Megválaszolatlan hozzászólások | Aktív témák Pontos idő: hétf. nov. 18, 2024 8:03



Hozzászólás a témához  [ 1923 hozzászólás ]  Oldal Előző  1, 2, 3, 4, 5, 6, 7 ... 39  Következő
stell, help me 
Szerző Üzenet
arany tag

Csatlakozott: pén. feb. 26, 2010 8:35
Hozzászólások: 264
Hozzászólás Re: stell, help me
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2011-04-07 2672600]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-10-08 347192]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
2013-07-27 08:41 1028896 ----a-w- c:\program files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-10 15:10]
.
2013-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000Core.job
- c:\users\user_11\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-07 11:36]
.
2013-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000UA.job
- c:\users\user_11\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-07 11:36]
.
.
------- Supplementary Scan -------
.
IE: E&xportálás a Microsoft Excel programba - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\user_11\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3660284441-3406738706-2838319646-1000\Software\SecuROM\License information*]
"datasecu"=hex:7f,1a,3c,53,41,e1,26,db,92,51,f0,de,7a,1e,21,7e,89,9f,5b,d5,1e,
f2,b1,1a,12,9d,74,78,20,b8,bd,a7,3a,1d,5b,71,dd,59,98,8a,a1,08,9e,a3,c7,fe,\
"rkeysecu"=hex:27,70,89,90,f2,19,b1,f4,77,b9,82,a7,27,8c,9d,dd
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Nero\Update\NASvc.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files\PC Tools Firewall Plus\FWService.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conime.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2013-10-31 17:11:01 - machine was rebooted
ComboFix-quarantined-files.txt 2013-10-31 16:10
ComboFix2.txt 2013-10-08 15:15
.
Pre-Run: 203 491 880 960 bájt szabad
Post-Run: 204 117 217 280 bájt szabad
.
- - End Of File - - DEB97BF21E1133898AACACAE48A7F82D
5C616939100B85E558DA92B899A0FC36


