Megválaszolatlan hozzászólások | Aktív témák Pontos idő: kedd nov. 19, 2024 5:06



Hozzászólás a témához  [ 1736 hozzászólás ]  Oldal Előző  1 ... 14, 15, 16, 17, 18, 19, 20 ... 35  Következő
Vírus vagy mi lehet??? 
Szerző Üzenet
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
frisids fel a javat
http://mesh.dl.sourceforge.net/sourcefo ... JavaRa.zip
Klik gomb Remove Older-eltavolitodik a regi java,,,aztan tolds le es telepitsd az ujet
Environment (JRE) 6 Update 14 - http://java.sun.com/javase/downloads/index.jsp

Tolds le az OTMOVEIT programot-futatod a balablakbe ted be a textet
http://oldtimer.geekstogo.com/OTM.exe
Kód:
:processes
explorer.exe

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s


:commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

klik MOVEIT a restart utan amit ad ted ide


csüt. aug. 06, 2009 12:53
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: kedd feb. 17, 2009 8:23
Hozzászólások: 90
Hozzászólás 
Logfile of random's system information tool 1.06 (written by random/random)
Run by ------ at 2009-08-06 12:33:47
Microsoft Windows XP Professional Szervizcsomag 3
System drive C: has 28 GB (18%) free of 153 GB
Total RAM: 2047 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:34:20, on 2009.08.06.
Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\1by1\1by1.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\TCMpowerpack\TCMPower\TOTALCMD.EXE
C:\Program Files\Lindab\CADvent\Translation\U2000.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Lindab\CADvent\Bin\CADvent.exe
C:\Program Files\AutoCAD 2007\acad.exe
C:\Program Files\Common Files\Autodesk Shared\WSCommCntr1.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
c:\Munka\Downloads\RSIT.exe
C:\Program Files\trend micro\------.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportálás a Microsoft Excel programba - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Küldés a OneNote programba - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Kül&dés a OneNote programba - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://map2.index.hu/MGViewer/ActiveX/mgaxctrl.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/hu/big/1 ... gleNav.cab
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - http://neptun.nyf.hu/msrdp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: echo - {4A4BFDAF-5C23-4776-83AD-BF988261D6C5} - mscoree.dll (file missing)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: owf - {20F11652-C903-4870-BBBA-2E79324ED5DC} - mscoree.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 7854 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2009-05-19 171208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll [2006-10-30 757760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll [2006-10-30 757760]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll [2009-05-19 670840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2003-05-29 790528]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2004-09-29 28672]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2002-07-05 491008]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-09-29 344064]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2003-05-30 585728]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2008-08-18 1447168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-07-08 288048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CursorXP]
C:\Program Files\CursorXP\CursorXP.exe [2005-01-19 128000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\Program Files\Opera\program\plugins\NPSWF32_FlashUtil.exe [2009-02-03 240544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ImageDrive-{0CFE4D98-44D7-4542-9842-B924978C2A4F}]
C:\Program Files\Nero\Nero 7\Nero ImageDrive\ImageDrive.exe [2005-10-20 344064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\liNearInstallGuard]
C:\Program Files\Common Files\liNearInstallGuard.exe [2006-05-19 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MultiCalc]
C:\Program Files\MultiCalc\MultiCalc.exe [2007-07-31 3202048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2008-12-03 1205760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe [2005-06-03 36975]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2007-01-10 204288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Indítópult^AutoCAD indításgyorsító.lnk]
C:\PROGRA~1\COMMON~1\AUTODE~1\ACSTAR~2.EXE [2006-03-05 11000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ERSvc"=2
"usnsvc"=3
"Microsoft Office Groove Audit Service"=3
"gusvc"=3
"SQLWriter"=3
"MSSQL$AUTODESKVAULT"=2
"mnmsrvc"=3
"WMPNetworkSvc"=2
"WebrootSpySweeperService"=2
"usnjsvc"=3
"SPTISRV"=3
"SBCSSvc"=2
"ose"=3
"odserv"=3
"ABBYY.Licensing.FineReader.Professional.9.0"=2
"ServiceLayer"=3
"rpcapd"=3
"PACSPTISVR"=3
"MSCSPTISRV"=3
"MDM"=2
"idsvc"=3
"IDriverT"=3
"RDSessMgr"=3
"RasMan"=3
"RasAuto"=3

C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult
ATI CATALYST System Tray.lnk - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-09-29 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2009-08-06 12:33:48 ----D---- C:\Program Files\trend micro
2009-08-06 12:33:47 ----D---- C:\rsit
2009-08-06 12:17:08 ----D---- C:\Program Files\Common Files\MicroWorld
2009-08-05 15:37:18 ----A---- C:\archgi.txt
2009-08-05 08:30:47 ----A---- C:\WINDOWS\system32\CADventTechProp80.dll
2009-08-04 14:39:00 ----D---- C:\Wentyle001
2009-08-04 14:35:11 ----D---- C:\Program Files\Wentyle
2009-08-04 11:49:58 ----D---- C:\Documents and Settings\All Users\Application Data\Lindab
2009-08-04 11:49:37 ----D---- C:\WINDOWS\system32\icu
2009-08-04 11:49:37 ----A---- C:\WINDOWS\system32\Msvcrtd.dll
2009-08-04 11:49:37 ----A---- C:\WINDOWS\system32\Msvcirtd.dll
2009-08-04 11:49:37 ----A---- C:\WINDOWS\system32\IXXML4C2_3.dll
2009-08-04 11:49:37 ----A---- C:\WINDOWS\system32\icuuc.dll
2009-08-04 11:49:36 ----A---- C:\WINDOWS\system32\P2sodbc.dll
2009-08-04 11:49:36 ----A---- C:\WINDOWS\system32\P2bbnd.dll
2009-08-04 11:49:36 ----A---- C:\WINDOWS\system32\cp3240mt.dll
2009-08-04 11:49:36 ----A---- C:\WINDOWS\system32\Co2c40en.dll
2009-08-04 11:49:35 ----A---- C:\WINDOWS\system32\Msvbvm50.dll
2009-08-04 11:49:34 ----D---- C:\Program Files\Seagate
2009-08-04 11:49:33 ----D---- C:\WINDOWS\Crystal
2009-08-04 11:49:32 ----A---- C:\WINDOWS\system32\p2smon.dll
2009-08-04 11:49:32 ----A---- C:\WINDOWS\system32\P2irdao.dll
2009-08-04 11:49:32 ----A---- C:\WINDOWS\system32\P2ctdao.dll
2009-08-04 11:49:32 ----A---- C:\WINDOWS\system32\P2bdao.dll
2009-08-04 11:49:32 ----A---- C:\WINDOWS\system32\Msjter32.dll
2009-08-04 11:49:32 ----A---- C:\WINDOWS\system32\Msjint32.dll
2009-08-04 11:49:32 ----A---- C:\WINDOWS\system32\Dao3032.dll
2009-08-04 11:49:32 ----A---- C:\WINDOWS\system32\cdo32.dll
2009-08-04 11:49:31 ----A---- C:\WINDOWS\system32\Vba232.dll
2009-08-04 11:49:31 ----A---- C:\WINDOWS\system32\Msrd2x32.dll
2009-08-04 11:49:31 ----A---- C:\WINDOWS\system32\msjt3032.dll
2009-08-04 11:49:31 ----A---- C:\WINDOWS\system32\cpeaut32.dll
2009-08-04 11:49:29 ----A---- C:\WINDOWS\system32\Implode.dll
2009-08-04 11:49:29 ----A---- C:\WINDOWS\system32\Crpe32.dll
2009-08-04 11:49:29 ----A---- C:\WINDOWS\system32\crpaig32.dll
2009-08-04 11:49:08 ----A---- C:\WINDOWS\system32\LindabUnitMan.dll
2009-08-04 11:49:02 ----D---- C:\Program Files\Lindab
2009-08-04 11:49:01 ----A---- C:\WINDOWS\system32\Vb5db.dll
2009-07-30 06:24:18 ----D---- C:\Program Files\Lavasoft
2009-07-30 06:24:17 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-07-30 06:23:43 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-07-29 12:10:55 ----A---- C:\WINDOWS\PROTOCOL.INI
2009-07-29 12:10:33 ----A---- C:\WINDOWS\system32\hh.exe
2009-07-29 12:10:29 ----A---- C:\WINDOWS\system32\Cmdlgit.dll
2009-07-29 12:10:16 ----D---- C:\Program Files\Galletti
2009-07-28 15:52:56 ----A---- C:\WINDOWS\GigaCenter Downloader Uninstall Log.txt
2009-07-27 10:13:38 ----AD---- C:\WINDOWS\system32\runouce.exe
2009-07-27 10:06:44 ----A---- C:\WINDOWS\system32\msvcr80.dll
2009-07-27 10:06:43 ----A---- C:\WINDOWS\system32\msvcp80.dll
2009-07-27 10:06:41 ----A---- C:\WINDOWS\system32\eEmpty.exe
2009-07-27 10:06:33 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2009-07-27 10:06:33 ----A---- C:\WINDOWS\system32\T.COM
2009-07-27 10:06:33 ----A---- C:\WINDOWS\REGEDIT.COM
2009-07-27 10:06:33 ----A---- C:\WINDOWS\R.COM
2009-07-27 10:06:18 ----D---- C:\Documents and Settings\All Users\Application Data\MicroWorld
2009-07-15 06:29:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-15 06:28:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-15 06:23:15 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-09 10:00:40 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 months======

2009-08-06 12:34:21 ----D---- C:\WINDOWS\temp
2009-08-06 12:34:18 ----D---- C:\Temp
2009-08-06 12:34:08 ----D---- C:\Documents and Settings\------\Application Data\uTorrent
2009-08-06 12:33:50 ----D---- C:\WINDOWS\Prefetch
2009-08-06 12:33:49 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-06 12:33:48 ----D---- C:\Program Files
2009-08-06 12:33:31 ----D---- C:\Documents and Settings\------\Application Data\Orbit
2009-08-06 12:28:32 ----D---- C:\WINDOWS
2009-08-06 12:17:25 ----D---- C:\Documents and Settings\------\Application Data\Skype
2009-08-06 12:17:08 ----D---- C:\Program Files\Common Files
2009-08-06 10:35:54 ----A---- C:\WINDOWS\wcpfrep.ini
2009-08-06 10:35:29 ----D---- C:\Documents and Settings\All Users\Application Data\Autodesk
2009-08-06 10:29:58 ----D---- C:\Documents and Settings\------\Application Data\Autodesk
2009-08-06 10:15:46 ----D---- C:\Documents and Settings\------\Application Data\skypePM
2009-08-06 10:10:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-06 09:39:11 ----SHD---- C:\WINDOWS\Installer
2009-08-06 09:38:09 ----RSD---- C:\WINDOWS\assembly
2009-08-06 09:38:03 ----D---- C:\Program Files\Common Files\Autodesk Shared
2009-08-06 08:24:40 ----D---- C:\WINDOWS\system32\drivers
2009-08-06 07:33:15 ----D---- C:\Downloads
2009-08-06 07:05:40 ----A---- C:\WINDOWS\UAXXXX.INI
2009-08-06 06:31:49 ----D---- C:\Program Files\Mozilla Firefox 3 Beta 5
2009-08-05 08:30:49 ----D---- C:\WINDOWS\system32
2009-08-03 07:10:42 ----D---- C:\WINDOWS\Microsoft.NET
2009-08-03 06:44:02 ----RSD---- C:\WINDOWS\Fonts
2009-08-03 06:41:36 ----D---- C:\Program Files\Winamp
2009-08-03 06:39:49 ----A---- C:\WINDOWS\system32\AecArchXKey.txt
2009-08-03 06:39:18 ----D---- C:\WINDOWS\system32\DirectX
2009-08-03 06:39:16 ----HD---- C:\WINDOWS\inf
2009-08-01 14:18:35 ----D---- C:\Filmek
2009-07-31 09:49:50 ----D---- C:\Rajz
2009-07-29 10:08:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-29 10:08:35 ----D---- C:\Program Files\Internet Explorer
2009-07-29 10:07:37 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-29 06:51:08 ----D---- C:\Program Files\Dunaferr
2009-07-29 06:33:42 ----D---- C:\Program Files\HijackThis
2009-07-28 07:36:11 ----D---- C:\Program Files\WinPcap
2009-07-28 07:35:22 ----D---- C:\WINDOWS\system32\npp
2009-07-28 06:34:04 ----D---- C:\WINDOWS\Minidump
2009-07-28 06:34:04 ----D---- C:\WINDOWS\Debug
2009-07-27 13:57:01 ----D---- C:\Program Files\Opera 10 Preview
2009-07-27 13:30:48 ----D---- C:\Munka
2009-07-23 07:49:53 ----D---- C:\Program Files\Autodesk
2009-07-21 12:22:26 ----A---- C:\WINDOWS\win.ini
2009-07-19 18:47:06 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:17:07 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-17 08:05:25 ----SH---- C:\boot.ini
2009-07-17 08:05:25 ----A---- C:\WINDOWS\system.ini
2009-07-15 09:36:21 ----D---- C:\My Music
2009-07-14 08:49:18 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-07-13 12:50:25 ----D---- C:\KonyvCal
2009-07-09 10:00:40 ----RD---- C:\Program Files\Skype
2009-07-09 10:00:32 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-07-09 06:42:27 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-08-18 53256]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-02-28 15440]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-08-18 54280]
R1 intelppm;Intel processzor illesztőprogramja; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 WS2IFSL;Windows Socket 2.0 - nem IFS-t szolgáltató támogatási környezet; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-26 12032]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-08-18 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-08-18 71688]
R2 LF30FS;LF30FS; \??\C:\Program Files\Everstrike Software\Lock Folder XP 3.5\LF30XP.sys []
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2004-05-14 76288]
R2 XRNBO;XRNBO; \??\c:\windows\system32\drivers\XRNBO.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-03-13 100224]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-09-29 800256]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2005-11-17 223128]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2004-06-09 3968]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2008-08-18 30728]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2008-02-18 96256]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-09-20 47360]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-06-02 578304]
R3 usbccgp;Microsoft USB általános szülő-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 bővített állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB szabványos hub-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER osztály; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB-képolvasó illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;USB háttértár illesztőprogramja; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB univerzális állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2004-06-16 180480]
S1 kbdhid;Billentyűzet HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 HidUsb;Microsoft HID osztályú illesztőprogram; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-20 235100]
S3 mouhid;Egér HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART illesztőprogram; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
S3 nm;Hálózatfigyelő illesztőprogramja; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2009-07-30 611664]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-09-29 405504]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2008-08-18 468224]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-09-29 516096]
S3 aspnet_state;ASP.NET-állapotszolgáltatás; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-04-21 82584]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2008-08-18 19200]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-03-27 138168]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S4 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-10-29 86016]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S4 usnjsvc;Messenger megosztási mappák – USN-naplóolvasó szolgáltatás; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S4 WMPNetworkSvc;A Windows Media Player hálózatmegosztási szolgáltatása; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-10 919040]

-----------------EOF-----------------


csüt. aug. 06, 2009 11:42
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
udv
ahoz ted ide az RSIT logjat
http://images.malwareremoval.com/random/RSIT.exe
klik-continue es vard a logot,ted ide


csüt. aug. 06, 2009 11:35
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: kedd feb. 17, 2009 8:23
Hozzászólások: 90
Hozzászólás 
Helló stell!
Volna nekem is itt egy kis problám.
A gépemet amikor reggel bekapcsolom a böngészés igen be van lassulva. Minden más (még a filecserélő is) rendesen működik. Ha napközben újra indítom a gépet, akkor nem jelentkezik újból ez a jelenség. Minden nap csak az első bekapcsolás során van ez így, ami kb. 20-30 percig tart, aztán a jelenség megszűnik.
Volna valami tipped, hopgyan lehetne ezt megszüntetni?


csüt. aug. 06, 2009 11:31
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
az ismertek,it mar a symantec is jelez torolni
avast,eset,symantec,,


szomb. júl. 25, 2009 17:21
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
Ennél már 9/41 az arány, melyek azok a keresők amik ha jeleznek figylembe kell vennem?
Ha jeleznek, azon file-oknál mi a további teendőm?

http://www.virustotal.com/hu/analisis/e ... 1248534556


szomb. júl. 25, 2009 16:40
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
a legjob antivirusok halgatnak,tehat akor hamis riastas,,


szomb. júl. 25, 2009 16:08
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
Elkezdtem nézegetni a file-okat, ennél pl. vírustotal 3/41-et ír, ez akkor most vírusos, vagy sem?
http://www.virustotal.com/hu/analisis/d ... 1248534189


szomb. júl. 25, 2009 16:04
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
hm,script az OTMOVEIT3--BA

Kód:
:processes
explorer.exe


:files
C:\Documents and Settings\Rendszergazda\Local Settings\temp\hGu8YnFX.dll
C:\Documents and Settings\Rendszergazda\Local Settings\temp\RarSFX0
C:\Program Files\InstallShield Installation Information\{2227E1FA-01F5-483C-AB0E-2A308E900B3D}\data1.cab
C:\WINDOWS\Installer\beb6a.msi

:commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

:arrow:
Idézet:
kipucolni a CCleaneral a registert vagy 5x--adig nyomkodod a gombot meg az meg az ablak nem tiszta,,

szed le a geprol az AVZ-futatod-klik-file-klik-standarts script=bepipazod a [6]-lehetoseget-delete all avz drivers ,,,,,klik-execute selected script,,,


A tobbi azt hiszem hamis riastas,,de lekel oket tesztelni a Virustotalon es ahol talalat lesz ide teszed a linket,


szomb. júl. 25, 2009 10:35
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
Itt a végeredmény, 192 critical objects, 52 errors:(

Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Spyware.ExpressKeylog Corrupted Adware/Spyware" found in File System! Action Taken: No Action Taken.
Object "AntiSpyware Pro XP Corrupted Adware/Spyware" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Documents and Settings\Mi\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".IMA". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".JPF". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{125F0ACC-D3FC-402B-8D96-27F6E46D00D5}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{14B11C98-291A-44B1-8AEA-DCCE20B5E13A}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{1E045AEC-D6EA-4D1D-A1E6-106EFEB272C1}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{30A8A61F-1003-4E35-9B9B-F30FBA4B5495}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{32971938-65B1-4B38-B483-9A32560B7CF2}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{35AC4EDF-227B-4324-8377-BED3D7FD46BC}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{3FBD22F5-7BD2-49FD-A05D-6308CDD7C818}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{41FAD3F1-6284-4579-BE4E-5EC8D8661C70}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{45D68F08-56A0-4412-BB0F-8492BE978AC7}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{45FB9373-CFD3-4B04-9E5E-52398235BB85}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{4D072D56-B07B-4798-97B2-B9E7A4F53EAC}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{558CD0A7-0548-4220-88FE-01CC1477DF61}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{5AC9F44E-06C7-41E3-A464-37177AB9105D}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{5F4B6C81-64E8-4B16-A932-1C444E1BA970}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{605F33FD-21E8-4B44-A1D0-57694A3E02BC}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{68C13EB4-D6F5-42F9-94C2-E209855E09DB}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{69E4186D-D57C-49E0-B692-5C74BD9B08D7}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{7C3E3706-8FBD-4169-9726-0A47FBF9D32A}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{8AC32162-38D5-40B9-A90B-E985CA7CB7B6}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{901C63FD-6673-47A6-9B5F-B13E3EBFA470}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{91A1F462-94DF-4C57-B046-119DB830B9BD}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{949EA086-902C-478A-A4C6-DAD1D543CD33}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{9DFD0865-4E0F-4947-A77D-43D58782A57F}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{9F2DFB2F-DDA1-4034-84FA-D008BDD93972}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{9F88E3E3-3CC0-4465-A7C0-B9CC50B27817}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{A28695DA-5BCD-4ACB-89B6-9DD90C59BAEB}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{B0AEF410-04FF-4AEC-8D8E-C9427C38BBCD}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{B945219C-C51C-4BD0-BAD5-A3FED95B555F}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{C3CE4CED-46B0-407E-A703-7A83AAE02A36}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{C41E7B22-FEAC-449F-B342-49A24D19517C}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{C602034B-0E04-4A4C-994B-9BE7AEFF5931}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{C6F1E87D-F3E1-4874-97EC-F87DAB6D6878}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{CA93C194-87EF-4A2C-B2DE-99F3AF4CD36A}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{D80D6ACB-FAFA-4DAA-9CE4-3AF04013C693}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{DBE84DB2-1794-4244-9859-9B720CA89B4D}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{DC1D9193-DDFC-4108-9163-708FB7D6BDA7}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{EAAF506F-2371-418F-ABCF-BD93D6D6F256}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{F68E3631-68ED-4970-8D77-B81FE83AA6A1}". Action Taken: No Action Taken.
File C:\Documents and Settings\Mi\Asztal\avz4\avz.exe infected by "Gen:Generic.SMH.C2F697F7F7 (DB)" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Mi\Asztal\ComboFix.exe infected by "Gen:Generic.SMH.90A0D1F1F1 (DB)" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Mi\Asztal\TFC.exe infected by "Gen:Generic.SMH.0125547474 (DB)" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Rendszergazda\Asztal\ComboFix.exe infected by "Gen:Generic.SMH.D0E091B1B1 (DB)" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Rendszergazda\Local Settings\temp\hGu8YnFX.dll infected by "Gen:Generic.SMH.304C3C3C3C (DB)" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Rendszergazda\Local Settings\temp\RarSFX0\4cpag.exe infected by "Gen:Generic.SMH.601F6F6F6F (DB)" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Rendszergazda\Local Settings\temp\RarSFX0\dwebio32.dll infected by "Gen:Generic.SMH.106C1C1C1C (DB)" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Rendszergazda\Local Settings\temp\RarSFX0\dwebllio.dll infected by "Gen:Generic.SMH.304C3C3C3C (DB)" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Rendszergazda\Local Settings\temp\RarSFX0\setup.dll infected by "Gen:Generic.SMH.1E728D9D9D (DB)" Virus! Action Taken: No Action Taken.
File C:\Program Files\Common Files\Nero\Lib\libawtjpeg.dll infected by "Gen:Generic.SMH.C0AC530303 (DB)" Virus! Action Taken: No Action Taken.
File C:\Program Files\DAEMON Tools\uninst.exe infected by "Gen:Generic.SMH.3058A7F1F1 (DB)" Virus! Action Taken: No Action Taken.
File C:\Program Files\InstallShield Installation Information\{2227E1FA-01F5-483C-AB0E-2A308E900B3D}\data1.cab infected by "Gen:Generic.SMH.C0AF501010 (DB)" Virus! Action Taken: No Action Taken.
File C:\Program Files\InstallShield Installation Information\{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}\ISSetup.dll infected by "Gen:Generic.SMH.E1DCBDDDDD (DB)" Virus! Action Taken: No Action Taken.
File C:\Program Files\InstallShield Installation Information\{43801800-CFEE-11D2-A41B-006097B55AD3}\data1.cab infected by "Gen:Generic.SMH.F09F602020 (DB)" Virus! Action Taken: No Action Taken.
File C:\Program Files\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC}\data1.cab infected by "Gen:Generic.SMH.F09F602020 (DB)" Virus! Action Taken: No Action Taken.
File C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\ISSetup.dll infected by "Gen:Generic.SMH.E1DDBCDCDC (DB)" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\ERDNT\Hiv-backup\ERDNT.EXE infected by "Gen:Generic.SMH.90A0C1C1C1 (DB)" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\Installer\beb6a.msi infected by "Gen:Generic.SMH.1131CE0E0E (DB)" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\Installer\{9011040E-6000-11D3-8CFE-0150048383C9}\wordicon.exe infected by "Gen:Generic.SMH.1131CE0E0E (DB)" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\PEV.exe infected by "Gen:Generic.SMH.D0E091B1B1 (DB)" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\SWREG.exe infected by "Gen:Generic.SMH.90A4C5A5A5 (DB)" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\SWSC.exe infected by "Gen:Generic.SMH.80B4D5B5B5 (DB)" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\system32\dllcache\irftp.exe infected by "Exe.Corrupted" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\system32\dllcache\irmon.dll infected by "Exe.Corrupted" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\system32\dllcache\wshirda.dll infected by "Exe.Corrupted" Virus! Action Taken: No Action Taken.
File D:\bumeráng\Dokumentumok\PDA-ra\szövegolvasó.exe infected by "Gen:Generic.SMH.E08F703030 (DB)" Virus! Action Taken: No Action Taken.
File D:\OFFICEXP_FrontPage_2002\FILES\OSP\1038\IE5\HU\IENT_S1.CAB infected by "Gen:Generic.SMH.1058A7B7B7 (DB)" Virus! Action Taken: No Action Taken.
File D:\OFFICEXP_FrontPage_2002\FILES\OSP\1038\IE5\HU\IENT_S2.CAB infected by "Gen:Generic.SMH.E0B8475757 (DB)" Virus! Action Taken: No Action Taken.
File D:\OFFICEXP_FrontPage_2002\FILES\OSP\1038\IE5\HU\IENT_S4.CAB infected by "Gen:Generic.SMH.5008F7E7E7 (DB)" Virus! Action Taken: No Action Taken.
File D:\OFFICEXP_FrontPage_2002\FILES\OSP\1038\IE5\HU\IE_S1.CAB infected by "Gen:Generic.SMH.5119E6F6F6 (DB)" Virus! Action Taken: No Action Taken.
File D:\OFFICEXP_FrontPage_2002\FILES\OSP\1038\IE5\HU\IE_S2.CAB infected by "Gen:Generic.SMH.0048B7A7A7 (DB)" Virus! Action Taken: No Action Taken.
File D:\OFFICEXP_FrontPage_2002\FILES\OSP\1038\IE5\HU\IE_S3.CAB infected by "Gen:Generic.SMH.3179869696 (DB)" Virus! Action Taken: No Action Taken.
File E:\Jani\Benti_Munka_mentés\kozos_meghajtorol_anyagok\Fazekasne_Pocs_Zsuzsa\Fazekasne_Pocs_Zsuzsa.zip infected by "Gen:Generic.SMH.40609FC9C9 (DB)" Virus! Action Taken: No Action Taken.
File E:\voltmár\mplayer_setup_0-19-0_full.exe infected by "Gen:Generic.SMH.2115741414 (DB)" Virus! Action Taken: No Action Taken.
File E:\voltmár\VirtualDubMod 1.5.10.2\VirtualDubMod_1_5_10_2_All_inclusive.zip infected by "Gen:Generic.SMH.7048298989 (DB)" Virus! Action Taken: No Action Taken.
File E:\voltmár\VirtualDubMod 1.5.10.2\VirtualDubMod_1_5_10_2_b2542.zip infected by "Gen:Generic.SMH.83B7D6B6B6 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\DivX\DivX Converter\aacadec.dll infected by "Gen:Generic.SMH.211D6C4C4C (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\DivX\DivX Converter\AKGZIK.ddc infected by "Gen:Generic.SMH.300C7D5D5D (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\DivX\DivX Converter\DH05AL.ddc infected by "Gen:Generic.SMH.E1DDAC8C8C (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\DivX\DivX Plus DirectShow Filters\aacadec.dll infected by "Gen:Generic.SMH.211D6C4C4C (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\DivX\DivX Plus DirectShow Filters\daac.ax infected by "Gen:Generic.SMH.300C7D5D5D (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\DivX\DivX Plus DirectShow Filters\DivXDecH264.ax infected by "Gen:Generic.SMH.625E2F0F0F (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\Flagship Studios\Hellgate London\hellswing12d9sp1.zip infected by "Gen:Generic.SMH.F4A45B0B0B (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\Hard Disk Sentinel Pro 2.81 Build 3083 Portable.exe infected by "Gen:Generic.SMH.A090F19191 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Languages\Deutsch.dll infected by "Gen:Generic.SMH.3008690909 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Languages\Hungarian1.dll infected by "Gen:Generic.SMH.3008690909 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Languages\Hungarian2.dll infected by "Gen:Generic.SMH.2018791919 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Adobe 8BF\PopArt.8bf infected by "Gen:Generic.SMH.F08B746464 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\B3d.dll infected by "Gen:Generic.SMH.102849E9E9 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Dicom.dll infected by "Gen:Generic.SMH.E0D8B91919 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\DjVu.dll infected by "Gen:Generic.SMH.714D2C4C4C (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\EMail.dll infected by "Gen:Generic.SMH.506C0D6D6D (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Flash.dll infected by "Gen:Generic.SMH.90ACCDADAD (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Flash4.dll infected by "Gen:Generic.SMH.A19DFC9C9C (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Formats.dll infected by "Gen:Generic.SMH.A09CFD9D9D (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Fpx.dll infected by "Gen:Generic.SMH.90ACCDADAD (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Icons.dll infected by "Gen:Generic.SMH.E0DCBDDDDD (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\IV_Player.exe infected by "Gen:Generic.SMH.90A4C5A5A5 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Jpg_transform.dll infected by "Gen:Generic.SMH.407C1D4D4D (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Jpm.dll infected by "Gen:Generic.SMH.211D7C2C2C (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Ldf.dll infected by "Gen:Generic.SMH.A09CFD9D9D (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\LogoManager.dll infected by "Gen:Generic.SMH.2048383838 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Med.dll infected by "Gen:Generic.SMH.704C2D4D4D (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Mng.dll infected by "Gen:Generic.SMH.80BCDD8D8D (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Mp3.dll infected by "Gen:Generic.SMH.90ACCDADAD (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Mrc.dll infected by "Gen:Generic.SMH.2048383838 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\MrSID.dll infected by "Gen:Generic.SMH.E1DDBCDCDC (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Nero.dll infected by "Gen:Generic.SMH.506C0D6D6D (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Pngout.dll infected by "Gen:Generic.SMH.102849E9E9 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Riot.dll infected by "Gen:Generic.SMH.C1FD9CFCFC (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Sff.dll infected by "Gen:Generic.SMH.102849E9E9 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Slideshow.exe infected by "Gen:Generic.SMH.5064055555 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Video.dll infected by "Gen:Generic.SMH.201C7D1D1D (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\IrfanView\Plugins\Vtf.dll infected by "Gen:Generic.SMH.5028585858 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\Microsoft Games\Fable - The Lost Chapters\Fable.exe infected by "Gen:Generic.SMH.FF8B745454 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\NT Registry Optimizer\NTREGOPT.EXE infected by "Gen:Generic.SMH.80B0D1B1B1 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\PhotoME\icons.icl infected by "Gen:Generic.SMH.4050AFBFBF (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\totalcmd\CABRK.DLL infected by "Gen:Generic.SMH.2048B7A7A7 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\totalcmd\FRERES32.DLL infected by "Gen:Generic.SMH.0078879797 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\totalcmd\UNACEV2.DLL infected by "Gen:Generic.SMH.403CC3D3D3 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\totalcmd\_tc\PxDTV2200 H_PxDVR3200 H_PxPVR2200_PxTV1200(x86).exe infected by "Gen:Generic.SMH.E1DCBDDDDD (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\URUSoft\Subtitle Workshop\SubtitleWorkshop.exe infected by "Gen:Generic.SMH.6252335353 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\Webteh\BSplayerPro\bplay.exe infected by "Gen:Generic.SMH.003051F1F1 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\Webteh\BSplayerPro\bsplay.exe infected by "Gen:Generic.SMH.003051F1F1 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\WhereIsIt\7-zip32.dll infected by "Gen:Generic.SMH.E1BD420202 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\WhereIsIt\UnACE.dll infected by "Gen:Generic.SMH.2048B7A7A7 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\WhereIsIt\UnACEV2.dll infected by "Gen:Generic.SMH.403CC3D3D3 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\Winamp\System\jpeg.w5s infected by "Gen:Generic.SMH.6028D78787 (DB)" Virus! Action Taken: No Action Taken.
File F:\Program Files\WinRar\Formats\UNACEV2.DLL infected by "Gen:Generic.SMH.403CC3D3D3 (DB)" Virus! Action Taken: No Action Taken.
File X:\Games\Dark_Messiah_Of_Might_And_Magic_CLONEDVD-PROCYON\Tools\dmcrack.rar infected by "Gen:Generic.SMH.1D9D620202 (DB)" Virus! Action Taken: No Action Taken.
File X:\Games\Dark_Messiah_Of_Might_And_Magic_CLONEDVD-PROCYON\Tools\tools-dame.rar infected by "Gen:Generic.SMH.6020DFFFFF (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\AntiVírus\Dr Web\launch.exe infected by "Gen:Generic.SMH.106C1C1C1C (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\AntiVírus\VIPRE-Rescue.exe infected by "Gen:Generic.SMH.FFAF50E0E0 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\APPS\SubtitleWorkshop251.exe infected by "Gen:Generic.SMH.6252335353 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\APPS\the_bat!_3.99.3_pl\the_bat!_3.99.3_pl.rar infected by "Trojan.Generic.227520 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\APPS\Total.Commander.v7.04.Multilingual\b-tcm704.zip infected by "Gen:Generic.SMH.0078879797 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\APPS\WhereIsIt.v3.93.715-REVENGE.rar infected by "Gen:Generic.SMH.4010EFB9B9 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\APPS\Winrar_3.71_Full_PRE CRACKED\WinRAR 3.71 PreCracked.exe infected by "Gen:Generic.SMH.403CC3D3D3 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Codec\AC3_VirtualDub_hang_codec\VDUB_1.5_AC3_Conversion\VirtualDubMod_1_5_10_2_All_inclusive(mpeg2+AC3)\corona.dll infected by "Gen:Generic.SMH.7048298989 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Codec\AC3_VirtualDub_hang_codec\VDUB_1.5_AC3_Conversion\VirtualDubMod_1_5_10_2_All_inclusive(mpeg2+AC3)\ogg.dll infected by "Gen:Generic.SMH.1028492929 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Codec\AC3_VirtualDub_hang_codec\VDUB_1.5_AC3_Conversion\VirtualDubMod_1_5_10_2_All_inclusive(mpeg2+AC3)\VirtualDubMod.exe infected by "Gen:Generic.SMH.83B7D6B6B6 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Codec\AC3_VirtualDub_hang_codec\VDUB_1.5_AC3_Conversion\VirtualDubMod_1_5_10_2_All_inclusive(mpeg2+AC3)\vorbis.dll infected by "Gen:Generic.SMH.2018791919 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Codec\AC3_VirtualDub_hang_codec\VirtualDubMod_1_5_10_2_All_inclusive\corona.dll infected by "Gen:Generic.SMH.7048298989 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Codec\AC3_VirtualDub_hang_codec\VirtualDubMod_1_5_10_2_All_inclusive\ogg.dll infected by "Gen:Generic.SMH.1028492929 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Codec\AC3_VirtualDub_hang_codec\VirtualDubMod_1_5_10_2_All_inclusive\VirtualDubMod.exe infected by "Gen:Generic.SMH.83B7D6B6B6 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Codec\AC3_VirtualDub_hang_codec\VirtualDubMod_1_5_10_2_All_inclusive\vorbis.dll infected by "Gen:Generic.SMH.2018791919 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\9-2_xp32_dd_ccc_wdm_enu_75974.exe infected by "Gen:Generic.SMH.F09F602020 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\9-5_xp32_dd_ccc_wdm_enu.exe infected by "Gen:Generic.SMH.F09F602020 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\Alcor NUN 2GB\updata tool\program files\Consumer Update Firmware\Consumer.exe infected by "Gen:Generic.SMH.C1F594F4F4 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\Alcor NUN 2GB\updata tool\program files\Consumer Update Firmware\CopyIniFile.exe infected by "Gen:Generic.SMH.91A5C4A4A4 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\Alcor NUN 2GB\win98driver\U Disk Driver Win98\U98Setup.exe infected by "Gen:Generic.SMH.91A5C4A4A4 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\ATI Complete Avivo Package 8.6\8-6_xp32-64_xcode_64785.exe infected by "Gen:Generic.SMH.F09F602020 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\ATK0110 ACPI UTILITY (AiBooster)\AiBooster_V20068.zip infected by "Gen:Generic.SMH.C0AF501010 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\Gigabyte GA-MA69GM-S2H (Rev 1.0)\DriverS\LAN\motherboard_driver_lan_realtek_81xx.exe infected by "Gen:Generic.SMH.C0AF501010 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\Hauppage PVR-150 MCE\Installation CD Version 3.4D1 with WinTV version 6\hauppauge_cd_3.4d1.zip infected by "Gen:Generic.SMH.30748BDBDB (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\Hauppage PVR-150 MCE\WinTV 4.6b\WinTVCD 4_6b.exe infected by "Gen:Generic.SMH.30748BDBDB (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\HP nx7400 DriverS\DriverS\Keyboard, Mouse and Input Devices\HP Quick Launch Buttons 6.30J\sp38266.exe infected by "Gen:Generic.SMH.E1DDBCDCDC (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\HP nx7400 DriverS\DriverS\Keyboard, Mouse and Input Devices\Synaptics Touchpad 10.0.13.2\sp37065.exe infected by "Gen:Generic.SMH.C0AF501010 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\HP nx7400 DriverS\DriverS\Storage\Intel Matrix Storage Manager 5.5.0.1035A\sp32492.exe infected by "Gen:Generic.SMH.F09F602020 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\HP nx7400 DriverS\Software\Solutions\HP Quick Launch Buttons Critical Security Update 2.0B\sp38200.exe infected by "Gen:Generic.SMH.E1DDBCDCDC (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\JW-RS780UVD-AM2+ (64M)\Bios\FlashBoot_lv.rar infected by "Gen:Generic.SMH.8EBADBBBBB (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\JW-RS780UVD-AM2+ (64M)\DriverS\Audio\Realtek HD Audio Driver (WDM) R2.09\Audio.rar infected by "THREAT_TYPE_ARCHBOMB (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\JW-RS780UVD-AM2+ (64M)\DriverS\Chipset\AMD South Bridge Driver for Windows XP 8.2\8-2_xp32-64_sb_58128.zip infected by "Gen:Generic.SMH.F09F602020 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\JW-RS780UVD-AM2+ (64M)\DriverS\Chipset\ati_xp_8.7.rar infected by "Gen:Generic.SMH.F09F602020 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\JW-RS780UVD-AM2+ (64M)\DriverS\Graphics\8-8-igp_xp32_dd_ccc_wdm_sb_gart_enu_67975.exe infected by "Gen:Generic.SMH.F09F602020 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\Leadtek PxTV1200 Driver\x86.zip infected by "Gen:Generic.SMH.E1DCBDDDDD (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\Leadtek Winfast XP2000 Global + FM Driver\WinXP.zip infected by "Gen:Generic.SMH.E1DCBDDDDD (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\LG GSA-2164D 1.01 Driver (Firmware)\GSA-2164D101(ew).zip infected by "Gen:Generic.SMH.2380F0F0F0 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\DriverS\LG GSA-2164D 1.01 Driver (Firmware)\GSA-2164D_101.exe infected by "Gen:Generic.SMH.2380F0F0F0 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\mobil\Bluetooth\BlueSoleil 5.06.06\BlueSoleil_1.6.1.4_release_050606.zip infected by "Gen:Generic.SMH.C0AF501010 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\mobil\MobilEdit 2.4.5.4\MOBILedit!.exe infected by "Gen:Generic.SMH.FFCB348484 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\mobil\Sony Ericsson PC Suite 3.209.00 HU\Sony Ericsson PC Suite_3.209.00_HU.exe infected by "Gen:Generic.SMH.E1DDBCDCDC (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\mobil\Sony Ericsson PC Suite 5.009.00\Sony_Ericsson_PC_Suite_5.009.00_Web_EN.exe infected by "Gen:Generic.SMH.023E4F6F6F (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\Adobe.Audition.v3.WinAll.Cracked-NoPE\setup\Audition3_EFGJSI_Trial.exe infected by "Gen:Generic.SMH.FFC0A1C1C1 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\All_Media_To_Mp3_Converter_Pro_v4.6(2).rar infected by "Trojan.Generic.1729837 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\Apollo.No1.DVD.Ripper.v4.1.WinALL.Incl.Keygen-BRD\br1dr41a\br1dr41.rar infected by "Trojan.Packed.21452 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\Apollo.No1.DVD.Ripper.v4.1.WinALL.Incl.Keygen-BRD\br1dr41a.zip infected by "Trojan.Packed.21452 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\BS.Player.Pro.v2.32.975.Multilingual.Incl.Keymaker-CORE\CORE10k.EXE infected by "Gen:Generic.SMH.80B0D1B1B1 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\BS.Player.Pro.v2.32.975.Multilingual.Incl.Keymaker-CORE\keygen.exe infected by "Gen:Generic.SMH.7050210101 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\BS.Player.Pro.v2.32.975.Multilingual.Incl.Keymaker-CORE\setup.exe infected by "Gen:Generic.SMH.003051F1F1 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\DivX.Pro.v6.8.0.11.Multilangages.Incl-Keygen\DivXInstaller.exe infected by "Gen:Generic.SMH.201C6D4D4D (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\DivX.Pro.v6.8.0.11.Multilangages.Incl-Keygen\Keygen\Keymaker.exe infected by "Gen:Generic.SMH.0535CAEAEA (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\DVD_backup_(ARccOS_protected)\02_PgcEdit.rar infected by "Gen:Generic.SMH.FFC8A9C9C9 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\DVD_backup_(ARccOS_protected)\07_dvd2one205.rar infected by "Gen:Generic.SMH.02926D6D6D (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\DVD_backup_(ARccOS_protected)\12_Txt2Sup.exe infected by "Gen:Generic.SMH.F4C4A5C5C5 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\GOM Player 2.1.15.4610\GOMPLAYERENSETUP.EXE infected by "Gen:Generic.SMH.2000FFFFFF (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\irfanview_4.2_lang_hungarian.zip infected by "Gen:Generic.SMH.3008690909 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\irfanview_plugins_420_setup.exe infected by "Gen:Generic.SMH.FFCBAACACA (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\Losless Audio compressors\FLAC\flac110k.exe infected by "Gen:Generic.SMH.2018791919 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\Losless Audio compressors\FLAC\Flac_Plugin_for_WA2.exe infected by "Gen:Generic.SMH.102849E9E9 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\Losless Audio compressors\FLAC\Flac_Plugin_for_WA3.exe infected by "Gen:Generic.SMH.201879D9D9 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\MPUI (stable) 1.1.10\MPUI-1.1.10_with_MPlayer-1.0-pre8.zip infected by "Gen:Generic.SMH.2115741414 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\VirtualDub 1.7.7\VirtualDub-1.7.7.zip infected by "Gen:Generic.SMH.93A7C6A6A6 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\VOX Recorder (Rádió adás rögzítésére)\VoxRecorder.zip infected by "Gen:Generic.SMH.9010EFFFFF (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\WinAMP_Hungarian_Language_Pack.exe infected by "Gen:Generic.SMH.0048B7E7E7 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\WINAMP_v5.51Pro.rar infected by "Gen:Generic.SMH.1030F0F0F0 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\WinAVI Video Converter 9.0+ Serial\WinAVI Video Converter 9.0+ Serial.zip infected by "Gen:Generic.SMH.92FF005050 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\MultiM\WinFast PVR2 2.0.3.19\ArcSoft_MCE-PlugIn_20070813.zip infected by "Gen:Generic.SMH.C0AF501010 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\OTM.exe infected by "Gen:Generic.SMH.81A5D4F4F4 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Photo-SW\PhotoME Ver 0.79R17\PhotoME079R17Setup.exe infected by "Gen:Generic.SMH.4050AFBFBF (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Photo-SW\PhotoME Ver 0.79R17\PhotoMePreview79r17Setup_en.exe infected by "Gen:Generic.SMH.4050AFBFBF (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Photo-SW\PicMarkr Pro 1.0.0.1 (Vízjel logo saját képekre)\PicMarkrPro.exe infected by "Gen:Generic.SMH.90A05F4F4F (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Photo-SW\Portrait Professional Max 6.3.5+Crack-HeartBug\Cracked\PortraitProfessional.exe infected by "Gen:Generic.SMH.8642323232 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Photo-SW\Portrait Professional Max 6.3.5+Crack-HeartBug\PortraitProfessionalMaxSetup.exe infected by "Gen:Generic.SMH.65E11E7E7E (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\PS2\hdl\hdlpatch_gui.exe infected by "Gen:Generic.SMH.B393E2C2C2 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\PS2\hdlgui8b_r2j.rar infected by "Gen:Generic.SMH.B393E2C2C2 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Tools\CloneDVD v2.9.2\setupclonedvd2.exe infected by "Gen:Generic.SMH.73D32C3C3C (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Tools\CloneDVD2_2533\SetupCloneDVD2.exe infected by "Gen:Generic.SMH.63F30C1C1C (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Tools\GetDataBackforNTFS\Setup.exe infected by "Gen:Generic.SMH.3A09680808 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Tools\Hard Disk Sentinel Pro 2.81 Build 3083 Portable\Hard Disk Sentinel Pro 2.81 Build 3083 Portable.exe infected by "Gen:Generic.SMH.A090F19191 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Tools\Hard Disk Sentinel Pro 2.81 Build 3083 Portable\hdsentinel_pro_setup.exe infected by "Gen:Generic.SMH.A090F19191 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Tools\Hard Disk Sentinel_1.33_Magyar (hibákat_várható_élettartamot_jelez)\hdsentinel_setup180beta.exe infected by "Gen:Generic.SMH.F0C0A1C1C1 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Tools\Hard Disk Sentinel_1.33_Magyar (hibákat_várható_élettartamot_jelez)\keygen.exe infected by "Gen:Generic.SMH.80A4D5F5F5 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Tools\TestDisk & PhotoRec 6.9\photorec_win.exe infected by "Gen:Generic.SMH.5161006060 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Tools\TestDisk & PhotoRec 6.9\testdisk-6.9.win.zip infected by "Gen:Generic.SMH.5161006060 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Tools\TestDisk & PhotoRec 6.9\testdisk_win.exe infected by "Gen:Generic.SMH.4171107070 (DB)" Virus! Action Taken: No Action Taken.
File X:\ProgramS\Tools\UltraISO.Premium.Edition.v9.3.2.2656.Multilingual-ArCADE\a-932265.zip infected by "Gen:Generic.SMH.8420505050 (DB)" Virus! Action Taken: No Action Taken.
File X:\TFC.exe infected by "Gen:Generic.SMH.0125547474 (DB)" Virus! Action Taken: No Action Taken.
File Y:\DC_temp\ogg.dll.OQSG5INPSLBIWFLGCJQIGVEXS7ANAXOKMLJDOBI.dctmp.antifrag infected by "Gen:Trojan.Heur.B088778888 (DB)" Virus! Action Taken: No Action Taken.
File Y:\Mentés\M40-ről mentés\C (névtelen)\Program Files\Consumer Update Firmware\Consumer.exe infected by "Gen:Generic.SMH.C1F594F4F4 (DB)" Virus! Action Taken: No Action Taken.
File Y:\Mentés\M40-ről mentés\C (névtelen)\Program Files\Consumer Update Firmware\CopyIniFile.exe infected by "Gen:Generic.SMH.91A5C4A4A4 (DB)" Virus! Action Taken: No Action Taken.
File Y:\Mentés\M40-ről mentés\D (Geri)\Program Files\AutoGK\tools\vStrip.dll infected by "Gen:Generic.SMH.3008690909 (DB)" Virus! Action Taken: No Action Taken.
File Y:\Mentés\M40-ről mentés\D (Geri)\Program Files\AutoGK\tools\vstrip_ifo.exe infected by "Gen:Generic.SMH.A090F19191 (DB)" Virus! Action Taken: No Action Taken.
File Y:\Mentés\M40-ről mentés\D (Geri)\Program Files\AutoGK\VDubMod\corona.dll infected by "Gen:Generic.SMH.7048298989 (DB)" Virus! Action Taken: No Action Taken.
File Y:\Mentés\M40-ről mentés\D (Geri)\Program Files\AutoGK\VDubMod\ogg.dll infected by "Gen:Generic.SMH.1028492929 (DB)" Virus! Action Taken: No Action Taken.
File Y:\Mentés\M40-ről mentés\D (Geri)\Program Files\AutoGK\VDubMod\VirtualDubMod.exe infected by "Gen:Generic.SMH.5367066666 (DB)" Virus! Action Taken: No Action Taken.
File Y:\Mentés\M40-ről mentés\D (Geri)\Program Files\AutoGK\VDubMod\vorbis.dll infected by "Gen:Generic.SMH.2018791919 (DB)" Virus! Action Taken: No Action Taken.
File Y:\Mentés\M40-ről mentés\D (Geri)\Program Files\Sony Ericsson\Sony Ericsson PC Suite\PC Suite log.exe infected by "Gen:Generic.SMH.D0E687E7E7 (DB)" Virus! Action Taken: No Action Taken.


