 21:49:13 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Local Settings\Application Data\Mozilla [2010.01.22 21:49:13 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\Mozilla [2010.01.22 21:48:09 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Mozilla Firefox [2010.01.22 21:42:20 \| 000,000,000 \| -HSD \| C] -- C:\Documents and Settings\Sanyi\UserData [2010.01.22 20:34:47 \| 000,000,000 \| ---D \| C] -- C:\Program Files\ESET [2010.01.22 20:34:47 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\ESET [2010.01.22 20:26:01 \| 000,714,752 \| ---- \| C] (Agnitum Ltd.) -- C:\WINDOWS\System32\drivers\SandBox.sys [2010.01.22 20:25:53 \| 000,256,792 \| ---- \| C] (Agnitum Ltd.) -- C:\WINDOWS\System32\drivers\afwcore.sys [2010.01.22 20:25:43 \| 000,031,128 \| ---- \| C] (Agnitum Ltd.) -- C:\WINDOWS\System32\drivers\afw.sys [2010.01.22 20:25:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\Filt [2010.01.22 20:25:38 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Agnitum [2010.01.22 20:25:11 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Agnitum [2010.01.22 19:56:57 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Local Settings\Application Data\GHISLER [2010.01.22 19:55:39 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\GHISLER [2010.01.22 19:52:58 \| 000,010,624 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys [2010.01.22 19:52:38 \| 000,032,768 \| ---- \| C] (SiS Corporation) -- C:\WINDOWS\System32\drivers\sisnic.sys [2010.01.22 19:52:33 \| 000,076,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll [2010.01.22 19:51:22 \| 000,000,000 \| -HSD \| C] -- C:\WINDOWS\Installer [2010.01.22 19:51:21 \| 000,000,000 \| R--D \| C] -- C:\Program Files [2010.01.22 19:51:21 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\ODBC [2010.01.22 19:51:21 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files [2010.01.22 19:51:07 \| 000,019,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll [2010.01.22 19:51:07 \| 000,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll [2010.01.22 19:51:07 \| 000,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll [2010.01.22 19:51:06 \| 000,176,157 \| ---- \| C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll [2010.01.22 19:51:06 \| 000,176,157 \| ---- \| C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll [2010.01.22 19:51:06 \| 000,085,532 \| ---- \| C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll [2010.01.22 19:51:06 \| 000,085,532 \| ---- \| C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll [2010.01.22 19:51:06 \| 000,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll [2010.01.22 19:51:06 \| 000,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll [2010.01.22 19:51:05 \| 000,103,424 \| ---- \| C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll [2010.01.22 19:51:05 \| 000,103,424 \| ---- \| C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll [2010.01.22 19:51:05 \| 000,024,661 \| ---- \| C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2010.01.22 19:51:05 \| 000,024,661 \| ---- \| C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll [2010.01.22 19:51:05 \| 000,019,200 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL [2010.01.22 19:51:05 \| 000,013,600 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV [2010.01.22 19:51:05 \| 000,009,008 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL [2010.01.22 19:51:05 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV [2010.01.22 19:51:05 \| 000,003,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV [2010.01.22 19:51:05 \| 000,002,176 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV [2010.01.22 19:51:04 \| 000,126,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL [2010.01.22 19:51:04 \| 000,083,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL [2010.01.22 19:51:04 \| 000,028,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV [2010.01.22 19:51:04 \| 000,025,296 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV [2010.01.22 19:51:04 \| 000,024,064 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL [2010.01.22 19:51:04 \| 000,005,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL [2010.01.22 19:51:04 \| 000,002,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV [2010.01.22 19:51:04 \| 000,001,744 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV [2010.01.22 19:51:04 \| 000,001,152 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK [2010.01.22 19:51:03 \| 000,109,504 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL [2010.01.22 19:51:03 \| 000,073,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV [2010.01.22 19:51:03 \| 000,070,048 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL [2010.01.22 19:51:03 \| 000,033,392 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL [2010.01.22 19:51:03 \| 000,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE [2010.01.22 19:51:03 \| 000,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe [2010.01.22 19:51:03 \| 000,009,936 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL [2010.01.22 19:51:03 \| 000,002,000 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV [2010.01.22 19:51:02 \| 000,146,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV [2010.01.22 19:51:02 \| 000,069,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL [2010.01.22 19:51:02 \| 000,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys [2010.01.22 19:51:02 \| 000,008,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll [2010.01.22 19:51:02 \| 000,008,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll [2010.01.22 19:51:01 \| 000,075,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll [2010.01.22 19:50:52 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Start Menu [2010.01.22 19:50:52 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Dokumentumok [2010.01.22 19:50:52 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\All Users\Sablonok [2010.01.22 19:50:52 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Favorites [2010.01.22 19:50:52 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Asztal [2010.01.22 19:50:35 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\CatRoot2 [2010.01.22 19:50:35 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\CatRoot [2010.01.22 19:50:29 \| 000,000,000 \| --SD \| C] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2010.01.22 19:50:29 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\All Users\Application Data [2010.01.22 19:50:06 \| 000,000,000 \| -HSD \| C] -- C:\System Volume Information [2010.01.22 19:50:06 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings [2010.01.22 19:46:58 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Local Settings\Application Data\ATI [2010.01.22 19:46:58 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\ATI [2010.01.22 19:46:58 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\ATI [2010.01.22 19:46:43 \| 000,000,000 \| R-SD \| C] -- C:\WINDOWS\Fonts [2010.01.22 19:46:43 \| 000,000,000 \| RHSD \| C] -- C:\WINDOWS\System32\dllcache [2010.01.22 19:46:43 \| 000,000,000 \| R--D \| C] -- C:\WINDOWS\Web [2010.01.22 19:46:43 \| 000,000,000 \| -H-D \| C] -- C:\WINDOWS\inf [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\WinSxS [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\wins [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\wbem [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\usmt [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\twain_32 [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\system32 [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\system [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\spool [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\ShellExt [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\Setup [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\security [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Resources [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\repair [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\ras [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Provisioning [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\PeerNet [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\pchealth [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\oobe [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\npp [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Network Diagnostic [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\mui [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\msapps [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\msagent [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Media [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\L2Schemas [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\java [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\inetsrv [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\IME [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\ime [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\icsxml [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\ias [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\hu-hu [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\hu [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Help [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\export [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\drivers\etc [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\ehome [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\drivers [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Driver Cache [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\drivers\disdn [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\dhcp [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Debug [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Cursors [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\config [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\AppPatch [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\3com_dmi [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\3076 [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\2052 [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1054 [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1042 [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1041 [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1038 [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1037 [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1033 [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1031 [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1028 [2010.01.22 19:46:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1025 [2010.01.22 19:45:05 \| 000,052,864 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys [2010.01.22 19:45:04 \| 000,056,576 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys [2010.01.22 19:45:03 \| 000,142,592 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys [2010.01.22 19:45:02 \| 000,006,272 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys [2010.01.22 19:45:00 \| 000,172,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys [2010.01.22 19:44:59 \| 000,002,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys [2010.01.22 19:44:58 \| 000,007,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys [2010.01.22 19:44:57 \| 000,004,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys [2010.01.22 19:44:55 \| 000,005,376 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys [2010.01.22 19:44:53 \| 000,060,800 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys [2010.01.22 19:37:52 \| 000,000,000 \| R-SD \| C] -- C:\WINDOWS\assembly [2010.01.22 19:37:33 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Microsoft.NET [2010.01.22 19:35:50 \| 000,083,072 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys [2010.01.22 19:31:21 \| 000,146,048 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys [2010.01.22 19:31:21 \| 000,146,048 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys [2010.01.22 19:31:21 \| 000,129,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax [2010.01.22 19:31:21 \| 000,129,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax [2010.01.22 19:31:21 \| 000,060,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys [2010.01.22 19:31:21 \| 000,060,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys [2010.01.22 19:31:21 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll [2010.01.22 19:31:21 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll [2010.01.22 19:30:39 \| 000,000,000 \| -H-D \| C] -- C:\Program Files\InstallShield Installation Information [2010.01.22 19:30:39 \| 000,000,000 \| ---D \| C] -- C:\Program Files\ATI Technologies [2010.01.22 19:29:04 \| 000,000,000 \| ---D \| C] -- C:\ati862_winxp32 [2010.01.22 19:28:13 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\InstallShield [2010.01.22 19:21:57 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Application Data\Identities [2010.01.22 19:21:52 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Sanyi\Dokumentumok\Zene [2010.01.22 19:21:52 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Sanyi\Dokumentumok\Képek [2010.01.22 19:21:48 \| 000,000,000 \| --SD \| C] -- C:\Documents and Settings\Sanyi\Application Data\Microsoft [2010.01.22 19:21:48 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\Sanyi\SendTo [2010.01.22 19:21:48 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\Sanyi\Recent [2010.01.22 19:21:48 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\Sanyi\Application Data [2010.01.22 19:21:48 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Sanyi\Start Menu [2010.01.22 19:21:48 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Sanyi\Favorites [2010.01.22 19:21:48 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Sanyi\Dokumentumok [2010.01.22 19:21:48 \| 000,000,000 \| -HSD \| C] -- C:\Documents and Settings\Sanyi\Cookies [2010.01.22 19:21:48 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\Sanyi\Sablonok [2010.01.22 19:21:48 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\Sanyi\PrintHood [2010.01.22 19:21:48 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\Sanyi\NetHood [2010.01.22 19:21:48 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\Sanyi\Local Settings [2010.01.22 19:21:48 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Local Settings\Application Data\Microsoft [2010.01.22 19:21:48 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Sanyi\Asztal [2010.01.22 19:21:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\SD [2010.01.22 19:20:35 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Prefetch [2010.01.22 19:20:34 \| 000,000,000 \| --SD \| C] -- C:\WINDOWS\System32\Microsoft [2010.01.22 19:20:32 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2010.01.22 19:05:40 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2010.01.22 19:04:14 \| 000,031,232 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys [2010.01.22 19:04:13 \| 000,077,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll [2010.01.22 19:04:13 \| 000,053,248 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll [2010.01.22 19:04:13 \| 000,041,600 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
vas. jan. 31, 2010 10:48

Sanyi46 arany tag Csatlakozott: csüt. aug. 21, 2008 19:07 Hozzászólások: 326	OTL logfile created on: 2010.01.31. 10:20:07 - Run 1 OTL by OldTimer - Version 3.1.27.1 Folder = C:\Documents and Settings\Sanyi\Asztal Windows XP Professional Edition Szervizcsomag 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040E \| Country: Magyarország \| Language: HUN \| Date Format: yyyy.MM.dd. 2,00 Gb Total Physical Memory \| 1,00 Gb Available Physical Memory \| 75,00% Memory free 4,00 Gb Paging File \| 3,00 Gb Available in Paging File \| 88,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 29,29 Gb Total Space \| 24,08 Gb Free Space \| 82,21% Space Free \| Partition Type: NTFS Drive D: \| 39,06 Gb Total Space \| 37,37 Gb Free Space \| 95,69% Space Free \| Partition Type: NTFS Drive E: \| 45,26 Gb Total Space \| 35,86 Gb Free Space \| 79,24% Space Free \| Partition Type: NTFS Drive F: \| 109,98 Gb Total Space \| 54,23 Gb Free Space \| 49,31% Space Free \| Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HOME-D7F1F7A88F Current User Name: Sanyi Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010.01.31 10:14:58 \| 000,548,864 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Sanyi\Asztal\OTL.exe PRC - [2009.12.22 18:46:42 \| 000,908,248 \| ---- \| M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009.11.05 05:09:28 \| 001,540,352 \| ---- \| M] (SmartPCTools) -- C:\Program Files\SmartPCTools\Registry Repair Wizard\RCHelper.exe PRC - [2009.10.26 08:33:41 \| 000,015,872 \| ---- \| M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe PRC - [2009.09.11 07:24:32 \| 000,735,960 \| ---- \| M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2009.09.11 07:23:46 \| 002,054,360 \| ---- \| M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2009.07.27 03:37:50 \| 000,180,224 \| ---- \| M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE PRC - [2009.07.10 19:27:30 \| 000,360,448 \| ---- \| M] (Alexey ILJIN) -- C:\Program Files\Translate Client\translateclient.exe PRC - [2009.05.15 23:15:52 \| 000,602,112 \| ---- \| M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2009.04.22 17:38:50 \| 000,065,536 \| ---- \| M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2009.04.22 17:37:16 \| 000,065,536 \| ---- \| M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe PRC - [2009.03.16 11:05:30 \| 005,095,424 \| ---- \| M] (Memory Improve Master Studio) -- C:\Program Files\Memory Improve Master\MemoryImproveMaster.exe PRC - [2008.08.27 12:27:58 \| 001,086,648 \| ---- \| M] (C. Ghisler & Co.) -- C:\Program Files\Total Commander 2008 Final Edition by K-ED\TOTALCMD.EXE PRC - [2008.04.14 08:02:18 \| 001,035,776 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007.09.02 13:58:52 \| 000,495,616 \| ---- \| M] () -- C:\Program Files\RocketDock\RocketDock.exe PRC - [2005.04.27 14:59:24 \| 000,241,725 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\UPHClean\uphclean.exe ========== Modules (SafeList) ========== MOD - [2010.01.31 10:14:58 \| 000,548,864 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Sanyi\Asztal\OTL.exe MOD - [2009.10.26 08:33:32 \| 000,004,608 \| ---- \| M] () -- C:\Program Files\Unlocker\UnlockerHook.dll MOD - [2009.07.24 11:46:36 \| 000,674,632 \| ---- \| M] (Agnitum Ltd.) -- c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook.dll MOD - [2007.09.02 13:57:36 \| 000,069,632 \| ---- \| M] () -- C:\Program Files\RocketDock\RocketDock.dll ========== Win32 Services (SafeList) ========== SRV - [2009.09.11 07:33:18 \| 000,020,680 \| ---- \| M] (ESET) [On_Demand \| Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2009.09.11 07:24:32 \| 000,735,960 \| ---- \| M] (ESET) [Auto \| Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2009.08.24 21:16:36 \| 000,406,016 \| ---- \| M] (mst software GmbH, Germany) [On_Demand \| Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe -- (DfSdkS) SRV - [2009.07.24 11:46:22 \| 001,312,584 \| ---- \| M] (Agnitum Ltd.) [Auto \| Running] -- C:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe -- (acssrv) SRV - [2009.05.15 23:15:52 \| 000,602,112 \| ---- \| M] (ATI Technologies Inc.) [Auto \| Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller) SRV - [2005.04.27 14:59:24 \| 000,241,725 \| ---- \| M] (Microsoft Corporation) [Auto \| Running] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean) SRV - [2003.07.28 20:28:22 \| 000,089,136 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - [2010.01.28 20:25:31 \| 000,047,360 \| ---- \| M] (VSO Software) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin) DRV - [2009.09.11 07:26:26 \| 000,096,408 \| ---- \| M] (ESET) [Kernel \| System \| Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2009.09.11 07:23:50 \| 000,108,792 \| ---- \| M] (ESET) [Kernel \| System \| Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009.09.11 07:17:16 \| 000,116,008 \| ---- \| M] (ESET) [File_System \| Auto \| Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2009.07.27 03:43:18 \| 000,058,908 \| ---- \| M] (PowerISO Computing, Inc.) [Kernel \| System \| Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu) DRV - [2009.07.23 11:57:28 \| 000,033,920 \| ---- \| M] (Agnitum Ltd.) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\Filt\ASWFilt.dll -- (ASWFilt) DRV - [2009.07.23 11:56:34 \| 000,714,752 \| ---- \| M] (Agnitum Ltd.) [Kernel \| System \| Running] -- C:\WINDOWS\system32\drivers\SandBox.sys -- (SandBox) DRV - [2009.07.13 13:19:36 \| 000,256,792 \| ---- \| M] (Agnitum Ltd.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\afwcore.sys -- (afwcore) DRV - [2009.05.15 23:58:44 \| 004,069,888 \| ---- \| M] (ATI Technologies Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009.04.01 07:28:32 \| 000,093,184 \| ---- \| M] (ATI Research Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009.02.18 17:30:56 \| 000,031,128 \| ---- \| M] (Agnitum Ltd.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\afw.sys -- (afw) DRV - [2008.04.13 11:45:30 \| 000,010,624 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2008.04.13 09:35:40 \| 000,032,768 \| ---- \| M] (SiS Corporation) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC) DRV - [2008.04.13 08:39:18 \| 000,020,480 \| ---- \| M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2008.04.13 08:36:06 \| 000,144,384 \| ---- \| M] (Windows (R) Server 2003 DDK provider) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2006.03.09 09:18:00 \| 000,222,848 \| ---- \| M] (Analog Devices, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm) DRV - [2001.10.26 12:00:00 \| 000,017,792 \| ---- \| M] (Parallel Technologies, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\S-1-5-21-796845957-1659004503-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Crawler Search" FF - prefs.js..browser.search.order.1: "Crawler Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.hu/firefox?client=firefox-a&rls=org.mozilla:hu:official" FF - prefs.js..extensions.enabledItems: {3474c305-9dad-11d8-9207-00055d74c2e4}:0.4.10 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.01.31 07:49:16 \| 000,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.01.31 07:49:16 \| 000,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.01.23 08:08:15 \| 000,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.01.22 20:34:48 \| 000,000,000 \| ---D \| M] [2010.01.22 21:49:21 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\Sanyi\Application Data\Mozilla\Extensions [2010.01.30 18:08:03 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\Sanyi\Application Data\Mozilla\Firefox\Profiles\rqlumwfo.default\extensions [2010.01.22 21:59:22 \| 000,000,000 \| ---D \| M] (Bookmark Backup) -- C:\Documents and Settings\Sanyi\Application Data\Mozilla\Firefox\Profiles\rqlumwfo.default\extensions\{3474c305-9dad-11d8-9207-00055d74c2e4} [2010.01.22 21:48:10 \| 000,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions [2009.12.22 05:03:29 \| 000,000,760 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml [2009.12.22 05:03:29 \| 000,001,426 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\polymeta.xml [2009.12.22 05:03:29 \| 000,001,628 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\sztaki-en-hu.xml [2009.12.22 05:03:30 \| 000,000,974 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\vatera.xml [2009.12.22 05:03:30 \| 000,001,189 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-hu.xml O1 HOSTS File: ([2001.10.26 12:00:00 \| 000,000,687 \| ---- \| M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe (Agnitum Ltd.) O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe (Agnitum Ltd.) O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe () O4 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003..\Run: [Memory Improve Master] C:\Program Files\Memory Improve Master\MemoryImproveMaster.exe (Memory Improve Master Studio) O4 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003..\Run: [Registry Repair Wizard Scheduler] C:\Program Files\SmartPCTools\Registry Repair Wizard\RCHelper.exe (SmartPCTools) O4 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult\Translate Client.lnk = C:\Program Files\Translate Client\translateclient.exe (Alexey ILJIN) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoManageMyComputerVerb = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartmenuLogoff = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPrinterTabs = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAddPrinter = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPrinters = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeAnimation = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0 O7 - HKU\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0 O9 - Extra 'Tools' menuitem : Enable/Disable PDF Download for this site - {96538116-AB8C-4879-9F21-BD2BFE22A414} - Reg Error: Key error. File not found O9 - Extra 'Tools' menuitem : PDF Download - Options - {AD9E6088-E00B-42f9-9F0C-8480525D234E} - Reg Error: Key error. File not found O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 4343506578 (MUWebControl Class) O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook.dll (Agnitum Ltd.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Jelenlegi saját honlap) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Lanka.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Lanka.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.01.22 19:01:52 \| 000,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk ) - File not found O35 - comfile [open] -- "%1" % O35 - exefile [open] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2010.01.22 19:01:23 \| 000,000,000 \| ---D \| M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found
vas. jan. 31, 2010 10:44

Sanyi46 arany tag Csatlakozott: csüt. aug. 21, 2008 19:07 Hozzászólások: 326	Az OTL.txt-t nem tudom elküldeni,mert:Error in posting
vas. jan. 31, 2010 10:39

