Nos a restárt nem ment ComboFix előtt így rendszer visszaállítás nélkül lefuttattam a ComboFixet itt a log de nincsen asztalom , feladat kezelőből hívtam elő a Firefoxot de beírtam az új feladatnak az asztal , hibára dobta ugyan de az asztal is tálca is megjelent.

ComboFix 08-06-20.4 - Windows XP 2008-06-30 16:43:06.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.1.1038.18.1428 [GMT 2:00]
Running from: C:\Documents and Settings\Windows XP\Asztal\ComboFixexe.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Windows XP\Application Data\inst.exe

.
((((((((((((((((((((((((( Files Created from 2008-05-28 to 2008-06-30 )))))))))))))))))))))))))))))))
.

2008-06-30 16:32 . 2008-06-30 16:32 <DIR> d-------- C:\VundoFix Backups
2008-06-30 15:34 . 2008-06-30 15:34 <DIR> d-------- C:\[Ad-Aware] Serials
2008-06-30 14:09 . 2008-06-30 14:09 <DIR> d-------- C:\Program Files\Lavasoft
2008-06-30 14:09 . 2008-06-30 14:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-30 14:08 . 2008-06-30 14:08 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-28 15:05 . 2008-06-28 15:05 <DIR> d-------- C:\Program Files\Bonjour
2008-06-28 15:00 . 2008-06-28 15:00 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
2008-06-28 10:37 . 2008-06-28 10:37 <DIR> d-------- C:\[Adobe Photoshop CS3] Serials
2008-06-28 10:08 . 2008-06-28 10:08 <DIR> d-------- C:\Program Files\BCsoft
2008-06-23 23:01 . 2008-06-23 23:01 <DIR> d-------- C:\Program Files\KP Software
2008-06-23 23:01 . 2002-04-29 23:45 323,584 --a------ C:\WINDOWS\system32\AudioControl.ocx
2008-06-23 23:01 . 2000-08-04 12:04 24,576 --a------ C:\WINDOWS\system32\JKTryIcn.ocx
2008-06-23 00:06 . 2008-06-23 00:06 <DIR> d-------- C:\[Spyware Doctor] Serials
2008-06-19 07:21 . 2008-06-19 07:21 <DIR> d-------- C:\[Winamp] Serials
2008-06-18 21:57 . 2008-06-18 21:57 <DIR> d-------- C:\Program Files\Real
2008-06-18 21:57 . 2008-06-18 21:57 <DIR> d-------- C:\Program Files\Common Files\xing shared
2008-06-18 21:57 . 2008-06-18 21:57 <DIR> d-------- C:\Program Files\Common Files\Real
2008-06-18 17:27 . 2008-06-18 17:27 <DIR> d-------- C:\[GTA San Andreas] Serials
2008-06-13 20:12 . 2008-06-13 20:13 <DIR> d-------- C:\Program Files\My Video Converter
2008-06-13 20:12 . 2008-06-13 20:13 67 --a------ C:\WINDOWS\My Video Converter.INI
2008-06-13 09:11 . 2008-06-30 14:02 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-13 09:11 . 2008-06-13 09:11 <DIR> d-------- C:\Documents and Settings\Windows XP\Application Data\Malwarebytes
2008-06-13 09:11 . 2008-06-13 09:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-13 09:11 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-13 09:11 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-10 21:39 . 2008-06-14 19:36 272,512 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-10 21:39 . 2008-05-08 16:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-06-09 14:29 . 2008-06-09 14:29 <DIR> d-------- C:\Documents and Settings\Windows XP\Application Data\fltk.org
2008-06-04 06:04 . 2008-06-04 06:04 <DIR> d-------- C:\Program Files\Microsoft Silverlight
2008-05-31 15:32 . 2008-05-31 15:32 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\CyberLink
2008-05-30 17:30 . 2008-05-30 20:34 <DIR> d-------- C:\Program Files\Solo8Eng
2008-05-30 17:05 . 2008-05-30 17:05 <DIR> d-------- C:\Program Files\Deskshare
2008-05-30 17:05 . 2008-05-30 17:05 <DIR> d-------- C:\Program Files\Common Files\DeskShare Shared
2008-05-30 17:05 . 2004-12-07 10:11 258,352 --a------ C:\WINDOWS\system32\Unicows.dll
2008-05-30 17:05 . 2004-03-09 00:00 224,016 --a------ C:\WINDOWS\system32\TABCTL32.OCX
2008-05-30 17:05 . 2001-02-20 03:47 140,288 --a------ C:\WINDOWS\system32\COMDLG32.OCX
2008-05-29 19:16 . 2008-05-29 19:16 <DIR> d-------- C:\Program Files\Common Files\NSV
2008-05-28 22:11 . 2008-05-28 22:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\IM
2008-05-28 22:06 . 2008-06-22 22:54 <DIR> d-------- C:\Program Files\IncrediMail
2008-05-28 22:06 . 2008-05-28 22:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\IncrediMail
2008-05-25 19:41 . 2004-02-22 10:11 719,872 --a------ C:\WINDOWS\system32\devil.dll
2008-05-25 19:41 . 2006-10-07 17:43 502,784 --a------ C:\WINDOWS\x2.64.exe
2008-05-25 19:41 . 2008-02-07 16:15 408,576 --a------ C:\WINDOWS\system32\Smab.dll
2008-05-25 19:41 . 2007-05-17 17:30 318,976 --a------ C:\WINDOWS\system32\avisynth.dll
2008-05-25 19:41 . 2005-02-28 13:16 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2008-05-25 19:41 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-05-25 19:41 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2008-05-25 19:41 . 2006-04-05 08:09 66,560 --a------ C:\WINDOWS\MOTA113.exe
2008-05-25 19:41 . 2005-07-14 12:31 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2008-05-25 19:40 . 2008-05-25 19:40 <DIR> d-------- C:\Program Files\AviSynth 2.5
2008-05-25 19:40 . 2006-04-12 09:47 217,073 --a------ C:\WINDOWS\meta4.exe
2008-05-25 19:38 . 2008-05-25 19:38 <DIR> d-------- C:\Program Files\eRightSoft
2008-05-24 09:42 . 2008-05-24 12:34 <DIR> d-------- C:\Documents and Settings\Windows XP\Application Data\Hamachi
2008-05-24 09:42 . 2008-05-24 09:42 26,056 --a------ C:\WINDOWS\system32\drivers\hamachi.sys
2008-05-23 18:40 . 2008-06-22 22:46 <DIR> d-------- C:\Program Files\USB Disk Security
2008-05-22 18:03 . 2008-05-22 18:03 <DIR> d-------- C:\Program Files\AliveMedia
2008-05-22 17:49 . 2004-08-17 16:47 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-05-22 17:44 . 2008-05-22 17:44 <DIR> d-------- C:\WINDOWS\system32\hu
2008-05-22 17:44 . 2008-05-22 17:44 <DIR> d-------- C:\WINDOWS\system32\bits
2008-05-22 17:44 . 2008-05-22 17:44 <DIR> d-------- C:\WINDOWS\l2schemas
2008-05-22 17:43 . 2008-05-22 17:43 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-05-22 17:37 . 2004-08-03 22:41 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2008-05-21 18:48 . 2008-04-14 17:40 14,720 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2008-05-21 18:48 . 2001-10-26 19:01 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-05-21 18:48 . 2001-10-26 19:01 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-05-21 12:02 . 2008-05-21 12:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Bluetooth
2008-05-21 12:00 . 2008-05-21 12:00 <DIR> d-------- C:\Program Files\IVT Corporation
2008-05-21 12:00 . 2004-08-17 16:48 91,136 --a------ C:\WINDOWS\system32\drivers\kswdmcap.ax
2008-05-21 12:00 . 2004-08-17 16:48 61,952 --a------ C:\WINDOWS\system32\drivers\kstvtune.ax
2008-05-21 12:00 . 2004-08-17 16:47 54,272 --a------ C:\WINDOWS\system32\drivers\vfwwdm32.dll
2008-05-21 12:00 . 2004-08-17 16:48 43,008 --a------ C:\WINDOWS\system32\drivers\ksxbar.ax
2008-05-21 12:00 . 2004-08-17 16:48 28,672 --a------ C:\WINDOWS\system32\drivers\vidcap.ax
2008-05-21 07:58 . 2008-05-21 07:58 <DIR> d-------- C:\Program Files\Ringtone Media Studio
2008-05-21 07:58 . 2008-05-21 07:58 <DIR> d-------- C:\Program Files\Avanquest update
2008-05-21 07:58 . 2008-05-21 07:58 <DIR> d-------- C:\Documents and Settings\Windows XP\Application Data\InstallShield
2008-05-21 07:58 . 2008-05-21 07:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BVRP Software
2008-05-16 11:58 . 2008-05-16 11:58 12,632 --a------ C:\WINDOWS\system32\lsdelete.exe
2008-05-13 21:04 . 2008-06-30 16:08 <DIR> d-------- C:\Program Files\Translator
2008-05-13 09:54 . 2008-05-17 10:09 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-05-13 09:54 . 2007-10-19 05:19 63,040 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-05-13 09:54 . 2008-05-17 10:09 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-05-13 09:53 . 2008-05-13 09:53 <DIR> dr-h----- C:\Documents and Settings\Windows XP\Application Data\SecuROM
2008-05-13 09:53 . 2008-05-13 09:53 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-05-13 09:41 . 2008-05-13 09:41 <DIR> d-------- C:\Program Files\Electronic Arts
2008-05-09 19:41 . 2008-05-09 20:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-05-08 18:58 . 2008-05-08 18:58 367,578 --a------ C:\WINDOWS\Star Wars Jedi Knight_ Jedi Academy [Honosítás] Eltávolító.exe
2008-05-07 07:12 . 2008-05-07 07:12 1,291,776 -----c--- C:\WINDOWS\system32\dllcache\quartz.dll
2008-05-06 17:44 . 2008-05-06 17:44 <DIR> d-------- C:\WINDOWS\Caps
2008-05-05 21:27 . 2008-05-30 17:29 <DIR> d-------- C:\Program Files\Solo9
2008-05-05 21:27 . 2008-05-05 21:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Solo9
2008-05-04 10:01 . 2008-05-04 10:01 <DIR> d-------- C:\Program Files\ScreenShot2Print
2008-05-03 09:08 . 2008-06-30 14:44 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-05-03 09:08 . 2008-05-03 09:08 <DIR> d-------- C:\Documents and Settings\Windows XP\Application Data\PC Tools
2008-05-03 09:08 . 2007-12-10 13:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-05-03 09:08 . 2007-12-10 13:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-05-03 09:08 . 2008-02-01 11:55 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-05-03 09:08 . 2007-12-10 13:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-05-02 23:11 . 2008-05-02 23:58 <DIR> d-------- C:\Program Files\Google
2008-05-02 22:56 . 2008-06-30 15:12 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-01 22:20 . 2008-05-01 22:20 <DIR> d-------- C:\Program Files\Download Master
2008-05-01 22:20 . 2008-05-02 20:05 <DIR> d-------- C:\Documents and Settings\Windows XP\Application Data\Download Master
2008-05-01 11:39 . 2008-05-01 11:40 <DIR> d-------- C:\Documents and Settings\Windows XP\Application Data\RouterControl

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-28 13:05 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-28 06:12 196,608 ----a-w C:\WINDOWS\system32\drivers\nStandard.bin
2008-06-19 18:11 --------- d-----w C:\Documents and Settings\Windows XP\Application Data\Vso
2008-06-18 19:57 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-06-18 19:57 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-06-14 17:36 272,512 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-05 11:19 --------- d-----w C:\Documents and Settings\Windows XP\Application Data\Winamp
2008-05-31 13:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink
2008-05-21 05:58 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-14 04:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-05-09 20:52 --------- d-----w C:\Program Files\CCleaner
2008-05-08 16:33 --------- d-----w C:\Program Files\LucasArts
2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:12 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-29 09:20 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-04-29 09:19 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys
2008-04-29 09:19 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-14 16:15 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 16:05 332,288 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 16:01 98,816 ----a-w C:\WINDOWS\system32\loadperf.dll
2008-04-14 16:00 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll
2008-04-14 15:43 2,146,816 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 15:43 2,025,472 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 15:42 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-14 15:41 89,600 ----a-w C:\WINDOWS\system32\msxml6r.dll
2008-04-14 15:40 79,360 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-14 15:39 49,152 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-14 15:38 561,664 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-14 15:36 67,072 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-14 15:36 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-14 15:36 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-14 07:02 997,376 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-04-14 07:02 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe
2008-04-14 07:01 424,448 ----a-w C:\WINDOWS\system32\licdll.dll
2008-04-13 18:44 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
2008-04-13 18:43 9,728 ------w C:\WINDOWS\system32\comsdupd.exe
2008-04-13 18:43 12,800 ----a-w C:\WINDOWS\system32\spiisupd.exe
2008-04-13 18:40 469,504 ----a-w C:\WINDOWS\system32\xpob2res.dll
2008-04-13 18:37 2,962,944 ----a-w C:\WINDOWS\system32\xpsp2res.dll
2008-04-13 18:35 195,584 ----a-w C:\WINDOWS\system32\xpsp1res.dll
2008-04-13 18:31 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
2008-04-13 18:30 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
2008-04-13 17:37 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll
2008-04-13 17:37 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll
2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll
2008-04-13 17:21 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
2008-04-13 16:48 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll
2008-04-13 16:45 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
2008-04-13 16:23 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
2008-04-13 15:39 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
2008-04-12 12:38 47,360 ----a-w C:\Documents and Settings\Windows XP\Application Data\pcouffin.sys
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 170,784 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-12 11:10 633,344 ------w C:\WINDOWS\system32\gpprefcl.dll
2008-03-03 12:25 5,702 ---ha-w C:\WINDOWS\nod32restoretemdono.reg
2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
2007-12-17 12:43 27,648 --sh--w C:\WINDOWS\system32\Smab0.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 17:07 1828136]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2008-06-12 13:49 243072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 15:34 868352]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-28 18:43 8466432]
"nwiz"="nwiz.exe" [2007-06-28 18:43 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-28 18:43 81920]
"ASUSGamerOSD"="C:\Program Files\ASUS\GamerOSD\GamerOSD.exe" [2007-07-12 10:03 380928]
"PCMService"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe" [2007-02-09 16:34 159744]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 09:59 570664]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 16:29 2221352]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-03-27 08:35 36352]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-10 15:27 385024]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-03-13 16:48 1443072]
"BigDogPath323VMSnap"="C:\WINDOWS\VMSnap23.exe" [ ]
"BigDogPath323Domino"="C:\WINDOWS\Domino.exe" [2006-06-28 02:54 49152]
"USB Antivirus"="C:\Program Files\USB Disk Security\USBGuard.exe" [2008-06-22 22:46 798720]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-06-18 21:57 185896]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