szomb. júl. 25, 2009 8:00
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
Total commanderrel töröltem mindent + a registriből is ami gyanús volt.
Volt még egy csökkentettmódú combofix futtatás, és azt hittem minden ok lesz, erre a látszólagos gyorsaság 1 reboot-ig tartott, újra mint a csiga:(

Most fut az e-scan de már 24 problémát talált, közte ha jóllátom a saját install file-jai között is...

24 júl. 2009 20:59:13 - Offending Registry Entry found: HKCU\SOFTWARE\Wget
24 júl. 2009 20:59:13 - System found infected with Backdoor (IRCBot) Trojans Spyware/Adware (HKCU\SOFTWARE\Wget)! Action taken: No Action Taken.

24 júl. 2009 20:59:13 - Offending Registry Entry found: HKCU\Software\Microsoft\OLE
24 júl. 2009 20:59:13 - System found infected with Backdoor (IRCBot) Trojans Spyware/Adware (HKCU\Software\Microsoft\OLE)! Action taken: No Action Taken.

24 júl. 2009 20:59:14 - Offending Registry Entry found: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
24 júl. 2009 20:59:14 - System found infected with Spyware.ExpressKeylog Corrupted Adware/Spyware (HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations)! Action taken: No Action Taken.

24 júl. 2009 20:59:14 - Offending Registry Entry found: HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers
24 júl. 2009 20:59:14 - System found infected with AntiSpyware Pro XP Corrupted Adware/Spyware (HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers)! Action taken: No Action Taken.

24 júl. 2009 20:59:25 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Documents and Settings\Mi\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\". Action Taken: No Action Taken.
24 júl. 2009 20:59:25 - Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".IMA". Action Taken: No Action Taken.

24 júl. 2009 20:59:25 - Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".JPF". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{125F0ACC-D3FC-402B-8D96-27F6E46D00D5}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{14B11C98-291A-44B1-8AEA-DCCE20B5E13A}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{1E045AEC-D6EA-4D1D-A1E6-106EFEB272C1}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{30A8A61F-1003-4E35-9B9B-F30FBA4B5495}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{32971938-65B1-4B38-B483-9A32560B7CF2}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{35AC4EDF-227B-4324-8377-BED3D7FD46BC}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{3FBD22F5-7BD2-49FD-A05D-6308CDD7C818}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{41FAD3F1-6284-4579-BE4E-5EC8D8661C70}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{45D68F08-56A0-4412-BB0F-8492BE978AC7}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{45FB9373-CFD3-4B04-9E5E-52398235BB85}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{4D072D56-B07B-4798-97B2-B9E7A4F53EAC}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{558CD0A7-0548-4220-88FE-01CC1477DF61}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{5AC9F44E-06C7-41E3-A464-37177AB9105D}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{5F4B6C81-64E8-4B16-A932-1C444E1BA970}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{605F33FD-21E8-4B44-A1D0-57694A3E02BC}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{68C13EB4-D6F5-42F9-94C2-E209855E09DB}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{69E4186D-D57C-49E0-B692-5C74BD9B08D7}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{7C3E3706-8FBD-4169-9726-0A47FBF9D32A}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{8AC32162-38D5-40B9-A90B-E985CA7CB7B6}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{901C63FD-6673-47A6-9B5F-B13E3EBFA470}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{91A1F462-94DF-4C57-B046-119DB830B9BD}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{949EA086-902C-478A-A4C6-DAD1D543CD33}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{9DFD0865-4E0F-4947-A77D-43D58782A57F}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{9F2DFB2F-DDA1-4034-84FA-D008BDD93972}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{9F88E3E3-3CC0-4465-A7C0-B9CC50B27817}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{A28695DA-5BCD-4ACB-89B6-9DD90C59BAEB}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{B0AEF410-04FF-4AEC-8D8E-C9427C38BBCD}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{B945219C-C51C-4BD0-BAD5-A3FED95B555F}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{C3CE4CED-46B0-407E-A703-7A83AAE02A36}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{C41E7B22-FEAC-449F-B342-49A24D19517C}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{C602034B-0E04-4A4C-994B-9BE7AEFF5931}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{C6F1E87D-F3E1-4874-97EC-F87DAB6D6878}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{CA93C194-87EF-4A2C-B2DE-99F3AF4CD36A}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{D80D6ACB-FAFA-4DAA-9CE4-3AF04013C693}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{DBE84DB2-1794-4244-9859-9B720CA89B4D}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{DC1D9193-DDFC-4108-9163-708FB7D6BDA7}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{EAAF506F-2371-418F-ABCF-BD93D6D6F256}". Action Taken: No Action Taken.

24 júl. 2009 20:59:26 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{F68E3631-68ED-4970-8D77-B81FE83AA6A1}". Action Taken: No Action Taken.


pén. júl. 24, 2009 22:30
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
torold oket kezel,ha ben mene akor csinalunk scriptet az otmoveitra
File Y:\Mentés\Program Files_régi\Ubisoft\Heroes of Might and Magic V\bin\H5_Game.exe
igy ahogy ide irtam az utolsokat,


csüt. júl. 23, 2009 9:46
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
File Y:\Mentés\Program Files_régi\Ubisoft\Heroes of Might and Magic V\bin\H5_Game.exe infected by "Gen:Generic.SMH.FF6A959595 (DB)" Virus! Action Taken: No Action Taken.
File Y:\Mentés\Program Files_régi\Ubisoft\Heroes of Might and Magic V\bin\H5_Game.exe.old infected by "Gen:Generic.SMH.FF6B949494 (DB)" Virus! Action Taken: No Action Taken.
File Y:\TXT_DOC\Egyéb kiadvány_doksi\Műszaki jellegű\PC\cracker tanfolyam\19 RSA kódolás.zip infected by "Gen:Trojan.Heur.10807F9090 (DB)" Virus! Action Taken: No Action Taken.
File Y:\TXT_DOC\levlisták\hix\hix.zip infected by "Trojan.Exploit.Html.Iframe.Filedownload.HQ (DB)" Virus! Action Taken: No Action Taken.
File Y:\Zenék\mp3\teljes-e-4\Méhek\Esodal.mp3 infected by "BkCln.Unknown" Virus! Action Taken: No Action Taken.


csüt. júl. 23, 2009 5:55
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
System found infected with AntiSpyware Pro XP Corrupted Adware/Spyware (HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers)! Action taken: No Action Taken
ilyeket ahol No Action Taken van--ez mind az also ablakba lesz etet ted ide,,,also ablakbol mikor bevegzi,


szer. júl. 22, 2009 21:38
Profil Privát üzenet küldése Honlap
a fórum lelke
Avatar

Csatlakozott: vas. szept. 12, 2004 18:08
Hozzászólások: 6037
Tartózkodási hely: Usa
Hozzászólás 
Na ilyekor szoktam az mondani hogy vége a kabalisztikus körök futtatásának!..nem kell oda semmi segédprogram csak a józan ész és figyelem.:
Csökevényes(csökkentett mód) :arrow: regedit :arrow: HcLM :arrow: Current vers :arrow: run:töröl ami gyanús ue a User résznél is.

-Ezek előtt természetesen Mebroot,ComboFix,Hijack után,de ezek már meg voltak.-
.utánna mégegy Hijack- fixxel a darabban maradt registry maradványok irtására:'lesz ölöm és bódottá!'


szer. júl. 22, 2009 21:32
Profil Privát üzenet küldése ICQ YIM Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
semmit = semmi ilyesmit


szer. júl. 22, 2009 21:11
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
Update, aztán futtattam, még dolgozik, de azt hiszem a lényeg már megvan:(
KEzdek kiakadni, ez ha jól számolom már a nyolcadik kereső, és az előzőek nem találtak semmit...

Ha lefutott majd küldöm a végleges logot is.

22 júl. 2009 20:57:33 - Scanning HKLM\SYSTEM\CurrentControlSet\Services\VxD

22 júl. 2009 20:57:33 - ***** Scanning Registry and File system for Adware/Spyware *****
22 júl. 2009 20:57:34 - Loading Spyware Signatures from new External Database [Name: C:\DOCUME~1\RENDSZ~1\LOCALS~1\temp\spydb.avs, Size: 912575]...
22 júl. 2009 20:57:34 - Indexed Spyware Databases Successfully Created...

22 júl. 2009 20:57:34 - Offending Key found: HKLM\Software\Magnet !!!
22 júl. 2009 21:16:18 - Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.

22 júl. 2009 21:16:18 - Offending Key found: HKCR\magnet !!!
22 júl. 2009 21:16:18 - Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.

22 júl. 2009 21:16:21 - Offending Registry Entry found: HKCU\Software\Microsoft\OLE
22 júl. 2009 21:16:21 - System found infected with Backdoor (IRCBot) Trojans Spyware/Adware (HKCU\Software\Microsoft\OLE)! Action taken: No Action Taken.

22 júl. 2009 21:16:21 - Offending Registry Entry found: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
22 júl. 2009 21:16:21 - System found infected with Spyware.ExpressKeylog Corrupted Adware/Spyware (HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations)! Action taken: No Action Taken.

22 júl. 2009 21:16:21 - Offending Registry Entry found: HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers
22 júl. 2009 21:16:21 - System found infected with AntiSpyware Pro XP Corrupted Adware/Spyware (HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers)! Action taken: No Action Taken.


szer. júl. 22, 2009 21:11
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
hm,akor hagy ott,,mar nincsen elkepzelesem hogy mi lasitsa a gepet,
ha lesz idod futasd le az MWAV programot,alitsd be igy es az also ablakbol a logot ted ide
a 6-pont alat vannak a linkek,
6: !! Prectete si bod *5 jeste dvakrat neb jak je z provozu jasne je to treba :-))

MWAV stahnete ZDE (+alter odkazy):arrow:
http://www.viry.cz/forum/viewtopic.php?t=4097/


szer. júl. 22, 2009 19:11
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
Az egy játék, elég régen fent van a gépen.

Mit kellene vele csinálnom?


szer. júl. 22, 2009 17:44
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
ez nekem nemtetszik,old ki ha tudod
F:\Program Files\Flagship Studios\Hellgate London\


szer. júl. 22, 2009 10:19
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
Itt a log:)
A lassúságra példa: A bejelentkező képernyőn, ha beírom a jelszót és enter ütök, utána 1,5 perccel :( tűnik el a képernyőről, az automatikusan induló dolgok majd 5 percig tartanak:(

Az F:\TEMP-ben lévő nem törölhető dolgokat egy unlocker nevű programmal kitakarítottam:)

All processes killed
Error: Unable to interpret <explorer.exe > in the current context!
========== FILES ==========
C:\WINDOWS\imsins.BAK moved successfully.
C:\Documents and Settings\Mi\Application Data\TrojanHunter moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Norton Ghost 14.0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RemoteControl8 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PDVD8LanguageShortcut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BDRegion deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rootrepeal.sys\ deleted successfully.
========== SERVICES/DRIVERS ==========

Service\Driver is-O7Q35drv deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes

User: Ge
->Temp folder emptied: 0 bytes
->Java cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes

User: Mi
->Temp folder emptied: 0 bytes
->Java cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes

User: Rendszergazda
->Temp folder emptied: 0 bytes

User: Ra
->Temp folder emptied: 0 bytes
->Java cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
File delete failed. F:\Temp\Perflib_Perfdata_b6c.dat scheduled to be deleted on reboot.
File delete failed. F:\Temp\Perflib_Perfdata_d2c.dat scheduled to be deleted on reboot.
Session Manager Temp folder emptied: 983708 bytes
File delete failed. F:\Temp\Perflib_Perfdata_b6c.dat scheduled to be deleted on reboot.
File delete failed. F:\Temp\Perflib_Perfdata_d2c.dat scheduled to be deleted on reboot.
Session Manager Tmp folder emptied: 32768 bytes
RecycleBin emptied: 14819954 bytes

Total Files Cleaned = 15,10 mb


OTM by OldTimer - Version 3.0.0.5 log created on 07212009_224620

Files moved on Reboot...
F:\Temp\Perflib_Perfdata_b6c.dat moved successfully.
File F:\Temp\Perflib_Perfdata_d2c.dat not found!


kedd júl. 21, 2009 22:21
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
Szed le a geprol a Terminatort,vagy a SAST-asuper anti spywaret,2-nemfuthat

fut egy csomo program feleslegesen ezert kiritkisuk
tolds le az OTMOVEIT3 programot
http://oldtimer.geekstogo.com/OTM.exe
a bal ablakba masold be a piros trxtet,klik-MOVEIT,,a restart utan a logot ted ide es ird le mi a helyzet
Kód:
explorer.exe

:files
C:\WINDOWS\imsins.BAK
C:\Documents and Settings\Mi\Application Data\TrojanHunter

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Norton Ghost 14.0"=-
"NeroFilterCheck"=-
"RemoteControl8"=-
"PDVD8LanguageShortcut"=-
"BDRegion"=-
"SunJavaUpdateSched"=-
"StartCCC"=-
"Adobe Reader Speed Launcher"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rootrepeal.sys]

:services
is-O7Q35drv

:commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
 


kedd júl. 21, 2009 18:57
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
A log.txt és az info.txt