csüt. okt. 31, 2013 17:26
Profil Privát üzenet küldése
arany tag

Csatlakozott: pén. feb. 26, 2010 8:35
Hozzászólások: 264
Hozzászólás Re: stell, help me
Szia Stell!
Ha lesz időd vetnél egy pillantást erre a Combofix logra
Most futtattam le mert igencsak vacakolt a gép,hát úgy nézem nem véletlenül!
ComboFix 13-10-30.01 - user_11 013.10.31. 16:54:58.11.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.36.1038.18.1023.417 [GMT 1:00]
Running from: c:\users\user_11\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: PC Tools Firewall Plus *Disabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\user_11\AppData\Roaming\.hu-minecraft.net
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\1.6.2.xml
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets.zip
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets.zip.src
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\icons\icon_16x16.png
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\icons\icon_32x32.png
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\icons\minecraft.icns
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\af_ZA.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\ar_SA.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\bg_BG.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\ca_ES.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\cy_GB.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\cs_CZ.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\da_DK.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\de_DE.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\el_GR.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\en_AU.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\en_CA.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\en_GB.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\en_PT.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\eo_UY.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\es_AR.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\es_ES.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\es_MX.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\es_UY.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\es_VE.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\et_EE.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\eu_ES.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\fi_FI.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\fr_CA.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\fr_FR.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\ga_IE.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\gl_ES.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\he_IL.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\hi_IN.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\hr_HR.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\hu_HU.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\id_ID.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\is_IS.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\it_IT.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\ja_JP.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\ka_GE.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\ko_KR.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\kw_GB.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\ky_KG.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\lt_LT.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\lv_LV.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\mi_NZ.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\ms_MY.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\mt_MT.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\nb_NO.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\nl_NL.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\nn_NO.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\no_NO.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\pl_PL.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\pt_BR.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\pt_PT.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\qya_AA.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\ro_RO.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\ru_RU.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\sk_SK.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\sl_SI.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\sr_SP.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\sv_SE.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\th_TH.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\tlh_AA.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\tr_TR.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\uk_UA.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\vi_VN.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\zh_CN.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\lang\zh_TW.lang
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\music\calm1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\music\calm2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\music\calm3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\music\hal1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\music\hal2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\music\hal3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\music\hal4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\music\nuance1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\music\nuance2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\music\piano1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\music\piano2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\music\piano3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\READ_ME_I_AM_VERY_IMPORTANT
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\records\11.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\records\13.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\records\blocks.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\records\cat.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\records\chirp.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\records\far.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\records\mall.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\records\mellohi.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\records\stal.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\records\strad.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\records\wait.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\records\ward.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\cave\cave1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\cave\cave10.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\cave\cave11.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\cave\cave12.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\cave\cave13.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\cave\cave2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\cave\cave3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\cave\cave4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\cave\cave5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\cave\cave6.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\cave\cave7.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\cave\cave8.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\cave\cave9.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\weather\rain1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\weather\rain2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\weather\rain3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\weather\rain4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\weather\thunder1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\weather\thunder2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\ambient\weather\thunder3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\damage\fallbig.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\damage\fallsmall.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\damage\hit1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\damage\hit2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\damage\hit3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\cloth1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\cloth2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\cloth3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\cloth4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\grass1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\grass2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\grass3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\grass4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\gravel1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\gravel2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\gravel3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\gravel4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\sand1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\sand2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\sand3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\sand4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\snow1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\snow2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\snow3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\snow4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\stone1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\stone2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\stone3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\stone4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\wood1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\wood2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\wood3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\dig\wood4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\fire\fire.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\fire\ignite.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\fireworks\blast_far1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\fireworks\blast1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\fireworks\largeBlast_far1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\fireworks\largeBlast1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\fireworks\launch1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\fireworks\twinkle_far1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\fireworks\twinkle1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\liquid\lava.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\liquid\lavapop.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\liquid\splash.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\liquid\splash2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\liquid\swim1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\liquid\swim2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\liquid\swim3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\liquid\swim4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\liquid\water.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\minecart\base.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\minecart\inside.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\bat\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\bat\hurt1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\bat\hurt2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\bat\hurt3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\bat\hurt4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\bat\idle1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\bat\idle2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\bat\idle3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\bat\idle4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\bat\loop.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\bat\takeoff.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\blaze\breathe1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\blaze\breathe2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\blaze\breathe3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\blaze\breathe4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\blaze\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\blaze\hit1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\blaze\hit2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\blaze\hit3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\blaze\hit4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cat\hiss1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cat\hiss2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cat\hiss3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cat\hitt1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cat\hitt2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cat\hitt3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cat\meow1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cat\meow2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cat\meow3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cat\meow4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cat\purr1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cat\purr2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cat\purr3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cat\purreow1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cat\purreow2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\chicken\hurt1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\chicken\hurt2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\chicken\plop.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\chicken\say1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\chicken\say2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\chicken\say3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\chicken\step1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\chicken\step2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cow\hurt1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cow\hurt2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cow\hurt3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cow\say1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cow\say2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cow\say3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cow\say4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cow\step1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cow\step2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cow\step3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\cow\step4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\creeper\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\creeper\say1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\creeper\say2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\creeper\say3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\creeper\say4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\enderdragon\end.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\enderdragon\growl1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\enderdragon\growl2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\enderdragon\growl3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\enderdragon\growl4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\enderdragon\hit1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\enderdragon\hit2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\enderdragon\hit3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\enderdragon\hit4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\enderdragon\wings1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\enderdragon\wings2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\enderdragon\wings3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\enderdragon\wings4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\enderdragon\wings5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\enderdragon\wings6.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\hit1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\hit2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\hit3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\hit4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\idle1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\idle2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\idle3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\idle4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\idle5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\portal.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\portal2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\scream1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\scream2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\scream3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\scream4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\endermen\stare.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\ghast\affectionate_scream.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\ghast\charge.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\ghast\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\ghast\fireball4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\ghast\moan1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\ghast\moan2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\ghast\moan3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\ghast\moan4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\ghast\moan5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\ghast\moan6.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\ghast\moan7.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\ghast\scream1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\ghast\scream2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\ghast\scream3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\ghast\scream4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\ghast\scream5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\angry1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\armor.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\breathe1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\breathe2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\breathe3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\donkey\angry1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\donkey\angry2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\donkey\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\donkey\hit1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\donkey\hit2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\donkey\hit3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\donkey\idle1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\donkey\idle2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\donkey\idle3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\gallop1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\gallop2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\gallop3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\gallop4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\hit1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\hit2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\hit3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\hit4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\idle1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\idle2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\idle3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\jump.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\land.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\leather.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\skeleton\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\skeleton\hit1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\skeleton\hit2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\skeleton\hit3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\skeleton\hit4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\skeleton\idle1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\skeleton\idle2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\skeleton\idle3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\soft1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\soft2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\soft3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\soft4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\soft5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\soft6.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\wood1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\wood2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\wood3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\wood4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\wood5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\wood6.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\zombie\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\zombie\hit1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\zombie\hit2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\zombie\hit3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\zombie\hit4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\zombie\idle1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\zombie\idle2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\horse\zombie\idle3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\irongolem\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\irongolem\hit1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\irongolem\hit2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\irongolem\hit3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\irongolem\hit4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\irongolem\throw.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\irongolem\walk1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\irongolem\walk2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\irongolem\walk3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\irongolem\walk4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\magmacube\big1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\magmacube\big2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\magmacube\big3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\magmacube\big4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\magmacube\jump1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\magmacube\jump2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\magmacube\jump3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\magmacube\jump4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\magmacube\small1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\magmacube\small2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\magmacube\small3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\magmacube\small4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\magmacube\small5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\pig\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\pig\say1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\pig\say2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\pig\say3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\pig\step1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\pig\step2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\pig\step3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\pig\step4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\pig\step5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\sheep\say1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\sheep\say2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\sheep\say3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\sheep\shear.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\sheep\step1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\sheep\step2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\sheep\step3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\sheep\step4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\sheep\step5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\silverfish\hit1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\silverfish\hit2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\silverfish\hit3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\silverfish\kill.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\silverfish\say1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\silverfish\say2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\silverfish\say3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\silverfish\say4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\silverfish\step1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\silverfish\step2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\silverfish\step3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\silverfish\step4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\skeleton\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\skeleton\hurt1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\skeleton\hurt2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\skeleton\hurt3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\skeleton\hurt4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\skeleton\say1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\skeleton\say2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\skeleton\say3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\skeleton\step1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\skeleton\step2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\skeleton\step3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\skeleton\step4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\slime\attack1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\slime\attack2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\slime\big1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\slime\big2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\slime\big3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\slime\big4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\slime\small1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\slime\small2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\slime\small3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\slime\small4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\slime\small5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\spider\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\spider\say1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\spider\say2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\spider\say3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\spider\say4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\spider\step1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\spider\step2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\spider\step3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\spider\step4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\haggle1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\haggle2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\haggle3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\hit1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\hit2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\hit3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\hit4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\idle1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\idle2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\idle3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\no1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\no2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\no3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\yes1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\yes2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\villager\yes3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wither\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wither\hurt1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wither\hurt2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wither\hurt3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wither\hurt4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wither\idle1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wither\idle2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wither\idle3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wither\idle4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wither\shoot.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wither\spawn.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\bark1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\bark2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\bark3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\growl1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\growl2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\growl3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\howl1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\howl2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\hurt1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\hurt2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\hurt3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\panting.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\shake.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\step1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\step2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\step3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\step4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\step5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\wolf\whine.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\death.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\hurt1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\hurt2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\infect.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\metal1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\metal2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\metal3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\remedy.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\say1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\say2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\say3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\step1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\step2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\step3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\step4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\step5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\unfect.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\wood1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\wood2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\wood3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\wood4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombie\woodbreak.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombiepig\zpig1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombiepig\zpig2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombiepig\zpig3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombiepig\zpig4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombiepig\zpigangry1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombiepig\zpigangry2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombiepig\zpigangry3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombiepig\zpigangry4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombiepig\zpigdeath.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombiepig\zpighurt1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\mob\zombiepig\zpighurt2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\note\bass.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\note\bassattack.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\note\bd.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\note\harp.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\note\hat.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\note\pling.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\note\snare.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\portal\portal.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\portal\travel.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\portal\trigger.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\anvil_break.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\anvil_land.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\anvil_use.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\bow.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\bowhit1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\bowhit2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\bowhit3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\bowhit4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\break.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\breath.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\burp.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\chestclosed.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\chestopen.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\classic_hurt.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\click.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\door_close.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\door_open.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\drink.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\eat1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\eat2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\eat3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\explode1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\explode2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\explode3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\explode4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\fizz.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\fuse.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\glass1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\glass2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\glass3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\levelup.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\orb.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\pop.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\successful_hit.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\random\wood_click.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\cloth1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\cloth2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\cloth3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\cloth4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\grass1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\grass2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\grass3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\grass4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\grass5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\grass6.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\gravel1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\gravel2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\gravel3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\gravel4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\ladder1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\ladder2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\ladder3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\ladder4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\ladder5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\sand1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\sand2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\sand3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\sand4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\sand5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\snow1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\snow2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\snow3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\snow4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\stone1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\stone2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\stone3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\stone4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\stone5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\stone6.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\wood1.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\wood2.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\wood3.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\wood4.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\wood5.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\step\wood6.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\tile\piston\in.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\assets\sound\tile\piston\out.ogg
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\Ionic.Zip.dll
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\launcher.exe
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\launcher.ini
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\natives.zip.src
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\options.txt
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\output-client.log
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\output-server.log
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\output-server.log.lck
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\Új világ\data\villages.dat
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\Új világ\level.dat
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\Új világ\level.dat_mcr
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\Új világ\level.dat_old
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\Új világ\players\zoli010.dat
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\Új világ\region\r.-1.-1.mca
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\Új világ\region\r.-1.0.mca
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\Új világ\region\r.-1.1.mca
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\Új világ\region\r.0.-1.mca
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\Új világ\region\r.0.0.mca
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\Új világ\region\r.0.1.mca
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\Új világ\session.lock
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\zoli91\data\villages.dat
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\zoli91\level.dat
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\zoli91\level.dat_mcr
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\zoli91\level.dat_old
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\zoli91\players\zoli010.dat
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\zoli91\region\r.-1.-1.mca
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\zoli91\region\r.-1.0.mca
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\zoli91\region\r.0.-1.mca
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\zoli91\region\r.0.0.mca
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\saves\zoli91\session.lock
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\screenshots\2013-10-18_19.52.58.png
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\screenshots\2013-10-18_19.53.00.png
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\servers.dat
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\stats\stats_zoli010_unsent.dat
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\argo.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\assets.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\bcprov.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\codecjorbis.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\codecwav.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\commons-io.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\commons-lang.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\gson.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\guava.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\jinput.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\jopt-simple.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\jutils.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\libraryjavasound.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\librarylwjglopenal.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\lwjgl.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\lwjgl_util.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\minecraft.jar
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\natives.zip
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\natives\jinput-dx8.dll
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\natives\jinput-dx8_64.dll
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\natives\jinput-raw.dll
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\natives\jinput-raw_64.dll
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\natives\lwjgl.dll
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\natives\lwjgl64.dll
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\natives\OpenAL32.dll
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\natives\OpenAL64.dll
c:\users\user_11\AppData\Roaming\.hu-minecraft.net\versions\1.6.2\soundsystem.jar
.
Infected copy of c:\windows\system32\userinit.exe was found and disinfected
Restored copy from - c:\windows\ERDNT\cache\userinit.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-09-28 to 2013-10-31 )))))))))))))))))))))))))))))))
.
.
2013-10-31 16:03 . 2013-10-31 16:06 -------- d-----w- c:\users\user_11\AppData\Local\temp
2013-10-31 16:03 . 2013-10-31 16:05 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-10-31 16:03 . 2013-10-31 16:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-29 07:26 . 2013-10-14 06:39 7796464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{93F38ADF-C85F-42AF-AF53-5C6974A810DA}\mpengine.dll
2013-10-28 09:36 . 2013-10-28 09:36 -------- d-----w- c:\users\user_11\AppData\Local\Apple
2013-10-21 20:38 . 2013-10-21 20:38 -------- d-----w- c:\program files\Common Files\Java
2013-10-19 17:45 . 2013-10-19 17:45 -------- d-----w- c:\program files\alaplaya
2013-10-19 17:45 . 2003-08-15 14:02 69632 ------w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
2013-10-19 17:45 . 2003-08-15 14:01 380928 ------w- c:\program files\Common Files\InstallShield\UpdateService\agent.exe
2013-10-19 17:45 . 2003-08-15 13:57 212992 ------w- c:\program files\Common Files\InstallShield\UpdateService\ISDM.exe
2013-10-19 17:45 . 2003-09-03 00:27 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2013-10-19 17:45 . 2003-09-03 00:26 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2013-10-19 17:45 . 2003-09-03 00:26 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2013-10-19 17:45 . 2003-09-03 00:28 724992 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2013-10-19 17:45 . 2003-09-03 00:25 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2013-10-19 17:45 . 2013-10-19 17:45 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2013-10-19 17:45 . 2013-10-19 17:45 184452 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2013-10-19 17:37 . 2013-10-19 17:37 -------- d-----w- c:\programdata\Solid State Networks
2013-10-17 11:14 . 2013-10-17 11:15 -------- d-----w- c:\users\user_11\AppData\Roaming\Teeworlds
2013-10-15 09:13 . 2013-10-15 09:13 -------- d-----w- c:\users\user_11\AppData\Roaming\.MesterMC.hu
2013-10-15 08:18 . 2013-10-15 08:18 -------- d-----w- c:\users\user_11\AppData\Roaming\.dicecraft.eu
2013-10-15 08:15 . 2013-10-15 17:54 -------- d-----w- c:\users\user_11\AppData\Roaming\.minecraft
2013-10-10 06:07 . 2013-10-10 06:10 -------- d-----w- c:\windows\system32\MRT
2013-10-09 14:43 . 2013-08-27 01:52 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-10-09 14:42 . 2013-06-26 23:01 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-09 14:42 . 2013-06-04 04:16 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-10-09 14:42 . 2013-06-04 01:49 293376 ----a-w- c:\windows\system32\atmfd.dll
2013-10-09 14:42 . 2013-07-04 04:21 532480 ----a-w- c:\windows\system32\comctl32.dll
2013-10-09 14:42 . 2013-07-03 02:33 35328 ----a-w- c:\windows\system32\drivers\usbscan.sys
2013-10-09 14:42 . 2013-07-03 02:10 25472 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-10-08 15:51 . 2013-10-08 15:51 -------- d-----w- c:\users\user_11\AppData\Roaming\Avira
2013-10-08 15:39 . 2013-10-08 15:39 -------- d-----w- c:\programdata\APN
2013-10-08 15:37 . 2013-10-08 15:36 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-10-08 15:37 . 2013-10-08 15:36 136672 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-10-08 15:37 . 2013-10-08 15:36 88840 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-10-08 15:37 . 2013-10-08 15:37 -------- d-----w- c:\program files\Avira
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-09 15:10 . 2012-09-10 08:28 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-09 15:10 . 2011-11-10 07:03 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-08 05:50 . 2013-02-14 17:59 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-09-03 12:35 . 2010-12-06 12:38 238872 ------w- c:\windows\system32\MpSigStub.exe
.
.


