Jelenleg most nem produkál kékhalálokat, de volt olyan, hogy egy hét után kezdte el, de aznap vagy 10 kékhalál volt. Most tesztelem egy hétig. Nyúzom mint az örült.Remélem jó lett és köszönöm szépen a segítségedet.
| Terminál Fórum https://www.technokrata.hu/forum/ |
|
| Egy Guru ránézne erre...szerintem vírus https://www.technokrata.hu/forum/viewtopic.php?f=15&t=38689 |
Oldal: 1 / 1 |
| Szerző: | stell [ kedd dec. 08, 2009 9:23 ] |
| Hozzászólás témája: | |
ok a AV: Spyware Doctor,szed le a geprol, es majd meglatod hogy mi van, nincsen mit, |
|
| Szerző: | WhipsOfGod [ hétf. dec. 07, 2009 21:12 ] |
| Hozzászólás témája: | |
Jelenleg most nem produkál kékhalálokat, de volt olyan, hogy egy hét után kezdte el, de aznap vagy 10 kékhalál volt. Most tesztelem egy hétig. Nyúzom mint az örült.Remélem jó lett és köszönöm szépen a segítségedet.
|
|
| Szerző: | stell [ hétf. dec. 07, 2009 20:40 ] |
| Hozzászólás témája: | |
kerdeztem ,hogy mukszik a gep,van e meg problem?? |
|
| Szerző: | WhipsOfGod [ hétf. dec. 07, 2009 18:29 ] |
| Hozzászólás témája: | |
No, íme a combofix reportja: ComboFix 09-12-06.01 - Máté Balázs 009.12.07. 18:11.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.36.1038.18.3327.2827 [GMT 1:00] Running from: C:\ComboFix.exe AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6} * Resident AV is active . Error: Cfiles.dat ((((((((((((((((((((((((( Files Created from 2009-11-07 to 2009-12-07 ))))))))))))))))))))))))))))))) . 2009-12-07 15:24 . 2009-12-07 15:24 150181 ----a-w- C:\sfcdrvrem.zip 2009-12-06 22:46 . 2009-12-06 22:46 50621 ----a-w- C:\Defogger.exe 2009-12-06 17:08 . 2009-12-06 17:08 3581982 ----a-r- C:\ComboFix.exe 2009-12-06 14:33 . 2007-09-12 13:11 765952 ----a-w- c:\windows\OALInst.exe 2009-12-06 14:33 . 2008-03-18 16:02 22833304 ----a-w- c:\windows\system32\AppSetup.exe 2009-12-06 14:33 . 2006-07-03 11:55 53248 ----a-w- c:\windows\resdef.exe 2009-12-06 14:33 . 2006-07-03 11:43 10752 ----a-w- c:\windows\system32\SPIRun.dll 2009-12-06 14:33 . 2006-06-02 10:08 197632 ----a-w- c:\windows\SF32.exe 2009-12-06 14:33 . 2003-10-02 17:48 53248 ----a-w- c:\windows\system32\P17CPI.dll 2009-12-06 14:31 . 1999-12-13 00:01 44032 ------w- c:\windows\system32\CTSVCCDA.EXE 2009-12-06 14:31 . 1999-11-18 00:00 25088 ------w- c:\windows\system32\CTSVCCTL.EXE 2009-12-06 14:24 . 2009-12-06 14:29 65612416 ----a-w- c:\documents and settings\All Users\Application Data\Creative\Software Update\cache\Creative Sound Blaster X-Fi Xtreme Audio Pack 1.04.0079__\XFXA_PCDRV_LB_1_04_0079.exe 2009-12-05 21:07 . 2009-12-05 23:02 -------- d-----w- c:\program files\RegCure 2009-12-05 15:20 . 2009-12-05 15:20 -------- d-----w- c:\program files\VideoLAN 2009-12-05 13:26 . 2009-12-05 13:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Codemasters 2009-12-05 13:24 . 2009-07-13 18:04 839680 ----a-w- c:\windows\system32\mkl_vml_p4.dll 2009-12-05 13:24 . 2009-07-13 18:04 532480 ----a-w- c:\windows\system32\mkl_vml_p3.dll 2009-12-05 13:24 . 2009-07-13 18:04 512000 ----a-w- c:\windows\system32\mkl_vml_def.dll 2009-12-05 13:24 . 2009-07-13 18:04 3485696 ----a-w- c:\windows\system32\mkl_p4.dll 2009-12-05 13:24 . 2009-10-16 10:19 872448 ----a-w- c:\windows\system32\rapture3d_oal.dll 2009-12-05 13:24 . 2009-07-13 18:04 2793472 ----a-w- c:\windows\system32\mkl_p3.dll 2009-12-05 13:24 . 2009-07-13 18:04 2441216 ----a-w- c:\windows\system32\mkl_def.dll 2009-12-05 13:24 . 2009-07-13 18:04 2174976 ----a-w- c:\windows\system32\mkl_lapack32.dll 2009-12-05 13:24 . 2009-07-13 18:04 2125824 ----a-w- c:\windows\system32\mkl_lapack64.dll 2009-12-05 13:24 . 2009-07-13 18:04 184320 ----a-w- c:\windows\system32\libguide40.dll 2009-12-05 13:24 . 2009-12-05 13:24 -------- d-----w- c:\program files\BRS 2009-11-28 10:28 . 2009-11-28 10:28 -------- d-----w- c:\program files\Common Files\Skype 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\DCoder Image Source 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\SHOUTcast Source 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\MONOGRAM AMR SplitterDecoder 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\CD Audio Reader Filter 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\Gabest MPEG Splitter 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\OpenSource DTSAC3DD+ Source Filter 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\RealMedia 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\DScaler5 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\AC3Filter 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\OpenSource Flash Video Splitter 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\DirectVobSub 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\Haali 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\Bass Audio Decoder 2009-11-25 10:41 . 2008-12-17 18:22 57344 ----a-w- c:\windows\system32\ff_vfw.dll 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\ffdshow 2009-11-25 10:41 . 2008-12-11 12:26 60273 ----a-w- c:\windows\system32\pthreadGC2.dll 2009-11-25 10:40 . 2009-12-05 15:16 -------- d-----w- c:\program files\Zoom Player 2009-11-24 15:18 . 2009-11-24 15:18 -------- d--h--w- c:\windows\msdownld.tmp 2009-11-22 13:43 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-22 13:43 . 2009-11-22 13:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-11-22 13:43 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-22 13:43 . 2009-11-22 13:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-11-21 21:44 . 2009-12-06 14:23 -------- d-----w- c:\program files\InCode Solutions 2009-11-21 19:30 . 2009-11-21 19:30 -------- d-----w- c:\program files\CleanUp! 2009-11-18 19:20 . 2009-11-18 19:21 -------- d-----w- c:\program files\Flobo HDDBadSectorRepair 2009-11-18 11:58 . 2009-11-18 11:58 -------- d-----w- c:\program files\Common Files\Creative 2009-11-18 11:57 . 2007-10-10 18:31 1664384 ----a-w- c:\windows\system32\drivers\p17xfilt.sys 2009-11-18 11:57 . 2006-01-25 13:55 137728 ----a-w- c:\windows\system32\P17res.dll 2009-11-18 11:57 . 2003-04-01 23:13 139264 ----a-r- c:\windows\system32\EAX.DLL 2009-11-18 11:57 . 2007-11-21 16:06 1174528 ----a-w- c:\windows\system32\drivers\P17xfi.sys 2009-11-18 11:57 . 2004-12-22 18:58 8704 ----a-w- c:\windows\system32\drivers\Pfmodnt.sys 2009-11-15 10:12 . 2009-11-15 10:12 -------- d-----w- c:\program files\Common Files\CyberLink 2009-11-15 10:10 . 2009-11-15 10:09 29480 ----a-w- c:\windows\system32\msxml3a.dll 2009-11-15 10:10 . 2009-11-15 10:09 53319 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe 2009-11-14 21:54 . 2009-11-17 11:08 -------- d-----w- c:\program files\Registry Winner 2009-11-14 21:45 . 2009-11-14 21:46 -------- d-----w- c:\program files\WhoCrashed 2009-11-14 14:42 . 2009-11-14 14:42 -------- d-----w- c:\program files\SystemRequirementsLab 2009-11-13 20:49 . 2009-11-13 20:49 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2009-11-12 16:42 . 2009-11-12 16:42 -------- d-----w- c:\windows\system32\AGEIA 2009-11-12 16:42 . 2009-11-12 16:42 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation 2009-11-12 16:41 . 2009-11-12 16:42 -------- d-----w- c:\program files\NVIDIA Corporation 2009-11-12 16:41 . 2009-11-12 16:41 -------- d-----w- C:\NVIDIA 2009-11-12 15:52 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2009-11-12 15:52 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll 2009-11-12 15:52 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll 2009-11-12 15:52 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll 2009-11-12 15:52 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll 2009-11-12 15:52 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2009-11-12 15:52 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-07 17:03 . 2009-09-30 12:10 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs 2009-12-07 17:03 . 2009-10-22 12:46 0 ----a-w- c:\windows\system32\drivers\logiflt.iad 2009-12-07 15:45 . 2008-10-20 08:43 -------- d-----w- c:\program files\Mozilla Firefox 3.1 Beta 1 2009-12-06 14:35 . 2009-06-25 16:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Creative 2009-12-06 14:34 . 2008-08-30 09:32 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-06 14:33 . 2009-08-29 20:50 -------- d-----w- c:\program files\Creative 2009-12-06 14:32 . 2009-06-25 16:39 -------- d--h--w- c:\program files\Creative Installation Information 2009-12-05 21:58 . 2009-09-18 12:53 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-12-05 13:23 . 2009-02-12 11:43 -------- d-----w- c:\program files\OpenAL 2009-12-05 13:23 . 2008-08-30 12:41 445016 ----a-w- c:\windows\system32\wrap_oal.dll 2009-12-05 13:23 . 2003-10-14 03:53 109144 ----a-w- c:\windows\system32\OpenAL32.dll 2009-12-02 14:49 . 2009-09-18 12:54 -------- d-----w- c:\program files\Spyware Doctor 2009-11-28 12:21 . 2008-09-07 14:10 215104 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-11-28 12:12 . 2008-09-07 14:11 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-11-28 10:28 . 2009-02-25 14:54 -------- d-----r- c:\program files\Skype 2009-11-28 10:28 . 2008-09-04 12:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-11-25 10:52 . 2008-08-30 18:51 -------- d-----w- c:\program files\GRETECH 2009-11-23 18:19 . 2008-10-06 08:46 -------- d-----w- c:\program files\Java 2009-11-23 18:19 . 2004-08-18 12:00 526546 ----a-w- c:\windows\system32\perfh00E.dat 2009-11-23 18:19 . 2004-08-18 12:00 131798 ----a-w- c:\windows\system32\perfc00E.dat 2009-11-21 21:34 . 2008-09-02 16:08 -------- d-----w- c:\program files\BCDC++ 2009-11-18 19:43 . 2009-10-27 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip 2009-11-15 10:18 . 2008-09-11 11:40 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink 2009-11-15 10:10 . 2008-09-11 11:37 -------- d-----w- c:\program files\CyberLink 2009-11-14 21:12 . 2008-12-18 18:59 -------- d-----w- c:\program files\Setup Files 2009-11-14 14:47 . 2009-02-15 13:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-11-13 23:04 . 2009-09-27 17:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2009-11-13 18:40 . 2008-09-19 06:48 -------- d-----w- c:\program files\Lavalys 2009-11-13 18:12 . 2009-09-28 21:18 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLds.DAT 2009-11-13 18:12 . 2008-09-10 18:53 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLec.DAT 2009-11-12 16:42 . 2008-10-07 10:27 -------- d-----w- c:\program files\AGEIA Technologies 2009-11-12 16:42 . 2008-10-23 21:44 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-11-08 14:27 . 2009-01-08 10:51 -------- d-----w- c:\program files\Windows Live 2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll 2009-11-02 17:05 . 2009-11-02 17:05 167064 ----a-w- c:\windows\system32\xliveinstall.dll 2009-11-02 17:05 . 2009-11-02 17:05 71832 ----a-w- c:\windows\system32\xliveinstallhost.exe 2009-10-29 16:03 . 