Udv
Ez lehet akarmi, Rootkit, virus, Kiszolgalo FUP,
Tedd ide az RSIT logjat
http://www.virus-stell.com/2010/04/rsit.html

Üdv stell,újra itt......
Valamitől lassul a netem csak a net,amúgy megy a gép,mivel keressek?

Irtam az F-1 bilentyu hibas, , mert amilyen programot, feladat kezelot kinyitsz az F-1 benyomasakor, kiugrik annak a programnak, a sugoja.
Tehat a te esetedben ha le is van tiltva a servicesben, es ha be van tapadva, hibas az F-1 akkor kiugrik annak a programnak a sugoja amit futtatsz.
Uj telepitest csinaltal, tehat 100 szazalek hogy a bilentyuk a hibasak,.

kicserélem hétfőn... amióta le van tiltva a súgó azóta csak 1 crome súgót indít, meg a feladatkezelőnek a helpjét

En nem latok ot 123ablakot,azt latom hogy a sugo fut,ez most magától indult, vagy te indítottad, .
Ha asztali gep akkor csereld ki a bilentyuzetet, ezt a hibat az F-1 bilentyu csinalja.

Cseréld ki azt a billentyűzetet.

És egy tanács: sose tölts fel bmp formátumban. Semmi értelme nincs, csak a mérete 10-20 szorosa feleslegesen. A bmp-t másra használják. Itt a jpg a megfelelő.

http://leteckaposta.cz/143237535 screen
régebben volt hibám ezzel a billentyűzettel,el se indult a windows. szétszettem kitisztítottam, és azóta használom. most le van tiltva a súgó mégis indítja.

A lemez jo,Csinalj nekem screenshotot, ezekrol az ablakokrol es tedd ide.
A bilentyuzetet nem ontott-edd le valami teaval, kaveval??

lefuttattam, azt írta a lemezellenőrzés ütemezve van, utánna egyből hogy a lemezellenőrzés megszakítva. megpróbáltam mégegyszer ugyanaz. elindlt a windows vele együtt a qtorrent user manual 136szor...

----------------------------------------------------------------------------
CrystalDiskInfo 4.1.3 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional Szervizcsomag 3 [5.1 Build 2600] (x86)
Date : 2011/12/02 20:35:05

-- Controller Map ----------------------------------------------------------
+ Szabványos kétcsatornás PCI IDE-vezérlő [ATA]
+ Elsődleges IDE csatorna (0)
- HL-DT-ST DVDRAM GSA-H12N
- WDC WD1600AAJB-00PVA0
- Másodlagos IDE csatorna (1)
+ Szabványos kétcsatornás PCI IDE-vezérlő [ATA]
- Elsődleges IDE csatorna (0)
- Másodlagos IDE csatorna (1)
+ SCSI/RAID Host Controller [SCSI]
- HJ3842U NJG860B SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD1600AAJB-00PVA0 : 160.0 GB [0-0-0, pd1]

----------------------------------------------------------------------------
(1) WDC WD1600AAJB-00PVA0
----------------------------------------------------------------------------
Model : WDC WD1600AAJB-00PVA0
Firmware : 00.07H00
Serial Number : WD-WMAP9J176374
Disk Size : 160.0 GB (8.4/137.4/160.0)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 312581808
Rotation Rate : Ismeretlen
Interface : Parallel ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : Ultra DMA/100
Power On Hours : 12763 óra
Power On Count : 1159 x
Temparature : 37 C (98 F)
Health Status : Jó
Features : S.M.A.R.T., AAM, 48bit LBA
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Olvasás közben elõforduló hibák száma
03 161 159 _21 000000000B75 Felpörgési idõ
04 _99 _99 __0 0000000004B2 Elindulások/leállások száma
05 200 200 140 000000000000 Tartalék területekre áthelyezett szektorok száma
07 200 200 _51 000000000000 Fejpozicionálás közben elõforduló hibák száma
09 _83 _83 __0 0000000031DB Bekapcsolva töltött idõ
0A 100 100 _51 000000000000 Felpörgési újrapróbálkozások száma
0B 100 100 _51 000000000000 Kalibrálási újrapróbálkozások száma
0C _99 _99 __0 000000000487 Ki-be kapcsolások száma
C0 200 200 __0 000000000095 Kikapcsolást visszavonások száma
C1 200 200 __0 0000000004B2 Ki-be töltések száma
C2 106 _93 __0 000000000025 Mûködési hõmérséklet
C4 200 200 __0 000000000000 Áthelyezési kisérletek száma
C5 200 200 __0 000000000000 Függõben levõ szektorok száma
C6 200 200 __0 000000000000 Javíthatatlan szektorok száma
C7 200 200 __0 000000000010 Adatátviteli hibák száma
C8 200 200 _51 000000000000 Írás közben elõforduló hibák száma

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 4D 41 50
020: 39 4A 31 37 36 33 37 34 00 00 40 00 00 32 30 30
030: 2E 30 37 48 30 30 57 44 43 20 57 44 31 36 30 30
040: 41 41 4A 42 2D 30 30 50 56 41 30 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 FE 00 00 74 6B 7F 01 41 23 74 68 BC 01 41 23
0B0: 20 3F 00 16 00 00 00 00 FF FE 60 3B 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 9E B0 12 A1 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E0 00 CB 44 E1
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 10
0F0: 40 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 09 00 00 00 00 00 00 00 00 12 88 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 20 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 24 A5

1:Letöltés CrystalDiskInfo (Portable Edition), Futtasd >> és utana válassza a "Másolás", és illesszd be az adatok ide Ctrl+V
http://crystalmark.info/download/index-e.html

2:a parancssorba ird br
chkdsk /f/r C:
Enter,
Beleegyezes
Restart, es hagyad hogy az chkdsk viszgalja meg a merev lemezet,

üdv. egyre töbször jelenkezik ismét a hiba! lefuttataam a eventvwr. msc és a következőt napózta:

HelpSvc.exe (9356) A következő fájl árnyékfejléce nem írható: C:\WINDOWS\PCHealth\HelpCtr\Config\CheckPoint\tmp.edb. Hibakód: -1032
úgyhogy letiltottam ismételten a súgót de így is indul csak ritkábban meg nem mindig súgót hanem mmc.exe-t vagy legutóbb hh.exe-t indított. ha tudsz kérlek segíts!

Avira Freeware verzió.

új hibát csak a telepítésnél ír, csak infok vannak. tudsz ajánlani egy kis rendszerigényű és hatékony vírusírtót?

nezd meg a hiba jelentesekben, hogy mire panaszkodig.
start futtatasba ird be
Eventvwr.msc

üdv. lefuttattam a javító telepítést, de az újraindítás után összeomlott a rendszer... A vicc az hogy újratelepítettem és a probléma így is jelentkezik, csak most a kisablakban 0xc0000142re hivatkozik!

leszedheted, de hagyhatod is, mindegy, csinald a javito telepitest,
Majd meglassuk, ugy nezem hogy valamejik rendszer fajlo csinalhassa,
nincsen mit koszonod,

köszönöm a segítséged

leszedjem ezt a progit? mert jönnek a kis ablakok egyfolytában hogy blokkolt mert kapcsolodni akart 1 köztudottan rosszindulatú vebhelyhez

keygen,ezt nem csinalhassa, ha akkarod torold, mindegy,
Akkor maradt a javito telepites, a chrome bongeszot szed le a geprol, majd vissza rakod.
http://www.virus-stell.com/2010/04/javi ... -2000.html

Ha meglesz, akkor ird meg mi van, majd holnap megnezem.