Sanyi46 arany tag Csatlakozott: csüt. aug. 21, 2008 19:07 Hozzászólások: 326	OTL Extras logfile created on: 2010.01.31. 10:20:07 - Run 1 OTL by OldTimer - Version 3.1.27.1 Folder = C:\Documents and Settings\Sanyi\Asztal Windows XP Professional Edition Szervizcsomag 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040E \| Country: Magyarország \| Language: HUN \| Date Format: yyyy.MM.dd. 2,00 Gb Total Physical Memory \| 1,00 Gb Available Physical Memory \| 75,00% Memory free 4,00 Gb Paging File \| 3,00 Gb Available in Paging File \| 88,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 29,29 Gb Total Space \| 24,08 Gb Free Space \| 82,21% Space Free \| Partition Type: NTFS Drive D: \| 39,06 Gb Total Space \| 37,37 Gb Free Space \| 95,69% Space Free \| Partition Type: NTFS Drive E: \| 45,26 Gb Total Space \| 35,86 Gb Free Space \| 79,24% Space Free \| Partition Type: NTFS Drive F: \| 109,98 Gb Total Space \| 54,23 Gb Free Space \| 49,31% Space Free \| Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HOME-D7F1F7A88F Current User Name: Sanyi Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_USERS\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- () ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{0930F613-9331-972C-F07F-3E795214E65F}" = CCC Help Korean "{1043E281-B080-4947-9BD7-3F1D233BF6D2}" = WinXP Manager "{18AE8ACB-0419-45F6-9CF6-155E128A4BCE}_is1" = WinTools.net 9.10.1 Ultimate "{1B372CF9-7C2E-003C-3D90-37ACC8E41DA9}" = ccc-core-static "{1FC05942-BA18-BF55-DDF1-2978CEA4F009}" = CCC Help Finnish "{2F7A7614-FB96-A328-8974-D234FA12B7A1}" = CCC Help Russian "{350C940e-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{40444C12-5D96-90CF-03B8-068BD23BFF1A}" = CCC Help Swedish "{45E2473A-E45E-77AE-5049-8F55DF241E1C}" = CCC Help Czech "{4EA0E562-0E5B-DA6C-BC7B-37727786037B}" = CCC Help Dutch "{59FBD7A0-A5C8-22DC-A0FF-23236A5B0E1F}" = CCC Help Japanese "{5D6E0656-C386-C2D2-3A8A-B2E0B74E8749}" = CCC Help Italian "{60DDF5DB-1D28-4C93-BD23-BAF440D0BB67}" = PDF Download for Internet Explorer "{6C3A8DA3-483D-4E38-B208-FB3A3D7E1340}" = ESET NOD32 Antivirus "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.7.3.190b "{770CE596-F3A5-D2F4-630A-6F4C0FBDACC2}" = CCC Help Chinese Traditional "{7A0A5F8C-0526-F9EA-DA9C-ED2D41D5901E}" = CCC Help Hungarian "{7A1EAF98-AF57-2766-0B12-8105A3514B06}" = Catalyst Control Center Core Implementation "{7C29753D-CC92-17A7-EAA4-75529E5DBFBF}" = CCC Help Norwegian "{7EC3589A-E496-ABC4-1E48-5EB0502D95DE}" = ccc-core-preinstall "{9011040E-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{999966B1-86A7-8A36-2242-8E0EAFC57C8B}" = Catalyst Control Center Graphics Full Existing "{A8B2F6F7-F6D3-24D6-1A55-050152EA8D29}" = CCC Help Turkish "{A961C6FD-C583-45F6-A0A4-5E4376C29E41}" = Catalyst Control Center - Branding "{ABD242CD-998F-4145-DF05-AFEB9FBD5CCD}" = Catalyst Control Center Graphics Light "{AD1EE65D-00BC-94F4-327F-91204818FC51}" = CCC Help German "{B426AB74-536F-2AC2-5447-42D9F9374674}" = ccc-utility "{B8B63367-FCA7-C7A1-CB00-A1449CD80D0F}" = CCC Help French "{C1BADED6-3D01-F0FF-D671-8D75D3FE2FD7}" = Catalyst Control Center Localization All "{C230687B-745A-34FB-C501-543686AFD42B}" = CCC Help Greek "{CBFEF652-FFC7-21AF-4984-50BA980DA73E}" = CCC Help Spanish "{CD780B1C-23B1-1BA8-6F9B-CDCCFB88AFF9}" = Catalyst Control Center Graphics Full New "{D0517921-0CC8-5EBE-4F44-F3AD4DA41CF6}" = CCC Help Danish "{D81CEF26-01DA-4D23-4616-BC5A0E08DE05}" = CCC Help English "{D8A21278-116D-DA21-1556-74EDAD5C48B2}" = Skins "{D8EB271A-5063-2939-8411-B11404A7FB00}" = CCC Help Chinese Standard "{EA7D8FBB-74EA-97D4-AF61-E8BEFC27E3A8}" = CCC Help Polish "{F79480EA-CD65-50BF-951F-95A39399857C}" = CCC Help Thai "{F7F275A8-3B77-5723-DCBD-D4D1785D0CF7}" = CCC Help Portuguese "{FE5CECF3-A8A6-4A31-A1EB-8C20409D5281}" = Microsoft .NET Framework 2.0 Language Pack - HUN "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}" = User Profile Hive Cleanup Service "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Agnitum Outpost Firewall Pro_is1" = Outpost Firewall Pro "All ATI Software" = ATI - Szoftver eltávolító "Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010 "Ashampoo WinOptimizer 2010 Advanced_is1" = Ashampoo WinOptimizer 2010 Advanced "ATI Display Driver" = ATI Display Driver "CANONBJ_Deinstall_CNMCP75.DLL" = Canon iP1600 "Foxit Reader" = Foxit Reader "HijackThis" = HijackThis 2.0.2 "ie8" = Windows Internet Explorer 8 "Memory Improve Master_is1" = Memory Improve Master v6.1.2.185 "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "Microsoft .NET Framework 2.0 Language Pack - HUN" = Microsoft .NET Framework 2.0 Language Pack - HUN "Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7) "Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "PowerISO" = PowerISO "Registry Repair Wizard_is1" = Registry Repair Wizard "RocketDock_is1" = RocketDock 1.3.5 "Smart Defrag_is1" = Smart Defrag "Total Commander 2008 Final Edition by K-ED" = Total Commander 2008 Final Edition by K-ED "Translate Client" = Client for Google Translate "Unlocker" = Unlocker 1.8.8 "VLC media player" = VLC media player 0.9.8a "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinRAR archiver" = WinRAR archiver "WinSnap" = WinSnap "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "YU2010_is1" = Your Uninstaller! 2010 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-796845957-1659004503-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "uTorrent" = µTorrent ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2010.01.28. 3:32:07 \| Computer Name = HOME-D7F1F7A88F \| Source = PerfNet \| ID = 2004 Description = Nem lehet megnyitni a kiszolgáló szolgáltatást. A kiszolgáló teljesítményadatai nem lesznek visszaadva. A visszaadott hibakód a duplaszó 0 adatban van. Error - 2010.01.28. 13:23:06 \| Computer Name = HOME-D7F1F7A88F \| Source = PerfNet \| ID = 2004 Description = Nem lehet megnyitni a kiszolgáló szolgáltatást. A kiszolgáló teljesítményadatai nem lesznek visszaadva. A visszaadott hibakód a duplaszó 0 adatban van. Error - 2010.01.28. 14:29:43 \| Computer Name = HOME-D7F1F7A88F \| Source = PerfNet \| ID = 2004 Description = Nem lehet megnyitni a kiszolgáló szolgáltatást. A kiszolgáló teljesítményadatai nem lesznek visszaadva. A visszaadott hibakód a duplaszó 0 adatban van. Error - 2010.01.28. 15:12:46 \| Computer Name = HOME-D7F1F7A88F \| Source = Application Error \| ID = 1000 Description = Hibás alkalmazás: modi.exe, verzió: 0.0.0.0, hibás modul: kernel32.dll, verzió: 5.1.2600.5781, memóriacím: 0x00012afb. Error - 2010.01.29. 2:23:46 \| Computer Name = HOME-D7F1F7A88F \| Source = PerfNet \| ID = 2004 Description = Nem lehet megnyitni a kiszolgáló szolgáltatást. A kiszolgáló teljesítményadatai nem lesznek visszaadva. A visszaadott hibakód a duplaszó 0 adatban van. Error - 2010.01.29. 2:40:23 \| Computer Name = HOME-D7F1F7A88F \| Source = PerfNet \| ID = 2004 Description = Nem lehet megnyitni a kiszolgáló szolgáltatást. A kiszolgáló teljesítményadatai nem lesznek visszaadva. A visszaadott hibakód a duplaszó 0 adatban van. Error - 2010.01.29. 16:27:23 \| Computer Name = HOME-D7F1F7A88F \| Source = PerfNet \| ID = 2004 Description = Nem lehet megnyitni a kiszolgáló szolgáltatást. A kiszolgáló teljesítményadatai nem lesznek visszaadva. A visszaadott hibakód a duplaszó 0 adatban van. Error - 2010.01.30. 1:52:54 \| Computer Name = HOME-D7F1F7A88F \| Source = PerfNet \| ID = 2004 Description = Nem lehet megnyitni a kiszolgáló szolgáltatást. A kiszolgáló teljesítményadatai nem lesznek visszaadva. A visszaadott hibakód a duplaszó 0 adatban van. Error - 2010.01.31. 1:16:42 \| Computer Name = HOME-D7F1F7A88F \| Source = PerfNet \| ID = 2004 Description = Nem lehet megnyitni a kiszolgáló szolgáltatást. A kiszolgáló teljesítményadatai nem lesznek visszaadva. A visszaadott hibakód a duplaszó 0 adatban van. Error - 2010.01.31. 2:39:59 \| Computer Name = HOME-D7F1F7A88F \| Source = PerfNet \| ID = 2004 Description = Nem lehet megnyitni a kiszolgáló szolgáltatást. A kiszolgáló teljesítményadatai nem lesznek visszaadva. A visszaadott hibakód a duplaszó 0 adatban van. [ System Events ] Error - 2010.01.28. 14:30:59 \| Computer Name = HOME-D7F1F7A88F \| Source = SideBySide \| ID = 16842810 Description = Szintaktikai hiba a(z) "C:\Program Files\ESET\ESET NOD32 Antivirus\Microsoft.VC80.MFCLOC.MANIFEST" jegyzék- vagy házirendfájl 5. sorában. Error - 2010.01.28. 14:30:59 \| Computer Name = HOME-D7F1F7A88F \| Source = SideBySide \| ID = 16842811 Description = Generate Activation Context - sikertelen a következőn: C:\Program Files\ESET\ESET NOD32 Antivirus\MFC80U.DLL. Referencia-hibaüzenet: A művelet sikeresen befejeződött. . Error - 2010.01.28. 14:30:59 \| Computer Name = HOME-D7F1F7A88F \| Source = SideBySide \| ID = 16842786 Description = A jegyzékfájlban talált komponensidentitás nem felel meg a kért komponens identitásának Error - 2010.01.28. 14:30:59 \| Computer Name = HOME-D7F1F7A88F \| Source = SideBySide \| ID = 16842810 Description = Szintaktikai hiba a(z) "C:\Program Files\ESET\ESET NOD32 Antivirus\Microsoft.VC80.MFCLOC.MANIFEST" jegyzék- vagy házirendfájl 5. sorában. Error - 2010.01.28. 14:30:59 \| Computer Name = HOME-D7F1F7A88F \| Source = SideBySide \| ID = 16842811 Description = Generate Activation Context - sikertelen a következőn: C:\Program Files\ESET\ESET NOD32 Antivirus\MFC80U.DLL. Referencia-hibaüzenet: A művelet sikeresen befejeződött. . Error - 2010.01.28. 14:30:59 \| Computer Name = HOME-D7F1F7A88F \| Source = SideBySide \| ID = 16842786 Description = A jegyzékfájlban talált komponensidentitás nem felel meg a kért komponens identitásának Error - 2010.01.28. 14:30:59 \| Computer Name = HOME-D7F1F7A88F \| Source = SideBySide \| ID = 16842810 Description = Szintaktikai hiba a(z) "C:\Program Files\ESET\ESET NOD32 Antivirus\Microsoft.VC80.MFCLOC.MANIFEST" jegyzék- vagy házirendfájl 5. sorában. Error - 2010.01.28. 14:30:59 \| Computer Name = HOME-D7F1F7A88F \| Source = SideBySide \| ID = 16842811 Description = Generate Activation Context - sikertelen a következőn: C:\Program Files\ESET\ESET NOD32 Antivirus\MFC80U.DLL. Referencia-hibaüzenet: A művelet sikeresen befejeződött. . Error - 2010.01.29. 2:23:40 \| Computer Name = HOME-D7F1F7A88F \| Source = SideBySide \| ID = 16842786 Description = A jegyzékfájlban talált komponensidentitás nem felel meg a kért komponens identitásának Error - 2010.01.29. 2:23:40 \| Computer Name = HOME-D7F1F7A88F \| Source = SideBySide \| ID = 16842810 Description = Szintaktikai hiba a(z) "C:\Program Files\ESET\ESET NOD32 Antivirus\Microsoft.VC80.MFCLOC.MANIFEST" jegyzék- vagy házirendfájl 5. sorában. < End of report >
vas. jan. 31, 2010 10:35

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	tolds le az OTListIt2>> OTL - futattod -bepipazni -Scan all users. -Lop check. -Purity check. -v sekciiExtra Registry>bepipazni>Use SafeList -az ablakba Custom Scans/Fixes>ted a zold textet es klik Run Scan -scan [10-15 percig tart]>.ted ide -OTL.txt (az asztalon lesz). -Extras.txt [a talcan lesz] Kód: netsvcs %SYSTEMDRIVE%\.exe %SYSTEMDRIVE%\eventlog.dll /s /md5 %SYSTEMDRIVE%\scecli.dll /s /md5 %SYSTEMDRIVE%\netlogon.dll /s /md5 %SYSTEMDRIVE%\cngaudit.dll /s /md5 %SYSTEMDRIVE%\sceclt.dll /s /md5 %SYSTEMDRIVE%\ntelogon.dll /s /md5 %SYSTEMDRIVE%\logevent.dll /s /md5 %SYSTEMDRIVE%\iaStor.sys /s /md5 %SYSTEMDRIVE%\nvstor.sys /s /md5 %SYSTEMDRIVE%\atapi.sys /s /md5 %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 %SYSTEMDRIVE%\viasraid.sys /s /md5 %SYSTEMDRIVE%\AGP440.sys /s /md5 %SYSTEMDRIVE%\vaxscsi.sys /s /md5 %SYSTEMDRIVE%\nvatabus.sys /s /md5 %SYSTEMDRIVE%\viamraid.sys /s /md5 %SYSTEMDRIVE%\nvata.sys /s /md5 %SYSTEMDRIVE%\perfnet.dll /s /md5 %SYSTEMROOT%\. /mp /s CREATERESTOREPOINT %SYSTEMROOT%\system32\.dll /lockedfiles %SYSTEMROOT%\Tasks\.job /lockedfiles
vas. jan. 31, 2010 9:16

Sanyi46 arany tag Csatlakozott: csüt. aug. 21, 2008 19:07 Hozzászólások: 326	Szia stell! Megnéznéd a "C:\WINDOWS\system32\shdocvw.dll" zavar Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:20:02, on 2010.01.31. Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Memory Improve Master\MemoryImproveMaster.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\SmartPCTools\Registry Repair Wizard\RCHelper.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Translate Client\translateclient.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\UPHClean\uphclean.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [OutpostMonitor] "C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe" /tray /noservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:os_startup O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Memory Improve Master] C:\Program Files\Memory Improve Master\MemoryImproveMaster.exe /autorun O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [Registry Repair Wizard Scheduler] "C:\Program Files\SmartPCTools\Registry Repair Wizard\RCHelper.exe" /startup O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HELYI SZOLGÁLTATÁS') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HÁLÓZATI SZOLGÁLTATÁS') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Translate Client.lnk = C:\Program Files\Translate Client\translateclient.exe O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Save Page As PDF ... - file://C:\Program Files\Nitro PDF\PDF Download\nitroweb.htm O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {96538116-AB8C-4879-9F21-BD2BFE22A414} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Enable/Disable PDF Download for this site - {96538116-AB8C-4879-9F21-BD2BFE22A414} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {AD9E6088-E00B-42f9-9F0C-8480525D234E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: PDF Download - Options - {AD9E6088-E00B-42f9-9F0C-8480525D234E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: PDF Download - {F1C0FD6C-A6A0-49a7-A932-71A56461867F} - C:\WINDOWS\system32\shdocvw.dll (HKCU) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4343506578 O17 - HKLM\System\CCS\Services\Tcpip\..\{67C3265F-B814-4D9C-8A7F-176C19D84066}: NameServer = 84.2.46.1 84.2.44.1 O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- End of file - 5589 bytes Pár napja az internet kapcsolat, megszakad, majd újra indul,vagy nem. /ADSL/ A másik problémám:perfnet, Eseménynapló:minden rendszerindításnál hibát jelez: "Nem lehet megnyítni a kiszolgáló szolgáltatást. A C:\WINDOWS\system32\dllcache\perfnet.dll és a C:\WINDOWS\system32\perfnet.dll fájlok megvannak és NOD a WINDOWS mappában nem talált fertőzést. Köszönöm
vas. jan. 31, 2010 8:59

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	ok,Dorci olvasd el a privat uzenetet,
hétf. jan. 04, 2010 12:29

dorci ezüst tag Csatlakozott: hétf. ápr. 07, 2008 17:53 Hozzászólások: 43	Logfile of The Avenger Version 2.0, (c) by Swandog46 http://swandog46.geekstogo.com Platform: Windows XP ***************** Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger *************** Beginning to process script file: Rootkit scan active. No rootkits found! Driver "vuygrnx" deleted successfully. File "C:\WINDOWS\system32\drivers\vuygrnx.sys" deleted successfully. Completed script processing. ***************** Finished! Terminate.
hétf. jan. 04, 2010 11:53

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	ok,
vas. jan. 03, 2010 21:10

dorci ezüst tag Csatlakozott: hétf. ápr. 07, 2008 17:53 Hozzászólások: 43	rendben van. holnap folytathatnánk?? holnap kelnem kell.
vas. jan. 03, 2010 20:58

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	torold ki, tolds le az AVANGER programot a Futasd http://swandog46.geekstogo.com/avenger.exe beleegyezes,az alakba masold be a kek textet es klik execute,yes,yes Drivers to delete: vuygrnx files to delete: C:\WINDOWS\system32\drivers\vuygrnx.sys a logot a restart utan ted ide,
vas. jan. 03, 2010 20:57

dorci ezüst tag Csatlakozott: hétf. ápr. 07, 2008 17:53 Hozzászólások: 43	Malwarebytes' Anti-Malware 1.43 Adatbázis verzió: 3487 Windows 5.1.2600 Szervizcsomag 3 Internet Explorer 8.0.6001.18702 2010-01-03 20:28:00 mbam-log-2010-01-03 (20-27-55).txt Vizsgálat típusa: Teljes vizsgálat (C:\\|G:\\|) Átvizsgált objektumok: 222891 Eltelt idő: 1 hour(s), 7 minute(s), 8 second(s) Fertőzött memóriafolyamatok: 0 Fertőzött memória modulok: 0 Fertőzött rendszerleíró kulcsok: 0 Fertőzött rendszerleíró értékek: 0 Fertőzött rednszerleíró elemek: 0 Fertőzött mappák: 0 Fertőzött fájlok: 1 Fertőzött memóriafolyamatok: (Nem észleltem rosszindulatú elemeket) Fertőzött memória modulok: (Nem észleltem rosszindulatú elemeket) Fertőzött rendszerleíró kulcsok: (Nem észleltem rosszindulatú elemeket) Fertőzött rendszerleíró értékek: (Nem észleltem rosszindulatú elemeket) Fertőzött rednszerleíró elemek: (Nem észleltem rosszindulatú elemeket) Fertőzött mappák: (Nem észleltem rosszindulatú elemeket) Fertőzött fájlok: C:\WINDOWS\system32\drivers\vuygrnx.sys (Rootkit.Agent) -> No action taken.
vas. jan. 03, 2010 20:33

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	mindet torold,Restart>es uj skan a malwarebytes programal,
vas. jan. 03, 2010 19:12

dorci ezüst tag Csatlakozott: hétf. ápr. 07, 2008 17:53 Hozzászólások: 43	Malwarebytes' Anti-Malware 1.43 Adatbázis verzió: 3487 Windows 5.1.2600 Szervizcsomag 3 Internet Explorer 8.0.6001.18702 2010-01-03 19:06:01 mbam-log-2010-01-03 (19-05-52).txt Vizsgálat típusa: Teljes vizsgálat (C:\\|G:\\|) Átvizsgált objektumok: 222859 Eltelt idő: 1 hour(s), 1 minute(s), 9 second(s) Fertőzött memóriafolyamatok: 1 Fertőzött memória modulok: 0 Fertőzött rendszerleíró kulcsok: 21 Fertőzött rendszerleíró értékek: 2 Fertőzött rednszerleíró elemek: 0 Fertőzött mappák: 0 Fertőzött fájlok: 7 Fertőzött memóriafolyamatok: C:\WINDOWS\temp\~TM10.tmp (Spyware.Passwords) -> No action taken. Fertőzött memória modulok: (Nem észleltem rosszindulatú elemeket) Fertőzött rendszerleíró kulcsok: HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\Interface\{38a7c9da-8db7-4d0f-a7b1-c4b1a305bddb} (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\Interface\{8d292ec0-6792-4a38-82ed-73a087e41ba6} (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\Typelib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\Typelib\{98635087-3f5d-418f-990c-b1efe0797a3b} (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> No action taken. Fertőzött rendszerleíró értékek: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> No action taken. Fertőzött rednszerleíró elemek: (Nem észleltem rosszindulatú elemeket) Fertőzött mappák: (Nem észleltem rosszindulatú elemeket) Fertőzött fájlok: C:\WINDOWS\temp\~TM10.tmp (Spyware.Passwords) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\clykl.sys.vir (Rootkit.Agent) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\fvrqjziv.sys.vir (Rootkit.Agent) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\temp\~TM11.tmp.vir (Spyware.Passwords) -> No action taken. C:\System Volume Information\_restore{28E9675A-D42E-4C40-BE30-1C448B741AE3}\RP1\A0000035.sys (Rootkit.Agent) -> No action taken. C:\WINDOWS\system32\drivers\vuygrnx.sys (Rootkit.Agent) -> No action taken. C:\Documents and Settings\Rendszergazda\Start Menu\Programs\Indítópult\siszyd32.exe (Trojan.Agent) -> No action taken.
vas. jan. 03, 2010 19:10