C:\Documents and Settings\All Users\Start Menu\Programs\Indˇt˘pult\
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2005-09-20 10:28:16 1200128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"msacm.mkdmp3enc"= C:\PROGRA~1\CYBERL~1\POWERC~1\Kernel\Burner\MKDMP3Enc.ACM
"vidc.yv12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
--a------ 2006-12-20 18:53 25365032 C:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\LucasArts\\Star Wars JK II Jedi Outcast\\GameData\\jk2mp.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Loudtalks\\Loudtalks.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImLc.exe"=
"C:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=

R3 3xHybrid;ASUSTek SAA713x PCI Card;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2007-01-25 20:42]
R3 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb.sys [2007-07-12 10:03]
R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys [2007-07-12 10:03]
S3 vmfilter323;323 filter service, Normal;C:\WINDOWS\system32\drivers\vmfilter323.sys [2006-08-08 11:25]
S3 ZSMC326;TD24 USB2.0 PC Camera;C:\WINDOWS\system32\Drivers\usbvm323.sys [2007-01-16 11:37]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{75543975-0117-11dd-83b9-806d6172696f}]
\Shell\AutoRun\command - D:\Setup.exe

*Newly Created Service* - AAWSERVICE
*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-06-17 09:25:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-30 16:44:08
Windows 5.1.2600 Szervizcsomag 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-06-30 16:44:52
ComboFix-quarantined-files.txt 2008-06-30 14:44:38

13 könyvtár 17,994,821,632 bájt szabad
16 könyvtár 18,066,075,648 bájt szabad

261 --- E O F --- 2008-06-20 15:07:09

Igen szergej cimbora ez Vundo fertozes.
Letolteni a combofixet az asztalra tenni.,bezarni mindent,kikapcsolni az Antivirus es a tuzfall vedo pajzat,ha van akor a spybot-tea-timert,SpywareTerminator pajzot es futatod a combofixet
2x-kliknyomod az 1-est>Enter es megvarod a veget,a gep restartolhat es ad combofix.txt.Ted ide.
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Edit/ved ki a kaarantenbol amit nemlehet torolni>kapcsold ki a rendszer viszaalitasat>restart es ugy futasd a combofixet.

Üdv.és vírus mentes napot !

Van egy kis gondom - nem tudom kikapcsolni a gépet , így kezdődött hogy telepitettem volna egy kép konvertert ami egy alkalmazás-féle mert egy jobb klick képfájlra és ki lehet választani milyen formátumba konvertálja .
A letöltött csomagot megvizsgáltam nod security suittel meg antimalwaréwal csomagoltan is kicsomagolva is nem talaltak semmit igy rakat a telepitöjére viszont akkor a nod bejelzett hogy fertőzés és megtisztítva karanténba helyezve , a gépet azouta nem tudom kikapcsolni a mappát se tudom törölni amibe kicsomagolt konvertáló van - hozzáférés le van tiltva

Nincsen mit koszonod:kapcsold ki a automatikus frissitest.
UDV

Nagyon szépen köszönöm a segítségedet és főleg a türelmedet!
Én már így is elégedett vagyok.
KÖSZÖNÖM!

Ugy ahogy irtam mar a lemezed tele van frisitesekel ,mar az SP-3 is ot van de ,itt mast nemlehet teni ,
1:Ha nincsen mas gepre akor,teljes format.
2:felrakni a WIN-98 ast.
3:ha megis xp akor a telepites utan csak az SP-2 felrakni es rogton kikapcsolni az automatikus frissitest,de legalab 256;RAM-ot feltenni.
de Ere a gepre sajnos az XP-nemajanlom.
UDV

Azt írja nem kell töredezetség mentesíteni,de ha mégis elindítom akkor meg azt hogy,legalább 15%kell

Kötet (C:)
Kötetméret = 4,00 GB
Szektorcsoportméret = 4 KB
Felhasznált terület = 3,69 GB
Szabad terület = 320 MB
Szabad terület (százalék) = 7 %

Kötet töredezettsége
Teljes töredezettség = 10 %
Fájl töredezettsége = 17 %
Szabad terület töredezettsége = 3 %

Fájl töredezettsége
Összes fájl = 21 692
Átlagos fájlméret = 161 KB
Összes töredezett fájl = 786
Összes töredékek száma = 3 957
Töredékek átlagos száma fájlonként = 1,18

Lapozófájl töredezettsége
Lapozófájl mérete = 192 MB
Töredékek összesen = 88

Mappa töredezettsége
Mappák száma = 2 497
Töredezett mappák száma = 42
Mappatöredékek száma = 118

--------------------------------------------------------------------------------
Töredékek Fájlméret Leginkább töredezett fájlok
31 1 MB \WINDOWS\WindowsUpdate.log
35 645 KB \WINDOWS\SYSTEM32\WININET.DLL
211 16 MB \WINDOWS\SYSTEM32\CONFIG\SOFTWARE
198 4 MB \WINDOWS\SYSTEM32\CONFIG\SYSTEM
87 1 MB \WINDOWS\SYSTEM32\DLLCACHE\MSOE.DLL
24 4 MB \WINDOWS\SYSTEM32\MsDtc\MSDTC.LOG
25 8 MB \WINDOWS\$HF_MIG$\KB893086\SP2QFE\SHELL32.DLL
38 378 KB \WINDOWS\$HF_MIG$\KB944533\UPDATE\UPDSPAPI.DLL
40 580 KB \WINDOWS\Installer\{9011040E-6000-11D3-8CFE-0150048383C9}\ACCICONS.EXE
107 100 MB \WINDOWS\SoftwareDistribution\Download\89405f2457cf6c850fd3f0f258398241\MAINSP3.CAB
28 378 KB \WINDOWS\SoftwareDistribution\Download\ee84e0fbd33990b2e487009353d05a14\UPDATE\UPDSPAPI.DLL
26 1 MB \WINDOWS\SoftwareDistribution\Download\fe9bc8c23da48e0adb858b1afe915b3d\SP2QFE\DANIM.DLL
35 201 KB \WINDOWS\SoftwareDistribution\Download\fe9bc8c23da48e0adb858b1afe915b3d\SP2QFE\DXTRANS.DLL
30 2 MB \WINDOWS\SoftwareDistribution\Download\9300d3f2afc2b155a2f9fa0b306d687c\SP2QFE\NTKRPAMP.EXE
61 2 MB \WINDOWS\SoftwareDistribution\Download\9300d3f2afc2b155a2f9fa0b306d687c\SP2QFE\WIN32K.SYS
42 2 MB \WINDOWS\SoftwareDistribution\Download\9300d3f2afc2b155a2f9fa0b306d687c\SP2QFE\NTOSKRNL.EXE
37 211 KB \WINDOWS\SoftwareDistribution\Download\5858a1656905c7e600d51754c8f12726\SPUNINST.EXE
37 378 KB \WINDOWS\SoftwareDistribution\Download\5858a1656905c7e600d51754c8f12726\UPDATE\UPDSPAPI.DLL
84 76 MB \WINDOWS\SoftwareDistribution\Download\2272a246fc6ae78f9b7f165aee590615\MAINSP2ff.CAB
33 3 MB \WINDOWS\SoftwareDistribution\Download\d803b43c1ec7cb8095c7c3138d91aa77\SP2QFE\MSHTML.DLL
67 8 MB \WINDOWS\SoftwareDistribution\Download\88e048649c40cea8c6d5429c9d9deefa\SP2QFE\SHELL32.DLL
32 43 MB \WINDOWS\SoftwareDistribution\DataStore\DataStore.edb
292 15 MB \WINDOWS\ERDNT\DSS\SOFTWARE
82 408 KB \Documents and Settings\Viki\Local Settings\Application Data\Microsoft\Windows Live Contacts\pityke-@hotmail.com\SHADOW\contactcoll.cache
92 441 KB \Documents and Settings\Viki\Contacts\pityke-@hotmail.com\contactcoll.cache
80 2 MB \Program Files\Common Files\WindowsLiveInstaller\MsiLogs\I-Windows_Live_Messenger__06182008_22-26.log
64 8 MB \Program Files\ESET\UPDFILES\nod218D.nup
45 5 MB \Program Files\Windows Live\Messenger\MSNMSGR.EXE
68 4 MB \Program Files\Windows Live\Messenger\RTMPLTFM.DLL
34 5 MB \WINKONYV\SZAMLAZO\SZLTOSSZ.DBF
EZ A MÁSODIK

Kötet (C:)
Kötetméret = 4,00 GB
Szektorcsoportméret = 4 KB
Felhasznált terület = 3,68 GB
Szabad terület = 321 MB
Szabad terület (százalék) = 7 %

Kötet töredezettsége
Teljes töredezettség = 10 %
Fájl töredezettsége = 17 %
Szabad terület töredezettsége = 3 %

Fájl töredezettsége
Összes fájl = 21 617
Átlagos fájlméret = 161 KB
Összes töredezett fájl = 774
Összes töredékek száma = 3 940
Töredékek átlagos száma fájlonként = 1,18

Lapozófájl töredezettsége
Lapozófájl mérete = 192 MB
Töredékek összesen = 88

Mappa töredezettsége
Mappák száma = 2 491
Töredezett mappák száma = 42
Mappatöredékek száma = 118

--------------------------------------------------------------------------------
Töredékek Fájlméret Leginkább töredezett fájlok
31 1 MB \WINDOWS\WindowsUpdate.log
35 645 KB \WINDOWS\SYSTEM32\WININET.DLL
211 16 MB \WINDOWS\SYSTEM32\CONFIG\SOFTWARE
198 4 MB \WINDOWS\SYSTEM32\CONFIG\SYSTEM
87 1 MB \WINDOWS\SYSTEM32\DLLCACHE\MSOE.DLL
24 4 MB \WINDOWS\SYSTEM32\MsDtc\MSDTC.LOG
25 8 MB \WINDOWS\$HF_MIG$\KB893086\SP2QFE\SHELL32.DLL
38 378 KB \WINDOWS\$HF_MIG$\KB944533\UPDATE\UPDSPAPI.DLL
40 580 KB \WINDOWS\Installer\{9011040E-6000-11D3-8CFE-0150048383C9}\ACCICONS.EXE
107 100 MB \WINDOWS\SoftwareDistribution\Download\89405f2457cf6c850fd3f0f258398241\MAINSP3.CAB
28 378 KB \WINDOWS\SoftwareDistribution\Download\ee84e0fbd33990b2e487009353d05a14\UPDATE\UPDSPAPI.DLL
26 1 MB \WINDOWS\SoftwareDistribution\Download\fe9bc8c23da48e0adb858b1afe915b3d\SP2QFE\DANIM.DLL
35 201 KB \WINDOWS\SoftwareDistribution\Download\fe9bc8c23da48e0adb858b1afe915b3d\SP2QFE\DXTRANS.DLL
30 2 MB \WINDOWS\SoftwareDistribution\Download\9300d3f2afc2b155a2f9fa0b306d687c\SP2QFE\NTKRPAMP.EXE
61 2 MB \WINDOWS\SoftwareDistribution\Download\9300d3f2afc2b155a2f9fa0b306d687c\SP2QFE\WIN32K.SYS
42 2 MB \WINDOWS\SoftwareDistribution\Download\9300d3f2afc2b155a2f9fa0b306d687c\SP2QFE\NTOSKRNL.EXE
37 211 KB \WINDOWS\SoftwareDistribution\Download\5858a1656905c7e600d51754c8f12726\SPUNINST.EXE
37 378 KB \WINDOWS\SoftwareDistribution\Download\5858a1656905c7e600d51754c8f12726\UPDATE\UPDSPAPI.DLL
84 76 MB \WINDOWS\SoftwareDistribution\Download\2272a246fc6ae78f9b7f165aee590615\MAINSP2ff.CAB
33 3 MB \WINDOWS\SoftwareDistribution\Download\d803b43c1ec7cb8095c7c3138d91aa77\SP2QFE\MSHTML.DLL
67 8 MB \WINDOWS\SoftwareDistribution\Download\88e048649c40cea8c6d5429c9d9deefa\SP2QFE\SHELL32.DLL
32 43 MB \WINDOWS\SoftwareDistribution\DataStore\DataStore.edb
292 15 MB \WINDOWS\ERDNT\DSS\SOFTWARE
82 408 KB \Documents and Settings\Viki\Local Settings\Application Data\Microsoft\Windows Live Contacts\pityke-@hotmail.com\SHADOW\contactcoll.cache
92 441 KB \Documents and Settings\Viki\Contacts\pityke-@hotmail.com\contactcoll.cache
80 2 MB \Program Files\Common Files\WindowsLiveInstaller\MsiLogs\I-Windows_Live_Messenger__06182008_22-26.log
64 8 MB \Program Files\ESET\UPDFILES\nod218D.nup
45 5 MB \Program Files\Windows Live\Messenger\MSNMSGR.EXE
68 4 MB \Program Files\Windows Live\Messenger\RTMPLTFM.DLL
34 5 MB \WINKONYV\SZAMLAZO\SZLTOSSZ.DBF

es miert,gondolod?/
It nemaz a hiba hogy jo gep de az hogy ez a gep nemeleg az XP-re,
1:Kicsi a merev lemez 4GB
2:Kicsi a RAM-128 mb
3:Genge a proci .
Ez ojan Win 95-98 ra jo.De mar vegeztunk is,meg kikel kapcsolnod az automatikus aktualizaciot mert egy ketore tele van a lemezed,eztet amit ez elote irtam mar csak a combofix eltavolitasa es karbantartas.

Azthiszem lassan feladom,mert ebből már nem lesz jó gép soha!!