újraindítottam, de a crome ugyanúgy indult.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Adatbázis verzió: 8280

Windows 5.1.2600 Szervizcsomag 3
Internet Explorer 7.0.5730.11

2011.11.30. 20:53:00
mbam-log-2011-11-30 (20-52-51).txt

Vizsgálat típusa: Teljes vizsgálat (C:\|D:\|)
Átvizsgált objektumok: 213476
Eltelt idő: 23 perc, 1 másodperc

Fertőzött memóriafolyamatok: 0
Fertőzött memória modulok: 0
Fertőzött Rendszerleíró kulcsok: 0
Fertőzött Rendszerleíró értékek: 0
Fertőzött Rendszerleíró adatelemek: 0
Fertőzött mappák: 0
Fertőzött fájlok: 1

Fertőzött memóriafolyamatok:
(Nem találhatók rosszindulatú elemek)

Fertőzött memória modulok:
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró kulcsok:
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró értékek:
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró adatelemek:
(Nem találhatók rosszindulatú elemek)

Fertőzött mappák:
(Nem találhatók rosszindulatú elemek)

Fertőzött fájlok:
d:\download\command & conquer - red alert 2\keygen.exe (RiskWare.Tool.CK) -> No action taken.

Futtasd a Malwarebytest, teljes vizsgalat, amit talal, torolni a lohjat tedd ide,
http://www.virus-stell.com/2010/04/malw ... lware.html

az msn-el indult a crome, 42 ablak, azt a crome nem válaszol újraindítja most ablak, amivel beteritette a képernyőt...

Futtasd meg egyszer es nyomd be a FIXMBR gombot, utana restart es ird meg mi van.

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-30 19:49:38
-----------------------------
19:49:38.546 OS Version: Windows 5.1.2600 Szervizcsomag 3
19:49:38.546 Number of processors: 1 586 0x2F02
19:49:38.562 ComputerName: MACI-5B0A36A2E8 UserName: Kiss Balázs
19:49:38.750 Initialize success
19:50:14.718 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
19:50:14.718 Disk 0 Vendor: WDC_WD1600AAJB-00PVA0 00.07H00 Size: 152627MB BusType: 3
19:50:16.734 Disk 0 MBR read successfully
19:50:16.734 Disk 0 MBR scan
19:50:16.734 Disk 0 Windows XP default MBR code
19:50:16.734 Disk 0 scanning sectors +312560640
19:50:16.796 Disk 0 scanning C:\WINDOWS\system32\drivers
19:50:24.593 Service scanning
19:50:25.453 Modules scanning
19:50:28.687 Disk 0 trace - called modules:
19:50:28.703 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
19:50:28.703 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86595ab8]
19:50:28.703 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\00000069[0x8659c1f8]
19:50:28.703 5 ACPI.sys[f735e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x86554d98]
19:50:29.031 Scan finished successfully
19:52:54.843 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Kiss Balázs\Asztal\MBR.dat"
19:52:54.843 The log file has been saved successfully to "C:\Documents and Settings\Kiss Balázs\Asztal\aswMBR.txt"

1:hm, a mbr, Rootkitet jelez, tehat most csinald meg eztet, szed le ideglenesen a DAEMont
http://www.virus-stell.com/2010/04/daem ... lator.html

2: Futtatod az awsmbr programot
aswMBR a rootkit szkenner,amely ellenőrzi és eltávolítja a TDL3/4 MBRoot (Sinowal) rootkittet.
LETÖLTÉS
http://public.avast.com/%7Egmerek/aswMBR.exe
1: Letöltés aswMBR.exe .
2: Dupla kattintás és futtassuk az aswMBR.exe
3: Kattintson a "Scan" a szkennelés elindításához
4: Ha a program fertőzés jelez Kattintson a "Fix" gombra
5: UTASÍTÁSOK
http://public.avast.com/%7Egmerek/aswMBR.htm

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD1600AAJB-00PVA0 rev.00.07H00 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe >>UNKNOWN [0x865CF808]<<
_asm { MOV EAX, 0x865cf728; XCHG [ESP], EAX; PUSH EAX; PUSH 0x865d20d4; RET ; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; }
1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x86561AB8]
\Driver\Disk[0x864EDA08] -> IRP_MJ_CREATE -> 0x865CF808
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
detected hooks:
\Driver\Disk -> 0x865cf808
user & kernel MBR OK
Warning: possible MBR rootkit infection !

ok, a masikkat a start>.futtatsba masoldbe
"%Userprofile%\asztal\mbr.exe" -t -s -l "% userprofile%\asztal\GMER.txt"

1: Tedd fel ide, klik Prochazet, talald meg es Poslat., a linket tedd ide
http://leteckaposta.cz/

2: Olvasd mit irtam, a fajlot az asztalra tedd es a ugy masold be a parancssorba ezt a textet, nefelejt ki a jelzoket se.
"%Userprofile%\asztal\mbr.exe" -t -s -l "% userprofile%\asztal\GMER.txt"

az 1 es kész, ha adsz 1 emailt elküldöm. a 2esre azt írja hogy a rendszer nem találja a megadott elérési utat

Itt valami Virus garazdalkodig, na nem baj,
1:Letoltod a szlovak blogombol az XUETR, programot az asztalra
http://www.viruskasino.com/2010/12/prog ... html#XueTr

Kicsomagolod az asztalra es futtatod,az xuetr.exe, nem szabad tevedned,
A tetejen talald meg az computer examination fullet,
Az aljan klikelj a generating gombra, egy kicsit eltart de vard meg a logot,
Mikkor befejezi , klikelj az export examination, fullre, a log talan igen hosszu lesz, ha nem fer be, akkor csomagold be es tedd fel valahova es a linket tedd ide.

2:1: Töltse le az mbr.exe fájlt az asztalra.
http://www2.gmer.net/mbr/mbr.exe
2: Nyomja meg a Windows+R billentyű kombinációt.
3: Az üres mezőbe ird be a cmd parancsot.
4: A megjelenő fekete ablakba, masold be be az alábbi parancsot.



7: Az asztalra lementődik a naplófájl: GMER.txt.tedd ide

megcsináltam, ujraindítottam, és automatán crome, msn kezdőlap, és kisablak: profilját nem sikerültmegnyitni, lehet hogy néhány funkciót nem tud használni. kérjük ellenőrizze hogy a profil létezik-e és hogy önnek van-e engedélye olvasni és irni annak tartalmát. ez vagy 200 kisablakban, úgyhogy reset.

Kinyitunk - Notepadot (Jegyzetfüzetet)igy: Start>futtatás>beírod: notepad
és bemásolod- a Kód: címszó alatt található zöld textet(Kód: szó nélkül), aztán a notepadba beillesztett textet elmentjük scriptnek az asztalra , úgy:- Fájl>Mentés Másként>Fájlnév>javitas.bat>Fájl típusa>Minden fájl>Mentés.(Ásztálra),.Kész, az futtatod, utana RESTART,

bocs, lehet hogy kiröhögsz de kicsit bővebben... hogy csinálok bat fájlt?

na mindegy, ha ugy volt bealitva ahogy leirtam, tehat gyogyitasra, akkor ok,

Most csinalj egy
javitas.bat
fajlot

Masold be a notepad, ba ezt a szoveget,
es futtasd le, utana restart, es ird meg mi van.

bocs, de ez a vége:


2011.11.30. 16:27:49 OK G:\Setup\data1.hdr/Level10_06.jpg
2011.11.30. 16:27:50 OK G:\Setup\data1.hdr
2011.11.30. 16:27:50 OK G:\Setup\data1.cab/Level10_03.jpg
2011.11.30. 16:27:50 OK G:\Setup\data2.cab/Level09_06.jpg
2011.11.30. 16:27:50 OK G:\Setup\data1.cab/Level10_04.jpg
2011.11.30. 16:27:50 OK G:\Setup\data2.cab/Level10_01.jpg
2011.11.30. 16:27:51 OK G:\Setup\data1.cab/Level10_05.jpg
2011.11.30. 16:27:51 OK G:\Setup\data2.cab/Level10_02.jpg
2011.11.30. 16:27:51 OK G:\Setup\data1.cab/Level10_06.jpg
2011.11.30. 16:27:51 OK G:\Setup\data2.cab/Level10_03.jpg
2011.11.30. 16:27:51 OK G:\Setup\data1.cab
2011.11.30. 16:27:52 OK G:\Setup\data2.cab/Level10_04.jpg
2011.11.30. 16:27:52 OK G:\Setup\data2.cab/Level10_05.jpg
2011.11.30. 16:27:52 OK G:\Setup\data2.cab/Level10_06.jpg
2011.11.30. 16:27:53 OK G:\Setup\data2.cab
2011.11.30. 16:27:54 Task completed

Nekem eleg az a resz a vegen ahol a talalt van, ha talált e valamit
Detected threats:

üdv kész vagyok, de ezt nem tudom ide beilleszteni nagyon hosszú! hogy legyen?

jójó.. megcsinálom. köszönöm az eddigi segítséged.