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	no semmi minden virus visza jot,Futatod >frisited>a Malwarebytes programot,Teljes skant,,nem torolsz semmit varsz es a logot ted ide http://download.bleepingcomputer.com/ma ... -setup.exe
vas. jan. 03, 2010 18:00

dorci ezüst tag Csatlakozott: hétf. ápr. 07, 2008 17:53 Hozzászólások: 43	ComboFix 10-01-02.05 - Rendszergazda 2010-01-03 17:14:59.17.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.1.1038.18.511.208 [GMT 1:00] Running from: c:\documents and settings\Rendszergazda\Dokumentumok\Letöltések\ComboFix.exe Command switches used :: c:\documents and settings\Rendszergazda\Asztal\CFScript.txt AV: ESET NOD32 Antivirus System 2.70 On-access scanning enabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: COMODO Firewall Pro disabled {043803A3-4F86-4ef6-AFC5-F6E02A79969B} * Resident AV is active FILE :: "c:\documents and settings\NetworkService\Application Data\fvgqad.dat" "c:\windows\system32\drivers\fvrqjziv.sys" "c:\windows\system32\fjhdyfhsn.bat" "c:\windows\TEMP\~TM3F.tmp" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\NetworkService\Application Data\fvgqad.dat c:\windows\system32\drivers\fvrqjziv.sys c:\windows\system32\fjhdyfhsn.bat c:\windows\TEMP\~TM11.tmp c:\windows\TEMP\~TM12.tmp c:\windows\TEMP\~TM13.tmp c:\windows\TEMP\~TM3F.tmp . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_FVRQJZIV -------\Service_fvrqjziv ((((((((((((((((((((((((( Files Created from 2009-12-03 to 2010-01-03 ))))))))))))))))))))))))))))))) . 2010-01-02 19:08 . 2010-01-02 19:08 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-01-02 16:25 . 2010-01-02 16:26 -------- d-----w- c:\program files\trend micro 2010-01-02 16:25 . 2010-01-02 16:26 -------- d-----w- C:\rsit . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-03 16:44 . 2010-01-03 16:42 763904 ----a-w- c:\windows\system32\drivers\vuygrnx.sys 2010-01-03 16:40 . 2007-01-11 17:01 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\OpenOffice.org2 2009-12-24 08:56 . 2009-03-18 20:58 -------- d-----w- c:\program files\uTorrent 2009-12-23 12:37 . 2007-09-23 13:03 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\uTorrent 2009-12-10 06:30 . 2001-10-26 12:00 459076 ----a-w- c:\windows\system32\perfh00E.dat 2009-12-10 06:30 . 2001-10-26 12:00 104274 ----a-w- c:\windows\system32\perfc00E.dat 2009-11-17 14:06 . 2009-11-17 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA 2009-11-10 15:00 . 2007-10-04 17:01 -------- d-----w- c:\program files\Windows Live 2009-11-10 14:52 . 2009-11-10 14:52 -------- d-----w- c:\program files\Microsoft 2009-10-29 07:44 . 2004-08-17 14:47 916480 ------w- c:\windows\system32\wininet.dll 2009-10-21 05:40 . 2004-08-17 14:47 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40 . 2004-08-17 14:46 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-03 21:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:38 . 2004-08-17 14:47 271360 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:40 . 2004-08-17 14:47 150016 ----a-w- c:\windows\system32\rastls.dll 2009-10-12 13:40 . 2004-08-17 14:47 79872 ----a-w- c:\windows\system32\raschap.dll 2007-01-29 16:03 . 2007-01-29 16:03 244 ----a-w- c:\program files\SETUP.LOG 2005-11-16 19:52 . 2006-11-20 18:27 3991 ----a-w- c:\program files\deviance.nfo 2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-11-24 94208] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-28 68856] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480] "nwiz"="nwiz.exe" [2006-10-22 1622016] "EPSON Stylus DX3800 Series (1. másolat)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE" [2007-12-28 98304] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-01-19 949376] "COMODO Firewall Pro"="c:\program files\Comodo\Firewall\CPF.exe" [2008-01-19 1115728] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016] "sysgif32"="c:\windows\TEMP\~TM10.tmp" [2010-01-03 32768] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\user\Start Menu\Programs\Indˇt˘pult\ Windows Live Messenger .lnk - c:\program files\Windows Live\Messenger\msnmsgr.exe [2009-7-26 3883840] c:\documents and settings\Rendszergazda\Start Menu\Programs\Indˇt˘pult\ OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-6-29 393216] siszyd32.exe [2008-4-14 28672] Windows Live Messenger .lnk - c:\program files\Windows Live\Messenger\msnmsgr.exe [2009-7-26 3883840] c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\ Parancsikon - nod32kui .exe.lnk - c:\program files\ESET\nod32kui.exe [2007-12-28 949376] Windows asztali keres‹.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv] 2007-09-23 09:10 143360 ----a-w- c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\wbsys.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Indítópult^Adobe Reader gyorsindító.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Indítópult\Adobe Reader gyorsindító.lnk backup=c:\windows\pss\Adobe Reader gyorsindító.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series] 2007-12-28 14:52 98304 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIACE.EXE [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\LimeWire\\LimeWire.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\WINDOWS\\temp\\~TM10.tmp"= R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [2005-12-06 35328] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-12-28 15424] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-03-14 54752] S3 fsssvc;Windows Live Családbiztonság szolgáltatás;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-01-02 691696] --- Other Services/Drivers In Memory --- NewlyCreated - VUYGRNX Deregistered - vuygrnx . . ------- Supplementary Scan ------- . uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redi ... searchfor={searchTerms} uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = .local IE: &Letöltés a FlashGet-tel - c:\program files\FlashGet\jc_link.htm IE: &Minden letöltése a FlashGet-tel - c:\program files\FlashGet\jc_all.htm IE: Download all links using BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: Download all videos using BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: Download link using &BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: Download with Go!Zilla - file://c:\program files\Go!Zilla\download-with-gozilla.html IE: E&xportálás Microsoft Excel formátumba - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll Trusted Zone: bm3music.com\www FF - ProfilePath - c:\documents and settings\Rendszergazda\Application Data\Mozilla\Firefox\Profiles\9k5u3rfd.default\ FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-03 17:40 Windows 5.1.2600 Szervizcsomag 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vuygrnx] . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1078081533-764733703-854245398-500\Software\Microsoft\SystemCertificates\AddressBook] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(644) c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - - - - - - - > 'lsass.exe'(700) c:\windows\system32\imon.dll c:\program files\Eset\pr_imon.dll - - - - - - - > 'explorer.exe'(3596) c:\windows\system32\WININET.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Comodo\Firewall\cmdagent.exe c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\program files\Eset\nod32krn.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\SearchIndexer.exe c:\windows\system32\wscntfy.exe c:\windows\system32\RUNDLL32.EXE c:\program files\OpenOffice.org 2.0\program\soffice.exe c:\program files\OpenOffice.org 2.0\program\soffice.BIN c:\windows\system32\SearchProtocolHost.exe c:\windows\system32\SearchFilterHost.exe . ************************************************************************* . Completion time: 2010-01-03 17:48:56 - machine was rebooted ComboFix-quarantined-files.txt 2010-01-03 16:48 ComboFix2.txt 2010-01-03 14:48 ComboFix3.txt 2010-01-03 13:34 ComboFix4.txt 2010-01-02 19:43 ComboFix5.txt 2010-01-03 16:04 Pre-Run: 9,398,345,728 bájt szabad Post-Run: 9,350,258,688 bájt szabad - - End Of File - - 44EEB38A7FA8050406247E31D7DB2586
vas. jan. 03, 2010 17:54

dorci ezüst tag Csatlakozott: hétf. ápr. 07, 2008 17:53 Hozzászólások: 43	ComboFix 10-01-02.05 - Rendszergazda 2010-01-03 17:14:59.17.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.1.1038.18.511.208 [GMT 1:00] Running from: c:\documents and settings\Rendszergazda\Dokumentumok\Letöltések\ComboFix.exe Command switches used :: c:\documents and settings\Rendszergazda\Asztal\CFScript.txt AV: ESET NOD32 Antivirus System 2.70 On-access scanning enabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: COMODO Firewall Pro disabled {043803A3-4F86-4ef6-AFC5-F6E02A79969B} * Resident AV is active FILE :: "c:\documents and settings\NetworkService\Application Data\fvgqad.dat" "c:\windows\system32\drivers\fvrqjziv.sys" "c:\windows\system32\fjhdyfhsn.bat" "c:\windows\TEMP\~TM3F.tmp" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\NetworkService\Application Data\fvgqad.dat c:\windows\system32\drivers\fvrqjziv.sys c:\windows\system32\fjhdyfhsn.bat c:\windows\TEMP\~TM11.tmp c:\windows\TEMP\~TM12.tmp c:\windows\TEMP\~TM13.tmp c:\windows\TEMP\~TM3F.tmp . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_FVRQJZIV -------\Service_fvrqjziv ((((((((((((((((((((((((( Files Created from 2009-12-03 to 2010-01-03 ))))))))))))))))))))))))))))))) . 2010-01-02 19:08 . 2010-01-02 19:08 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-01-02 16:25 . 2010-01-02 16:26 -------- d-----w- c:\program files\trend micro 2010-01-02 16:25 . 2010-01-02 16:26 -------- d-----w- C:\rsit . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-03 16:44 . 2010-01-03 16:42 763904 ----a-w- c:\windows\system32\drivers\vuygrnx.sys 2010-01-03 16:40 . 2007-01-11 17:01 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\OpenOffice.org2 2009-12-24 08:56 . 2009-03-18 20:58 -------- d-----w- c:\program files\uTorrent 2009-12-23 12:37 . 2007-09-23 13:03 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\uTorrent 2009-12-10 06:30 . 2001-10-26 12:00 459076 ----a-w- c:\windows\system32\perfh00E.dat 2009-12-10 06:30 . 2001-10-26 12:00 104274 ----a-w- c:\windows\system32\perfc00E.dat 2009-11-17 14:06 . 2009-11-17 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA 2009-11-10 15:00 . 2007-10-04 17:01 -------- d-----w- c:\program files\Windows Live 2009-11-10 14:52 . 2009-11-10 14:52 -------- d-----w- c:\program files\Microsoft 2009-10-29 07:44 . 2004-08-17 14:47 916480 ------w- c:\windows\system32\wininet.dll 2009-10-21 05:40 . 2004-08-17 14:47 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40 . 2004-08-17 14:46 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-03 21:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:38 . 2004-08-17 14:47 271360 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:40 . 2004-08-17 14:47 150016 ----a-w- c:\windows\system32\rastls.dll 2009-10-12 13:40 . 2004-08-17 14:47 79872 ----a-w- c:\windows\system32\raschap.dll 2007-01-29 16:03 . 2007-01-29 16:03 244 ----a-w- c:\program files\SETUP.LOG 2005-11-16 19:52 . 2006-11-20 18:27 3991 ----a-w- c:\program files\deviance.nfo 2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-11-24 94208] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-28 68856] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480] "nwiz"="nwiz.exe" [2006-10-22 1622016] "EPSON Stylus DX3800 Series (1. másolat)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE" [2007-12-28 98304] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-01-19 949376] "COMODO Firewall Pro"="c:\program files\Comodo\Firewall\CPF.exe" [2008-01-19 1115728] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016] "sysgif32"="c:\windows\TEMP\~TM10.tmp" [2010-01-03 32768] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\user\Start Menu\Programs\Indˇt˘pult\ Windows Live Messenger .lnk - c:\program files\Windows Live\Messenger\msnmsgr.exe [2009-7-26 3883840] c:\documents and settings\Rendszergazda\Start Menu\Programs\Indˇt˘pult\ OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-6-29 393216] siszyd32.exe [2008-4-14 28672] Windows Live Messenger .lnk - c:\program files\Windows Live\Messenger\msnmsgr.exe [2009-7-26 3883840] c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\ Parancsikon - nod32kui .exe.lnk - c:\program files\ESET\nod32kui.exe [2007-12-28 949376] Windows asztali keres‹.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv] 2007-09-23 09:10 143360 ----a-w- c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\wbsys.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Indítópult^Adobe Reader gyorsindító.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Indítópult\Adobe Reader gyorsindító.lnk backup=c:\windows\pss\Adobe Reader gyorsindító.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series] 2007-12-28 14:52 98304 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIACE.EXE [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\LimeWire\\LimeWire.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\WINDOWS\\temp\\~TM10.tmp"= R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [2005-12-06 35328] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-12-28 15424] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-03-14 54752] S3 fsssvc;Windows Live Családbiztonság szolgáltatás;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-01-02 691696] --- Other Services/Drivers In Memory --- NewlyCreated - VUYGRNX Deregistered - vuygrnx . . ------- Supplementary Scan ------- . uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redi ... searchfor={searchTerms} uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = .local IE: &Letöltés a FlashGet-tel - c:\program files\FlashGet\jc_link.htm IE: &Minden letöltése a FlashGet-tel - c:\program files\FlashGet\jc_all.htm IE: Download all links using BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: Download all videos using BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: Download link using &BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: Download with Go!Zilla - file://c:\program files\Go!Zilla\download-with-gozilla.html IE: E&xportálás Microsoft Excel formátumba - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll Trusted Zone: bm3music.com\www FF - ProfilePath - c:\documents and settings\Rendszergazda\Application Data\Mozilla\Firefox\Profiles\9k5u3rfd.default\ FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-03 17:40 Windows 5.1.2600 Szervizcsomag 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vuygrnx] . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1078081533-764733703-854245398-500\Software\Microsoft\SystemCertificates\AddressBook] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(644) c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - - - - - - - > 'lsass.exe'(700) c:\windows\system32\imon.dll c:\program files\Eset\pr_imon.dll - - - - - - - > 'explorer.exe'(3596) c:\windows\system32\WININET.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Comodo\Firewall\cmdagent.exe c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\program files\Eset\nod32krn.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\SearchIndexer.exe c:\windows\system32\wscntfy.exe c:\windows\system32\RUNDLL32.EXE c:\program files\OpenOffice.org 2.0\program\soffice.exe c:\program files\OpenOffice.org 2.0\program\soffice.BIN c:\windows\system32\SearchProtocolHost.exe c:\windows\system32\SearchFilterHost.exe . ************************************************************************* . Completion time: 2010-01-03 17:48:56 - machine was rebooted ComboFix-quarantined-files.txt 2010-01-03 16:48 ComboFix2.txt 2010-01-03 14:48 ComboFix3.txt 2010-01-03 13:34 ComboFix4.txt 2010-01-02 19:43 ComboFix5.txt 2010-01-03 16:04 Pre-Run: 9,398,345,728 bájt szabad Post-Run: 9,350,258,688 bájt szabad - - End Of File - - 44EEB38A7FA8050406247E31D7DB2586
vas. jan. 03, 2010 17:54

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	udv szergej,csak most csinalom es latod nincsen idom anyia virusos gep,,de lassan majd az is lesz
vas. jan. 03, 2010 16:45

rozumnij sergej nyikolaje platina tag Csatlakozott: szomb. feb. 03, 2007 11:36 Hozzászólások: 528	Meg az is lehet hogy az eset nem enged dolgozni mert be van kapcsolva Üdv! mikor lesz mar helye hozza szólásoknak az oldaladon,?
vas. jan. 03, 2010 16:37

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	dorci ez meg roszab mint volt valami gyartja a virusokat pontosan csinald amit irok 1:klikelj a WWW oldalamra>tipek,trukok>es kapcsold ki a rendszer viszaalitasi pontot a gepen 2:letoltod http://jpshortstuff.247fixes.com/beta/Defogger.exe futatod>klik Disabled>restart csokentet modba es csinalsz uj CFScriptet a combofixel Kód: KILLALL:: File:: c:\windows\system32\drivers\fvrqjziv.sys c:\windows\system32\fjhdyfhsn.bat c:\documents and settings\NetworkService\Application Data\fvgqad.dat c:\windows\TEMP\~TM3F.tmp Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "sysgif32"=- Driver:: FVRQJZIV Rootkit:: c:\windows\system32\fjhdyfhsn.bat Registry:: [-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\fvrqjziv] DDS:: uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com
vas. jan. 03, 2010 16:26

dorci ezüst tag Csatlakozott: hétf. ápr. 07, 2008 17:53 Hozzászólások: 43	ComboFix 10-01-02.05 - Rendszergazda 2010-01-03 15:08:30.16.1 - x86 Running from: c:\documents and settings\Rendszergazda\Dokumentumok\Letöltések\ComboFix.exe Command switches used :: c:\documents and settings\Rendszergazda\Asztal\CFScript.txt AV: ESET NOD32 Antivirus System 2.70 On-access scanning enabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: COMODO Firewall Pro disabled {043803A3-4F86-4ef6-AFC5-F6E02A79969B} * Resident AV is active FILE :: "c:\documents and settings\NetworkService\Application Data\fvgqad.dat" "c:\windows\system32\drivers\clykl.sys" "c:\windows\system32\fjhdyfhsn.bat" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\NetworkService\Application Data\fvgqad.dat c:\windows\system32\drivers\clykl.sys c:\windows\system32\fjhdyfhsn.bat c:\windows\TEMP\~TM1E6.tmp c:\windows\TEMP\~TM1E7.tmp c:\windows\TEMP\~TM1E8.tmp . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_CLYKL -------\Service_clykl ((((((((((((((((((((((((( Files Created from 2009-12-03 to 2010-01-03 ))))))))))))))))))))))))))))))) . 2010-01-02 19:08 . 2010-01-02 19:08 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-01-02 16:25 . 2010-01-02 16:26 -------- d-----w- c:\program files\trend micro 2010-01-02 16:25 . 2010-01-02 16:26 -------- d-----w- C:\rsit . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-03 14:38 . 2010-01-03 14:37 763904 ----a-w- c:\windows\system32\drivers\fvrqjziv.sys 2010-01-03 14:37 . 2010-01-03 14:37 116 ----a-w- c:\windows\system32\fjhdyfhsn.bat 2010-01-03 14:36 . 2010-01-03 14:36 16 ----a-w- c:\documents and settings\NetworkService\Application Data\fvgqad.dat 2010-01-03 14:36 . 2007-01-11 17:01 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\OpenOffice.org2 2009-12-24 08:56 . 2009-03-18 20:58 -------- d-----w- c:\program files\uTorrent 2009-12-23 12:37 . 2007-09-23 13:03 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\uTorrent 2009-12-10 06:30 . 2001-10-26 12:00 459076 ----a-w- c:\windows\system32\perfh00E.dat 2009-12-10 06:30 . 2001-10-26 12:00 104274 ----a-w- c:\windows\system32\perfc00E.dat 2009-11-17 14:06 . 2009-11-17 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA 2009-11-10 15:00 . 2007-10-04 17:01 -------- d-----w- c:\program files\Windows Live 2009-11-10 14:52 . 2009-11-10 14:52 -------- d-----w- c:\program files\Microsoft 2009-10-29 07:44 . 2004-08-17 14:47 916480 ------w- c:\windows\system32\wininet.dll 2009-10-21 05:40 . 2004-08-17 14:47 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40 . 2004-08-17 14:46 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-03 21:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:38 . 2004-08-17 14:47 271360 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:40 . 2004-08-17 14:47 150016 ----a-w- c:\windows\system32\rastls.dll 2009-10-12 13:40 . 2004-08-17 14:47 79872 ----a-w- c:\windows\system32\raschap.dll 2007-01-29 16:03 . 2007-01-29 16:03 244 ----a-w- c:\program files\SETUP.LOG 2005-11-16 19:52 . 2006-11-20 18:27 3991 ----a-w- c:\program files\deviance.nfo 2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-11-24 94208] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-28 68856] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480] "nwiz"="nwiz.exe" [2006-10-22 1622016] "EPSON Stylus DX3800 Series (1. másolat)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE" [2007-12-28 98304] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-01-19 949376] "COMODO Firewall Pro"="c:\program files\Comodo\Firewall\CPF.exe" [2008-01-19 1115728] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016] "sysgif32"="c:\windows\TEMP\~TM3F.tmp" [2010-01-03 32768] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\user\Start Menu\Programs\Indˇt˘pult\ Windows Live Messenger .lnk - c:\program files\Windows Live\Messenger\msnmsgr.exe [2009-7-26 3883840] c:\documents and settings\Rendszergazda\Start Menu\Programs\Indˇt˘pult\ OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-6-29 393216] siszyd32.exe [2008-4-14 28672] Windows Live Messenger .lnk - c:\program files\Windows Live\Messenger\msnmsgr.exe [2009-7-26 3883840] c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\ Parancsikon - nod32kui .exe.lnk - c:\program files\ESET\nod32kui.exe [2007-12-28 949376] Windows asztali keres‹.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv] 2007-09-23 09:10 143360 ----a-w- c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\wbsys.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Indítópult^Adobe Reader gyorsindító.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Indítópult\Adobe Reader gyorsindító.lnk backup=c:\windows\pss\Adobe Reader gyorsindító.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series] 2007-12-28 14:52 98304 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIACE.EXE [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\LimeWire\\LimeWire.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\WINDOWS\\temp\\~TM3F.tmp"= R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [2005-12-06 35328] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-01-02 691696] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-12-28 15424] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-03-14 54752] S3 fsssvc;Windows Live Családbiztonság szolgáltatás;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] --- Other Services/Drivers In Memory --- NewlyCreated - FVRQJZIV Deregistered - fvrqjziv . . ------- Supplementary Scan ------- . uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redi ... searchfor={searchTerms} uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = .local IE: &Letöltés a FlashGet-tel - c:\program files\FlashGet\jc_link.htm IE: &Minden letöltése a FlashGet-tel - c:\program files\FlashGet\jc_all.htm IE: Download all links using BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: Download all videos using BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: Download link using &BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: Download with Go!Zilla - file://c:\program files\Go!Zilla\download-with-gozilla.html IE: E&xportálás Microsoft Excel formátumba - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll Trusted Zone: bm3music.com\www FF - ProfilePath - c:\documents and settings\Rendszergazda\Application Data\Mozilla\Firefox\Profiles\9k5u3rfd.default\ FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-03 15:35 Windows 5.1.2600 Szervizcsomag 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... c:\windows\system32\fjhdyfhsn.bat 116 bytes scan completed successfully hidden files: 1 ********************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync03.sys atapi.sys sphi.sys >>UNKNOWN [0x82B8E938]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf85b6f28 \Driver\ACPI -> ACPI.sys @ 0xf840ecb8 \Driver\atapi -> sfsync03.sys @ 0xf858395c IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9 ParseProcedure -> ntoskrnl.exe @ 0x8056ea15 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9 ParseProcedure -> ntoskrnl.exe @ 0x8056ea15 user & kernel MBR OK ************************************************************************ [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\fvrqjziv] . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1078081533-764733703-854245398-500\Software\Microsoft\SystemCertificates\AddressBook] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(656) c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - - - - - - - > 'lsass.exe'(712) c:\windows\system32\imon.dll c:\program files\Eset\pr_imon.dll - - - - - - - > 'explorer.exe'(2220) c:\windows\system32\WININET.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Comodo\Firewall\cmdagent.exe c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\program files\Eset\nod32krn.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\SearchIndexer.exe c:\windows\system32\wscntfy.exe c:\windows\system32\RUNDLL32.EXE c:\program files\OpenOffice.org 2.0\program\soffice.exe c:\program files\OpenOffice.org 2.0\program\soffice.BIN c:\windows\system32\SearchProtocolHost.exe c:\program files\Windows Live\Contacts\wlcomm.exe c:\windows\system32\SearchFilterHost.exe . ************************************************************************* . Completion time: 2010-01-03 15:48:19 - machine was rebooted ComboFix-quarantined-files.txt 2010-01-03 14:48 ComboFix2.txt 2010-01-03 13:34 ComboFix3.txt 2010-01-02 19:43 ComboFix4.txt 2010-01-02 17:59 Pre-Run: 8,644,808,704 bájt szabad Post-Run: 8,649,334,784 bájt szabad - - End Of File - - 468A979578DB6133F82F3FB0C79BB417
vas. jan. 03, 2010 15:54