Ok>start>futatas>masold be inen a futatasba a vastagon irt textet: combofix /u klik ok.
Pucold meg at 2-3x CCleaneral es ATF-Cleaneral:
http://www.atribune.org/ccount/click.php?id=1
pipazd be select all>klik Empty Selected>aztan ha bevegzi>klik>exit



Start >futatas ird be dfrg.msc klik a C:\ lemezre>analyza>..defrag=torezedmenteseg vagy igy valahogy van magyarul
Aztan ird le a gep alopotat es a szabad hejet a lemezen,>megegyszer ird be dfrg.msc es nezd meg a szabad hejet a lemezen.
ez ide van irva.

ComboFix 08-06-20.4 - Viki 2008-06-29 16:59:46.4 - FAT32x86
Running from: C:\Documents and Settings\Viki\Asztal\ComboFix.exe
Command switches used :: C:\Documents and Settings\Viki\Asztal\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
C:\WINDOWS\$hf_mig$ :#:
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Recycled
C:\Recycled\desktop.ini
C:\Recycled\INFO2
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

.
((((((((((((((((((((((((( Files Created from 2008-05-28 to 2008-06-29 )))))))))))))))))))))))))))))))
.

2008-06-29 13:25 . 2008-06-29 13:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-06-29 13:08 . 2008-06-29 13:08 <DIR> d-------- C:\Program Files\Yahoo!
2008-06-29 13:07 . 2008-06-29 13:07 <DIR> d-------- C:\Program Files\CCleaner
2008-06-25 16:33 . 2004-08-17 14:30 1,835,904 --a------ C:\WINDOWS\system32\win32k.sys
2008-06-25 16:33 . 2005-05-10 02:17 332,544 --a------ C:\WINDOWS\system32\drivers\srv.sys
2008-06-25 16:27 . 2004-08-03 21:00 181,248 --a------ C:\WINDOWS\system32\drivers\mrxdav.sys
2008-06-25 16:24 . 2006-01-13 04:28 359,808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-25 16:24 . 2006-07-13 10:48 202,240 --a------ C:\WINDOWS\system32\drivers\RMCast.sys
2008-06-20 12:57 . 2008-06-20 12:57 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-06-19 09:15 . 2005-06-28 09:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-06-19 09:05 . 2008-06-19 09:05 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-06-19 08:32 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-06-19 08:32 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-06-19 08:32 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-06-18 22:24 . 2008-06-18 22:24 <DIR> d--hs---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-06-18 22:23 . 2008-06-18 22:23 <DIR> d-------- C:\Program Files\Windows Live
2008-06-18 22:23 . 2008-06-18 22:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-18 22:05 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-06-18 22:05 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-06-18 22:05 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-06-18 22:05 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-06-18 22:05 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-06-18 22:03 . 2008-06-18 22:03 <DIR> d---s---- C:\Documents and Settings\Viki\UserData
2008-06-18 22:01 . 2008-06-18 22:01 <DIR> d-------- C:\Documents and Settings\Viki\Contacts
2008-06-18 21:45 . 2008-06-18 21:45 <DIR> d-------- C:\WinRAR
2008-06-18 21:40 . 2008-06-18 21:40 <DIR> d-------- C:\WINDOWS\Profiles
2008-06-18 21:40 . 2008-06-18 21:40 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-06-18 21:40 . 2008-06-18 21:40 <DIR> d-------- C:\Documents and Settings\Viki\WINDOWS
2008-06-18 21:40 . 1998-10-29 15:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-06-18 21:30 . 2008-06-18 21:30 <DIR> d-------- C:\WINKONYV
2008-06-18 21:30 . 2008-06-18 21:30 3,373,328 --a------ C:\WINDOWS\system32\VFP6R.DLL
2008-06-18 21:30 . 2008-06-18 21:30 876,032 --a------ C:\WINDOWS\system32\VFP6RENU.DLL
2008-06-18 21:30 . 2008-06-18 21:30 24,990 --a------ C:\WINDOWS\system32\VFP6RUN.EXE
2008-06-18 20:53 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-06-18 20:52 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-06-18 20:52 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-06-18 20:50 . 2008-06-18 20:50 <DIR> d-------- C:\Documents and Settings\Viki\Application Data\ScanSoft
2008-06-18 20:50 . 2008-06-18 20:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-06-18 20:50 . 2008-06-18 20:50 419 --a------ C:\WINDOWS\MAXLINK.INI
2008-06-18 20:49 . 2008-06-18 20:49 <DIR> d-------- C:\Program Files\Common Files\ScanSoft Shared
2008-06-18 20:49 . 2008-06-18 20:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ScanSoft
2008-06-18 20:48 . 2008-06-18 20:48 <DIR> d-------- C:\Program Files\ScanSoft
2008-06-18 20:46 . 2008-06-18 20:46 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-06-18 20:46 . 2008-06-18 20:46 <DIR> d-------- C:\Program Files\ArcSoft
2008-06-18 20:46 . 1995-08-01 04:44 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
2008-06-18 20:45 . 2008-06-18 20:45 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2008-06-18 20:44 . 1998-11-13 13:06 307,712 --a------ C:\WINDOWS\IsUn040e.exe
2008-06-18 20:43 . 2008-06-18 20:43 <DIR> d--h----- C:\Documents and Settings\All Users\Application Data\CanonBJ
2008-06-18 20:43 . 2006-03-26 22:00 161,792 --a------ C:\WINDOWS\system32\CNMLM83.DLL
2008-06-18 20:42 . 2008-06-18 20:42 <DIR> d--h----- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2008-06-18 20:42 . 2008-06-18 20:42 <DIR> d--h----- C:\Program Files\CanonBJ
2008-06-18 20:42 . 2006-03-15 08:27 1,134,592 --a------ C:\WINDOWS\system32\CNCC160.DLL
2008-06-18 20:42 . 2006-03-24 08:29 135,168 --a------ C:\WINDOWS\system32\CNCL160.DLL
2008-06-18 20:42 . 2006-02-17 08:44 106,496 --a------ C:\WINDOWS\system32\cnco160.dll
2008-06-18 20:42 . 2006-03-15 08:27 57,344 --a------ C:\WINDOWS\system32\CNCI160.DLL
2008-06-18 20:41 . 2008-06-18 20:41 <DIR> d-------- C:\Program Files\Canon
2008-06-18 20:35 . 2008-06-18 20:35 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2008-06-18 20:35 . 2008-06-18 20:35 298,104 --a------ C:\WINDOWS\system32\imon.dll
2008-06-18 20:35 . 2008-06-18 20:35 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2008-06-18 20:34 . 2008-06-18 20:35 <DIR> d-------- C:\Program Files\ESET
2008-06-18 20:32 . 2008-06-28 19:09 2,176 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-06-18 20:30 . 2008-06-18 20:30 <DIR> d-------- C:\Program Files\QuickTime
2008-06-18 20:28 . 2008-06-18 20:28 <DIR> d-------- C:\Program Files\Apple Software Update
2008-06-18 20:28 . 2008-06-18 20:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-18 20:10 . 2008-06-18 20:10 98,304 --a------ C:\WINDOWS\system32\qttask.exe
2008-06-18 20:06 . 2008-06-18 20:06 <DIR> d-------- C:\Program Files\ACE Mega CoDecS Pack
2008-06-18 20:06 . 2001-10-31 10:14 1,650,688 --a------ C:\WINDOWS\system32\mplva6.dll
2008-06-18 20:01 . 2003-06-19 01:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-06-18 20:01 . 2008-06-18 20:01 388 --a------ C:\WINDOWS\ODBC.INI
2008-06-18 19:58 . 2008-06-18 19:58 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-06-18 19:55 . 2008-06-18 19:55 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-06-18 19:51 . 2008-06-18 19:51 <DIR> dr-h----- C:\MSOCache
2008-06-18 19:47 . 2008-06-18 19:47 611,064 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-06-18 19:47 . 2008-06-18 19:47 96,256 --a------ C:\WINDOWS\system32\drivers\sptddrv1.sys
2008-06-18 19:46 . 2008-06-18 19:46 <DIR> d-------- C:\WINDOWS\system32\DRVSTORE
2008-06-18 19:39 . 2008-06-18 18:33 <DIR> d--h----- C:\Documents and Settings\Viki\Sablonok
2008-06-18 19:39 . 2008-06-18 19:40 <DIR> dr------- C:\Documents and Settings\Viki\Dokumentumok
2008-06-18 19:39 . 2008-06-18 18:33 <DIR> d-------- C:\Documents and Settings\Viki\Asztal
2008-06-18 19:39 . 2008-06-18 19:39 <DIR> d-------- C:\Documents and Settings\Viki
2008-06-18 19:37 . 2008-06-18 19:37 <DIR> d---s---- C:\WINDOWS\system32\Microsoft
2008-06-18 19:37 . 2008-06-18 19:37 <DIR> d--hs---- C:\Documents and Settings\LocalService
2008-06-18 19:36 . 2008-06-18 19:36 <DIR> d--hs---- C:\Documents and Settings\NetworkService
2008-06-18 19:36 . 2008-06-18 19:36 8,192 --a------ C:\WINDOWS\REGLOCS.OLD
2008-06-18 19:34 . 2008-06-18 18:33 <DIR> d--h----- C:\WINDOWS\system32\config\systemprofile\Sablonok
2008-06-18 19:34 . 2008-06-18 18:33 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Dokumentumok
2008-06-18 19:34 . 2008-06-18 18:33 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Asztal
2008-06-18 19:34 . 2001-10-26 14:00 28,288 --a------ C:\WINDOWS\system32\dllcache\xjis.nls
2008-06-18 19:32 . 2004-08-03 22:32 571,392 --a------ C:\WINDOWS\system32\dllcache\tintlgnt.ime
2008-06-18 19:31 . 2004-08-17 16:47 188,416 --a------ C:\WINDOWS\system32\dllcache\snmpsmir.dll
2008-06-18 19:30 . 2004-08-17 16:47 465,408 --a------ C:\WINDOWS\system32\dllcache\smtpsvc.dll
2008-06-18 19:29 . 2004-08-17 16:47 221,696 --a------ C:\WINDOWS\system32\dllcache\seo.dll
2008-06-18 19:28 . 2001-10-26 14:00 131,584 --a------ C:\WINDOWS\system32\dllcache\pmxviceo.dll
2008-06-18 19:27 . 2004-08-03 22:31 482,304 --a------ C:\WINDOWS\system32\dllcache\pintlgnt.ime
2008-06-18 19:26 . 2001-10-26 14:00 1,875,968 --a------ C:\WINDOWS\system32\dllcache\msir3jp.lex
2008-06-18 19:26 . 2001-10-26 14:00 229,439 --a------ C:\WINDOWS\system32\dllcache\multibox.dll
2008-06-18 19:26 . 2001-10-26 14:00 111,104 --a------ C:\WINDOWS\system32\dllcache\mtstocom.exe
2008-06-18 19:26 . 2001-10-26 14:00 98,304 --a------ C:\WINDOWS\system32\dllcache\msir3jp.dll
2008-06-18 19:26 . 2001-10-26 14:00 92,416 --a------ C:\WINDOWS\system32\dllcache\mga.sys
2008-06-18 19:26 . 2004-08-17 16:48 40,960 --a------ C:\WINDOWS\system32\dllcache\msiregmv.exe
2008-06-18 19:26 . 2004-08-17 16:48 7,680 --a------ C:\WINDOWS\system32\dllcache\migregdb.exe
2008-06-18 19:24 . 2001-10-26 14:00 9,216 --a------ C:\WINDOWS\system32\dllcache\kbdnecat.dll
2008-06-18 19:23 . 2001-10-26 14:00 7,168 --a------ C:\WINDOWS\system32\dllcache\kbdibm02.dll
2008-06-18 19:22 . 2001-10-26 14:00 471,102 --a------ C:\WINDOWS\system32\dllcache\imskdic.dll
2008-06-18 19:21 . 2004-08-03 22:31 811,064 --a------ C:\WINDOWS\system32\dllcache\imjp81k.dll
2008-06-18 19:20 . 2001-10-26 14:00 13,463,552 --a------ C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-06-18 19:19 . 2004-08-17 16:46 562,688 --a------ C:\WINDOWS\system32\dllcache\fxsst.dll
2008-06-18 19:18 . 2003-03-24 15:52 618,605 --a------ C:\WINDOWS\system32\dllcache\fp4autl.dll
2008-06-18 19:17 . 2001-10-26 14:00 514,587 --a------ C:\WINDOWS\system32\dllcache\edb500.dll
2008-06-18 19:17 . 2004-08-17 16:46 105,984 --a------ C:\WINDOWS\system32\dllcache\evntagnt.dll
2008-06-18 19:17 . 2004-08-17 16:47 93,184 --a------ C:\WINDOWS\system32\dllcache\evntwin.exe
2008-06-18 19:17 . 2004-08-03 23:04 78,848 --a------ C:\WINDOWS\system32\dllcache\dayi.ime
2008-06-18 19:17 . 2001-10-26 14:00 57,856 --a------ C:\WINDOWS\system32\dllcache\esuimgd.dll
2008-06-18 19:17 . 2001-10-26 14:00 45,056 --a------ C:\WINDOWS\system32\dllcache\esunid.dll
2008-06-18 19:17 . 2004-08-17 16:47 42,496 --a------ C:\WINDOWS\system32\dllcache\davcdata.exe
2008-06-18 19:17 . 2001-10-26 14:00 31,744 --a------ C:\WINDOWS\system32\dllcache\esucmd.dll
2008-06-18 19:17 . 2001-10-26 14:00 25,856 --a------ C:\WINDOWS\system32\dllcache\et4000.sys
2008-06-18 19:17 . 2004-08-17 16:47 25,600 --a------ C:\WINDOWS\system32\dllcache\evntcmd.exe
2008-06-18 19:17 . 2004-08-17 16:46 14,336 --a------ C:\WINDOWS\system32\dllcache\exstrace.dll
2008-06-18 19:15 . 2001-10-26 14:00 218,112 --a------ C:\WINDOWS\system32\dllcache\c_g18030.dll
2008-06-18 19:14 . 2001-10-26 14:00 180,770 --a------ C:\WINDOWS\system32\dllcache\c_20932.nls
2008-06-18 19:13 . 2001-10-26 14:00 189,986 --a------ C:\WINDOWS\system32\dllcache\c_1361.nls
2008-06-18 19:12 . 2001-10-26 14:00 195,618 --a------ C:\WINDOWS\system32\dllcache\c_10002.nls
2008-06-18 19:11 . 2004-08-17 16:46 374,272 --a------ C:\WINDOWS\system32\dllcache\asp51.dll
2008-06-18 19:10 . 2004-08-17 16:47 2,134,528 --a------ C:\WINDOWS\system32\dllcache\smtpsnap.dll
2008-06-18 19:09 . 2004-05-13 00:39 876,653 --a------ C:\WINDOWS\system32\dllcache\fp4awel.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