csüt. okt. 31, 2013 17:25
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
"szürke katicabogárt>>futtasd>>es klik>>Uninstall
a Tobbit Torold ki.
Nincsen mitt koszonod, ha fegyna akkor irjal, bar mar nem kenne nekki, mert a ferozot rendszerfajlokat, kigyogyitottuk.


kedd szept. 24, 2013 14:08
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: pén. feb. 26, 2010 8:35
Hozzászólások: 264
Hozzászólás Re: stell, help me
Köszönöm a segítséget, úgy néz ki valóban minden rendben!
Gyorsabb is lett,és remélem mellőzi az állandó lefagyást is.
Közben megtanultam azt is,hogy néha a " kínai" dolgok is jók valamire. :D
Azokat a programokat is törölhetem amiket letöltettél /JRT,FRST,/ "szürke katicabogár"? :)


kedd szept. 24, 2013 13:44
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
furcsa, neked, de az rendszernek nem, en szerintem mar most ok,
Telepisrd le ujra az combofixet, mar tudod, hogyan,
es kitisztitcsuk a temp mappakat,
kikapcsolod a tuzfallat,
es futtasd le ezt a programot.
http://oldtimer.geekstogo.com/TFC.exe
Futtasd>.klik start>>klik OK, aztan vard meg a veget, visusokat mar kioltuk, probald ki a gepewt, es ird meg mi van.


kedd szept. 24, 2013 13:23
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: pén. feb. 26, 2010 8:35
Hozzászólások: 264
Hozzászólás Re: stell, help me
Az a furcsa jelű fájl most már biztos,hogy az Avirához tartozik,mert időközben
frissített a vírusirtó és most megint megjelent a System 32-ben.