Igen, a rendszer bejedzete ezeket a hibakat, es ugy nezem hogy ,, vagy fertozot rendszer fajlok, vagy megvan serulve a rendszer, mert mindig mas szolgaltatasokra panaszkodik,,, na nem baj eloszor le futtatod az AVPTOLL11, verziojat, es a naplojat tedd ide, a vizsgalat ojan 4,5 oraig tart, majd alitsd be ugy ahogy le irtam, es a naplojat tedd ide.
A 11-verziot tolds le, majd holnap megnezem mit talalt.
http://www.virus-stell.com/2010/04/avptool.html

extras:


OTL Extras logfile created on: 2011.11.29. 19:45:09 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Kiss Balázs\Asztal
Windows XP Professional Edition Szervizcsomag 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000040E | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.

1023,23 Mb Total Physical Memory | 363,01 Mb Available Physical Memory | 35,48% Memory free
2,90 Gb Paging File | 2,14 Gb Available in Paging File | 73,80% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 5,14 Gb Free Space | 17,54% Space Free | Partition Type: NTFS
Drive D: | 119,75 Gb Total Space | 12,65 Gb Free Space | 10,56% Space Free | Partition Type: NTFS
Drive F: | 658,47 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 113,95 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MACI-5B0A36A2E8 | User Name: Kiss Balázs | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-725345543-1715567821-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Rendszerfelügyeleti webszolgáltatások

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe" = C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe:*:Enabled:Sid Meier's Civilization IV Colonization -- (Firaxis Games)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07010016-0001-2010-0110-4D6161546563}" = MaaTec Sudoku
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live feltöltőeszköz
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{257A92C3-7E41-4678-9144-6920F4289D0F}" = Windows Live Messenger
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 26
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{341710E4-7414-4BC7-8AB4-CD38848FCA23}" = Paradise Pet Salon
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{350C940e-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{41F4B3D2-3CC8-41B5-99B8-3A9C1BCDEA0A}" = AVG 2012
"{42E0783D-3BA4-454B-B58A-BF26E49EB7DE}" = Ballance
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{65F698DE-D720-424C-B97D-490E52FB7984}_is1" = Warzone 2100
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{733EB793-0840-4D69-97AA-6934FC79DB16}" = Windows Live bejelentkezési segéd
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8FC113D5-64A6-40EE-9A39-DAB4650457A8}" = Microsoft .NET Framework 1.1 Hungarian Language Pack
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99A98C71-A900-44E7-AD98-70E6368FB4D0}" = Windows Live Essentials
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{BB6BE4FE-E508-4ED8-8C63-8C98187842D5}" = ESET NOD32 Antivirus
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C03AC175-5A62-4D91-BF8E-DC65CDC48FD7}" = Sudoku1
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FE5CECF3-A8A6-4A31-A1EB-8C20409D5281}" = Microsoft .NET Framework 2.0 Language Pack - HUN
"504244733D18C8F63FF584AEB290E3904E791693" = Windows illesztőprogram-csomag - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Szoftver eltávolító
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.1
"ATI Display Driver" = ATI Display Driver
"CCleaner" = CCleaner
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.50
"FinalAlert 2 Yuri's Revenge" = FinalAlert 2 Yuri's Revenge
"Heroes of Hellas 3 - Athens1.0" = Heroes of Hellas 3 - Athens
"Heroes of Might and Magic IV" = Heroes of Might and Magic® IV: Winds of War
"InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"KLiteCodecPack_is1" = K-Lite Codec Pack 2.87 Full
"Luxor Mahjong" = Luxor Mahjong (remove only)
"MahJong Quest III_is1" = MahJong Quest III
"MahJong Suite_is1" = MahJong Suite 2011 v8.1
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - HUN" = Microsoft .NET Framework 2.0 Language Pack - HUN
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"PROR" = Microsoft Office Professional 2007
"Red Alert 2" = Command & Conquer Red Alert 2
"S4Uninst" = The Settlers IV
"TC UP" = Total Commander Ultima Prime 5.0.0.0
"The KMPlayer" = The KMPlayer (remove only)
"UltraISO_is1" = UltraISO Premium V9.32
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiváló
"Xilisoft HD Video Converter" = Xilisoft HD Video Converter
"Yuri's Revenge" = Command && Conquer Red Alert 2 - Yuri's Revenge

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-725345543-1715567821-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2011.09.29. 5:31:31 | Computer Name = MACI-5B0A36A2E8 | Source = Windows Search Service | ID = 3013
Description = A szórótábla <C:\DOCUMENTS AND SETTINGS\KISS BALÁZS\RECENT\DESKTOP.INI>
bejegyzését nem sikerült frissíteni. Környezet: alkalmazás, SystemIndex katalógus

Részletek:
Egy
rendszerhez csatlakoztatott eszköz nem működik. (0x8007001f)

Error - 2011.10.03. 2:26:53 | Computer Name = MACI-5B0A36A2E8 | Source = Application Hang | ID = 1002
Description = Nem válaszoló alkalmazás: rundll32.exe, verzió: 5.1.2600.5512, nem
válaszoló modul: hungapp, verzió: 0.0.0.0, memóriacím: 0x00000000.

Error - 2011.10.03. 2:54:25 | Computer Name = MACI-5B0A36A2E8 | Source = Application Error | ID = 1000
Description = Hibás alkalmazás: hoh3.exe, verzió: 0.0.0.0, hibás modul: hoh3.exe,
verzió: 0.0.0.0, memóriacím: 0x001dd673.

Error - 2011.10.04. 3:30:50 | Computer Name = MACI-5B0A36A2E8 | Source = Application Error | ID = 1000
Description = Hibás alkalmazás: chrome.exe, verzió: 14.0.835.187, hibás modul: chrome.dll,
verzió: 14.0.835.187, memóriacím: 0x0021d2d7.

Error - 2011.10.04. 3:30:54 | Computer Name = MACI-5B0A36A2E8 | Source = Application Hang | ID = 1002
Description = Nem válaszoló alkalmazás: chrome.exe, verzió: 14.0.835.187, nem válaszoló
modul: hungapp, verzió: 0.0.0.0, memóriacím: 0x00000000.

Error - 2011.10.04. 8:25:58 | Computer Name = MACI-5B0A36A2E8 | Source = Application Error | ID = 1000
Description = Hibás alkalmazás: warzone.exe, verzió: 1.0.0.1, hibás modul: warzone.exe,
verzió: 1.0.0.1, memóriacím: 0x000a1cc5.

Error - 2011.10.09. 5:05:28 | Computer Name = MACI-5B0A36A2E8 | Source = Application Error | ID = 1000
Description = Hibás alkalmazás: taskmgr.exe, verzió: 5.1.2600.5512, hibás modul:
mshtml.dll, verzió: 7.0.6000.17102, memóriacím: 0x000682a8.

Error - 2011.10.09. 5:08:04 | Computer Name = MACI-5B0A36A2E8 | Source = Application Error | ID = 1000
Description = Hibás alkalmazás: chrome.exe, verzió: 14.0.835.202, hibás modul: chrome.dll,
verzió: 14.0.835.202, memóriacím: 0x0021d3b3.

Error - 2011.10.10. 5:41:37 | Computer Name = MACI-5B0A36A2E8 | Source = ESENT | ID = 490
Description = svchost (1264) A(z) „C:\WINDOWS\system32\CatRoot2\tmp.edb” fájl olvasásra
és írásra történő megnyitása a(z) 32 (0x00000020) rendszerhiba miatt nem sikerült:
„A folyamat nem fér hozzá a fájlhoz, mert azt egy másik folyamat használja. ”.
A fájlmegnyitási művelet a következő hiba miatt fog leállni: -1032 (0xfffffbf8).

