igen de kiis vegeztuk a rootkitet megyen e mar az kapcsolat??
ha igen
teszteld le a
VIRUSTOTALu

C:\WINDOWS\system32\rserver30\rserver3.exe

klik -prochazet-megtalalod-klik kuldes-megvarod az redmenyt es ide teszed a linket.

birod még , vagy folytassuk holnap?

Ez egy kicsit simább volt

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "C:\WINDOWS\system32\DRIVERS\vbev5mp.sys" deleted successfully.
Driver "vbev5mp" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

igy van roszul irtam

varjal

ismeteld az avangeral

szerintem egy betűt elírtunk

többszöri reset után felállt a win itt az avenger log

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\vber5mp" not found!
Deletion of driver "vber5mp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.

kapcsold ki a gepet egy kicsit varjal es ujbol kapcsold be mert ez veszejes volt

nem all fel csak sípol restert után!!!

letoltod az Avanger programot-futatod
http://swandog46.geekstogo.com/avenger.exe
klik-ok-az ablakba bemasolod a piros textet-klik-execute-klik-yes-yes a gep bemegy kekhalalba es restartol,az avanger logjat ted ide.

elkaptam a gamer részlogját :


Rootkit scan 2009-01-02 22:24:00
Windows 5.1.2600 Szervizcsomag 3


---- System - GMER 1.0.14 ----

SSDT \SystemRoot\System32\Drivers\ShldDrv.SYS (PandaShield driver/Panda Software) ZwEnumerateKey [0xF78513B2]
SSDT \SystemRoot\System32\Drivers\ShldDrv.SYS (PandaShield driver/Panda Software) ZwEnumerateValueKey [0xF785158A]

---- Devices - GMER 1.0.14 ----

Device \FileSystem\Ntfs \Ntfs ShldDrv.SYS (PandaShield driver/Panda Software)
Device \FileSystem\Ntfs \Ntfs 86F601E8

AttachedDevice \FileSystem\Ntfs \Ntfs pavdrv51.sys (AntiMalware Filter Driver for Windows XP/2003/Panda Software International)
AttachedDevice \FileSystem\Ntfs \Ntfs av5flt.sys
AttachedDevice \Driver\Tcpip \Device\Ip NETFLTDI.SYS (Panda TDI Filter/Panda Software)
AttachedDevice \Driver\Tcpip \Device\Ip nltdi.sys (NetLimiter Driver/Locktime Software)
AttachedDevice \Driver\Tcpip \Device\Tcp NETFLTDI.SYS (Panda TDI Filter/Panda Software)
AttachedDevice \Driver\Tcpip \Device\Tcp nltdi.sys (NetLimiter Driver/Locktime Software)
AttachedDevice \Driver\Tcpip \Device\Udp NETFLTDI.SYS (Panda TDI Filter/Panda Software)
AttachedDevice \Driver\Tcpip \Device\Udp nltdi.sys (NetLimiter Driver/Locktime Software)
AttachedDevice \Driver\Tcpip \Device\RawIp NETFLTDI.SYS (Panda TDI Filter/Panda Software)
AttachedDevice \Driver\Tcpip \Device\RawIp nltdi.sys (NetLimiter Driver/Locktime Software)

---- Services - GMER 1.0.14 ----

Service C:\WINDOWS\system32\DRIVERS\vbev5mp.sys (*** hidden *** ) [SYSTEM] vbev5mp <-- ROOTKIT !!!

---- EOF - GMER 1.0.14 ----


ÉS


Logfile of random's system information tool 1.05 (written by random/random)
Run by BENEDEK at 2009-01-02 22:26:47
Microsoft Windows XP Professional Szervizcsomag 3
System drive C: has 4 GB (13%) free of 30 GB
Total RAM: 1023 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:27, on 2009-01-02
Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\PCNetSoftware\RAC Server\RACs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\tlntsvr.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\HHVcdV5Sys\VC5SecS.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\HHVcdV5Sys\VC5Play.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
C:\WINDOWS\713xRMT.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Virtual CD v5\System\VC5Tray.exe
C:\PROGRA~1\FDF\FAST2.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\wincmd\WINCMD32.EXE
C:\Documents and Settings\BENEDEK\Asztal\RSIT.exe
C:\Downloads\rendszerkontroll\BENEDEK.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live bejelentkezési segítség - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [VC5Player] C:\Program Files\HHVcdV5Sys\VC5Play.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\713xRMT.exe
O4 - HKLM\..\Run: [ChrisTV Agent] "C:\Program Files\ChrisTV\ChrisTV_Agent.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [FAST Defrag] C:\PROGRA~1\FDF\FAST2.EXE -tray
O4 - HKCU\..\Run: [AutoPowerOn] C:\Program Files\PCZeitschaltuhr\AutoPowerOn.exe
O4 - HKCU\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [VC5Tray] C:\Program Files\Virtual CD v5\System\VC5Tray.exe
O4 - HKCU\..\Run: [FSScrCtl] C:\WINDOWS\FSScrCtl.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: MetaProducts Disk Watchman.lnk = C:\Program Files\Disk Watchman\DW.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: radmin.lnk = C:\WINDOWS\system32\rserver30\rserver3.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Screen Saver Control.lnk = C:\WINDOWS\FSScrCtl.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: MetaProducts Disk Watchman.lnk = C:\Program Files\Disk Watchman\DW.exe (User 'Default user')
O4 - .DEFAULT Startup: radmin.lnk = C:\WINDOWS\system32\rserver30\rserver3.exe (User 'Default user')
O4 - .DEFAULT Startup: Screen Saver Control.lnk = C:\WINDOWS\FSScrCtl.exe (User 'Default user')
O4 - Startup: MetaProducts Disk Watchman.lnk = C:\Program Files\Disk Watchman\DW.exe
O4 - Startup: radmin.lnk = C:\WINDOWS\system32\rserver30\rserver3.exe
O4 - Startup: Screen Saver Control.lnk = C:\WINDOWS\FSScrCtl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Intelligens kijelölés - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: RACServerLogon - C:\WINDOWS\SYSTEM32\RACServerLogon2.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: PCNetSoftware RAC Server - Miloslav Novotny N+P - C:\Program Files\PCNetSoftware\RAC Server\RACs.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
O23 - Service: Radmin Server V3 (RServer3) - Unknown owner - C:\WINDOWS\system32\rserver30\RServer3.exe (file missing)
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Virtual CD v5 Security service (VC5SecS) - H+H Software GmbH - C:\Program Files\HHVcdV5Sys\VC5SecS.exe