13:55:33.0535 5424 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:55:35.0539 5424 ============================================================
13:55:35.0539 5424 Current date / time: 2013/09/24 13:55:35.0539
13:55:35.0539 5424 SystemInfo:
13:55:35.0539 5424
13:55:35.0539 5424 OS Version: 6.0.6002 ServicePack: 2.0
13:55:35.0539 5424 Product type: Workstation
13:55:35.0539 5424 ComputerName: INTENSA-11
13:55:35.0540 5424 UserName: user_11
13:55:35.0540 5424 Windows directory: C:\Windows
13:55:35.0540 5424 System windows directory: C:\Windows
13:55:35.0540 5424 Processor architecture: Intel x86
13:55:35.0540 5424 Number of processors: 2
13:55:35.0540 5424 Page size: 0x1000
13:55:35.0540 5424 Boot type: Normal boot
13:55:35.0540 5424 ============================================================
13:55:38.0808 5424 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:55:38.0811 5424 ============================================================
13:55:38.0811 5424 \Device\Harddisk0\DR0:
13:55:38.0826 5424 MBR partitions:
13:55:38.0826 5424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
13:55:38.0826 5424 ============================================================
13:55:38.0847 5424 C: <-> \Device\Harddisk0\DR0\Partition1
13:55:38.0847 5424 ============================================================
13:55:38.0847 5424 Initialize success
13:55:38.0847 5424 ============================================================
13:55:45.0206 1068 ============================================================
13:55:45.0206 1068 Scan started
13:55:45.0206 1068 Mode: Manual;
13:55:45.0207 1068 ============================================================
13:55:46.0411 1068 ================ Scan system memory ========================
13:55:46.0411 1068 System memory - ok
13:55:46.0412 1068 ================ Scan services =============================
13:55:46.0586 1068 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
13:55:46.0614 1068 ACPI - ok
13:55:46.0692 1068 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:55:46.0716 1068 AdobeARMservice - ok
13:55:46.0768 1068 [ 24A0876D07EF356DCBC1D7A7929354AB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:55:46.0788 1068 AdobeFlashPlayerUpdateSvc - ok
13:55:46.0833 1068 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:55:46.0852 1068 adp94xx - ok
13:55:46.0877 1068 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:55:46.0912 1068 adpahci - ok
13:55:46.0931 1068 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
13:55:46.0957 1068 adpu160m - ok
13:55:46.0979 1068 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:55:47.0005 1068 adpu320 - ok
13:55:47.0044 1068 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:55:47.0053 1068 AeLookupSvc - ok
13:55:47.0087 1068 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
13:55:47.0117 1068 AFD - ok
13:55:47.0149 1068 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:55:47.0159 1068 agp440 - ok
13:55:47.0198 1068 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
13:55:47.0220 1068 aic78xx - ok
13:55:47.0243 1068 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
13:55:47.0244 1068 ALG - ok
13:55:47.0261 1068 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
13:55:47.0270 1068 aliide - ok
13:55:47.0293 1068 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:55:47.0304 1068 amdagp - ok
13:55:47.0320 1068 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
13:55:47.0330 1068 amdide - ok
13:55:47.0351 1068 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
13:55:47.0359 1068 AmdK7 - ok
13:55:47.0375 1068 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:55:47.0386 1068 AmdK8 - ok
13:55:47.0530 1068 [ 746497D339C854053193119D119799BA ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
13:55:47.0549 1068 AntiVirSchedulerService - ok
13:55:47.0589 1068 [ A2D4915D1CCD0338AB85F14D1C22FD0C ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
13:55:47.0603 1068 AntiVirService - ok
13:55:47.0632 1068 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
13:55:47.0634 1068 Appinfo - ok
13:55:47.0678 1068 [ 0FE769CAE5855B53C90E23F85E7E89FF ] AppMgmt C:\Windows\System32\appmgmts.dll
13:55:47.0691 1068 AppMgmt - ok
13:55:47.0714 1068 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
13:55:47.0726 1068 arc - ok
13:55:47.0758 1068 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:55:47.0779 1068 arcsas - ok
13:55:47.0897 1068 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:55:47.0932 1068 aspnet_state - ok
13:55:47.0961 1068 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:55:47.0979 1068 AsyncMac - ok
13:55:48.0005 1068 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
13:55:48.0006 1068 atapi - ok
13:55:48.0039 1068 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:55:48.0071 1068 AudioEndpointBuilder - ok
13:55:48.0082 1068 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:55:48.0087 1068 Audiosrv - ok
13:55:48.0115 1068 [ 40A34E457431625086F7E161E59A0528 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:55:48.0142 1068 avgntflt - ok
13:55:48.0184 1068 [ F260F2EE3D21D00BEC0B08068E27BADB ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:55:48.0185 1068 avipbb - ok
13:55:48.0199 1068 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:55:48.0225 1068 avkmgr - ok
13:55:48.0299 1068 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
13:55:48.0324 1068 BBSvc - ok
13:55:48.0360 1068 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
13:55:48.0430 1068 Beep - ok
13:55:48.0472 1068 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
13:55:48.0477 1068 BFE - ok
13:55:48.0532 1068 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
13:55:48.0547 1068 BITS - ok
13:55:48.0567 1068 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
13:55:48.0591 1068 blbdrive - ok
13:55:48.0624 1068 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:55:48.0635 1068 bowser - ok
13:55:48.0670 1068 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
13:55:48.0677 1068 BrFiltLo - ok
13:55:48.0685 1068 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
13:55:48.0691 1068 BrFiltUp - ok
13:55:48.0720 1068 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
13:55:48.0739 1068 Browser - ok
13:55:48.0763 1068 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
13:55:48.0773 1068 Brserid - ok
13:55:48.0793 1068 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
13:55:48.0813 1068 BrSerWdm - ok
13:55:48.0830 1068 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
13:55:48.0837 1068 BrUsbMdm - ok
13:55:48.0853 1068 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
13:55:48.0867 1068 BrUsbSer - ok
13:55:48.0883 1068 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:55:48.0906 1068 BTHMODEM - ok
13:55:48.0983 1068 catchme - ok
13:55:48.0991 1068 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:55:49.0002 1068 cdfs - ok
13:55:49.0033 1068 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:55:49.0057 1068 cdrom - ok
13:55:49.0094 1068 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
13:55:49.0104 1068 CertPropSvc - ok
13:55:49.0127 1068 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
13:55:49.0138 1068 circlass - ok
13:55:49.0163 1068 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
13:55:49.0203 1068 CLFS - ok
13:55:49.0235 1068 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:55:49.0249 1068 clr_optimization_v2.0.50727_32 - ok
13:55:49.0292 1068 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:55:49.0323 1068 clr_optimization_v4.0.30319_32 - ok
13:55:49.0342 1068 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:55:49.0361 1068 cmdide - ok
13:55:49.0385 1068 cnnctfy2MP - ok
13:55:49.0421 1068 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:55:49.0430 1068 Compbatt - ok
13:55:49.0437 1068 COMSysApp - ok
13:55:49.0462 1068 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:55:49.0472 1068 crcdisk - ok
13:55:49.0493 1068 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
13:55:49.0503 1068 Crusoe - ok
13:55:49.0554 1068 [ 684C130BBC6DB681BAD4920A4C944AA5 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:55:49.0590 1068 CryptSvc - ok
13:55:49.0633 1068 [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C ] CSC C:\Windows\system32\drivers\csc.sys
13:55:49.0773 1068 CSC - ok
13:55:49.0852 1068 [ 0A2095F92F6AE4FE6484D911B0C21E95 ] CscService C:\Windows\System32\cscsvc.dll
13:55:49.0909 1068 CscService - ok
13:55:49.0931 1068 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA.sys
13:55:49.0936 1068 CVirtA - ok
13:55:49.0985 1068 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:55:49.0997 1068 DcomLaunch - ok
13:55:50.0023 1068 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:55:50.0034 1068 DfsC - ok
13:55:50.0116 1068 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
13:55:50.0187 1068 DFSR - ok
13:55:50.0227 1068 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
13:55:50.0245 1068 Dhcp - ok
13:55:50.0272 1068 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
13:55:50.0283 1068 disk - ok
13:55:50.0314 1068 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:55:50.0338 1068 Dnscache - ok
13:55:50.0371 1068 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:55:50.0390 1068 dot3svc - ok
13:55:50.0419 1068 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
13:55:50.0422 1068 DPS - ok
13:55:50.0459 1068 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:55:50.0474 1068 drmkaud - ok
13:55:50.0534 1068 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:55:50.0565 1068 DXGKrnl - ok
13:55:50.0605 1068 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
13:55:50.0629 1068 E1G60 - ok
13:55:50.0660 1068 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
13:55:50.0684 1068 EapHost - ok
13:55:50.0729 1068 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
13:55:50.0746 1068 Ecache - ok
13:55:50.0780 1068 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:55:50.0797 1068 elxstor - ok
13:55:50.0838 1068 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
13:55:50.0847 1068 EMDMgmt - ok
13:55:50.0860 1068 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:55:50.0867 1068 ErrDev - ok
13:55:50.0904 1068 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
13:55:50.0908 1068 EventSystem - ok
13:55:50.0944 1068 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
13:55:51.0032 1068 exfat - ok
13:55:51.0050 1068 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:55:51.0071 1068 fastfat - ok
13:55:51.0107 1068 [ DFBA0F60FA301E5B1BFB1403A93EE23E ] Fax C:\Windows\system32\fxssvc.exe
13:55:51.0145 1068 Fax - ok
13:55:51.0173 1068 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:55:51.0180 1068 fdc - ok
13:55:51.0209 1068 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
13:55:51.0219 1068 fdPHost - ok
13:55:51.0231 1068 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
13:55:51.0242 1068 FDResPub - ok
13:55:51.0276 1068 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:55:51.0288 1068 FileInfo - ok
13:55:51.0305 1068 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:55:51.0313 1068 Filetrace - ok
13:55:51.0331 1068 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:55:51.0338 1068 flpydisk - ok
13:55:51.0370 1068 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:55:51.0405 1068 FltMgr - ok
13:55:51.0500 1068 [ 119ACA7CADCA75BEA6B38E999443BAA6 ] FontCache C:\Windows\system32\FntCache.dll
13:55:51.0543 1068 FontCache - ok
13:55:51.0584 1068 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:55:51.0623 1068 FontCache3.0.0.0 - ok
13:55:51.0668 1068 [ B0082808A6856A252F7CDD939892CE50 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
13:55:51.0688 1068 fssfltr - ok
13:55:51.0780 1068 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
13:55:51.0840 1068 fsssvc - ok
13:55:51.0862 1068 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:55:51.0869 1068 Fs_Rec - ok
13:55:51.0887 1068 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:55:51.0912 1068 gagp30kx - ok
13:55:51.0950 1068 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
13:55:51.0990 1068 gpsvc - ok
13:55:52.0026 1068 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:55:52.0043 1068 HdAudAddService - ok
13:55:52.0076 1068 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:55:52.0110 1068 HDAudBus - ok
13:55:52.0130 1068 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:55:52.0137 1068 HidBth - ok
13:55:52.0157 1068 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
13:55:52.0165 1068 HidIr - ok
13:55:52.0184 1068 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
13:55:52.0194 1068 hidserv - ok
13:55:52.0218 1068 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:55:52.0238 1068 HidUsb - ok
13:55:52.0268 1068 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:55:52.0271 1068 hkmsvc - ok
13:55:52.0292 1068 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
13:55:52.0314 1068 HpCISSs - ok
13:55:52.0352 1068 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:55:52.0377 1068 HTTP - ok
13:55:52.0400 1068 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
13:55:52.0408 1068 i2omp - ok
13:55:52.0447 1068 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:55:52.0467 1068 i8042prt - ok
13:55:52.0493 1068 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
13:55:52.0524 1068 iaStorV - ok
13:55:52.0580 1068 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:55:52.0599 1068 IDriverT - ok
13:55:52.0644 1068 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:55:52.0690 1068 idsvc - ok
13:55:52.0707 1068 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:55:52.0730 1068 iirsp - ok
13:55:52.0767 1068 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
13:55:52.0814 1068 IKEEXT - ok
13:55:52.0860 1068 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
13:55:52.0884 1068 intelide - ok
13:55:52.0905 1068 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:55:52.0923 1068 intelppm - ok
13:55:52.0948 1068 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:55:52.0962 1068 IPBusEnum - ok
13:55:52.0977 1068 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:55:52.0986 1068 IpFilterDriver - ok
13:55:53.0018 1068 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:55:53.0038 1068 iphlpsvc - ok
13:55:53.0047 1068 IpInIp - ok
13:55:53.0071 1068 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
13:55:53.0083 1068 IPMIDRV - ok