------- Sigcheck -------

2006-01-13 04:28 359808 583e063fdc888ca30d05c2724b0d7ef4 C:\WINDOWS\system32\drivers\tcpip.sys
2006-01-13 04:28 359808 583e063fdc888ca30d05c2724b0d7ef4 C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-30 19:20 360064 90caff4b094573449a0872a0f919b178 C:\WINDOWS\SoftwareDistribution\Download\eac34254774a9e877243468ee92db35a\sp2gdr\tcpip.sys
2007-10-30 18:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\SoftwareDistribution\Download\eac34254774a9e877243468ee92db35a\sp2qfe\tcpip.sys
2006-04-20 13:51 359808 1dbf125862891817f374f407626967f4 C:\WINDOWS\SoftwareDistribution\Download\bf321c8a4c6e6cd9a581d14f8b22c9e2\sp2gdr\tcpip.sys
2006-04-20 14:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:\WINDOWS\SoftwareDistribution\Download\bf321c8a4c6e6cd9a581d14f8b22c9e2\sp2qfe\tcpip.sys
.
((((((((((((((((((((((((((((( snapshot@2008-06-29_13.58.13,05 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-29 08:38:42 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-29 15:10:58 2,048 --s-a-w C:\WINDOWS\bootstat.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 14:47 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54 282624]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-06-18 20:35 949376]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-30 00:14 155648]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 13:19 69632]
"combofix"="C:\WINDOWS\system32\CF5918.exe" [2004-08-17 14:47 393216]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 14:47 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.iac2"= C:\PROGRA~1\ACEMEG~1\SystemS\Intel\iac25_32.ax
"msacm.sl_anet"= C:\PROGRA~1\ACEMEG~1\SystemS\sl_anet.acm
"vidc.yv12"= C:\PROGRA~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL
"vidc.divx"= C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivX520.dll
"vidc.iyuv"= C:\PROGRA~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll
"vidc.yvu9"= C:\PROGRA~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll
"vidc.uyvy"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
"vidc.yuy2"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
"vidc.yvyu"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
"msacm.msaudio1"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msaud32.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R3 ES1370;Creative AudioPCI (ES1370), SB PCI 64/128 (WDM);C:\WINDOWS\system32\drivers\ES1370MP.sys [2001-08-17 20:19]
R3 S3SAVAGE4M;S3SAVAGE4M;C:\WINDOWS\system32\DRIVERS\s3sav4m.sys [2001-08-17 20:50]

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-29 17:13:30
Windows 5.1.2600 Szervizcsomag 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\Eset\pr_imon.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2008-06-29 17:20:56 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-29 15:20:44
ComboFix3.txt 2008-06-29 11:59:06
ComboFix2.txt 2008-06-29 13:19:32

7 könyvtár 229,752,832 bájt szabad
9 k”nyvt r 224,174,080 b jt szabad

222 --- E O F --- 2008-06-28 17:37:28

Nem találom

A szysztem visszaállítást nemtudom hogy,kell megcsinálni

Akor most kapcsold ki a szysztem viszaalitasat:
Start>jobklik sajat gep>tulajdonsag>FULl>szysztem viszaalitas>bepipazod>ok>hasznalni.
Restart.
Utana ujbol csinalj CFScript.txt>ugy ahogy az elob csinaltad de evel a piros textel:

Az eredmenyt ted ide.

ComboFix 08-06-20.4 - Viki 2008-06-29 14:56:44.3 - FAT32x86
Running from: C:\Documents and Settings\Viki\Asztal\ComboFix.exe
Command switches used :: C:\Documents and Settings\Viki\Asztal\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\sqmdata00.sqm
C:\sqmdata01.sqm
C:\sqmdata02.sqm
C:\sqmnoopt00.sqm
C:\sqmnoopt01.sqm
C:\sqmnoopt02.sqm
C:\WINDOWS\QTFont.for
C:\WINDOWS\QTFont.qfn
C:\WINDOWS\$hf_mig$ :#:
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Deckard
C:\sqmdata00.sqm
C:\sqmdata01.sqm
C:\sqmdata02.sqm
C:\sqmnoopt00.sqm
C:\sqmnoopt01.sqm
C:\sqmnoopt02.sqm
C:\WINDOWS\QTFont.for
C:\WINDOWS\QTFont.qfn

.
((((((((((((((((((((((((( Files Created from 2008-05-28 to 2008-06-29 )))))))))))))))))))))))))))))))
.

2008-06-29 13:25 . 2008-06-29 13:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-06-29 13:08 . 2008-06-29 13:08 <DIR> d-------- C:\Program Files\Yahoo!
2008-06-29 13:07 . 2008-06-29 13:07 <DIR> d-------- C:\Program Files\CCleaner
2008-06-25 16:33 . 2004-08-17 14:30 1,835,904 --a------ C:\WINDOWS\system32\win32k.sys
2008-06-25 16:33 . 2005-05-10 02:17 332,544 --a------ C:\WINDOWS\system32\drivers\srv.sys
2008-06-25 16:27 . 2004-08-03 21:00 181,248 --a------ C:\WINDOWS\system32\drivers\mrxdav.sys
2008-06-25 16:24 . 2006-01-13 04:28 359,808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-25 16:24 . 2006-07-13 10:48 202,240 --a------ C:\WINDOWS\system32\drivers\RMCast.sys
2008-06-20 12:57 . 2008-06-20 12:57 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-06-19 09:15 . 2005-06-28 09:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-06-19 09:05 . 2008-06-19 09:05 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-06-19 08:32 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-06-19 08:32 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-06-19 08:32 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-06-18 22:24 . 2008-06-18 22:24 <DIR> d--hs---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-06-18 22:23 . 2008-06-18 22:23 <DIR> d-------- C:\Program Files\Windows Live
2008-06-18 22:23 . 2008-06-18 22:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-18 22:05 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-06-18 22:05 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-06-18 22:05 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-06-18 22:05 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-06-18 22:05 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-06-18 22:03 . 2008-06-18 22:03 <DIR> d---s---- C:\Documents and Settings\Viki\UserData
2008-06-18 22:01 . 2008-06-18 22:01 <DIR> d-------- C:\Documents and Settings\Viki\Contacts
2008-06-18 21:45 . 2008-06-18 21:45 <DIR> d-------- C:\WinRAR
2008-06-18 21:40 . 2008-06-18 21:40 <DIR> d-------- C:\WINDOWS\Profiles
2008-06-18 21:40 . 2008-06-18 21:40 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-06-18 21:40 . 2008-06-18 21:40 <DIR> d-------- C:\Documents and Settings\Viki\WINDOWS
2008-06-18 21:40 . 1998-10-29 15:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-06-18 21:38 . 2008-06-18 21:38 <DIR> d--hs---- C:\Recycled
2008-06-18 21:30 . 2008-06-18 21:30 <DIR> d-------- C:\WINKONYV
2008-06-18 21:30 . 2008-06-18 21:30 3,373,328 --a------ C:\WINDOWS\system32\VFP6R.DLL
2008-06-18 21:30 . 2008-06-18 21:30 876,032 --a------ C:\WINDOWS\system32\VFP6RENU.DLL
2008-06-18 21:30 . 2008-06-18 21:30 24,990 --a------ C:\WINDOWS\system32\VFP6RUN.EXE
2008-06-18 20:53 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-06-18 20:52 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-06-18 20:52 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-06-18 20:50 . 2008-06-18 20:50 <DIR> d-------- C:\Documents and Settings\Viki\Application Data\ScanSoft
2008-06-18 20:50 . 2008-06-18 20:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-06-18 20:50 . 2008-06-18 20:50 419 --a------ C:\WINDOWS\MAXLINK.INI
2008-06-18 20:49 . 2008-06-18 20:49 <DIR> d-------- C:\Program Files\Common Files\ScanSoft Shared
2008-06-18 20:49 . 2008-06-18 20:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ScanSoft
2008-06-18 20:48 . 2008-06-18 20:48 <DIR> d-------- C:\Program Files\ScanSoft
2008-06-18 20:46 . 2008-06-18 20:46 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-06-18 20:46 . 2008-06-18 20:46 <DIR> d-------- C:\Program Files\ArcSoft
2008-06-18 20:46 . 1995-08-01 04:44 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
2008-06-18 20:45 . 2008-06-18 20:45 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2008-06-18 20:44 . 1998-11-13 13:06 307,712 --a------ C:\WINDOWS\IsUn040e.exe
2008-06-18 20:43 . 2008-06-18 20:43 <DIR> d--h----- C:\Documents and Settings\All Users\Application Data\CanonBJ
2008-06-18 20:43 . 2006-03-26 22:00 161,792 --a------ C:\WINDOWS\system32\CNMLM83.DLL
2008-06-18 20:42 . 2008-06-18 20:42 <DIR> d--h----- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2008-06-18 20:42 . 2008-06-18 20:42 <DIR> d--h----- C:\Program Files\CanonBJ
2008-06-18 20:42 . 2006-03-15 08:27 1,134,592 --a------ C:\WINDOWS\system32\CNCC160.DLL
2008-06-18 20:42 . 2006-03-24 08:29 135,168 --a------ C:\WINDOWS\system32\CNCL160.DLL
2008-06-18 20:42 . 2006-02-17 08:44 106,496 --a------ C:\WINDOWS\system32\cnco160.dll
2008-06-18 20:42 . 2006-03-15 08:27 57,344 --a------ C:\WINDOWS\system32\CNCI160.DLL
2008-06-18 20:41 . 2008-06-18 20:41 <DIR> d-------- C:\Program Files\Canon
2008-06-18 20:35 . 2008-06-18 20:35 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2008-06-18 20:35 . 2008-06-18 20:35 298,104 --a------ C:\WINDOWS\system32\imon.dll
2008-06-18 20:35 . 2008-06-18 20:35 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2008-06-18 20:34 . 2008-06-18 20:35 <DIR> d-------- C:\Program Files\ESET
2008-06-18 20:32 . 2008-06-28 19:09 2,176 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-06-18 20:30 . 2008-06-18 20:30 <DIR> d-------- C:\Program Files\QuickTime
2008-06-18 20:28 . 2008-06-18 20:28 <DIR> d-------- C:\Program Files\Apple Software Update
2008-06-18 20:28 . 2008-06-18 20:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-18 20:10 . 2008-06-18 20:10 98,304 --a------ C:\WINDOWS\system32\qttask.exe
2008-06-18 20:06 . 2008-06-18 20:06 <DIR> d-------- C:\Program Files\ACE Mega CoDecS Pack
2008-06-18 20:06 . 2001-10-31 10:14 1,650,688 --a------ C:\WINDOWS\system32\mplva6.dll
2008-06-18 20:01 . 2003-06-19 01:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-06-18 20:01 . 2008-06-18 20:01 388 --a------ C:\WINDOWS\ODBC.INI
2008-06-18 19:58 . 2008-06-18 19:58 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-06-18 19:55 . 2008-06-18 19:55 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-06-18 19:51 . 2008-06-18 19:51 <DIR> dr-h----- C:\MSOCache
2008-06-18 19:47 . 2008-06-18 19:47 611,064 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-06-18 19:47 . 2008-06-18 19:47 96,256 --a------ C:\WINDOWS\system32\drivers\sptddrv1.sys
2008-06-18 19:46 . 2008-06-18 19:46 <DIR> d-------- C:\WINDOWS\system32\DRVSTORE
2008-06-18 19:39 . 2008-06-18 18:33 <DIR> d--h----- C:\Documents and Settings\Viki\Sablonok
2008-06-18 19:39 . 2008-06-18 19:40 <DIR> dr------- C:\Documents and Settings\Viki\Dokumentumok
2008-06-18 19:39 . 2008-06-18 18:33 <DIR> d-------- C:\Documents and Settings\Viki\Asztal
2008-06-18 19:39 . 2008-06-18 19:39 <DIR> d-------- C:\Documents and Settings\Viki
2008-06-18 19:37 . 2008-06-18 19:37 <DIR> d---s---- C:\WINDOWS\system32\Microsoft
2008-06-18 19:37 . 2008-06-18 19:37 <DIR> d--hs---- C:\Documents and Settings\LocalService
2008-06-18 19:36 . 2008-06-18 19:36 <DIR> d--hs---- C:\Documents and Settings\NetworkService
2008-06-18 19:36 . 2008-06-18 19:36 8,192 --a------ C:\WINDOWS\REGLOCS.OLD
2008-06-18 19:34 . 2008-06-18 18:33 <DIR> d--h----- C:\WINDOWS\system32\config\systemprofile\Sablonok
2008-06-18 19:34 . 2008-06-18 18:33 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Dokumentumok
2008-06-18 19:34 . 2008-06-18 18:33 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Asztal
2008-06-18 19:34 . 2001-10-26 14:00 28,288 --a------ C:\WINDOWS\system32\dllcache\xjis.nls
2008-06-18 19:32 . 2004-08-03 22:32 571,392 --a------ C:\WINDOWS\system32\dllcache\tintlgnt.ime
2008-06-18 19:31 . 2004-08-17 16:47 188,416 --a------ C:\WINDOWS\system32\dllcache\snmpsmir.dll
2008-06-18 19:30 . 2004-08-17 16:47 465,408 --a------ C:\WINDOWS\system32\dllcache\smtpsvc.dll
2008-06-18 19:29 . 2004-08-17 16:47 221,696 --a------ C:\WINDOWS\system32\dllcache\seo.dll
2008-06-18 19:28 . 2001-10-26 14:00 131,584 --a------ C:\WINDOWS\system32\dllcache\pmxviceo.dll
2008-06-18 19:27 . 2004-08-03 22:31 482,304 --a------ C:\WINDOWS\system32\dllcache\pintlgnt.ime
2008-06-18 19:26 . 2001-10-26 14:00 1,875,968 --a------ C:\WINDOWS\system32\dllcache\msir3jp.lex
2008-06-18 19:26 . 2001-10-26 14:00 229,439 --a------ C:\WINDOWS\system32\dllcache\multibox.dll
2008-06-18 19:26 . 2001-10-26 14:00 111,104 --a------ C:\WINDOWS\system32\dllcache\mtstocom.exe
2008-06-18 19:26 . 2001-10-26 14:00 98,304 --a------ C:\WINDOWS\system32\dllcache\msir3jp.dll
2008-06-18 19:26 . 2001-10-26 14:00 92,416 --a------ C:\WINDOWS\system32\dllcache\mga.sys
2008-06-18 19:26 . 2004-08-17 16:48 40,960 --a------ C:\WINDOWS\system32\dllcache\msiregmv.exe
2008-06-18 19:26 . 2004-08-17 16:48 7,680 --a------ C:\WINDOWS\system32\dllcache\migregdb.exe
2008-06-18 19:24 . 2001-10-26 14:00 9,216 --a------ C:\WINDOWS\system32\dllcache\kbdnecat.dll
2008-06-18 19:23 . 2001-10-26 14:00 7,168 --a------ C:\WINDOWS\system32\dllcache\kbdibm02.dll
2008-06-18 19:22 . 2001-10-26 14:00 471,102 --a------ C:\WINDOWS\system32\dllcache\imskdic.dll
2008-06-18 19:21 . 2004-08-03 22:31 811,064 --a------ C:\WINDOWS\system32\dllcache\imjp81k.dll
2008-06-18 19:20 . 2001-10-26 14:00 13,463,552 --a------ C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-06-18 19:19 . 2004-08-17 16:46 562,688 --a------ C:\WINDOWS\system32\dllcache\fxsst.dll
2008-06-18 19:18 . 2003-03-24 15:52 618,605 --a------ C:\WINDOWS\system32\dllcache\fp4autl.dll
2008-06-18 19:17 . 2001-10-26 14:00 514,587 --a------ C:\WINDOWS\system32\dllcache\edb500.dll
2008-06-18 19:17 . 2004-08-17 16:46 105,984 --a------ C:\WINDOWS\system32\dllcache\evntagnt.dll
2008-06-18 19:17 . 2004-08-17 16:47 93,184 --a------ C:\WINDOWS\system32\dllcache\evntwin.exe
2008-06-18 19:17 . 2004-08-03 23:04 78,848 --a------ C:\WINDOWS\system32\dllcache\dayi.ime
2008-06-18 19:17 . 2001-10-26 14:00 57,856 --a------ C:\WINDOWS\system32\dllcache\esuimgd.dll
2008-06-18 19:17 . 2001-10-26 14:00 45,056 --a------ C:\WINDOWS\system32\dllcache\esunid.dll
2008-06-18 19:17 . 2004-08-17 16:47 42,496 --a------ C:\WINDOWS\system32\dllcache\davcdata.exe
2008-06-18 19:17 . 2001-10-26 14:00 31,744 --a------ C:\WINDOWS\system32\dllcache\esucmd.dll
2008-06-18 19:17 . 2001-10-26 14:00 25,856 --a------ C:\WINDOWS\system32\dllcache\et4000.sys
2008-06-18 19:17 . 2004-08-17 16:47 25,600 --a------ C:\WINDOWS\system32\dllcache\evntcmd.exe
2008-06-18 19:17 . 2004-08-17 16:46 14,336 --a------ C:\WINDOWS\system32\dllcache\exstrace.dll
2008-06-18 19:15 . 2001-10-26 14:00 218,112 --a------ C:\WINDOWS\system32\dllcache\c_g18030.dll
2008-06-18 19:14 . 2001-10-26 14:00 180,770 --a------ C:\WINDOWS\system32\dllcache\c_20932.nls
2008-06-18 19:13 . 2001-10-26 14:00 189,986 --a------ C:\WINDOWS\system32\dllcache\c_1361.nls
2008-06-18 19:12 . 2001-10-26 14:00 195,618 --a------ C:\WINDOWS\system32\dllcache\c_10002.nls
2008-06-18 19:11 . 2004-08-17 16:46 374,272 --a------ C:\WINDOWS\system32\dllcache\asp51.dll
2008-06-18 19:10 . 2004-08-17 16:47 2,134,528 --a------ C:\WINDOWS\system32\dllcache\smtpsnap.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of C:\Recycled ----