Error - 2011.10.10. 5:41:37 | Computer Name = MACI-5B0A36A2E8 | Source = ESENT | ID = 485
Description = svchost (1264) A(z) „C:\WINDOWS\system32\CatRoot2\tmp.edb” fájl törlése
a(z) 5 (0x00000005) rendszerhiba miatt nem sikerült: „A hozzáférés megtagadva.
”. A fájltörlési művelet a következő hiba miatt fog leállni: -1032 (0xfffffbf8).

[ System Events ]
Error - 2011.11.29. 12:59:31 | Computer Name = MACI-5B0A36A2E8 | Source = DCOM | ID = 10005
Description = A DCOM a következő hibát észlelte :"%1084" EventSystem szolgáltatásnak
"" paraméterekkel való indítása közben. Ezért a következő kiszolgálót nem sikerült
futtatni: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2011.11.29. 12:59:42 | Computer Name = MACI-5B0A36A2E8 | Source = DCOM | ID = 10005
Description = A DCOM a következő hibát észlelte :"%1058" helpsvc szolgáltatásnak
"" paraméterekkel való indítása közben. Ezért a következő kiszolgálót nem sikerült
futtatni: {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE}

Error - 2011.11.29. 13:00:33 | Computer Name = MACI-5B0A36A2E8 | Source = Service Control Manager | ID = 7001
Description = A(z) DHCP-ügyfél szolgáltatás függ a(z) NetBIOS a TCP/IP felett szolgáltatástól,
amely a következő hiba miatt nem tudott elindulni: %%31

Error - 2011.11.29. 13:00:33 | Computer Name = MACI-5B0A36A2E8 | Source = Service Control Manager | ID = 7001
Description = A(z) DNS-ügyfél szolgáltatás függ a(z) TCP/IP protokoll illesztőprogramja
szolgáltatástól, amely a következő hiba miatt nem tudott elindulni: %%31

Error - 2011.11.29. 13:00:33 | Computer Name = MACI-5B0A36A2E8 | Source = Service Control Manager | ID = 7001
Description = A(z) TCP/IP NetBIOS támogató szolgáltatás függ a(z) AFD szolgáltatástól,
amely a következő hiba miatt nem tudott elindulni: %%31

Error - 2011.11.29. 13:00:33 | Computer Name = MACI-5B0A36A2E8 | Source = Service Control Manager | ID = 7001
Description = A(z) Számítógép-tallózó szolgáltatás függ a(z) Kiszolgáló szolgáltatástól,
amely a következő hiba miatt nem tudott elindulni: %%1058

Error - 2011.11.29. 13:00:33 | Computer Name = MACI-5B0A36A2E8 | Source = Service Control Manager | ID = 7001
Description = A(z) IPSEC szolgáltatások szolgáltatás függ a(z) IPSEC-illesztőprogram
szolgáltatástól, amely a következő hiba miatt nem tudott elindulni: %%31

Error - 2011.11.29. 13:00:33 | Computer Name = MACI-5B0A36A2E8 | Source = Service Control Manager | ID = 7026
Description = A következő boot- vagy rendszerindító illesztőprogram(ok) nem indult(ak)
el: AFD AmdPPM ehdrv epfwtdir Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss sptd Tcpip VD_FileDisk

Error - 2011.11.29. 13:11:33 | Computer Name = MACI-5B0A36A2E8 | Source = DCOM | ID = 10005
Description = A DCOM a következő hibát észlelte :"%1084" EventSystem szolgáltatásnak
"" paraméterekkel való indítása közben. Ezért a következő kiszolgálót nem sikerült
futtatni: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2011.11.29. 13:12:38 | Computer Name = MACI-5B0A36A2E8 | Source = Service Control Manager | ID = 7001
Description = A(z) Számítógép-tallózó szolgáltatás függ a(z) Kiszolgáló szolgáltatástól,
amely a következő hiba miatt nem tudott elindulni: %%1058


< End of report >

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Kiss Bal\u00E1zs\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Kiss Bal\u00E1zs\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Kiss Bal\u00E1zs\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Documents and Settings\Kiss Bal\u00E1zs\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Kiss Bal\u00E1zs\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2011.11.29 18:35:38 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-725345543-1715567821-682003330-1003\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-725345543-1715567821-682003330-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-1715567821-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-725345543-1715567821-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-725345543-1715567821-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-725345543-1715567821-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 2640710843 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.246.53 213.46.246.54
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD9CAC21-4195-4433-91C0-2E256D522B85}: DhcpNameServer = 213.46.246.53 213.46.246.54
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Jelenlegi saját honlap) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.08.05 22:57:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001.09.25 12:08:44 | 001,572,864 | R--- | M] () - F:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2001.09.25 12:08:44 | 000,000,135 | R--- | M] () - F:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2004.02.23 10:44:06 | 000,000,046 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\divxa32.acm (Kristal StudioD
FileDescription)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imc - C:\WINDOWS\System32\IMC32.acm (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\WINDOWS\System32\I263_32.drv (Intel Corporation)
Drivers32: vidc.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP70 - C:\WINDOWS\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.wmv3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: VIDC.X264 - C:\WINDOWS\System32\x264vfw.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011.11.29 18:35:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.11.29 18:35:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.11.29 18:31:11 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kiss Balázs\Asztal\OTL.exe
[2011.11.29 18:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.11.29 18:03:24 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011.11.29 16:57:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011.11.29 16:57:23 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2011.11.29 16:57:23 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2011.11.29 14:18:46 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Kiss Balázs\ComboFix
[2011.11.29 13:41:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011.11.29 13:34:30 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.11.29 13:31:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.11.29 13:31:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kiss Balázs\Start Menu\Programs\Felügyeleti eszközök
[2011.11.29 13:12:23 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011.11.29 10:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.11.29 10:08:01 | 000,000,000 | ---D | C] -- C:\rsit
[2011.11.27 21:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiss Balázs\Application Data\AVG
[2011.11.27 17:55:26 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011.11.27 17:55:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011.11.27 17:48:17 | 000,380,928 | R--- | C] (Simon Fell) -- C:\WINDOWS\System32\pSOAP32.dll
[2011.11.27 17:48:17 | 000,188,416 | R--- | C] (Simon Fell) -- C:\WINDOWS\System32\pocketHTTP.dll
[2011.11.27 17:48:17 | 000,110,676 | R--- | C] (pocketsoap.com) -- C:\WINDOWS\System32\psDime.dll
[2011.11.27 17:48:17 | 000,073,728 | R--- | C] (www.pocketsoap.com) -- C:\WINDOWS\System32\psProxy.dll
[2011.11.26 20:39:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kiss Balázs\Recent
[2011.11.24 16:16:13 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2011.11.05 19:39:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiss Balázs\Start Menu\Programs\Rome - Total War
[2011.11.05 11:45:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ashampoo
[2011.11.05 11:44:26 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2011.11.04 18:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\My Games
[2011.11.04 18:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiss Balázs\Dokumentumok\My Games
[2011.11.04 18:40:00 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2011.11.04 18:39:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Firaxis Games
[2011.11.04 18:36:16 | 000,000,000 | ---D | C] -- C:\Program Files\2K Games
[2011.11.04 18:36:14 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2011.11.04 18:36:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2011.11.04 18:36:14 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2011.11.04 18:36:14 | 000,018,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_2.dll
[2011.11.04 18:36:13 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2011.11.04 18:36:12 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2011.11.04 18:36:11 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2011.11.04 18:36:11 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2011.11.04 18:36:08 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2011.11.04 18:36:08 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2011.11.04 09:06:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiss Balázs\Application Data\Ashampoo
[2011.11.04 09:06:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\ConduitEngine
[2011.11.04 09:05:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\ashampoo
[2011.11.04 09:05:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2011.11.04 08:34:24 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2011.11.04 08:34:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\PackageAware
[2011.11.03 17:57:39 | 000,000,000 | ---D | C] -- C:\tmp
[2011.11.03 17:57:39 | 000,000,000 | ---D | C] -- C:\output
[2011.11.03 14:05:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiss Balázs\Application Data\12Ghosts
[2011.11.03 14:05:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\12Ghosts
[2011.11.03 14:04:19 | 000,000,000 | ---D | C] -- C:\Program Files\12Ghosts
[2011.11.03 13:58:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiss Balázs\Application Data\STGU
[2011.11.03 13:58:27 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Comdlg32.ocx
[2011.11.03 12:54:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kiss Balázs\Start Menu\Programs\Google Chrome