13:55:53.0099 1068 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
13:55:53.0123 1068 IPNAT - ok
13:55:53.0138 1068 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:55:53.0146 1068 IRENUM - ok
13:55:53.0164 1068 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:55:53.0183 1068 isapnp - ok
13:55:53.0212 1068 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:55:53.0229 1068 iScsiPrt - ok
13:55:53.0244 1068 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
13:55:53.0254 1068 iteatapi - ok
13:55:53.0278 1068 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
13:55:53.0287 1068 iteraid - ok
13:55:53.0309 1068 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:55:53.0319 1068 kbdclass - ok
13:55:53.0348 1068 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:55:53.0355 1068 kbdhid - ok
13:55:53.0381 1068 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
13:55:53.0383 1068 KeyIso - ok
13:55:53.0423 1068 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:55:53.0448 1068 KSecDD - ok
13:55:53.0499 1068 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
13:55:53.0519 1068 KtmRm - ok
13:55:53.0555 1068 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
13:55:53.0561 1068 LanmanServer - ok
13:55:53.0603 1068 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:55:53.0634 1068 LanmanWorkstation - ok
13:55:53.0657 1068 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:55:53.0675 1068 lltdio - ok
13:55:53.0697 1068 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:55:53.0714 1068 lltdsvc - ok
13:55:53.0729 1068 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:55:53.0740 1068 lmhosts - ok
13:55:53.0762 1068 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:55:53.0787 1068 LSI_FC - ok
13:55:53.0808 1068 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:55:53.0831 1068 LSI_SAS - ok
13:55:53.0860 1068 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:55:53.0881 1068 LSI_SCSI - ok
13:55:53.0899 1068 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
13:55:53.0912 1068 luafv - ok
13:55:53.0950 1068 [ 8FD868E32459ECE2A1BB0169F513D31E ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
13:55:53.0964 1068 mcdbus - ok
13:55:54.0005 1068 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
13:55:54.0025 1068 megasas - ok
13:55:54.0058 1068 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
13:55:54.0088 1068 MegaSR - ok
13:55:54.0109 1068 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
13:55:54.0134 1068 MMCSS - ok
13:55:54.0150 1068 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
13:55:54.0172 1068 Modem - ok
13:55:54.0203 1068 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:55:54.0213 1068 monitor - ok
13:55:54.0229 1068 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:55:54.0239 1068 mouclass - ok
13:55:54.0251 1068 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:55:54.0270 1068 mouhid - ok
13:55:54.0293 1068 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
13:55:54.0317 1068 MountMgr - ok
13:55:54.0340 1068 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
13:55:54.0355 1068 mpio - ok
13:55:54.0375 1068 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:55:54.0396 1068 mpsdrv - ok
13:55:54.0436 1068 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
13:55:54.0457 1068 MpsSvc - ok
13:55:54.0475 1068 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
13:55:54.0491 1068 Mraid35x - ok
13:55:54.0525 1068 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:55:54.0545 1068 MRxDAV - ok
13:55:54.0576 1068 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:55:54.0584 1068 mrxsmb - ok
13:55:54.0601 1068 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:55:54.0612 1068 mrxsmb10 - ok
13:55:54.0629 1068 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:55:54.0637 1068 mrxsmb20 - ok
13:55:54.0647 1068 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
13:55:54.0666 1068 msahci - ok
13:55:54.0684 1068 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:55:54.0705 1068 msdsm - ok
13:55:54.0727 1068 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
13:55:54.0748 1068 MSDTC - ok
13:55:54.0777 1068 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:55:54.0799 1068 Msfs - ok
13:55:54.0824 1068 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:55:54.0842 1068 msisadrv - ok
13:55:54.0870 1068 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:55:54.0891 1068 MSiSCSI - ok
13:55:54.0903 1068 msiserver - ok
13:55:54.0931 1068 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:55:54.0936 1068 MSKSSRV - ok
13:55:54.0964 1068 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:55:54.0968 1068 MSPCLOCK - ok
13:55:54.0976 1068 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:55:54.0985 1068 MSPQM - ok
13:55:55.0020 1068 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:55:55.0038 1068 MsRPC - ok
13:55:55.0063 1068 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:55:55.0084 1068 mssmbios - ok
13:55:55.0100 1068 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:55:55.0118 1068 MSTEE - ok
13:55:55.0146 1068 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
13:55:55.0163 1068 Mup - ok
13:55:55.0198 1068 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
13:55:55.0204 1068 napagent - ok
13:55:55.0248 1068 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:55:55.0258 1068 NativeWifiP - ok
13:55:55.0327 1068 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
13:55:55.0343 1068 NAUpdate - ok
13:55:55.0382 1068 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:55:55.0428 1068 NDIS - ok
13:55:55.0436 1068 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:55:55.0453 1068 NdisTapi - ok
13:55:55.0474 1068 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:55:55.0490 1068 Ndisuio - ok
13:55:55.0525 1068 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:55:55.0539 1068 NdisWan - ok
13:55:55.0555 1068 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:55:55.0577 1068 NDProxy - ok
13:55:55.0597 1068 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:55:55.0618 1068 NetBIOS - ok
13:55:55.0649 1068 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
13:55:55.0665 1068 netbt - ok
13:55:55.0677 1068 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
13:55:55.0680 1068 Netlogon - ok
13:55:55.0713 1068 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
13:55:55.0720 1068 Netman - ok
13:55:55.0746 1068 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:55:55.0765 1068 NetMsmqActivator - ok
13:55:55.0772 1068 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:55:55.0775 1068 NetPipeActivator - ok
13:55:55.0799 1068 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
13:55:55.0828 1068 netprofm - ok
13:55:55.0835 1068 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:55:55.0838 1068 NetTcpActivator - ok
13:55:55.0845 1068 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:55:55.0848 1068 NetTcpPortSharing - ok
13:55:55.0876 1068 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:55:55.0882 1068 nfrd960 - ok
13:55:55.0899 1068 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:55:55.0902 1068 NlaSvc - ok
13:55:55.0927 1068 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:55:55.0933 1068 Npfs - ok
13:55:55.0956 1068 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
13:55:55.0962 1068 nsi - ok
13:55:55.0973 1068 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:55:55.0991 1068 nsiproxy - ok
13:55:56.0042 1068 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:55:56.0087 1068 Ntfs - ok
13:55:56.0110 1068 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
13:55:56.0128 1068 ntrigdigi - ok
13:55:56.0144 1068 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
13:55:56.0148 1068 Null - ok
13:55:56.0358 1068 [ 75FA3DC6C2838F35B15CF45E9E0D10A8 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:55:56.0469 1068 nvlddmkm - ok
13:55:56.0490 1068 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:55:56.0508 1068 nvraid - ok
13:55:56.0522 1068 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:55:56.0531 1068 nvstor - ok
13:55:56.0576 1068 [ 2784C071EC57DCDBA6D4A2A017F56CD4 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:55:56.0584 1068 nvsvc - ok
13:55:56.0690 1068 [ 056EF5C4AF4BD002AEAE417412C8EB71 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:55:56.0742 1068 nvUpdatusService - ok
13:55:56.0762 1068 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:55:56.0794 1068 nv_agp - ok
13:55:56.0801 1068 NwlnkFlt - ok
13:55:56.0812 1068 NwlnkFwd - ok
13:55:56.0869 1068 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:55:56.0923 1068 odserv - ok
13:55:56.0955 1068 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:55:56.0994 1068 ohci1394 - ok
13:55:57.0029 1068 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:55:57.0053 1068 ose - ok
13:55:57.0092 1068 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
13:55:57.0144 1068 p2pimsvc - ok
13:55:57.0159 1068 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
13:55:57.0168 1068 p2psvc - ok
13:55:57.0202 1068 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:55:57.0236 1068 Parport - ok
13:55:57.0269 1068 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:55:57.0297 1068 partmgr - ok
13:55:57.0318 1068 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
13:55:57.0325 1068 Parvdm - ok
13:55:57.0346 1068 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
13:55:57.0374 1068 PcaSvc - ok
13:55:57.0401 1068 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
13:55:57.0437 1068 pci - ok
13:55:57.0457 1068 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
13:55:57.0466 1068 pciide - ok
13:55:57.0500 1068 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:55:57.0526 1068 pcmcia - ok
13:55:57.0560 1068 [ 7EA0EBD6E5AA687E116EB185A7CFB667 ] PCTAppEvent C:\Windows\system32\drivers\PCTAppEvent.sys
13:55:57.0592 1068 PCTAppEvent - ok
13:55:57.0622 1068 [ 60AF5FA418EFE284FB81DBBF5A0391FB ] PCTFW-PacketFilter C:\Windows\system32\drivers\pctNdis-PacketFilter.sys
13:55:57.0654 1068 PCTFW-PacketFilter - ok
13:55:57.0683 1068 [ 5BE722C8C9BBA995693C8CD524D83B27 ] pctgntdi C:\Windows\System32\drivers\pctgntdi.sys
13:55:57.0709 1068 pctgntdi - ok
13:55:57.0731 1068 [ 3EC79CFB2E0E74AADA8B561ED8904577 ] pctNdis C:\Windows\system32\DRIVERS\pctNdis.sys
13:55:57.0758 1068 pctNdis - ok
13:55:57.0764 1068 [ 3EC79CFB2E0E74AADA8B561ED8904577 ] pctNdisMP C:\Windows\system32\DRIVERS\pctNdis.sys
13:55:57.0765 1068 pctNdisMP - ok
13:55:57.0826 1068 [ 86D511370A217B554916E3A45D091042 ] PCToolsFirewallPlus C:\Program Files\PC Tools Firewall Plus\FWService.exe
13:55:57.0866 1068 PCToolsFirewallPlus - ok
13:55:57.0906 1068 [ FE6803AF91DDB32FF8EDF5D6C0D370AF ] pctplfw C:\Windows\System32\drivers\pctplfw.sys
13:55:57.0931 1068 pctplfw - ok
13:55:57.0991 1068 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:55:58.0043 1068 PEAUTH - ok
13:55:58.0113 1068 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
13:55:58.0170 1068 pla - ok
13:55:58.0202 1068 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:55:58.0237 1068 PlugPlay - ok
13:55:58.0270 1068 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
13:55:58.0281 1068 PNRPAutoReg - ok
13:55:58.0296 1068 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
13:55:58.0306 1068 PNRPsvc - ok
13:55:58.0325 1068 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:55:58.0363 1068 PolicyAgent - ok
13:55:58.0411 1068 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:55:58.0431 1068 PptpMiniport - ok
13:55:58.0457 1068 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
13:55:58.0481 1068 Processor - ok
13:55:58.0509 1068 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
13:55:58.0546 1068 ProfSvc - ok
13:55:58.0563 1068 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:55:58.0566 1068 ProtectedStorage - ok
13:55:58.0588 1068 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
13:55:58.0611 1068 PSched - ok
13:55:58.0659 1068 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:55:58.0698 1068 ql2300 - ok
13:55:58.0714 1068 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:55:58.0750 1068 ql40xx - ok
13:55:58.0792 1068 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
13:55:58.0836 1068 QWAVE - ok
13:55:58.0856 1068 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:55:58.0880 1068 QWAVEdrv - ok
13:55:58.0902 1068 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:55:58.0919 1068 RasAcd - ok
13:55:58.0938 1068 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
13:55:58.0969 1068 RasAuto - ok
13:55:58.0992 1068 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:55:59.0017 1068 Rasl2tp - ok
13:55:59.0046 1068 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
13:55:59.0088 1068 RasMan - ok
13:55:59.0119 1068 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:55:59.0128 1068 RasPppoe - ok
13:55:59.0151 1068 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:55:59.0171 1068 RasSstp - ok
13:55:59.0205 1068 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:55:59.0241 1068 rdbss - ok
13:55:59.0249 1068 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:55:59.0265 1068 RDPCDD - ok
13:55:59.0304 1068 [ 943B18305EAE3935598A9B4A3D560B4C ] rdpdr C:\Windows\system32\DRIVERS\rdpdr.sys
13:55:59.0344 1068 rdpdr - ok
13:55:59.0360 1068 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:55:59.0379 1068 RDPENCDD - ok
13:55:59.0408 1068 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:55:59.0446 1068 RDPWD - ok
13:55:59.0485 1068 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:55:59.0500 1068 RemoteAccess - ok
13:55:59.0531 1068 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:55:59.0558 1068 RemoteRegistry - ok
13:55:59.0584 1068 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
13:55:59.0618 1068 RpcLocator - ok
13:55:59.0647 1068 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\System32\rpcss.dll
13:55:59.0656 1068 RpcSs - ok
13:55:59.0677 1068 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:55:59.0700 1068 rspndr - ok
13:55:59.0740 1068 [ 283392AF1860ECDB5E0F8EBD7F3D72DF ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
13:55:59.0764 1068 RTL8169 - ok
13:55:59.0782 1068 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
13:55:59.0785 1068 SamSs - ok
13:55:59.0808 1068 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:55:59.0855 1068 sbp2port - ok
13:55:59.0882 1068 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:55:59.0945 1068 SCardSvr - ok