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	ok,elobujtak a trojak,most csinalsz megegy CFScriptet es bedobod a combofixbe a logot ted ide, Kód: KILLALL:: File:: c:\windows\system32\drivers\clykl.sys c:\windows\system32\fjhdyfhsn.bat c:\documents and settings\NetworkService\Application Data\fvgqad.dat Driver:: clykl DDS:: uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZNxmk142YYHU&fl=0&ptb=3Xw1llpB0PE8KAiTXofehQ&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms} Registry:: [-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\clykl]
vas. jan. 03, 2010 14:51

dorci ezüst tag Csatlakozott: hétf. ápr. 07, 2008 17:53 Hozzászólások: 43	((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_PREVXTDI -------\Service_PREVXEmulator -------\Service_PREVXTdi ((((((((((((((((((((((((( Files Created from 2009-12-03 to 2010-01-03 ))))))))))))))))))))))))))))))) . 2010-01-03 10:50 . 2010-01-03 13:23 763904 ----a-w- c:\windows\system32\drivers\clykl.sys 2010-01-03 10:49 . 2010-01-03 10:49 116 ----a-w- c:\windows\system32\fjhdyfhsn.bat 2010-01-02 19:08 . 2010-01-02 19:08 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-01-02 16:25 . 2010-01-02 16:26 -------- d-----w- c:\program files\trend micro 2010-01-02 16:25 . 2010-01-02 16:26 -------- d-----w- C:\rsit . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-03 13:22 . 2007-01-11 17:01 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\OpenOffice.org2 2010-01-03 10:49 . 2010-01-03 10:49 16 ----a-w- c:\documents and settings\NetworkService\Application Data\fvgqad.dat 2009-12-24 08:56 . 2009-03-18 20:58 -------- d-----w- c:\program files\uTorrent 2009-12-23 12:37 . 2007-09-23 13:03 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\uTorrent 2009-12-10 06:30 . 2001-10-26 12:00 459076 ----a-w- c:\windows\system32\perfh00E.dat 2009-12-10 06:30 . 2001-10-26 12:00 104274 ----a-w- c:\windows\system32\perfc00E.dat 2009-11-17 14:06 . 2009-11-17 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA 2009-11-10 15:00 . 2007-10-04 17:01 -------- d-----w- c:\program files\Windows Live 2009-11-10 14:52 . 2009-11-10 14:52 -------- d-----w- c:\program files\Microsoft 2009-10-29 07:44 . 2004-08-17 14:47 916480 ------w- c:\windows\system32\wininet.dll 2009-10-21 05:40 . 2004-08-17 14:47 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40 . 2004-08-17 14:46 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-03 21:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:38 . 2004-08-17 14:47 271360 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:40 . 2004-08-17 14:47 150016 ----a-w- c:\windows\system32\rastls.dll 2009-10-12 13:40 . 2004-08-17 14:47 79872 ----a-w- c:\windows\system32\raschap.dll 2007-01-29 16:03 . 2007-01-29 16:03 244 ----a-w- c:\program files\SETUP.LOG 2005-11-16 19:52 . 2006-11-20 18:27 3991 ----a-w- c:\program files\deviance.nfo 2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-11-24 94208] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-28 68856] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480] "nwiz"="nwiz.exe" [2006-10-22 1622016] "EPSON Stylus DX3800 Series (1. másolat)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE" [2007-12-28 98304] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-01-19 949376] "COMODO Firewall Pro"="c:\program files\Comodo\Firewall\CPF.exe" [2008-01-19 1115728] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\user\Start Menu\Programs\Indˇt˘pult\ Windows Live Messenger .lnk - c:\program files\Windows Live\Messenger\msnmsgr.exe [2009-7-26 3883840] c:\documents and settings\Rendszergazda\Start Menu\Programs\Indˇt˘pult\ OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-6-29 393216] siszyd32.exe [2008-4-14 28672] Windows Live Messenger .lnk - c:\program files\Windows Live\Messenger\msnmsgr.exe [2009-7-26 3883840] c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\ Parancsikon - nod32kui .exe.lnk - c:\program files\ESET\nod32kui.exe [2007-12-28 949376] Windows asztali keres‹.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv] 2007-09-23 09:10 143360 ----a-w- c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\wbsys.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Indítópult^Adobe Reader gyorsindító.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Indítópult\Adobe Reader gyorsindító.lnk backup=c:\windows\pss\Adobe Reader gyorsindító.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series] 2007-12-28 14:52 98304 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIACE.EXE [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\LimeWire\\LimeWire.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [2005-12-06 35328] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-01-02 691696] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-12-28 15424] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-03-14 54752] --- Other Services/Drivers In Memory --- Deregistered - clykl . . ------- Supplementary Scan ------- . uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redi ... searchfor={searchTerms} uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = .local IE: &Letöltés a FlashGet-tel - c:\program files\FlashGet\jc_link.htm IE: &Minden letöltése a FlashGet-tel - c:\program files\FlashGet\jc_all.htm IE: Download all links using BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: Download all videos using BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: Download link using &BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: Download with Go!Zilla - file://c:\program files\Go!Zilla\download-with-gozilla.html IE: E&xportálás Microsoft Excel formátumba - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll Trusted Zone: bm3music.com\www FF - ProfilePath - c:\documents and settings\Rendszergazda\Application Data\Mozilla\Firefox\Profiles\9k5u3rfd.default\ FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-03 14:20 Windows 5.1.2600 Szervizcsomag 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync03.sys atapi.sys spwc.sys >>UNKNOWN [0x82B8E938]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf85b6f28 \Driver\ACPI -> ACPI.sys @ 0xf840ecb8 \Driver\atapi -> sfsync03.sys @ 0xf858395c IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9 ParseProcedure -> ntoskrnl.exe @ 0x8056ea15 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9 ParseProcedure -> ntoskrnl.exe @ 0x8056ea15 user & kernel MBR OK ************************************************************************ [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\clykl] . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1078081533-764733703-854245398-500\Software\Microsoft\SystemCertificates\AddressBook] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(676) c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - - - - - - - > 'lsass.exe'(732) c:\windows\system32\imon.dll c:\program files\Eset\pr_imon.dll - - - - - - - > 'explorer.exe'(392) c:\windows\system32\WININET.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Comodo\Firewall\cmdagent.exe c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\program files\Eset\nod32krn.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\SearchIndexer.exe c:\windows\system32\wscntfy.exe c:\windows\system32\RUNDLL32.EXE c:\program files\OpenOffice.org 2.0\program\soffice.exe c:\program files\OpenOffice.org 2.0\program\soffice.BIN c:\windows\system32\SearchProtocolHost.exe c:\windows\system32\SearchFilterHost.exe . ************************************************************************* . Completion time: 2010-01-03 14:34:37 - machine was rebooted ComboFix-quarantined-files.txt 2010-01-03 13:34 ComboFix2.txt 2010-01-02 19:43 ComboFix3.txt 2010-01-02 17:59 Pre-Run: 8,713,322,496 bájt szabad Post-Run: 8,635,101,184 bájt szabad - - End Of File - - 5381C6F4EAC127FEC1BA388FB494ABD1
vas. jan. 03, 2010 14:45