========== Files - Modified Within 30 Days ==========

[2011.11.29 19:46:51 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.11.29 18:53:25 | 000,471,344 | ---- | M] () -- C:\WINDOWS\System32\perfh00E.dat
[2011.11.29 18:53:25 | 000,443,588 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.11.29 18:53:25 | 000,110,290 | ---- | M] () -- C:\WINDOWS\System32\perfc00E.dat
[2011.11.29 18:53:25 | 000,071,846 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.11.29 18:49:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.11.29 18:49:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.11.29 18:35:38 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011.11.29 18:31:21 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kiss Balázs\Asztal\OTL.exe
[2011.11.29 16:19:19 | 000,190,464 | ---- | M] () -- C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.29 13:34:34 | 000,000,336 | RHS- | M] () -- C:\boot.ini
[2011.11.06 09:38:55 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\Kiss Balázs\Asztal\DLOGO.lnk
[2011.11.05 19:42:11 | 000,000,697 | ---- | M] () -- C:\Documents and Settings\Kiss Balázs\Asztal\Parancsikon - RomeTW.lnk
[2011.11.05 19:39:42 | 000,000,240 | ---- | M] () -- C:\WINDOWS\RomeTW.ini
[2011.11.05 11:45:05 | 000,000,864 | ---- | M] () -- C:\Documents and Settings\Kiss Balázs\Application Data\Microsoft\Internet Explorer\Quick Launch\Ashampoo Burning Studio 10.lnk
[2011.11.05 11:45:05 | 000,000,846 | ---- | M] () -- C:\Documents and Settings\All Users\Asztal\Ashampoo Burning Studio 10.lnk
[2011.11.04 18:47:49 | 000,001,009 | ---- | M] () -- C:\Documents and Settings\Kiss Balázs\Asztal\Parancsikon - Colonization.lnk
[2011.11.04 18:40:00 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2011.11.03 12:54:49 | 000,002,308 | ---- | M] () -- C:\Documents and Settings\Kiss Balázs\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011.11.01 08:37:44 | 000,000,085 | ---- | M] () -- C:\WINDOWS\FinalAlert2.ini

========== Files Created - No Company Name ==========

[2011.11.29 19:46:51 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.11.29 13:34:34 | 000,000,220 | ---- | C] () -- C:\Boot.bak
[2011.11.29 13:34:32 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011.11.06 09:38:55 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\Kiss Balázs\Asztal\DLOGO.lnk
[2011.11.05 19:42:12 | 000,000,697 | ---- | C] () -- C:\Documents and Settings\Kiss Balázs\Asztal\Parancsikon - RomeTW.lnk
[2011.11.05 19:39:42 | 000,000,240 | ---- | C] () -- C:\WINDOWS\RomeTW.ini
[2011.11.05 11:45:05 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\Kiss Balázs\Application Data\Microsoft\Internet Explorer\Quick Launch\Ashampoo Burning Studio 10.lnk
[2011.11.05 11:45:05 | 000,000,846 | ---- | C] () -- C:\Documents and Settings\All Users\Asztal\Ashampoo Burning Studio 10.lnk
[2011.11.04 18:47:49 | 000,001,009 | ---- | C] () -- C:\Documents and Settings\Kiss Balázs\Asztal\Parancsikon - Colonization.lnk
[2011.11.03 12:54:49 | 000,002,308 | ---- | C] () -- C:\Documents and Settings\Kiss Balázs\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011.10.23 14:03:37 | 000,000,085 | ---- | C] () -- C:\WINDOWS\FinalAlert2.ini
[2011.08.25 14:28:23 | 000,222,800 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011.08.25 10:05:59 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011.08.25 10:05:59 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011.08.25 10:05:51 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Kiss Balázs\Application Data\$_hpcst$.hpc
[2011.08.07 11:03:05 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2011.08.07 11:01:26 | 000,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd1965.sys
[2011.08.06 12:26:03 | 000,190,464 | ---- | C] () -- C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.06 12:05:15 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\fusioncache.dat
[2011.08.06 10:31:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.08.06 09:27:33 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2011.08.06 09:27:33 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.08.06 09:27:33 | 000,558,592 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2011.08.06 09:27:33 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.08.06 09:27:32 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.08.06 09:19:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011.08.06 09:17:25 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011.08.06 00:49:18 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.08.06 00:46:27 | 000,269,392 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.08.05 23:02:58 | 000,001,732 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011.08.05 23:02:04 | 000,004,445 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2011.08.05 23:02:01 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011.08.05 22:58:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.08.05 22:54:33 | 000,021,948 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.02.11 05:12:00 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010.02.11 05:12:00 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009.11.09 03:08:10 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2009.11.09 03:08:10 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2009.11.09 03:08:10 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2009.11.09 03:08:10 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2009.04.23 23:29:16 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008.05.26 21:22:42 | 000,016,288 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 21:22:40 | 000,023,334 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 21:22:38 | 000,015,770 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008.05.26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008.05.26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008.04.14 04:45:40 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006.12.30 14:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.18 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.18 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.18 12:00:00 | 000,471,344 | ---- | C] () -- C:\WINDOWS\System32\perfh00E.dat
[2004.08.18 12:00:00 | 000,443,588 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.18 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.18 12:00:00 | 000,264,338 | ---- | C] () -- C:\WINDOWS\System32\perfi00E.dat
[2004.08.18 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.18 12:00:00 | 000,110,290 | ---- | C] () -- C:\WINDOWS\System32\perfc00E.dat
[2004.08.18 12:00:00 | 000,071,846 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.18 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.18 12:00:00 | 000,043,990 | ---- | C] () -- C:\WINDOWS\System32\perfd00E.dat
[2004.08.18 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.18 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.18 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011.11.03 14:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\12Ghosts
[2011.11.04 09:05:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2011.11.27 17:55:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011.08.06 10:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2011.11.29 13:16:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011.08.25 10:10:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011.08.25 10:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2011.08.08 13:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TreeCardGames
[2011.11.04 08:34:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2011.11.03 14:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiss Balázs\Application Data\12Ghosts
[2011.11.04 09:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiss Balázs\Application Data\Ashampoo
[2011.11.27 21:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiss Balázs\Application Data\AVG
[2011.08.06 09:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiss Balázs\Application Data\HEXelon
[2011.08.08 13:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiss Balázs\Application Data\iWin
[2011.10.01 19:15:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiss Balázs\Application Data\JaiboGames
[2011.10.14 22:32:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiss Balázs\Application Data\MaaTec
[2011.11.01 19:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiss Balázs\Application Data\MahJong Suite
[2011.08.25 10:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiss Balázs\Application Data\PC Suite
[2011.08.25 10:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiss Balázs\Application Data\Samsung
[2011.11.03 14:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiss Balázs\Application Data\STGU
[2011.11.29 19:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiss Balázs\Application Data\uTorrent
[2011.08.06 11:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiss Balázs\Application Data\Windows Desktop Search
[2011.08.07 19:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiss Balázs\Application Data\Windows Search
[2011.08.06 13:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kiss Balázs\Application Data\Xilisoft Corporation

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"uTorrent" = "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED -- [2011.11.29 08:46:20 | 000,730,488 | ---- | M] (BitTorrent, Inc.)
"msnmsgr" = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background -- [2010.04.16 21:11:38 | 003,872,080 | ---- | M] (Microsoft Corporation)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:32:14 | 000,015,360 | ---- | M] (Microsoft Corporation)

< >


< MD5 for: ACPI.SYS >
[2008.04.14 04:43:16 | 020,107,774 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:acpi.sys
[2008.04.14 04:03:26 | 000,188,032 | ---- | M] (Microsoft Corporation) MD5=5482FF197E59B4CA97CCB1B4740A2949 -- C:\WINDOWS\system32\drivers\acpi.sys