2009-10-29 16:03 -------- d-----w- c:\program files\CCleaner 2009-10-28 21:43 . 2008-09-11 08:39 -------- d-----w- c:\program files\Common Files\Apple 2009-10-20 20:17 . 2009-03-16 14:35 58468 ---ha-w- c:\windows\system32\mlfcache.dat 2009-10-16 20:33 . 2008-09-07 14:10 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-10-11 03:17 . 2008-11-19 12:52 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-08 13:57 . 2007-10-09 12:03 613888 ----a-w- c:\windows\system32\uiautomationcore.dll 2009-10-08 13:57 . 2004-08-18 12:00 22016 ----a-w- c:\windows\system32\oleaccrc.dll 2009-10-08 13:57 . 2004-08-18 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll 2009-09-27 17:20 . 2009-09-27 17:20 2173544 ----a-w- c:\windows\system32\nvcplui.exe 2009-09-27 17:20 . 2009-09-27 17:20 81920 ----a-w- c:\windows\system32\nvwddi.dll 2009-09-27 17:19 . 2009-09-27 17:19 3166208 ----a-w- c:\windows\system32\nvwss.dll 2009-09-27 17:19 . 2009-09-27 17:19 4026368 ----a-w- c:\windows\system32\nvvitvs.dll 2009-09-27 17:19 . 2009-09-27 17:19 3547136 ----a-w- c:\windows\system32\nvgames.dll 2009-09-27 17:19 . 2009-09-27 17:19 188416 ----a-w- c:\windows\system32\nvmccss.dll 2009-09-27 17:19 . 2009-09-27 17:19 1286144 ----a-w- c:\windows\system32\nvmobls.dll 2009-09-27 17:19 . 2009-09-27 17:19 86016 ----a-w- c:\windows\system32\nvmctray.dll 2009-09-27 17:19 . 2009-09-27 17:19 4935680 ----a-w- c:\windows\system32\nvdisps.dll 2009-09-27 17:19 . 2009-09-27 17:19 172100 ----a-w- c:\windows\system32\nvsvc32.exe 2009-09-27 17:19 . 2009-09-27 17:19 143360 ----a-w- c:\windows\system32\nvcolor.exe 2009-09-27 17:19 . 2009-09-27 17:19 13918208 ----a-w- c:\windows\system32\nvcpl.dll 2009-09-27 17:19 . 2009-09-27 17:19 229376 ----a-w- c:\windows\system32\nvmccs.dll 2009-09-27 15:12 . 2009-09-27 15:12 888832 ----a-w- c:\windows\system32\nvapi.dll 2009-09-27 15:12 . 2009-09-27 15:12 2194024 ----a-w- c:\windows\system32\nvcuvid.dll 2009-09-27 15:12 . 2009-09-27 15:12 2007040 ----a-w- c:\windows\system32\nvcuda.dll 2009-09-27 15:12 . 2009-09-27 15:12 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll 2009-09-27 15:12 . 2009-09-27 15:12 170600 ----a-w- c:\windows\system32\nvcodins.dll 2009-09-27 15:12 . 2009-09-27 15:12 170600 ----a-w- c:\windows\system32\nvcod.dll 2009-09-27 15:12 . 2009-09-27 15:12 10756096 ----a-w- c:\windows\system32\nvoglnt.dll 2009-09-27 15:12 . 2009-04-30 20:02 1604482 ----a-w- c:\windows\system32\nvdata.bin 2009-09-27 15:12 . 2008-05-16 12:01 7655872 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2009-09-27 15:12 . 2008-05-16 12:01 5900416 ----a-w- c:\windows\system32\nv4_disp.dll 2009-09-25 21:45 . 2009-09-25 15:37 573472 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-09-25 21:45 . 2009-09-25 15:37 23328 --sha-w- c:\windows\system32\drivers\fidbox2.dat 2009-09-20 14:08 . 2009-09-20 14:08 38208 ----a-w- c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2009-09-20 12:31 . 2009-09-20 12:31 1962544 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe 2009-09-14 12:03 . 2009-09-08 10:28 2729092 ----a-w- c:\windows\Internet Logs\tvDebug.Zip 2009-09-11 14:19 . 2004-08-18 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll . ((((((((((((((((((((((((((((( SnapShot@2009-12-05_22.21.19 ))))))))))))))))))))))))))))))))))))))))) . + 2009-12-07 17:03 . 2009-12-07 17:03 16384 c:\windows\temp\Perflib_Perfdata_55c.dat + 2008-06-27 16:04 . 2005-12-08 10:54 21504 c:\windows\system32\sfman32.dll - 2008-06-27 16:04 . 2005-12-08 03:54 21504 c:\windows\system32\sfman32.dll + 2009-12-06 14:33 . 2006-07-03 11:43 10752 c:\windows\system32\ReinstallBackups\0057\DriverFiles\SPIRun.dll + 2009-12-06 14:33 . 2003-10-02 17:48 53248 c:\windows\system32\ReinstallBackups\0057\DriverFiles\P17CPI.dll + 2009-12-06 14:33 . 2008-04-14 17:02 23552 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\wdmaud.drv + 2009-12-06 14:33 . 2008-04-13 10:45 49408 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\stream.sys + 2009-12-06 14:33 . 2008-04-13 10:45 60160 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\drmk.sys + 2009-12-06 14:33 . 2002-04-10 17:41 65536 c:\windows\system32\ReinstallBackups\0057\DriverFiles\A3d.dll + 2009-12-06 14:34 . 2005-12-08 03:54 21504 c:\windows\system32\ReinstallBackups\0053\DriverFiles\W2KXPDRV\sfman32.dll + 2008-06-27 16:26 . 2002-04-11 00:41 65536 c:\windows\system32\dllcache\a3d.dll - 2008-06-27 16:26 . 2002-04-10 17:41 65536 c:\windows\system32\dllcache\a3d.dll + 2008-06-27 16:26 . 2002-04-11 00:41 65536 c:\windows\system32\A3d.dll - 2008-06-27 16:26 . 2002-04-10 17:41 65536 c:\windows\system32\A3d.dll + 2009-12-06 14:33 . 2004-12-22 11:58 8704 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\Pfmodnt.sys + 2009-12-06 14:33 . 2008-04-14 07:01 4096 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\ksuser.dll + 2009-12-06 21:42 . 2009-12-06 21:42 5120 c:\windows\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe - 2009-12-04 21:58 . 2009-12-04 21:58 5120 c:\windows\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe - 2008-06-27 16:04 . 2005-12-08 03:54 120832 c:\windows\system32\sfms32.dll + 2008-06-27 16:04 . 2005-12-08 10:54 120832 c:\windows\system32\sfms32.dll + 2009-12-06 14:33 . 2006-01-25 06:55 137728 c:\windows\system32\ReinstallBackups\0057\DriverFiles\P17res.dll + 2009-12-06 14:33 . 2007-05-08 00:59 137216 c:\windows\system32\ReinstallBackups\0057\DriverFiles\OemSpi.dll + 2009-12-06 14:33 . 2008-04-13 11:19 146048 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\portcls.sys + 2009-12-06 14:33 . 2008-04-13 11:16 141056 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\ks.sys + 2009-12-06 14:33 . 2005-06-27 10:37 133632 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\CtDvInst.dll + 2009-12-06 14:34 . 2005-12-08 03:54 120832 c:\windows\system32\ReinstallBackups\0053\DriverFiles\W2KXPDRV\sfms32.dll + 2009-12-06 14:34 . 2006-08-07 11:30 162176 c:\windows\system32\ReinstallBackups\0053\DriverFiles\W2KXPDRV\ctusfsyn.sys + 2009-12-06 14:34 . 2005-12-08 03:54 142336 c:\windows\system32\ReinstallBackups\0053\DriverFiles\W2KXPDRV\ctsfm2k.sys + 2009-12-06 14:34 . 2005-12-08 03:54 114688 c:\windows\system32\ReinstallBackups\0053\DriverFiles\W2KXPDRV\ctoss2k.sys + 2009-03-11 08:53 . 2009-12-07 17:04 224388 c:\windows\system32\inetsrv\MetaBase.bin - 2004-08-18 12:00 . 2009-09-19 23:24 361600 c:\windows\system32\drivers\TCPIP.SYS + 2004-08-18 12:00 . 2008-06-20 11:51 361600 c:\windows\system32\drivers\tcpip.sys - 2009-06-25 16:38 . 2006-08-07 11:30 162176 c:\windows\system32\drivers\ctusfsyn.sys + 2009-06-25 16:38 . 2006-08-07 18:30 162176 c:\windows\system32\drivers\ctusfsyn.sys + 2008-07-07 09:34 . 2005-12-08 10:54 142336 c:\windows\system32\drivers\ctsfm2k.sys - 2008-07-07 09:34 . 2005-12-08 03:54 142336 c:\windows\system32\drivers\ctsfm2k.sys + 2008-07-07 09:33 . 2005-12-08 10:54 114688 c:\windows\system32\drivers\ctoss2k.sys - 2008-07-07 09:33 . 2005-12-08 03:54 114688 c:\windows\system32\drivers\ctoss2k.sys + 2008-06-20 11:51 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\tcpip.sys - 2008-06-20 11:51 . 2009-09-19 23:24 361600 c:\windows\system32\dllcache\TCPIP.SYS - 2007-10-16 16:59 . 2007-10-16 16:59 171520 c:\windows\system32\CtDvIns1.dll + 2007-10-16 16:59 . 2007-10-16 17:59 171520 c:\windows\system32\CtDvIns1.dll + 2009-12-06 14:33 . 2007-03-22 16:35 1659008 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\p17xfilt.sys + 2009-12-06 14:33 . 2006-09-25 09:58 1173504 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\P17xfi.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] "PC Suite Tray"="h:\nokia\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "CTxfiHlp"="CTXFIHLP.EXE" [2006-08-11 18944] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-11-13 611712] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-12-20 2656528] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-05 177472] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-08-29 949376] "DelReg"="c:\program files\MSI\DualCoreCenter\DelReg.exe" [2008-05-13 196608] "Lachesis"="c:\program files\Razer\Lachesis\razerhid.exe" [2008-10-14 172032] "Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-05-04 354312] "Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-05-04 2817544] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016] "RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-02-16 87336] "PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2008-10-13 50472] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696] "VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2007-02-28 180224] "P17Helper"="SPIRun.dll" [2006-07-03 10752] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\M t‚ Bal zs\Start Menu\Programs\Indˇt˘pult\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696] c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\ DualCoreCenter.lnk - c:\program files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe [2009-9-17 192512] ExifLauncher2.lnk - h:\fiji1000fd\QuickDCF2.exe [2008-12-23 303104] NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2008-9-11 118784] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "d:\\Steam\\SteamApps\\wogwog\\counter-strike source\\hl2.exe"= "c:\\Program Files\\UPS\\Upsman\\upsman.exe"= "c:\\Program Files\\UPS\\Upsman\\www\\ServiceDriver.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\totalcmd\\TOTALCMD.EXE"= "c:\\Program Files\\BCDC++\\DCPlusPlus.exe"= "d:\\Steam\\SteamApps\\wogwog\\day of defeat source\\hl2.exe"= "h:\\Crysis special edition\\Bin32\\Crysis.exe"= "h:\\Crysis special edition\\Bin32\\CrysisDedicatedServer.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"= "d:\\Steam\\SteamApps\\wogwog\\half-life 2 deathmatch\\hl2.exe"= "d:\\Steam\\SteamApps\\wogwog\\half-life deathmatch source\\hl2.exe"= "d:\\Steam\\SteamApps\\wogwog\\source sdk base\\hl2.exe"= "d:\\Steam\\SteamApps\\wogwog\\zombie panic! source\\hl2.exe"= "c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"= "d:\\Steam\\SteamApps\\wogwog\\team fortress 2\\hl2.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Program Files\\SmartFTP\\SmartFTP.exe"= "h:\\Burnout Paradise\\BurnoutLauncher.exe"= "h:\\Burnout Paradise\\BurnoutConfigTool.exe"= "h:\\Burnout Paradise\\BurnoutParadise.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Documents and Settings\\Máté Balázs\\Application Data\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"= "i:\\KOD2\\CoD2MP_s.exe"= "h:\\World of Warcraft\\Launcher.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "d:\\Steam\\SteamApps\\common\\red orchestra\\System\\RedOrchestra.exe"= "h:\\World of Warcraft\\BackgroundDownloader.exe"= "h:\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"= "h:\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"= "h:\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"= "h:\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"= "h:\\KOD4\\iw3mp.