Logfile of random's system information tool 1.06 (written by random/random)
Run by Mi at 2009-07-21 18:43:28
Microsoft Windows XP Professional Szervizcsomag 3
System drive C: has 6 GB (42%) free of 15 GB
Total RAM: 2047 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:44:15, on 2009.07.21.
Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\Program Files\Eset\nod32krn.exe
F:\Program Files\Norton Ghost\Agent\VProSvc.exe
F:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\dllhost.exe
F:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
C:\WINDOWS\Explorer.EXE
F:\Program Files\Eset\nod32kui.exe
F:\Program Files\Norton Ghost\Agent\VProTray.exe
F:\Program Files\A4Tech\Mouse\Amoumain.exe
F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\WINDOWS\RTHDCPL.EXE
F:\Program Files\Java\jre6\bin\jusched.exe
F:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Microsoft ActiveSync\Wcescomm.exe
F:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
F:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
F:\PROGRA~1\MICROS~2\rapimgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
X:\ProgramS\AntiVírus\RSIT.exe
C:\Program Files\trend micro\Mi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.hu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
O2 - BHO: Adobe PDF Reader hivatkozássúgó - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live bejelentkezési segítség - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [nod32kui] "F:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Norton Ghost 14.0] "F:\Program Files\Norton Ghost\Agent\VProTray.exe"
O4 - HKLM\..\Run: [WheelMouse] F:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl8] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "F:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "F:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] F:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "F:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ColorVisionStartup.lnk = E:\Program Files\ColorVision\Utility\ColorVisionStartup.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://F:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Locate Spot on Map by GPS - F:\Program Files\Opanda\IExif 2.26\IExifMap.htm
O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - F:\Program Files\Opanda\IExif 2.26\IExifCom.htm
O9 - Extra button: Küldés blogba - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Küldés blogba a Windows Live Writer programmal - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - F:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - F:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobil kedvenc létrehozása... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - F:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://toolbar.imageshack.us
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) -
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} -
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - F:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - F:\Program Files\Eset\nod32krn.exe
O23 - Service: Norton Ghost - Symantec Corporation - F:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - F:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SymSnapService - Symantec - F:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

--
End of file - 9169 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader hivatkozássúgó - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live bejelentkezési segítség - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - F:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{6932D140-ABC4-4073-A44C-D4A541665E35} - ImageShack Toolbar - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll [2007-08-21 602112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"nod32kui"=F:\Program Files\Eset\nod32kui.exe [2008-09-19 949376]
"Norton Ghost 14.0"=F:\Program Files\Norton Ghost\Agent\VProTray.exe [2008-01-19 2245984]
"WheelMouse"=F:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-05-15 204800]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"RemoteControl8"=F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
"PDVD8LanguageShortcut"=F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2008-08-08 91432]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-11-08 17421824]
"SunJavaUpdateSched"=F:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-04-28 61440]
"Adobe Reader Speed Launcher"=F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SpywareTerminator"=F:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2009-07-15 2173440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"H/PC Connection Agent"=F:\Program Files\Microsoft ActiveSync\Wcescomm.exe [2006-11-13 1289000]
"SUPERAntiSpyware"=F:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-06-24 1830128]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-08-03 202024]
"SpywareTerminatorUpdate"=F:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2009-06-29 3055616]

C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult
ColorVisionStartup.lnk - E:\Program Files\ColorVision\Utility\ColorVisionStartup.exe
Microsoft Office.lnk - F:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
F:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-04-29 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=F:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rootrepeal.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"Y:\uTorrent\uTorrent.exe"="Y:\uTorrent\uTorrent.exe:*:Enabled:&micro;Torrent"
"F:\Program Files\Microsoft ActiveSync\rapimgr.exe"="F:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"F:\Program Files\Microsoft ActiveSync\wcescomm.exe"="F:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"F:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="F:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"F:\Program Files\Flagship Studios\Hellgate London\Launcher.exe"="F:\Program Files\Flagship Studios\Hellgate London\Launcher.exe:*:Enabled:Hellgate: London"
"F:\Program Files\Skype\Phone\Skype.exe"="F:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"F:\Program Files\Microsoft ActiveSync\rapimgr.exe"="F:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"F:\Program Files\Microsoft ActiveSync\wcescomm.exe"="F:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"F:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="F:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

======List of files/folders created in the last 1 months======

2009-07-21 18:43:29 ----D---- C:\Program Files\trend micro
2009-07-21 18:43:28 ----D---- C:\rsit
2009-07-16 17:46:06 ----A---- C:\WINDOWS\ntbtlog.txt
2009-07-16 11:39:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-16 11:39:05 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-16 11:33:21 ----A---- C:\WINDOWS\imsins.BAK
2009-07-16 11:33:09 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-14 20:39:08 ----D---- C:\Documents and Settings\Mi\Application Data\Auslogics
2009-07-07 09:03:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-06 22:16:19 ----SHD---- C:\RECYCLER
2009-07-05 17:08:37 ----D---- C:\WINDOWS\temp
2009-07-05 10:01:53 ----D---- C:\Program Files\HijackThis
2009-07-04 19:28:17 ----D---- C:\a
2009-07-02 21:21:10 ----A---- C:\WINDOWS\system32\TweakUI.exe
2009-07-02 20:51:56 ----A---- C:\WINDOWS\zip.exe
2009-07-02 20:51:56 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-07-02 20:51:56 ----A---- C:\WINDOWS\SWSC.exe
2009-07-02 20:51:56 ----A---- C:\WINDOWS\SWREG.exe
2009-07-02 20:51:56 ----A---- C:\WINDOWS\sed.exe
2009-07-02 20:51:56 ----A---- C:\WINDOWS\NIRCMD.exe
2009-07-02 20:51:56 ----A---- C:\WINDOWS\grep.exe
2009-07-02 20:51:44 ----D---- C:\WINDOWS\ERDNT
2009-07-02 19:18:23 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-29 18:55:50 ----D---- C:\Documents and Settings\Mi\Application Data\Spyware Terminator
2009-06-29 18:55:24 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2009-06-29 00:00:09 ----D---- C:\Documents and Settings\Mi\Application Data\TrojanHunter
2009-06-28 21:02:22 ----R---- C:\WINDOWS\system32\streamhlp.dll

======List of files/folders modified in the last 1 months======

2009-07-21 18:44:06 ----D---- C:\WINDOWS\system32
2009-07-21 18:43:29 ----RD---- C:\Program Files
2009-07-21 18:16:17 ----D---- C:\WINDOWS\Prefetch
2009-07-21 17:47:22 ----D---- C:\WINDOWS\Registration
2009-07-20 22:28:12 ----AC---- C:\WINDOWS\wincmd.ini
2009-07-20 20:12:32 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-19 20:45:30 ----D---- C:\WINDOWS\system32\config
2009-07-19 15:43:23 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-19 15:43:13 ----D---- C:\WINDOWS\system32\drivers
2009-07-19 15:14:04 ----D---- C:\WINDOWS
2009-07-18 11:03:11 ----HD---- C:\WINDOWS\inf
2009-07-18 10:06:07 ----D---- C:\WINDOWS\system32\Restore
2009-07-18 10:03:19 ----SHD---- C:\WINDOWS\Installer
2009-07-18 09:44:06 ----SHD---- C:\System Volume Information
2009-07-16 11:39:21 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-16 11:35:14 ----D---- C:\WINDOWS\Debug
2009-07-07 17:10:56 ----AC---- C:\WINDOWS\system32\MRT.exe
2009-07-05 23:19:39 ----SHD---- C:\WINDOWS\CSC
2009-07-05 17:07:07 ----A---- C:\WINDOWS\system.ini
2009-07-05 17:02:46 ----D---- C:\WINDOWS\AppPatch
2009-07-05 17:02:34 ----D---- C:\Program Files\Common Files
2009-07-05 10:13:36 ----D---- C:\WINDOWS\system32\LogFiles
2009-07-04 18:05:53 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-04 18:05:39 ----D---- C:\Program Files\ESET
2009-07-01 22:31:57 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-06-25 23:21:41 ----D---- C:\Documents and Settings\Mi\Application Data\uTorrent
2009-06-24 18:08:46 ----AC---- C:\WINDOWS\NeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD processzor-illesztőprogram; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-05-15 9216]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]
R1 kbdhid;Billentyűzet HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2008-09-19 15424]
R1 SASDIFSV;SASDIFSV; \??\F:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\F:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WS2IFSL;Windows Socket 2.0 - nem IFS-t szolgáltató támogatási környezet; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-26 12032]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\000.fcl []
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2008-09-19 512096]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-11-11 278984]
R2 irda;IrDA protokoll; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-11-11 25416]
R2 v2imount;Symantec V2i Mount Driver; C:\WINDOWS\system32\DRIVERS\v2imount.sys [2008-01-19 38112]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-05-15 14336]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-04-29 3643904]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-07-02 89600]
R3 GEARAspiWDM;GearAspiWDM; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-01-19 15664]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-01-18 25280]
R3 HDAudBus;Microsoft UAA busz-illesztőprogram - High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID osztályú illesztőprogram; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-11-12 4946944]
R3 mouhid;Egér HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 Rasirda;WAN miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SASENUM;SASENUM; \??\F:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 usbccgp;Microsoft USB általános szülő-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 bővített állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2-engedélyezett hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB nyílt állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2008-08-18 290176]
S1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys []
S1 is-O7Q35drv;is-O7Q35drv; C:\WINDOWS\system32\DRIVERS\02478065.sys []
S2 WFPVRENC;WinFast PVR2000 MPEG Encoder; C:\WINDOWS\system32\drivers\wfpvrenc.sys []
S2 WFPVRTUNER;WinFast PVR2000 WDM Tuner; C:\WINDOWS\system32\drivers\wfpvrtun.sys []
S2 WFPVRVIDEO;WinFast PVR2000 WDM Video Capture; C:\WINDOWS\system32\drivers\wfpvrcap.sys []
S3 a0mh09x7;a0mh09x7; C:\WINDOWS\system32\drivers\a0mh09x7.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\RENDSZ~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Feliratdekódoló; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 irsir;Microsoft soros infravörös illesztőprogram; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-07-09 15104]
S3 MSTEE;Microsoft Streaming Tee/Sink - Sink átalakító; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI kodek; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/videokapcsolat; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 Spyder2;ColorVision Spyder2; C:\WINDOWS\system32\DRIVERS\Spyder2.sys [2007-01-17 12288]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbprint;Microsoft USB PRINTER osztály; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbstor;USB háttértár illesztőprogramja; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VProEventMonitor;Symantec Event Monitor Driver; C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys [2008-01-19 15088]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-04-20 479200]
S3 WFPVRBAR;WinFast PVR2000 WDM Crossbar; C:\WINDOWS\system32\drivers\WFPVRBAR.sys []
S3 WFSONORA;WinFast PxTV1200 (XC2028); C:\WINDOWS\system32\drivers\wfsonora.sys [2008-11-21 341120]
S3 WimFltr;WimFltr; C:\WINDOWS\system32\DRIVERS\wimfltr.sys [2008-01-19 128104]
S3 WSTCODEC;World Standard Teletext kodek; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 dwshd;dwshd; C:\WINDOWS\System32\drivers\dwshd.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Rendszer-helyreállító szűrő illesztőprogramja; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-04-29 602112]
R2 Irmon;Infravörös figyelő; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; F:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 NOD32krn;NOD32 Kernel Service; F:\Program Files\Eset\nod32krn.exe [2008-09-19 552064]
R2 Norton Ghost;Norton Ghost; F:\Program Files\Norton Ghost\Agent\VProSvc.exe [2008-01-19 4388192]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; F:\Program Files\Spyware Terminator\sp_rsser.exe [2009-06-29 487424]
R2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider; C:\WINDOWS\system32\dllhost.exe [2008-04-14 5120]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 yksvc;Marvell Yukon Service; ykx32mpcoinst,serviceStartProc []
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-08-03 382248]
R3 SymSnapService;SymSnapService; F:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe [2007-12-20 1553896]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-04-28 593920]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Messenger megosztási mappák – USN-naplóolvasó szolgáltatás; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.06 2009-07-21 18:44:18

======Uninstall list======

-->F:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->F:\Program Files\Nero 8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8 - Hungarian-->MsiExec.exe /I{AC76BA86-7AD7-1038-7B44-A81200000003}
Akadémiai MoBiMouse Plus - Angol-->MsiExec.exe /I{C0A73873-F936-4C90-B6F3-FD2F1BBDDAA6}
Akadémiai MoBiMouse Plus - Német-->MsiExec.exe /I{2944FACE-DF53-454A-B184-D793DC346268}
AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x000e -removeonly
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AusLogics Disk Defrag-->"F:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe"
BS.Player PRO-->"F:\Program Files\Webteh\BSplayerPro\uninstall.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
CCleaner (remove only)-->"F:\Program Files\CCleaner\uninst.exe"
CloneDVD2-->"F:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="F:\Program Files\Elaborate Bytes\CloneDVD2"
CyberLink PowerDVD 8-->"C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\setup.exe" /z-uninstall
DivX Codec-->F:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->F:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->F:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->F:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->F:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Driver Sweeper 1.5-->"F:\Program Files\Driver Sweeper\unins000.exe"
Dual-Core Optimizer-->MsiExec.exe /X{9FD6F1A8-5550-46AF-8509-271DF0E768B5}
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
EVEREST Ultimate Edition v4.60-->"F:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Exact Audio Copy 0.99pb4-->F:\Program Files\Exact Audio Copy\uninst.exe
Fable - The Lost Chapters-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}
Haali Media Splitter-->"F:\Program Files\Haali\MatroskaSplitter\uninstall.exe"
Hamachi 1.0.3.0-->F:\Program Files\Hamachi\uninstall.exe
Hellgate: London-->MsiExec.exe /X{A2B4455D-1046-4732-BFBC-0821BEFC07BC}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
ImageShack Toolbar for Internet Explorer-->MsiExec.exe /I{A080492B-91D0-4CB8-AE02-9FF2EF9FFDC8}
IrfanView (remove only)-->F:\Program Files\IrfanView\iv_uninstall.exe
Japanese Fonts Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5760-0000-800000000003}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft FrontPage 2002-->MsiExec.exe /I{9017040E-6000-11D3-8CFE-0050048383C9}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{20DEB77C-21D6-4D22-BB47-233E47613D57}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040E-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Monkey's Audio-->"F:\Program Files\Monkey's Audio\unins000.exe"
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 8-->MsiExec.exe /X{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1038}
NOD32 antivirus system-->F:\Program Files\Eset\Setup\setup.exe /UNINSTALL
NOD32 FiX v2.1-->"F:\Program Files\Eset\unins000.exe"
Norton Ghost-->MsiExec.exe /I{B0255743-165B-4BD5-8DA8-37DFB9930014}
NTREGOPT 1.1j-->"F:\Program Files\NT Registry Optimizer\unins000.exe"
NVIDIA PhysX v8.09.04-->MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
Opanda IExif 2.26-->"F:\Program Files\Opanda\IExif 2.26\unins000.exe"
Opanda PowerExif 1.2 Professional Trial-->"F:\Program Files\Opanda\PowerExif 1.2\unins000.exe"
PhotoME-->"F:\Program Files\PhotoME\unins000.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0xe -removeonly
SecurDisc Viewer-->MsiExec.exe /X{9AE57057-8E31-40EC-A8DD-A357E5291038}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Smart-X7 7.80-->F:\Program Files\A4Tech\Mouse\Uninst32.exe
SPORE™-->"C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\SPORESetup.exe" -runfromtemp -l0x000e -removeonly
Spyder2-->C:\WINDOWS\unvise32.exe E:\Program Files\ColorVision\Spyder2\uninstal.log
Spyware Terminator-->"F:\Program Files\Spyware Terminator\unins000.exe"
Subtitle Workshop 2.51-->"F:\Program Files\URUSoft\Subtitle Workshop\uninstall.exe"
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
The Bat! Professional v3.99.3-->MsiExec.exe /I{40BF1520-BAB7-4B38-A2FB-C474A888FACA}
Total Commander (Remove or Repair)-->F:\Program Files\totalcmd\tcuninst.exe
Tweak UI-->"C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
Unlocker 1.8.7-->F:\Program Files\Unlocker\uninst.exe
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Winamp-->"F:\Program Files\Winamp\UninstWA.exe"
Windows Internet Explorer 7 biztonsági frissítés - KB958215-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Windows Internet Explorer 7 biztonsági frissítés - KB960714-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Windows Internet Explorer 7 biztonsági frissítés - KB961260-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Windows Internet Explorer 7 biztonsági frissítés - KB963027-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Windows Internet Explorer 7 biztonsági frissítés - KB969897-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live bejelentkezési segéd-->MsiExec.exe /I{79449B16-5C47-4C4D-87CE-7E141572C8EE}
Windows Live Fotótár-->MsiExec.exe /X{9651D44D-1B52-449E-8A5B-27BCA6289387}
Windows Live installer-->MsiExec.exe /X{999CE3F5-C179-4607-BEDF-B9544B0DD232}
Windows Live Messenger-->MsiExec.exe /X{AF2815A6-0573-45A4-BAE3-3194C1D4393C}
Windows Live Writer-->MsiExec.exe /X{C5401ABF-5175-4E69-9849-EAA397952111}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP biztonsági frissítés - KB961371-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB971633-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB973346-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
WinFast Multimedia Driver Installation -->C:\Program Files\InstallShield Installation Information\{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}\setup.exe -runfromtemp -l0x0009 -removeonly
WinRAR archiver-->F:\Program Files\WinRar\uninstall.exe

======Security center information======

AV: ESET NOD32 Antivirus System 2.70

======System event log======

Computer Name: BSAFTPZ-DADB0F7
Event Code: 83
Message: Port A is down

Record Number: 410
Source Name: yukonwxp
Time Written: 20090620142434.000000+120
Event Type: információ
User:

Computer Name: BSAFTPZ-DADB0F7
Event Code: 7035
Message: A(z) EagleNT szolgáltatásnak sikeresen el lett küldve a(z) indítás vezérlő.

Record Number: 409
Source Name: Service Control Manager
Time Written: 20090620130821.000000+120
Event Type: információ
User: BSAFTPZ-DADB0F7\Geri

Computer Name: BSAFTPZ-DADB0F7
Event Code: 1003
Message: A számítógép nem tudta megújítani a(z) 00E0B0F7720C hálózati című hálózati kártyájához
tartozó címét a hálózatról (a DHCP-kiszolgálótól). A következő hiba történt:

A műveletet a felhasználó megszakította.
.
A számítógép továbbra is megpróbál címet igényelni a hálózati cím
kiszolgálójától (DHCP).

Record Number: 408
Source Name: Dhcp
Time Written: 20090620130656.000000+120
Event Type: figyelmeztetés
User:

Computer Name: BSAFTPZ-DADB0F7
Event Code: 4201
Message: A rendszer megállapította, hogy a hálózati kártya (\DEVICE\TCPIP_{A997FB03-D249-4C8B-A540-B47483209C8E}) a hálózathoz volt
kapcsolva, így normál működést kezdeményezett a hálózati kártyán.

Record Number: 407
Source Name: Tcpip
Time Written: 20090620130656.000000+120
Event Type: információ
User:

Computer Name: BSAFTPZ-DADB0F7
Event Code: 131
Message: Pause Function is Off

Record Number: 406
Source Name: yukonwxp
Time Written: 20090620130656.000000+120
Event Type: információ
User:

=====Application event log=====

Computer Name: BSAFTPZ-DADB0F7
Event Code: 105
Message: The service was started.

Record Number: 5
Source Name: ATI Smart
Time Written: 20090705092154.000000+120
Event Type: információ
User:

Computer Name: BSAFTPZ-DADB0F7
Event Code: 2
Message: A harmadik fél legfelső szintű kabinetfájljának automatikus frissítési beolvasása sikeres a következő helyről: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

Record Number: 4
Source Name: crypt32
Time Written: 20090704180515.000000+120
Event Type: információ
User:

Computer Name: BSAFTPZ-DADB0F7
Event Code: 7
Message: A harmadik fél legfelső szintű listasorszámának automatikus frissítési beolvasása sikeres a következő helyről: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

Record Number: 3
Source Name: crypt32
Time Written: 20090704180514.000000+120
Event Type: információ
User:

Computer Name: BSAFTPZ-DADB0F7
Event Code: 63
Message: Egy szolgáltató ( OffProv11) regisztrálása megtörtént a WMI névtérben (Root\MSAPPS11), hogy használja a LocalSystem fiókot. Ez a fiók kiemelt jogosultságokkal rendelkezik, és a biztonság megsértését okozhatja, ha helytelenül személyesíti meg a felhasználói kérelmeket.

Record Number: 2
Source Name: WinMgmt
Time Written: 20090704133353.000000+120
Event Type: figyelmeztetés
User: BSAFTPZ-DADB0F7\Rendszergazda

Computer Name: BSAFTPZ-DADB0F7
Event Code: 63
Message: Egy szolgáltató ( OffProv11) regisztrálása megtörtént a WMI névtérben (Root\MSAPPS11), hogy használja a LocalSystem fiókot. Ez a fiók kiemelt jogosultságokkal rendelkezik, és a biztonság megsértését okozhatja, ha helytelenül személyesíti meg a felhasználói kérelmeket.