< MD5 for: AGP440.SYS >
[2008.04.14 04:43:16 | 020,107,774 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 04:43:16 | 020,107,774 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.13 12:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 12:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:32:10 | 000,605,184 | ---- | M] (Microsoft Corporation) MD5=73D5C3AA8CD7A8FEDC05A6AD6BCFE684 -- C:\cmdcons\autochk.exe
[2008.04.14 04:32:10 | 000,605,184 | ---- | M] (Microsoft Corporation) MD5=73D5C3AA8CD7A8FEDC05A6AD6BCFE684 -- C:\WINDOWS\system32\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 04:43:16 | 020,107,774 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.13 07:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CHANGER.SYS >
[2008.04.14 04:43:16 | 020,107,774 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: CMD.EXE >
[2008.04.14 04:32:12 | 000,393,216 | ---- | M] (Microsoft Corporation) MD5=1F3AB749140C35172A6710976C596FC2 -- C:\WINDOWS\system32\cmd.exe

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 04:31:50 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=13CB7FC794D005D60712FDD9F1362235 -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 04:31:50 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=13CB7FC794D005D60712FDD9F1362235 -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2008.04.14 04:32:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=7A2DFF483095773CC201420FAD11862F -- C:\WINDOWS\system32\csrss.exe

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:31:52 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4BFA2DC223A814CCD1D07C6A0E26C72B -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 04:31:52 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4BFA2DC223A814CCD1D07C6A0E26C72B -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:32:18 | 001,035,776 | ---- | M] (Microsoft Corporation) MD5=AD3A8A9E8914439852A98CE48015E237 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 04:32:18 | 001,035,776 | ---- | M] (Microsoft Corporation) MD5=AD3A8A9E8914439852A98CE48015E237 -- C:\WINDOWS\explorer.exe

< MD5 for: FASTFAT.SYS >
[2008.04.13 07:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys

< MD5 for: HAL.DLL >
[2008.04.14 04:43:16 | 020,107,774 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.13 07:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: I8042PRT.SYS >
[2008.04.14 04:43:16 | 020,107,774 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:i8042prt.sys
[2008.04.14 04:08:16 | 000,052,736 | ---- | M] (Microsoft Corporation) MD5=D7947ECF17544CED478BD969939DB349 -- C:\WINDOWS\system32\drivers\i8042prt.sys

< MD5 for: IASTOR.SYS >
[2008.05.20 11:17:58 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\WINDOWS\NLDRV\001\iastor.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 04:43:16 | 020,107,774 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 04:10:22 | 000,037,504 | ---- | M] (Microsoft Corporation) MD5=3685529CAA2B14C9632E85E265BA293B -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: KBDCLASS.SYS >
[2008.04.14 04:43:16 | 020,107,774 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:kbdclass.sys
[2008.04.14 04:10:52 | 000,024,960 | ---- | M] (Microsoft Corporation) MD5=51D3342D1A0C19605095405352BB009B -- C:\WINDOWS\ERDNT\cache\kbdclass.sys
[2008.04.14 04:10:52 | 000,024,960 | ---- | M] (Microsoft Corporation) MD5=51D3342D1A0C19605095405352BB009B -- C:\WINDOWS\system32\drivers\kbdclass.sys

< MD5 for: LSASS.EXE >
[2008.04.14 04:32:22 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=21844F6DA13ECE4737D0B7524EDEB6EC -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 04:32:22 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=21844F6DA13ECE4737D0B7524EDEB6EC -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 07:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.13 07:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 04:31:58 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=A792F49B07A36D7F64D236C45BAC4A50 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 04:31:58 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=A792F49B07A36D7F64D236C45BAC4A50 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NTFS.SYS >
[2008.04.13 07:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ERDNT\cache\ntfs.sys
[2008.04.13 07:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004.08.03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS

< MD5 for: REGEDIT.EXE >
[2008.04.14 04:32:28 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=C4470EF73D046D41E64077ED2237B876 -- C:\WINDOWS\ERDNT\cache\regedit.exe
[2008.04.14 04:32:28 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=C4470EF73D046D41E64077ED2237B876 -- C:\WINDOWS\regedit.exe

< MD5 for: SCECLI.DLL >
[2008.04.14 04:32:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=4F6A0B812BD286E97E26DF3E225ABCFB -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 04:32:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=4F6A0B812BD286E97E26DF3E225ABCFB -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 12:26:58 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9CEDBFBE08BC1C4F35F74B8F96E0289A -- C:\WINDOWS\ERDNT\cache\services.exe
[2009.02.09 12:26:58 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9CEDBFBE08BC1C4F35F74B8F96E0289A -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:26:58 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9CEDBFBE08BC1C4F35F74B8F96E0289A -- C:\WINDOWS\system32\services.exe
[2009.02.09 12:19:03 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=BDEB2B3B235C8488BC7BAE94143415EF -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe

< MD5 for: SMSS.EXE >
[2008.04.14 04:32:30 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=A03C3BF7E45ECC9775D3CE653086FAA1 -- C:\WINDOWS\system32\smss.exe
[2004.08.04 00:56:58 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=DA5CF1C368B33D75602FD6B3A7F5E0C6 -- C:\cmdcons\SYSTEM32\SMSS.EXE

< MD5 for: SPOOLSV.EXE >
[2010.08.17 14:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\ERDNT\cache\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:32:32 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=05194D8A92CF7E559C1A38FC134C966A -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 04:32:32 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=05194D8A92CF7E559C1A38FC134C966A -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USER32.DLL >
[2008.04.14 04:32:06 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=D6CAE3824EA12A356065C9EF10FC0EB3 -- C:\WINDOWS\ERDNT\cache\user32.dll
[2008.04.14 04:32:06 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=D6CAE3824EA12A356065C9EF10FC0EB3 -- C:\WINDOWS\system32\user32.dll

< MD5 for: USERINIT.EXE >
[2008.04.14 04:32:32 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=B0DDDFC8361952B956EF9475244F40BD -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 04:32:32 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=B0DDDFC8361952B956EF9475244F40BD -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WIN32K.SYS >
[2011.09.06 15:08:43 | 001,867,904 | ---- | M] (Microsoft Corporation) MD5=A04F561CF9147A8FA1AD7EAD6385EFF8 -- C:\WINDOWS\$hf_mig$\KB2567053\SP3QFE\win32k.sys
[2011.09.06 15:10:12 | 001,858,944 | ---- | M] (Microsoft Corporation) MD5=B367DCEDC10A4566184EAD0A7DE4F44C -- C:\WINDOWS\system32\dllcache\win32k.sys
[2011.09.06 15:10:12 | 001,858,944 | ---- | M] (Microsoft Corporation) MD5=B367DCEDC10A4566184EAD0A7DE4F44C -- C:\WINDOWS\system32\win32k.sys
[2011.06.06 12:36:17 | 001,867,904 | ---- | M] (Microsoft Corporation) MD5=B37B9056094E166D8B2B9138914851F8 -- C:\WINDOWS\$hf_mig$\KB2555917\SP3QFE\win32k.sys

< MD5 for: WINLOGON.EXE >
[2008.04.14 04:32:34 | 000,509,952 | ---- | M] (Microsoft Corporation) MD5=15D1D956D9F01E51E6623EDB31EA43B6 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 04:32:34 | 000,509,952 | ---- | M] (Microsoft Corporation) MD5=15D1D956D9F01E51E6623EDB31EA43B6 -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WINSRV.DLL >
[2011.04.26 12:02:48 | 000,293,888 | ---- | M] (Microsoft Corporation) MD5=36C76C72D61B92AA9E7AA130EE65A9B7 -- C:\WINDOWS\$hf_mig$\KB2507938\SP3QFE\winsrv.dll
[2011.06.20 18:44:52 | 000,293,888 | ---- | M] (Microsoft Corporation) MD5=86C91430E9D33D91D3150CEE2CDFDC80 -- C:\WINDOWS\system32\dllcache\winsrv.dll
[2011.06.20 18:44:52 | 000,293,888 | ---- | M] (Microsoft Corporation) MD5=86C91430E9D33D91D3150CEE2CDFDC80 -- C:\WINDOWS\system32\winsrv.dll
[2011.06.20 18:43:23 | 000,293,888 | ---- | M] (Microsoft Corporation) MD5=EC3DCEEE4ADD1FAA673365B2307EB0BE -- C:\WINDOWS\$hf_mig$\KB2567680\SP3QFE\winsrv.dll