--
End of file - 13329 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2008-10-21 1193984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live bejelentkezési segítség - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2008-10-21 1193984]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-09-25 90112]
"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe [2003-04-01 270336]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2006-05-06 6656]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [2007-07-12 132496]
"VC5Player"=C:\Program Files\HHVcdV5Sys\VC5Play.exe [2003-11-07 176128]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-30 2595616]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2007-10-30 140568]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"USIUDF_Eject_Monitor"=C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe [2004-12-23 81920]
"DiskeeperSystray"=C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe [2006-06-07 319488]
"PinnacleDriverCheck"=C:\WINDOWS\system32\\PSDrvCheck.exe [2004-03-10 406016]
"RTBatteryMeter"=C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe [2003-01-16 49152]
"TV Card Remote Control Device Monitor"=C:\WINDOWS\713xRMT.exe [2007-07-05 466944]
"ChrisTV Agent"=C:\Program Files\ChrisTV\ChrisTV_Agent.exe [2005-05-02 187392]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-10-30 909208]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2007-07-23 77824]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"APVXDWIN"=C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE [2008-12-30 364544]
"SCANINICIO"=C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe [2006-02-01 22528]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-04-03 165784]
"FAST Defrag"=C:\PROGRA~1\FDF\FAST2.EXE [2005-08-24 97792]
"AutoPowerOn"=C:\Program Files\PCZeitschaltuhr\AutoPowerOn.exe [2007-07-10 2916352]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-01-30 16116224]
"VC5Tray"=C:\Program Files\Virtual CD v5\System\VC5Tray.exe [2003-09-04 155648]
"FSScrCtl"=C:\WINDOWS\FSScrCtl.exe [2007-10-03 249344]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-06-02 1660952]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-12-22 1830128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcohol]
C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe []

C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\Documents and Settings\BENEDEK\Start Menu\Programs\Indítópult
MetaProducts Disk Watchman.lnk - C:\Program Files\Disk Watchman\DW.exe
radmin.lnk - C:\WINDOWS\system32\rserver30\rserver3.exe
Screen Saver Control.lnk - C:\WINDOWS\FSScrCtl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-12-17 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr]
C:\WINDOWS\system32\avldr.dll [2005-09-27 45056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RACServerLogon]
C:\WINDOWS\system32\RACServerLogon2.dll [2007-09-11 57344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Panzer Elite Action\Panzer Elite Action\pea.exe"="E:\Panzer Elite Action\Panzer Elite Action\pea.exe:*:Enabled:Panzer Elite Action"
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi"
"C:\Program Files\VoipCheapCom\VoipCheapCom.exe"="C:\Program Files\VoipCheapCom\VoipCheapCom.exe:*:Enabled:VoipCheapCom"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"F:\JÁTÉKOK 2\GRID\GRID.exe"="F:\JÁTÉKOK 2\GRID\GRID.exe:*:Enabled:GRID"
"C:\Documents and Settings\BENEDEK\Dokumentumok\LimeWire\LimeWire.exe"="C:\Documents and Settings\BENEDEK\Dokumentumok\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Documents and Settings\BENEDEK\Asztal\LimeWire\LimeWire.exe"="C:\Documents and Settings\BENEDEK\Asztal\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\PCNetSoftware\RAC Server\RACs.exe"="C:\Program Files\PCNetSoftware\RAC Server\RACs.exe:*:Enabled:Remote Administrator Control Server"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======File associations======