2008-06-29 13:59 65 ---hs---- C:\Recycled\desktop.ini
2008-06-29 13:59 20 --ah----- C:\Recycled\INFO2


------- Sigcheck -------

2006-01-13 04:28 359808 583e063fdc888ca30d05c2724b0d7ef4 C:\WINDOWS\system32\drivers\tcpip.sys
2006-01-13 04:28 359808 583e063fdc888ca30d05c2724b0d7ef4 C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-30 19:20 360064 90caff4b094573449a0872a0f919b178 C:\WINDOWS\SoftwareDistribution\Download\eac34254774a9e877243468ee92db35a\sp2gdr\tcpip.sys
2007-10-30 18:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\SoftwareDistribution\Download\eac34254774a9e877243468ee92db35a\sp2qfe\tcpip.sys
2006-04-20 13:51 359808 1dbf125862891817f374f407626967f4 C:\WINDOWS\SoftwareDistribution\Download\bf321c8a4c6e6cd9a581d14f8b22c9e2\sp2gdr\tcpip.sys
2006-04-20 14:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:\WINDOWS\SoftwareDistribution\Download\bf321c8a4c6e6cd9a581d14f8b22c9e2\sp2qfe\tcpip.sys
.
((((((((((((((((((((((((((((( snapshot@2008-06-29_13.58.13,05 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-29 08:38:42 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-29 13:08:16 2,048 --s-a-w C:\WINDOWS\bootstat.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 14:47 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54 282624]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-06-18 20:35 949376]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-30 00:14 155648]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 13:19 69632]
"combofix"="C:\WINDOWS\system32\CF14537.exe" [2004-08-17 14:47 393216]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 14:47 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.iac2"= C:\PROGRA~1\ACEMEG~1\SystemS\Intel\iac25_32.ax
"msacm.sl_anet"= C:\PROGRA~1\ACEMEG~1\SystemS\sl_anet.acm
"vidc.yv12"= C:\PROGRA~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL
"vidc.divx"= C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivX520.dll
"vidc.iyuv"= C:\PROGRA~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll
"vidc.yvu9"= C:\PROGRA~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll
"vidc.uyvy"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
"vidc.yuy2"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
"vidc.yvyu"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
"msacm.msaudio1"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msaud32.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R3 ES1370;Creative AudioPCI (ES1370), SB PCI 64/128 (WDM);C:\WINDOWS\system32\drivers\ES1370MP.sys [2001-08-17 20:19]
R3 S3SAVAGE4M;S3SAVAGE4M;C:\WINDOWS\system32\DRIVERS\s3sav4m.sys [2001-08-17 20:50]

.
Contents of the 'Scheduled Tasks' folder
"2008-06-18 18:29:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-29 15:10:38
Windows 5.1.2600 Szervizcsomag 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\Eset\pr_imon.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Eset\nod32krn.exe
.
**************************************************************************
.
Completion time: 2008-06-29 15:19:18 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-29 13:18:54
ComboFix2.txt 2008-06-29 11:59:06

8 könyvtár 218,406,912 bájt szabad
10 k”nyvt r 257,589,248 b jt szabad

241 --- E O F --- 2008-06-28 17:37:28

Kinyitod a Notepadot>Start>futatas>beirod notepad
Es bekopirozod a piros textet

Mostan>a notepadon elso full>ballfelsosarokban>4-sor>lementenni mint....
A txt-hejet beteszed eztett>CFScript.txt<alatta bealitod >minden mapak<
legfelull>asztall i<klik gomb letenni.Es mostan megcsinalod eztett:

A combofix maga elindul es lehet hogy restartol es befejezi a scent.Amit majd ad ted ide es ird ide .

ComboFix 08-06-20.4 - Viki 2008-06-29 13:53:04.2 - FAT32x86
Running from: C:\Documents and Settings\Viki\Asztal\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-05-28 to 2008-06-29 )))))))))))))))))))))))))))))))
.