< MD5 for: WS2_32.DLL >
[2008.04.14 04:32:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=EA551E1AB5BA99DA3397517BDD278E94 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 04:32:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=EA551E1AB5BA99DA3397517BDD278E94 -- C:\WINDOWS\system32\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008.07.06 13:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll

< %systemroot%\system32\Spool\prtprocs\*.* /s >
[2008.07.06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008.07.06 11:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
[2008.07.06 13:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\x64\filterpipelineprintproc.dll

< %systemroot%\system32\drivers\*.sys /10 >

< %systemroot%\system32\drivers\*.sys /X >
[2010.02.11 05:19:08 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2erec.dll
[2004.08.18 12:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2004.08.18 12:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2007.01.03 05:20:24 | 000,001,732 | R--- | M] () -- C:\WINDOWS\system32\drivers\nvphy.bin

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.08.07 11:03:05 | 000,223,128 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dtscsi.sys
[2011.08.07 11:01:26 | 000,664,064 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
[2011.08.07 11:01:26 | 000,096,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd1965.sys

< %systemroot%\system32\*.* /10 >
[2011.11.29 18:53:25 | 000,071,846 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.11.29 18:53:25 | 000,110,290 | ---- | M] () -- C:\WINDOWS\system32\perfc00E.dat
[2011.11.29 18:53:25 | 000,443,588 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.11.29 18:53:25 | 000,471,344 | ---- | M] () -- C:\WINDOWS\system32\perfh00E.dat
[2011.11.29 18:53:24 | 001,113,238 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.11.29 18:49:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\config\*.sav >
[2011.08.06 00:45:44 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2011.08.06 00:45:44 | 001,089,536 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2011.08.06 00:45:44 | 000,458,752 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\Tasks\*.job >

< %systemroot%\*.* /U /s >
[13 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]

< %systemroot%\*. /rp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Application Data\*. >
[2011.11.03 14:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\12Ghosts
[2011.11.04 09:05:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2011.08.06 10:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI
[2011.11.27 17:55:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011.08.06 10:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2011.08.06 12:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011.11.29 13:16:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011.09.02 15:48:22 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011.10.15 15:30:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2011.08.25 10:10:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011.08.25 10:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2011.08.06 09:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011.08.08 13:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TreeCardGames
[2011.08.08 13:12:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2011.08.06 09:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011.08.06 12:59:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
[2011.11.04 08:34:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2011.08.05 22:57:42 | 000,000,311 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %APPDATA%\*.* >
[2011.08.25 10:05:51 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\Kiss Balázs\Application Data\$_hpcst$.hpc
[2011.08.06 00:48:44 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Kiss Balázs\Application Data\desktop.ini

< %APPDATA%\*.exe /s >
[2011.10.14 22:32:33 | 000,011,694 | R--- | M] () -- C:\Documents and Settings\Kiss Balázs\Application Data\Microsoft\Installer\{07010016-0001-2010-0110-4D6161546563}\_53303AAEEB4CF964B0F9D9.exe
[2011.10.14 22:32:33 | 000,292,022 | R--- | M] () -- C:\Documents and Settings\Kiss Balázs\Application Data\Microsoft\Installer\{07010016-0001-2010-0110-4D6161546563}\_6FEFF9B68218417F98F549.exe
[2011.10.14 22:32:33 | 000,292,022 | R--- | M] () -- C:\Documents and Settings\Kiss Balázs\Application Data\Microsoft\Installer\{07010016-0001-2010-0110-4D6161546563}\_7F3A875A26B7D945CF730D.exe
[2011.09.02 15:48:21 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Kiss Balázs\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.01.27 14:43:34 | 000,266,552 | ---- | M] (ml) -- C:\Documents and Settings\Kiss Balázs\Application Data\Samsung\Kies\UpdateTemp\MCS.Thunder.Update.exe

< %SYSTEMDRIVE%\*.exe >
[2011.08.06 09:14:31 | 079,313,640 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\10-2_legacy_xp32-64_dd_ccc.exe
[2011.08.06 12:11:01 | 000,731,424 | ---- | M] (Solid State Networks) -- C:\install_flashplayer10_mssa_aih.exe
[2011.08.06 10:34:43 | 025,001,480 | ---- | M] (Microsoft Corporation) -- C:\NetFx20SP2_x86.exe

< %systemroot%\system32|bak;true;false;false /fp >

< %PROGRAMFILES%|bak;true;false;false /fp >

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
No captured output from command...

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_CCC_90ba9c70f846762e_2.0.0.0_x-ww_c7ed2bb0 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_CLI_90ba9c70f846762e_2.0.0.0_x-ww_42656733 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\LOG\2.0.3693.42530__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_LOG_90ba9c70f846762e_2.0.3693.42530_x-ww_47e32df4 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_MOM_90ba9c70f846762e_2.0.0.0_x-ww_a60193a8 -> Junction

< End of report >

csak 2szerre fér bele:

OTL logfile created on: 2011.11.29. 19:45:09 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Kiss Balázs\Asztal
Windows XP Professional Edition Szervizcsomag 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000040E | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.