Record Number: 1
Source Name: WinMgmt
Time Written: 20090704133353.000000+120
Event Type: figyelmeztetés
User: BSAFTPZ-DADB0F7\Rendszergazda

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;F:\Temp;C:\Program Files\Common Files\DivX Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 67 Stepping 3, AuthenticAMD
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=4303
"TEMP"=F:\Temp
"TMP"=F:\Temp
"windir"=%SystemRoot%
"HellgateEnv"=F:\Program Files\Flagship Studios\Hellgate London\
-----------------EOF-----------------


kedd júl. 21, 2009 17:56
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
hm,
ted ide meg az rsit logjat,-
http://images.malwareremoval.com/random/RSIT.exe


hétf. júl. 20, 2009 21:43
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
Rendszervisszaállítást nem lehetet kikapcsolni, de ez hála a te általad linkelt ResetHOSTSFileBackToDefaults.msi -nek azóta megszűnt, vagy az kikapcsolta nem tudom, de a lényeg, hogy már nincs bekapcsolva a rendszervisszaállítás, és ha arra a fülre váltok nem hal meg a rundll32.exe

De igen, sajnos a roppant lassú boot, programindítások/bezárások továbbra is fennállnak:(


hétf. júl. 20, 2009 21:30
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
akor most meg mindig ugyanaz a problem??
lasu a boot es nemlehet rendszerviszaalitast csinalnod??


hétf. júl. 20, 2009 18:53
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
Egyik file sincs meg, a Spyware Terminator mindegyiket törölte.

XP SP3-as gépnél okozhat problémát, ha bebootolok az XP (SP2-vel patch-elt) telepítőCD-jéről és amikor a C:-t kiválasztom és jelzi, hogy ott már van egy XP azt mondom, hogy helreállítást csináljon?


hétf. júl. 20, 2009 18:43
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
bekapcsolni a rejtet fajlok megjeleniteset--
:arrow: letoltod-futatod-restart-restart,,
xphidden.zip
megtalalod es leteszteled a virustotalon

C:\WINDOWS\System32\Drivers\apr3pdxg.SYS
F:\Left4Dead\left4dead.exe
C:\Documents and Settings\Mi\Asztal\LEFT 4 DEAD.lnk
x:\ProgramS\Tools\RegCLEAN 2007 Edition\setupxv.exe


vas. júl. 19, 2009 18:22
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
Most futott le a Spyware Terminátor teljesen, itt a log, közben talált még egy spy-t, de ez is csak install file, nem volt soha futtatva:

Logfile of Spyware Terminator v2.5.8.145 (db:3.007.017.000)
Scan Time: 2009.07.19. 15:46:09 length: 6258 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: %Custom_Scan%
Scanned Objects: 163936 (Critical:3)
Filter: No System items, No Safe items, No Invalid items

Running Processes
Ati2evxx.exe [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
Ati2evxx.exe [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
jqs.exe [Sun Microsystems, Inc.] : F:\Program Files\Java\jre6\bin\jqs.exe
nod32krn.exe [Eset ] : F:\Program Files\Eset\nod32krn.exe
VProSvc.exe [Symantec Corporation] : F:\Program Files\Norton Ghost\Agent\VProSvc.exe
sp_rsser.exe [Crawler.com] : F:\Program Files\Spyware Terminator\sp_rsser.exe
ULCDRSvr.exe [Ulead Systems, Inc.] : C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
SymSnapService.exe [Symantec] : F:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
nod32kui.exe [Eset ] : F:\Program Files\Eset\nod32kui.exe
VProTray.exe [Symantec Corporation] : F:\Program Files\Norton Ghost\Agent\VProTray.exe
Amoumain.exe [A4Tech Co.,Ltd.] : F:\Program Files\A4Tech\Mouse\Amoumain.exe
PDVD8Serv.exe [Cyberlink Corp.] : F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe
brs.exe [cyberlink] : C:\Program Files\Cyberlink\Shared Files\brs.exe
jusched.exe [Sun Microsystems, Inc.] : F:\Program Files\Java\jre6\bin\jusched.exe
Wcescomm.exe [Microsoft Corporation] : F:\Program Files\Microsoft ActiveSync\Wcescomm.exe
NMBgMonitor.exe [Nero AG] : C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
SpywareTerminatorUpdate.exe [Crawler.com] : F:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
MOM.exe [Advanced Micro Devices Inc.] : C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
NMIndexingService.exe [Nero AG] : C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
rapimgr.exe [Microsoft Corporation] : F:\Program Files\Microsoft ActiveSync\rapimgr.exe
NMIndexStoreSvr.exe [Nero AG] : C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
ccc.exe [ATI Technologies Inc.] : C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
SpyWareTerminator.exe [Crawler.com] : F:\Program Files\Spyware Terminator\SpyWareTerminator.exe
SpywareTerminatorShield.exe [Crawler.com] : F:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe

Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =

BHO
02 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - [Sun Microsystems, Inc.] : F:\Program Files\Java\jre6\bin\jp2ssv.dll
02 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - [Sun Microsystems, Inc.] : F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

Toolbars
03 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - [ImageShack Corp.] : C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll

StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, H/PC Connection Agent : [Microsoft Corporation] : F:\Program Files\Microsoft ActiveSync\Wcescomm.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SUPERAntiSpyware : [SUPERAntiSpyware.com] : F:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} : [Nero AG] : C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SpywareTerminatorUpdate : [Crawler.com] : F:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, amd_dc_opt : [AMD] : C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nod32kui : [Eset] : F:\Program Files\Eset\nod32kui.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Norton Ghost 14.0 : [Symantec Corporation] : F:\Program Files\Norton Ghost\Agent\VProTray.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WheelMouse : [A4Tech Co.,Ltd.] : F:\Program Files\A4Tech\Mouse\Amoumain.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, NeroFilterCheck : [Nero AG] : C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RemoteControl8 : [Cyberlink Corp.] : F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PDVD8LanguageShortcut : : F:\PROGRAM FILES\CYBERLINK\POWERDVD8\POWERDVD8\LANGUAGE\LANGUAGE.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BDRegion : [cyberlink] : C:\Program Files\Cyberlink\Shared Files\brs.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SunJavaUpdateSched : [Sun Microsystems, Inc.] : F:\Program Files\Java\jre6\bin\jusched.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, StartCCC : [Advanced Micro Devices, Inc.] : C:\Program Files\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CLISTART.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Adobe Reader Speed Launcher : [Adobe Systems Incorporated] : F:\PROGRAM FILES\ADOBE\READER 8.0\READER\READER_SL.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SpywareTerminator : [Crawler.com] : F:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
04 - Startup: : C:\Documents and Settings\Mi\Start Menu\Programs\Indítópult\desktop.ini
04 - Startup: : C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult\ColorVisionStartup.lnk
04 - Startup: %STARTUPALL%\ColorVisionStartup.lnk [ColorVision Inc.] : E:\Program Files\ColorVision\Utility\ColorVisionStartup.exe
04 - Startup: : C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult\desktop.ini
04 - Startup: : C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult\Microsoft Office.lnk

Shell Extensions
Haali Column Provider - {0561EC90-CE54-4f0c-9C55-E226110A740C} - : F:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
Haali Matroska Shell Property Page - {5574006C-28F5-4a65-A28C-74DE6BFBE0BB} - : F:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
Haali Matroska Thumbnail Extractor - {327669A0-59A7-4be9-B99E-1C9F3A57611A} - : F:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
SPTHandler - {BD88A479-9623-4897-8546-BC62B9628F44} - [Crawler.com] : F:\Program Files\Spyware Terminator\sptcontmenu.dll

Shell Extecute Hooks
SABShellExecuteHook Class - {{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}} - [SuperAdBlocker.com] : F:\Program Files\SUPERAntiSpyware\SASSEH.DLL

Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
Data Page Pluggable Protocol mso-offdap Handler - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - [Microsoft Corporation] : C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL

Services
23 - [AMD, Inc.] : C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
23 - [A4Tech Co.,Ltd.] : C:\WINDOWS\system32\DRIVERS\Amfilter.sys
23 - [Eset] : C:\WINDOWS\system32\drivers\amon.sys
23 - [A4Tech Co.,Ltd.] : C:\WINDOWS\system32\DRIVERS\Amusbprt.sys
23 - [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
23 - [ATI Research Inc.] : C:\WINDOWS\system32\drivers\AtiHdmi.sys
23 - : C:\WINDOWS\system32\DRIVERS\atksgt.sys
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\RtkHDAud.sys
23 - [Sun Microsystems, Inc.] : F:\Program Files\Java\jre6\bin\jqs.exe
23 - : C:\WINDOWS\system32\DRIVERS\lirsgt.sys
23 - [Nero AG] : C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
23 - : C:\WINDOWS\system32\drivers\nod32drv.sys
23 - [Eset] : F:\Program Files\Eset\nod32krn.exe
23 - [Symantec Corporation] : F:\Program Files\Norton Ghost\Agent\VProSvc.exe
23 - [SUPERAdBlocker.com and SUPERAntiSpyware.com] : F:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
23 - [SUPERAdBlocker.com and SUPERAntiSpyware.com] : F:\Program Files\SUPERAntiSpyware\SASENUM.SYS
23 - [SUPERAdBlocker.com and SUPERAntiSpyware.com] : F:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
23 - : C:\WINDOWS\system32\Drivers\sptd.sys
23 - [Crawler.com] : C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
23 - [Crawler.com] : F:\Program Files\Spyware Terminator\sp_rsser.exe
23 - [StorageCraft] : C:\WINDOWS\system32\DRIVERS\symsnap.sys
23 - [Symantec] : F:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
23 - [Ulead Systems, Inc.] : C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
23 - [Symantec Corporation] : C:\WINDOWS\system32\DRIVERS\v2imount.sys
23 - [Marvell] : C:\WINDOWS\system32\DRIVERS\yk51x86.sys
23 - [Cyberlink Corp.] : F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\000.fcl

Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon, DLLName : [SUPERAntiSpyware.com] : F:\Program Files\SUPERAntiSpyware\SASWINLO.dll
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent, DLLName : [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.dll

Threat Files
<Trojan.Agent.106526> : F:\Left4Dead\left4dead.exe
<Trojan.Agent.106526> : C:\Documents and Settings\Mi\Asztal\LEFT 4 DEAD.lnk
<Adware.SpyClean.A> : x:\ProgramS\Tools\RegCLEAN 2007 Edition\setupxv.exe