2008-06-29 13:25 . 2008-06-29 13:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-06-29 13:08 . 2008-06-29 13:08 <DIR> d-------- C:\Program Files\Yahoo!
2008-06-29 13:07 . 2008-06-29 13:07 <DIR> d-------- C:\Program Files\CCleaner
2008-06-29 11:12 . 2008-06-29 11:12 <DIR> d-------- C:\Deckard
2008-06-25 16:33 . 2004-08-17 14:30 1,835,904 --a------ C:\WINDOWS\system32\win32k.sys
2008-06-25 16:33 . 2005-05-10 02:17 332,544 --a------ C:\WINDOWS\system32\drivers\srv.sys
2008-06-25 16:27 . 2004-08-03 21:00 181,248 --a------ C:\WINDOWS\system32\drivers\mrxdav.sys
2008-06-25 16:24 . 2006-01-13 04:28 359,808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-25 16:24 . 2006-07-13 10:48 202,240 --a------ C:\WINDOWS\system32\drivers\RMCast.sys
2008-06-20 12:57 . 2008-06-20 12:57 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-06-19 09:15 . 2005-06-28 09:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-06-19 09:05 . 2008-06-19 09:05 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-06-19 08:32 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-06-19 08:32 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-06-19 08:32 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-06-18 22:24 . 2008-06-18 22:24 <DIR> d--hs---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-06-18 22:23 . 2008-06-18 22:23 <DIR> d-------- C:\Program Files\Windows Live
2008-06-18 22:23 . 2008-06-18 22:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-18 22:20 . 2008-06-18 22:20 268 --ah----- C:\sqmdata02.sqm
2008-06-18 22:20 . 2008-06-18 22:20 244 --ah----- C:\sqmnoopt02.sqm
2008-06-18 22:05 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-06-18 22:05 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-06-18 22:05 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-06-18 22:05 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-06-18 22:05 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-06-18 22:03 . 2008-06-18 22:03 <DIR> d---s---- C:\Documents and Settings\Viki\UserData
2008-06-18 22:01 . 2008-06-18 22:01 <DIR> d-------- C:\Documents and Settings\Viki\Contacts
2008-06-18 22:01 . 2008-06-18 22:01 268 --ah----- C:\sqmdata01.sqm
2008-06-18 22:01 . 2008-06-18 22:01 244 --ah----- C:\sqmnoopt01.sqm
2008-06-18 21:45 . 2008-06-18 21:45 <DIR> d-------- C:\WinRAR
2008-06-18 21:40 . 2008-06-18 21:40 <DIR> d-------- C:\WINDOWS\Profiles
2008-06-18 21:40 . 2008-06-18 21:40 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-06-18 21:40 . 2008-06-18 21:40 <DIR> d-------- C:\Documents and Settings\Viki\WINDOWS
2008-06-18 21:40 . 1998-10-29 15:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-06-18 21:38 . 2008-06-18 21:38 <DIR> d--hs---- C:\Recycled
2008-06-18 21:30 . 2008-06-18 21:30 <DIR> d-------- C:\WINKONYV
2008-06-18 21:30 . 2008-06-18 21:30 3,373,328 --a------ C:\WINDOWS\system32\VFP6R.DLL
2008-06-18 21:30 . 2008-06-18 21:30 876,032 --a------ C:\WINDOWS\system32\VFP6RENU.DLL
2008-06-18 21:30 . 2008-06-18 21:30 24,990 --a------ C:\WINDOWS\system32\VFP6RUN.EXE
2008-06-18 20:53 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-06-18 20:52 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-06-18 20:52 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-06-18 20:50 . 2008-06-18 20:50 <DIR> d-------- C:\Documents and Settings\Viki\Application Data\ScanSoft
2008-06-18 20:50 . 2008-06-18 20:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-06-18 20:50 . 2008-06-18 20:50 419 --a------ C:\WINDOWS\MAXLINK.INI
2008-06-18 20:49 . 2008-06-18 20:49 <DIR> d-------- C:\Program Files\Common Files\ScanSoft Shared
2008-06-18 20:49 . 2008-06-18 20:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ScanSoft
2008-06-18 20:48 . 2008-06-18 20:48 <DIR> d-------- C:\Program Files\ScanSoft
2008-06-18 20:46 . 2008-06-18 20:46 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-06-18 20:46 . 2008-06-18 20:46 <DIR> d-------- C:\Program Files\ArcSoft
2008-06-18 20:46 . 1995-08-01 04:44 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
2008-06-18 20:45 . 2008-06-18 20:45 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2008-06-18 20:44 . 1998-11-13 13:06 307,712 --a------ C:\WINDOWS\IsUn040e.exe
2008-06-18 20:43 . 2008-06-18 20:43 <DIR> d--h----- C:\Documents and Settings\All Users\Application Data\CanonBJ
2008-06-18 20:43 . 2006-03-26 22:00 161,792 --a------ C:\WINDOWS\system32\CNMLM83.DLL
2008-06-18 20:42 . 2008-06-18 20:42 <DIR> d--h----- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2008-06-18 20:42 . 2008-06-18 20:42 <DIR> d--h----- C:\Program Files\CanonBJ
2008-06-18 20:42 . 2006-03-15 08:27 1,134,592 --a------ C:\WINDOWS\system32\CNCC160.DLL
2008-06-18 20:42 . 2006-03-24 08:29 135,168 --a------ C:\WINDOWS\system32\CNCL160.DLL
2008-06-18 20:42 . 2006-02-17 08:44 106,496 --a------ C:\WINDOWS\system32\cnco160.dll
2008-06-18 20:42 . 2006-03-15 08:27 57,344 --a------ C:\WINDOWS\system32\CNCI160.DLL
2008-06-18 20:41 . 2008-06-18 20:41 <DIR> d-------- C:\Program Files\Canon
2008-06-18 20:35 . 2008-06-18 20:35 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2008-06-18 20:35 . 2008-06-18 20:35 298,104 --a------ C:\WINDOWS\system32\imon.dll
2008-06-18 20:35 . 2008-06-18 20:35 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2008-06-18 20:34 . 2008-06-18 20:35 <DIR> d-------- C:\Program Files\ESET
2008-06-18 20:32 . 2008-06-28 19:07 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-18 20:32 . 2008-06-28 19:09 2,176 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-06-18 20:32 . 2008-06-18 20:32 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-18 20:30 . 2008-06-18 20:30 <DIR> d-------- C:\Program Files\QuickTime
2008-06-18 20:28 . 2008-06-18 20:28 <DIR> d-------- C:\Program Files\Apple Software Update
2008-06-18 20:28 . 2008-06-18 20:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-18 20:10 . 2008-06-18 20:10 98,304 --a------ C:\WINDOWS\system32\qttask.exe
2008-06-18 20:06 . 2008-06-18 20:06 <DIR> d-------- C:\Program Files\ACE Mega CoDecS Pack
2008-06-18 20:06 . 2001-10-31 10:14 1,650,688 --a------ C:\WINDOWS\system32\mplva6.dll
2008-06-18 20:01 . 2003-06-19 01:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-06-18 20:01 . 2008-06-18 20:01 388 --a------ C:\WINDOWS\ODBC.INI
2008-06-18 19:58 . 2008-06-18 19:58 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-06-18 19:55 . 2008-06-18 19:55 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-06-18 19:51 . 2008-06-18 19:51 <DIR> dr-h----- C:\MSOCache
2008-06-18 19:48 . 2008-06-18 19:48 268 --ah----- C:\sqmdata00.sqm
2008-06-18 19:48 . 2008-06-18 19:48 244 --ah----- C:\sqmnoopt00.sqm
2008-06-18 19:47 . 2008-06-18 19:47 611,064 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-06-18 19:47 . 2008-06-18 19:47 96,256 --a------ C:\WINDOWS\system32\drivers\sptddrv1.sys
2008-06-18 19:46 . 2008-06-18 19:46 <DIR> d-------- C:\WINDOWS\system32\DRVSTORE
2008-06-18 19:39 . 2008-06-18 18:33 <DIR> d--h----- C:\Documents and Settings\Viki\Sablonok
2008-06-18 19:39 . 2008-06-18 19:40 <DIR> dr------- C:\Documents and Settings\Viki\Dokumentumok
2008-06-18 19:39 . 2008-06-18 18:33 <DIR> d-------- C:\Documents and Settings\Viki\Asztal
2008-06-18 19:39 . 2008-06-18 19:39 <DIR> d-------- C:\Documents and Settings\Viki
2008-06-18 19:37 . 2008-06-18 19:37 <DIR> d---s---- C:\WINDOWS\system32\Microsoft
2008-06-18 19:37 . 2008-06-18 19:37 <DIR> d--hs---- C:\Documents and Settings\LocalService
2008-06-18 19:36 . 2008-06-18 19:36 <DIR> d--hs---- C:\Documents and Settings\NetworkService
2008-06-18 19:36 . 2008-06-18 19:36 8,192 --a------ C:\WINDOWS\REGLOCS.OLD
2008-06-18 19:34 . 2008-06-18 18:33 <DIR> d--h----- C:\WINDOWS\system32\config\systemprofile\Sablonok
2008-06-18 19:34 . 2008-06-18 18:33 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Dokumentumok
2008-06-18 19:34 . 2008-06-18 18:33 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Asztal
2008-06-18 19:34 . 2001-10-26 14:00 28,288 --a------ C:\WINDOWS\system32\dllcache\xjis.nls
2008-06-18 19:32 . 2004-08-03 22:32 571,392 --a------ C:\WINDOWS\system32\dllcache\tintlgnt.ime
2008-06-18 19:31 . 2004-08-17 16:47 188,416 --a------ C:\WINDOWS\system32\dllcache\snmpsmir.dll
2008-06-18 19:30 . 2004-08-17 16:47 465,408 --a------ C:\WINDOWS\system32\dllcache\smtpsvc.dll
2008-06-18 19:29 . 2004-08-17 16:47 221,696 --a------ C:\WINDOWS\system32\dllcache\seo.dll
2008-06-18 19:28 . 2001-10-26 14:00 131,584 --a------ C:\WINDOWS\system32\dllcache\pmxviceo.dll
2008-06-18 19:27 . 2004-08-03 22:31 482,304 --a------ C:\WINDOWS\system32\dllcache\pintlgnt.ime
2008-06-18 19:26 . 2001-10-26 14:00 1,875,968 --a------ C:\WINDOWS\system32\dllcache\msir3jp.lex
2008-06-18 19:26 . 2001-10-26 14:00 229,439 --a------ C:\WINDOWS\system32\dllcache\multibox.dll
2008-06-18 19:26 . 2001-10-26 14:00 111,104 --a------ C:\WINDOWS\system32\dllcache\mtstocom.exe
2008-06-18 19:26 . 2001-10-26 14:00 98,304 --a------ C:\WINDOWS\system32\dllcache\msir3jp.dll
2008-06-18 19:26 . 2001-10-26 14:00 92,416 --a------ C:\WINDOWS\system32\dllcache\mga.sys
2008-06-18 19:26 . 2004-08-17 16:48 40,960 --a------ C:\WINDOWS\system32\dllcache\msiregmv.exe
2008-06-18 19:26 . 2004-08-17 16:48 7,680 --a------ C:\WINDOWS\system32\dllcache\migregdb.exe
2008-06-18 19:24 . 2001-10-26 14:00 9,216 --a------ C:\WINDOWS\system32\dllcache\kbdnecat.dll
2008-06-18 19:23 . 2001-10-26 14:00 7,168 --a------ C:\WINDOWS\system32\dllcache\kbdibm02.dll
2008-06-18 19:22 . 2001-10-26 14:00 471,102 --a------ C:\WINDOWS\system32\dllcache\imskdic.dll
2008-06-18 19:21 . 2004-08-03 22:31 811,064 --a------ C:\WINDOWS\system32\dllcache\imjp81k.dll
2008-06-18 19:20 . 2001-10-26 14:00 13,463,552 --a------ C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-06-18 19:19 . 2004-08-17 16:46 562,688 --a------ C:\WINDOWS\system32\dllcache\fxsst.dll
2008-06-18 19:18 . 2003-03-24 15:52 618,605 --a------ C:\WINDOWS\system32\dllcache\fp4autl.dll
2008-06-18 19:17 . 2001-10-26 14:00 514,587 --a------ C:\WINDOWS\system32\dllcache\edb500.dll
2008-06-18 19:17 . 2004-08-17 16:46 105,984 --a------ C:\WINDOWS\system32\dllcache\evntagnt.dll
2008-06-18 19:17 . 2004-08-17 16:47 93,184 --a------ C:\WINDOWS\system32\dllcache\evntwin.exe
2008-06-18 19:17 . 2004-08-03 23:04 78,848 --a------ C:\WINDOWS\system32\dllcache\dayi.ime
2008-06-18 19:17 . 2001-10-26 14:00 57,856 --a------ C:\WINDOWS\system32\dllcache\esuimgd.dll
2008-06-18 19:17 . 2001-10-26 14:00 45,056 --a------ C:\WINDOWS\system32\dllcache\esunid.dll
2008-06-18 19:17 . 2004-08-17 16:47 42,496 --a------ C:\WINDOWS\system32\dllcache\davcdata.exe
2008-06-18 19:17 . 2001-10-26 14:00 31,744 --a------ C:\WINDOWS\system32\dllcache\esucmd.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

------- Sigcheck -------

2006-01-13 04:28 359808 583e063fdc888ca30d05c2724b0d7ef4 C:\WINDOWS\system32\drivers\tcpip.sys
2006-01-13 04:28 359808 583e063fdc888ca30d05c2724b0d7ef4 C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-30 19:20 360064 90caff4b094573449a0872a0f919b178 C:\WINDOWS\SoftwareDistribution\Download\eac34254774a9e877243468ee92db35a\sp2gdr\tcpip.sys
2007-10-30 18:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\SoftwareDistribution\Download\eac34254774a9e877243468ee92db35a\sp2qfe\tcpip.sys
2006-04-20 13:51 359808 1dbf125862891817f374f407626967f4 C:\WINDOWS\SoftwareDistribution\Download\bf321c8a4c6e6cd9a581d14f8b22c9e2\sp2gdr\tcpip.sys
2006-04-20 14:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:\WINDOWS\SoftwareDistribution\Download\bf321c8a4c6e6cd9a581d14f8b22c9e2\sp2qfe\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 14:47 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54 282624]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-06-18 20:35 949376]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-30 00:14 155648]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 13:19 69632]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 14:47 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.iac2"= C:\PROGRA~1\ACEMEG~1\SystemS\Intel\iac25_32.ax
"msacm.sl_anet"= C:\PROGRA~1\ACEMEG~1\SystemS\sl_anet.acm
"vidc.yv12"= C:\PROGRA~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL
"vidc.divx"= C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivX520.dll
"vidc.iyuv"= C:\PROGRA~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll
"vidc.yvu9"= C:\PROGRA~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll
"vidc.uyvy"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
"vidc.yuy2"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
"vidc.yvyu"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
"msacm.msaudio1"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msaud32.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R3 ES1370;Creative AudioPCI (ES1370), SB PCI 64/128 (WDM);C:\WINDOWS\system32\drivers\ES1370MP.sys [2001-08-17 20:19]
R3 S3SAVAGE4M;S3SAVAGE4M;C:\WINDOWS\system32\DRIVERS\s3sav4m.sys [2001-08-17 20:50]

.
Contents of the 'Scheduled Tasks' folder
"2008-06-18 18:29:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-29 13:57:18
Windows 5.1.2600 Szervizcsomag 2 FAT NTAPI

scanning hidden processes ...

C:\WINDOWS\EXPLORER.EXE [1252] 0xFFAAF1E8

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\Eset\pr_imon.dll
.
Completion time: 2008-06-29 13:59:01
ComboFix-quarantined-files.txt 2008-06-29 11:58:52

8 könyvtár 252,055,552 bájt szabad
11 könyvtár 247,988,224 bájt szabad

200 --- E O F --- 2008-06-28 17:37:28
REMÉLEM NEM VAGYOK NAGYON BÉNA ÉS EDDIG MINDENT JÓL CSINÁLOK?!

Home - Features - Download - Screenshots - Reviews - Help & Support - Forum
Home › Download



Download

Download installer Although this software is free please donate to help support the software and site costs.

Everyone who donates $20 / &pound;10 / €20 or more will be emailed all new releases before they're available to download on the site.
(Click on the image to donate using PayPal, or click here for other donation methods)

Huge thanks to those of you who have already donated!



Version v2.09.600 (2,851KB)
- Download from FileHippo.com (more downloads)
- Alternative Download


- What's in version 2.0
- Full version history
- Other builds



Notes:
The installer may prompt you to download some additional components from Microsoft, if you do not already have them installed.




&copy;Copyright 2005-2008 Piriform Ltd. All rights reserved.
Bocsi de nem tudom hogy mire kattintsak!

igen tenyleg keves a hely a lemezen;
1:Megcsinaljuk hogy a windows njekleze a keves hejet,de elote kikel pucolni a gepet;
1:Letoltod a CCleanert:
http://www.ccleaner.com/download/downloadpage.aspx?f=2


Aztan letoltod a combofixet,az asztalra teszed,kikapcsolod a virus irto pajzat es futatod,klik>1>enter es aztan nem babralsz semit csak nezed a gep lehet hogy restartiol ,es ad a monitora combofix.txt>eztet ide teszed.
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: Other (040e) - see http://preview.tinyurl.com/mhhp6

CPU 0: Intel Pentium II processzor
Percentage of Memory in Use: 64%
Physical Memory (total/avail): 127.48 MiB / 45.32 MiB
Pagefile Memory (total/avail): 307.21 MiB / 106.57 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1908.44 MiB

A: is Removable (No Media)
C: is Fixed (FAT32) - 4 GiB total, 0.16 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - QUANTUM FIREBALLlct08 04 - 4.01 GiB - 1 partition
\PARTITION0 (bootable) - Unknown - 4.01 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Viki\Application Data
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=VIKI-1F06E906C3
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Viki
LOGONSERVER=\\VIKI-1F06E906C3
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\QuickTime\QTSystem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 5 Stepping 2, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0502
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Viki\LOCALS~1\Temp
TMP=C:\DOCUME~1\Viki\LOCALS~1\Temp
USERDOMAIN=VIKI-1F06E906C3
USERNAME=Viki
USERPROFILE=C:\Documents and Settings\Viki
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Viki (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACE Mega CoDecS Pack --> "C:\Program Files\ACE Mega CoDecS Pack\unins000.exe"
Adobe Acrobat 4.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
Apple Software Update --> MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
ArcSoft PhotoStudio 5.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x9
Canon MP Navigator 3.0 --> "C:\Program Files\Canon\MP Navigator 3.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 3.0\uninst.ini
Canon MP160 --> "C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160 /L0x000e
Canon MP160 Felhasználói regisztráció --> C:\Program Files\Canon\IJEREG\MP160\UNINST.EXE
Canon Utilities Easy-PhotoPrint --> C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
Easy-WebPrint --> C:\WINDOWS\IsUn040e.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
Egyszeres és Kettős könyvvitel - Számlázás - Útnyilvántartás --> C:\WINKONYV\setup\setup.exe
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{9011040E-6000-11D3-8CFE-0150048383C9}
NOD32 antivirus system --> C:\Program Files\Eset\Setup\setup.exe /UNINSTALL
NOD32 FiX v2.1 --> "C:\Program Files\Eset\unins000.exe"
QuickTime --> MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
ScanSoft OmniPage SE 4.0 --> MsiExec.exe /I{29D851C2-048C-4B5E-8D1F-25D473342BB5}
Windows Live bejelentkezési segéd --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live installer --> MsiExec.exe /X{999CE3F5-C179-4607-BEDF-B9544B0DD232}
Windows Live Messenger --> MsiExec.exe /X{AF2815A6-0573-45A4-BAE3-3194C1D4393C}
Windows XP biztonsági frissítés - KB896422 --> "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB904706 --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB905414 --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB911562 --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB911567 --> "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB912919 --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB920214 --> "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB925486 --> "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB943055 --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB944533 --> "C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB950760 --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Windows XP Biztonsági frissítés (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Windows XP frissítés - KB894391 --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Windows XP frissítés - KB898461 --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Windows XP frissítés - KB900485 --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Windows XP frissítés - KB910437 --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Windows XP frissítés - KB916595 --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Windows XP frissítés - KB920872 --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Windows XP frissítés - KB922582 --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Windows XP frissítés - KB927891 --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Windows XP frissítés - KB929338 --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Windows XP frissítés - KB930916 --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Windows XP frissítés - KB933360 --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Windows XP frissítés - KB936357 --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Windows XP frissítés - KB938828 --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Windows XP frissítés - KB942840 --> "C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
Windows XP frissítés - KB946627 --> "C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe"
Windows XP gyorsjavítás - KB873333 --> C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
Windows XP gyorsjavítás - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP gyorsjavítás - KB885250 --> C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Windows XP gyorsjavítás - KB887472 --> C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP gyorsjavítás - KB888113 --> C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Windows XP gyorsjavítás - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP gyorsjavítás - KB890175 --> C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Windows XP gyorsjavítás - KB893086 --> "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type137 / Warning
Event Submitted/Written: 06/26/2008 09:38:24 AM
Event ID/Source: 5603 / WinMgmt
Event Description:
A(z) Root\MSAPPS11 WMI-névtérben regisztrálva van egy szolgáltató (OffProv11), amely azonban nem tartalmazta a kötelezően megadandó HostingModel tulajdonságot. A szolgáltató a LocalSystem fiókon fut majd. Ez a fiók kiemelt jogosultságokkal rendelkezik, és a biztonság megsértését okozhatja, ha helytelenül személyesíti meg a felhasználói kérelmeket. Ellenőrizze a szolgáltató biztonsági viselkedését, és módosítsa a szolgáltató regisztrációjának HostingModel tulajdonságát úgy, hogy a működéshez szükséges minimális jogosultságokkal rendelkezzen.