.js - open - C:\PROGRA~1\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
.vbs - open - C:\PROGRA~1\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-01-02 22:26:47 ----D---- C:\rsit
2009-01-02 21:55:40 ----A---- C:\WINDOWS\ntbtlog.txt
2009-01-02 21:31:36 ----A---- C:\WINDOWS\gmer.ini
2009-01-02 21:31:35 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2009-01-02 21:31:35 ----A---- C:\WINDOWS\gmer.exe
2009-01-02 21:31:35 ----A---- C:\WINDOWS\gmer.dll
2009-01-02 20:52:35 ----A---- C:\WINDOWS\zip.exe
2009-01-02 20:52:35 ----A---- C:\WINDOWS\VFIND.exe
2009-01-02 20:52:35 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-01-02 20:52:35 ----A---- C:\WINDOWS\SWSC.exe
2009-01-02 20:52:35 ----A---- C:\WINDOWS\SWREG.exe
2009-01-02 20:52:35 ----A---- C:\WINDOWS\sed.exe
2009-01-02 20:52:35 ----A---- C:\WINDOWS\NIRCMD.exe
2009-01-02 20:52:35 ----A---- C:\WINDOWS\grep.exe
2009-01-02 20:52:35 ----A---- C:\WINDOWS\fdsv.exe
2009-01-02 20:52:30 ----D---- C:\Qoobox
2009-01-02 20:52:30 ----D---- C:\Combo-Fix
2009-01-02 20:52:29 ----A---- C:\WINDOWS\system32\CF2912.exe
2009-01-02 19:22:55 ----A---- C:\WINDOWS\system32\CF18127.exe
2009-01-02 19:06:12 ----A---- C:\WINDOWS\system32\CF14852.exe
2009-01-02 16:03:36 ----A---- C:\WINDOWS\cnexoxd.txt
2009-01-02 15:27:00 ----A---- C:\WINDOWS\imsins.BAK
2009-01-02 13:42:47 ----D---- C:\Program Files\CCleaner
2009-01-02 12:42:40 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-01-02 12:42:32 ----D---- C:\Program Files\SUPERAntiSpyware
2009-01-02 12:42:32 ----D---- C:\Documents and Settings\BENEDEK\Application Data\SUPERAntiSpyware.com
2009-01-02 12:42:11 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-01-02 12:15:14 ----D---- C:\ERDNT
2009-01-02 12:15:13 ----D---- C:\WINDOWS\ERUNT
2009-01-02 12:15:13 ----D---- C:\WINDOWS\ERDNT
2009-01-02 12:15:04 ----D---- C:\!FixIEDef
2008-12-31 20:01:08 ----A---- C:\WINDOWS\winin.ini
2008-12-31 20:01:08 ----A---- C:\WINDOWS\system32\RACServerLogon2.dll
2008-12-31 20:01:04 ----A---- C:\WINDOWS\system32\RACServerLogon.dll
2008-12-31 20:01:03 ----D---- C:\Program Files\PCNetSoftware
2008-12-31 19:46:52 ----D---- C:\Documents and Settings\BENEDEK\Application Data\Locktime
2008-12-31 19:42:29 ----D---- C:\Documents and Settings\All Users\Application Data\Locktime
2008-12-31 19:42:24 ----D---- C:\Program Files\NetLimiter 2 Pro
2008-12-30 21:35:42 ----D---- C:\Downloads
2008-12-30 19:35:19 ----A---- C:\WINDOWS\system32\msxml3a.dll
2008-12-30 19:35:19 ----A---- C:\WINDOWS\system32\HHActiveX.dll
2008-12-30 19:35:08 ----AT---- C:\WINDOWS\system32\PAVSHOOK.DLL
2008-12-30 19:35:08 ----A---- C:\WINDOWS\system32\TpUtil.dll
2008-12-30 19:35:08 ----A---- C:\WINDOWS\system32\SYSTOOLS.DLL
2008-12-30 19:35:08 ----A---- C:\WINDOWS\system32\pavipc.dll
2008-12-30 19:35:00 ----D---- C:\WINDOWS\system32\PAV
2008-12-30 19:35:00 ----A---- C:\WINDOWS\system32\avldr.dll
2008-12-30 19:30:06 ----D---- C:\Program Files\Panda Software
2008-12-30 19:25:43 ----D---- C:\Program Files\Common Files\Panda Software
2008-12-30 17:25:05 ----D---- C:\Documents and Settings\BENEDEK\Application Data\Mozilla
2008-12-30 17:16:46 ----D---- C:\Program Files\Mozilla Firefox
2008-12-30 16:01:46 ----D---- C:\Documents and Settings\BENEDEK\Application Data\HPAppData
2008-12-30 04:58:47 ----D---- C:\Program Files\AxBx
2008-12-30 04:35:23 ----D---- C:\Documents and Settings\BENEDEK\Application Data\DAEMON Tools Pro
2008-12-30 04:35:07 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2008-12-30 04:35:02 ----A---- C:\WINDOWS\system32\BASSMOD.dll
2008-12-30 04:34:16 ----D---- C:\Program Files\DAEMON Tools Pro
2008-12-30 04:05:27 ----D---- C:\Program Files\CPU Speed Pro
2008-12-30 04:04:34 ----D---- C:\Documents and Settings\BENEDEK\Application Data\ImgBurn
2008-12-30 04:04:05 ----D---- C:\Program Files\ImgBurn
2008-12-30 01:45:42 ----D---- C:\Documents and Settings\BENEDEK\Application Data\HP
2008-12-30 01:42:20 ----D---- C:\Documents and Settings\All Users\Application Data\WEBREG
2008-12-30 01:36:54 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-12-30 01:36:37 ----RA---- C:\WINDOWS\system32\hpzids01.dll
2008-12-30 01:36:35 ----A---- C:\WINDOWS\system32\hpzll5mu.dll
2008-12-30 01:35:34 ----RA---- C:\WINDOWS\system32\hppldcoi.dll
2008-12-30 01:35:34 ----RA---- C:\WINDOWS\system32\hpovst15.dll
2008-12-30 01:35:34 ----RA---- C:\WINDOWS\system32\difxapi.dll
2008-12-30 01:35:33 ----RA---- C:\WINDOWS\system32\hpotscl6.dll
2008-12-30 01:21:35 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2008-12-30 01:21:35 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2008-12-30 01:21:06 ----D---- C:\Program Files\Hewlett-Packard
2008-12-30 01:20:59 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2008-12-30 01:20:25 ----D---- C:\Program Files\Common Files\HP
2008-12-30 01:17:10 ----D---- C:\Program Files\HP
2008-12-29 23:16:15 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-12-29 23:14:51 ----D---- C:\WINDOWS\Prefetch
2008-12-29 23:08:57 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-12-29 23:08:57 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-12-29 23:08:50 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-12-29 23:08:50 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-12-29 23:08:50 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-12-29 23:08:47 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-12-29 23:08:46 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-12-29 23:08:46 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-12-29 23:08:46 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-12-29 23:08:46 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-12-29 23:08:46 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-12-29 23:08:46 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-12-29 23:08:46 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-12-29 23:08:46 ----N---- C:\WINDOWS\system32\credssp.dll
2008-12-29 23:08:46 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-12-29 23:08:46 ----N---- C:\WINDOWS\system32\azroles.dll
2008-12-29 23:08:46 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-12-29 23:08:46 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-12-29 23:08:46 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-12-29 23:08:45 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-12-29 23:08:45 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-12-29 23:08:45 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-12-29 23:08:45 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-12-29 23:08:45 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-12-29 23:08:45 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-12-29 23:08:45 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-12-29 23:08:45 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-12-29 23:08:45 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-12-29 23:08:45 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-12-29 23:08:45 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-12-29 23:08:45 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-12-29 23:08:44 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-12-29 23:08:44 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-12-29 23:08:44 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-12-29 23:08:44 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-12-29 23:08:44 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-12-29 23:08:44 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-12-29 23:08:44 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-12-29 23:08:44 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-12-29 23:08:44 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-12-29 23:08:44 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-12-29 23:08:44 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-12-29 23:08:43 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-12-29 23:08:43 ----N---- C:\WINDOWS\system32\onex.dll
2008-12-29 23:08:43 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-12-29 23:08:43 ----N---- C:\WINDOWS\system32\napstat.exe
2008-12-29 23:08:43 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-12-29 23:08:43 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-12-29 23:08:43 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-12-29 23:08:43 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-12-29 23:08:43 ----N---- C:\WINDOWS\system32\mssha.dll
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\slserv.exe
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\slgen.dll
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\setupn.exe
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\qutil.dll
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-12-29 23:08:42 ----N---- C:\WINDOWS\system32\qagent.dll
2008-12-29 23:08:41 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-12-29 23:08:41 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-12-29 23:08:41 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-12-29 23:08:41 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-12-29 23:08:39 ----N---- C:\WINDOWS\slrundll.exe
2008-12-29 23:08:38 ----D---- C:\WINDOWS\system32\hu
2008-12-29 23:08:38 ----D---- C:\WINDOWS\system32\bits
2008-12-29 23:08:38 ----D---- C:\WINDOWS\l2schemas
2008-12-29 23:05:13 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-29 23:03:01 ----D---- C:\WINDOWS\network diagnostic
2008-12-29 23:01:31 ----A---- C:\WINDOWS\002771_.tmp
2008-12-29 23:01:28 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-29 22:59:11 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-25 04:47:33 ----A---- C:\WINDOWS\system32\SetACL_GPL.txt
2008-12-23 13:57:35 ----D---- C:\Program Files\Microsoft
2008-12-23 13:56:37 ----D---- C:\Program Files\Windows Live SkyDrive
2008-12-23 13:49:52 ----D---- C:\Program Files\Common Files\Windows Live
2008-12-10 19:08:47 ----AT---- C:\WINDOWS\system32\SIntfNT.dll
2008-12-10 19:08:47 ----AT---- C:\WINDOWS\system32\SIntf32.dll
2008-12-10 19:08:47 ----AT---- C:\WINDOWS\system32\SIntf16.dll
2008-12-10 19:06:08 ----D---- C:\Program Files\AT&T WorldNet Setup
2008-12-10 19:00:23 ----D---- C:\Sierra
2008-12-10 19:00:23 ----A---- C:\WINDOWS\SIERRA.INI