13:55:59.0987 1068 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
13:56:00.0024 1068 Schedule - ok
13:56:00.0040 1068 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:56:00.0042 1068 SCPolicySvc - ok
13:56:00.0069 1068 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:56:00.0101 1068 SDRSVC - ok
13:56:00.0129 1068 [ 78779EE07231C658B483B1F38B5088DF ] SeaPort C:\Program Files\Microsoft\BingBar\SeaPort.EXE
13:56:00.0162 1068 SeaPort - ok
13:56:00.0181 1068 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:56:00.0198 1068 secdrv - ok
13:56:00.0218 1068 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
13:56:00.0244 1068 seclogon - ok
13:56:00.0260 1068 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
13:56:00.0265 1068 SENS - ok
13:56:00.0280 1068 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:56:00.0303 1068 Serenum - ok
13:56:00.0320 1068 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:56:00.0332 1068 Serial - ok
13:56:00.0353 1068 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:56:00.0375 1068 sermouse - ok
13:56:00.0404 1068 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
13:56:00.0445 1068 SessionEnv - ok
13:56:00.0461 1068 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:56:00.0479 1068 sffdisk - ok
13:56:00.0499 1068 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:56:00.0508 1068 sffp_mmc - ok
13:56:00.0526 1068 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:56:00.0545 1068 sffp_sd - ok
13:56:00.0563 1068 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:56:00.0584 1068 sfloppy - ok
13:56:00.0620 1068 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:56:00.0649 1068 SharedAccess - ok
13:56:00.0678 1068 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:56:00.0717 1068 ShellHWDetection - ok
13:56:00.0740 1068 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:56:00.0777 1068 sisagp - ok
13:56:00.0807 1068 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
13:56:00.0829 1068 SiSRaid2 - ok
13:56:00.0851 1068 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:56:00.0874 1068 SiSRaid4 - ok
13:56:00.0985 1068 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
13:56:01.0086 1068 slsvc - ok
13:56:01.0102 1068 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
13:56:01.0140 1068 SLUINotify - ok
13:56:01.0167 1068 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:56:01.0187 1068 Smb - ok
13:56:01.0225 1068 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:56:01.0255 1068 SNMPTRAP - ok
13:56:01.0276 1068 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
13:56:01.0284 1068 spldr - ok
13:56:01.0316 1068 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
13:56:01.0356 1068 Spooler - ok
13:56:01.0389 1068 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:56:01.0415 1068 srv - ok
13:56:01.0447 1068 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:56:01.0470 1068 srv2 - ok
13:56:01.0487 1068 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:56:01.0514 1068 srvnet - ok
13:56:01.0540 1068 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:56:01.0577 1068 SSDPSRV - ok
13:56:01.0607 1068 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
13:56:01.0630 1068 ssmdrv - ok
13:56:01.0667 1068 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:56:01.0683 1068 SstpSvc - ok
13:56:01.0724 1068 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
13:56:01.0769 1068 stisvc - ok
13:56:01.0789 1068 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:56:01.0808 1068 swenum - ok
13:56:01.0853 1068 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
13:56:01.0860 1068 swprv - ok
13:56:01.0878 1068 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
13:56:01.0906 1068 Symc8xx - ok
13:56:01.0928 1068 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
13:56:01.0937 1068 Sym_hi - ok
13:56:01.0954 1068 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
13:56:01.0990 1068 Sym_u3 - ok
13:56:02.0025 1068 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
13:56:02.0066 1068 SysMain - ok
13:56:02.0098 1068 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:56:02.0127 1068 TabletInputService - ok
13:56:02.0188 1068 [ 0C3B2A9C4BD2DD9A6C2E4084314DD719 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
13:56:02.0211 1068 taphss - ok
13:56:02.0259 1068 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:56:02.0286 1068 TapiSrv - ok
13:56:02.0296 1068 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
13:56:02.0342 1068 TBS - ok
13:56:02.0395 1068 [ 6D0D344F643E28B31262AC2682109A3C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:56:02.0440 1068 Tcpip - ok
13:56:02.0460 1068 [ 6D0D344F643E28B31262AC2682109A3C ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
13:56:02.0471 1068 Tcpip6 - ok
13:56:02.0482 1068 [ 5877A786EF27E42C4E84D1356F922302 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:56:02.0502 1068 tcpipreg - ok
13:56:02.0533 1068 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:56:02.0540 1068 TDPIPE - ok
13:56:02.0554 1068 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:56:02.0571 1068 TDTCP - ok
13:56:02.0598 1068 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:56:02.0622 1068 tdx - ok
13:56:02.0642 1068 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:56:02.0667 1068 TermDD - ok
13:56:02.0701 1068 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
13:56:02.0712 1068 TermService - ok
13:56:02.0734 1068 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
13:56:02.0741 1068 Themes - ok
13:56:02.0758 1068 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
13:56:02.0762 1068 THREADORDER - ok
13:56:02.0781 1068 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
13:56:02.0786 1068 TrkWks - ok
13:56:02.0832 1068 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:56:02.0854 1068 TrustedInstaller - ok
13:56:02.0877 1068 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:56:02.0897 1068 tssecsrv - ok
13:56:02.0927 1068 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
13:56:02.0943 1068 tunmp - ok
13:56:02.0977 1068 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:56:02.0996 1068 tunnel - ok
13:56:03.0013 1068 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:56:03.0044 1068 uagp35 - ok
13:56:03.0076 1068 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:56:03.0101 1068 udfs - ok
13:56:03.0138 1068 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:56:03.0180 1068 UI0Detect - ok
13:56:03.0199 1068 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:56:03.0233 1068 uliagpkx - ok
13:56:03.0262 1068 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
13:56:03.0299 1068 uliahci - ok
13:56:03.0319 1068 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
13:56:03.0352 1068 UlSata - ok
13:56:03.0367 1068 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
13:56:03.0383 1068 ulsata2 - ok
13:56:03.0401 1068 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:56:03.0432 1068 umbus - ok
13:56:03.0461 1068 [ 8A66360F38F81E960E2367B428CBD5D9 ] UmRdpService C:\Windows\System32\umrdp.dll
13:56:03.0511 1068 UmRdpService - ok
13:56:03.0529 1068 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
13:56:03.0562 1068 upnphost - ok
13:56:03.0609 1068 [ 9419FAAC6552A51542DBBA02971C841C ] usbbus C:\Windows\system32\DRIVERS\lgusbbus.sys
13:56:03.0627 1068 usbbus - ok
13:56:03.0653 1068 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:56:03.0674 1068 usbccgp - ok
13:56:03.0702 1068 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:56:03.0723 1068 usbcir - ok
13:56:03.0755 1068 [ C0A466FA4FFEC464320E159BC1BBDC0C ] UsbDiag C:\Windows\system32\DRIVERS\lgusbdiag.sys
13:56:03.0771 1068 UsbDiag - ok
13:56:03.0807 1068 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:56:03.0828 1068 usbehci - ok
13:56:03.0858 1068 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:56:03.0889 1068 usbhub - ok
13:56:03.0907 1068 [ F74A54774A9B0AFEB3C40ADEC68AA600 ] USBModem C:\Windows\system32\DRIVERS\lgusbmodem.sys
13:56:03.0927 1068 USBModem - ok
13:56:03.0944 1068 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:56:03.0968 1068 usbohci - ok
13:56:03.0986 1068 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:56:04.0013 1068 usbprint - ok
13:56:04.0036 1068 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:56:04.0055 1068 usbscan - ok
13:56:04.0074 1068 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:56:04.0109 1068 USBSTOR - ok
13:56:04.0129 1068 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:56:04.0137 1068 usbuhci - ok
13:56:04.0169 1068 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
13:56:04.0182 1068 UxSms - ok
13:56:04.0231 1068 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
13:56:04.0268 1068 vds - ok
13:56:04.0292 1068 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:56:04.0308 1068 vga - ok
13:56:04.0324 1068 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
13:56:04.0347 1068 VgaSave - ok
13:56:04.0367 1068 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:56:04.0392 1068 viaagp - ok
13:56:04.0407 1068 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
13:56:04.0417 1068 ViaC7 - ok
13:56:04.0434 1068 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
13:56:04.0463 1068 viaide - ok
13:56:04.0474 1068 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:56:04.0498 1068 volmgr - ok
13:56:04.0535 1068 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:56:04.0576 1068 volmgrx - ok
13:56:04.0609 1068 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:56:04.0645 1068 volsnap - ok
13:56:04.0676 1068 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:56:04.0688 1068 vsmraid - ok
13:56:04.0740 1068 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
13:56:04.0800 1068 VSS - ok
13:56:04.0824 1068 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
13:56:04.0859 1068 W32Time - ok
13:56:04.0881 1068 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:56:04.0903 1068 WacomPen - ok
13:56:04.0921 1068 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
13:56:04.0940 1068 Wanarp - ok
13:56:04.0946 1068 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:56:04.0949 1068 Wanarpv6 - ok
13:56:05.0063 1068 [ 20B23332885DFB93FE0185362EE811E9 ] wbengine C:\Windows\system32\wbengine.exe
13:56:05.0216 1068 wbengine - ok
13:56:05.0246 1068 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:56:05.0256 1068 wcncsvc - ok
13:56:05.0281 1068 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:56:05.0306 1068 WcsPlugInService - ok
13:56:05.0337 1068 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
13:56:05.0346 1068 Wd - ok
13:56:05.0387 1068 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:56:05.0423 1068 Wdf01000 - ok
13:56:05.0446 1068 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:56:05.0451 1068 WdiServiceHost - ok
13:56:05.0457 1068 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:56:05.0463 1068 WdiSystemHost - ok
13:56:05.0479 1068 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
13:56:05.0485 1068 WebClient - ok
13:56:05.0515 1068 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:56:05.0547 1068 Wecsvc - ok
13:56:05.0564 1068 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:56:05.0570 1068 wercplsupport - ok
13:56:05.0602 1068 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
13:56:05.0639 1068 WerSvc - ok
13:56:05.0677 1068 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
13:56:05.0716 1068 WinDefend - ok
13:56:05.0729 1068 WinHttpAutoProxySvc - ok
13:56:05.0773 1068 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:56:05.0817 1068 Winmgmt - ok
13:56:05.0867 1068 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
13:56:05.0910 1068 WinRM - ok
13:56:05.0964 1068 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:56:06.0007 1068 Wlansvc - ok
13:56:06.0054 1068 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:56:06.0082 1068 wlcrasvc - ok
13:56:06.0176 1068 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:56:06.0225 1068 wlidsvc - ok
13:56:06.0252 1068 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:56:06.0271 1068 WmiAcpi - ok
13:56:06.0303 1068 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:56:06.0333 1068 wmiApSrv - ok
13:56:06.0418 1068 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:56:06.0473 1068 WMPNetworkSvc - ok
13:56:06.0501 1068 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:56:06.0533 1068 WPDBusEnum - ok
13:56:06.0563 1068 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
13:56:06.0588 1068 WpdUsb - ok
13:56:06.0655 1068 [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:56:06.0666 1068 WPFFontCache_v0400 - ok
13:56:06.0681 1068 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:56:06.0701 1068 ws2ifsl - ok
13:56:06.0732 1068 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
13:56:06.0738 1068 wscsvc - ok
13:56:06.0745 1068 WSearch - ok
13:56:06.0829 1068 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
13:56:06.0904 1068 wuauserv - ok
13:56:06.0952 1068 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:56:06.0972 1068 WudfPf - ok
13:56:07.0009 1068 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:56:07.0047 1068 WUDFRd - ok
13:56:07.0065 1068 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:56:07.0082 1068 wudfsvc - ok
13:56:07.0094 1068 ================ Scan global ===============================
13:56:07.0123 1068 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
13:56:07.0169 1068 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
13:56:07.0187 1068 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
13:56:07.0228 1068 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
13:56:07.0234 1068 [Global] - ok
13:56:07.0235 1068 ================ Scan MBR ==================================
13:56:07.0252 1068 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:56:07.0706 1068 \Device\Harddisk0\DR0 - ok
13:56:07.0706 1068 ================ Scan VBR ==================================
13:56:07.0709 1068 [ E982A5627D1A44002757B95EC0EB607A ] \Device\Harddisk0\DR0\Partition1
13:56:07.0710 1068 \Device\Harddisk0\DR0\Partition1 - ok
13:56:07.0712 1068 ============================================================
13:56:07.0712 1068 Scan finished
13:56:07.0712 1068 ============================================================
13:56:07.0723 4536 Detected object count: 0
13:56:07.0723 4536 Actual detected object count: 0