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "d:\\Steam\\SteamApps\\common\\left 4 dead\\left4dead.exe"= "h:\\Modern Warfare 2\\iw4mp.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "i:\\Dirt2\\dirt2_game.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009.09.18. 13:54 206256] R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2009.09.18. 14:02 51488] R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2009.09.18. 14:02 39200] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2009.08.29. 1:43 15424] R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2009.09.18. 13:54 159600] R2 qHTTPs;UPSMAN HTTP;c:\program files\UPS\Upsman\www\ServiceDriver.exe [2009.09.09. 13:57 225353] R2 UPSMan;UPSMan;c:\program files\UPS\Upsman\upsman.exe [2009.09.09. 13:57 2990165] R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [2009.05.13. 19:00 12032] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2008.09.05. 12:39 717296] S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2008.06.27. 19:21 99352] S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2008.06.27. 19:21 99352] S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2008.06.27. 19:21 555032] S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2008.06.27. 19:21 555032] S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2008.06.27. 19:21 100888] S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2008.06.27. 19:21 100888] S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2008.06.27. 19:21 566296] S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2008.06.27. 19:21 566296] S3 FIXUSTOR;FIXUSTOR; [x] S3 MsibiosDevice;MsibiosDevice;c:\program files\MSI\Live Update 4\LU4\msibios.sys [2009.09.14. 17:16 18432] S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [2009.09.18. 13:54 64392] S3 RTCore32;RTCore32;c:\program files\RightMark Memory Analyzer\RTCore32.sys [2008.10.18. 20:42 4608] S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009.09.18. 13:54 348752] S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2009.09.18. 14:02 33056] . ------- Supplementary Scan ------- . uStart Page = hxxp://www.freemail.hu uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll Trusted Zone: com.tw\asia.msi Trusted Zone: com.tw\global.msi Trusted Zone: com.tw\www.msi DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/L ... nstall.cab FF - ProfilePath - c:\documents and settings\Máté Balázs\Application Data\Mozilla\Firefox\Profiles\ukn1m0f3.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.freemail.hu/ FF - component: c:\program files\Mozilla Firefox 3.1 Beta 1\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox 3.1 Beta 1\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); . ************************************************************************** scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run P17Helper = Rundll32 SPIRun.dll,RunDLLEntry? scanning hidden files ... scan completed successfully hidden files: ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(788) c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll - - - - - - - > 'lsass.exe'(844) c:\windows\system32\imon.dll . Completion time: 2009-12-07 18:22 ComboFix-quarantined-files.txt 2009-12-07 17:21 ComboFix2.txt 2009-12-06 17:38 ComboFix3.txt 2009-12-05 22:23 Pre-Run: 2 738 917 376 bájt szabad Post-Run: 2 726 440 960 bájt szabad Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - B3AD47586995379A3C9EE293F9B27904 |
|
| Szerző: | WhipsOfGod [ hétf. dec. 07, 2009 18:04 ] |
| Hozzászólás témája: | |
Ja, amit legutóbb írtál, azt megcsináltam. Akkor futtatom a combofixet. |
|
| Szerző: | stell [ hétf. dec. 07, 2009 16:58 ] |
| Hozzászólás témája: | |
igen lefutathatod a combofixet,de olvasd azt is el amit irok,,nem kel kapkodni,, |
|
| Szerző: | WhipsOfGod [ hétf. dec. 07, 2009 16:50 ] |
| Hozzászólás témája: | |
Megcsináltam, de log file-t nem csinált ez a program. Újra combofix-el nézzem át? 
|
|
| Szerző: | WhipsOfGod [ hétf. dec. 07, 2009 16:37 ] |
| Hozzászólás témája: | |
Már csinálom is. |
|
| Szerző: | stell [ hétf. dec. 07, 2009 10:57 ] |
| Hozzászólás témája: | |
http://leteckaposta.cz/file/614758123.1 ... 4f6653b751 tolds le-csomagold ki,es futasd az exe falylot..restart,aztan kapcsold be visza a Daemont futatod a defoggert-klik reenable>>restart aztan ird le mi a helyzet a gepel, |
|
| Szerző: | WhipsOfGod [ hétf. dec. 07, 2009 10:41 ] |
| Hozzászólás témája: | |
Megvan, és itt az eredmény: Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys >>UNKNOWN [0x8B6BC8E0]<< kernel: MBR read successfully user & kernel MBR OK |
|
| Szerző: | stell [ hétf. dec. 07, 2009 8:23 ] |
| Hozzászólás témája: | |
es mit nem ertel a futatasba masold be ezt a sort,textet,parancsot a mit vastagon van kiirva cmd /c mbr.exe -t >log.txt&start log.txt ad log.txt ted ide, |
|
| Szerző: | WhipsOfGod [ vas. dec. 06, 2009 23:58 ] |
| Hozzászólás témája: | |
Az mbr-t az asztalon hagyom, eddig oké. A futtatásba milyen text-et másolok be és a log.txt alatt a combofix logját érted, ugye? Tehát azt a sort csak simán dos ablakban be kell írni ha jól értem.Jól értem? 
|
|
| Szerző: | WhipsOfGod [ vas. dec. 06, 2009 23:53 ] |
| Hozzászólás témája: | |
Az első részét még értem, de az mbr-essel mit is kell pontosan csinálni?
|
|
| Szerző: | stell [ vas. dec. 06, 2009 19:17 ] |
| Hozzászólás témája: | |
http://jpshortstuff.247fixes.com/beta/Defogger.exe letoltod<futatod>klik disadled>restart, >> MBR - http://www2.gmer.net/mbr/mbr.exe letoltod az asztalra,,es ot hagyod start>futatas>bemasolod a textet es a log.txt ted ide cmd /c mbr.exe -t >log.txt&start log.txt |
|
| Szerző: | WhipsOfGod [ vas. dec. 06, 2009 18:49 ] |
| Hozzászólás témája: | |
Remélem, hogy amit Te ki tudsz olvasni belőle az sikerült, vagy van még következő lépés? |
|
| Szerző: | WhipsOfGod [ vas. dec. 06, 2009 18:48 ] |
| Hozzászólás témája: | |
No...lépésról lépésre megcsináltam amit írtál és íme a log: ComboFix 09-12-06.01 - Máté Balázs 009.12.06. 18:16.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.36.1038.18.3327.2871 [GMT 1:00] Running from: C:\ComboFix.exe Command switches used :: c:\documents and settings\Máté Balázs\Asztal\CFScript.txt AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6} * Resident AV is active . Error: Cfiles.dat ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . --------------- FCopy --------------- c:\windows\ServicePackFiles\i386\TCPIP.SYS --> c:\windows\system32\drivers\TCPIP.SYS c:\windows\ServicePackFiles\i386\TCPIP.SYS --> c:\windows\system32\dllcache\TCPIP.SYS . ((((((((((((((((((((((((( Files Created from 2009-11-06 to 2009-12-06 ))))))))))))))))))))))))))))))) . 2009-12-06 17:08 . 2009-12-06 17:08 3581982 ----a-r- C:\ComboFix.exe 2009-12-06 14:33 . 2007-09-12 13:11 765952 ----a-w- c:\windows\OALInst.exe 2009-12-06 14:33 . 2008-03-18 16:02 22833304 ----a-w- c:\windows\system32\AppSetup.exe 2009-12-06 14:33 . 2006-07-03 11:55 53248 ----a-w- c:\windows\resdef.exe 2009-12-06 14:33 . 2006-07-03 11:43 10752 ----a-w- c:\windows\system32\SPIRun.dll 2009-12-06 14:33 . 2006-06-02 10:08 197632 ----a-w- c:\windows\SF32.exe 2009-12-06 14:33 . 2003-10-02 17:48 53248 ----a-w- c:\windows\system32\P17CPI.dll 2009-12-06 14:31 . 1999-12-13 00:01 44032 ------w- c:\windows\system32\CTSVCCDA.EXE 2009-12-06 14:31 . 1999-11-18 00:00 25088 ------w- c:\windows\system32\CTSVCCTL.EXE 2009-12-06 14:24 . 2009-12-06 14:29 65612416 ----a-w- c:\documents and settings\All Users\Application Data\Creative\Software Update\cache\Creative Sound Blaster X-Fi Xtreme Audio Pack 1.04.0079__\XFXA_PCDRV_LB_1_04_0079.exe 2009-12-05 21:07 . 2009-12-05 23:02 -------- d-----w- c:\program files\RegCure 2009-12-05 15:20 . 2009-12-05 15:20 -------- d-----w- c:\program files\VideoLAN 2009-12-05 13:26 . 2009-12-05 13:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Codemasters 2009-12-05 13:24 . 2009-07-13 18:04 839680 ----a-w- c:\windows\system32\mkl_vml_p4.dll 2009-12-05 13:24 . 2009-07-13 18:04 532480 ----a-w- c:\windows\system32\mkl_vml_p3.dll 2009-12-05 13:24 . 2009-07-13 18:04 512000 ----a-w- c:\windows\system32\mkl_vml_def.dll 2009-12-05 13:24 . 2009-07-13 18:04 3485696 ----a-w- c:\windows\system32\mkl_p4.dll 2009-12-05 13:24 . 2009-10-16 10:19 872448 ----a-w- c:\windows\system32\rapture3d_oal.dll 2009-12-05 13:24 . 2009-07-13 18:04 2793472 ----a-w- c:\windows\system32\mkl_p3.dll 2009-12-05 13:24 . 2009-07-13 18:04 2441216 ----a-w- c:\windows\system32\mkl_def.dll 2009-12-05 13:24 . 2009-07-13 18:04 2174976 ----a-w- c:\windows\system32\mkl_lapack32.dll 2009-12-05 13:24 . 2009-07-13 18:04 2125824 ----a-w- c:\windows\system32\mkl_lapack64.dll 2009-12-05 13:24 . 2009-07-13 18:04 184320 ----a-w- c:\windows\system32\libguide40.dll 2009-12-05 13:24 . 2009-12-05 13:24 -------- d-----w- c:\program files\BRS 2009-11-28 10:28 . 2009-11-28 10:28 -------- d-----w- c:\program files\Common Files\Skype 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\DCoder Image Source 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\SHOUTcast Source 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\MONOGRAM AMR SplitterDecoder 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\CD Audio Reader Filter 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\Gabest MPEG Splitter 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\OpenSource DTSAC3DD+ Source Filter 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\RealMedia 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\DScaler5 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\AC3Filter 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\OpenSource Flash Video Splitter 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\DirectVobSub 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\Haali 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\Bass Audio Decoder 2009-11-25 10:41 . 2008-12-17 18:22 57344 ----a-w- c:\windows\system32\ff_vfw.dll 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\ffdshow 2009-11-25 10:41 . 2008-12-11 12:26 60273 ----a-w- c:\windows\system32\pthreadGC2.dll 2009-11-25 10:40 . 2009-12-05 15:16 -------- d-----w- c:\program files\Zoom Player 2009-11-24 15:18 . 2009-11-24 15:18 -------- d--h--w- c:\windows\msdownld.tmp 2009-11-22 13:43 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-22 13:43 . 2009-11-22 13:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-11-22 13:43 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-22 13:43 . 2009-11-22 13:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-11-21 21:44 . 2009-12-06 14:23 -------- d-----w- c:\program files\InCode Solutions 2009-11-21 19:30 . 2009-11-21 19:30 -------- d-----w- c:\program files\CleanUp! 2009-11-18 19:20 . 2009-11-18 19:21 -------- d-----w- c:\program files\Flobo HDDBadSectorRepair 2009-11-18 11:58 . 