======List of files/folders modified in the last 1 months======

2009-01-02 22:25:39 ----D---- C:\WINDOWS\system32\drivers
2009-01-02 22:24:43 ----A---- C:\WINDOWS\wincmd.ini
2009-01-02 22:09:52 ----D---- C:\WINDOWS
2009-01-02 22:09:37 ----D---- C:\WINDOWS\system32
2009-01-02 22:09:35 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-02 22:08:34 ----D---- C:\WINDOWS\Temp
2009-01-02 22:08:27 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-02 22:08:08 ----D---- C:\WINDOWS\system32\ias
2009-01-02 21:57:54 ----D---- C:\Documents and Settings
2009-01-02 20:53:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-02 20:52:35 ----SHD---- C:\System Volume Information
2009-01-02 20:52:35 ----D---- C:\WINDOWS\system32\Restore
2009-01-02 19:07:24 ----A---- C:\WINDOWS\system.ini
2009-01-02 19:06:55 ----D---- C:\WINDOWS\AppPatch
2009-01-02 19:06:55 ----D---- C:\Program Files\Common Files
2009-01-02 18:25:06 ----D---- C:\WINDOWS\system32\config
2009-01-02 16:18:18 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-02 15:27:01 ----HD---- C:\WINDOWS\inf
2009-01-02 14:31:35 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-02 14:08:18 ----D---- C:\WINDOWS\Minidump
2009-01-02 14:08:18 ----D---- C:\WINDOWS\Debug
2009-01-02 13:42:47 ----RD---- C:\Program Files
2009-01-02 12:42:36 ----SHD---- C:\WINDOWS\Installer
2009-01-02 12:42:36 ----HD---- C:\Config.Msi
2009-01-01 13:32:47 ----D---- C:\Program Files\Windows Media Player
2009-01-01 13:32:39 ----D---- C:\Program Files\Unlocker
2009-01-01 13:32:37 ----D---- C:\Program Files\WinRAR
2009-01-01 13:32:37 ----D---- C:\Program Files\PowerISO
2009-01-01 13:32:37 ----D---- C:\Program Files\ABBYY PDF Transformer 2.0
2009-01-01 13:32:26 ----D---- C:\WINDOWS\system32\wbem
2009-01-01 13:32:11 ----D---- C:\Program Files\HHVcdV5Sys
2009-01-01 13:32:09 ----D---- C:\Program Files\VibrateGameDeviceDriver
2009-01-01 13:32:09 ----D---- C:\Program Files\QuickTime
2009-01-01 13:32:03 ----D---- C:\Program Files\ChrisTV
2009-01-01 13:32:02 ----D---- C:\Program Files\PCZeitschaltuhr
2009-01-01 13:32:02 ----D---- C:\Program Files\FDF
2009-01-01 13:32:02 ----D---- C:\Program Files\DAEMON Tools
2009-01-01 13:32:01 ----D---- C:\Program Files\Messenger
2009-01-01 13:31:58 ----D---- C:\Program Files\Disk Watchman
2008-12-31 15:44:24 ----D---- C:\wincmd
2008-12-31 15:44:24 ----D---- C:\Program Files\Opera
2008-12-31 13:49:48 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-30 17:09:20 ----D---- C:\movies
2008-12-30 15:59:40 ----D---- C:\Program Files\VoipCheapCom
2008-12-30 15:32:07 ----RSD---- C:\WINDOWS\assembly
2008-12-30 12:31:16 ----D---- C:\WINDOWS\WinSxS
2008-12-30 12:31:12 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-30 12:31:12 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-30 12:15:25 ----D---- C:\WINDOWS\Registration
2008-12-30 01:37:45 ----A---- C:\WINDOWS\win.ini
2008-12-30 01:35:38 ----D---- C:\WINDOWS\twain_32
2008-12-30 01:19:30 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-29 23:58:31 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-29 23:14:20 ----D---- C:\WINDOWS\system32\Setup
2008-12-29 23:14:19 ----RSD---- C:\WINDOWS\Fonts
2008-12-29 23:13:33 ----D---- C:\WINDOWS\security
2008-12-29 23:11:04 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-29 23:08:56 ----D---- C:\WINDOWS\Help
2008-12-29 23:08:51 ----D---- C:\WINDOWS\ehome
2008-12-29 23:08:50 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-29 23:08:50 ----D---- C:\WINDOWS\ime
2008-12-29 23:08:39 ----D---- C:\WINDOWS\system32\usmt
2008-12-29 23:08:39 ----D---- C:\WINDOWS\system32\hu-hu
2008-12-29 23:08:38 ----D---- C:\WINDOWS\PeerNet
2008-12-29 23:08:37 ----D---- C:\Program Files\Movie Maker
2008-12-29 23:05:01 ----D---- C:\WINDOWS\system32\npp
2008-12-29 23:05:00 ----D---- C:\WINDOWS\msagent
2008-12-29 23:04:58 ----D---- C:\WINDOWS\srchasst
2008-12-29 23:04:57 ----D---- C:\Program Files\NetMeeting
2008-12-29 23:04:56 ----D---- C:\WINDOWS\system32\Com
2008-12-29 23:04:52 ----D---- C:\Program Files\Windows NT
2008-12-29 23:04:52 ----D---- C:\Program Files\Outlook Express
2008-12-29 23:04:48 ----D---- C:\Program Files\Common Files\System
2008-12-29 23:04:30 ----D---- C:\WINDOWS\system32\oobe
2008-12-29 23:04:29 ----D---- C:\WINDOWS\system
2008-12-26 13:53:01 ----D---- C:\Documents and Settings\BENEDEK\Application Data\Adobe
2008-12-23 13:59:09 ----D---- C:\Program Files\MSN Messenger
2008-12-23 13:57:26 ----D---- C:\Program Files\Windows Live
2008-12-22 13:47:25 ----A---- C:\WINDOWS\cncscore.ini
2008-12-19 19:07:17 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-08 18:18:07 ----A---- C:\WINDOWS\GIB30_32.INI
2008-12-04 15:54:12 ----A---- C:\WINDOWS\wininit.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 APPFLT;App Filter Plugin; \??\C:\WINDOWS\system32\Drivers\APPFLT.SYS []
R1 DSAFLT;DSA Filter Plugin; \??\C:\WINDOWS\system32\Drivers\DSAFLT.SYS []
R1 FNETMON;NetMon Filter Plugin; \??\C:\WINDOWS\system32\Drivers\fnetmon.SYS []
R1 IDSFLT;Ids Filter Plugin; \??\C:\WINDOWS\system32\Drivers\IDSFLT.SYS []
R1 NETFLTDI;Panda Net Driver [TDI Layer]; \??\C:\WINDOWS\system32\Drivers\NETFLTDI.SYS []
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-04-09 31548]
R1 ShldDrv;Panda File Shield Driver; C:\WINDOWS\system32\drivers\ShldDrv.sys [2005-08-29 26752]
R1 SMSFLT;SMS Filter Plugin; \??\C:\WINDOWS\system32\Drivers\SMSFLT.SYS []
R1 USIUDF;USIUDF; C:\WINDOWS\System32\Drivers\USIUDF.sys [2004-07-07 292896]
R1 WNMFLT;Wifi Monitor Filter Plugin; \??\C:\WINDOWS\system32\Drivers\WNMFLT.SYS []
R1 WS2IFSL;Windows Socket 2.0 - nem IFS-t szolgáltató támogatási környezet; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-26 12032]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2002-07-17 16877]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-10-03 165376]
R2 cpoint;Panda CPoint Driver; C:\WINDOWS\system32\Drivers\cpoint.sys [2005-08-12 16640]
R2 DbgMsg;Debug Message; \??\C:\WINDOWS\System32\Drivers\DbgMsg.sys []