dorci ezüst tag Csatlakozott: hétf. ápr. 07, 2008 17:53 Hozzászólások: 43	ComboFix 10-01-02.04 - Rendszergazda 2010-01-03 13:33:02.15.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.1.1038.18.511.233 [GMT 1:00] Running from: c:\documents and settings\Rendszergazda\Dokumentumok\Letöltések\ComboFix.exe Command switches used :: c:\documents and settings\Rendszergazda\Asztal\CFScript.txt AV: ESET NOD32 Antivirus System 2.70 On-access scanning enabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: COMODO Firewall Pro disabled {043803A3-4F86-4ef6-AFC5-F6E02A79969B} FILE :: "c:\windows\system32\drivers\PxEmu.sys" "c:\windows\system32\drivers\pxtdi.sys" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Rendszergazda\Application Data\avdrn.dat c:\program files\Prevx2 c:\program files\Prevx2\.lclbrk.cache c:\program files\Prevx2\dctlib.dll c:\program files\Prevx2\dctlibs\advapi32.dll c:\program files\Prevx2\dctlibs\comctl32.dll c:\program files\Prevx2\dctlibs\comdlg32.dll c:\program files\Prevx2\dctlibs\crtdll.dll c:\program files\Prevx2\dctlibs\dsound.dll c:\program files\Prevx2\dctlibs\epi.bin c:\program files\Prevx2\dctlibs\fsm.bin c:\program files\Prevx2\dctlibs\gdi32.dll c:\program files\Prevx2\dctlibs\goat1.ex$ c:\program files\Prevx2\dctlibs\icmp.dll c:\program files\Prevx2\dctlibs\imagehlp.dll c:\program files\Prevx2\dctlibs\inetmib1.dll c:\program files\Prevx2\dctlibs\iphlpapi.dll c:\program files\Prevx2\dctlibs\kernel32.dll c:\program files\Prevx2\dctlibs\msvcrt.dll c:\program files\Prevx2\dctlibs\netapi32.dll c:\program files\Prevx2\dctlibs\ntdll.dll c:\program files\Prevx2\dctlibs\ntoskrnl.exe c:\program files\Prevx2\dctlibs\ole32.dll c:\program files\Prevx2\dctlibs\oleaut32.dll c:\program files\Prevx2\dctlibs\psapi.dll c:\program files\Prevx2\dctlibs\rarstub.sfx c:\program files\Prevx2\dctlibs\rpcrt4.dll c:\program files\Prevx2\dctlibs\shell32.dll c:\program files\Prevx2\dctlibs\shlwapi.dll c:\program files\Prevx2\dctlibs\snmpapi.dll c:\program files\Prevx2\dctlibs\urlmon.dll c:\program files\Prevx2\dctlibs\user32.dll c:\program files\Prevx2\dctlibs\wininet.dll c:\program files\Prevx2\dctlibs\winmm.dll c:\program files\Prevx2\dctlibs\ws2_32.dll c:\program files\Prevx2\dctlibs\wsock32.dll c:\program files\Prevx2\dctlibs\zipstub.sfx c:\program files\Prevx2\def.base c:\program files\Prevx2\desc.ini c:\program files\Prevx2\ec.cache c:\program files\Prevx2\gfx\1.png c:\program files\Prevx2\gfx\2.png c:\program files\Prevx2\gfx\3.png c:\program files\Prevx2\gfx\4.png c:\program files\Prevx2\gfx\5.png c:\program files\Prevx2\gfx\6.png c:\program files\Prevx2\gfx\7.png c:\program files\Prevx2\gfx\8.png c:\program files\Prevx2\gfx\addinfo_background.PNG c:\program files\Prevx2\gfx\advanced_64.png c:\program files\Prevx2\gfx\advanced_off.png c:\program files\Prevx2\gfx\advanced_on.png c:\program files\Prevx2\gfx\advanced_over.png c:\program files\Prevx2\gfx\alert_1.png c:\program files\Prevx2\gfx\alert_2.png c:\program files\Prevx2\gfx\amber_close_over.png c:\program files\Prevx2\gfx\amber_grad.png c:\program files\Prevx2\gfx\amber_header.png c:\program files\Prevx2\gfx\apply_16.png c:\program files\Prevx2\gfx\arrow_down.PNG c:\program files\Prevx2\gfx\arrow_left.PNG c:\program files\Prevx2\gfx\arrow_right.PNG c:\program files\Prevx2\gfx\arrow_up.PNG c:\program files\Prevx2\gfx\back_blank.png c:\program files\Prevx2\gfx\back_off.png c:\program files\Prevx2\gfx\back_over.png c:\program files\Prevx2\gfx\background.PNG c:\program files\Prevx2\gfx\background_malwareblocked.png c:\program files\Prevx2\gfx\bar1.png c:\program files\Prevx2\gfx\bar2.png c:\program files\Prevx2\gfx\bg_blank.png c:\program files\Prevx2\gfx\bg_status.PNG c:\program files\Prevx2\gfx\bg_withstatus.png c:\program files\Prevx2\gfx\button_allow0.png c:\program files\Prevx2\gfx\button_allow1.png c:\program files\Prevx2\gfx\button_allow2.png c:\program files\Prevx2\gfx\button_always0.png c:\program files\Prevx2\gfx\button_always1.png c:\program files\Prevx2\gfx\button_always2.png c:\program files\Prevx2\gfx\button_block0.png c:\program files\Prevx2\gfx\button_block1.png c:\program files\Prevx2\gfx\button_block2.png c:\program files\Prevx2\gfx\button_close0.png c:\program files\Prevx2\gfx\button_close1.png c:\program files\Prevx2\gfx\button_close2.png c:\program files\Prevx2\gfx\button_exclude0.png c:\program files\Prevx2\gfx\button_exclude1.png c:\program files\Prevx2\gfx\button_exclude2.png c:\program files\Prevx2\gfx\button_red0.png c:\program files\Prevx2\gfx\button_red1.png c:\program files\Prevx2\gfx\button_red2.png c:\program files\Prevx2\gfx\button_terminate0.png c:\program files\Prevx2\gfx\button_terminate1.png c:\program files\Prevx2\gfx\button_terminate2.png c:\program files\Prevx2\gfx\Button0.png c:\program files\Prevx2\gfx\Button1.png c:\program files\Prevx2\gfx\Button2.png c:\program files\Prevx2\gfx\ButtonL0.png c:\program files\Prevx2\gfx\ButtonL1.png c:\program files\Prevx2\gfx\ButtonL2.png c:\program files\Prevx2\gfx\cancel_16.png c:\program files\Prevx2\gfx\checkupdates_off.png c:\program files\Prevx2\gfx\checkupdates_on.png c:\program files\Prevx2\gfx\checkupdates_over.png c:\program files\Prevx2\gfx\communitydbmalwarecenter_16.png c:\program files\Prevx2\gfx\communitydbmalwarecenter_32.png c:\program files\Prevx2\gfx\complete.png c:\program files\Prevx2\gfx\completedsteptick.png c:\program files\Prevx2\gfx\currentsteparrow.png c:\program files\Prevx2\gfx\day.gif c:\program files\Prevx2\gfx\delete_16.png c:\program files\Prevx2\gfx\deleteall_16.png c:\program files\Prevx2\gfx\deny.png c:\program files\Prevx2\gfx\disabled_16.png c:\program files\Prevx2\gfx\discuss_16.png c:\program files\Prevx2\gfx\discuss_32.png c:\program files\Prevx2\gfx\diskscan.png c:\program files\Prevx2\gfx\dll.png c:\program files\Prevx2\gfx\dropshadow.png c:\program files\Prevx2\gfx\eventlog_64.png c:\program files\Prevx2\gfx\exe.png c:\program files\Prevx2\gfx\filescan_16.png c:\program files\Prevx2\gfx\filescan_32.png c:\program files\Prevx2\gfx\forum_16.png c:\program files\Prevx2\gfx\fullgreenbar.gif c:\program files\Prevx2\gfx\green_close_over.png c:\program files\Prevx2\gfx\green_grad.PNG c:\program files\Prevx2\gfx\green_header.PNG c:\program files\Prevx2\gfx\harddrive_16.png c:\program files\Prevx2\gfx\healthcheck.PNG c:\program files\Prevx2\gfx\healthcheck_16.png c:\program files\Prevx2\gfx\help_16.png c:\program files\Prevx2\gfx\help_32.png c:\program files\Prevx2\gfx\help_off.png c:\program files\Prevx2\gfx\help_on.png c:\program files\Prevx2\gfx\help_over.png c:\program files\Prevx2\gfx\help_red_off.png c:\program files\Prevx2\gfx\help_red_on.png c:\program files\Prevx2\gfx\holding_cell.gif c:\program files\Prevx2\gfx\hslider_sub1.PNG c:\program files\Prevx2\gfx\hslider_sub2.PNG c:\program files\Prevx2\gfx\icon_filescan.png c:\program files\Prevx2\gfx\icon_processscan.png c:\program files\Prevx2\gfx\icon_programmonitor.png c:\program files\Prevx2\gfx\icon_restoresettings.png c:\program files\Prevx2\gfx\infected_header.png c:\program files\Prevx2\gfx\infected_header_green.png c:\program files\Prevx2\gfx\InfoPopup_box.png c:\program files\Prevx2\gfx\jail.gif c:\program files\Prevx2\gfx\jail_64.png c:\program files\Prevx2\gfx\languages_16.png c:\program files\Prevx2\gfx\languages_32.png c:\program files\Prevx2\gfx\license_64.png c:\program files\Prevx2\gfx\licenseinfo_background.png c:\program files\Prevx2\gfx\licenses_16.png c:\program files\Prevx2\gfx\licenses_32.png c:\program files\Prevx2\gfx\logo.png c:\program files\Prevx2\gfx\malwarefound.png c:\program files\Prevx2\gfx\menu_bar.png c:\program files\Prevx2\gfx\monitor_16.png c:\program files\Prevx2\gfx\monitor_32.png c:\program files\Prevx2\gfx\month_green.gif c:\program files\Prevx2\gfx\month_green_empty.GIF c:\program files\Prevx2\gfx\month_yellow.gif c:\program files\Prevx2\gfx\on_probation.gif c:\program files\Prevx2\gfx\password_32.png c:\program files\Prevx2\gfx\preferences_64.png c:\program files\Prevx2\gfx\prevx_connectdatabase.gif c:\program files\Prevx2\gfx\prevxlogo.png c:\program files\Prevx2\gfx\processscan_16.png c:\program files\Prevx2\gfx\progbar.gif c:\program files\Prevx2\gfx\PU_bg.png c:\program files\Prevx2\gfx\PU_bg_withstatus.png c:\program files\Prevx2\gfx\PU_closebutton.png c:\program files\Prevx2\gfx\PU_eventlog_off.png c:\program files\Prevx2\gfx\PU_eventlog_on.png c:\program files\Prevx2\gfx\PU_eventlog_over.png c:\program files\Prevx2\gfx\PU_jail_off.png c:\program files\Prevx2\gfx\PU_jail_on.png c:\program files\Prevx2\gfx\PU_jail_over.png c:\program files\Prevx2\gfx\PU_license_off.png c:\program files\Prevx2\gfx\PU_license_on.png c:\program files\Prevx2\gfx\PU_license_over.png c:\program files\Prevx2\gfx\PU_logo.png c:\program files\Prevx2\gfx\PU_more_off.png c:\program files\Prevx2\gfx\PU_more_on.png c:\program files\Prevx2\gfx\PU_more_over.png c:\program files\Prevx2\gfx\PU_support_off.png c:\program files\Prevx2\gfx\PU_support_on.png c:\program files\Prevx2\gfx\PU_support_over.png c:\program files\Prevx2\gfx\PU_update_off.png c:\program files\Prevx2\gfx\PU_update_on.png c:\program files\Prevx2\gfx\PU_update_over.png c:\program files\Prevx2\gfx\Query_Blocked_background.png c:\program files\Prevx2\gfx\Query_Blocked_background_grad.png c:\program files\Prevx2\gfx\Query1_background.png c:\program files\Prevx2\gfx\query2_background.PNG c:\program files\Prevx2\gfx\recentprogactivity_64.png c:\program files\Prevx2\gfx\red.png c:\program files\Prevx2\gfx\red_16.png c:\program files\Prevx2\gfx\red_16_msg.png c:\program files\Prevx2\gfx\red_close_over.png c:\program files\Prevx2\gfx\red_grad.png c:\program files\Prevx2\gfx\red_header.png c:\program files\Prevx2\gfx\reg_16.png c:\program files\Prevx2\gfx\reg_bin_16.png c:\program files\Prevx2\gfx\reg_key_16.png c:\program files\Prevx2\gfx\reg_string_16.png c:\program files\Prevx2\gfx\rightarrow.PNG c:\program files\Prevx2\gfx\samber.png c:\program files\Prevx2\gfx\samber_d.png c:\program files\Prevx2\gfx\samber_d_msg.png c:\program files\Prevx2\gfx\samber_msg.png c:\program files\Prevx2\gfx\scan_64.png c:\program files\Prevx2\gfx\scanning.png c:\program files\Prevx2\gfx\sdbconvert.gif c:\program files\Prevx2\gfx\search.gif c:\program files\Prevx2\gfx\sendtojail_16.png c:\program files\Prevx2\gfx\sgreen.png c:\program files\Prevx2\gfx\sgreen_d.png c:\program files\Prevx2\gfx\sgreen_d_msg.png c:\program files\Prevx2\gfx\sgreen_msg.png c:\program files\Prevx2\gfx\skip.png c:\program files\Prevx2\gfx\softwareaudit_box.gif c:\program files\Prevx2\gfx\softwareaudit_icon.gif c:\program files\Prevx2\gfx\sred.png c:\program files\Prevx2\gfx\sred_d.png c:\program files\Prevx2\gfx\sred_d_msg.png c:\program files\Prevx2\gfx\sred_msg.png c:\program files\Prevx2\gfx\status_logo1.PNG c:\program files\Prevx2\gfx\status_logo2.PNG c:\program files\Prevx2\gfx\statusamber.png c:\program files\Prevx2\gfx\statusamber_background.png c:\program files\Prevx2\gfx\statusgreen.png c:\program files\Prevx2\gfx\statusgreen_background.PNG c:\program files\Prevx2\gfx\statusred.png c:\program files\Prevx2\gfx\statusred_background.png c:\program files\Prevx2\gfx\support_16.png c:\program files\Prevx2\gfx\support_32.png c:\program files\Prevx2\gfx\support_64.png c:\program files\Prevx2\gfx\systemrestore.png c:\program files\Prevx2\gfx\systemrestore_16.png c:\program files\Prevx2\gfx\tick.png c:\program files\Prevx2\gfx\tray_update.png c:\program files\Prevx2\gfx\traygreen.png c:\program files\Prevx2\gfx\trayred.png c:\program files\Prevx2\gfx\tutorial_16.png c:\program files\Prevx2\gfx\tutorial_32.png c:\program files\Prevx2\gfx\unknown.png c:\program files\Prevx2\gfx\update_icon.png c:\program files\Prevx2\gfx\update_off.png c:\program files\Prevx2\gfx\update_on.png c:\program files\Prevx2\gfx\update_over.png c:\program files\Prevx2\gfx\upgrade_64.png c:\program files\Prevx2\gfx\vertbluegrad.PNG c:\program files\Prevx2\gfx\viewlog_16.png c:\program files\Prevx2\gfx\viewlog_32.png c:\program files\Prevx2\gfx\vslider_sub1.png c:\program files\Prevx2\gfx\vslider_sub2.png c:\program files\Prevx2\help\prevxone.chm c:\program files\Prevx2\html\activation_failure.htm c:\program files\Prevx2\html\activation_failure3.htm c:\program files\Prevx2\html\ad_bo.html c:\program files\Prevx2\html\ad_det.html c:\program files\Prevx2\html\ad_driverop.html c:\program files\Prevx2\html\ad_fsc.html c:\program files\Prevx2\html\ad_gblhook.html c:\program files\Prevx2\html\ad_keylog.html c:\program files\Prevx2\html\ad_namedobject.html c:\program files\Prevx2\html\ad_ninb.html c:\program files\Prevx2\html\ad_nout.html c:\program files\Prevx2\html\ad_nsrv.html c:\program files\Prevx2\html\ad_nxd.html c:\program files\Prevx2\html\ad_om.html c:\program files\Prevx2\html\ad_op.html c:\program files\Prevx2\html\ad_reg.html c:\program files\Prevx2\html\ad_term.html c:\program files\Prevx2\html\ADDACTIVEX.desc c:\program files\Prevx2\html\ADDSTARTLNK.desc c:\program files\Prevx2\html\APPINITDLL.desc c:\program files\Prevx2\html\BADKILL.desc c:\program files\Prevx2\html\bpu_mhf.html c:\program files\Prevx2\html\bpu_nob.html c:\program files\Prevx2\html\bpu_o.html c:\program files\Prevx2\html\bpu_r.html c:\program files\Prevx2\html\bpu_s.html c:\program files\Prevx2\html\bpu_wse.html c:\program files\Prevx2\html\BUFFERHEAP.desc c:\program files\Prevx2\html\BUFFERSTACK.desc c:\program files\Prevx2\html\DELACTIVEX.desc c:\program files\Prevx2\html\DELSCHED.desc c:\program files\Prevx2\html\DELSTARTLNK.desc c:\program files\Prevx2\html\DETECT.desc c:\program files\Prevx2\html\DLL.desc c:\program files\Prevx2\html\DNSOUT.desc c:\program files\Prevx2\html\DOSEXEC.desc c:\program files\Prevx2\html\DRIVEREXEC.desc c:\program files\Prevx2\html\EXEC.desc c:\program files\Prevx2\html\EXPOPENPROC.desc c:\program files\Prevx2\html\EXPPERM.desc c:\program files\Prevx2\html\EXPPREVX.desc c:\program files\Prevx2\html\EXPUDP.desc c:\program files\Prevx2\html\FTPOUT.desc c:\program files\Prevx2\html\FWALLBYPASS.desc c:\program files\Prevx2\html\GLOBALHOOK.desc c:\program files\Prevx2\html\HELP.desc c:\program files\Prevx2\html\HOSTSFILE.desc c:\program files\Prevx2\html\HTAEXEC.desc c:\program files\Prevx2\html\HTTPOUT.desc c:\program files\Prevx2\html\IEEXEC.desc c:\program files\Prevx2\html\IERESET.desc c:\program files\Prevx2\html\IRCOUT.desc c:\program files\Prevx2\html\JAVAEXEC.desc c:\program files\Prevx2\html\KBSCAN.desc c:\program files\Prevx2\html\KEYLOG.desc c:\program files\Prevx2\html\KILLCOMMAND.desc c:\program files\Prevx2\html\KILLREGEDIT.desc c:\program files\Prevx2\html\KILLRESTORE.desc c:\program files\Prevx2\html\KILLTASKMAN.desc c:\program files\Prevx2\html\KILLWFP.desc c:\program files\Prevx2\html\KILLXPFWALL.desc c:\program files\Prevx2\html\MODLOGINSCR.desc c:\program files\Prevx2\html\MODRESTORE.desc c:\program files\Prevx2\html\MSADDBOOK.desc c:\program files\Prevx2\html\MSIEXEC.desc c:\program files\Prevx2\html\NETBIOSOUT.desc c:\program files\Prevx2\html\p1_control_toolbar.htm c:\program files\Prevx2\html\PHYSMEM.desc c:\program files\Prevx2\html\PMONITOR.desc c:\program files\Prevx2\html\POP3OUT.desc c:\program files\Prevx2\html\PROCHIJACK.desc c:\program files\Prevx2\html\PROCKILL.desc c:\program files\Prevx2\html\PX5CREATE.desc c:\program files\Prevx2\html\PX5DELETE.desc c:\program files\Prevx2\html\qc.html c:\program files\Prevx2\html\qcfailed.html c:\program files\Prevx2\html\qlpu.html c:\program files\Prevx2\html\qpu_r.html c:\program files\Prevx2\html\REGADDPRODUCT.desc c:\program files\Prevx2\html\REGAPPBYPASS.desc c:\program files\Prevx2\html\REGBHO.desc c:\program files\Prevx2\html\REGCOMINPROC.desc c:\program files\Prevx2\html\REGCOMSERV.desc c:\program files\Prevx2\html\REGCCSROOT.desc c:\program files\Prevx2\html\REGDISABLEAU.desc c:\program files\Prevx2\html\REGDISSHARE.desc c:\program files\Prevx2\html\REGDISXPSP2.desc c:\program files\Prevx2\html\REGDNOTIFYSC.desc c:\program files\Prevx2\html\REGDNSCHANGE.desc c:\program files\Prevx2\html\REGEXT.desc c:\program files\Prevx2\html\REGEXTNMAP.desc c:\program files\Prevx2\html\REGIEACTIVEX.desc c:\program files\Prevx2\html\REGIECPL.desc c:\program files\Prevx2\html\REGIEDESKTOP.desc c:\program files\Prevx2\html\REGIEENAEXT.desc c:\program files\Prevx2\html\REGIEEXTN.desc c:\program files\Prevx2\html\REGIEHOME.desc c:\program files\Prevx2\html\REGIEMENUEXT.desc c:\program files\Prevx2\html\REGIESEARCH.desc c:\program files\Prevx2\html\REGIETOOLBAR.desc c:\program files\Prevx2\html\REGIETRUST.desc c:\program files\Prevx2\html\REGKILLDCOM.desc c:\program files\Prevx2\html\REGKILLUTILS.desc c:\program files\Prevx2\html\REGKILLWSC.desc c:\program files\Prevx2\html\REGLOGINSCR.desc c:\program files\Prevx2\html\REGLOGNOTIFY.desc c:\program files\Prevx2\html\REGLOPDOMAIN.desc c:\program files\Prevx2\html\REGMAPIEXTN.desc c:\program files\Prevx2\html\REGMSPOLICY.desc c:\program files\Prevx2\html\REGNOTIFYEE.desc c:\program files\Prevx2\html\REGPXYRELAY.desc c:\program files\Prevx2\html\REGRESTRICTA.desc c:\program files\Prevx2\html\REGRESTRUN.desc c:\program files\Prevx2\html\REGRMTREG.desc c:\program files\Prevx2\html\REGRUNCOMD.desc c:\program files\Prevx2\html\REGRUNDELAY.desc c:\program files\Prevx2\html\REGRUNDXCOM.desc c:\program files\Prevx2\html\REGRUNEXPLOR.desc c:\program files\Prevx2\html\REGRUNINIT.desc c:\program files\Prevx2\html\REGRUNKEY#.desc c:\program files\Prevx2\html\REGRUNKEY.desc c:\program files\Prevx2\html\REGRUNLAYER.desc c:\program files\Prevx2\html\REGRUNONCE.desc c:\program files\Prevx2\html\REGRUNPOLICY.desc c:\program files\Prevx2\html\REGRUNSESS.desc c:\program files\Prevx2\html\REGRUNSHELL.desc c:\program files\Prevx2\html\REGSERVICE#.desc c:\program files\Prevx2\html\REGSERVICE.desc c:\program files\Prevx2\html\REGSVR32EXEC.desc c:\program files\Prevx2\html\REGWINLOG.desc c:\program files\Prevx2\html\RUNDLL32EXEC.desc c:\program files\Prevx2\html\SCHEDULER.desc c:\program files\Prevx2\html\SCRIPTEXEC.desc c:\program files\Prevx2\html\SELFPROTFSC.desc c:\program files\Prevx2\html\SELFPROTHJCK.desc c:\program files\Prevx2\html\SELFPROTKEY.desc c:\program files\Prevx2\html\SELFPROTKILL.desc c:\program files\Prevx2\html\SELFPROTREG.desc c:\program files\Prevx2\html\SELFPROTSETUP.desc c:\program files\Prevx2\html\SERVER.desc c:\program files\Prevx2\html\SMTP.desc c:\program files\Prevx2\html\START.desc c:\program files\Prevx2\html\STYLESHEET.desc c:\program files\Prevx2\html\TCPOUT.desc c:\program files\Prevx2\html\TELNETOUT.desc c:\program files\Prevx2\html\TEMPEXEC.desc c:\program files\Prevx2\html\TERM.desc c:\program files\Prevx2\html\UMONITOR.desc c:\program files\Prevx2\html\URLCREATE.desc c:\program files\Prevx2\html\URLDELETE.desc c:\program files\Prevx2\html\USESADS.desc c:\program files\Prevx2\html\USESMAPI.desc c:\program files\Prevx2\html\VULNFILES.desc c:\program files\Prevx2\idmap c:\program files\Prevx2\lclbrk.cache c:\program files\Prevx2\lclbrk.cache.xp64 c:\program files\Prevx2\libAPI.dll c:\program files\Prevx2\libCOM.dll c:\program files\Prevx2\libCORE.dll c:\program files\Prevx2\libcurl.dll c:\program files\Prevx2\libdctmt.dll c:\program files\Prevx2\license.txt c:\program files\Prevx2\log\_null.log c:\program files\Prevx2\log\exception-1251407411-0.txt c:\program files\Prevx2\log\exception-1251407416-0.txt c:\program files\Prevx2\log\exception-1251407421-0.txt c:\program files\Prevx2\log\exception-1251407424-0.txt c:\program files\Prevx2\log\exception-1251407435-0.txt c:\program files\Prevx2\log\exception-1251407439-0.txt c:\program files\Prevx2\log\exception-1252055187-0.txt c:\program files\Prevx2\log\exception-1252055211-0.txt c:\program files\Prevx2\log\exception-1252055213-0.txt c:\program files\Prevx2\log\exception-1262450609-0.txt c:\program files\Prevx2\log\exception-1262450612-0.txt c:\program files\Prevx2\log\exception-1262450613-0.txt c:\program files\Prevx2\log\exception-1262450620-0.txt c:\program files\Prevx2\log\exception-1262450644-0.txt c:\program files\Prevx2\log\exception-1262517363-0.txt c:\program files\Prevx2\log\exception-1262517374-0.txt c:\program files\Prevx2\log\exception-1262517380-0.txt c:\program files\Prevx2\log\exception-1262517407-0.txt c:\program files\Prevx2\log\px-log.txt c:\program files\Prevx2\log\px-log.txt.backup c:\program files\Prevx2\modules\DCT.dll c:\program files\Prevx2\modules\KCOM.dll c:\program files\Prevx2\modules\LCLBRK.dll c:\program files\Prevx2\modules\PAWS.dll c:\program files\Prevx2\modules\stub_dll_native.bin c:\program files\Prevx2\modules\stub_dll_posix.bin c:\program files\Prevx2\modules\stub_dll_win32console.bin c:\program files\Prevx2\modules\stub_dll_win32gui.bin c:\program files\Prevx2\modules\stub_driver.bin c:\program files\Prevx2\modules\stub_exe_native.bin c:\program files\Prevx2\modules\stub_exe_posix.bin c:\program files\Prevx2\modules\stub_exe_win32console.bin c:\program files\Prevx2\modules\stub_exe_win32gui.bin c:\program files\Prevx2\paws.cache c:\program files\Prevx2\paws.cache.CORRUPT c:\program files\Prevx2\PME.dll c:\program files\Prevx2\prevx.cache c:\program files\Prevx2\PXAgent.exe c:\program files\Prevx2\pxconsole.qm c:\program files\Prevx2\PXL.exe c:\program files\Prevx2\PXL1.exe c:\program files\Prevx2\pxnet.dll c:\program files\Prevx2\PXReset.exe c:\program files\Prevx2\pxsetup.qm c:\program files\Prevx2\pxsupport.exe c:\program files\Prevx2\pxupdate.qm c:\program files\Prevx2\qt-mt336.dll c:\program files\Prevx2\rksi.dll c:\program files\Prevx2\rksig.bin c:\program files\Prevx2\SDB.dll c:\program files\Prevx2\support.htm c:\program files\Prevx2\Support\drivers\2k\lclbrk.cache c:\program files\Prevx2\Support\drivers\2k\pxcore.cab c:\program files\Prevx2\Support\drivers\2k\pxcore.inf c:\program files\Prevx2\Support\drivers\2k\PxDrvInstall.exe c:\program files\Prevx2\Support\drivers\2k3\lclbrk.cache c:\program files\Prevx2\Support\drivers\2k3\pxcore.cab c:\program files\Prevx2\Support\drivers\2k3\pxcore.inf c:\program files\Prevx2\Support\drivers\2k3\PxDrvInstall.exe c:\program files\Prevx2\Support\drivers\xp\lclbrk.cache c:\program files\Prevx2\Support\drivers\xp\pxcore.cab c:\program files\Prevx2\Support\drivers\xp\pxcore.inf c:\program files\Prevx2\Support\drivers\xp\PxDrvInstall.exe c:\program files\Prevx2\t_geneva.dll c:\program files\Prevx2\translations\dutch\desc.ini c:\program files\Prevx2\translations\dutch\gfx\bar1.png c:\program files\Prevx2\translations\dutch\gfx\bar2.png c:\program files\Prevx2\translations\dutch\gfx\checkupdates_off.png c:\program files\Prevx2\translations\dutch\gfx\checkupdates_on.png c:\program files\Prevx2\translations\dutch\gfx\checkupdates_over.png c:\program files\Prevx2\translations\dutch\gfx\NL_checkupdates_off.png c:\program files\Prevx2\translations\dutch\gfx\NL_checkupdates_on.png c:\program files\Prevx2\translations\dutch\gfx\NL_checkupdates_over.png c:\program files\Prevx2\translations\dutch\gfx\place.holder c:\program files\Prevx2\translations\dutch\gfx\PU_jail_off.png c:\program files\Prevx2\translations\dutch\gfx\PU_jail_on.png c:\program files\Prevx2\translations\dutch\gfx\PU_jail_over.png c:\program files\Prevx2\translations\dutch\gfx\PU_license_off.png c:\program files\Prevx2\translations\dutch\gfx\PU_license_on.png c:\program files\Prevx2\translations\dutch\gfx\PU_license_over.png c:\program files\Prevx2\translations\dutch\gfx\PU_more_off.png c:\program files\Prevx2\translations\dutch\gfx\PU_more_on.png c:\program files\Prevx2\translations\dutch\gfx\PU_more_over.png c:\program files\Prevx2\translations\dutch\gfx\status_logo1.png c:\program files\Prevx2\translations\dutch\gfx\status_logo2.png c:\program files\Prevx2\translations\dutch\help\place.holder c:\program files\Prevx2\translations\dutch\help\prevxone.chm c:\program files\Prevx2\translations\dutch\html\activation_failure.htm c:\program files\Prevx2\translations\dutch\html\activation_failure2.htm c:\program files\Prevx2\translations\dutch\html\activation_failure3.htm c:\program files\Prevx2\translations\dutch\html\ad_bo.html c:\program files\Prevx2\translations\dutch\html\ad_det.html c:\program files\Prevx2\translations\dutch\html\ad_driverop.html c:\program files\Prevx2\translations\dutch\html\ad_fsc.html c:\program files\Prevx2\translations\dutch\html\ad_gblhook.html c:\program files\Prevx2\translations\dutch\html\ad_keylog.html c:\program files\Prevx2\translations\dutch\html\ad_namedobject.html c:\program files\Prevx2\translations\dutch\html\ad_ninb.html c:\program files\Prevx2\translations\dutch\html\ad_nout.html c:\program files\Prevx2\translations\dutch\html\ad_nsrv.html c:\program files\Prevx2\translations\dutch\html\ad_nxd.html c:\program files\Prevx2\translations\dutch\html\ad_om.html c:\program files\Prevx2\translations\dutch\html\ad_op.html c:\program files\Prevx2\translations\dutch\html\ad_reg.html c:\program files\Prevx2\translations\dutch\html\ad_term.html c:\program files\Prevx2\translations\dutch\html\anti_keylogger_protection.htm c:\program files\Prevx2\translations\dutch\html\bpu_mhf.html c:\program files\Prevx2\translations\dutch\html\bpu_nob.html c:\program files\Prevx2\translations\dutch\html\bpu_o.html c:\program files\Prevx2\translations\dutch\html\bpu_r.html c:\program files\Prevx2\translations\dutch\html\bpu_s.html c:\program files\Prevx2\translations\dutch\html\bpu_wse.html c:\program files\Prevx2\translations\dutch\html\p1_control_toolbar.htm c:\program files\Prevx2\translations\dutch\html\place.holder c:\program files\Prevx2\translations\dutch\html\qc.html c:\program files\Prevx2\translations\dutch\html\qcfailed.html c:\program files\Prevx2\translations\dutch\html\qlpu.html c:\program files\Prevx2\translations\dutch\html\qpu_r.html c:\program files\Prevx2\translations\dutch\pxconsole.qm c:\program files\Prevx2\translations\dutch\pxsetup.qm c:\program files\Prevx2\translations\dutch\pxupdate.qm c:\program files\Prevx2\translations\dutch\uilangsel.qm c:\program files\Prevx2\translations\dutch\uisysrest.qm c:\program files\Prevx2\translations\english\desc.ini c:\program files\Prevx2\translations\english\gfx\bar1.png c:\program files\Prevx2\translations\english\gfx\bar2.png c:\program files\Prevx2\translations\english\gfx\bg_blank.png c:\program files\Prevx2\translations\english\gfx\checkupdates_off.png c:\program files\Prevx2\translations\english\gfx\checkupdates_on.png c:\program files\Prevx2\translations\english\gfx\checkupdates_over.png c:\program files\Prevx2\translations\english\gfx\filescan_32.png c:\program files\Prevx2\translations\english\gfx\help_off.png c:\program files\Prevx2\translations\english\gfx\help_on.png c:\program files\Prevx2\translations\english\gfx\help_over.png c:\program files\Prevx2\translations\english\gfx\infected_header_green.png c:\program files\Prevx2\translations\english\gfx\menu_bar.png c:\program files\Prevx2\translations\english\gfx\monitor_32.png c:\program files\Prevx2\translations\english\gfx\prevx_connectdatabase.gif c:\program files\Prevx2\translations\english\gfx\PU_bg.png c:\program files\Prevx2\translations\english\gfx\PU_bg_withstatus.png c:\program files\Prevx2\translations\english\gfx\PU_closebutton.png c:\program files\Prevx2\translations\english\gfx\PU_eventlog_off.png c:\program files\Prevx2\translations\english\gfx\PU_eventlog_on.png c:\program files\Prevx2\translations\english\gfx\PU_eventlog_over.png c:\program files\Prevx2\translations\english\gfx\PU_jail_off.png c:\program files\Prevx2\translations\english\gfx\PU_jail_on.png c:\program files\Prevx2\translations\english\gfx\PU_jail_over.png c:\program files\Prevx2\translations\english\gfx\PU_license_off.png c:\program files\Prevx2\translations\english\gfx\PU_license_on.png c:\program files\Prevx2\translations\english\gfx\PU_license_over.png c:\program files\Prevx2\translations\english\gfx\PU_logo.png c:\program files\Prevx2\translations\english\gfx\PU_more_off.png c:\program files\Prevx2\translations\english\gfx\PU_more_on.png c:\program files\Prevx2\translations\english\gfx\PU_more_over.png c:\program files\Prevx2\translations\english\gfx\PU_support_off.png c:\program files\Prevx2\translations\english\gfx\PU_support_on.png c:\program files\Prevx2\translations\english\gfx\PU_support_over.png c:\program files\Prevx2\translations\english\gfx\PU_update_off.png c:\program files\Prevx2\translations\english\gfx\PU_update_on.png c:\program files\Prevx2\translations\english\gfx\PU_update_over.png c:\program files\Prevx2\translations\english\gfx\Query1_background.png c:\program files\Prevx2\translations\english\gfx\status_logo1.PNG c:\program files\Prevx2\translations\english\gfx\status_logo2.PNG c:\program files\Prevx2\translations\english\gfx\support_32.png c:\program files\Prevx2\translations\english\gfx\systemrestore.png c:\program files\Prevx2\translations\english\gfx\tray_update.png c:\program files\Prevx2\translations\english\gfx\update_icon.png c:\program files\Prevx2\translations\english\help\prevxone.chm c:\program files\Prevx2\translations\english\html\activation_failure.htm c:\program files\Prevx2\translations\english\html\activation_failure3.htm c:\program files\Prevx2\translations\english\html\ad_bo.html c:\program files\Prevx2\translations\english\html\ad_det.html c:\program files\Prevx2\translations\english\html\ad_driverop.html c:\program files\Prevx2\translations\english\html\ad_fsc.html c:\program files\Prevx2\translations\english\html\ad_gblhook.html c:\program files\Prevx2\translations\english\html\ad_keylog.html c:\program files\Prevx2\translations\english\html\ad_namedobject.html c:\program files\Prevx2\translations\english\html\ad_ninb.html c:\program files\Prevx2\translations\english\html\ad_nout.html c:\program files\Prevx2\translations\english\html\ad_nsrv.html c:\program files\Prevx2\translations\english\html\ad_nxd.html