2009-11-18 11:58 -------- d-----w- c:\program files\Common Files\Creative 2009-11-18 11:57 . 2007-10-10 18:31 1664384 ----a-w- c:\windows\system32\drivers\p17xfilt.sys 2009-11-18 11:57 . 2006-01-25 13:55 137728 ----a-w- c:\windows\system32\P17res.dll 2009-11-18 11:57 . 2003-04-01 23:13 139264 ----a-r- c:\windows\system32\EAX.DLL 2009-11-18 11:57 . 2007-11-21 16:06 1174528 ----a-w- c:\windows\system32\drivers\P17xfi.sys 2009-11-18 11:57 . 2004-12-22 18:58 8704 ----a-w- c:\windows\system32\drivers\Pfmodnt.sys 2009-11-15 10:12 . 2009-11-15 10:12 -------- d-----w- c:\program files\Common Files\CyberLink 2009-11-15 10:10 . 2009-11-15 10:09 29480 ----a-w- c:\windows\system32\msxml3a.dll 2009-11-15 10:10 . 2009-11-15 10:09 53319 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe 2009-11-14 21:54 . 2009-11-17 11:08 -------- d-----w- c:\program files\Registry Winner 2009-11-14 21:45 . 2009-11-14 21:46 -------- d-----w- c:\program files\WhoCrashed 2009-11-14 14:42 . 2009-11-14 14:42 -------- d-----w- c:\program files\SystemRequirementsLab 2009-11-13 20:49 . 2009-11-13 20:49 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2009-11-12 16:42 . 2009-11-12 16:42 -------- d-----w- c:\windows\system32\AGEIA 2009-11-12 16:42 . 2009-11-12 16:42 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation 2009-11-12 16:41 . 2009-11-12 16:42 -------- d-----w- c:\program files\NVIDIA Corporation 2009-11-12 16:41 . 2009-11-12 16:41 -------- d-----w- C:\NVIDIA 2009-11-12 15:52 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2009-11-12 15:52 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll 2009-11-12 15:52 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll 2009-11-12 15:52 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll 2009-11-12 15:52 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll 2009-11-12 15:52 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2009-11-12 15:52 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-06 17:27 . 2009-09-30 12:10 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs 2009-12-06 17:27 . 2009-10-22 12:46 0 ----a-w- c:\windows\system32\drivers\logiflt.iad 2009-12-06 14:35 . 2009-06-25 16:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Creative 2009-12-06 14:34 . 2008-08-30 09:32 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-06 14:33 . 2009-08-29 20:50 -------- d-----w- c:\program files\Creative 2009-12-06 14:32 . 2009-06-25 16:39 -------- d--h--w- c:\program files\Creative Installation Information 2009-12-06 11:52 . 2008-10-20 08:43 -------- d-----w- c:\program files\Mozilla Firefox 3.1 Beta 1 2009-12-05 21:58 . 2009-09-18 12:53 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-12-05 13:23 . 2009-02-12 11:43 -------- d-----w- c:\program files\OpenAL 2009-12-05 13:23 . 2008-08-30 12:41 445016 ----a-w- c:\windows\system32\wrap_oal.dll 2009-12-05 13:23 . 2003-10-14 03:53 109144 ----a-w- c:\windows\system32\OpenAL32.dll 2009-12-02 14:49 . 2009-09-18 12:54 -------- d-----w- c:\program files\Spyware Doctor 2009-11-28 12:21 . 2008-09-07 14:10 215104 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-11-28 12:12 . 2008-09-07 14:11 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-11-28 10:28 . 2009-02-25 14:54 -------- d-----r- c:\program files\Skype 2009-11-28 10:28 . 2008-09-04 12:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-11-25 10:52 . 2008-08-30 18:51 -------- d-----w- c:\program files\GRETECH 2009-11-23 18:19 . 2008-10-06 08:46 -------- d-----w- c:\program files\Java 2009-11-23 18:19 . 2004-08-18 12:00 526546 ----a-w- c:\windows\system32\perfh00E.dat 2009-11-23 18:19 . 2004-08-18 12:00 131798 ----a-w- c:\windows\system32\perfc00E.dat 2009-11-21 21:34 . 2008-09-02 16:08 -------- d-----w- c:\program files\BCDC++ 2009-11-18 19:43 . 2009-10-27 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip 2009-11-15 10:18 . 2008-09-11 11:40 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink 2009-11-15 10:10 . 2008-09-11 11:37 -------- d-----w- c:\program files\CyberLink 2009-11-14 21:12 . 2008-12-18 18:59 -------- d-----w- c:\program files\Setup Files 2009-11-14 14:47 . 2009-02-15 13:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-11-13 23:04 . 2009-09-27 17:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2009-11-13 18:40 . 2008-09-19 06:48 -------- d-----w- c:\program files\Lavalys 2009-11-13 18:12 . 2009-09-28 21:18 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLds.DAT 2009-11-13 18:12 . 2008-09-10 18:53 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLec.DAT 2009-11-12 16:42 . 2008-10-07 10:27 -------- d-----w- c:\program files\AGEIA Technologies 2009-11-12 16:42 . 2008-10-23 21:44 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-11-08 14:27 . 2009-01-08 10:51 -------- d-----w- c:\program files\Windows Live 2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll 2009-11-02 17:05 . 2009-11-02 17:05 167064 ----a-w- c:\windows\system32\xliveinstall.dll 2009-11-02 17:05 . 2009-11-02 17:05 71832 ----a-w- c:\windows\system32\xliveinstallhost.exe 2009-10-29 16:03 . 2009-10-29 16:03 -------- d-----w- c:\program files\CCleaner 2009-10-28 21:43 . 2008-09-11 08:39 -------- d-----w- c:\program files\Common Files\Apple 2009-10-20 20:17 . 2009-03-16 14:35 58468 ---ha-w- c:\windows\system32\mlfcache.dat 2009-10-16 20:33 . 2008-09-07 14:10 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-10-11 03:17 . 2008-11-19 12:52 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-08 13:57 . 2007-10-09 12:03 613888 ----a-w- c:\windows\system32\uiautomationcore.dll 2009-10-08 13:57 . 2004-08-18 12:00 22016 ----a-w- c:\windows\system32\oleaccrc.dll 2009-10-08 13:57 . 2004-08-18 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll 2009-09-27 17:20 . 2009-09-27 17:20 2173544 ----a-w- c:\windows\system32\nvcplui.exe 2009-09-27 17:20 . 2009-09-27 17:20 81920 ----a-w- c:\windows\system32\nvwddi.dll 2009-09-27 17:19 . 2009-09-27 17:19 3166208 ----a-w- c:\windows\system32\nvwss.dll 2009-09-27 17:19 . 2009-09-27 17:19 4026368 ----a-w- c:\windows\system32\nvvitvs.dll 2009-09-27 17:19 . 2009-09-27 17:19 3547136 ----a-w- c:\windows\system32\nvgames.dll 2009-09-27 17:19 . 2009-09-27 17:19 188416 ----a-w- c:\windows\system32\nvmccss.dll 2009-09-27 17:19 . 2009-09-27 17:19 1286144 ----a-w- c:\windows\system32\nvmobls.dll 2009-09-27 17:19 . 2009-09-27 17:19 86016 ----a-w- c:\windows\system32\nvmctray.dll 2009-09-27 17:19 . 2009-09-27 17:19 4935680 ----a-w- c:\windows\system32\nvdisps.dll 2009-09-27 17:19 . 2009-09-27 17:19 172100 ----a-w- c:\windows\system32\nvsvc32.exe 2009-09-27 17:19 . 2009-09-27 17:19 143360 ----a-w- c:\windows\system32\nvcolor.exe 2009-09-27 17:19 . 2009-09-27 17:19 13918208 ----a-w- c:\windows\system32\nvcpl.dll 2009-09-27 17:19 . 2009-09-27 17:19 229376 ----a-w- c:\windows\system32\nvmccs.dll 2009-09-27 15:12 . 2009-09-27 15:12 888832 ----a-w- c:\windows\system32\nvapi.dll 2009-09-27 15:12 . 2009-09-27 15:12 2194024 ----a-w- c:\windows\system32\nvcuvid.dll 2009-09-27 15:12 . 2009-09-27 15:12 2007040 ----a-w- c:\windows\system32\nvcuda.dll 2009-09-27 15:12 . 2009-09-27 15:12 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll 2009-09-27 15:12 . 2009-09-27 15:12 170600 ----a-w- c:\windows\system32\nvcodins.dll 2009-09-27 15:12 . 2009-09-27 15:12 170600 ----a-w- c:\windows\system32\nvcod.dll 2009-09-27 15:12 . 2009-09-27 15:12 10756096 ----a-w- c:\windows\system32\nvoglnt.dll 2009-09-27 15:12 . 2009-04-30 20:02 1604482 ----a-w- c:\windows\system32\nvdata.bin 2009-09-27 15:12 . 2008-05-16 12:01 7655872 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2009-09-27 15:12 . 2008-05-16 12:01 5900416 ----a-w- c:\windows\system32\nv4_disp.dll 2009-09-25 21:45 . 2009-09-25 15:37 573472 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-09-25 21:45 . 2009-09-25 15:37 23328 --sha-w- c:\windows\system32\drivers\fidbox2.dat 2009-09-20 14:08 . 2009-09-20 14:08 38208 ----a-w- c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2009-09-20 12:31 . 2009-09-20 12:31 1962544 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe 2009-09-14 12:03 . 2009-09-08 10:28 2729092 ----a-w- c:\windows\Internet Logs\tvDebug.Zip 2009-09-11 14:19 . 2004-08-18 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll . ((((((((((((((((((((((((((((( SnapShot@2009-12-05_22.21.19 ))))))))))))))))))))))))))))))))))))))))) . + 2009-12-06 17:33 . 2009-12-06 17:33 16384 c:\windows\temp\Perflib_Perfdata_f68.dat + 2009-12-06 17:28 . 2009-12-06 17:28 16384 c:\windows\temp\Perflib_Perfdata_788.dat + 2008-06-27 16:04 . 2005-12-08 10:54 21504 c:\windows\system32\sfman32.dll - 2008-06-27 16:04 . 2005-12-08 03:54 21504 c:\windows\system32\sfman32.dll + 2009-12-06 14:33 . 2006-07-03 11:43 10752 c:\windows\system32\ReinstallBackups\0057\DriverFiles\SPIRun.dll + 2009-12-06 14:33 . 2003-10-02 17:48 53248 c:\windows\system32\ReinstallBackups\0057\DriverFiles\P17CPI.dll + 2009-12-06 14:33 . 2008-04-14 17:02 23552 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\wdmaud.drv + 2009-12-06 14:33 . 2008-04-13 10:45 49408 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\stream.sys + 2009-12-06 14:33 . 2008-04-13 10:45 60160 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\drmk.sys + 2009-12-06 14:33 . 2002-04-10 17:41 65536 c:\windows\system32\ReinstallBackups\0057\DriverFiles\A3d.dll + 2009-12-06 14:34 . 2005-12-08 03:54 21504 c:\windows\system32\ReinstallBackups\0053\DriverFiles\W2KXPDRV\sfman32.dll - 2008-06-27 16:26 . 2002-04-10 17:41 65536 c:\windows\system32\dllcache\a3d.dll + 2008-06-27 16:26 . 2002-04-11 00:41 65536 c:\windows\system32\dllcache\a3d.dll - 2008-06-27 16:26 . 2002-04-10 17:41 65536 c:\windows\system32\A3d.dll + 2008-06-27 16:26 . 2002-04-11 00:41 65536 c:\windows\system32\A3d.dll + 2009-12-06 14:33 . 2004-12-22 11:58 8704 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\Pfmodnt.sys + 2009-12-06 14:33 . 2008-04-14 07:01 4096 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\ksuser.dll + 2009-12-06 17:28 . 2008-12-16 20:59 109080 c:\windows\temp\logishrd\LVPrcInj01.dll + 2008-06-27 16:04 . 2005-12-08 10:54 120832 c:\windows\system32\sfms32.dll - 2008-06-27 16:04 . 2005-12-08 03:54 120832 c:\windows\system32\sfms32.dll + 2009-12-06 14:33 . 2006-01-25 06:55 137728 c:\windows\system32\ReinstallBackups\0057\DriverFiles\P17res.dll + 2009-12-06 14:33 . 2007-05-08 00:59 137216 c:\windows\system32\ReinstallBackups\0057\DriverFiles\OemSpi.dll + 2009-12-06 14:33 . 2008-04-13 11:19 146048 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\portcls.sys + 2009-12-06 14:33 . 2008-04-13 11:16 141056 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\ks.sys + 2009-12-06 14:33 . 2005-06-27 10:37 133632 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\CtDvInst.dll + 2009-12-06 14:34 . 2005-12-08 03:54 120832 c:\windows\system32\ReinstallBackups\0053\DriverFiles\W2KXPDRV\sfms32.dll + 2009-12-06 14:34 . 