R2 irda;IrDA protokoll; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-10-03 18048]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS-kompatibilis átviteli protokoll; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-26 63232]
R2 NwlnkSpx;NWLink SPX/SPXII protokoll; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-26 55936]
R2 PAVDRV;pavdrv; C:\WINDOWS\system32\DRIVERS\pavdrv51.sys [2006-02-22 71552]
R2 PavProc;Panda Process Protection Driver; \??\C:\WINDOWS\system32\DRIVERS\PavProc.sys []
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2008-08-19 44384]
R3 3xHybrid;SAA713x TV Card Service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2007-08-15 906368]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Arp1394;1394 ARP ügyfélprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\System32\Drivers\ASAPIW2K.sys [2005-02-23 11264]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-12-17 1918464]
R3 AvFlt;Antivirus Filter Driver; C:\WINDOWS\system32\drivers\av5flt.sys []
R3 DynCal;Dynamic Calibration Service; C:\WINDOWS\system32\drivers\Dyncal.sys [2003-11-14 8192]
R3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2009-01-02 85969]
R3 HDAudBus;Microsoft UAA busz-illesztőprogram - High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID osztályú illesztőprogram; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-01-30 4474368]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-06-02 171008]
R3 NIC1394;1394 hálózati illesztőprogram; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
R3 PavSRK.sys;PavSRK.sys; \??\C:\WINDOWS\system32\PavSRK.sys []
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-10-03 47360]
R3 Rasirda;WAN miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 rtl8139;Realtek RTL8139(A/B/C) alapú PCI gyors Ethernet-adapter NT illesztőprogramja; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 usbccgp;Microsoft USB általános szülő-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 bővített állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2-engedélyezett hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB nyílt állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Microsoft USB PRINTER osztály; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB-képolvasó illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;USB háttértár illesztőprogramja; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB univerzális állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]
R4 RACDriver;RAC driver; \??\C:\Program Files\PCNetSoftware\RAC Server\RACDriver.sys []
S1 AmdK8;AMD processzor-illesztőprogram; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
S2 713xTVCard;SAA7134 TV Card; C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2007-02-01 279552]
S2 WDMTVTuner;Universal WDM TV Tuner; C:\WINDOWS\system32\drivers\WDMTuner.sys [2007-02-01 25984]
S3 a0xrzuha;a0xrzuha; C:\WINDOWS\system32\drivers\a0xrzuha.sys []
S3 avhwhlaf;avhwhlaf; C:\WINDOWS\system32\drivers\avhwhlaf.sys []
S3 CCDECODE;Feliratdekódoló; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 mbr;mbr; \??\C:\DOCUME~1\BENEDEK\LOCALS~1\Temp\mbr.sys []
S3 mirrorv3;mirrorv3; C:\WINDOWS\system32\DRIVERS\rminiv3.sys [2006-11-01 3328]
S3 MosIrUsb;MosIrUsb.sys; C:\WINDOWS\system32\DRIVERS\MosIrUsb.sys [2004-04-14 20736]
S3 MPE;BDA MPE szűrő; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink - Sink átalakító; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI kodek; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/videokapcsolat; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Hálózatfigyelő illesztőprogramja; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 PavTPK.sys;PavTPK.sys; \??\C:\WINDOWS\system32\PavTPK.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2002-10-24 6912]
S3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2003-05-24 11392]
S3 WSTCODEC;World Standard Teletext kodek; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2007-10-30 427288]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-12-17 434176]
R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2006-06-07 942080]
R2 hpqddsvc;HP CUE DeviceDiscovery szolgáltatás; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Irmon;Infravörös figyelő; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096]
R2 NwSapAgent;SAP-ügynök; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 PAVFNSVR;Panda Function Service; C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe [2006-07-21 159744]
R2 PavPrSrv;Panda Process Protection Service; C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe [2005-07-25 32768]
R2 PAVSRV;Panda anti-virus service; C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe [2006-08-08 151552]
R2 PCNetSoftware RAC Server;PCNetSoftware RAC Server; C:\Program Files\PCNetSoftware\RAC Server\RACs.exe [2008-12-31 3186688]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 pmshellsrv;Panda Antispam Engine; C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe [2006-03-31 411096]
R2 PNMSRV;Panda Network Manager; c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE [2006-08-02 811008]
R2 PSIMSVC;Panda IManager Service; C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe [2006-07-04 102400]
R2 TPSrv;Panda TPSrv; C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe [2006-10-09 348160]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-30 492720]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-03-13 49152]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 VC5SecS;Virtual CD v5 Security service; C:\Program Files\HHVcdV5Sys\VC5SecS.exe [2003-11-07 147456]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-12-20 520192]
S2 RServer3;Radmin Server V3; C:\WINDOWS\system32\rserver30\RServer3.exe /service []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-08 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe []

-----------------EOF-----------------

ok,akor hogy megne ijeszuk csak ovatosan nebabrald,mindjart adom az utasitast,

elkaptam a piros sort normál windows -nál, gamer alpindulásnál ROOTKIT:

Service..c/windows/system32/drivers/vber5mp.sys(hidden)....[SYSTEM]vber5mb

kapcsold be a rejtet fajlok megjeleniteset es
futasd le az RSIT programot keri a Hijackot beleegyezel
http://images.malwareremoval.com/random/RSIT.exe
clik-continue-ha bevegzi ad logot ,ha nem akor it lesz
C:\rsit\log.txt

közben míg írogattam a vizsgált rendszer újraindult és már a normál xp jött be magától

csökkentett módban a rövid(gondolom ez az):

GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2009-01-02 22:01:55
Windows 5.1.2600 Szervizcsomag 3


---- System - GMER 1.0.14 ----

SSDT sptd.sys ZwEnumerateKey [0xF7382FB2]
SSDT sptd.sys ZwEnumerateValueKey [0xF7383340]

---- Devices - GMER 1.0.14 ----

Device \FileSystem\Ntfs \Ntfs 86F5F1E8
Device \FileSystem\Fastfat \Fat 864A3638

---- EOF - GMER 1.0.14 ----


fut a teljes vizsgálat is .....közben ez a rendszer is be akar halni..svchost .exe ..a memórián nem tud írni.......ha baj van jö csőstül

Tehat csokentet mod es klik scan rogton van rovid log KLIK-SAVE-es Aztan pipazol be mindent es ujbol scan-a vegen SAVE a pirosaj kiirt fajlot pontosan leirni ha maskep nemmegy.

csinálnék én rövidet ,de az előbb apból elindult az egész ellenőrzése ki volt alapból minden pipálva

nememlékszem , sajnos azt reméltem , hogy benne lesz a jelentésben

na mar ithon vagyunk.
na nememlekszel hogy ez a Rootkit nemvolt e TDDSS vagy hasonlo??
tehat eridj csokentet modban es mikor megcsinalja a rovid logot akor rogton ted ide a SAVE gombal lemented aztan bepipalsz mindenyt

Nos az történt hogy a gmer az asztalra ,elindítottam(rögtön alapbeállításban minden ki van pipálva) 20 sor után pirossal kiemelve valami ,és angolul valami rotkit üzenet és megkérdezte ,akarom e az egész rendszert ellenőrizni....akarom...nagyon hosszú lista íródik ...majd mikor egy helyhez ér a rendszer lefagyott a hely:Device/Filesystem/Cdfs/cdfs...számsor...................jelenleg a rendszer le van fagyva ..valószinüleg a főkapcsoló segít csak

nem ez normalis ha van ot rootkit akor ijen kinlodas meg meg nem kezdjuk oket olni mert blokol mindent,ha nem indul a combofix
lezarod es futatod a G-MER progit.

http://www.gmer.net/gmer.zip
csomagold ki es klik scan-aztan save rovid logot ted ide,Most a job oldalon mindent bepipazni es klik scan aztan ezt a logot is ted ide

nemúgy látom mintha dolgozna a gép, a kurzoor csak villog meg a kezdő két szövegsor........................hogy bírod a szerencsétlenkedésem?

természetesen előtte mindent kilőttem amit kitudtam , még a deamon toolst is

ez igy rendben van minden varjad a logot.

hibát írt ki, átírtam, índítom....úgysem indul, megmutattam a startnak az asztalon a filét így elindult...sípolás ...dischamler figyelmeztetés és sípolás...yes -re klikkeltem....2 percig csak a dos ablak kurzor sehol...2 perc múlva megjelent a kurzor és villog....kb 3 perce ez van

ha hibat ir ki akor igen,adig nem...igen inditsd

amit innen letöltöttem az combo-fix..átirjam kötőjelesre az indító parancsot? indíthatom?

ok,tolds le az ujat kapcsolj ki mindent a talcan a pandat pajzat is es futasd ugy ahogy leirtam.

az eltávolítás közben a Panda riasztást adott veszélyes tevékenységről , de megvol az uninstall ,a combo mappáját a C-n kézzel töröltem(3 file maradt benne)

ok,
start-futatas-masold be- combofix /u ok
a combofix letelepitodik a geprol.
kikapcsolni mindent a talcan-netlimitert...minden programot
letoltod ezt a combofixet
http://www.techsupportforum.com/sectools/sUBs/ComboFix

az asztalra teszed-start futatas es ujbol beadod ezt a parancsot
combofix /f3m es varod a logot.

közben a Panda a kommunikációs modul újratelepítését kéri,nem nyomtam semmit ,eltünt az ablak

restart megvolt , a combo nem indult újra....a panda a Sas a Netlimiter a tálcán(nem mondtad ,hogy lőjjem ki) az mbr az asztalra és itt a lojga:


Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

ok klik start es restartolni a gepet-varni hogy mi tortenik,ha bejon a combofix ablaka irjal,ha nem fojtatod igy= letoltod ezt a programot az asztalra teszed es futatod-rogton ad logot az asztalon lesz ide tani.

http://www2.gmer.net/mbr/mbr.exe

nem történt semmi továbbra is villog ugyanott a kurzor

varni nembabralni...varni ha vilog akor jo.varjal vagy 10-15 percet ha nemtortenik semmi irni.

megcsináltam a dosos ablakban magyarul ez van írva :a folyamat nem fér hozzá a fájlhoz , mert azt egy másik folyamat használja.....a kurzor villog a dos ablakban

Figyelmeztetes na csinalj ne experimentaljal mert meghalhat a rendszer csak azt csinald amit en irok,ok.
Most pontosan megcsinalod eztet

start-futatas-masold be ezt a parancsot es nyomd be az entert-aztan varni a logot ok
combofix /f3m

Jó rendbe nem futtatom össze vissza, leállítottam minden folyamatot,amit csak letudtam...hogyan tovább ..combfix program az asztalon

nem tudom , nem tudta befejezni a vizsgálatot (nem fér valamilyen filéhez) látom a log-nak hiányzika vége.....újraindítom a combfixet , de állandóan ezt írja ..mindent leállítottam , de tudom ,hogy a panda bizonyos moduljai futnak a feladatkezelőben

eztet direkt csinaltad vagy ez hiba??

Igen ,a kábel bedugva , de kapcsolat nincs létesítve...megtaláltam a Combofix mappát..nem gondoltam ,hogy 30 file között keressem:


ComboFix 08-12-31.01 - BENEDEK 2009-01-02 18:33:01.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.1.1038.18.1023.346 [GMT 1:00]
Running from: C:\Documents and Settings\BENEDEK\Asztal\ComboFix.exe
AV: Platinum 2007 *On-access scanning disabled* (Outdated)
FW: Platinum 2007 Personal Firewall *disabled*

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
/wow section - STAGE 32A


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\BENEDEK\Application Data\inst.exe
C:\WINDOWS\system32\AutoRun.inf
C:\WINDOWS\system32\hpowiax7.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Legacy_R_SERVER
-------\Service_r_server


((((((((((((((((((((((((( Files Created from 2008-12-02 to 2009-01-02 )))))))))))))))))))))))))))))))
.