Advanced Files Report
F:\Program Files\SUPERAntiSpyware\SASWINLO.dll [SUPERAntiSpyware.com] [SUPERAntiSpyware WinLogon Processor] MD5=972EDEDE23AC8D59AAC0C09799C6F18A SIZE=356352
%SYSDIR%\Ati2evxx.dll [ATI Technologies Inc.] [ATI External Event Utility for Windows] MD5=C3615C9D8B753A44B2C9110396A075A6 SIZE=155648
%SYSDIR%\imon.dll [Eset] [NOD32 Antivirus System] MD5=3EA8F8EDC6F364B576FA26BF28AAE6B4 SIZE=298104
F:\Program Files\Eset\pr_imon.dll MD5=22CEE8ADE04D98C8ECC36C50E7EC200C SIZE=52280
%SYSDIR%\Ati2evxx.exe [ATI Technologies Inc.] [ATI External Event Utility for Windows] MD5=D5406AD4263487BD6C6B2D7735B095BC SIZE=602112
%SYSDIR%\Ati2edxx.dll [ATI Technologies, Inc.] [ATI External Device Utility] MD5=20E9EEE0CB1BE8C16E0616B547371317 SIZE=43520
%SYSDIR%\atipdlxx.dll [ATI Technologies, Inc.] [ATI Desktop Component] MD5=ACB9714E5CD9A0A02377BF46B42B89C7 SIZE=204800
F:\Program Files\Java\jre6\bin\jqs.exe [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U13] MD5=890369AED0DDE1A98F09F7DC239CA2BD SIZE=152984
F:\Program Files\Eset\nod32krn.exe [Eset] [NOD32 Antivirus System] MD5=5300E3715347A5DA5B94AEC3177F5F31 SIZE=552064
F:\Program Files\Eset\nod32krr.dll [Eset] [NOD32 Antivirus System] MD5=1DA2F9EDFEE7D5637306A8B3FA23B918 SIZE=56376
F:\Program Files\Eset\ps_amon.dll [Eset] [NOD32 Antivirus System] MD5=0B143B49FC5CD226757AF2742640559A SIZE=199808
F:\Program Files\Eset\pr_amon.dll [Eset] [NOD32 Antivirus System] MD5=FE23A21750F8644268147EE8F10C40AB SIZE=35896
F:\Program Files\Eset\ps_dmon.dll [Eset] [NOD32 Antivirus System] MD5=B489AFC44511026AC302F5B6C1F72107 SIZE=183352
F:\Program Files\Eset\pr_dmon.dll MD5=72C9111F928C761D22EC253C4CD0AB4E SIZE=23608
F:\Program Files\Eset\ps_emon.dll [Eset] [NOD32 Antivirus System] MD5=6DA1417BC230B7306A240EBEA1FD001B SIZE=207992
F:\Program Files\Eset\pr_emon.dll MD5=3055FC5AE0108E8CEE27A4FE43EEA644 SIZE=60472
F:\Program Files\Eset\ps_nod32.dll [Eset] [NOD32 Antivirus System] MD5=47E0678E7527B3537E6535E187B1C52E SIZE=191544
F:\Program Files\Eset\pr_nod32.dll [Eset] [NOD32 Antivirus System] MD5=6C699F9B90EAF276C6889B04ECBE73CD SIZE=23608
F:\Program Files\Eset\ps_upd.dll [Eset] [NOD32 Antivirus System] MD5=8F9F4C65FA9C2797B57676CE12C60FD2 SIZE=318584
F:\Program Files\Eset\pr_upd.dll MD5=AC1D3394833A6DF78DEA441408E5490E SIZE=52280
F:\Program Files\Norton Ghost\Agent\VProSvc.exe [Symantec Corporation] [Norton Ghost] MD5=90C79EB9D0779E027EEEC8C1919A41DD SIZE=4388192
%COMMONFILES%\Symantec Shared\VProRecovery\VProObj.dll [Symantec Corporation] [Norton Ghost] MD5=FA8CE10BC418B3B9069E3FC303F0DD81 SIZE=4105568
%COMMONFILES%\Symantec Shared\VProRecovery\NotifyHandler.dll [Symantec Corporation] [Norton Ghost] MD5=72DE44A1E837970AB00AA5CEAB48AE6C SIZE=2090352
%COMMONFILES%\Symantec Shared\VProRecovery\VProScheduler.dll [Symantec Corporation] [Norton Ghost] MD5=DADB85A07AD182E0486371541599BC1F SIZE=2123120
F:\Program Files\Norton Ghost\Shared\FileBackup.dll [Symantec Corporation] [Norton Ghost] MD5=7A79F83A1EFCDD69B56BB167B04D1784 SIZE=2205032
F:\Program Files\Norton Ghost\Agent\VProDirWatcher.dll [Symantec Corporation] [Norton Ghost] MD5=166C9442172751B3B4BC667107F31D9D SIZE=144752
F:\Program Files\Norton Ghost\Shared\ErrorGui.dll [Symantec Corporation] [Norton Ghost] MD5=23AC14AAC3281B355B796F44FA805FDD SIZE=1750368
F:\Program Files\Norton Ghost\Agent\gwrks32.dll [GEAR-Software] [GEAR.wrks for Windows 95/98/NT/ME/2000/XP] MD5=A93A9021C790DFD8C84F831D3F2C38A8 SIZE=284272
F:\Program Files\Norton Ghost\Agent\gearaw32.dll [GEAR-Software] [GEAR.wrks 3.54] MD5=A2A12C2F09447EFF44B44F0E40C36FAE SIZE=2377328
F:\Program Files\Norton Ghost\Agent\gwlangEN.dll [GEAR-Software] [Gear Language Resource DLL for Windows 95/98/NT (Dynamic Link Library)] MD5=1103C26F40271B480695A4843F52D7E5 SIZE=194160
F:\Program Files\Spyware Terminator\sp_rsser.exe [Crawler.com] [Crawler Spyware Terminator] MD5=AA21CF891D0D8248ECA1E9BA201ACBEF SIZE=487424
%COMMONFILES%\Ulead Systems\DVD\ULCDRSvr.exe [Ulead Systems, Inc.] [Ulead Systems ULCDRSvr] MD5=332D341D92B933600D41953B08360DFB SIZE=49152
%SYSDIR%\ykx32mpcoinst.dll [Marvell] [Marvell Miniport Co-installer] MD5=395CE69045AB25FA779DAF32C367C682 SIZE=270336
F:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe [Symantec] [Symantec SymSnap Components Development Edition] MD5=5507B0F252D420871D2DA9B3CB2BABC2 SIZE=1553896
%SYSDIR%\Amhooker.dll [A4Tech Co.,Ltd.] [A4Tech X7 Mouse Driver] MD5=248408896F47F7315A9EE73008308EBD SIZE=36864
F:\Program Files\SUPERAntiSpyware\SASSEH.DLL [SuperAdBlocker.com] [SuperAntiSpyware] MD5=ECD5517A6633826057D4F050927DDF56 SIZE=77824
F:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Safer Networking Limited] [Spybot - Search & Destroy] MD5=022C2F6DCCDFA0AD73024D254E62AFAC SIZE=1879896
F:\Program Files\Norton Ghost\Browser\VProShellExt.dll [Symantec Corporation] [Norton Ghost] MD5=DAEACF08CD18C6CD524DD128EB1FD64E SIZE=2049384
F:\Program Files\WinRar\rarext.dll MD5=323E124D88B48D60B92DFD0962A91398 SIZE=128512
F:\Program Files\Unlocker\UnlockerCOM.dll MD5=DA66CEAF1DEF4DA337F1542E0308483D SIZE=10240
F:\Program Files\Spyware Terminator\sptcontmenu.dll [Crawler.com] [Spyware Terminator] MD5=A5E97B2B88CC48FC178E88BF6E02F5EC SIZE=164352
F:\Program Files\Eset\nodshex.dll MD5=BFBC64A5FEF3E2D553338B10B3D1A2F0 SIZE=60544
F:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll MD5=61452B71670D12216F288D46D0879F71 SIZE=159744
F:\Program Files\Haali\MatroskaSplitter\mkunicode.dll MD5=48A2007CFE0AC7109B049711CD8878E9 SIZE=23552
F:\Program Files\Eset\nod32rui.dll MD5=A05A30C79437CC96D0E5A4929ADF9F6D SIZE=105528
F:\Program Files\Eset\pu_amon.dll [Eset] [NOD32 Antivirus System] MD5=9CB007F11CC9700AE77E79DF8CBFA617 SIZE=134200
F:\Program Files\Eset\pu_dmon.dll [Eset] [NOD32 Antivirus System] MD5=D40703FFF46E2DE778B600622AC4F81E SIZE=72760
F:\Program Files\Eset\pu_emon.dll [Eset] [NOD32 Antivirus System] MD5=B4FAAD19570AAD30B6CDAF0203AA59EA SIZE=142456
F:\Program Files\Eset\pu_imon.dll [Eset] [NOD32 Antivirus System] MD5=2D567A829D4FF75E4C46A4E3F7D9B6F1 SIZE=187512
F:\Program Files\Eset\pu_nod32.dll [Eset] [NOD32 Antivirus System] MD5=F9B434EB5B827E16E9D3AF15175485AF SIZE=93312
F:\Program Files\Eset\pu_upd.dll [Eset] [NOD32 Antivirus System] MD5=BCF76CBDF3E12871D2C838740C9EF9DA SIZE=187512
%COMMONFILES%\Symantec Shared\VProRecovery\VProAuto.dll [Symantec Corporation] [Norton Ghost] MD5=45D47A04B076CB0FF10C3FA81E22F118 SIZE=333152
F:\Program Files\A4Tech\Mouse\Amoures.dll [A4Tech Co.,Ltd.] [A4Tech X-7 Works Mouse Driver] MD5=180000E93CA1D32BCAA19A139F3287AA SIZE=102400
F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\CLRCEngine3.dll [CyberLink Corp.] [Cyberlink PowerCinema] MD5=5295757E598BCA6358FB28B7C6B6D5B5 SIZE=75048
%COMMONFILES%\Nero\Shared\NL3\AdvrCntr3.dll [Nero AG] [AdvrCntr Module] MD5=61F827299FA2FCE1CA726B2B67F7DB15 SIZE=3974440
%COMMONFILES%\Nero\Lib\NMIndexingServicePS.dll [Nero AG] [Nero Home] MD5=DB955C9C79EA80C42C0D74DB26DF8FE1 SIZE=63784
%COMMONFILES%\Nero\Lib\NMIndexStoreSvrPS.dll [Nero AG] [Nero Home] MD5=0BFE653222BF1AD1574767BADF76BE4B SIZE=23848
%COMMONFILES%\Nero\Lib\NMDataServices.dll [Nero AG] [Nero Home] MD5=B9C4390934915867AA9CACB462E24A04 SIZE=3147048
F:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [Crawler.com] [Spyware Terminator] MD5=E645D94B960913DC9B587DEEEE045BFE SIZE=3055616
F:\Program Files\Spyware Terminator\TorentDll.dll MD5=916CEB9DB5BDD41EB3D75C5488BD99A1 SIZE=1649154
%PROGRAMFILES%\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [Advanced Micro Devices Inc.] [Catalyst Control Centre] MD5=6B87742F27B087AF7FD4ADC2DB685DE0 SIZE=49152
%WINDIR%\assembly\GAC_MSIL\MOM.Implementation\2.0.3405.36911__90ba9c70f846762e\MOM.Implementation.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=76363C0E1E611886D736434D51F5D80A SIZE=106496
%WINDIR%\assembly\GAC_MSIL\LOG.Foundation\2.0.3403.16813__90ba9c70f846762e\LOG.Foundation.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=F8BB1E2F5F515BE0BC7DDA7216E5C399 SIZE=32768
%WINDIR%\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3403.16826__90ba9c70f846762e\LOG.Foundation.Private.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=1B5D19F647E1CB2D661DDF37AE72BD6E SIZE=36864
%WINDIR%\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3405.36910__90ba9c70f846762e\LOG.Foundation.Implementation.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=38D0507CB7A7A8037C17DA289AFF4A41 SIZE=65536
%WINDIR%\assembly\GAC_MSIL\MOM.Foundation\2.0.3403.16838__90ba9c70f846762e\MOM.Foundation.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=1BB9942EA0FBCE4C0CE3BC197A0D4AFE SIZE=16384
%WINDIR%\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3403.16838__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=34B97E131B92ED3D049351FFA9DA81D3 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CCC.Implementation\2.0.3405.36911__90ba9c70f846762e\CCC.Implementation.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=1EB6B5244BCC8D1BFF238E7ECC196265 SIZE=19456
%WINDIR%\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3403.16814__90ba9c70f846762e\NEWAEM.Foundation.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=28D409859A9ADF8A75FA514D2DFC983C SIZE=28672
%COMMONFILES%\Nero\Lib\NMIndexingService.exe [Nero AG] [Nero Home] MD5=6EF0506CE1F553E9BD085645933C8686 SIZE=382248
%COMMONFILES%\Nero\Lib\NMLogCxx.dll [Nero AG] [Nero Home] MD5=A13EDB544C97658F3B9931156AAC8FAF SIZE=75048
%COMMONFILES%\Nero\Lib\log4cxx.dll MD5=5343CDD474640D02BCB109A201EF9722 SIZE=823296
F:\Program Files\Microsoft ActiveSync\rapimgr.exe [Microsoft Corporation] [Microsoft ActiveSync] MD5=15981069ABAC7AD83ECAD726067E5B28 SIZE=199464
%COMMONFILES%\Nero\Lib\NMIndexStoreSvr.exe [Nero AG] [Nero Home] MD5=1ED843E61AEB221A65EE3508089B6B81 SIZE=1422632
%COMMONFILES%\Nero\Lib\NMSQLDB.dll [Nero AG] [Nero Home] MD5=FB9A94B8984555D61B59D96371F5D54F SIZE=279848
%COMMONFILES%\Nero\Lib\NMCoFoundation.dll [Nero AG] [Nero Home] MD5=42509FE8C8A6BACBA90BDE84DE929E4C SIZE=738600
%COMMONFILES%\Nero\Lib\NMPluginBase.dll [Nero AG] [Nero Home] MD5=BA18EDBED9D88A47A1E7E0F518D203A2 SIZE=169256
%COMMONFILES%\Nero\Lib\NMFullTextExtraction.dll [Nero AG] [Nero Home] MD5=86AD33AC55A61B685972D0EABD132FEA SIZE=226600
%COMMONFILES%\Nero\Lib\NMSearchPluginSimilarImages.dll [Nero AG] [Nero Home] MD5=1502C584C3EB2092335D95CA06275505 SIZE=234792
%COMMONFILES%\Nero\Lib\NeroIPP.dll [Nero AG] [Nero Suite] MD5=7125BC0490C93C673FEB9D5B44BF7932 SIZE=4085032
%PROGRAMFILES%\ATI Technologies\ATI.ACE\Core-Static\ccc.exe [ATI Technologies Inc.] [Catalyst Control Centre] MD5=4C08FB7ACB28689B586D986D3F5826CF SIZE=49152
%WINDIR%\assembly\GAC_MSIL\CLI.Foundation\2.0.3403.16818__90ba9c70f846762e\CLI.Foundation.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=D0371E0639628D06CA635C31C8A1F41E SIZE=90112
%WINDIR%\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3405.36825__90ba9c70f846762e\CLI.Component.SkinFactory.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=049F85F95736BFBA2A8D860B3C826972 SIZE=57344
%WINDIR%\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3403.16866__90ba9c70f846762e\CLI.Foundation.XManifest.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=8E2E88FDCC996E2BC0ACEB095ACE5F06 SIZE=28672
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3405.36824__90ba9c70f846762e\CLI.Component.Runtime.dll [Advanced Micro Devices, Inc.] [Catalyst™ Control Centre] MD5=D3961A7E5E70C8C0C2598732CCC70B63 SIZE=57344
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3403.16840__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=90B8FDDF0577C3B48B84C7D0C6F3DE2F SIZE=45056
%WINDIR%\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3403.16820__90ba9c70f846762e\CLI.Foundation.Private.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=979F6EBE55F385D9656E3759756EFA19 SIZE=40960
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3403.16828__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=04EB0123F841F039C0BBDCF38618EE8D SIZE=16384
%WINDIR%\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll MD5=CD632A9274E7E85B9F37F84C91595C27 SIZE=14848
%WINDIR%\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=CB5A7DF8A823603E70389F9E16975EB5 SIZE=32768
%PROGRAMFILES%\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll [Advanced Micro Devices, Inc.] [Catalyst&reg; Control Centre] MD5=008B1721F0CBA2403E428D581F42C372 SIZE=53248
%WINDIR%\assembly\GAC_MSIL\AEM.Server\2.0.3405.36822__90ba9c70f846762e\AEM.Server.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=06A08966EBA92407D2086310F2CA8641 SIZE=45056
%SYSDIR%\atiadlxx.dll [Advanced Micro Devices, Inc.] [ADL Component] MD5=CFD33115B2593B5E86F2D032CF2C2BF8 SIZE=135168
%PROGRAMFILES%\ATI Technologies\ATI.ACE\Core-Implementation\32\wbocx.ocx [Stardock Corporation] [WindowBlinds : DirectSkin] MD5=0BE92B27DC8C7B6035A5EC373FC2B619 SIZE=573440
%WINDIR%\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3403.16828__90ba9c70f846762e\AEM.Server.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=8F0332AD3A3083895B9ECCBBEAF8556B SIZE=16384
%WINDIR%\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3405.36922__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=99DA7B178F998CF524EA250DF2A20C91 SIZE=45056
%WINDIR%\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll [Assembly imported from type library WBOCXLib] MD5=1BF1820B86F4921D42D74C922044AC18 SIZE=13312
%WINDIR%\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3403.16852__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=ADBF140F8070B9D985ABE986DEDD0DA7 SIZE=16384
%WINDIR%\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3403.16829__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=18328820B02ABB24FCC2F7EAA7DAFB68 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3403.16841__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=B2EA0B69C03BE80A8273D4F3B83D9E7D SIZE=16384
%WINDIR%\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll [ATI Technologies Inc.] [Catalyst&reg; Control Centre] MD5=CCE69BC85D019F49691C592DDCC2FA97 SIZE=45056
%WINDIR%\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll [ATI Technologies Inc.] [Catalyst&reg; Control Centre] MD5=110D2A7BBFBA80AAE36B5F229FE800AD SIZE=16384
%WINDIR%\assembly\GAC_MSIL\DEM.Graphics\2.0.3403.16851__90ba9c70f846762e\DEM.Graphics.dll [Advanced Micro Devices Inc.] [Catalyst&reg; Control Centre] MD5=71A1115B36F03C6F6553866BFD1CDF55 SIZE=16384
%PROGRAMFILES%\ATI Technologies\ATI.ACE\Core-Implementation\32\wbhelp2.dll [Stardock.Net, Inc] [WindowBlinds for Win32 x86 machines] MD5=D68018AEBB6226BCA5103DA8B66A57D6 SIZE=50688
%SYSDIR%\ATIDEMGX.dll [Advanced Micro Devices, Inc.] [Catalyst&reg; Control Centre] MD5=365C11FE360C289C4243A86603D1852B SIZE=442368
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3405.36929__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=B3D3C97F95E6D23C2D39301F72EA5CCD SIZE=11776
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3405.36928__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=835FDB450E8DAB051D5CDFC1C203B2AF SIZE=8704
%WINDIR%\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3403.16821__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=70DD1E02A2AFD94D013F388B2AC3622C SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3403.16833__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll [Advanced Mirco Devices, Inc.] [Catalyst™ Control Centre] MD5=A441BE2E809F8EC9562529770ADDD1FA SIZE=61440
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3405.36826__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll [Advanced Mirco Devices, Inc.] [Catalyst™ Control Centre] MD5=FD638DE49E100359B8BA5BAA66E2F4AA SIZE=315392
%WINDIR%\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll [ATI Technologies Inc.] [Catalyst&reg; Control Centre] MD5=D7E0757130EC80DB391B585932590FFA SIZE=24576
%PROGRAMFILES%\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll [Advanced Micro Devices, Inc.] [Catalyst&reg; Control Centre] MD5=A28DE8E4EB7641639F68C62A32264578 SIZE=16384
%WINDIR%\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3403.16853__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=EBB42BD752E2D2C443941D2F3558D27F SIZE=16384
%WINDIR%\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3403.16827__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll [Advanced Micro Devices, Inc.] [Catalyst™ Control Centre] MD5=D1207951775D81FC87962CA1F316FE7D SIZE=20480
%PROGRAMFILES%\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll [Advanced Micro Devices, Inc.] [Catalyst&reg; Control Centre] MD5=7F9A009E33940087FDE0FA25D8AA5706 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3405.36879__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=E4C16025CF9FD1B663D16526215B6FA2 SIZE=65536
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3403.16846__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=B3F3FACD701E19CCA3ABF863278A362C SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=E2E100B41BEC7AE68132DA1B1ECA1C03 SIZE=40960
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3403.16839__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=8DE46B62F1594CCD69764EF7A919E823 SIZE=28672
%PROGRAMFILES%\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll [Advanced Micro Devices, Inc.] [Catalyst&reg; Control Centre] MD5=0386FAD4FEE556BE7C263DD397D30E75 SIZE=16384
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3405.36897__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=39C522CB10C2B698CD70725BB7C1C727 SIZE=77824
%WINDIR%\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll [Advanced Micro Devices, Inc.] [Catalyst&reg; Control Centre] MD5=2E7FAB502A8615B1AAB0EAB35AFBCA3B SIZE=16384
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=AB2B27CDACFFB4714DCF0FA55D68F57A SIZE=65536
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3403.16836__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=D3760531493DE770F04EC1730732FC3E SIZE=32768
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3405.36834__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=D129749B1CFD6955FA9B09F57D69ABDE SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll [Advanced Micro Devices, Inc.] [Catalyst™ Control Centre] MD5=A1CB7B55EB890B93CE5207139C3B4236 SIZE=36864
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=984BC87DE56074DA17EA010F4EE482F5 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3405.36850__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=11A82DBF056DC31B87B487AB33986B28 SIZE=40960
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=142CEF5E93E2F88B29CC1ADECC61B315 SIZE=28672
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3405.36876__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=53912F492D3203701008E7262DAF2E95 SIZE=36864
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3403.16844__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=104619AE5BDC1B00DCD4FABBC594DB5A SIZE=24576
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3405.36871__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=BA014D7D7A6D96C6DACDC48DE7EBDE40 SIZE=40960
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=A2A26FBBCD75230133AA5B5AEEA4C522 SIZE=53248
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3405.36877__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll [Advanced Micro Devices, Inc.] [Catalyst™ Control Centre] MD5=ECF3EB13837AAC5915920EFD13DCF9CD SIZE=32768
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=537168DAFE3228A864BAC50078F6263C SIZE=28672
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll [Advanced Micro Devices, Inc.] [Catalyst™ Control Centre] MD5=AEC48CAAE5C063019A14D5AD0F4B872E SIZE=61440
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=188045F6FEF28C179088C2673B502776 SIZE=49152
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3405.36844__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=CBA363C4BD2DD206B119E60E8684118E SIZE=28672
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3403.16842__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=0B5B8880053BCD0BB886A9260D26FBA0 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3405.36927__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=1438E51DB715091C9A1F31169B6A42E0 SIZE=77824
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3403.16854__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=8EFAD7756B59B8BA3CBDE4805830D65D SIZE=61440
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3405.36883__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=6F479D9E823FD3E6B2EBF8F29131267C SIZE=61440
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=328A409088126C4B2D55D036760E06B1 SIZE=53248
%PROGRAMFILES%\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll [Advanced Micro Devices, Inc.] [Catalyst&reg; Control Centre] MD5=DAB3B370E0C2815FDF5B29204B8FB984 SIZE=16384
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3405.36871__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=63269B8523B6CB31501B70679A0ED1DC SIZE=81920
%PROGRAMFILES%\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll [Advanced Micro Devices, Inc.] [Catalyst&reg; Control Centre] MD5=ACFD0D2CD67C478673F2EAB1CB4D9D79 SIZE=16384
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3403.16844__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=530D5AEA256AA2FC41BC2365BE9E7892 SIZE=53248
%WINDIR%\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll [Advanced Micro Devices, Inc.] [Catalyst&reg; Control Centre] MD5=0DEAB952A0A36ABCB6270FE45D3CACE1 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\APM.Server\2.0.3405.36823__90ba9c70f846762e\APM.Server.dll [Advanced Micro Devices, Inc.] [Catalyst™ Control Centre] MD5=D132E8F73620410001C1404903AE2D74 SIZE=61440
%WINDIR%\assembly\GAC_MSIL\APM.Foundation\2.0.3403.16838__90ba9c70f846762e\APM.Foundation.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=6BD1C2F32B2477271F6CAAEB5AB6153C SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3405.36821__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=BF12AF350D088A5894922292CEEA8A55 SIZE=7168
%WINDIR%\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3403.16853__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=7B0395966CF533802956C8834F7BE223 SIZE=16384
%WINDIR%\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3403.16839__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=2B8A8308291183A3D95E49D83E735082 SIZE=16384
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3405.36906__90ba9c70f846762e\CLI.Component.Systemtray.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=31C424BEC9726A252B2842F9BCF5833A SIZE=544768
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3403.16835__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll [Advanced Micro Devices, Inc.] [Catalyst™ Control Centre] MD5=A2352211BB2C7D9B32BC1D348167FDF7 SIZE=40960
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3405.36839__90ba9c70f846762e\CLI.Component.Wizard.dll [Advanced Micro Devices, Inc.] [Catalyst™ Control Centre] MD5=FF9FD199F49FD02A5712591E0CAC6169 SIZE=405504
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3403.16823__90ba9c70f846762e\CLI.Component.Client.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=365782294D30565353F763D4A30338C9 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3403.16833__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=F0D7856B036ECCF1CB8B3D68523D99E1 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3403.16839__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=F7EF23090DCF8B95CAFA69FE619C1514 SIZE=24576
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3405.36840__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=868D015EC269E5BE117ABD88C9DCB090 SIZE=40960
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3403.16842__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=DA4F76E8A7008232FF6BC0BC42A278B9 SIZE=16384
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3405.36917__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=0FD9405D0823014D891D77FF2DC38FBC SIZE=491520
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3405.36884__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=E1D7435E5402834BA38A87F7D35E47E4 SIZE=94208
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3403.16850__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=A63C34FD7E17BBE5C4C812A1460C7C3E SIZE=40960
%WINDIR%\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3405.36941__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll [Advanced Micro Devices, Inc.] [Catalyst™ Control Centre] MD5=918A2562D47BFA5CA421325518379870 SIZE=602112
%WINDIR%\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll [Assembly imported from type library 'ATIXCodeLib'.] MD5=EE850C95ED088E8835F2425EE551296F SIZE=7168
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3405.36892__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=9AD2AC039F2FB823094BCD9EAC05043C SIZE=405504
%PROGRAMFILES%\ATI Technologies\ATI.ACE\Branding\Branding.dll MD5=0A7977FF7535F237C8C745AE09887C35 SIZE=16384
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3405.36844__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=3675E4EBB228792317D552E82A419A69 SIZE=1728512
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3405.36845__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=A3B872CD97E4C3857151D9D530DEC963 SIZE=204800
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3405.36902__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=4F786DBBACE61FC2E6EDAF1E8F89A739 SIZE=364544
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3405.36889__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=0F194D7F10E133C4DEA7308D6F95553B SIZE=692224
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3405.36933__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=AC2BF97FF254421C2274581D34E7AE52 SIZE=7680
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3405.36830__90ba9c70f846762e\CLI.Component.Dashboard.dll [Advanced Micro Devices, Inc.] [Catalyst™ Control Centre] MD5=EDA51B6A00CD8BFAA24AEC4F274E2F1D SIZE=1212416
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3403.16830__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=0B20E15452240B32419155BCA2FC3D5C SIZE=24576
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3403.16838__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=8E65A87DF2B48B88D7C01FB95D19FE43 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3405.36834__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=CAA4E5FAC4F1FBC052D9C88E8DED99F3 SIZE=73728
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=4D139BD5F0554BF039606DC32373380B SIZE=16384
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3405.36918__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll [Advanced Mirco Devices, Inc.] [Catalyst™ Control Centre] MD5=D22EEB4EAAD5980681150337777C2D1D SIZE=45056
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3405.36846__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=863F0CEEF17ABBEED80D8A4C8DDEA353 SIZE=196608
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3405.36835__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=24CFBED7FA06EA0F455412AF0155DB6E SIZE=409600
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll [CLI.Aspect.CrossDisplay.Graphics.Dashboard] MD5=268779C54BF995998ECCA0AC70757174 SIZE=270336
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3405.36876__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=391F00037FCE87C1821171879AECF3C0 SIZE=94208
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=858015D82AFEAC2E566A916A76129686 SIZE=393216
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3405.36880__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=E7B7132E6DCC935F276006BFC6EFE739 SIZE=630784
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3405.36898__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=7D29DEFF248758820831D7B600AFC92B SIZE=749568
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3405.36866__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll [Advanced Micro Devices, Inc.] [Catalyst™ Control Centre] MD5=67C559BD46A71C5796ACF44591B83A62 SIZE=364544
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3405.36884__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=A92A579B28733072CE4547BE175B12C9 SIZE=348160
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3405.36846__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=9A90F9E1493FA4850DC9C91D7E52EAE4 SIZE=573440
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3405.36872__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=B8FF0D1DB625C049E74F2F71492394D5 SIZE=782336
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3405.36845__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=0D19FCFBF3D5192424B827A99577A126 SIZE=61440
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3405.36927__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=DF3F14E116310563C86145A51161763C SIZE=643072
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3405.36929__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll [Advanced Micro Devices Inc.] [Catalyst™ Control Centre] MD5=B6645D7C738646D0469C80A47CFCD9CE SIZE=7680
F:\Program Files\Spyware Terminator\SpyWareTerminator.exe [Crawler.com] [Spyware Terminator] MD5=DD568EE6C229A342FEE84504109BECA1 SIZE=15228272
F:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [Crawler.com] [Crawler Spyware Terminator] MD5=C851D0A315E13C44E72760F2B864688D SIZE=2173440
%STARTUP%\desktop.ini MD5=D6A6856702E3F0953E7246A9B4A9FE35 SIZE=84
%STARTUPALL%\ColorVisionStartup.lnk MD5=4C65EE90BEAA357E9FC4F94716E6F940 SIZE=716
E:\Program Files\ColorVision\Utility\ColorVisionStartup.exe [ColorVision Inc.] [ColorVisionStartup] MD5=1ED3FB8AAFEB4E32BC26EA6D07FE1334 SIZE=385024
%STARTUPALL%\desktop.ini MD5=D6A6856702E3F0953E7246A9B4A9FE35 SIZE=84
%STARTUPALL%\Microsoft Office.lnk MD5=7E1C4387884C7DA8D93A3D614E25C7AA SIZE=1603
%SYSDIR%\DRIVERS\AmdLLD.sys [AMD, Inc.] [Low Level Device Driver] MD5=AD8FA28D8ED0D0A689A0559085CE0F18 SIZE=34304
%SYSDIR%\DRIVERS\Amfilter.sys [A4Tech Co.,Ltd.] [A4Tech Mouse Driver] MD5=D716473C4F66C1173D3CA4E679F68743 SIZE=9216
%SYSDIR%\drivers\amon.sys [Eset] [NOD32 Antivirus System] MD5=98ECCA556D67DEBA604A4B4B1FDB02B8 SIZE=512096
%SYSDIR%\DRIVERS\Amusbprt.sys [A4Tech Co.,Ltd.] [A4Tech Mouse Driver] MD5=0E264A9ACB592F3FD91E742983DB6A96 SIZE=14336
%SYSDIR%\drivers\AtiHdmi.sys [ATI Research Inc.] [ATI HDMI Audio Driver] MD5=591A9EABB5EF5168E435C2F18B05DD76 SIZE=89600
%SYSDIR%\DRIVERS\atksgt.sys MD5=3C4B9850A2631C2263507400D029057B SIZE=278984
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\dllhost.exe \Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\svchost.exe -k HTTPFilter
%SYSDIR%\drivers\RtkHDAud.sys [Realtek Semiconductor Corp.] [Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)] MD5=12E9A40D13EDBB63A61F6B3196452F0D SIZE=4946944
%SYSDIR%\DRIVERS\lirsgt.sys MD5=4127E8B6DDB4090E815C1F8852C277D3 SIZE=25416
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\drivers\nltdi.sys
%SYSDIR%\drivers\nod32drv.sys MD5=18C1C4B7098130E672CB9D28CF67F81E SIZE=15424
%SYSDIR%\svchost -k rpcss
F:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [SUPERAdBlocker.com and SUPERAntiSpyware.com] [SUPERAntiSpyware] MD5=BFBC4BE8D6AC6D33AD93F3F5F2E11499 SIZE=9968
F:\Program Files\SUPERAntiSpyware\SASENUM.SYS [SUPERAdBlocker.com and SUPERAntiSpyware.com] [SUPERAntiSpyware] MD5=E9C2D75C748C3F0A4C34D6CF2AE1D754 SIZE=7408
F:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [SUPERAdBlocker.com and SUPERAntiSpyware.com] [SUPERAntiSpyware] MD5=64C100DBF57C6CB6E7D5D24153F5E444 SIZE=55024
%SYSDIR%\Drivers\sptd.sys SIZE=721904
%SYSDIR%\drivers\sp_rsdrv2.sys [Crawler.com] [Spyware Terminator] MD5=8831252BCF05FCFB5ABD116A22E552D8 SIZE=142592
%SYSDIR%\dllhost.exe \Processid:{751D2404-C0CD-4AA4-BF19-622B3DD7BA0A}
%SYSDIR%\DRIVERS\symsnap.sys [StorageCraft] [StorageCraft Volume Snap-Shot Development Edition] MD5=C9273531EAC75EE225E3170FB6107FA3 SIZE=136416
%SYSDIR%\DRIVERS\v2imount.sys [Symantec Corporation] [Symantec Virtual Volume Mounting Driver Development Edition] MD5=B4D63048D6358E7C6AB61B98B8CFF263 SIZE=38112
%SYSDIR%\DRIVERS\yk51x86.sys [Marvell] [Marvell Yukon Ethernet Controller.] MD5=AF96EE14FA81592DCB28A513840BC715 SIZE=290176
F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\000.fcl [Cyberlink Corp.] [CyberLink FCL Driver] MD5=5867CE254625645345C833510D24F124 SIZE=41456
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=56319E6B4D190A2DEB4463A9CE4D4F74 SIZE=66072
%COMMONFILES%\Microsoft Shared\Web Components\10\OWC10.DLL [Microsoft Corporation] [Microsoft Office XP] MD5=AA2204BD7F9FBFAA09EF15C212A67D69 SIZE=7255384