2006-08-07 11:30 162176 c:\windows\system32\ReinstallBackups\0053\DriverFiles\W2KXPDRV\ctusfsyn.sys + 2009-12-06 14:34 . 2005-12-08 03:54 142336 c:\windows\system32\ReinstallBackups\0053\DriverFiles\W2KXPDRV\ctsfm2k.sys + 2009-12-06 14:34 . 2005-12-08 03:54 114688 c:\windows\system32\ReinstallBackups\0053\DriverFiles\W2KXPDRV\ctoss2k.sys + 2009-03-11 08:53 . 2009-12-06 17:28 224383 c:\windows\system32\inetsrv\MetaBase.bin - 2009-06-25 16:38 . 2006-08-07 11:30 162176 c:\windows\system32\drivers\ctusfsyn.sys + 2009-06-25 16:38 . 2006-08-07 18:30 162176 c:\windows\system32\drivers\ctusfsyn.sys - 2008-07-07 09:34 . 2005-12-08 03:54 142336 c:\windows\system32\drivers\ctsfm2k.sys + 2008-07-07 09:34 . 2005-12-08 10:54 142336 c:\windows\system32\drivers\ctsfm2k.sys - 2008-07-07 09:33 . 2005-12-08 03:54 114688 c:\windows\system32\drivers\ctoss2k.sys + 2008-07-07 09:33 . 2005-12-08 10:54 114688 c:\windows\system32\drivers\ctoss2k.sys + 2007-10-16 16:59 . 2007-10-16 17:59 171520 c:\windows\system32\CtDvIns1.dll - 2007-10-16 16:59 . 2007-10-16 16:59 171520 c:\windows\system32\CtDvIns1.dll + 2009-12-06 14:33 . 2007-03-22 16:35 1659008 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\p17xfilt.sys + 2009-12-06 14:33 . 2006-09-25 09:58 1173504 c:\windows\system32\ReinstallBackups\0057\DriverFiles\i386\P17xfi.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] "PC Suite Tray"="h:\nokia\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "CTxfiHlp"="CTXFIHLP.EXE" [2006-08-11 18944] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-11-13 611712] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-12-20 2656528] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-05 177472] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-08-29 949376] "DelReg"="c:\program files\MSI\DualCoreCenter\DelReg.exe" [2008-05-13 196608] "Lachesis"="c:\program files\Razer\Lachesis\razerhid.exe" [2008-10-14 172032] "Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-05-04 354312] "Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-05-04 2817544] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016] "RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-02-16 87336] "PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2008-10-13 50472] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696] "VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2007-02-28 180224] "P17Helper"="SPIRun.dll" [2006-07-03 10752] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\M t‚ Bal zs\Start Menu\Programs\Indˇt˘pult\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696] c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\ DualCoreCenter.lnk - c:\program files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe [2009-9-17 192512] ExifLauncher2.lnk - h:\fiji1000fd\QuickDCF2.exe [2008-12-23 303104] NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2008-9-11 118784] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "d:\\Steam\\SteamApps\\wogwog\\counter-strike source\\hl2.exe"= "c:\\Program Files\\UPS\\Upsman\\upsman.exe"= "c:\\Program Files\\UPS\\Upsman\\www\\ServiceDriver.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\totalcmd\\TOTALCMD.EXE"= "c:\\Program Files\\BCDC++\\DCPlusPlus.exe"= "d:\\Steam\\SteamApps\\wogwog\\day of defeat source\\hl2.exe"= "h:\\Crysis special edition\\Bin32\\Crysis.exe"= "h:\\Crysis special edition\\Bin32\\CrysisDedicatedServer.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"= "d:\\Steam\\SteamApps\\wogwog\\half-life 2 deathmatch\\hl2.exe"= "d:\\Steam\\SteamApps\\wogwog\\half-life deathmatch source\\hl2.exe"= "d:\\Steam\\SteamApps\\wogwog\\source sdk base\\hl2.exe"= "d:\\Steam\\SteamApps\\wogwog\\zombie panic! source\\hl2.exe"= "c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"= "d:\\Steam\\SteamApps\\wogwog\\team fortress 2\\hl2.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Program Files\\SmartFTP\\SmartFTP.exe"= "h:\\Burnout Paradise\\BurnoutLauncher.exe"= "h:\\Burnout Paradise\\BurnoutConfigTool.exe"= "h:\\Burnout Paradise\\BurnoutParadise.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Documents and Settings\\Máté Balázs\\Application Data\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"= "i:\\KOD2\\CoD2MP_s.exe"= "h:\\World of Warcraft\\Launcher.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "d:\\Steam\\SteamApps\\common\\red orchestra\\System\\RedOrchestra.exe"= "h:\\World of Warcraft\\BackgroundDownloader.exe"= "h:\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"= "h:\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"= "h:\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"= "h:\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"= "h:\\KOD4\\iw3mp.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "d:\\Steam\\SteamApps\\common\\left 4 dead\\left4dead.exe"= "h:\\Modern Warfare 2\\iw4mp.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "i:\\Dirt2\\dirt2_game.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009.09.18. 13:54 206256] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2008.09.05. 12:39 717296] R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2009.09.18. 14:02 51488] R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2009.09.18. 14:02 39200] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2009.08.29. 1:43 15424] R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2009.09.18. 13:54 159600] R2 qHTTPs;UPSMAN HTTP;c:\program files\UPS\Upsman\www\ServiceDriver.exe [2009.09.09. 13:57 225353] R2 UPSMan;UPSMan;c:\program files\UPS\Upsman\upsman.exe [2009.09.09. 13:57 2990165] R3 DualCoreCenter;DualCoreCenter;c:\program files\MSI\DualCoreCenter\NTGLM7X.sys [2009.09.17. 0:17 28160] R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [2009.05.13. 19:00 12032] R3 RushTopDevice2;RushTopDevice2;c:\program files\MSI\DualCoreCenter\RushTop.sys [2009.09.17. 0:17 56320] S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2008.06.27. 19:21 99352] S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2008.06.27. 19:21 99352] S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2008.06.27. 19:21 555032] S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2008.06.27. 19:21 555032] S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2008.06.27. 19:21 100888] S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2008.06.27. 19:21 100888] S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2008.06.27. 19:21 566296] S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2008.06.27. 19:21 566296] S3 FIXUSTOR;FIXUSTOR; [x] S3 MsibiosDevice;MsibiosDevice;c:\program files\MSI\Live Update 4\LU4\msibios.sys [2009.09.14. 17:16 18432] S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [2009.09.18. 13:54 64392] S3 RTCore32;RTCore32;c:\program files\RightMark Memory Analyzer\RTCore32.sys [2008.10.18. 20:42 4608] S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009.09.18. 13:54 348752] S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2009.09.18. 14:02 33056] --- Other Services/Drivers In Memory --- *NewlyCreated* - DUALCORECENTER *NewlyCreated* - RUSHTOPDEVICE2 . ------- Supplementary Scan ------- . uStart Page = hxxp://www.freemail.hu uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll Trusted Zone: com.tw\asia.msi Trusted Zone: com.tw\global.msi Trusted Zone: com.tw\www.msi DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/L ... nstall.cab FF - ProfilePath - c:\documents and settings\Máté Balázs\Application Data\Mozilla\Firefox\Profiles\ukn1m0f3.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.freemail.hu/ FF - component: c:\program files\Mozilla Firefox 3.1 Beta 1\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox 3.1 Beta 1\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); . - - - - ORPHANS REMOVED - - - - WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-RemoveIT Pro v7Ent - c:\program files\InCode Solutions\RemoveIT Pro v7 Enterprise\removeit.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-06 18:29 Windows 5.1.2600 Szervizcsomag 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run P17Helper = Rundll32 SPIRun.dll,RunDLLEntry? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys >>UNKNOWN [0x8B6695A0]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xb80ecf28 \Driver\ACPI -> ACPI.sys @ 0xb7e67cb8 \Driver\atapi -> prosync1.sys @ 0xb85b06c1 IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8 ParseProcedure -> ntkrnlpa.exe @ 0x805827e8 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8 ParseProcedure -> ntkrnlpa.exe @ 0x805827e8 NDIS: SMC9452TX-2 Gigabit Ethernet PCI Adapter -> SendCompleteHandler -> NDIS.sys @ 0xb7c80bb0 PacketIndicateHandler -> NDIS.sys @ 0xb7c8da21 SendHandler -> NDIS.sys @ 0xb7c6b87b user & kernel MBR OK ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(808) c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll - - - - - - - > 'lsass.exe'(864) c:\windows\system32\imon.dll - - - - - - - > 'explorer.exe'(2928) c:\windows\system32\WININET.dll c:\windows\system32\themeui.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll h:\nokia\Nokia PC Suite 7\PhoneBrowser.dll h:\nokia\Nokia PC Suite 7\NGSCM.DLL h:\nokia\Nokia PC Suite 7\Lang\PhoneBrowser_hun.nlr h:\nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvsvc32.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\CTsvcCDA.exe c:\windows\system32\inetsrv\inetinfo.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe c:\program files\Eset\nod32krn.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PnkBstrB.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\system32\SearchIndexer.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\wscntfy.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\system32\rundll32.exe c:\windows\system32\RUNDLL32.EXE c:\program files\Razer\Lachesis\OSD.exe c:\windows\system32\Rundll32.exe c:\program files\Razer\Lachesis\razertra.exe c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\program files\Razer\Lachesis\razerofa.exe c:\program files\MSI\DualCoreCenter\DualCoreCenter.exe c:\program files\Creative\Shared Files\Software Update\AutoUpdate.exe c:\program files\PC Connectivity Solution\ServiceLayer.exe c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe c:\program files\PC Connectivity Solution\Transports\NclMSBTSrv.exe . ************************************************************************** . Completion time: 2009-12-06 18:38 - machine was rebooted ComboFix-quarantined-files.txt 2009-12-06 17:38 ComboFix2.txt 2009-12-05 22:23 Pre-Run: 2 743 824 384 bájt szabad Post-Run: 2 851 999 744 bájt szabad Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - 9F756B3861AC0A16C22E8B01BED95897 |
|
| Szerző: | WhipsOfGod [ vas. dec. 06, 2009 18:08 ] |
| Hozzászólás témája: | |
Okés, megcsinálom amit írtál. Remélem jó lesz a gépem már.