kedd szept. 24, 2013 13:11
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
Ok, meg a biztonsag kedveert, futtasd le az TDSSKILLERT, a naplojat tedd ide.
http://www.viruskasino.com/2010/12/odst ... kitov.html


kedd szept. 24, 2013 12:43
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: pén. feb. 26, 2010 8:35
Hozzászólások: 264
Hozzászólás Re: stell, help me
ComboFix 13-09-24.02 - user_11 013.09.24. 13:30:11.8.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.36.1038.18.1023.388 [GMT 2:00]
Running from: c:\users\user_11\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: PC Tools Firewall Plus *Disabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2013-08-24 to 2013-09-24 )))))))))))))))))))))))))))))))
.
.
2013-09-24 10:44 . 2013-09-24 11:37 -------- d-----w- c:\users\user_11\AppData\Local\temp
2013-09-24 08:36 . 2013-09-24 08:36 -------- d-----w- c:\windows\ERUNT
2013-09-24 08:26 . 2013-09-24 08:28 -------- d-----w- C:\AdwCleaner
2013-09-24 07:12 . 2013-09-24 07:12 -------- d-----w- C:\FRST
2013-09-24 06:05 . 2013-09-15 22:50 7328304 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FFBE27E4-3A16-47D4-A1A6-D34A9A32FE89}\mpengine.dll
2013-09-23 13:29 . 2013-09-23 13:29 -------- d-----w- c:\users\user_11\AppData\Local\Apple
2013-09-15 14:42 . 2013-09-15 14:48 -------- d-----w- c:\program files\Assassins Creed III
2013-09-12 06:18 . 2013-08-08 01:45 2049536 ----a-w- c:\windows\system32\win32k.sys
2013-09-12 06:18 . 2013-07-16 04:35 615936 ----a-w- c:\windows\system32\themeui.dll
2013-09-06 21:12 . 2013-09-06 21:12 -------- d-----w- c:\programdata\Avery
2013-09-03 13:53 . 2013-09-03 13:53 187248 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2013-09-03 05:38 . 2013-09-03 05:38 -------- d-----w- c:\users\user_11\AppData\Roaming\Avira
2013-09-03 05:34 . 2013-09-04 11:34 88840 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-09-03 05:34 . 2013-09-04 11:34 136672 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-09-03 05:34 . 2013-09-03 05:33 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-09-03 05:34 . 2013-09-03 05:34 -------- d-----w- c:\program files\Avira
2013-09-02 11:04 . 2013-09-02 11:10 -------- d-----w- c:\users\user_11\AppData\Local\toolbarcleaner
2013-08-29 13:25 . 2013-08-29 13:25 -------- d-----w- c:\users\user_11\AppData\Roaming\VSRevoGroup
2013-08-29 07:42 . 2005-04-03 21:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2013-08-29 07:42 . 2005-04-03 21:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2013-08-29 07:42 . 2005-04-03 21:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2013-08-29 07:42 . 2005-04-03 21:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2013-08-29 07:42 . 2013-08-29 07:42 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2013-08-29 07:42 . 2013-08-29 07:42 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2013-08-28 05:44 . 2013-08-02 04:09 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-27 11:13 . 2013-08-27 11:13 -------- d-----w- c:\programdata\Electronic Arts
2013-08-27 10:59 . 2010-11-23 01:09 447752 ----a-w- c:\windows\system32\vp6vfw.dll
2013-08-27 10:59 . 2013-08-27 10:59 -------- d-----w- c:\program files\Microsoft WSE
2013-08-26 16:14 . 2013-08-28 06:06 -------- d-----w- c:\program files\Maxis
2013-08-26 16:06 . 2009-02-24 16:42 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-19 18:10 . 2012-09-10 08:28 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-19 18:10 . 2011-11-10 07:03 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-07 02:22 . 2010-12-06 12:38 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-07-24 11:37 . 2013-02-17 11:42 11092 ----a-w- c:\users\user_11\AppData\Roaming\TheHunterSettings_live.bin
2013-07-17 19:41 . 2013-08-14 07:29 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-10 09:47 . 2013-08-14 07:29 783360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 12:10 . 2013-08-14 07:29 1205680 ----a-w- c:\windows\system32\ntdll.dll
2013-07-08 04:55 . 2013-08-14 07:29 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-08 04:55 . 2013-08-14 07:29 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-08 04:20 . 2013-08-14 07:29 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-07-08 04:16 . 2013-08-14 07:29 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-08 04:16 . 2013-08-14 07:29 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-08 04:16 . 2013-08-14 07:29 992768 ----a-w- c:\windows\system32\crypt32.dll
2013-07-05 03:20 . 2013-08-14 07:30 914880 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-05 01:43 . 2013-08-14 07:30 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-06-29 19:38 . 2013-02-14 17:59 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-29 19:38 . 2012-08-01 18:03 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-29 19:38 . 2012-02-18 20:00 789416 ----a-w- c:\windows\system32\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2011-04-07 2672600]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-09-04 347192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
2013-07-27 08:41 1028896 ----a-w- c:\program files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Supplementary Scan -------
.
IE: E&xportálás a Microsoft Excel programba - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\user_11\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-24 13:37
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3660284441-3406738706-2838319646-1000\Software\SecuROM\License information*]
"datasecu"=hex:7f,1a,3c,53,41,e1,26,db,92,51,f0,de,7a,1e,21,7e,89,9f,5b,d5,1e,
f2,b1,1a,12,9d,74,78,20,b8,bd,a7,3a,1d,5b,71,dd,59,98,8a,a1,08,9e,a3,c7,fe,\
"rkeysecu"=hex:27,70,89,90,f2,19,b1,f4,77,b9,82,a7,27,8c,9d,dd
.
Completion time: 2013-09-24 13:39:01
ComboFix-quarantined-files.txt 2013-09-24 11:38
ComboFix2.txt 2013-09-24 10:52
.
Pre-Run: 193 760 649 216 bájt szabad
Post-Run: 193 731 190 784 bájt szabad
.
- - End Of File - - D154CD6E0F97A3E4E766616D45B47C6D
5C616939100B85E558DA92B899A0FC36