End of Report


vas. júl. 19, 2009 16:37
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
JA és persze a helyzet változatlan...:(

Közben elkezdtem leszadni a különböző korábban felrakott sokféle anti-spyware programot nehogy azok összekadása legyen a gond.
Persze előtte mindegyiket lefuttattam, hátha...
spybot search & destroy nem talált semmit, DE a spyware terminátor kidobott egy ilyet: Trojan.Agent.106526 a Left4dead.exe-ben.

Ez eddig hol a fenében volt, hogy a többi program nem találta meg???

Ha a DrWeb bootolós CD image-e menne már rég nem kínlódnék ennyit, de sajnos az alábbi hibába szaladok (gondolom bios-t kellene frissíteni, de ilyen állapotú gépen nem kockáztatom meg)
http://kepfeltoltes.hu/090703/DrWeb_boo ... es.hu_.jpg


vas. júl. 19, 2009 16:23
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
Talált ezt-azt, de nem hiszem, hogy ezek miatt futott olyan lassan.

(Az X meghajtón csak install dolgok voltak, nem voltak futtatva.)

Scan
----
Scanned: 741326
Detected: 5
Untreated: 0
Start time: 2009.07.18. 11:08:16
Duration: 1 days 02:19:01
Finish time: 2009.07.19. 13:27:17


Detected
--------
Status Object
------ ------
deleted: Trojan program Trojan.Win32.Vapsup.ucv File: F:\Program Files\XRECODE\MACDll.dll
deleted: adware not-a-virus:AdWare.Win32.Rabio.bc File: X:\ProgramS\MultiM\DVD2DivX_FairUse.Wizard.v2.5.Hungarian-DVT\Setup\Setup.exe
deleted: adware not-a-virus:AdWare.Win32.Rabio.w File: X:\ProgramS\MultiM\FairUse v2.6 Full Edition\FairUse v2.6 Full Edition.exe
deleted: Trojan program Trojan.Win32.Vapsup.ucv File: X:\ProgramS\MultiM\XRecode 2.35 (Konvertáló)\XRecode-2.35.exe//file13
deleted: virus IRC-Worm.HTML.Generic File: Y:\TXT_DOC\Könyvek\Műszaki doksik\ELEKTRO\levlista\el000515ig.txt


Events
------
Time Name Status Reason
---- ---- ------ ------
2009.07.18. 11:08:23 Running module: smss.exe\smss.exe ok scanned
2009.07.18. 11:08:23 File: C:\WINDOWS\System32\smss.exe ok scanned
2009.07.18. 11:08:23 Running module: smss.exe\ntdll.dll ok scanned
2009.07.18. 11:08:23 File: C:\WINDOWS\system32\ntdll.dll ok scanned
2009.07.18. 11:08:23 Running module: csrss.exe\csrss.exe ok scanned
2009.07.18. 11:08:23 File: C:\WINDOWS\system32\csrss.exe ok scanned
2009.07.18. 11:08:23 Running module: csrss.exe\ntdll.dll ok scanned
2009.07.18. 11:08:23 File: C:\WINDOWS\system32\ntdll.dll ok scanned
2009.07.18. 11:08:23 Running module: csrss.exe\CSRSRV.dll ok scanned
2009.07.18. 11:08:23 File: C:\WINDOWS\system32\CSRSRV.dll ok scanned
2009.07.18. 11:08:23 Running module: csrss.exe\basesrv.dll ok scanned
2009.07.18. 11:08:23 File: C:\WINDOWS\system32\basesrv.dll ok scanned
2009.07.18. 11:08:23 Running module: csrss.exe\winsrv.dll ok scanned
2009.07.18. 11:08:23 File: C:\WINDOWS\system32\winsrv.dll ok scanned
2009.07.18. 11:08:23 Running module: csrss.exe\GDI32.dll ok scanned
2009.07.18. 11:08:23 File: C:\WINDOWS\system32\GDI32.dll ok scanned
2009.07.18. 11:08:23 Running module: csrss.exe\KERNEL32.dll ok scanned


Statistics
----------
Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------


Settings
--------
Parameter Value
--------- -----
Security Level Recommended
Action Disinfect, delete if disinfection fails
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE objects All
Skip if object is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search No
Use heuristic analyzer Yes


Quarantine
----------
Status Object Size Added
------ ------ ---- -----


Backup
------
Status Object Size
------ ------ ----


vas. júl. 19, 2009 13:41
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
Start-futatas-beirod cleanmgr ok>>full specialis-rendszer viszaalitas-tisztitas,,ok,,ok

Arrow ujbol-start-futatas-beirod-cleanmgr,,ok,ok,bepipazni
Temporary Internet Files
szemet kupa
Temporary Files
kipucolni,ok,ok

letoltod-lefutatod-restart
http://go.microsoft.com/?linkid=9668866

letoltod-futatod-restart-
TFC

futasd meg le az AVPTOOL-programot
http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/
http://ftp.kaspersky.com/devbuilds/AVPTool/
alitsd be a kepek szerint es futasd,amit talal,az detected alat lesz ted ide
http://www.viry.cz/forum/viewtopic.php?p=452660#452660/
Reports – Save to file:-logot ide,


csüt. júl. 16, 2009 19:00
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
Közben lefuttattam a superantispyware-t és ezt találta:
5 db Trojan.Agent/Gen-PEC

Ebből 4 a systerm restore-ban, 1 pedig a C:\Windows\PEV.EXE

csak tudnám hogy a fenébe bukkantak ezek fel, amikor korábban már combofix, és sok más kereső lefutott és nem dobta ki ezeket??


csüt. júl. 16, 2009 16:25
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
Minent megcsináltam, helyzet változatlan:(

Itt a feltöltött anyaghoz a link:
http://leteckaposta.cz/file/403629762.1 ... e0ef57b8b1


csüt. júl. 16, 2009 10:20
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
ok,
majd csinald eztet
letoltod az asztalra-futatod-restart
TFC
csinalsz evel a programal torezedesmentest-letoltod-feltelepited-futatod
Auslogics Disc Defragmenter


Download AVZ4

1nyisd ki-csomagold ki az asztalra avz4
2:nyisd ki az uj avz mapat 2x klik AVZ.exe futasd a fekete pajz,,,
3:klikni na gombik>> Auto Update
Kép

2.klik- "File" => klik-"Standard scripts " bepipazni 3-" >Healing/Quarantine/Advanced System
3. klik “Execute selected scripts”.
ok
kezdodik a scan-kiirja skan komplet-klik-ok-ok..kinyitod az avz mapat es a logoot fellyatszod ide-] >.
>>> http://leteckaposta.cz/
a linket ted ide,[/b] :arrow:


kedd júl. 07, 2009 10:17
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
Helyzet sajnos változatlan:(
Lehet, hogy valami rendszerszintű dolog sz*rt be, azt hiszem még megpróbálkozom egy XP repair-al, ha az se segít adatokat lement, formáz, újratelepít, de ez majd csak nyaralás után, mert most oda indulok.

Köszönet az eddigi segítségért, és ha van még valami 5leted azért írd le, ha visszajöttem azzal még megpróbálkozom.


kedd júl. 07, 2009 8:18
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
hm,nemlatok semit,csinalunk egy nagy takaritast,es az tan meglasuk

:arrow:
Idézet:
Kód:
c:\Windows\System32\cleanmgr.exe /dc /sagerun: 1
c:
cd \
cd c:\Windows\Prefetch
cd c:\windows\temp
del *.* /q

ted az asztalra mint pucolas.bat
minden fajlo es futasd le,,restart
:arrow: Mostan toldsd le a -CCleanert-jobklik a szemet tar-futatni a CCleanert a Windows Full-mindent bepipazol-klik-analyze-klik run cleaner-de a bongeszokett zard be.Adig nyomkodod a cleaner gombott meg nemtiszta a joboldalon az ablak.
http://www.ccleaner.com/download/downloadpage.aspx?f=2
Klik -Full-Aplikaciok-itt is bepipazni mindent-es ugyanugy csinalod.

Utana klik ISSUES-az a kocka=register->rendszer iro>itt is bepipazni mindent ugyanugy ha valamitt kerdez beleegyezel-klik fix problem.
:arrow: start-utatas-beirod-cleanmgr-ok-full-specialis-alol-rendszerviszalitas-kipucolni,,,ok,,marad az utolso viszaalitasi pont,,

:arrow: http://www.aumha.org/downloads/ntregopt-setup.exe
letoltod-futatod restart,,es ird le a helyzetet a gepel,


hétf. júl. 06, 2009 13:45
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Time: 2009/07/05 23:26
Program Version: Version 1.3.0.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: apr3pdxg.SYS
Image Path: C:\WINDOWS\System32\Drivers\apr3pdxg.SYS
Address: 0xB85B7000 Size: 421888 File Visible: No Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xB8169000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF79D5000 Size: 8192 File Visible: No Signed: -
Status: -

Name: PCI_NTPNP7508
Image Path: \Driver\PCI_NTPNP7508
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB7534000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\Documents and Settings\Geri\Local Settings\Application Data\Microsoft\Messenger\wynlord@freemail.hu\SharingMetadata\leg.olas@freemail.hu\DFSR\Staging\CS{5647C523-3FB5-14BB-5CA2-19B00B77E8F6}\01\16-{5647C523-3FB5-14BB-5CA2-19B00B77E8F6}-v1-{95E71965-84A7-4F1E-B032-4FEC51AFD2F0}-v16-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\47\47-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v47-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v47-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\01\11-{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}-v1-{10AB81EB-89F2-493E-B697-E8B43E9539EF}-v11-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\26\26-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v26-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v26-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\27\190-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v27-{DB852E5D-7C78-45A3-A70D-529AB7B67D14}-v190-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\28\28-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v28-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v28-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\29\29-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v29-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v29-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\30\191-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v30-{DB852E5D-7C78-45A3-A70D-529AB7B67D14}-v191-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\31\192-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v31-{DB852E5D-7C78-45A3-A70D-529AB7B67D14}-v192-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\32\32-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v32-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v32-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\33\33-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v33-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v33-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\34\193-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v34-{DB852E5D-7C78-45A3-A70D-529AB7B67D14}-v193-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\35\35-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v35-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v35-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\36\194-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v36-{DB852E5D-7C78-45A3-A70D-529AB7B67D14}-v194-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\37\37-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v37-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v37-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\38\195-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v38-{DB852E5D-7C78-45A3-A70D-529AB7B67D14}-v195-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\39\39-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v39-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v39-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\40\40-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v40-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v40-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\41\41-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v41-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v41-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\42\42-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v42-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v42-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\43\43-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v43-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v43-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\44\44-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v44-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v44-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\45\45-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v45-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v45-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\46\46-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v46-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v46-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\48\196-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v48-{DB852E5D-7C78-45A3-A70D-529AB7B67D14}-v196-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\49\197-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v49-{DB852E5D-7C78-45A3-A70D-529AB7B67D14}-v197-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\50\50-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v50-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v50-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\51\51-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v51-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v51-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\52\52-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v52-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v52-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\53\198-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v53-{DB852E5D-7C78-45A3-A70D-529AB7B67D14}-v198-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\54\54-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v54-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v54-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\55\55-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v55-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v55-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\56\56-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v56-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v56-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\57\57-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v57-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v57-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\58\58-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v58-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v58-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\59\59-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v59-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v59-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\60\60-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v60-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v60-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\61\199-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v61-{DB852E5D-7C78-45A3-A70D-529AB7B67D14}-v199-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\62\62-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v62-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v62-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\63\63-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v63-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v63-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\64\64-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v64-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v64-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\65\65-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v65-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v65-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\66\200-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v66-{DB852E5D-7C78-45A3-A70D-529AB7B67D14}-v200-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\67\67-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v67-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v67-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\68\68-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v68-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v68-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\69\69-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v69-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v69-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Réka\Local Settings\Application Data\Microsoft\Messenger\aaacc@t-online.hu\SharingMetadata\szvemese@freemail.hu\DFSR\Staging\CS{AA6D8BC7-0C54-027B-65B7-D97B0FA9EC62}\70\70-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v70-{7EEB25B9-8EA0-4E05-9FBF-4CA5405625CF}-v70-Downloaded.frx
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Geri\Application Data\Macromedia\Flash Player\#SharedObjects\EMG8XPUF\g-ecx.images-amazon.com\images\G\01\digital\video\streaming\LastBW_.sol:{5SSDT
-------------------
#: 041 Function Name: NtCreateKey
Status: Hooked by "sptd.sys" at address 0xf74ed0d0

#: 071 Function Name: NtEnumerateKey
Status: Hooked by "sptd.sys" at address 0xf74f2fb2

#: 073 Function Name: NtEnumerateValueKey
Status: Hooked by "sptd.sys" at address 0xf74f3340

#: 119 Function Name: NtOpenKey
Status: Hooked by "sptd.sys" at address 0xf74ed0b0

#: 160 Function Name: NtQueryKey
Status: Hooked by "sptd.sys" at address 0xf74f3418

#: 177 Function Name: NtQueryValueKey
Status: Hooked by "sptd.sys" at address 0xf74f3298

#: 247 Function Name: NtSetValueKey
Status: Hooked by "sptd.sys" at address 0xf74f34aa

Stealth Objects
-------------------
Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP]
Process: System Address: 0x8a6081e8 Size: 121

Object: Hidden Code [Driver: apr3pdxgࠅం灐畳pci, IRP_MJ_CREATE]
Process: System Address: 0x8a4521e8 Size: 121

Object: Hidden Code [Driver: apr3pdxgࠅం灐畳pci, IRP_MJ_CLOSE]
Process: System Address: 0x8a4521e8 Size: 121

Object: Hidden Code [Driver: apr3pdxgࠅం灐畳pci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a4521e8 Size: 121

Object: Hidden Code [Driver: apr3pdxgࠅం灐畳pci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a4521e8 Size: 121

Object: Hidden Code [Driver: apr3pdxgࠅం灐畳pci, IRP_MJ_POWER]
Process: System Address: 0x8a4521e8 Size: 121

Object: Hidden Code [Driver: apr3pdxgࠅం灐畳pci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a4521e8 Size: 121

Object: Hidden Code [Driver: apr3pdxgࠅం灐畳pci, IRP_MJ_PNP]
Process: System Address: 0x8a4521e8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE]
Process: System Address: 0x8a49e1e8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE]
Process: System Address: 0x8a49e1e8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ]
Process: System Address: 0x8a49e1e8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE]
Process: System Address: 0x8a49e1e8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8a49e1e8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a49e1e8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a49e1e8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8a49e1e8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER]
Process: System Address: 0x8a49e1e8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a49e1e8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP]
Process: System Address: 0x8a49e1e8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_CREATE]
Process: System Address: 0x8a5981e8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_CLOSE]
Process: System Address: 0x8a5981e8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_READ]
Process: System Address: 0x8a5981e8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_WRITE]
Process: System Address: 0x8a5981e8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8a5981e8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a5981e8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a5981e8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8a5981e8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_POWER]
Process: System Address: 0x8a5981e8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a5981e8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_PNP]
Process: System Address: 0x8a5981e8 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_CREATE]
Process: System Address: 0x8a49d790 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_CLOSE]
Process: System Address: 0x8a49d790 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a49d790 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a49d790 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_POWER]
Process: System Address: 0x8a49d790 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a49d790 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_PNP]
Process: System Address: 0x8a49d790 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE]
Process: System Address: 0x8a60a1e8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ]
Process: System Address: 0x8a60a1e8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE]
Process: System Address: 0x8a60a1e8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8a60a1e8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a60a1e8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a60a1e8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8a60a1e8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP]
Process: System Address: 0x8a60a1e8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER]
Process: System Address: 0x8a60a1e8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a60a1e8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP]
Process: System Address: 0x8a60a1e8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CREATE]
Process: System Address: 0x8a1f81e8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLOSE]
Process: System Address: 0x8a1f81e8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a1f81e8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a1f81e8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLEANUP]
Process: System Address: 0x8a1f81e8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_PNP]
Process: System Address: 0x8a1f81e8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_CREATE]
Process: System Address: 0x8a4961e8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_CLOSE]
Process: System Address: 0x8a4961e8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a4961e8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a4961e8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_POWER]
Process: System Address: 0x8a4961e8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a4961e8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_PNP]
Process: System Address: 0x8a4961e8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLOSE]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_WRITE]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_EA]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_EA]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLEANUP]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_SECURITY]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_POWER]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_QUOTA]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_PNP]
Process: System Address: 0x8a1f4790 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_CREATE]
Process: System Address: 0x8a187790 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_CLOSE]
Process: System Address: 0x8a187790 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_READ]
Process: System Address: 0x8a187790 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x8a187790 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x8a187790 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x8a187790 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x8a187790 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x8a187790 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a187790 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8a187790 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x8a187790 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_CLEANUP]
Process: System Address: 0x8a187790 Size: 121

Object: Hidden Code [Driver: sys, IRP_MJ_PNP]
Process: System Address: 0x8a187790 Size: 121

==EOF==


vas. júl. 05, 2009 22:44
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
ok,akor renben van
megnezuk a rootkitokat
Idézet:
http://rootrepeal.googlepages.com/RootRepeal.zip
futatod- RootRepeal.exe>>Report >>>Scan >>>bepipazod>>Select ALL>>klik OK>>a skan utan>>Klik on Save Report a logot ted ide


vas. júl. 05, 2009 19:53
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
s-ata vinyó


vas. júl. 05, 2009 19:38
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
:arrow: nezd meg ha a lemez nemegy e PIO-modban
start-futatas beirod devmgmt.msc--job klik a + ra az IDE-radicra-job klik a primaris kanalra-tulajdonsaga-specialis-es it megnezni milyen modban fut PIO-vagy DMA-5-6
ugyanazt a sekundar kanalra es ird meg


vas. júl. 05, 2009 18:59
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
A gond, hogy a konfig (AMD X2 4600+-os gép 2GB ram Radeon 4670 videóka 320GB Samsung F1 vinyó, J&W-RS780UVD AM2+ alaplap) gyakorlatilag egy PII-es sebességével bootol, amikor a usernek megadom a passwordjét utána kb. 5 perc mire egyáltalán belép, további 4 perc mire az automatikusan induló programokat betölti.