|
|
| Szerző: | stell [ vas. dec. 06, 2009 16:08 ] |
| Hozzászólás témája: | |
oszinten megmondva nemszeretem az ilyen oszevisza kapkodast,kersz segitsegedes aztan torolsz fut,fat,,csak azt kel csinalni amit irok semi mast Kinyitod a Notepadot>Start>futatas>beirod notepad Es bemasolod a piros textet Kód: KILLALL:: c:\windows\system32\drivers\lvuvc.hs c:\windows\system32\drivers\logiflt.iad FCOPY:: c:\windows\ServicePackFiles\i386\TCPIP.SYS | c:\windows\system32\drivers\TCPIP.SYS c:\windows\ServicePackFiles\i386\TCPIP.SYS | c:\windows\system32\dllcache\TCPIP.SYS Registry:: [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "P17Helper" =- FixCSet:: Mostan>a notepadon elso full-fajl>ballfelsosarokban>4-sor>lementenni mint.... A txt-hejetfajlnev beteszed eztett>CFScript.txt<alatta bealitod >minden fajl< legfelull>asztall i<klik gomb letenni.Es mostan megcsinalod eztett: 
A combofix maga elindul es lehet hogy restartol es befejezi a scent.Amit majd ad ted ide |
|
| Szerző: | WhipsOfGod [ vas. dec. 06, 2009 15:42 ] |
| Hozzászólás témája: | |
Aztán van ilyen az eseménynaplóban: A szórótábla <C:\DOCUMENTS AND SETTINGS\MÁTÉ BALÁZS\START MENU\PROGRAMS\CYBERLINK POWERDVD 9\POWERDVD 9 HELP FILE.LNK> bejegyzését nem sikerült frissíteni. Környezet: alkalmazás, SystemIndex katalógus Részletek: Egy rendszerhez csatlakoztatott eszköz nem működik. (0x8007001f) Meg ilyen: A Windows Search szolgáltatás 3013 eseménye 4 alkalommal lett felfüggesztve 12:58:38 időpont óta. Ezt az eseményt a Windows Search szolgáltatás rövid idő alatt gyakran előforduló eseményeinek felfüggesztéséhez használja a rendszer. Az eseményről a(z) 3013 eseményazonosító nyújt bővebb felvilágosítást. |
|
| Szerző: | WhipsOfGod [ vas. dec. 06, 2009 15:22 ] |
| Hozzászólás témája: | |
Ez az egy fájl volt, de ha még produkálja akkor beteszem ide. Szóval hangkártya újrainstall? |
|
| Szerző: | stell [ vas. dec. 06, 2009 14:07 ] |
| Hozzászólás témája: | |
es min csodalkozol ha torolted,aval a paraonikus programal Ja csak közben írom, hogy amikor bejön az XP azt írja ki, hogy a fájl nem tölthető be spirun.dll. SPIRun SPIRun Related to Creative audio products. Kapcsolódó Creative audio termékek. ez a minidump a mai volt tobb nincsen?? |
|
| Szerző: | WhipsOfGod [ vas. dec. 06, 2009 13:06 ] |
| Hozzászólás témája: | |
http://leteckaposta.cz/137675431 Ja csak közben írom, hogy amikor bejön az XP azt írja ki, hogy a fájl nem tölthető be spirun.dll. Mégegy tünet, hogy neten akartam videót nézni és jött a kékhalál, és az utolsó hangfoszlány szaggatva ismétlődött. |
|
| Szerző: | stell [ vas. dec. 06, 2009 12:31 ] |
| Hozzászólás témája: | |
majd azt en kicserelem a combofixel,,csak ujra lekelesz toltened es eztet leszedni a geprol,eloszor a minidump tartalma erdekel, |
|
| Szerző: | WhipsOfGod [ vas. dec. 06, 2009 12:29 ] |
| Hozzászólás témája: | |
Az egyes menüpont megvan, hogyan cseréljem ki a TCP drivert? |
|
| Szerző: | stell [ vas. dec. 06, 2009 9:43 ] |
| Hozzászólás témája: | |
udv 1:Leszedni az ,c:\program files\Ask.com\programot a vezerlo pulton keresztul 2:valamit torolt a combofix es meg kikei cserelni a TCP drivert 3:Azt a remover programot amit hasznaltal,az egy paranoikus program ugyan olyan mint a prevx,,nemszabad minden programot hasznalni ami az inteneten van,en zserintem minden amit toroltel vele renben van 4:tonkre teted a combofixed is mert torolted a falylojat 5:Jelenitsd meg a rejtet mapak es falylokat,talald meg a C:\windows\minidump mapat es a tartalmat vagy az egesz mapat jatszd fel ide http://leteckaposta.cz/ a linket ted ide, egyelore enyi, |
|
| Szerző: | nacorvus [ vas. dec. 06, 2009 1:45 ] |
| Hozzászólás témája: | |
http://freemail.origo.hu/index.html 
Amikor telepíted pl a nem is tudom hirtelnjében win alatt melyik,de pl a Nero a végén,megkérdezi hogy kell-e neked a Google-toolbar Ask.com keresővel...De pl az Opera mint böngésző alapból azt teszi első helyre a a keresők közül.
Okozhat hasonló hibát egy rossz telepítés is,onnantól kezdve megborul az egész op agya.Pl: 98 alatt rendszeresen,de xp alatt is egy-egy eszköz telepítése után:újraindítás szükséges felirat kb 5 percenként.Pl:nálam a W.Vista a webkamera-drivertől ue-t művelte az eső időkben.kb félévig használhatalan volt,de xp alatt,sőt linux alatt is teljesen hibátlan volt..,de mivel kettyós volt a driver állandóan ki akart mászni a netre,ha nem engedtem,a gép jobbik esetben'csak'újraindult,rosszabb esetben tejesen kimerevedett |
|
| Szerző: | WhipsOfGod [ vas. dec. 06, 2009 1:22 ] |
| Hozzászólás témája: | |
De ami érdekes, hogy az indítólapom nem az origo, hanem a freemail. A másik, hogy amivel játszom - nem túl sok fajta játék - azt megveszem... És akkor miért indul újra a gépem? Minden hardware-es dolgot megnéztem...memtest, cpu stress test...vinyókat megnéztem...hiába... Ezek a hibák ezekszerint, nem vírusok okozhatnak ilyen dolgokat? És mit ajánlanál ezek ellen? Hopp mégegy.Ask.com-ot hogyan tíltsam le? Köszönöm a segítségedet. Ráadás a winfosom is eredeti, adták régen dsl-hez... |
|
| Szerző: | nacorvus [ vas. dec. 06, 2009 1:05 ] |
| Hozzászólás témája: | |
I think so ..komoly bajok nincsenek még,de lesznek..IE8 és az egyebek,pdig van mozilla is a gépen Az indítólappal is komoly gondok vannak az origó maga az egyik legnagyobb spammerterjesztő,holott a levélszemétgyűjtője működik 
Az ask.com-ot azon nyomban tiltds le a böngészőben-soha sem fogsz egy alapvetően kereskedelmi amerikai kereskedelmi szevertől semmit sem kérdezni. Az Adobe-nak is csakakkor van helye a böngészőben a ha egy pdf-filét a neten akarsz megnézni,ill egy fash alkalmazást futtatsz  egyik alapítója a BSA-nak és ellentétben a richmondi céggel,Ők a mai napig nem csinálták meg a dolgukat-de megoldottnak tekintik a 64-bites flashpalyert!
Aztán megtudtuk hogy,játszol a gépen:World of Warcraft,Crisis,és hogy ott van a neved is! Idézet: ProfilePath - c:\documents and settings\Máté Balázs\Application Data\Mozilla\Firefox\Profiles\ukn1m0f3.default\ 
Nem kellenek aLive updaték az alaplapodhoz,sem a videokártyádhoz!-"döglötten" is letölthetők amikor kell! A PEV.exe a CoboFix szerint Pot.Unwanted-mert amikor nem kellett már nem irtottad le úgy mint amit már stell-mester javasolt nem is egyszer futtatás,irtás fixálás és a program törlése :combifix/u mert már nem kell és az összes virkill. hibát jelez!