c:\program files\Prevx2\translations\english\html\ad_om.html c:\program files\Prevx2\translations\english\html\ad_op.html c:\program files\Prevx2\translations\english\html\ad_reg.html c:\program files\Prevx2\translations\english\html\ad_term.html c:\program files\Prevx2\translations\english\html\ADDACTIVEX.desc c:\program files\Prevx2\translations\english\html\ADDSTARTLNK.desc c:\program files\Prevx2\translations\english\html\APPINITDLL.desc c:\program files\Prevx2\translations\english\html\BADKILL.desc c:\program files\Prevx2\translations\english\html\bpu_mhf.html c:\program files\Prevx2\translations\english\html\bpu_nob.html c:\program files\Prevx2\translations\english\html\bpu_o.html c:\program files\Prevx2\translations\english\html\bpu_r.html c:\program files\Prevx2\translations\english\html\bpu_s.html c:\program files\Prevx2\translations\english\html\bpu_wse.html c:\program files\Prevx2\translations\english\html\BUFFERHEAP.desc c:\program files\Prevx2\translations\english\html\BUFFERSTACK.desc c:\program files\Prevx2\translations\english\html\DELACTIVEX.desc c:\program files\Prevx2\translations\english\html\DELSCHED.desc c:\program files\Prevx2\translations\english\html\DELSTARTLNK.desc c:\program files\Prevx2\translations\english\html\DETECT.desc c:\program files\Prevx2\translations\english\html\DLL.desc c:\program files\Prevx2\translations\english\html\DNSOUT.desc c:\program files\Prevx2\translations\english\html\DOSEXEC.desc c:\program files\Prevx2\translations\english\html\DRIVEREXEC.desc c:\program files\Prevx2\translations\english\html\EXEC.desc c:\program files\Prevx2\translations\english\html\EXPOPENPROC.desc c:\program files\Prevx2\translations\english\html\EXPPERM.desc c:\program files\Prevx2\translations\english\html\EXPPREVX.desc c:\program files\Prevx2\translations\english\html\EXPUDP.desc c:\program files\Prevx2\translations\english\html\FTPOUT.desc c:\program files\Prevx2\translations\english\html\FWALLBYPASS.desc c:\program files\Prevx2\translations\english\html\GLOBALHOOK.desc c:\program files\Prevx2\translations\english\html\HELP.desc c:\program files\Prevx2\translations\english\html\HOSTSFILE.desc c:\program files\Prevx2\translations\english\html\HTAEXEC.desc c:\program files\Prevx2\translations\english\html\HTTPOUT.desc c:\program files\Prevx2\translations\english\html\IEEXEC.desc c:\program files\Prevx2\translations\english\html\IERESET.desc c:\program files\Prevx2\translations\english\html\IRCOUT.desc c:\program files\Prevx2\translations\english\html\JAVAEXEC.desc c:\program files\Prevx2\translations\english\html\KBSCAN.desc c:\program files\Prevx2\translations\english\html\KEYLOG.desc c:\program files\Prevx2\translations\english\html\KILLCOMMAND.desc c:\program files\Prevx2\translations\english\html\KILLREGEDIT.desc c:\program files\Prevx2\translations\english\html\KILLRESTORE.desc c:\program files\Prevx2\translations\english\html\KILLTASKMAN.desc c:\program files\Prevx2\translations\english\html\KILLWFP.desc c:\program files\Prevx2\translations\english\html\KILLXPFWALL.desc c:\program files\Prevx2\translations\english\html\MODLOGINSCR.desc c:\program files\Prevx2\translations\english\html\MODRESTORE.desc c:\program files\Prevx2\translations\english\html\MSADDBOOK.desc c:\program files\Prevx2\translations\english\html\MSIEXEC.desc c:\program files\Prevx2\translations\english\html\NETBIOSOUT.desc c:\program files\Prevx2\translations\english\html\p1_control_toolbar.htm c:\program files\Prevx2\translations\english\html\PHYSMEM.desc c:\program files\Prevx2\translations\english\html\PMONITOR.desc c:\program files\Prevx2\translations\english\html\POP3OUT.desc c:\program files\Prevx2\translations\english\html\PROCHIJACK.desc c:\program files\Prevx2\translations\english\html\PROCKILL.desc c:\program files\Prevx2\translations\english\html\PX5CREATE.desc c:\program files\Prevx2\translations\english\html\PX5DELETE.desc c:\program files\Prevx2\translations\english\html\qc.html c:\program files\Prevx2\translations\english\html\qcfailed.html c:\program files\Prevx2\translations\english\html\qlpu.html c:\program files\Prevx2\translations\english\html\qpu_r.html c:\program files\Prevx2\translations\english\html\REGADDPRODUCT.desc c:\program files\Prevx2\translations\english\html\REGAPPBYPASS.desc c:\program files\Prevx2\translations\english\html\REGBHO.desc c:\program files\Prevx2\translations\english\html\REGCOMINPROC.desc c:\program files\Prevx2\translations\english\html\REGCOMSERV.desc c:\program files\Prevx2\translations\english\html\REGCCSROOT.desc c:\program files\Prevx2\translations\english\html\REGDISABLEAU.desc c:\program files\Prevx2\translations\english\html\REGDISSHARE.desc c:\program files\Prevx2\translations\english\html\REGDISXPSP2.desc c:\program files\Prevx2\translations\english\html\REGDNOTIFYSC.desc c:\program files\Prevx2\translations\english\html\REGDNSCHANGE.desc c:\program files\Prevx2\translations\english\html\REGEXT.desc c:\program files\Prevx2\translations\english\html\REGEXTNMAP.desc c:\program files\Prevx2\translations\english\html\REGIEACTIVEX.desc c:\program files\Prevx2\translations\english\html\REGIECPL.desc c:\program files\Prevx2\translations\english\html\REGIEDESKTOP.desc c:\program files\Prevx2\translations\english\html\REGIEENAEXT.desc c:\program files\Prevx2\translations\english\html\REGIEEXTN.desc c:\program files\Prevx2\translations\english\html\REGIEHOME.desc c:\program files\Prevx2\translations\english\html\REGIEMENUEXT.desc c:\program files\Prevx2\translations\english\html\REGIESEARCH.desc c:\program files\Prevx2\translations\english\html\REGIETOOLBAR.desc c:\program files\Prevx2\translations\english\html\REGIETRUST.desc c:\program files\Prevx2\translations\english\html\REGKILLDCOM.desc c:\program files\Prevx2\translations\english\html\REGKILLUTILS.desc c:\program files\Prevx2\translations\english\html\REGKILLWSC.desc c:\program files\Prevx2\translations\english\html\REGLOGINSCR.desc c:\program files\Prevx2\translations\english\html\REGLOGNOTIFY.desc c:\program files\Prevx2\translations\english\html\REGLOPDOMAIN.desc c:\program files\Prevx2\translations\english\html\REGMAPIEXTN.desc c:\program files\Prevx2\translations\english\html\REGMSPOLICY.desc c:\program files\Prevx2\translations\english\html\REGNOTIFYEE.desc c:\program files\Prevx2\translations\english\html\REGPXYRELAY.desc c:\program files\Prevx2\translations\english\html\REGRESTRICTA.desc c:\program files\Prevx2\translations\english\html\REGRESTRUN.desc c:\program files\Prevx2\translations\english\html\REGRMTREG.desc c:\program files\Prevx2\translations\english\html\REGRUNCOMD.desc c:\program files\Prevx2\translations\english\html\REGRUNDELAY.desc c:\program files\Prevx2\translations\english\html\REGRUNDXCOM.desc c:\program files\Prevx2\translations\english\html\REGRUNEXPLOR.desc c:\program files\Prevx2\translations\english\html\REGRUNINIT.desc c:\program files\Prevx2\translations\english\html\REGRUNKEY#.desc c:\program files\Prevx2\translations\english\html\REGRUNKEY.desc c:\program files\Prevx2\translations\english\html\REGRUNLAYER.desc c:\program files\Prevx2\translations\english\html\REGRUNONCE.desc c:\program files\Prevx2\translations\english\html\REGRUNPOLICY.desc c:\program files\Prevx2\translations\english\html\REGRUNSESS.desc c:\program files\Prevx2\translations\english\html\REGRUNSHELL.desc c:\program files\Prevx2\translations\english\html\REGSERVICE#.desc c:\program files\Prevx2\translations\english\html\REGSERVICE.desc c:\program files\Prevx2\translations\english\html\REGSVR32EXEC.desc c:\program files\Prevx2\translations\english\html\REGWINLOG.desc c:\program files\Prevx2\translations\english\html\RUNDLL32EXEC.desc c:\program files\Prevx2\translations\english\html\SCHEDULER.desc c:\program files\Prevx2\translations\english\html\SCRIPTEXEC.desc c:\program files\Prevx2\translations\english\html\SELFPROTFSC.desc c:\program files\Prevx2\translations\english\html\SELFPROTHJCK.desc c:\program files\Prevx2\translations\english\html\SELFPROTKEY.desc c:\program files\Prevx2\translations\english\html\SELFPROTKILL.desc c:\program files\Prevx2\translations\english\html\SELFPROTREG.desc c:\program files\Prevx2\translations\english\html\SELFPROTSETUP.desc c:\program files\Prevx2\translations\english\html\SERVER.desc c:\program files\Prevx2\translations\english\html\SMTP.desc c:\program files\Prevx2\translations\english\html\START.desc c:\program files\Prevx2\translations\english\html\STYLESHEET.desc c:\program files\Prevx2\translations\english\html\TCPOUT.desc c:\program files\Prevx2\translations\english\html\TELNETOUT.desc c:\program files\Prevx2\translations\english\html\TEMPEXEC.desc c:\program files\Prevx2\translations\english\html\TERM.desc c:\program files\Prevx2\translations\english\html\UMONITOR.desc c:\program files\Prevx2\translations\english\html\URLCREATE.desc c:\program files\Prevx2\translations\english\html\URLDELETE.desc c:\program files\Prevx2\translations\english\html\USESADS.desc c:\program files\Prevx2\translations\english\html\USESMAPI.desc c:\program files\Prevx2\translations\english\html\VULNFILES.desc c:\program files\Prevx2\translations\english\pxconsole.qm c:\program files\Prevx2\translations\english\pxsetup.qm c:\program files\Prevx2\translations\english\pxupdate.qm c:\program files\Prevx2\translations\english\uilangsel.qm c:\program files\Prevx2\translations\english\uisysrest.qm c:\program files\Prevx2\translations\french\desc.ini c:\program files\Prevx2\translations\french\gfx\bar1.png c:\program files\Prevx2\translations\french\gfx\bar2.png c:\program files\Prevx2\translations\french\gfx\bg_blank.png c:\program files\Prevx2\translations\french\gfx\checkupdates_off.png c:\program files\Prevx2\translations\french\gfx\checkupdates_on.png c:\program files\Prevx2\translations\french\gfx\checkupdates_over.png c:\program files\Prevx2\translations\french\gfx\filescan_32.png c:\program files\Prevx2\translations\french\gfx\help_off.png c:\program files\Prevx2\translations\french\gfx\help_on.png c:\program files\Prevx2\translations\french\gfx\help_over.png c:\program files\Prevx2\translations\french\gfx\menu_bar.png c:\program files\Prevx2\translations\french\gfx\monitor_32.png c:\program files\Prevx2\translations\french\gfx\place.holder c:\program files\Prevx2\translations\french\gfx\prevx_connectdatabase.gif c:\program files\Prevx2\translations\french\gfx\PU_bg.png c:\program files\Prevx2\translations\french\gfx\PU_bg_withstatus.png c:\program files\Prevx2\translations\french\gfx\PU_closebutton.png c:\program files\Prevx2\translations\french\gfx\PU_eventlog_off.png c:\program files\Prevx2\translations\french\gfx\PU_eventlog_on.png c:\program files\Prevx2\translations\french\gfx\PU_eventlog_over.png c:\program files\Prevx2\translations\french\gfx\PU_jail_off.png c:\program files\Prevx2\translations\french\gfx\PU_jail_on.png c:\program files\Prevx2\translations\french\gfx\PU_jail_over.png c:\program files\Prevx2\translations\french\gfx\PU_license_off.png c:\program files\Prevx2\translations\french\gfx\PU_license_on.png c:\program files\Prevx2\translations\french\gfx\PU_license_over.png c:\program files\Prevx2\translations\french\gfx\PU_logo.png c:\program files\Prevx2\translations\french\gfx\PU_more_off.png c:\program files\Prevx2\translations\french\gfx\PU_more_on.png c:\program files\Prevx2\translations\french\gfx\PU_more_over.png c:\program files\Prevx2\translations\french\gfx\PU_support_off.png c:\program files\Prevx2\translations\french\gfx\PU_support_on.png c:\program files\Prevx2\translations\french\gfx\PU_support_over.png c:\program files\Prevx2\translations\french\gfx\PU_update_off.png c:\program files\Prevx2\translations\french\gfx\PU_update_on.png c:\program files\Prevx2\translations\french\gfx\PU_update_over.png c:\program files\Prevx2\translations\french\gfx\Query1_background.png c:\program files\Prevx2\translations\french\gfx\Status_logo1.png c:\program files\Prevx2\translations\french\gfx\Status_logo2.png c:\program files\Prevx2\translations\french\gfx\support_32.png c:\program files\Prevx2\translations\french\gfx\systemrestore.png c:\program files\Prevx2\translations\french\gfx\tray_update.png c:\program files\Prevx2\translations\french\gfx\update_icon.png c:\program files\Prevx2\translations\french\help\place.holder c:\program files\Prevx2\translations\french\help\prevxone.chm c:\program files\Prevx2\translations\french\html\activation_failure.html c:\program files\Prevx2\translations\french\html\ad_bo.html c:\program files\Prevx2\translations\french\html\ad_det.html c:\program files\Prevx2\translations\french\html\ad_driverop.html c:\program files\Prevx2\translations\french\html\ad_fsc.html c:\program files\Prevx2\translations\french\html\ad_gblhook.html c:\program files\Prevx2\translations\french\html\ad_keylog.html c:\program files\Prevx2\translations\french\html\ad_namedobject.html c:\program files\Prevx2\translations\french\html\ad_ninb.html c:\program files\Prevx2\translations\french\html\ad_nout.html c:\program files\Prevx2\translations\french\html\ad_nsrv.html c:\program files\Prevx2\translations\french\html\ad_nxd.html c:\program files\Prevx2\translations\french\html\ad_om.html c:\program files\Prevx2\translations\french\html\ad_op.html c:\program files\Prevx2\translations\french\html\ad_reg.html c:\program files\Prevx2\translations\french\html\ad_term.html c:\program files\Prevx2\translations\french\html\bpu_mhf.html c:\program files\Prevx2\translations\french\html\bpu_nob.html c:\program files\Prevx2\translations\french\html\bpu_o.html c:\program files\Prevx2\translations\french\html\bpu_r.html c:\program files\Prevx2\translations\french\html\bpu_s.html c:\program files\Prevx2\translations\french\html\bpu_wse.html c:\program files\Prevx2\translations\french\html\place.holder c:\program files\Prevx2\translations\french\html\qc.html c:\program files\Prevx2\translations\french\html\qcfailed.html c:\program files\Prevx2\translations\french\html\qlpu.html c:\program files\Prevx2\translations\french\html\qpu_r.html c:\program files\Prevx2\translations\french\pxconsole.qm c:\program files\Prevx2\translations\french\pxsetup.qm c:\program files\Prevx2\translations\french\pxupdate.qm c:\program files\Prevx2\translations\french\uilangsel.qm c:\program files\Prevx2\translations\french\uisysrest.qm c:\program files\Prevx2\translations\german\desc.ini c:\program files\Prevx2\translations\german\gfx\bar1.png c:\program files\Prevx2\translations\german\gfx\bar2.png c:\program files\Prevx2\translations\german\gfx\bg_blank.png c:\program files\Prevx2\translations\german\gfx\checkupdates_off.png c:\program files\Prevx2\translations\german\gfx\checkupdates_on.png c:\program files\Prevx2\translations\german\gfx\checkupdates_over.png c:\program files\Prevx2\translations\german\gfx\filescan_32.png c:\program files\Prevx2\translations\german\gfx\help_off.png c:\program files\Prevx2\translations\german\gfx\help_on.png c:\program files\Prevx2\translations\german\gfx\help_over.png c:\program files\Prevx2\translations\german\gfx\menu_bar.png c:\program files\Prevx2\translations\german\gfx\monitor_32.png c:\program files\Prevx2\translations\german\gfx\place.holder c:\program files\Prevx2\translations\german\gfx\prevx_connectdatabase.gif c:\program files\Prevx2\translations\german\gfx\PU_bg.png c:\program files\Prevx2\translations\german\gfx\PU_bg_withstatus.png c:\program files\Prevx2\translations\german\gfx\PU_closebutton.png c:\program files\Prevx2\translations\german\gfx\PU_eventlog_off.png c:\program files\Prevx2\translations\german\gfx\PU_eventlog_on.png c:\program files\Prevx2\translations\german\gfx\PU_eventlog_over.png c:\program files\Prevx2\translations\german\gfx\PU_jail_off.png c:\program files\Prevx2\translations\german\gfx\PU_jail_on.png c:\program files\Prevx2\translations\german\gfx\PU_jail_over.png c:\program files\Prevx2\translations\german\gfx\PU_license_off.png c:\program files\Prevx2\translations\german\gfx\PU_license_on.png c:\program files\Prevx2\translations\german\gfx\PU_license_over.png c:\program files\Prevx2\translations\german\gfx\PU_logo.png c:\program files\Prevx2\translations\german\gfx\PU_more_off.png c:\program files\Prevx2\translations\german\gfx\PU_more_on.png c:\program files\Prevx2\translations\german\gfx\PU_more_over.png c:\program files\Prevx2\translations\german\gfx\PU_support_off.png c:\program files\Prevx2\translations\german\gfx\PU_support_on.png c:\program files\Prevx2\translations\german\gfx\PU_support_over.png c:\program files\Prevx2\translations\german\gfx\PU_update_off.png c:\program files\Prevx2\translations\german\gfx\PU_update_on.png c:\program files\Prevx2\translations\german\gfx\PU_update_over.png c:\program files\Prevx2\translations\german\gfx\Query1_background.png c:\program files\Prevx2\translations\german\gfx\Status_logo1.png c:\program files\Prevx2\translations\german\gfx\Status_logo2.png c:\program files\Prevx2\translations\german\gfx\support_32.png c:\program files\Prevx2\translations\german\gfx\systemrestore.png c:\program files\Prevx2\translations\german\gfx\tray_update.png c:\program files\Prevx2\translations\german\gfx\update_icon.png c:\program files\Prevx2\translations\german\help\place.holder c:\program files\Prevx2\translations\german\help\prevxone.chm c:\program files\Prevx2\translations\german\html\activation_failure.htm c:\program files\Prevx2\translations\german\html\ad_bo.html c:\program files\Prevx2\translations\german\html\ad_det.html c:\program files\Prevx2\translations\german\html\ad_driverop.html c:\program files\Prevx2\translations\german\html\ad_fsc.html c:\program files\Prevx2\translations\german\html\ad_gblhook.html c:\program files\Prevx2\translations\german\html\ad_keylog.html c:\program files\Prevx2\translations\german\html\ad_namedobject.html c:\program files\Prevx2\translations\german\html\ad_ninb.html c:\program files\Prevx2\translations\german\html\ad_nout.html c:\program files\Prevx2\translations\german\html\ad_nsrv.html c:\program files\Prevx2\translations\german\html\ad_nxd.html c:\program files\Prevx2\translations\german\html\ad_om.html c:\program files\Prevx2\translations\german\html\ad_op.html c:\program files\Prevx2\translations\german\html\ad_reg.html c:\program files\Prevx2\translations\german\html\ad_term.html c:\program files\Prevx2\translations\german\html\bpu_mhf.html c:\program files\Prevx2\translations\german\html\bpu_nob.html c:\program files\Prevx2\translations\german\html\bpu_o.html c:\program files\Prevx2\translations\german\html\bpu_r.html c:\program files\Prevx2\translations\german\html\bpu_s.html c:\program files\Prevx2\translations\german\html\bpu_wse.html c:\program files\Prevx2\translations\german\html\p1_control_toolbar.htm c:\program files\Prevx2\translations\german\html\place.holder c:\program files\Prevx2\translations\german\html\qc.html c:\program files\Prevx2\translations\german\html\qcfailed.html c:\program files\Prevx2\translations\german\html\qlpu.html c:\program files\Prevx2\translations\german\html\qpu_r.html c:\program files\Prevx2\translations\german\pxconsole.qm c:\program files\Prevx2\translations\german\pxsetup.qm c:\program files\Prevx2\translations\german\pxupdate.qm c:\program files\Prevx2\translations\german\uilangsel.qm c:\program files\Prevx2\translations\german\uisysrest.qm c:\program files\Prevx2\translations\italian\desc.ini c:\program files\Prevx2\translations\italian\gfx\bar1.png c:\program files\Prevx2\translations\italian\gfx\bar2.png c:\program files\Prevx2\translations\italian\gfx\bg_blank.png c:\program files\Prevx2\translations\italian\gfx\checkupdates_off.png c:\program files\Prevx2\translations\italian\gfx\checkupdates_on.png c:\program files\Prevx2\translations\italian\gfx\checkupdates_over.png c:\program files\Prevx2\translations\italian\gfx\filescan_32.png c:\program files\Prevx2\translations\italian\gfx\help_off.png c:\program files\Prevx2\translations\italian\gfx\help_on.png c:\program files\Prevx2\translations\italian\gfx\help_over.png c:\program files\Prevx2\translations\italian\gfx\menu_bar.png c:\program files\Prevx2\translations\italian\gfx\monitor_32.png c:\program files\Prevx2\translations\italian\gfx\place.holder c:\program files\Prevx2\translations\italian\gfx\prevx_connectdatabase.gif c:\program files\Prevx2\translations\italian\gfx\PU_bg.png c:\program files\Prevx2\translations\italian\gfx\PU_bg_withstatus.png c:\program files\Prevx2\translations\italian\gfx\PU_closebutton.png c:\program files\Prevx2\translations\italian\gfx\PU_eventlog_off.png c:\program files\Prevx2\translations\italian\gfx\PU_eventlog_on.png c:\program files\Prevx2\translations\italian\gfx\PU_eventlog_over.png c:\program files\Prevx2\translations\italian\gfx\PU_jail_off.png c:\program files\Prevx2\translations\italian\gfx\PU_jail_on.png c:\program files\Prevx2\translations\italian\gfx\PU_jail_over.png c:\program files\Prevx2\translations\italian\gfx\PU_license_off.png c:\program files\Prevx2\translations\italian\gfx\PU_license_on.png c:\program files\Prevx2\translations\italian\gfx\PU_license_over.png c:\program files\Prevx2\translations\italian\gfx\PU_logo.png c:\program files\Prevx2\translations\italian\gfx\PU_more_off.png c:\program files\Prevx2\translations\italian\gfx\PU_more_on.png c:\program files\Prevx2\translations\italian\gfx\PU_more_over.png c:\program files\Prevx2\translations\italian\gfx\PU_support_off.png c:\program files\Prevx2\translations\italian\gfx\PU_support_on.png c:\program files\Prevx2\translations\italian\gfx\PU_support_over.png c:\program files\Prevx2\translations\italian\gfx\PU_update_off.png c:\program files\Prevx2\translations\italian\gfx\PU_update_on.png c:\program files\Prevx2\translations\italian\gfx\PU_update_over.png c:\program files\Prevx2\translations\italian\gfx\Query1_background.png c:\program files\Prevx2\translations\italian\gfx\Status_logo1.png c:\program files\Prevx2\translations\italian\gfx\Status_logo2.png c:\program files\Prevx2\translations\italian\gfx\support_32.png c:\program files\Prevx2\translations\italian\gfx\systemrestore.png c:\program files\Prevx2\translations\italian\gfx\tray_update.png c:\program files\Prevx2\translations\italian\gfx\update_icon.png c:\program files\Prevx2\translations\italian\help\place.holder c:\program files\Prevx2\translations\italian\help\prevxone.chm c:\program files\Prevx2\translations\italian\html\activation_failure.htm c:\program files\Prevx2\translations\italian\html\ad_bo.html c:\program files\Prevx2\translations\italian\html\ad_det.html c:\program files\Prevx2\translations\italian\html\ad_driverop.html c:\program files\Prevx2\translations\italian\html\ad_fsc.html c:\program files\Prevx2\translations\italian\html\ad_gblhook.html c:\program files\Prevx2\translations\italian\html\ad_keylog.html c:\program files\Prevx2\translations\italian\html\ad_namedobject.html c:\program files\Prevx2\translations\italian\html\ad_ninb.html c:\program files\Prevx2\translations\italian\html\ad_nout.html c:\program files\Prevx2\translations\italian\html\ad_nsrv.html c:\program files\Prevx2\translations\italian\html\ad_nxd.html c:\program files\Prevx2\translations\italian\html\ad_om.html c:\program files\Prevx2\translations\italian\html\ad_op.html c:\program files\Prevx2\translations\italian\html\ad_reg.html c:\program files\Prevx2\translations\italian\html\ad_term.html c:\program files\Prevx2\translations\italian\html\bpu_mhf.html c:\program files\Prevx2\translations\italian\html\bpu_nob.html c:\program files\Prevx2\translations\italian\html\bpu_o.html c:\program files\Prevx2\translations\italian\html\bpu_r.html c:\program files\Prevx2\translations\italian\html\bpu_s.html c:\program files\Prevx2\translations\italian\html\bpu_wse.html c:\program files\Prevx2\translations\italian\html\p1_control_toolbar.htm c:\program files\Prevx2\translations\italian\html\place.holder c:\program files\Prevx2\translations\italian\html\qc.html c:\program files\Prevx2\translations\italian\html\qcfailed.html c:\program files\Prevx2\translations\italian\html\qlpu.html c:\program files\Prevx2\translations\italian\html\qpu_r.html c:\program files\Prevx2\translations\italian\pxconsole.qm c:\program files\Prevx2\translations\italian\pxsetup.qm c:\program files\Prevx2\translations\italian\pxupdate.qm c:\program files\Prevx2\translations\italian\uilangsel.qm c:\program files\Prevx2\translations\italian\uisysrest.qm c:\program files\Prevx2\translations\spanish\desc.ini c:\program files\Prevx2\translations\spanish\gfx\bar1.png c:\program files\Prevx2\translations\spanish\gfx\bar2.png c:\program files\Prevx2\translations\spanish\gfx\bg_blank.png c:\program files\Prevx2\translations\spanish\gfx\checkupdates_off.png c:\program files\Prevx2\translations\spanish\gfx\checkupdates_on.png c:\program files\Prevx2\translations\spanish\gfx\checkupdates_over.png c:\program files\Prevx2\translations\spanish\gfx\filescan_32.png c:\program files\Prevx2\translations\spanish\gfx\help_off.png c:\program files\Prevx2\translations\spanish\gfx\help_on.png c:\program files\Prevx2\translations\spanish\gfx\help_over.png c:\program files\Prevx2\translations\spanish\gfx\menu_bar.png c:\program files\Prevx2\translations\spanish\gfx\monitor_32.png c:\program files\Prevx2\translations\spanish\gfx\place.holder c:\program files\Prevx2\translations\spanish\gfx\prevx_connectdatabase.gif c:\program files\Prevx2\translations\spanish\gfx\PU_bg.png c:\program files\Prevx2\translations\spanish\gfx\PU_bg_withstatus.png c:\program files\Prevx2\translations\spanish\gfx\PU_closebutton.png c:\program files\Prevx2\translations\spanish\gfx\PU_eventlog_off.png c:\program files\Prevx2\translations\spanish\gfx\PU_eventlog_on.png c:\program files\Prevx2\translations\spanish\gfx\PU_eventlog_over.png c:\program files\Prevx2\translations\spanish\gfx\PU_jail_off.png c:\program files\Prevx2\translations\spanish\gfx\PU_jail_on.png c:\program files\Prevx2\translations\spanish\gfx\PU_jail_over.png c:\program files\Prevx2\translations\spanish\gfx\PU_license_off.png c:\program files\Prevx2\translations\spanish\gfx\PU_license_on.png c:\program files\Prevx2\translations\spanish\gfx\PU_license_over.png c:\program files\Prevx2\translations\spanish\gfx\PU_logo.png c:\program files\Prevx2\translations\spanish\gfx\PU_more_off.png c:\program files\Prevx2\translations\spanish\gfx\PU_more_on.png c:\program files\Prevx2\translations\spanish\gfx\PU_more_over.png c:\program files\Prevx2\translations\spanish\gfx\PU_support_off.png c:\program files\Prevx2\translations\spanish\gfx\PU_support_on.png c:\program files\Prevx2\translations\spanish\gfx\PU_support_over.png c:\program files\Prevx2\translations\spanish\gfx\PU_update_off.png c:\program files\Prevx2\translations\spanish\gfx\PU_update_on.png c:\program files\Prevx2\translations\spanish\gfx\PU_update_over.png c:\program files\Prevx2\translations\spanish\gfx\Query1_background.png c:\program files\Prevx2\translations\spanish\gfx\Status_logo1.png c:\program files\Prevx2\translations\spanish\gfx\Status_logo2.png c:\program files\Prevx2\translations\spanish\gfx\support_32.png c:\program files\Prevx2\translations\spanish\gfx\systemrestore.png c:\program files\Prevx2\translations\spanish\gfx\tray_update.png c:\program files\Prevx2\translations\spanish\gfx\update_icon.png c:\program files\Prevx2\translations\spanish\help\place.holder c:\program files\Prevx2\translations\spanish\help\prevxone.chm c:\program files\Prevx2\translations\spanish\html\activation_failure.htm c:\program files\Prevx2\translations\spanish\html\ad_bo.html c:\program files\Prevx2\translations\spanish\html\ad_det.html c:\program files\Prevx2\translations\spanish\html\ad_driverop.html c:\program files\Prevx2\translations\spanish\html\ad_fsc.html c:\program files\Prevx2\translations\spanish\html\ad_gblhook.html c:\program files\Prevx2\translations\spanish\html\ad_keylog.html c:\program files\Prevx2\translations\spanish\html\ad_namedobject.html c:\program files\Prevx2\translations\spanish\html\ad_ninb.html c:\program files\Prevx2\translations\spanish\html\ad_nout.html c:\program files\Prevx2\translations\spanish\html\ad_nsrv.html c:\program files\Prevx2\translations\spanish\html\ad_nxd.html c:\program files\Prevx2\translations\spanish\html\ad_om.html c:\program files\Prevx2\translations\spanish\html\ad_op.html c:\program files\Prevx2\translations\spanish\html\ad_reg.html c:\program files\Prevx2\translations\spanish\html\ad_term.html c:\program files\Prevx2\translations\spanish\html\bpu_mhf.html c:\program files\Prevx2\translations\spanish\html\bpu_nob.html c:\program files\Prevx2\translations\spanish\html\bpu_o.html c:\program files\Prevx2\translations\spanish\html\bpu_r.html c:\program files\Prevx2\translations\spanish\html\bpu_s.html c:\program files\Prevx2\translations\spanish\html\bpu_wse.html c:\program files\Prevx2\translations\spanish\html\p1_control_toolbar.htm c:\program files\Prevx2\translations\spanish\html\place.holder c:\program files\Prevx2\translations\spanish\html\qc.html c:\program files\Prevx2\translations\spanish\html\qcfailed.html c:\program files\Prevx2\translations\spanish\html\qlpu.html c:\program files\Prevx2\translations\spanish\html\qpu_r.html c:\program files\Prevx2\translations\spanish\pxconsole.qm c:\program files\Prevx2\translations\spanish\pxsetup.qm c:\program files\Prevx2\translations\spanish\pxupdate.qm c:\program files\Prevx2\translations\spanish\uilangsel.qm c:\program files\Prevx2\translations\spanish\uisysrest.qm c:\program files\Prevx2\UILangSel.dll c:\program files\Prevx2\uilangsel.qm c:\program files\Prevx2\UISysRest.dll c:\program files\Prevx2\uisysrest.qm c:\program files\Prevx2\upd.dll c:\program files\Prevx2\Variables.xml c:\program files\Prevx2\zlib1.dll
vas. jan. 03, 2010 14:44