Egy program indítása is a szokásos többszöröséig tart, képernyőváltások mint egy lassított felvétel, és ahogy írtam rendszervisszaállítás fül kiválasztásakor rundll32.exe meghal, gépleállításnál a "windows leáll" üzenetnél megáll a rendszer (1 órát hagytam, hátha csak ez is lassú, de még akor is ez volt a monitoron:( )

Írtam egy DVD-t 8X-es sebességgel a szokásos 6 perc helyett 45-ig tartott, mert folyton elfogyott az írási tároló:(


vas. júl. 05, 2009 18:51
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
Na latom hogy jol kipucoltad,mar semi veszejes dolgokat nemlatok,,ird le pontosan hogy mi meg a problem,,,


vas. júl. 05, 2009 16:54
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
Ez pedig a Quaarantined file.log

009-07-05 15:04:47 . 2009-07-05 15:04:47 9,996 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2009-07-05 14:55:29 . 2009-07-05 14:56:24 102 ----a-w- C:\Qoobox\Quarantine\catchme.log


vas. júl. 05, 2009 16:35
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
ComboFix 09-07-04.08 - Rendszergazda 009.07.05. 16:58.2 - NTFSx86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1250.36.1038.18.2047.1755 [GMT 2:00]
Running from: c:\documents and settings\Rendszergazda\Asztal\ComboFix.exe
AV: ESET NOD32 Antivirus System 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-06-05 to 2009-07-05 )))))))))))))))))))))))))))))))
.

2009-07-05 12:24 . 2009-07-05 12:24 -------- d-----w- c:\documents and settings\Rendszergazda\Local Settings\Application Data\Ahead
2009-07-04 17:28 . 2009-07-04 17:28 -------- d-----w- C:\a
2009-07-04 11:30 . 2009-07-04 11:30 -------- d-----w- c:\documents and settings\Rendszergazda\DoctorWeb
2009-07-02 20:27 . 2009-07-03 04:11 -------- d-----w- c:\documents and settings\Mi\DoctorWeb
2009-07-02 19:21 . 2003-06-25 14:05 266360 ----a-w- c:\windows\system32\TweakUI.exe
2009-07-02 18:49 . 2009-07-02 18:49 106 ----a-w- C:\delete.bat
2009-07-02 17:18 . 2009-07-05 08:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-29 16:56 . 2009-06-29 16:55 6144 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2009-06-29 16:56 . 2009-06-29 16:55 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2009-06-29 16:56 . 2009-06-29 16:55 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-06-29 16:55 . 2009-07-05 07:47 -------- d-----w- c:\documents and settings\Mi\Application Data\Spyware Terminator
2009-06-29 16:55 . 2009-07-03 15:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-06-28 22:00 . 2009-06-28 22:00 -------- d-----w- c:\documents and settings\Mi\Application Data\TrojanHunter
2009-06-27 16:58 . 2009-06-27 16:58 -------- d-----w- c:\documents and settings\Rendszergazda\Local Settings\Application Data\GHISLER
2009-06-27 06:28 . 2009-06-27 06:28 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\Nero
2009-06-26 14:49 . 2009-06-26 14:49 -------- d-----w- c:\documents and settings\Rendszergazda\Application Data\SUPERAntiSpyware.com
2009-06-22 12:13 . 2009-06-22 12:13 -------- d-----w- c:\documents and settings\Geri\Local Settings\Application Data\Symantec_Corporation
2009-06-22 12:13 . 2009-06-22 12:13 -------- d-----w- c:\documents and settings\Geri\Application Data\Symantec
2009-06-21 17:09 . 2009-06-21 17:09 -------- d-----w- c:\documents and settings\All Users\Application Data\BVRP Software
2009-06-21 17:08 . 2008-05-16 10:33 115752 ----a-w- c:\windows\system32\drivers\s0016unic.sys
2009-06-21 17:08 . 2008-05-16 10:33 10792 ----a-w- c:\windows\system32\drivers\s0016cr.sys
2009-06-21 17:08 . 2008-05-16 10:33 114216 ----a-w- c:\windows\system32\drivers\s0016mgmt.sys
2009-06-21 17:08 . 2008-05-16 10:33 110632 ----a-w- c:\windows\system32\drivers\s0016obex.sys
2009-06-21 17:08 . 2008-05-16 10:33 25512 ----a-w- c:\windows\system32\drivers\s0016nd5.sys
2009-06-21 17:08 . 2008-05-16 10:33 15016 ----a-w- c:\windows\system32\drivers\s0016mdfl.sys
2009-06-21 17:08 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016cmnt.sys
2009-06-21 17:08 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016cm.sys
2009-06-21 17:08 . 2008-05-16 10:33 120744 ----a-w- c:\windows\system32\drivers\s0016mdm.sys
2009-06-21 17:08 . 2008-05-16 10:33 89256 ----a-w- c:\windows\system32\drivers\s0016bus.sys
2009-06-21 17:08 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016whnt.sys
2009-06-21 17:08 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016wh.sys
2009-06-15 06:56 . 2009-06-25 14:30 96 ---ha-w- c:\windows\system32\HsInfo.dat
2009-06-12 08:31 . 2009-06-12 08:31 -------- d-----w- c:\program files\directx
2009-06-06 11:16 . 2009-06-06 11:16 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-06-06 11:13 . 2009-04-28 19:05 593920 ------w- c:\windows\system32\ati2sgag.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-05 07:46 . 2009-03-19 17:26 117760 ----a-w- c:\documents and settings\Mi\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-07-04 16:05 . 2008-09-19 21:03 -------- d-----w- c:\program files\ESET
2009-07-01 20:32 . 2001-10-26 11:00 402148 ----a-w- c:\windows\system32\perfh00E.dat
2009-07-01 20:32 . 2001-10-26 11:00 86918 ----a-w- c:\windows\system32\perfc00E.dat
2009-06-26 14:08 . 2008-10-19 09:02 -------- d-----w- c:\documents and settings\Geri\Application Data\skypePM
2009-06-26 14:06 . 2008-10-19 09:02 -------- d-----w- c:\documents and settings\Geri\Application Data\Skype
2009-06-25 21:21 . 2008-10-23 15:18 -------- d-----w- c:\documents and settings\Mi\Application Data\uTorrent
2009-06-25 15:44 . 2008-12-07 08:43 -------- d-----w- c:\documents and settings\Geri\Application Data\uTorrent
2009-06-21 17:07 . 2008-09-19 20:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-12 17:56 . 2009-01-18 17:14 -------- d-----w- c:\documents and settings\Geri\Application Data\Hamachi
2009-06-12 11:10 . 2008-10-19 10:39 -------- d-----w- c:\documents and settings\Geri\Application Data\Winamp
2009-06-09 13:14 . 2008-11-19 19:00 3532 ----a-w- C:\drmHeader.bin
2009-06-07 19:48 . 2008-10-17 18:42 -------- d-----w- c:\documents and settings\Mi\Application Data\Skype
2009-06-07 15:47 . 2008-12-07 19:40 -------- d-----w- c:\documents and settings\Mi\Application Data\skypePM
2009-06-06 11:16 . 2008-09-19 20:21 -------- d-----w- c:\documents and settings\Mi\Application Data\ATI
2009-06-06 11:14 . 2008-09-19 20:07 -------- d-----w- c:\program files\ATI Technologies
2009-06-04 18:42 . 2009-04-04 10:50 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-05-26 19:21 . 2008-09-20 18:46 -------- d-----w- c:\program files\Common Files\ArcSoft
2009-05-26 19:12 . 2009-05-26 19:12 4580 ----a-w- c:\documents and settings\Mi\FMCodec.dat
2009-05-26 18:41 . 2008-10-09 19:18 -------- d-----w- c:\documents and settings\All Users\Application Data\ArcSoft
2009-05-07 17:00 . 2009-05-07 17:00 -------- d-----w- c:\documents and settings\Geri\Application Data\SPORE
2009-05-07 16:57 . 2009-05-07 16:57 -------- d--h--r- c:\documents and settings\Geri\Application Data\SecuROM
2009-05-07 16:57 . 2009-05-02 17:33 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-05-07 15:34 . 2004-08-17 14:47 348160 ----a-w- c:\windows\system32\localspl.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-05-01 21:02 . 2009-05-01 21:02 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-05-01 21:02 . 2009-05-01 21:02 811008 ----a-w- c:\windows\system32\divx_xx16.dll
2009-05-01 21:02 . 2009-05-01 21:02 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-05-01 21:02 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\DivX.dll
2009-04-29 04:47 . 2004-08-17 14:47 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:47 . 2004-08-17 14:47 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-29 03:30 . 2009-04-29 03:30 3643904 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-04-29 02:18 . 2009-04-29 02:18 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-04-29 02:17 . 2009-04-29 02:17 335872 ----a-w- c:\windows\system32\ati2dvag.dll
2009-04-29 02:07 . 2009-04-29 02:07 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-04-29 02:06 . 2008-12-01 20:40 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-04-29 02:06 . 2009-04-29 02:06 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-04-29 02:06 . 2009-04-29 02:06 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-04-29 02:06 . 2008-12-01 20:40 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-04-29 02:04 . 2008-12-01 20:38 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-04-29 02:03 . 2009-04-29 02:03 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-04-29 02:00 . 2009-04-29 02:00 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-04-29 01:56 . 2009-04-29 01:56 2997536 ----a-w- c:\windows\system32\ati3duag.dll
2009-04-29 01:45 . 2009-04-29 01:45 11603968 ----a-w- c:\windows\system32\atioglxx.dll
2009-04-29 01:42 . 2009-04-29 01:42 2687872 ----a-w- c:\windows\system32\ativvaxx.dll
2009-04-29 01:42 . 2009-04-29 01:42 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-04-29 01:42 . 2009-04-29 01:42 3107788 ----a-w- c:\windows\system32\ativva5x.dat
2009-04-29 01:26 . 2009-04-29 01:26 49664 ----a-w- c:\windows\system32\atimpc32.dll
2009-04-29 01:26 . 2008-12-01 19:57 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2009-04-29 01:22 . 2009-04-29 01:22 479232 ----a-w- c:\windows\system32\atikvmag.dll
2009-04-29 01:20 . 2009-04-29 01:20 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-04-29 01:20 . 2009-04-29 01:20 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-04-29 01:20 . 2008-12-01 19:52 135168 ----a-w- c:\windows\system32\atiadlxx.dll
2009-04-29 01:19 . 2009-04-29 01:19 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-04-29 01:19 . 2009-04-29 01:19 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-04-29 01:18 . 2009-04-29 01:18 3280896 ----a-w- c:\windows\system32\aticaldd.dll
2009-04-29 01:17 . 2009-04-29 01:17 303104 ----a-w- c:\windows\system32\atiok3x2.dll
2009-04-29 01:13 . 2009-04-29 01:13 630784 ----a-w- c:\windows\system32\ati2cqag.dll
2009-04-26 13:57 . 2009-02-21 10:16 34 ----a-w- c:\documents and settings\Geri\jagex_runescape_preferences.dat
2009-04-19 19:51 . 2004-08-17 14:30 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:55 . 2004-08-17 14:47 585216 ----a-w- c:\windows\system32\rpcrt4.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NeroHomeFirstStart"="c:\program files\Common Files\Nero\Lib\NMFirstStart.exe" [2007-08-03 19240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"nod32kui"="f:\program files\Eset\nod32kui.exe" [2008-09-19 949376]
"Norton Ghost 14.0"="f:\program files\Norton Ghost\Agent\VProTray.exe" [2008-01-19 2245984]
"WheelMouse"="f:\program files\A4Tech\Mouse\Amoumain.exe" [2007-05-15 204800]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"RemoteControl8"="f:\program files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe" [2008-03-20 83240]
"PDVD8LanguageShortcut"="f:\program files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe" [2007-12-14 50472]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2008-08-08 91432]
"SunJavaUpdateSched"="f:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-28 61440]
"Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SpywareTerminator"="f:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-06-29 2174464]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-11-07 17421824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\
ColorVisionStartup.lnk - e:\program files\ColorVision\Utility\ColorVisionStartup.exe [2007-2-13 385024]
Microsoft Office.lnk - f:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "f:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- f:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"y:\\uTorrent\\uTorrent.exe"=
"f:\program files\Microsoft ActiveSync\rapimgr.exe"= f:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"f:\program files\Microsoft ActiveSync\wcescomm.exe"= f:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"f:\program files\Microsoft ActiveSync\WCESMgr.exe"= f:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"f:\\Program Files\\Flagship Studios\\Hellgate London\\Launcher.exe"=
"f:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007.04.23. 13:03 82200]
S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2008.09.19. 23:04 15424]
S1 SASDIFSV;SASDIFSV;f:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009.01.15. 17:17 9968]
S1 SASKUTIL;SASKUTIL;f:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009.01.15. 17:17 55024]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009.06.29. 18:56 142592]
S2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};f:\program files\CyberLink\PowerDVD8\PowerDVD8\000.fcl [2008.08.08. 11:15 41456]
S2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2004.08.17. 16:47 5120]
S2 WFPVRENC;WinFast PVR2000 MPEG Encoder;c:\windows\system32\drivers\wfpvrenc.sys --> c:\windows\system32\drivers\wfpvrenc.sys [?]
S2 WFPVRTUNER;WinFast PVR2000 WDM Tuner;c:\windows\system32\drivers\wfpvrtun.sys --> c:\windows\system32\drivers\wfpvrtun.sys [?]
S2 WFPVRVIDEO;WinFast PVR2000 WDM Video Capture;c:\windows\system32\drivers\wfpvrcap.sys --> c:\windows\system32\drivers\wfpvrcap.sys [?]
S2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32mpcoinst,serviceStartProc --> RUNDLL32.EXE ykx32mpcoinst,serviceStartProc [?]
S3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2008.10.15. 20:39 89600]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2009.06.21. 19:08 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2009.06.21. 19:08 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2009.06.21. 19:08 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2009.06.21. 19:08 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2009.06.21. 19:08 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2009.06.21. 19:08 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2009.06.21. 19:08 115752]
S3 SASENUM;SASENUM;f:\program files\SUPERAntiSpyware\SASENUM.SYS [2009.01.15. 17:17 7408]
S3 Spyder2;ColorVision Spyder2;c:\windows\system32\drivers\Spyder2.sys [2007.02.13. 17:16 12288]
S3 SymSnapService;SymSnapService;f:\program files\Norton Ghost\Shared\Drivers\SymSnapService.exe [2008.10.10. 16:47 1553896]
S3 WFPVRBAR;WinFast PVR2000 WDM Crossbar;c:\windows\system32\drivers\WFPVRBAR.sys --> c:\windows\system32\drivers\WFPVRBAR.sys [?]
S3 WFSONORA;WinFast PxTV1200 (XC2028);c:\windows\system32\drivers\wfsonora.sys [2009.05.26. 20:36 341120]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.hu
uInternet Connection Wizard,ShellNext = ftp://ftp.drweb.com/pub/drweb/cureit/launch.exe
LSP: c:\windows\system32\imon.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-05 17:07
Windows 5.1.2600 Szervizcsomag 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\f:\program files\CyberLink\PowerDVD8\PowerDVD8\000.fcl"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(788)
f:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-07-05 17:08
ComboFix-quarantined-files.txt 2009-07-05 15:08

Pre-Run: 1 016 049 664 bájt szabad
Post-Run: 1 031 757 824 bájt szabad

212 --- E O F --- 2009-06-10 18:16


vas. júl. 05, 2009 16:33
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
igen,mehet csokentet modban is,,,az semmi hogy figyelmeztet a rezidensre,,,ignoralni es a logot ted ide,


vas. júl. 05, 2009 16:27
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
>a Qooboxot egyelore hagyd beken,,
Ezt azóta már leyalultam, mivel nem volt hely a C-n, hogy lementhessem a combofixet:(

>Toldsle ezt a combofixett ted az ASZTALRA,mindent bezarsz kapcsold ki
>a ha van akorr a Spyware Terminator pajzat es +SpybotTeaTimer
>pajzat is ha van., .Nemfuthatt semmi program,Futatod mint >rendszergazda rendesen Windowsba-2x-klik ikona >combofix>beleegyezes......
Tehát ha csökkentett módban, mnit rendszergazda lépek be és így indítom az jó, vagy normál módban rendszergazda jogú userként indítom?
Az első verziót választottam, és most futa combofix.
Fura, mert kiírta, hogy fut a NOD32 rezidens része, és lőjem le, de a feladatkezelő folyamatai között nem láttam semmi ilyesmit, proceszXplorer se írt ki olyan futó tételt, amit ESET-termék lenne.

Amint kész a ásik gépen a log töltöm is ide!


vas. júl. 05, 2009 16:09
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás 
udv
A Qoobox könyvtárat törölhetem kézzel?
Az ESET scanner hová teszi a karanténba rakott file-t, és az törölhető-e?

Mit javasolsz, mit és hogy csináljak, hogy végre tiszta legyen a gép?

Combofix Quarantined file listát ha kell idemásolom.

a Qooboxot egyelore hagyd beken,,
:arrow: Na ,,megegyszer futasd a combofixet,igy..es a COMBOFIX.txt-ted ide
Idézet:
Toldsle ezt a combofixett ted az ASZTALRA,mindent bezarsz kapcsold ki a ha van akorr a Spyware Terminator pajzat es +SpybotTeaTimer pajzat is ha van., .Nemfuthatt semmi program,Futatod mint rendszergazda rendesen Windowsba-2x-klik ikona combofix>beleegyezes......
Es mostan csak nezni fogod nembabralni semmitt a gepp sajatt maga restartoll befejezi a scent ,csinall combofix .txt,eztett ide teszed es
http://download.bleepingcomputer.com/sUBs/ComboFix.exe


vas. júl. 05, 2009 12:09
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás 
Hopp elírtm, nem win32dd.exe hanem run32dll.exe

Valamint Dr web is futott az ESET online előtt csökkentett módban és ez volt az eredménye:
http://img37.imageshack.us/img37/2458/drweb.jpg


vas. júl. 05, 2009 9:54
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. júl. 05, 2009 9:27
Hozzászólások: 29
Hozzászólás dögrovás
Tiszteltem stell mester!

Úgy nézki beszívott a gyerek valamit, tünetek:

- A mgszokottnál lassabban bootol a gép, és töltődnek be a programok.
- Kilépésnél a "windows leáll" üzenetnél fagy a rendszer és akár órákig ez a képernyő van.
Sajátgépen jobbklikk/Tulajdonságok után, ha a rendszervisszaállítás fülre kattintok win32dll.exe meghal üzenet jön -> így nem lehet kikapcsolni a szolgáltatást:(

Felraktam és csökkentett módban futtattam a Spyware termináltort, spybot & destroyt is amit találtak elvileg leszedték, de a lassulás változatlan.

Védett módban lefuttattam a comboFix-et telenyomta 1GB-nyi cuccal a Qoobox könyvtárat, a helyzet változatlan.

Ja egész éjjel ment az online ESET sanner, talált és elvileg letakarított ilyen dolgokat:

F:\Program Files\TrojanHunter 5.1\trojanhunter.5.0-patch.exe módosult Win32/HackTool.Patcher.A alkalmazás törléssel megtisztítva - karanténba helyezve
X:\Games\Gears of War ISO + Free Multiplayer\GFW ISO\Gears of War ISO + Free Multiplayer.iso Win32/Packed.Autoit.Gen alkalmazás törölve
X:\ProgramS\AntiVírus\Trojai spy ellen\Trojan_Hunter_5.0.962.rar módosult Win32/HackTool.Patcher.A alkalmazás törölve
X:\ProgramS\Tools\Driver Genius Pro 2008 v8.0.316+Keygen-HeartBug\Keygen\keygen.exe valószín?leg módosult Win32/Agent trójai törléssel megtisztítva

A Qoobox könyvtárat törölhetem kézzel?
Az ESET scanner hová teszi a karanténba rakott file-t, és az törölhető-e?

Mit javasolsz, mit és hogy csináljak, hogy végre tiszta legyen a gép?

Combofix Quarantined file listát ha kell idemásolom.


vas. júl. 05, 2009 9:42
Profil Privát üzenet küldése
Hozzászólások megjelenítése:  Rendezés  
Hozzászólás a témához   [ 1736 hozzászólás ]  Oldal Előző  1 ... 14, 15, 16, 17, 18, 19, 20 ... 35  Következő

Ki van itt

Jelenlévő fórumozók: nincs regisztrált felhasználó valamint 1 vendég


Nem nyithatsz témákat ebben a fórumban.
Nem válaszolhatsz egy témára ebben a fórumban.
Nem szerkesztheted a hozzászólásaidat ebben a fórumban.
Nem törölheted a hozzászólásaidat ebben a fórumban.

Keresés:
Ugrás:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by ST Software for PTF.
Magyar fordítás © Magyar phpBB Közösség