fcachdll.dll :hibás programtelepítés,de ne próbálkozz az újratelepítéssel mert,maga az alkalmazás vírusos,ezért meg is fogta az irtó v.a tűzfal. iisext.dll :exporerhiba-nyakilag inetsloc.dll :ua snprfdll.dll:hibás adatvisszállítás javításuk a kicsipuha-oldalán spirun.dll hibás taskindítás:nemlétező v törölt program miatt |
|
| Szerző: | WhipsOfGod [ szomb. dec. 05, 2009 23:37 ] |
| Hozzászólás témája: | |
A RemoveIT Pro v4 SE pedig ezeket találta. 23:30:11: Infected file (Sys32.fcachdll) C:\WINDOWS\system32\fcachdll.dll 23:30:21: Infected file (Sys32.iisext) C:\WINDOWS\system32\iisext.dll 23:30:21: Infected file (Sys32.inetsloc) C:\WINDOWS\system32\inetsloc.dll 23:30:57: Infected file (Sys32.snprfdll) C:\WINDOWS\system32\snprfdll.dll 23:30:57: Infected file (Sys32.spirun) C:\WINDOWS\system32\spirun.dll 23:31:44: Infected file (Sys32.pev) C:\WINDOWS\pev.exe
|
|
| Szerző: | WhipsOfGod [ szomb. dec. 05, 2009 23:29 ] |
| Hozzászólás témája: | |
Ez pedig a Combofix ComboFix 09-12-05.01 - Máté Balázs 009.12.05. 23:17.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.36.1038.18.3327.2851 [GMT 1:00] Running from: i:\dvd-re xxx\ComboFix.exe AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6} * Resident AV is active . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-3247190855-3109746679-4224636872-1000 c:\documents and settings\All Users\Application Data\Microsoft\WLSetup c:\documents and settings\All Users\Application Data\Microsoft\WLSetup\Logs\2009-01-08_11-44_15e8-zhva5s70.log c:\documents and settings\All Users\Application Data\Microsoft\WLSetup\Logs\2009-02-22_12-40_f70-lxa4t57b.log c:\documents and settings\All Users\Application Data\Microsoft\WLSetup\Logs\2009-11-08_15-22_878-l9ej3c5w.log c:\windows\system32\twain_32.dll . ((((((((((((((((((((((((( Files Created from 2009-11-05 to 2009-12-05 ))))))))))))))))))))))))))))))) . 2009-12-05 21:07 . 2009-12-05 21:07 -------- d-----w- c:\documents and settings\All Users\Application Data\RegCure 2009-12-05 21:07 . 2009-12-05 21:07 -------- d-----w- c:\program files\RegCure 2009-12-05 15:20 . 2009-12-05 15:20 -------- d-----w- c:\program files\VideoLAN 2009-12-05 13:26 . 2009-12-05 13:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Codemasters 2009-12-05 13:24 . 2009-07-13 18:04 839680 ----a-w- c:\windows\system32\mkl_vml_p4.dll 2009-12-05 13:24 . 2009-07-13 18:04 532480 ----a-w- c:\windows\system32\mkl_vml_p3.dll 2009-12-05 13:24 . 2009-07-13 18:04 512000 ----a-w- c:\windows\system32\mkl_vml_def.dll 2009-12-05 13:24 . 2009-07-13 18:04 3485696 ----a-w- c:\windows\system32\mkl_p4.dll 2009-12-05 13:24 . 2009-10-16 10:19 872448 ----a-w- c:\windows\system32\rapture3d_oal.dll 2009-12-05 13:24 . 2009-07-13 18:04 2793472 ----a-w- c:\windows\system32\mkl_p3.dll 2009-12-05 13:24 . 2009-07-13 18:04 2441216 ----a-w- c:\windows\system32\mkl_def.dll 2009-12-05 13:24 . 2009-07-13 18:04 2174976 ----a-w- c:\windows\system32\mkl_lapack32.dll 2009-12-05 13:24 . 2009-07-13 18:04 2125824 ----a-w- c:\windows\system32\mkl_lapack64.dll 2009-12-05 13:24 . 2009-07-13 18:04 184320 ----a-w- c:\windows\system32\libguide40.dll 2009-12-05 13:24 . 2009-12-05 13:24 -------- d-----w- c:\program files\BRS 2009-11-28 10:28 . 2009-11-28 10:28 -------- d-----w- c:\program files\Common Files\Skype 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\DCoder Image Source 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\SHOUTcast Source 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\MONOGRAM AMR SplitterDecoder 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\CD Audio Reader Filter 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\Gabest MPEG Splitter 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\OpenSource DTSAC3DD+ Source Filter 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\RealMedia 2009-11-25 10:42 . 2009-11-25 10:42 -------- d-----w- c:\program files\DScaler5 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\AC3Filter 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\OpenSource Flash Video Splitter 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\DirectVobSub 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\Haali 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\Bass Audio Decoder 2009-11-25 10:41 . 2008-12-17 18:22 57344 ----a-w- c:\windows\system32\ff_vfw.dll 2009-11-25 10:41 . 2009-11-25 10:41 -------- d-----w- c:\program files\ffdshow 2009-11-25 10:41 . 2008-12-11 12:26 60273 ----a-w- c:\windows\system32\pthreadGC2.dll 2009-11-25 10:40 . 2009-12-05 15:16 -------- d-----w- c:\program files\Zoom Player 2009-11-24 15:18 . 2009-11-24 15:18 -------- d--h--w- c:\windows\msdownld.tmp 2009-11-22 13:43 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-22 13:43 . 2009-11-22 13:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-11-22 13:43 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-22 13:43 . 2009-11-22 13:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-11-21 21:44 . 2009-11-21 21:44 -------- d-----w- c:\program files\InCode Solutions 2009-11-21 19:30 . 2009-11-21 19:30 -------- d-----w- c:\program files\CleanUp! 2009-11-18 19:20 . 2009-11-18 19:21 -------- d-----w- c:\program files\Flobo HDDBadSectorRepair 2009-11-18 11:59 . 1999-12-12 17:01 44032 ------w- c:\windows\system32\CTSVCCDA.EXE 2009-11-18 11:59 . 1999-11-17 17:00 25088 ------w- c:\windows\system32\CTSVCCTL.EXE 2009-11-18 11:58 . 2009-11-18 11:58 -------- d-----w- c:\program files\Common Files\Creative 2009-11-18 11:57 . 2007-03-22 16:35 1659008 ----a-r- c:\windows\system32\drivers\p17xfilt.sys 2009-11-18 11:57 . 2006-01-25 06:55 137728 ----a-r- c:\windows\system32\P17res.dll 2009-11-18 11:57 . 2003-04-01 23:13 139264 ----a-r- c:\windows\system32\EAX.DLL 2009-11-18 11:57 . 2006-09-25 09:58 1173504 ----a-r- c:\windows\system32\drivers\P17xfi.sys 2009-11-18 11:57 . 2004-12-22 11:58 8704 ----a-r- c:\windows\system32\drivers\Pfmodnt.sys 2009-11-15 10:12 . 2009-11-15 10:12 -------- d-----w- c:\program files\Common Files\CyberLink 2009-11-15 10:10 . 2009-11-15 10:09 29480 ----a-w- c:\windows\system32\msxml3a.dll 2009-11-15 10:10 . 2009-11-15 10:09 53319 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe 2009-11-14 21:54 . 2009-11-17 11:08 -------- d-----w- c:\program files\Registry Winner 2009-11-14 21:45 . 2009-11-14 21:46 -------- d-----w- c:\program files\WhoCrashed 2009-11-14 14:42 . 2009-11-14 14:42 -------- d-----w- c:\program files\SystemRequirementsLab 2009-11-13 20:49 . 2009-11-13 20:49 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2009-11-12 16:42 . 2009-11-12 16:42 -------- d-----w- c:\windows\system32\AGEIA 2009-11-12 16:42 . 2009-11-12 16:42 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation 2009-11-12 16:41 . 2009-11-12 16:42 -------- d-----w- c:\program files\NVIDIA Corporation 2009-11-12 16:41 . 2009-11-12 16:41 -------- d-----w- C:\NVIDIA 2009-11-12 15:52 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2009-11-12 15:52 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll 2009-11-12 15:52 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll 2009-11-12 15:52 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll 2009-11-12 15:52 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll 2009-11-12 15:52 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2009-11-12 15:52 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll 2009-11-09 13:26 . 2009-11-09 13:26 -------- d-----w- c:\program files\Ask.com 2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-05 22:10 . 2009-09-30 12:10 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs 2009-12-05 22:10 . 2009-10-22 12:46 0 ----a-w- c:\windows\system32\drivers\logiflt.iad 2009-12-05 21:58 . 2009-09-18 12:53 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-12-05 16:40 . 2008-10-20 08:43 -------- d-----w- c:\program files\Mozilla Firefox 3.1 Beta 1 2009-12-05 13:23 . 2009-02-12 11:43 -------- d-----w- c:\program files\OpenAL 2009-12-05 13:23 . 2008-08-30 12:41 445016 ----a-w- c:\windows\system32\wrap_oal.dll 2009-12-05 13:23 . 2003-10-14 03:53 109144 ----a-w- c:\windows\system32\OpenAL32.dll 2009-12-05 13:05 . 2008-08-30 09:32 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-02 14:49 . 2009-09-18 12:54 -------- d-----w- c:\program files\Spyware Doctor 2009-11-28 12:21 . 2008-09-07 14:10 215104 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-11-28 12:12 . 2008-09-07 14:11 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-11-28 10:28 . 2009-02-25 14:54 -------- d-----r- c:\program files\Skype 2009-11-28 10:28 . 2008-09-04 12:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-11-25 10:52 . 2008-08-30 18:51 -------- d-----w- c:\program files\GRETECH 2009-11-23 18:19 . 2008-10-06 08:46 -------- d-----w- c:\program files\Java 2009-11-23 18:19 . 2004-08-18 12:00 526546 ----a-w- c:\windows\system32\perfh00E.dat 2009-11-23 18:19 . 2004-08-18 12:00 131798 ----a-w- c:\windows\system32\perfc00E.dat 2009-11-21 21:34 . 2008-09-02 16:08 -------- d-----w- c:\program files\BCDC++ 2009-11-18 19:43 . 2009-10-27 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip 2009-11-18 12:00 . 2009-08-29 20:50 -------- d-----w- c:\program files\Creative 2009-11-18 11:59 . 2009-06-25 16:39 -------- d--h--w- c:\program files\Creative Installation Information 2009-11-15 10:18 . 2008-09-11 11:40 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink 2009-11-15 10:10 . 2008-09-11 11:37 -------- d-----w- c:\program files\CyberLink 2009-11-14 21:12 . 2008-12-18 18:59 -------- d-----w- c:\program files\Setup Files 2009-11-14 14:47 . 2009-02-15 13:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-11-13 23:04 . 2009-09-27 17:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2009-11-13 18:40 . 2008-09-19 06:48 -------- d-----w- c:\program files\Lavalys 2009-11-13 18:12 . 2009-09-28 21:18 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLds.DAT 2009-11-13 18:12 . 2008-09-10 18:53 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLec.DAT 2009-11-12 16:42 . 2008-10-07 10:27 -------- d-----w- c:\program files\AGEIA Technologies 2009-11-12 16:42 . 2008-10-23 21:44 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-11-08 14:27 . 2009-01-08 10:51 -------- d-----w- c:\program files\Windows Live 2009-11-02 17:05 . 2009-11-02 17:05 167064 ----a-w- c:\windows\system32\xliveinstall.dll 2009-11-02 17:05 . 2009-11-02 17:05 71832 ----a-w- c:\windows\system32\xliveinstallhost.exe 2009-10-29 16:03 . 2009-10-29 16:03 -------- d-----w- c:\program files\CCleaner 2009-10-28 21:43 . 2008-09-11 08:39 -------- d-----w- c:\program files\Common Files\Apple 2009-10-20 20:17 . 2009-03-16 14:35 58468 ---ha-w- c:\windows\system32\mlfcache.dat 2009-10-16 20:33 . 2008-09-07 14:10 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-10-11 03:17 . 2008-11-19 12:52 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-08 13:57 . 2007-10-09 12:03 613888 ----a-w- c:\windows\system32\uiautomationcore.dll 2009-10-08 13:57 . 2004-08-18 12:00 22016 ----a-w- c:\windows\system32\oleaccrc.dll 2009-10-08 13:57 . 2004-08-18 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll 2009-09-27 17:20 . 2009-09-27 17:20 2173544 ----a-w- c:\windows\system32\nvcplui.exe 2009-09-27 17:20 . 2009-09-27 17:20 81920 ----a-w- c:\windows\system32\nvwddi.dll 2009-09-27 17:19 . 2009-09-27 17:19 3166208 ----a-w- c:\windows\system32\nvwss.dll 2009-09-27 17:19 . 2009-09-27 17:19 4026368 ----a-w- c:\windows\system32\nvvitvs.dll 2009-09-27 17:19 . 2009-09-27 17:19 3547136 ----a-w- c:\windows\system32\nvgames.dll 2009-09-27 17:19 . 2009-09-27 17:19 188416 ----a-w- c:\windows\system32\nvmccss.dll 2009-09-27 17:19 . 2009-09-27 17:19 1286144 ----a-w- c:\windows\system32\nvmobls.dll 2009-09-27 17:19 . 2009-09-27 17:19 86016 ----a-w- c:\windows\system32\nvmctray.dll 2009-09-27 17:19 . 2009-09-27 17:19 4935680 ----a-w- c:\windows\system32\nvdisps.dll 2009-09-27 17:19 . 2009-09-27 17:19 172100 ----a-w- c:\windows\system32\nvsvc32.exe 2009-09-27 17:19 . 2009-09-27 17:19 143360 ----a-w- c:\windows\system32\nvcolor.exe 2009-09-27 17:19 . 2009-09-27 17:19 13918208 ----a-w- c:\windows\system32\nvcpl.dll 2009-09-27 17:19 . 2009-09-27 17:19 229376 ----a-w- c:\windows\system32\nvmccs.dll 2009-09-27 15:12 . 2009-09-27 15:12 888832 ----a-w- c:\windows\system32\nvapi.dll 2009-09-27 15:12 . 2009-09-27 15:12 2194024 ----a-w- c:\windows\system32\nvcuvid.dll 2009-09-27 15:12 . 2009-09-27 15:12 2007040 ----a-w- c:\windows\system32\nvcuda.dll 2009-09-27 15:12 . 2009-09-27 15:12 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll 2009-09-27 15:12 . 2009-09-27 15:12 170600 ----a-w- c:\windows\system32\nvcodins.dll 2009-09-27 15:12 . 2009-09-27 15:12 170600 ----a-w- c:\windows\system32\nvcod.dll 2009-09-27 15:12 . 2009-09-27 15:12 10756096 ----a-w- c:\windows\system32\nvoglnt.dll 2009-09-27 15:12 . 