Event Record #/Type136 / Warning
Event Submitted/Written: 06/26/2008 09:38:24 AM
Event ID/Source: 5603 / WinMgmt
Event Description:
A(z) Root\MSAPPS11 WMI-névtérben regisztrálva van egy szolgáltató (OffProv11), amely azonban nem tartalmazta a kötelezően megadandó HostingModel tulajdonságot. A szolgáltató a LocalSystem fiókon fut majd. Ez a fiók kiemelt jogosultságokkal rendelkezik, és a biztonság megsértését okozhatja, ha helytelenül személyesíti meg a felhasználói kérelmeket. Ellenőrizze a szolgáltató biztonsági viselkedését, és módosítsa a szolgáltató regisztrációjának HostingModel tulajdonságát úgy, hogy a működéshez szükséges minimális jogosultságokkal rendelkezzen.

Event Record #/Type132 / Error
Event Submitted/Written: 06/25/2008 08:22:45 PM
Event ID/Source: 1001 / Application Hang
Event Description:
Hibasor: 126637809.

Event Record #/Type131 / Error
Event Submitted/Written: 06/25/2008 08:22:38 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Nem válaszoló alkalmazás: IEXPLORE.EXE, verzió: 6.0.2900.2180, nem válaszoló modul: hungapp, verzió: 0.0.0.0, memóriacím: 0x00000000.

Event Record #/Type130 / Error
Event Submitted/Written: 06/25/2008 08:17:26 PM
Event ID/Source: 1000 / Application Error
Event Description:
Hibás alkalmazás: iexplore.exe, verzió: 6.0.2900.2180, hibás modul: flash.ocx, verzió: 7.0.19.0, memóriacím: 0x000235d9.
Médiaspecifikus esemény feldolgozása: [iexplore.exe!ws!]



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type1268 / Error
Event Submitted/Written: 06/28/2008 07:37:28 PM
Event ID/Source: 20 / Windows Update Agent
Event Description:
Telepítési hiba: A Windows 0x80070643 hiba miatt nem tudta telepíteni a következő frissítést: Biztonsági frissítés a Flash Player programhoz (KB913433).

Event Record #/Type1263 / Warning
Event Submitted/Written: 06/28/2008 05:08:06 PM
Event ID/Source: 8021 / BROWSER
Event Description:
A tallózó nem tudta lekérdezni a kiszolgálók listáját a főtallózótól (\\BAGYA-3476E1330) a következő hálózaton: \Device\NetBT_Tcpip_{33AA62C6-467A-499B-A44D-B81A36F15B29}.
Az adat a hiba kódja.

Event Record #/Type1232 / Error
Event Submitted/Written: 06/27/2008 07:13:45 PM
Event ID/Source: 20 / Windows Update Agent
Event Description:
Telepítési hiba: A Windows 0x80070643 hiba miatt nem tudta telepíteni a következő frissítést: Biztonsági frissítés a Flash Player programhoz (KB913433).

Event Record #/Type1209 / Error
Event Submitted/Written: 06/27/2008 03:30:09 PM
Event ID/Source: 20 / Windows Update Agent
Event Description:
Telepítési hiba: A Windows 0x80070643 hiba miatt nem tudta telepíteni a következő frissítést: Biztonsági frissítés a Flash Player programhoz (KB913433).

Event Record #/Type1208 / Warning
Event Submitted/Written: 06/27/2008 02:41:58 PM
Event ID/Source: 8021 / BROWSER
Event Description:
A tallózó nem tudta lekérdezni a kiszolgálók listáját a főtallózótól (\\BAGYA-3476E1330) a következő hálózaton: \Device\NetBT_Tcpip_{33AA62C6-467A-499B-A44D-B81A36F15B29}.
Az adat a hiba kódja.



-- End of Deckard's System Scanner: finished at 2008-06-29 11:23:22 ------------

Deckard's System Scanner v20071014.68
Run by Viki on 2008-06-29 11:15:35
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Failed to create restore point; disk is full.


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 128 MiB (512 MiB recommended).
System Drive C: has 0.16 GiB (less than 15%) free.


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-29 11:18:39
Platform: Windows XP Szervizcsomag 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ESET\nod32kui.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ESET\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Viki\Local Settings\Temporary Internet Files\Content.IE5\B0Z9Z45G\dss[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startlap.hu/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Windows Live bejelentkezési segítség - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint – Gyors nyomtatás - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint – Hozzáadás a nyomtatási listához - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint – Nyomtatás - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint – Nyomtatási kép - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 3819476089
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\ESET\nod32krn.exe


--
End of file - 5078 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

S3 catchme - c:\combofix\catchme.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-06-18 20:29:06 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-05-29 and 2008-06-29 -----------------------------

2008-06-28 15:20:27 68096 --a------ C:\WINDOWS\zip.exe
2008-06-28 15:20:27 49152 --a------ C:\WINDOWS\VFind.exe
2008-06-28 15:20:27 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-06-28 15:20:27 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-06-28 15:20:27 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-06-28 15:20:27 98816 --a------ C:\WINDOWS\sed.exe
2008-06-28 15:20:27 80412 --a------ C:\WINDOWS\grep.exe
2008-06-28 15:20:27 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-06-25 16:24:23 359808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys <Not Verified; Microsoft Corporation; Microsoft&reg; Windows&reg; Operating System>
2008-06-25 16:24:05 202240 --a------ C:\WINDOWS\system32\drivers\RMCast.sys <Not Verified; Microsoft Corporation; Microsoft&reg; Windows&reg; Operating System>
2008-06-25 14:32:36 1585152 --a------ C:\Documents and Settings\Viki\ntuser.dat
2008-06-24 11:47:20 0 d-------- C:\Documents and Settings\Viki\Application Data\Real
2008-06-20 12:57:02 0 d-------- C:\Program Files\MSXML 4.0
2008-06-20 10:01:59 0 d-------- C:\WINDOWS\system32\PreInstall
2008-06-19 09:05:04 0 d--h----- C:\WINDOWS\$hf_mig$
2008-06-18 22:24:22 0 d--hs---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-06-18 22:23:49 0 d-------- C:\Program Files\Windows Live
2008-06-18 22:23:12 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-18 22:05:45 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-06-18 22:03:55 0 d---s---- C:\Documents and Settings\Viki\UserData
2008-06-18 22:01:46 0 d-------- C:\Documents and Settings\Viki\Contacts
2008-06-18 21:45:05 0 d-------- C:\WinRAR
2008-06-18 21:41:22 0 d-------- C:\Documents and Settings\Viki\Application Data\Macromedia
2008-06-18 21:40:44 0 d-------- C:\WINDOWS\Profiles
2008-06-18 21:40:35 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-18 21:40:29 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield&reg; unInstaller>
2008-06-18 21:40:25 0 d-------- C:\Documents and Settings\Viki\WINDOWS
2008-06-18 21:38:26 0 d--hs---- C:\Recycled
2008-06-18 21:30:32 24990 --a------ C:\WINDOWS\system32\VFP6RUN.EXE <Not Verified; Microsoft Corporation; Microsoft&reg; Visual FoxPro&reg;>
2008-06-18 21:30:32 876032 --a------ C:\WINDOWS\system32\VFP6RENU.DLL <Not Verified; Microsoft Corporation; Microsoft&reg; Visual FoxPro&reg;>
2008-06-18 21:30:31 3373328 --a------ C:\WINDOWS\system32\VFP6R.DLL <Not Verified; Microsoft Corporation; Microsoft&reg; Visual FoxPro&reg;>
2008-06-18 21:30:18 0 d-------- C:\WINKONYV
2008-06-18 20:50:45 0 d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-06-18 20:50:33 0 d-------- C:\Documents and Settings\Viki\Application Data\ScanSoft
2008-06-18 20:49:45 0 d-------- C:\Program Files\Common Files\ScanSoft Shared
2008-06-18 20:49:45 0 d-------- C:\Documents and Settings\All Users\Application Data\ScanSoft
2008-06-18 20:48:19 0 d-------- C:\Program Files\ScanSoft
2008-06-18 20:46:32 212480 --a------ C:\WINDOWS\PCDLIB32.DLL <Not Verified; Eastman Kodak; Kodak Photo CD Access Developer Toolkit>
2008-06-18 20:46:32 0 d-------- C:\Program Files\ArcSoft
2008-06-18 20:46:30 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-18 20:45:55 0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-18 20:44:36 307712 --a------ C:\WINDOWS\IsUn040e.exe <Not Verified; InstallShield Software Corporation; InstallShield&reg; unInstaller>
2008-06-18 20:43:30 0 d--h----- C:\Documents and Settings\All Users\Application Data\CanonBJ
2008-06-18 20:42:49 0 d--h----- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2008-06-18 20:42:28 0 d--h----- C:\Program Files\CanonBJ
2008-06-18 20:41:48 0 d-------- C:\Program Files\Canon
2008-06-18 20:35:48 298104 --a------ C:\WINDOWS\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System>
2008-06-18 20:33:10 1755 --a------ C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
2008-06-18 20:32:48 2176 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-06-18 20:30:21 0 d-------- C:\Program Files\QuickTime
2008-06-18 20:28:51 0 d-------- C:\Program Files\Apple Software Update
2008-06-18 20:28:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-18 20:25:57 0 d-------- C:\Documents and Settings\Viki\Application Data\Adobe
2008-06-18 20:10:27 98304 --a------ C:\WINDOWS\system32\qttask.exe <Not Verified; Apple Computer, Inc.; QuickTime>
2008-06-18 20:07:09 0 d-------- C:\WINDOWS\system32\QuickTime
2008-06-18 20:06:49 1122304 --a------ C:\WINDOWS\system32\mplvpx.dll <Not Verified; Ligos Corporation; MPL Video Library>
2008-06-18 20:06:48 1552384 --a------ C:\WINDOWS\system32\mplvm6.dll <Not Verified; Ligos Corporation; MPL Video Library>
2008-06-18 20:06:48 1650688 --a------ C:\WINDOWS\system32\mplva6.dll <Not Verified; Ligos Corporation; MPL Video Library>
2008-06-18 20:06:47 1581056 --a------ C:\WINDOWS\system32\mplvw7.dll <Not Verified; Ligos Corporation; MPL Video Library>
2008-06-18 20:06:47 77824 --a------ C:\WINDOWS\system32\mplaw7.dll <Not Verified; Ligos Corporation; MPL Audio Library>
2008-06-18 20:06:47 65536 --a------ C:\WINDOWS\system32\mplapx.dll <Not Verified; Ligos Corporation; MPL Audio Library>
2008-06-18 20:06:47 65536 --a------ C:\WINDOWS\system32\mplam6.dll <Not Verified; Ligos Corporation; MPL Audio Library>
2008-06-18 20:06:47 77824 --a------ C:\WINDOWS\system32\mplaa6.dll <Not Verified; Ligos Corporation; MPL Audio Library>
2008-06-18 20:06:47 19968 --a------ C:\WINDOWS\system32\cpuinf32.dll
2008-06-18 20:06:43 152064 --a------ C:\WINDOWS\system32\unrar.dll
2008-06-18 20:06:36 761856 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-06-18 20:06:21 0 d-------- C:\Program Files\ACE Mega CoDecS Pack
2008-06-18 19:58:18 0 d-------- C:\Program Files\Microsoft.NET
2008-06-18 19:55:49 0 d-------- C:\WINDOWS\SHELLNEW
2008-06-18 19:51:17 0 dr-h----- C:\MSOCache
2008-06-18 19:47:57 96256 --a------ C:\WINDOWS\system32\drivers\sptddrv1.sys
2008-06-18 19:47:57 611064 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-06-18 19:46:43 0 d-------- C:\WINDOWS\system32\DRVSTORE
2008-06-18 19:39:52 0 d-------- C:\Documents and Settings\Viki\Application Data\Identities
2008-06-18 19:39:27 0 dr------- C:\Documents and Settings\Viki\Start Menu
2008-06-18 19:39:27 0 dr-h----- C:\Documents and Settings\Viki\SendTo
2008-06-18 19:39:27 0 d--h----- C:\Documents and Settings\Viki\Sablonok
2008-06-18 19:39:27 0 dr-h----- C:\Documents and Settings\Viki\Recent
2008-06-18 19:39:27 0 d--h----- C:\Documents and Settings\Viki\PrintHood
2008-06-18 19:39:27 0 d--h----- C:\Documents and Settings\Viki\NetHood
2008-06-18 19:39:27 0 d--h----- C:\Documents and Settings\Viki\Local Settings
2008-06-18 19:39:27 0 dr------- C:\Documents and Settings\Viki\Favorites
2008-06-18 19:39:27 0 dr------- C:\Documents and Settings\Viki\Dokumentumok
2008-06-18 19:39:27 0 d---s---- C:\Documents and Settings\Viki\Cookies
2008-06-18 19:39:27 0 d-------- C:\Documents and Settings\Viki\Asztal
2008-06-18 19:39:27 0 dr-h----- C:\Documents and Settings\Viki\Application Data
2008-06-18 19:37:18 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-06-18 19:37:18 0 d--hs---- C:\System Volume Information
2008-06-18 19:37:07 0 d-------- C:\WINDOWS\Prefetch
2008-06-18 19:37:06 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-06-18 19:37:03 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2008-06-18 19:37:03 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-06-18 19:37:03 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-06-18 19:37:02 229376 --a------ C:\Documents and Settings\LocalService\NTUSER.DAT
2008-06-18 19:37:02 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-06-18 19:36:31 229376 --a------ C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-06-18 19:36:31 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-06-18 19:36:31 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2008-06-18 19:36:31 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-06-18 19:36:31 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-06-18 19:08:16 0 d-------- C:\WINDOWS\system32\xircom
2008-06-18 19:08:16 0 d-------- C:\Program Files\microsoft frontpage
2008-06-18 19:06:21 229376 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-06-18 19:06:00 0 -rahs---- C:\MSDOS.SYS
2008-06-18 19:06:00 0 -rahs---- C:\IO.SYS
2008-06-18 19:06:00 0 --a------ C:\CONFIG.SYS
2008-06-18 19:06:00 0 --a------ C:\AUTOEXEC.BAT
2008-06-18 19:01:33 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-06-18 19:00:39 0 dr------- C:\WINDOWS\Offline Web Pages
2008-06-18 19:00:38 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-06-18 18:59:44 0 d--h----- C:\Program Files\WindowsUpdate
2008-06-18 18:59:31 0 d-------- C:\Program Files\Online Services
2008-06-18 18:58:31 0 d-------- C:\WINDOWS\system32\DirectX
2008-06-18 18:57:30 0 d---s---- C:\WINDOWS\Tasks
2008-06-18 18:57:29 0 d-------- C:\Program Files\Common Files\MSSoap
2008-06-18 18:57:23 0 d-------- C:\WINDOWS\srchasst
2008-06-18 18:57:22 0 d-------- C:\WINDOWS\system32\Macromed
2008-06-18 18:57:06 0 d-------- C:\Program Files\Movie Maker
2008-06-18 18:56:52 0 d-------- C:\WINDOWS\system32\Restore
2008-06-18 18:53:14 21948 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-06-18 18:52:32 0 d-------- C:\WINDOWS\Registration
2008-06-18 18:51:44 0 d-------- C:\Program Files\Messenger
2008-06-18 18:51:38 0 d-------- C:\Program Files\MSN Gaming Zone
2008-06-18 18:50:41 0 d-------- C:\Program Files\Windows NT
2008-06-18 18:50:35 0 d-------- C:\WINDOWS\system32\MsDtc
2008-06-18 18:50:33 0 d-------- C:\WINDOWS\system32\Com
2008-06-18 18:35:15 0 d--hs---- C:\WINDOWS\Installer
2008-06-18 18:35:13 0 d-------- C:\Program Files\Common Files\ODBC
2008-06-18 18:35:06 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-06-18 18:35:04 0 dr------- C:\Program Files
2008-06-18 18:35:04 0 d-------- C:\Program Files\Common Files
2008-06-18 18:33:55 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-06-18 18:33:55 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-06-18 18:33:55 0 d--h----- C:\Documents and Settings\Default User\Sablonok
2008-06-18 18:33:55 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-06-18 18:33:55 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-06-18 18:33:55 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-06-18 18:33:55 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-06-18 18:33:55 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-06-18 18:33:55 0 d-------- C:\Documents and Settings\Default User\Dokumentumok
2008-06-18 18:33:55 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-06-18 18:33:55 0 d-------- C:\Documents and Settings\Default User\Asztal
2008-06-18 18:33:55 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-06-18 18:33:55 0 d--h----- C:\Documents and Settings\All Users\Sablonok
2008-06-18 18:33:55 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-06-18 18:33:55 0 dr------- C:\Documents and Settings\All Users\Dokumentumok
2008-06-18 18:33:55 0 d-------- C:\Documents and Settings\All Users\Asztal
2008-06-18 18:33:16 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-06-18 18:33:16 0 d-------- C:\WINDOWS\system32\CatRoot
2008-06-18 18:33:10 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-06-18 18:33:10 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-06-18 18:33:09 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-06-18 18:33:09 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-06-18 18:32:39 0 d-------- C:\Documents and Settings
2008-06-18 18:25:03 0 d-------- C:\WINDOWS
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\WinSxS
2008-06-18 18:25:03 0 dr------- C:\WINDOWS\Web
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\twain_32
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\wins
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\wbem
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\usmt
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\spool
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\ShellExt
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\Setup
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\ras
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\oobe
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\npp
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\mui
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\inetsrv
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\IME
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\icsxml
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\ias
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\export
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\drivers
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-06-18 18:25:03 0 dr-hs---- C:\WINDOWS\system32\dllcache
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\dhcp
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\config
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\3076
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\2052
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\1054
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\1042
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\1041
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\1038
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\1037
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\1033
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\1031
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\1028
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system32\1025
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\system
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\security
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\Resources
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\repair
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\Provisioning
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\PeerNet
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\pchealth
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\mui
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\msapps
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\msagent
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\Media
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\java
2008-06-18 18:25:03 0 d--h----- C:\WINDOWS\inf
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\ime
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\Help
2008-06-18 18:25:03 0 dr--s---- C:\WINDOWS\Fonts
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\ehome
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\Driver Cache
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\Debug
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\Cursors
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\Connection Wizard
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\Config
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\AppPatch
2008-06-18 18:25:03 0 d-------- C:\WINDOWS\addins