1023,23 Mb Total Physical Memory | 363,01 Mb Available Physical Memory | 35,48% Memory free
2,90 Gb Paging File | 2,14 Gb Available in Paging File | 73,80% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 5,14 Gb Free Space | 17,54% Space Free | Partition Type: NTFS
Drive D: | 119,75 Gb Total Space | 12,65 Gb Free Space | 10,56% Space Free | Partition Type: NTFS
Drive F: | 658,47 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 113,95 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MACI-5B0A36A2E8 | User Name: Kiss Balázs | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.11.29 18:31:21 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kiss Balázs\Asztal\OTL.exe
PRC - [2011.11.29 08:46:20 | 000,730,488 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2011.11.15 06:39:56 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011.04.12 08:31:08 | 006,906,880 | ---- | M] (Pandora.TV) -- C:\Program Files\The KMPlayer\KMPlayer.exe
PRC - [2010.08.12 13:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010.08.12 13:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009.12.22 03:31:26 | 000,217,088 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009.12.22 03:31:02 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) -- C:\WINDOWS\system32\dgdersvc.exe
PRC - [2008.04.14 04:32:22 | 001,414,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mmc.exe
PRC - [2008.04.14 04:32:18 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011.11.15 06:39:54 | 000,420,920 | ---- | M] () -- C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll
MOD - [2011.11.15 06:39:53 | 003,702,840 | ---- | M] () -- C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011.11.15 06:38:16 | 000,122,952 | ---- | M] () -- C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011.11.15 06:38:15 | 000,222,280 | ---- | M] () -- C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011.11.15 06:38:14 | 001,746,504 | ---- | M] () -- C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011.11.15 03:36:18 | 008,593,056 | ---- | M] () -- C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll
MOD - [2011.10.15 15:53:46 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
MOD - [2011.10.15 15:51:52 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011.10.15 15:51:11 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011.10.15 15:37:50 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011.10.15 15:37:44 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011.10.15 15:37:28 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011.10.15 15:35:57 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011.10.15 15:35:36 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.10.15 15:33:55 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011.08.06 11:57:49 | 000,434,176 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_hu_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2011.08.06 11:57:46 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_hu_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011.08.06 10:46:21 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011.08.06 10:46:21 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011.08.06 10:46:21 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011.08.06 10:46:21 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2011.08.06 10:46:21 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2011.08.06 10:46:21 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2011.08.06 10:46:21 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2011.08.06 10:46:20 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2011.08.06 10:46:20 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2011.08.06 10:46:20 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011.08.06 10:46:20 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2011.08.06 10:46:20 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2011.08.06 10:46:20 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011.08.06 10:46:20 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2011.08.06 10:46:20 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2011.08.06 10:46:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011.08.06 10:46:19 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011.08.06 10:46:19 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2011.08.06 10:46:19 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011.08.06 10:46:19 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2011.08.06 10:46:18 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2011.08.06 10:46:18 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2011.08.06 10:46:17 | 001,036,288 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3693.42473__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll
MOD - [2011.08.06 10:46:17 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3693.42472__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll
MOD - [2011.08.06 10:46:16 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2011.08.06 10:46:16 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011.08.06 10:46:16 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2011.08.06 10:46:16 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2011.08.06 10:46:16 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011.08.06 10:46:16 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2011.08.06 10:46:16 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2011.08.06 10:46:16 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2011.08.06 10:46:16 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2011.08.06 10:46:15 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2011.08.06 10:46:15 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2011.08.06 10:46:15 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2011.08.06 10:46:15 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2011.08.06 10:46:15 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2011.08.06 10:46:15 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2011.08.06 10:46:15 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2011.08.06 10:46:14 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011.08.06 10:46:14 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011.08.06 10:46:14 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2011.08.06 10:46:14 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2011.08.06 10:46:14 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011.08.06 10:46:14 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011.08.06 10:46:14 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011.08.06 10:46:13 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011.08.06 10:46:13 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011.08.06 10:46:12 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011.08.06 10:46:12 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011.08.06 10:46:12 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011.08.06 10:46:12 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011.08.06 10:46:12 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011.08.06 10:46:12 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2011.08.06 10:46:12 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011.08.06 10:46:12 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011.08.06 10:46:12 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011.08.06 10:46:12 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011.08.06 10:46:12 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
MOD - [2011.08.06 10:46:12 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2011.08.06 10:46:12 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011.08.06 10:46:12 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011.08.06 10:46:12 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011.08.06 10:46:12 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011.08.06 10:46:12 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011.08.06 10:46:11 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011.08.06 10:46:11 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011.08.06 10:46:11 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3309.28633__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll
MOD - [2011.08.06 10:46:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2011.08.06 10:46:10 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2011.08.06 10:46:10 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2011.08.06 10:46:10 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2011.08.06 10:46:10 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2011.08.06 10:46:10 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2011.08.06 10:46:10 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2011.08.06 10:46:10 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2011.08.06 10:46:10 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2011.08.06 10:46:10 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2011.08.06 10:46:10 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2011.08.06 10:46:10 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011.08.06 10:46:10 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011.08.06 10:46:09 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2011.08.06 10:46:09 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011.08.06 10:46:09 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011.08.06 10:46:09 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2011.08.06 10:46:09 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2011.08.06 10:46:09 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011.08.06 10:46:09 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2011.08.06 10:46:09 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2011.08.06 10:46:09 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011.08.06 10:46:08 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2011.08.06 10:46:08 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011.08.06 10:46:08 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011.08.06 10:46:08 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011.08.06 10:46:08 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2011.08.06 10:46:08 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011.08.06 10:46:08 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011.08.06 10:46:08 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011.08.06 10:46:08 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011.08.06 10:46:08 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011.08.06 10:46:07 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011.08.06 10:46:06 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011.08.06 10:46:06 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2011.08.06 10:46:06 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011.08.06 10:46:06 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011.08.06 10:46:06 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2011.08.06 10:46:05 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll
MOD - [2011.08.06 10:46:05 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll
MOD - [2011.08.06 10:46:05 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010.12.01 02:06:46 | 004,870,254 | ---- | M] () -- C:\Program Files\The KMPlayer\libcodec.dll
MOD - [2009.11.24 12:36:36 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.12.05 08:41:10 | 000,073,063 | ---- | M] () -- C:\Program Files\The KMPlayer\liba52.dll
MOD - [2008.07.14 03:31:44 | 000,431,616 | ---- | M] () -- C:\Program Files\The KMPlayer\libmplay.dll
MOD - [2008.04.14 04:31:56 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.03.26 13:37:00 | 002,228,224 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2010.08.12 13:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.08.12 13:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009.12.22 03:31:26 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.12.22 03:31:02 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\dgdersvc.exe -- (dgdersvc)
SRV - [2008.11.11 08:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


========== Driver Services (SafeList) ==========

DRV - [2011.08.07 11:03:05 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2011.08.07 11:01:26 | 000,664,064 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.08.04 10:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010.08.03 12:28:36 | 000,095,896 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010.07.29 12:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.02.11 08:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.12.22 03:31:26 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.12.22 03:31:02 | 000,018,136 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009.10.09 04:32:50 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscebus.sys -- (sscebus) SAMSUNG USB Composite Device V2 driver (WDM)
DRV - [2009.09.19 06:30:10 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.09.19 06:30:10 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2009.09.19 06:30:10 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.09.19 06:30:10 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008.08.26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.05.24 20:09:10 | 000,073,728 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2007.04.16 20:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2007.03.06 05:27:32 | 000,019,968 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007.03.06 05:27:28 | 000,058,752 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007.03.01 10:27:26 | 004,484,608 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.02.16 01:50:32 | 000,012,032 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006.01.13 14:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vd_filedisk.sys -- (VD_FileDisk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-725345543-1715567821-682003330-1003\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-725345543-1715567821-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.7.0.6

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Kiss Balázs\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.02 20:29:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.29 12:46:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.08.06 10:43:02 | 000,000,000 | ---D | M]

[2011.08.06 10:31:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kiss Balázs\Application Data\Mozilla\Extensions
[2011.11.27 18:01:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kiss Balázs\Application Data\Mozilla\Firefox\Profiles\zvlc8sy8.default\extensions
[2011.08.06 12:10:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Kiss Balázs\Application Data\Mozilla\Firefox\Profiles\zvlc8sy8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.11.04 09:07:00 | 000,000,000 | ---D | M] (Ashampoo HU Community Toolbar) -- C:\Documents and Settings\Kiss Balázs\Application Data\Mozilla\Firefox\Profiles\zvlc8sy8.default\extensions\{6ef56a35-13a0-4571-aa84-9303d9f41bdd}
[2011.09.29 10:34:19 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\Kiss Balázs\Application Data\Mozilla\Firefox\Profiles\zvlc8sy8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011.09.29 10:34:19 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\Kiss Balázs\Application Data\Mozilla\Firefox\Profiles\zvlc8sy8.default\searchplugins\conduit.xml
[2011.07.11 19:04:02 | 000,000,633 | ---- | M] () -- C:\Documents and Settings\Kiss Balázs\Application Data\Mozilla\Firefox\Profiles\zvlc8sy8.default\searchplugins\startsear.xml
[2011.11.03 12:24:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.08.06 10:41:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KISS BALáZS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\ZVLC8SY8.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KISS BALáZS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\ZVLC8SY8.DEFAULT\EXTENSIONS\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
[2011.08.06 09:28:53 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.08.06 10:55:36 | 000,000,760 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011.08.06 10:55:36 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\polymeta.xml
[2011.08.06 10:55:36 | 000,001,628 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\sztaki-en-hu.xml
[2011.08.06 10:55:36 | 000,000,974 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\vatera.xml
[2011.08.06 10:55:36 | 000,001,189 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-hu.xml

Futtasd az >OTListIt2

-bepipazni
-Scan all users.
-Lop check.
-Purity check.
-v sekciobaExtra Registry>bepotyozni>Use SafeList
-az ablakjaba -customscan/fixes masold be a textet-es klik RUNSCAN
-5-10 perc mulva add logot tedd ide
-OTL.txt (az asztalon lesz).
-exras.txt-a talcan lesz.

engedélyezve automatikus

ok, igy mar ertem, eloszor ted a segito szolgaltatsat automatikusra, igy
start,, futtatas, ird be
services.msc



talald meg,,,es ird meg mire volt alitva
2x klikelj ra

ujraindítottam a gépet, egy kis ablak előjött hogy nem tudja elindítani a súgót, mert egy rendszeralkalmazás nem működik. rá egyből még 1 ugyanilyen, meg még 1, összesen 217 db

Ok, ez renben, most mi is a helyzet, ird le erthetoen, tehat ha kinyitod a segitot, akkor kinyilik 217 ablak???