2009-01-02 15:27 . 2009-01-02 15:27 1,355 --a------ C:\WINDOWS\imsins.BAK
2009-01-02 15:26 . 2008-04-13 12:17 456,576 --a------ C:\WINDOWS\system32\drivers\mrxsmb.sys
2009-01-02 13:42 . 2009-01-02 13:42 <DIR> d-------- C:\Program Files\CCleaner
2009-01-02 12:42 . 2009-01-02 12:42 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2009-01-02 12:42 . 2009-01-02 12:42 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2009-01-02 12:42 . 2009-01-02 12:42 <DIR> d-------- C:\Documents and Settings\BENEDEK\Application Data\SUPERAntiSpyware.com
2009-01-02 12:42 . 2009-01-02 12:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-01-02 12:15 . 2009-01-02 12:15 <DIR> d-------- C:\WINDOWS\ERUNT
2009-01-02 12:15 . 2009-01-02 12:15 <DIR> d-------- C:\ERDNT
2009-01-02 12:15 . 2009-01-02 12:15 <DIR> d-------- C:\!FixIEDef
2008-12-31 20:01 . 2008-12-31 20:01 <DIR> d-------- C:\Program Files\PCNetSoftware
2008-12-31 20:01 . 2007-09-11 10:03 57,344 --a------ C:\WINDOWS\system32\RACServerLogon2.dll
2008-12-31 20:01 . 2007-09-11 10:03 57,344 --a------ C:\WINDOWS\system32\RACServerLogon.dll
2008-12-31 20:01 . 1899-01-04 00:00 93 --a------ C:\WINDOWS\winin.ini
2008-12-31 19:46 . 2008-12-31 19:46 <DIR> d-------- C:\Documents and Settings\BENEDEK\Application Data\Locktime
2008-12-31 19:42 . 2009-01-01 13:32 <DIR> d-------- C:\Program Files\NetLimiter 2 Pro
2008-12-31 19:42 . 2008-12-31 19:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Locktime
2008-12-30 21:35 . 2009-01-02 11:36 <DIR> d-------- C:\Downloads
2008-12-30 19:41 . 2006-02-22 10:43 71,552 --a------ C:\WINDOWS\system32\drivers\pavdrv51.sys
2008-12-30 19:30 . 2008-12-30 19:30 <DIR> d-------- C:\Program Files\Panda Software
2008-12-30 19:25 . 2008-12-30 19:25 <DIR> d-------- C:\Program Files\Common Files\Panda Software
2008-12-30 19:25 . 2006-04-25 17:02 165,120 --a------ C:\WINDOWS\system32\drivers\PavProc.sys
2008-12-30 19:25 . 2005-08-29 14:23 26,752 --a------ C:\WINDOWS\system32\drivers\ShldDrv.sys
2008-12-30 17:26 . 2008-12-30 17:26 0 --a------ C:\WINDOWS\nsreg.dat
2008-12-30 16:01 . 2009-01-02 18:27 <DIR> d-------- C:\Documents and Settings\BENEDEK\Application Data\HPAppData
2008-12-30 04:58 . 2008-12-30 04:58 <DIR> d-------- C:\Program Files\AxBx
2008-12-30 04:35 . 2008-12-30 04:35 <DIR> d-------- C:\Documents and Settings\BENEDEK\Application Data\DAEMON Tools Pro
2008-12-30 04:35 . 2008-12-30 04:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2008-12-30 04:34 . 2009-01-01 13:32 <DIR> d-------- C:\Program Files\DAEMON Tools Pro
2008-12-30 04:05 . 2008-12-30 04:05 <DIR> d-------- C:\Program Files\CPU Speed Pro
2008-12-30 04:04 . 2008-12-30 04:04 <DIR> d-------- C:\Program Files\ImgBurn
2008-12-30 04:04 . 2009-01-01 11:59 <DIR> d-------- C:\Documents and Settings\BENEDEK\Application Data\ImgBurn
2008-12-30 01:45 . 2008-12-30 01:45 <DIR> d-------- C:\Documents and Settings\BENEDEK\Application Data\HP
2008-12-30 01:42 . 2008-12-30 01:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WEBREG
2008-12-30 01:37 . 2007-10-30 10:25 49,920 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2008-12-30 01:37 . 2007-10-30 10:25 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-12-30 01:36 . 2008-12-30 01:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-12-30 01:36 . 2007-11-08 15:52 271,704 -ra------ C:\WINDOWS\system32\hpzids01.dll
2008-12-30 01:36 . 2007-10-20 18:25 117,760 --a------ C:\WINDOWS\system32\hpzll5mu.dll
2008-12-30 01:36 . 2007-10-30 10:25 21,568 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2008-12-30 01:35 . 2007-10-30 10:11 581,632 -ra------ C:\WINDOWS\system32\hpotscl6.dll
2008-12-30 01:35 . 2007-10-30 10:25 372,736 -ra------ C:\WINDOWS\system32\hppldcoi.dll
2008-12-30 01:35 . 2007-10-30 10:25 309,760 -ra------ C:\WINDOWS\system32\difxapi.dll
2008-12-30 01:35 . 2007-10-30 10:11 303,104 -ra------ C:\WINDOWS\system32\hpovst15.dll
2008-12-30 01:35 . 2008-04-13 11:45 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-12-30 01:35 . 2008-04-13 11:45 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-12-30 01:21 . 2008-12-30 01:21 <DIR> d-------- C:\Program Files\Hewlett-Packard
2008-12-30 01:21 . 2008-12-30 01:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2008-12-30 01:21 . 2008-12-30 01:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-12-30 01:20 . 2008-12-30 01:20 <DIR> d-------- C:\Program Files\Common Files\HP
2008-12-30 01:20 . 2008-12-30 01:20 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-12-30 01:17 . 2008-12-30 01:21 <DIR> d-------- C:\Program Files\HP
2008-12-30 01:15 . 2008-12-30 01:38 177,556 --a------ C:\WINDOWS\hpoins27.dat
2008-12-30 01:15 . 2008-01-18 16:56 932 --------- C:\WINDOWS\hpomdl27.dat
2008-12-29 23:16 . 2008-04-14 09:02 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-12-29 23:05 . 2008-12-29 23:05 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-12-29 23:04 . 2008-04-14 09:02 294,912 -----c--- C:\WINDOWS\system32\dllcache\dlimport.exe
2008-12-29 23:02 . 2008-04-13 09:34 1,897,408 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys
2008-12-29 23:01 . 2006-12-28 12:01 19,569 --a------ C:\WINDOWS\002771_.tmp
2008-12-25 04:47 . 2008-05-08 02:03 453,632 --a------ C:\WINDOWS\system32\SetACL.ocx
2008-12-23 14:02 . 2009-01-02 18:24 <DIR> d-------- C:\Documents and Settings\BENEDEK\Tracing
2008-12-23 13:57 . 2008-12-23 13:57 <DIR> d-------- C:\Program Files\Microsoft
2008-12-23 13:56 . 2008-12-23 13:56 <DIR> d-------- C:\Program Files\Windows Live SkyDrive
2008-12-23 13:49 . 2008-12-23 13:49 <DIR> d-------- C:\Program Files\Common Files\Windows Live
2008-12-10 19:08 . 2008-12-19 12:58 21,840 --a----t- C:\WINDOWS\system32\SIntfNT.dll
2008-12-10 19:08 . 2008-12-19 12:58 17,212 --a----t- C:\WINDOWS\system32\SIntf32.dll
2008-12-10 19:08 . 2008-12-19 12:58 12,067 --a----t- C:\WINDOWS\system32\SIntf16.dll
2008-12-10 19:06 . 2008-12-10 19:06 <DIR> d-------- C:\Program Files\AT&T WorldNet Setup
2008-12-10 19:00 . 2008-12-10 19:00 <DIR> d-------- C:\Sierra
2008-12-10 19:00 . 2008-12-10 19:00 218 --a------ C:\WINDOWS\SIERRA.INI
2008-12-09 20:46 . 2008-12-09 20:46 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-12-09 20:46 . 2008-12-09 20:46 1,409 --a------ C:\WINDOWS\QTFont.for
2008-12-02 22:37 . 2008-12-02 22:37 49,480 --a------ C:\WINDOWS\system32\sirenacm.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-02 17:30 178,336 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT
2009-01-02 17:30 1,132 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG
2009-01-02 13:31 --------- d--h--w C:\Program Files\InstallShield Installation Information
2009-01-01 12:32 --------- d-----w C:\Program Files\VibrateGameDeviceDriver
2009-01-01 12:32 --------- d-----w C:\Program Files\Unlocker
2009-01-01 12:32 --------- d-----w C:\Program Files\QuickTime
2009-01-01 12:32 --------- d-----w C:\Program Files\PowerISO
2009-01-01 12:32 --------- d-----w C:\Program Files\PCZeitschaltuhr
2009-01-01 12:32 --------- d-----w C:\Program Files\HHVcdV5Sys
2009-01-01 12:32 --------- d-----w C:\Program Files\FDF
2009-01-01 12:32 --------- d-----w C:\Program Files\DAEMON Tools
2009-01-01 12:32 --------- d-----w C:\Program Files\ChrisTV
2009-01-01 12:32 --------- d-----w C:\Program Files\ABBYY PDF Transformer 2.0
2009-01-01 12:31 --------- d-----w C:\Program Files\Disk Watchman
2008-12-31 14:44 --------- d-----w C:\Program Files\Opera
2008-12-30 19:00 245,760 ----atw C:\WINDOWS\system32\PAVSHOOK.DLL
2008-12-30 19:00 141,312 ----atw C:\WINDOWS\system32\drivers\netflt.sys
2008-12-30 14:59 --------- d-----w C:\Program Files\VoipCheapCom
2008-12-30 03:16 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-12-29 22:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-23 12:59 --------- d-----w C:\Program Files\MSN Messenger
2008-12-23 12:57 --------- d-----w C:\Program Files\Windows Live
2008-12-04 11:13 17,962 ----a-w C:\WINDOWS\system32\drivers\GVTDrv.sys
2008-11-28 17:38 --------- d-----w C:\Program Files\Aba Daba
2008-11-22 20:34 --------- d-----w C:\Program Files\EA Games
2008-11-20 20:15 --------- d-----w C:\Program Files\URUSoft
2008-11-08 18:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-11-08 18:32 --------- d-----w C:\Program Files\Common Files\Adobe
2008-11-08 18:20 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2008-11-07 17:13 --------- d-----w C:\Program Files\AliveColors
2008-11-07 15:46 --------- d-----w C:\Program Files\VideoReDoPlus
2008-11-07 15:34 --------- d-----w C:\Program Files\DVD Clone Factory
2008-11-05 17:54 --------- d-----w C:\Documents and Settings\BENEDEK\Application Data\LimeWire
2008-10-30 20:00 90,112 ----a-w C:\WINDOWS\system32\admdll.dll
2008-10-30 20:00 29,408 ----a-w C:\WINDOWS\system32\raddrv.dll
2008-10-30 08:09 159,697 ----a-w C:\WINDOWS\EASEUS Partition Manager Personal v1.6.4 Uninstaller.exe
2008-10-23 18:07 444,952 ----a-w C:\WINDOWS\system32\wrap_oal.dll
2008-10-23 18:07 109,080 ----a-w C:\WINDOWS\system32\OpenAL32.dll
2008-08-25 09:04 13 ----a-w C:\Documents and Settings\All Users\Application Data\userlib.dll
2008-08-25 09:04 13 ----a-w C:\Documents and Settings\All Users\Application Data\ntcache.dat
2007-10-03 08:47 47,360 ----a-w C:\Documents and Settings\BENEDEK\Application Data\pcouffin.sys
.