2009-04-30 20:02 1604482 ----a-w- c:\windows\system32\nvdata.bin 2009-09-27 15:12 . 2008-05-16 12:01 7655872 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2009-09-27 15:12 . 2008-05-16 12:01 5900416 ----a-w- c:\windows\system32\nv4_disp.dll 2009-09-25 21:45 . 2009-09-25 15:37 573472 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-09-25 21:45 . 2009-09-25 15:37 23328 --sha-w- c:\windows\system32\drivers\fidbox2.dat 2009-09-20 14:08 . 2009-09-20 14:08 38208 ----a-w- c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2009-09-20 12:31 . 2009-09-20 12:31 1962544 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe 2009-09-19 23:24 . 2004-08-18 12:00 361600 ----a-w- c:\windows\system32\drivers\TCPIP.SYS 2009-09-14 12:03 . 2009-09-08 10:28 2729092 ----a-w- c:\windows\Internet Logs\tvDebug.Zip 2009-09-11 14:19 . 2004-08-18 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll . ------- Sigcheck ------- [-] 2009-09-19 . D24EA301E2B36C4E975FD216CA85D8E7 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\TCPIP.SYS [-] 2009-09-19 . D24EA301E2B36C4E975FD216CA85D8E7 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\TCPIP.SYS [7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys [7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\TCPIP.SYS [7] 2004-08-18 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2009-09-02 13:56 1175944 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] "PC Suite Tray"="h:\nokia\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "CTxfiHlp"="CTXFIHLP.EXE" [2006-08-11 18944] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-11-13 611712] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-12-20 2656528] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-05 177472] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-08-29 949376] "DelReg"="c:\program files\MSI\DualCoreCenter\DelReg.exe" [2008-05-13 196608] "Lachesis"="c:\program files\Razer\Lachesis\razerhid.exe" [2008-10-14 172032] "Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-05-04 354312] "Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-05-04 2817544] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016] "RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-02-16 87336] "PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2008-10-13 50472] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696] "VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2007-02-28 180224] "P17Helper"="SPIRun.dll" [2006-07-03 10752] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\M t‚ Bal zs\Start Menu\Programs\Indˇt˘pult\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696] c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\ DualCoreCenter.lnk - c:\program files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe [2009-9-17 192512] ExifLauncher2.lnk - h:\fiji1000fd\QuickDCF2.exe [2008-12-23 303104] NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2008-9-11 118784] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "d:\\Steam\\SteamApps\\wogwog\\counter-strike source\\hl2.exe"= "c:\\Program Files\\UPS\\Upsman\\upsman.exe"= "c:\\Program Files\\UPS\\Upsman\\www\\ServiceDriver.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\totalcmd\\TOTALCMD.EXE"= "c:\\Program Files\\BCDC++\\DCPlusPlus.exe"= "d:\\Steam\\SteamApps\\wogwog\\day of defeat source\\hl2.exe"= "h:\\Crysis special edition\\Bin32\\Crysis.exe"= "h:\\Crysis special edition\\Bin32\\CrysisDedicatedServer.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"= "d:\\Steam\\SteamApps\\wogwog\\half-life 2 deathmatch\\hl2.exe"= "d:\\Steam\\SteamApps\\wogwog\\half-life deathmatch source\\hl2.exe"= "d:\\Steam\\SteamApps\\wogwog\\source sdk base\\hl2.exe"= "d:\\Steam\\SteamApps\\wogwog\\zombie panic! source\\hl2.exe"= "c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"= "d:\\Steam\\SteamApps\\wogwog\\team fortress 2\\hl2.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Program Files\\SmartFTP\\SmartFTP.exe"= "h:\\Burnout Paradise\\BurnoutLauncher.exe"= "h:\\Burnout Paradise\\BurnoutConfigTool.exe"= "h:\\Burnout Paradise\\BurnoutParadise.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Documents and Settings\\Máté Balázs\\Application Data\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"= "i:\\KOD2\\CoD2MP_s.exe"= "h:\\World of Warcraft\\Launcher.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "d:\\Steam\\SteamApps\\common\\red orchestra\\System\\RedOrchestra.exe"= "h:\\World of Warcraft\\BackgroundDownloader.exe"= "h:\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"= "h:\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"= "h:\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"= "h:\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"= "h:\\KOD4\\iw3mp.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "d:\\Steam\\SteamApps\\common\\left 4 dead\\left4dead.exe"= "h:\\Modern Warfare 2\\iw4mp.exe"= "c:\\Program Files\\InCode Solutions\\RemoveIT Pro v4 - SE\\removeit.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "i:\\Dirt2\\dirt2_game.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009.09.18. 13:54 206256] R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2009.09.18. 14:02 51488] R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2009.09.18. 14:02 39200] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2009.08.29. 1:43 15424] R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2009.09.18. 13:54 159600] R2 qHTTPs;UPSMAN HTTP;c:\program files\UPS\Upsman\www\ServiceDriver.exe [2009.09.09. 13:57 225353] R2 UPSMan;UPSMan;c:\program files\UPS\Upsman\upsman.exe [2009.09.09. 13:57 2990165] R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [2009.05.13. 19:00 12032] S0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys --> c:\windows\system32\drivers\sfdrv01a.sys [?] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2008.09.05. 12:39 717296] S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2008.06.27. 19:21 99352] S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2008.06.27. 19:21 99352] S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2008.06.27. 19:21 555032] S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2008.06.27. 19:21 555032] S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2008.06.27. 19:21 100888] S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2008.06.27. 19:21 100888] S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2008.06.27. 19:21 566296] S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2008.06.27. 19:21 566296] S3 DualCoreCenter;DualCoreCenter;c:\program files\MSI\DualCoreCenter\NTGLM7X.sys [2009.09.17. 0:17 28160] S3 FIXUSTOR;FIXUSTOR; [x] S3 MsibiosDevice;MsibiosDevice;c:\program files\MSI\Live Update 4\LU4\msibios.sys [2009.09.14. 17:16 18432] S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [2009.09.18. 13:54 64392] S3 RTCore32;RTCore32;c:\program files\RightMark Memory Analyzer\RTCore32.sys [2008.10.18. 20:42 4608] S3 RushTopDevice2;RushTopDevice2;c:\program files\MSI\DualCoreCenter\RushTop.sys [2009.09.17. 0:17 56320] S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009.09.18. 13:54 348752] S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2009.09.18. 14:02 33056] S3 ThreatFire;ThreatFire;c:\program files\Spyware Doctor\TFEngine\TFService.exe service --> c:\program files\Spyware Doctor\TFEngine\TFService.exe service [?] . ------- Supplementary Scan ------- . uStart Page = hxxp://www.freemail.hu uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll Trusted Zone: com.tw\asia.msi Trusted Zone: com.tw\global.msi Trusted Zone: com.tw\www.msi DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/L ... nstall.cab FF - ProfilePath - c:\documents and settings\Máté Balázs\Application Data\Mozilla\Firefox\Profiles\ukn1m0f3.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.freemail.hu/ FF - component: c:\program files\Mozilla Firefox 3.1 Beta 1\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox 3.1 Beta 1\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); . - - - - ORPHANS REMOVED - - - - AddRemove-Crysis WARHEAD(R) - c:\documents and settings\All Users\Application Data\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe REMOVE=TRUE MODIFY=FALSE AddRemove-NVIDIA Drivers - c:\program files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI AddRemove-Steam App 215 - d:\steam\steam.exe steam://uninstall/215 AddRemove-Steam App 218 - d:\steam\steam.exe steam://uninstall/218 AddRemove-Steam App 400 - d:\steam\steam.exe steam://uninstall/400 AddRemove-Steam App 420 - d:\steam\steam.exe steam://uninstall/420 AddRemove-Steam App 440 - d:\steam\steam.exe steam://uninstall/440 AddRemove-Steam App 500 - d:\steam\steam.exe steam://uninstall/500 AddRemove-Uniblue RegistryBooster 2009 - c:\documents and settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\Uniblue RegistryBooster.exe REMOVE=TRUE MODIFY=FALSE AddRemove-{021d77fd-e61a-4d59-8b24-5560595e94e9} - c:\program files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER=9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A ************************************************************************** scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run P17Helper = Rundll32 SPIRun.dll,RunDLLEntry? scanning hidden files ... scan completed successfully hidden files: ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(792) c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll - - - - - - - > 'lsass.exe'(848) c:\windows\system32\imon.dll . Completion time: 2009-12-05 23:23 ComboFix-quarantined-files.txt 2009-12-05 22:22 Pre-Run: 2 544 439 296 bájt szabad Post-Run: 2 927 886 336 bájt szabad WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe ; ;Warning: Boot.ini is used on Windows XP and earlier operating systems. ;Warning: Use BCDEDIT.exe to modify Windows Vista boot options. ; [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional - magyar" /NOEXECUTE=OPTIN /FASTDETECT Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - 680DEF7521B62F9ECDBBA2CECFBB67D5 |
|
| Szerző: | WhipsOfGod [ szomb. dec. 05, 2009 23:08 ] |
| Hozzászólás témája: | Egy Guru ránézne erre...szerintem vírus |
és már tépem a hajam. Jelenség: random szerűen ójraindul a gép de előbb kékhalál. HijackThis log-ja: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:01:42, on 2009.12.05. Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Razer\Lachesis\razerhid.exe C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe C:\WINDOWS\system32\PnkBstrB.exe C:\Program Files\UPS\Upsman\www\ServiceDriver.exe C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\UPS\Upsman\upsman.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe H:\FIJI1000FD\QuickDCF2.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Razer\Lachesis\razertra.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Razer\Lachesis\razerofa.exe C:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe C:\Program Files\uTorrent\uTorrent.exe C:\totalcmd\TOTALCMD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.freemail.hu R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID bejelentkezési segítség - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [DelReg] C:\Program Files\MSI\DualCoreCenter\DelReg.exe O4 - HKLM\..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe" O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r O4 - HKLM\..\Run: [P17Helper] Rundll32 SPIRun.dll,RunDLLEntry O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PC Suite Tray] "H:\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe O4 - Global Startup: ExifLauncher2.lnk = H:\FIJI1000FD\QuickDCF2.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Küldés blogba - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Küldés blogba a Windows Live Writer programmal - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://asia.msi.com.tw O15 - Trusted Zone: http://global.msi.com.tw O15 - Trusted Zone: http://www.msi.com.tw O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} (System Requirements Lab) - http://intel-drv-cdn.systemrequirements ... b_srlx.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 8597888796 O16 - DPF: {680285A8-96D3-43DA-9D3D-51DD987D0B77} (NeroVersionCheckerControl Control) - http://www.nero.com/doc/NeroVersionCheckerControl.cab O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 7680083296 O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: UPSMAN HTTP (qHTTPs) - Quazar Software GmbH - C:\Program Files\UPS\Upsman\www\ServiceDriver.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: ThreatFire - PC Tools - C:\Program Files\Spyware Doctor\TFEngine\TFService.exe O23 - Service: UPSMan - Generex GmbH - C:\Program Files\UPS\Upsman\upsman.exe -- End of file - 13927 bytes |
|
| Oldal: 1 / 1 | Időzóna: UTC + 1 óra |
| Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |
|