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	probald csokentet modban,
vas. jan. 03, 2010 13:18

dorci ezüst tag Csatlakozott: hétf. ápr. 07, 2008 17:53 Hozzászólások: 43	probálnám csinálni de lefagy vagy nem tudom mi van vele és nem fejezi be... de igyekszem
vas. jan. 03, 2010 13:03

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	Kinyitod a Notepadot>Start>futatas>beirod notepad Es bemasolod a piros textet Kód: KILLALL:: SecCenter:: {557C3342-BC52-4508-AC25-4441BDF5C04C} Folder:: c:\program files\Prevx2 Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PrevxOne"=- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "PREVXAgent"=- Driver:: PREVXTdi PREVXEmulator File:: c:\windows\system32\drivers\PxEmu.sys c:\windows\system32\drivers\pxtdi.sys DDS:: uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZNxmk142YYHU&fl=0&ptb=3Xw1llpB0PE8KAiTXofehQ&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms} Mostan>a notepadon elso full-fajl>ballfelsosarokban>4-sor>lementenni mint.... A txt-hejetfajlnev beteszed eztett>CFScript.txt<alatta bealitod >minden fajl< legfelull>asztall i<klik gomb letenni.Es mostan megcsinalod eztett: A combofix maga elindul es lehet hogy restartol es befejezi a scent.Amit majd ad ted ide OK
vas. jan. 03, 2010 10:03

dorci ezüst tag Csatlakozott: hétf. ápr. 07, 2008 17:53 Hozzászólások: 43	leszedtem nem tudom mért nem jó:S:S
szomb. jan. 02, 2010 20:56

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	majd holnap folytatjuk, Dorci,irtam szed le a geprol a DAEMONT es a Prevx 2.0>>programokat,miert nem csinaltad??
szomb. jan. 02, 2010 20:55

dorci ezüst tag Csatlakozott: hétf. ápr. 07, 2008 17:53 Hozzászólások: 43	ComboFix 10-01-01.05 - Rendszergazda 2010-01-02 20:15:32.13.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.1.1038.18.511.161 [GMT 1:00] Running from: c:\documents and settings\Rendszergazda\Dokumentumok\Letöltések\ComboFix.exe Command switches used :: c:\documents and settings\Rendszergazda\Asztal\CFScript.txt AV: ESET NOD32 Antivirus System 2.70 On-access scanning enabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} AV: Prevx 2.0 On-access scanning disabled (Updated) {557C3342-BC52-4508-AC25-4441BDF5C04C} FW: COMODO Firewall Pro disabled {043803A3-4F86-4ef6-AFC5-F6E02A79969B} FILE :: "c:\windows\S66420F08.tmp" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\S66420F08.tmp . ((((((((((((((((((((((((( Files Created from 2009-12-02 to 2010-01-02 ))))))))))))))))))))))))))))))) . 2010-01-02 19:08 . 2010-01-02 19:08 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-01-02 16:25 . 2010-01-02 16:26 -------- d-----w- c:\program files\trend micro 2010-01-02 16:25 . 2010-01-02 16:26 -------- d-----w- C:\rsit . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-02 19:34 . 2007-01-11 17:01 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\OpenOffice.org2 2010-01-02 19:31 . 2007-12-30 10:28 -------- d-----w- c:\program files\Prevx2 2009-12-24 08:56 . 2009-03-18 20:58 -------- d-----w- c:\program files\uTorrent 2009-12-23 12:37 . 2007-09-23 13:03 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\uTorrent 2009-12-10 06:30 . 2001-10-26 12:00 459076 ----a-w- c:\windows\system32\perfh00E.dat 2009-12-10 06:30 . 2001-10-26 12:00 104274 ----a-w- c:\windows\system32\perfc00E.dat 2009-11-17 14:06 . 2009-11-17 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA 2009-11-10 15:00 . 2007-10-04 17:01 -------- d-----w- c:\program files\Windows Live 2009-11-10 14:52 . 2009-11-10 14:52 -------- d-----w- c:\program files\Microsoft 2009-10-29 07:44 . 2004-08-17 14:47 916480 ------w- c:\windows\system32\wininet.dll 2009-10-21 05:40 . 2004-08-17 14:47 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40 . 2004-08-17 14:46 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-03 21:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:38 . 2004-08-17 14:47 271360 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:40 . 2004-08-17 14:47 150016 ----a-w- c:\windows\system32\rastls.dll 2009-10-12 13:40 . 2004-08-17 14:47 79872 ----a-w- c:\windows\system32\raschap.dll 2007-01-29 16:03 . 2007-01-29 16:03 244 ----a-w- c:\program files\SETUP.LOG 2005-11-16 19:52 . 2006-11-20 18:27 3991 ----a-w- c:\program files\deviance.nfo 2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-11-24 94208] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-28 68856] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480] "nwiz"="nwiz.exe" [2006-10-22 1622016] "EPSON Stylus DX3800 Series (1. másolat)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE" [2007-12-28 98304] "PrevxOne"="c:\program files\Prevx2\PXConsole.exe" [BU] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-01-19 949376] "COMODO Firewall Pro"="c:\program files\Comodo\Firewall\CPF.exe" [2008-01-19 1115728] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\user\Start Menu\Programs\Indˇt˘pult\ Windows Live Messenger .lnk - c:\program files\Windows Live\Messenger\msnmsgr.exe [2009-7-26 3883840] c:\documents and settings\Rendszergazda\Start Menu\Programs\Indˇt˘pult\ OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-6-29 393216] Windows Live Messenger .lnk - c:\program files\Windows Live\Messenger\msnmsgr.exe [2009-7-26 3883840] c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\ Parancsikon - nod32kui .exe.lnk - c:\program files\ESET\nod32kui.exe [2007-12-28 949376] Windows asztali keres‹.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv] 2007-09-23 09:10 143360 ----a-w- c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\wbsys.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Indítópult^Adobe Reader gyorsindító.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Indítópult\Adobe Reader gyorsindító.lnk backup=c:\windows\pss\Adobe Reader gyorsindító.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series] 2007-12-28 14:52 98304 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIACE.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "PREVXAgent"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\LimeWire\\LimeWire.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [2005-12-06 35328] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-01-02 691696] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-12-28 15424] R1 PREVXTdi;PREVX TDI filter;c:\windows\system32\drivers\pxtdi.sys [2007-12-30 28040] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-03-14 54752] S3 PREVXEmulator;PREVX Emulator driver;c:\windows\system32\drivers\PxEmu.sys [2007-12-30 107784] --- Other Services/Drivers In Memory --- NewlyCreated - SPTD . . ------- Supplementary Scan ------- . uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redi ... searchfor={searchTerms} uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = .local IE: &Letöltés a FlashGet-tel - c:\program files\FlashGet\jc_link.htm IE: &Minden letöltése a FlashGet-tel - c:\program files\FlashGet\jc_all.htm IE: Download all links using BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: Download all videos using BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: Download link using &BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: Download with Go!Zilla - file://c:\program files\Go!Zilla\download-with-gozilla.html IE: E&xportálás Microsoft Excel formátumba - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll Trusted Zone: bm3music.com\www FF - ProfilePath - c:\documents and settings\Rendszergazda\Application Data\Mozilla\Firefox\Profiles\9k5u3rfd.default\ FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-02 20:33 Windows 5.1.2600 Szervizcsomag 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync03.sys >>UNKNOWN [0x82FDE9F8]<< atapi.sys splt.sys >>UNKNOWN [0x82F8E938]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf8589f28 \Driver\ACPI -> ACPI.sys @ 0xf83e1cb8 \Driver\atapi -> sfsync03.sys @ 0xf855695c IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9 ParseProcedure -> ntoskrnl.exe @ 0x8056ea15 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9 ParseProcedure -> ntoskrnl.exe @ 0x8056ea15 user & kernel MBR OK ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1078081533-764733703-854245398-500\Software\Microsoft\SystemCertificates\AddressBook] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(652) c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - - - - - - - > 'lsass.exe'(708) c:\windows\system32\imon.dll c:\program files\Eset\pr_imon.dll - - - - - - - > 'explorer.exe'(2320) c:\windows\system32\WININET.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Comodo\Firewall\cmdagent.exe c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\program files\Eset\nod32krn.exe c:\windows\system32\nvsvc32.exe c:\program files\Prevx2\PXAgent.exe c:\windows\system32\SearchIndexer.exe c:\windows\system32\RUNDLL32.EXE c:\program files\OpenOffice.org 2.0\program\soffice.exe c:\program files\OpenOffice.org 2.0\program\soffice.BIN c:\windows\system32\SearchProtocolHost.exe c:\windows\system32\wscntfy.exe c:\windows\system32\SearchFilterHost.exe . ************************************************************************* . Completion time: 2010-01-02 20:43:32 - machine was rebooted ComboFix-quarantined-files.txt 2010-01-02 19:43 ComboFix2.txt 2010-01-02 17:59 Pre-Run: 6,368,694,272 bájt szabad Post-Run: 9,247,526,912 bájt szabad - - End Of File - - EFFA630FE35061372BBC3E7581F6B2AB
szomb. jan. 02, 2010 20:49