EZ AZ ??

a gep ravan kapcsolva az internetre?? es nezd meg a ha itt nincsen e a log c:\combofix.txt

csak aztat csinald amit irok,mast nem a combofixet nefutasd osze visza ha valami problem rogton irni,ok

Kikapcsoltam a Pandát a SAS-t, elindítottam a combfix-et ,végigfutott ,restart..várakozás ....semmi logfile az asztalon,...mégegyszer elindítottam ..a folyamat közepén (dos ablak) azt írja ki ,hogy nem fér hozzá egy filéhez..Find3M..hogyan tovább?

De jó ,hogy itt vagy , már csinálom is ,ingázok akét gép között egy pendrive-val

jó estét, vannak problémáim , 3gép van ithon ,hálózatba kötve,adsl modem és 2 swicter, az 1 gép furcsa dolgokat produkált , (nehéz indulás,bios sípolások,elindulás után gen.host.proc. hibák,lefagyások )2napig takarítottam spybot serch,panda,le ...takarítás robotkeresőkkel..panda vissza...stb.Úgy nézett ki hogy minden rendben van...csakhogy egyszer csak a Panda tűzfala nem kért engedéjeket a ki be járkáláskor ......feltelepítettem a Netlimiter annak is van tűzfal funkciója és az is állandóan kérdez ,hogy mit engedek(nagyon egszerűen át lehet tekinteni az adatforgalmat ezzel a programmal)...aztán az sem kérdezősködött tovább ....csodálkozva láttam (a böngészők rendesen működtek)hogy az mns-en kívül minden a pandaproxin keresztül jön-megy ...aztán, takarítás a cclenerrel és a SAS-al..ezután mindenféle hiba(tálcaikonok fele eltünik , generic.host hibák megint).És nehézkes indulás.(most nincs bios sípolás) mit csináljak?

igen a fejem a progi

ok thx !!de te amugy honnan zudod hogy van e valami baj? a logbol hogy veszed ki??? valami progival?