-- Find3M Report ---------------------------------------------------------------

2008-06-27 18:13:32 303696 --a------ C:\WINDOWS\system32\perfh00E.dat
2008-06-27 18:13:32 57936 --a------ C:\WINDOWS\system32\perfc00E.dat
2008-06-18 20:46:34 0 d-------- C:\Program Files\ArcSoft
2008-06-18 20:06:22 0 d-------- C:\Program Files\ACE Mega CoDecS Pack
2008-06-18 18:33:56 62 --ahs---- C:\Documents and Settings\Viki\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007.02.16. 10:54]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008.06.18. 20:35]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003.09.30. 00:14]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006.03.21. 13:19]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004.08.17. 14:47]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007.10.18. 11:34]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)




-- End of Deckard's System Scanner: finished at 2008-06-29 11:23:22 ------------

hmm,hat igen eleg gengecske ,ha lehet legalab Hoza kell adnod>.TOB>RAM<ot
Nocsak futasd le ezt a programot,es a Main.txt es extra.txt ted ide:

http://www.techsupportforum.com/sectools/Deckard/dss.exe

Microsoft Windows XP
Professional
2002-es verzió
szervízcsomag2
55920-642-4643641-23969
Intel Pentium II processzor
350MHZ,128MB RAM
Tudom ,hogy régi de eddig nem volt semmi gond vele!

szergej;

SEMILYEN:

murdi
Ez inkab a Windows temaba tartozik,de a mar itt vagy megnezuk.
Epen nemtudom hogy mijen az OP-rendszered,ha elarulod akor utana nezunk hogy mi a problem.
UDV

Sziasztok! Én még uj vagyok, de sürgős segítség kellene!
Egy hete húzták ujra a windowst a gépen, még szinte alig használtuk és
most állandóan azt írja ki,hogy nincs több szabad hely.Már minden lehetséges dolgot letöröltem de semmi nem változik. Mi lehet a gond?
Előre szólok, nem nagyon értek a géphez,de ha nem túl bonyolult megtudom csinálni./remélem/Előre is köszönöm!

Mit mondjak én is megijedtem attól a sok troja is egyéb vírustól de a hijack az mit árul el az illetőről ? azon kívül hogy sérült a rendszere, milyen visszaélésre adhat lehetőséget ?

Ted ide a HiJack>Logjat.De ahogy latom ha eztet ide irom akor sokan megijednek es elfutnak inen.

Nekem is ugyanez a problémám.
444.741 malware-től sehogy sem tudok megszabadulni:((

Nincsen mit koszonod,egy darabig nyugtod van

így is van - korrekt a kicsikém

Hálás köszönet érte

Meg pucold tisztara a CCleaneral es a gepnek Patogni kell.

Itt A vége fuss el véle ?

It nemkel mast csinalnod amit ide teszek az lefixeled a HJT-ban.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader hivatkozássúgó - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll



O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - http://driveragent.com/files/driveragent.cab

Biztom hogy igy ván ,
Ok. Mond mikk azak de mondjuk magom is ritkíthatok egy kis jozon ésszel

Ok ez jo nem Virus.Ha lefixelodik aza a program ami a HJT-ben a 04-pozicion van akor nemfut automatikusan a Windowsal ,hanem kezel fogod futatni,mert igen sok programnak nemis kel hogy fuson automatikusan,mert csak a MEMORIAT -terheli es lasitsa a gepet.

Ha lefixeljuk öket akkor mi történik?

Nemismeren Teszteld le a VIRUSTOTALON.Es a log jonak nez ki epen futnak ojan programok aminek nemmuszaj,ha akarod akor lefixeljuk oket.

Szerintem a veb kamerához tártozik de nem reagál ha inditonam raklickkelve

Eztet tudod hogy mi??C:\WINDOWS\VMSnap23.exe

Logfile of HijackThis v1.99.1
Scan saved at 17:12, on 2008-06-06
Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\VMSnap23.exe
C:\WINDOWS\Domino.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\szergej rozumnij\Asztal\szergej rozumnij.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader hivatkozássúgó - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: IE 4.x-6.x BHO for Download Master - {9961627E-4059-41B4-8E0E-A7D6B3854ADF} - C:\PROGRA~1\DOWNLO~1\dmiehlp.dll
O3 - Toolbar: DM Bar - {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} - C:\Program Files\Download Master\dmbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\hu-hu\msntb.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NVMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BigDogPath323VMSnap] C:\WINDOWS\VMSnap23.exe
O4 - HKLM\..\Run: [BigDogPath323Domino] C:\WINDOWS\Domino.exe
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Security Suite Pro\feedback.exe" /dump:os_startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier gyorsindító.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportálás a Microsoft Excel programba - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Çŕęŕ÷ŕňü ÂŃĹ ďđč ďîěîůč Download Master - C:\Program Files\Download Master\dmieall.htm
O8 - Extra context menu item: Çŕęŕ÷ŕňü ďđč ďîěîůč Download Master - C:\Program Files\Download Master\dmie.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Küldés blogba - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Küldés blogba a Windows Live Writer programmal - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Outpost Security Suite Pro Gyorshangolás - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Security Suite Pro\ie_bar.dll
O9 - Extra button: Download Master - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - C:\Program Files\Download Master\dmaster.exe
O9 - Extra 'Tools' menuitem: &Download Master - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - C:\Program Files\Download Master\dmaster.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - http://messenger.zone.msn.com/binary/So ... b56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9509481578
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/l2/bin/cortvrml.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - http://driveragent.com/files/driveragent.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InterBase Server (InterBaseServer) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE

ok Szergej a malwarebytes kitorolte amit kelet csinald meg a defragot es ted ide a HJT>logjat kontrolara es vegeztunk.

A gép rendesen- fennakadás nélkül , ki is be, kapcsolódik semmi rendelleneset nem tapasztaltam , megcsinálom a törlést is a hijackot
meg csinálok regisztry defragot.

ok.akor ugy latom hogy ezeket torolted a MBB -programal.Megis ez a internet.exe fajl-kem fajl-volt.A HOST ha nemmegy a programal akor torold kezel,csak a
127.0.0.1 localhost maradjon.
Es mi van a kikapcsolasal,mert en mar a gepet tisztanak latom.Ha mindig meg nemkapcsol ki akor ird ide es meg mijen problem van a gepel meg ted ide a HJT>logjat is,

Hát ez azért nem semmi , kösz eddig is ,
szerencsém hogy neked mindenre van ütős kártyád

A hosztot májd este, addig kihuzom a nett kábelt .
Üdv.

Malwarebytes' Anti-Malware 1.14
Adatbázis verzió: 829

01:13:45 2008-06-06
mbam-log-6-6-2008 (01-13-45).txt

Vizsgálat típusa: Teljes vizsgálat (C:\|)
Átvizsgált objektumok: 158789
Eltelt idő: 1 hour(s), 16 minute(s), 40 second(s)

Fertőzött memóriafolyamatok: 0
Fertőzött memória modulok: 0
Fertőzött rendszerleíró kulcsok: 3
Fertőzött rendszerleíró értékek: 0
Fertőzött rednszerleíró elemek: 1
Fertőzött mappák: 1
Fertőzött fájlok: 2

Fertőzött memóriafolyamatok:
(Nem észleltem rosszindulatú elemeket)

Fertőzött memória modulok:
(Nem észleltem rosszindulatú elemeket)

Fertőzött rendszerleíró kulcsok:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6d7b211a-88ea-490c-bab9-3600d8d7c503} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.

Fertőzött rendszerleíró értékek:
(Nem észleltem rosszindulatú elemeket)

Fertőzött rednszerleíró elemek:
HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (C:\WINDOWS\system32\spywarewarning.mht) Good: (http://www.google.com/) -> Quarantined and deleted successfully.

Fertőzött mappák:
C:\Program Files\ConnectionServices (Adware.BHO) -> Quarantined and deleted successfully.

Fertőzött fájlok:
C:\Program Files\ConnectionServices\Uninstall.exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\internet.exe (Trojan.Agent) -> Quarantined and deleted successfully.