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	szed le a geprol a C:\Program Files\Prevx2 programot ideglenesen szed le a Geprol a DAEMONT, http://www.duplexsecure.com/en/downloads . SPTD for Windows (32 bit) nebo (64b) na plochu - futasd - Uninstall - restart PC Kinyitod a Notepadot>Start>futatas>beirod notepad Es bemasolod a piros textet Kód: KILLALL:: File:: c:\windows\S66420F08.tmp DDS:: uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZNxmk142YYHU&fl=0&ptb=3Xw1llpB0PE8KAiTXofehQ&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms} RegLock:: [HKEY_USERS\S-1-5-21-1078081533-764733703-854245398-500\Software\Microsoft\Internet Explorer\User Preferences] Mostan>a notepadon elso full-fajl>ballfelsosarokban>4-sor>lementenni mint.... A txt-hejetfajlnev beteszed eztett>CFScript.txt<alatta bealitod >minden fajl< legfelull>asztall i<klik gomb letenni.Es mostan megcsinalod eztett: A combofix maga elindul es lehet hogy restartol es befejezi a scent.Amit majd ad ted ide
szomb. jan. 02, 2010 19:53

dorci ezüst tag Csatlakozott: hétf. ápr. 07, 2008 17:53 Hozzászólások: 43	ComboFix 10-01-01.05 - Rendszergazda 2010-01-02 18:23:38.12.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.1.1038.18.511.242 [GMT 1:00] Running from: c:\documents and settings\Rendszergazda\Dokumentumok\Letöltések\ComboFix.exe AV: ESET NOD32 Antivirus System 2.70 On-access scanning enabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} AV: Prevx 2.0 On-access scanning disabled (Updated) {557C3342-BC52-4508-AC25-4441BDF5C04C} FW: COMODO Firewall Pro disabled {043803A3-4F86-4ef6-AFC5-F6E02A79969B} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\VDM10.tmp C:\VDM11.tmp C:\VDM14.tmp C:\VDM15.tmp C:\VDM18.tmp C:\VDM19.tmp C:\VDM1C.tmp C:\VDM1D.tmp C:\VDM21.tmp C:\VDM22.tmp C:\VDM25.tmp C:\VDM26.tmp C:\VDMC.tmp C:\VDMD.tmp . ((((((((((((((((((((((((( Files Created from 2009-12-02 to 2010-01-02 ))))))))))))))))))))))))))))))) . 2010-01-02 16:25 . 2010-01-02 16:26 -------- d-----w- c:\program files\trend micro 2010-01-02 16:25 . 2010-01-02 16:26 -------- d-----w- C:\rsit . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-02 17:45 . 2007-01-11 17:01 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\OpenOffice.org2 2010-01-02 17:43 . 2007-12-30 10:28 -------- d-----w- c:\program files\Prevx2 2009-12-24 08:56 . 2009-03-18 20:58 -------- d-----w- c:\program files\uTorrent 2009-12-23 12:37 . 2007-09-23 13:03 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\uTorrent 2009-12-10 06:30 . 2001-10-26 12:00 459076 ----a-w- c:\windows\system32\perfh00E.dat 2009-12-10 06:30 . 2001-10-26 12:00 104274 ----a-w- c:\windows\system32\perfc00E.dat 2009-11-17 14:06 . 2009-11-17 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA 2009-11-10 15:00 . 2007-10-04 17:01 -------- d-----w- c:\program files\Windows Live 2009-11-10 14:52 . 2009-11-10 14:52 -------- d-----w- c:\program files\Microsoft 2009-10-29 07:44 . 2004-08-17 14:47 916480 ----a-w- c:\windows\system32\wininet.dll 2009-10-21 05:40 . 2004-08-17 14:47 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40 . 2004-08-17 14:46 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-03 21:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:38 . 2004-08-17 14:47 271360 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:40 . 2004-08-17 14:47 150016 ----a-w- c:\windows\system32\rastls.dll 2009-10-12 13:40 . 2004-08-17 14:47 79872 ----a-w- c:\windows\system32\raschap.dll 2007-01-29 16:03 . 2007-01-29 16:03 244 ----a-w- c:\program files\SETUP.LOG 2005-11-16 19:52 . 2006-11-20 18:27 3991 ----a-w- c:\program files\deviance.nfo 2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll 2008-05-19 10:05 . 2008-04-06 13:47 48 --sh--w- c:\windows\S66420F08.tmp . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-11-24 94208] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-28 68856] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480] "nwiz"="nwiz.exe" [2006-10-22 1622016] "EPSON Stylus DX3800 Series (1. másolat)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE" [2007-12-28 98304] "DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-01-19 949376] "COMODO Firewall Pro"="c:\program files\Comodo\Firewall\CPF.exe" [2008-01-19 1115728] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\user\Start Menu\Programs\Indˇt˘pult\ Windows Live Messenger .lnk - c:\program files\Windows Live\Messenger\msnmsgr.exe [2009-7-26 3883840] c:\documents and settings\Rendszergazda\Start Menu\Programs\Indˇt˘pult\ OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-6-29 393216] Windows Live Messenger .lnk - c:\program files\Windows Live\Messenger\msnmsgr.exe [2009-7-26 3883840] c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\ Parancsikon - nod32kui .exe.lnk - c:\program files\ESET\nod32kui.exe [2007-12-28 949376] Windows asztali keres‹.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv] 2007-09-23 09:10 143360 ----a-w- c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\wbsys.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Indítópult^Adobe Reader gyorsindító.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Indítópult\Adobe Reader gyorsindító.lnk backup=c:\windows\pss\Adobe Reader gyorsindító.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series] 2007-12-28 14:52 98304 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIACE.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "PREVXAgent"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\LimeWire\\LimeWire.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2008-01-10 155136] R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2008-01-10 5248] R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [2005-12-06 35328] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-12-28 15424] R1 PREVXTdi;PREVX TDI filter;c:\windows\system32\drivers\pxtdi.sys [2007-12-30 28040] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-03-14 54752] S3 PREVXEmulator;PREVX Emulator driver;c:\windows\system32\drivers\PxEmu.sys [2007-12-30 107784] . . ------- Supplementary Scan ------- . uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redi ... searchfor={searchTerms} uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = .local IE: &Letöltés a FlashGet-tel - c:\program files\FlashGet\jc_link.htm IE: &Minden letöltése a FlashGet-tel - c:\program files\FlashGet\jc_all.htm IE: Download all links using BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: Download all videos using BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: Download link using &BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: Download with Go!Zilla - file://c:\program files\Go!Zilla\download-with-gozilla.html IE: E&xportálás Microsoft Excel formátumba - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll Trusted Zone: bm3music.com\www FF - ProfilePath - c:\documents and settings\Rendszergazda\Application Data\Mozilla\Firefox\Profiles\9k5u3rfd.default\ FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHANS REMOVED - - - - HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe HKLM-Run-PrevxOne - c:\program files\Prevx2\PXConsole.exe AddRemove-82A44D22-9452-49FB-00FB-CEC7DCAF7E23 - c:\program files\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe AddRemove-Ask.com Search Assistant - c:\program files\Ask Search Assistant\uninst.exe AddRemove-CS_Manager_is1 - c:\program files\CS_Manager\unins000.exe AddRemove-DreamLight Photo Editor_is1 - g:\sims3\Magic Photo Editor\DreamLight Photo Editor\unins000.exe AddRemove-Example2 - c:\program files\LMIM\uninstall.exe AddRemove-KaraFun_is1 - c:\program files\KaraFun\unins000.exe AddRemove-Lyrics Power - c:\program files\Lyrics Power\uninst.exe AddRemove-Rapidshare Unlimited 2.0 - c:\program files\Rapidshare Unlimited\Uninstall.exe AddRemove-ShockwaveFlash - c:\windows\system32\Macromed\Flash\FlashUtil9b.exe AddRemove-UltraStar - c:\program files\UltraStar\uninstall.exe AddRemove-Virtual DJ - Atomix Productions - c:\progra~1\VIRTUA~1\UNWISE.EXE AddRemove-VMidi - c:\program files\vanBasco's Karaoke Player\uninst.exe AddRemove-WindowBlinds - c:\progra~1\Stardock\OBJECT~1\WINDOW~1\UNWISE.EXE AddRemove-Yahoo! Companion - c:\progra~1\Yahoo!\Common\unyt.exe AddRemove-{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1 - c:\program files\TypingMaster\unins000.exe *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-02 18:44 Windows 5.1.2600 Szervizcsomag 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x82AFA8A0]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf8589f28 \Driver\ACPI -> ACPI.sys @ 0xf84c6cb8 \Driver\atapi -> 0x82afa8a0 IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9 ParseProcedure -> ntoskrnl.exe @ 0x8056ea15 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9 ParseProcedure -> ntoskrnl.exe @ 0x8056ea15 Warning: possible MBR rootkit infection ! user & kernel MBR OK ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1078081533-764733703-854245398-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,07,5f,bc,dc,af,5a,47,4d,bd,1e,7e,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,07,5f,bc,dc,af,5a,47,4d,bd,1e,7e,\ [HKEY_USERS\S-1-5-21-1078081533-764733703-854245398-500\Software\Microsoft\SystemCertificates\AddressBook] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(660) c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - - - - - - - > 'lsass.exe'(716) c:\windows\system32\imon.dll c:\program files\Eset\pr_imon.dll - - - - - - - > 'explorer.exe'(2700) c:\windows\system32\WININET.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Comodo\Firewall\cmdagent.exe c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\program files\Eset\nod32krn.exe c:\windows\system32\nvsvc32.exe c:\program files\Prevx2\PXAgent.exe c:\windows\system32\SearchIndexer.exe c:\windows\system32\RUNDLL32.EXE c:\program files\OpenOffice.org 2.0\program\soffice.exe c:\program files\OpenOffice.org 2.0\program\soffice.BIN c:\windows\system32\wscntfy.exe c:\windows\system32\SearchProtocolHost.exe c:\windows\system32\SearchFilterHost.exe . ************************************************************************* . Completion time: 2010-01-02 18:58:59 - machine was rebooted ComboFix-quarantined-files.txt 2010-01-02 17:58 Pre-Run: 4,972,802,048 bájt szabad Post-Run: 6,367,920,128 bájt szabad - - End Of File - - 2C820C21BD0C29F6B5DC40F160EBD053
szomb. jan. 02, 2010 19:11

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	igen vana ot Trojan Downloader futasd a combofixet Toldsle ezt a combofixett ted az ASZTALRA,mindent bezarsz kapcsold ki a ha van akorr a Spyware Terminator pajzat es +SpybotTeaTimer pajzat is ha van., .Nemfuthatt semmi program,Futatod mint rendszergazda rendesen Windowsba-2x-klik ikona combofix>beleegyezes...... Es mostan csak nezni fogod nembabralni semmitt a gepp sajatt maga restartoll befejezi a scent ,csinall combofix .txt,eztett ide teszed es http://download.bleepingcomputer.com/sUBs/ComboFix.exe
szomb. jan. 02, 2010 17:37

dorci ezüst tag Csatlakozott: hétf. ápr. 07, 2008 17:53 Hozzászólások: 43	Logfile of random's system information tool 1.06 (written by random/random) Run by Rendszergazda at 2010-01-02 17:25:32 Microsoft Windows XP Professional Szervizcsomag 3 System drive C: has 2 GB (2%) free of 100 GB Total RAM: 511 MB (12% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:26, on 2010-01-02 Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Comodo\Firewall\cmdagent.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE C:\Program Files\D-Tools\daemon.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Prevx2\PXAgent.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\Rendszergazda\Dokumentumok\Letöltések\RSIT.exe C:\Program Files\trend micro\Rendszergazda.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = .local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live bejelentkezési segítség - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (1. másolat)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P39 "EPSON Stylus DX3800 Series (1. másolat)" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx2\PXConsole.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Startup: Windows Live Messenger .lnk = C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - Global Startup: Parancsikon - nod32kui .exe.lnk = C:\Program Files\ESET\nod32kui.exe O4 - Global Startup: Windows asztali kereső.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &Letöltés a FlashGet-tel - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: &Minden letöltése a FlashGet-tel - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Küldés blogba - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Küldés blogba a Windows Live Writer programmal - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwa ... wflash.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\WINDOWS\system32\IoctlSvc.exe (file missing) O23 - Service: PREVXAgent - Prevx - C:\Program Files\Prevx2\PXAgent.exe -- End of file - 9174 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-05 113512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55EA1964-F5E4-4D6A-B9B2-125B37655FCB}] URLDetector Class - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll [2006-01-10 90112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live bejelentkezési segítség - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2007-10-10 325048] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480] "nwiz"=nwiz.exe /install [] "EPSON Stylus DX3800 Series (1. másolat)"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE [2007-12-28 98304] "PrevxOne"=C:\Program Files\Prevx2\PXConsole.exe [] "DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920] "nod32kui"=C:\Program Files\Eset\nod32kui.exe [2008-01-19 949376] "COMODO Firewall Pro"=C:\Program Files\Comodo\Firewall\CPF.exe [2008-01-19 1115728] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] "fssui"=C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-08-05 647520] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-11-24 94208] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-12-28 68856] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840] "EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE [2007-12-28 98304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Indítópult^Adobe Reader gyorsindító.lnk] C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "PREVXAgent"=2 C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult Parancsikon - nod32kui .exe.lnk - C:\Program Files\ESET\nod32kui.exe Windows asztali kereső.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\Rendszergazda\Start Menu\Programs\Indítópult OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe Windows Live Messenger .lnk - C:\Program Files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll [2007-09-23 143360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Bhm16.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Vch05.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"= "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe::Enabled:LimeWire" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe::Enabled:µTorrent" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe::Enabled:Windows Live Sync" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe::Enabled:FlashFXP v3" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe::Enabled:Windows Live Sync" ======List of files/folders created in the last 1 months====== 2010-01-02 17:25:35 ----D---- C:\Program Files\trend micro 2010-01-02 17:25:32 ----D---- C:\rsit 2009-12-09 17:21:44 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2009-12-09 17:21:12 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2009-12-09 17:19:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2009-12-09 17:18:51 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2009-12-09 17:18:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ ======List of files/folders modified in the last 1 months====== 2010-01-02 17:26:27 ----D---- C:\WINDOWS\Prefetch 2010-01-02 17:25:35 ----RD---- C:\Program Files 2010-01-02 17:16:05 ----D---- C:\WINDOWS\temp 2010-01-02 16:43:44 ----D---- C:\Program Files\Mozilla Firefox 2010-01-02 16:43:06 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-02 16:42:26 ----D---- C:\Documents and Settings\Rendszergazda\Application Data\OpenOffice.org2 2010-01-02 16:41:58 ----D---- C:\Program Files\Prevx2 2010-01-02 16:41:10 ----SHD---- C:\WINDOWS\CSC 2010-01-01 18:29:40 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-12-31 16:45:10 ----D---- C:\WINDOWS 2009-12-27 10:07:38 ----A---- C:\WINDOWS\NeroDigital.ini 2009-12-24 09:56:36 ----D---- C:\Program Files\uTorrent 2009-12-23 13:37:49 ----D---- C:\Documents and Settings\Rendszergazda\Application Data\uTorrent 2009-12-10 07:30:41 ----D---- C:\WINDOWS\system32 2009-12-10 07:30:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-12-10 07:08:59 ----HD---- C:\WINDOWS\inf 2009-12-09 17:21:52 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-12-09 17:21:50 ----D---- C:\WINDOWS\system32\drivers 2009-12-09 17:21:23 ----A---- C:\WINDOWS\imsins.BAK 2009-12-09 17:20:11 ----D---- C:\Program Files\Internet Explorer 2009-12-09 17:19:52 ----D---- C:\WINDOWS\ie8updates 2009-12-09 17:19:39 ----HD---- C:\WINDOWS\$hf_mig$ ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 CmdMon;Comodo Application Engine; C:\WINDOWS\System32\DRIVERS\cmdmon.sys [2008-01-19 75520] R1 kbdhid;Billentyűzet HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2008-01-19 15424] R1 PREVXTdi;PREVX TDI filter; C:\WINDOWS\system32\DRIVERS\pxtdi.sys [2007-09-05 28040] R1 PXRDDriver;PREVX Rootkitscan driver; C:\WINDOWS\system32\DRIVERS\pxrd.sys [2007-09-05 23048] R1 WS2IFSL;Windows Socket 2.0 - nem IFS-t szolgáltató támogatási környezet; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-26 12032] R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys [] R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2008-01-19 512096] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-01-08 812416] R3 EL90XBC;3Com EtherLink XL 90XB/C adapter Driver; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591] R3 HidUsb;Microsoft HID osztályú illesztőprogram; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Egér HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160] R3 ms_mpu401;Microsoft MPU-401 MIDI UART illesztőprogram; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-26 5888] R3 usbccgp;Microsoft USB általános szülő-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Microsoft USB 2.0 bővített állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Microsoft USB szabványos hub-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Microsoft USB nyílt állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [] S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [] S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [] S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [] S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [] S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 CCDECODE;Feliratdekódoló; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 genmcmn;Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gmfiltr.sys [] S3 MSTEE;Microsoft Streaming Tee/Sink - Sink átalakító; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI kodek; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV-/videokapcsolat; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Hálózatfigyelő illesztőprogramja; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 PREVXEmulator;PREVX Emulator driver; C:\WINDOWS\system32\DRIVERS\PxEmu.sys [2007-09-05 107784] S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-09-18 61600] S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-09-18 9360] S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-09-18 97184] S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-09-18 88688] S3 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-09-18 18704] S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-09-18 86560] S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-09-18 90800] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 USB_RNDIS;Arris Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800] S3 usbprint;Microsoft USB PRINTER osztály; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;USB-képolvasó illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;USB háttértár illesztőprogramja; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [] S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [] S3 WSTCODEC;World Standard Teletext kodek; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 CmdAgent;Comodo Application Agent; C:\Program Files\Comodo\Firewall\cmdagent.exe [2008-01-19 361040] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336] R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2008-01-19 552064] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810] R2 PREVXAgent;PREVXAgent; C:\Program Files\Prevx2\PXAgent.exe [2007-10-09 162872] R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2007-02-05 300032] S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-02-07 72704] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Windows Live Családbiztonság szolgáltatás; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-08 138168] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WMPNetworkSvc;A Windows Media Player hálózatmegosztási szolgáltatása; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-10 919040] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
szomb. jan. 02, 2010 17:31

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	Udv dorci,legy szives es ted ide az RSIT,logjat http://images.malwareremoval.com/random/RSIT.exe klik continue es ted ide majd a logot,
szomb. jan. 02, 2010 17:21

dorci ezüst tag Csatlakozott: hétf. ápr. 07, 2008 17:53 Hozzászólások: 43	hello stell légyszives nézz nekem egy logot Logfile of HijackThis v1.99.1 Scan saved at 16:51, on 2010-01-02 Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Comodo\Firewall\cmdagent.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE C:\Program Files\D-Tools\daemon.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Prevx2\PXAgent.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\Rendszergazda\Asztal\Új mappa\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live bejelentkezési segítség - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (1. másolat)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P39 "EPSON Stylus DX3800 Series (1. másolat)" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx2\PXConsole.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Startup: Windows Live Messenger .lnk = C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - Global Startup: Parancsikon - nod32kui .exe.lnk = C:\Program Files\ESET\nod32kui.exe O4 - Global Startup: Windows asztali kereső.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &Letöltés a FlashGet-tel - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: &Minden letöltése a FlashGet-tel - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Küldés blogba - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Küldés blogba a Windows Live Writer programmal - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwa ... wflash.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O20 - Winlogon Notify: WBSrv - C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\WINDOWS\system32\IoctlSvc.exe (file missing) O23 - Service: PREVXAgent - Unknown owner - C:\Program Files\Prevx2\PXAgent.exe" -f (file missing)
szomb. jan. 02, 2010 16:55

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	nincsen mit,egy kicsit tovab tartot mert Rootkit gyanus volt, udv,
hétf. dec. 28, 2009 15:59

rozumnij sergej nyikolaje platina tag Csatlakozott: szomb. feb. 03, 2007 11:36 Hozzászólások: 528	Ezer köszönet érte a segítségedért nagyon hálás vagyuk érte!
hétf. dec. 28, 2009 15:57

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	drivert telepit,,de futatod a OTLIST2 programot>es klik Cleanup,yes.yes akor kiviszi a maradekot GMer ,combofix es igy tovab,
hétf. dec. 28, 2009 15:51

rozumnij sergej nyikolaje platina tag Csatlakozott: szomb. feb. 03, 2007 11:36 Hozzászólások: 528	OK. Akkor még egy gondol kevesebb hala a neked ! Gmer az ugye nem telepöl fel mit ComboFix ,tehát simán áthelyezhető a kukába
hétf. dec. 28, 2009 15:47
Hozzászólások megjelenítése: Rendezés

Oldal: 28 / 39

[ 1923 hozzászólás ]

Oldal Előző 1 ... 25, 26, 27, 28, 29, 30, 31 ... 39 Következő

Ki van itt

Jelenlévő fórumozók: nincs regisztrált felhasználó valamint 3 vendég

Nem nyithatsz témákat ebben a fórumban.
Nem válaszolhatsz egy témára ebben a fórumban.
Nem szerkesztheted a hozzászólásaidat ebben a fórumban.
Nem törölheted a hozzászólásaidat ebben a fórumban.

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by ST Software for PTF.
Magyar fordítás © Magyar phpBB Közösség