kedd szept. 24, 2013 12:40
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
hm , egy ujabb rendszer fajlo fertozes ,,gyogyitas.

Most csinald pontosan eztet.

Nevezd att a combofix ikonjat uninstall
Es futtasd, a combofix letelepitodik a szamitogeproll.

2:Kapcsold ki a rendszervisszallitasat, Restart> es kapcsold be vissza.

3:Tolds le ujbol a combofixet, tehat UJ, combofixet, es csak siman futtasd le, a naplojat tedd ide.


kedd szept. 24, 2013 12:01
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: pén. feb. 26, 2010 8:35
Hozzászólások: 264
Hozzászólás Re: stell, help me
ComboFix 13-09-24.02 - user_11 013.09.24. 12:38:20.7.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.36.1038.18.1023.371 [GMT 2:00]
Running from: c:\users\user_11\Desktop\ComboFix.exe
Command switches used :: c:\users\user_11\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: PC Tools Firewall Plus *Disabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000UA.job
.
Infected copy of c:\windows\system32\ntdll.dll was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6002.23154_none_5b14cd6b1296a32b\ntdll.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-08-24 to 2013-09-24 )))))))))))))))))))))))))))))))
.
.
2013-09-24 10:44 . 2013-09-24 10:48 -------- d-----w- c:\users\user_11\AppData\Local\temp
2013-09-24 10:44 . 2013-09-24 10:46 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-24 10:44 . 2013-09-24 10:44 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-09-24 10:44 . 2013-09-24 10:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-24 08:36 . 2013-09-24 08:36 -------- d-----w- c:\windows\ERUNT
2013-09-24 08:26 . 2013-09-24 08:28 -------- d-----w- C:\AdwCleaner
2013-09-24 07:12 . 2013-09-24 07:12 -------- d-----w- C:\FRST
2013-09-24 06:05 . 2013-09-15 22:50 7328304 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FFBE27E4-3A16-47D4-A1A6-D34A9A32FE89}\mpengine.dll
2013-09-23 13:29 . 2013-09-23 13:29 -------- d-----w- c:\users\user_11\AppData\Local\Apple
2013-09-15 14:42 . 2013-09-15 14:48 -------- d-----w- c:\program files\Assassins Creed III
2013-09-12 06:18 . 2013-08-08 01:45 2049536 ----a-w- c:\windows\system32\win32k.sys
2013-09-12 06:18 . 2013-07-16 04:35 615936 ----a-w- c:\windows\system32\themeui.dll
2013-09-06 21:12 . 2013-09-06 21:12 -------- d-----w- c:\programdata\Avery
2013-09-03 13:53 . 2013-09-03 13:53 187248 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2013-09-03 05:38 . 2013-09-03 05:38 -------- d-----w- c:\users\user_11\AppData\Roaming\Avira
2013-09-03 05:34 . 2013-09-04 11:34 88840 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-09-03 05:34 . 2013-09-04 11:34 136672 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-09-03 05:34 . 2013-09-03 05:33 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-09-03 05:34 . 2013-09-03 05:34 -------- d-----w- c:\program files\Avira
2013-09-02 11:04 . 2013-09-02 11:10 -------- d-----w- c:\users\user_11\AppData\Local\toolbarcleaner
2013-08-29 13:25 . 2013-08-29 13:25 -------- d-----w- c:\users\user_11\AppData\Roaming\VSRevoGroup
2013-08-29 07:42 . 2005-04-03 21:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2013-08-29 07:42 . 2005-04-03 21:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2013-08-29 07:42 . 2005-04-03 21:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2013-08-29 07:42 . 2005-04-03 21:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2013-08-29 07:42 . 2013-08-29 07:42 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2013-08-29 07:42 . 2013-08-29 07:42 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2013-08-28 05:44 . 2013-08-02 04:09 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-27 11:13 . 2013-08-27 11:13 -------- d-----w- c:\programdata\Electronic Arts
2013-08-27 10:59 . 2010-11-23 01:09 447752 ----a-w- c:\windows\system32\vp6vfw.dll
2013-08-27 10:59 . 2013-08-27 10:59 -------- d-----w- c:\program files\Microsoft WSE
2013-08-26 16:14 . 2013-08-28 06:06 -------- d-----w- c:\program files\Maxis
2013-08-26 16:06 . 2009-02-24 16:42 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-19 18:10 . 2012-09-10 08:28 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-19 18:10 . 2011-11-10 07:03 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-07 02:22 . 2010-12-06 12:38 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-07-24 11:37 . 2013-02-17 11:42 11092 ----a-w- c:\users\user_11\AppData\Roaming\TheHunterSettings_live.bin
2013-07-17 19:41 . 2013-08-14 07:29 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-10 09:47 . 2013-08-14 07:29 783360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 12:10 . 2013-08-14 07:29 1205680 ----a-w- c:\windows\system32\ntdll.dll
2013-07-08 04:55 . 2013-08-14 07:29 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-08 04:55 . 2013-08-14 07:29 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-08 04:20 . 2013-08-14 07:29 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-07-08 04:16 . 2013-08-14 07:29 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-08 04:16 . 2013-08-14 07:29 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-08 04:16 . 2013-08-14 07:29 992768 ----a-w- c:\windows\system32\crypt32.dll
2013-07-05 03:20 . 2013-08-14 07:30 914880 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-05 01:43 . 2013-08-14 07:30 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-06-29 19:38 . 2013-02-14 17:59 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-29 19:38 . 2012-08-01 18:03 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-29 19:38 . 2012-02-18 20:00 789416 ----a-w- c:\windows\system32\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2011-04-07 2672600]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-09-04 347192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
2013-07-27 08:41 1028896 ----a-w- c:\program files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Supplementary Scan -------
.
IE: E&xportálás a Microsoft Excel programba - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\user_11\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.0.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-24 12:49
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3660284441-3406738706-2838319646-1000\Software\SecuROM\License information*]
"datasecu"=hex:7f,1a,3c,53,41,e1,26,db,92,51,f0,de,7a,1e,21,7e,89,9f,5b,d5,1e,
f2,b1,1a,12,9d,74,78,20,b8,bd,a7,3a,1d,5b,71,dd,59,98,8a,a1,08,9e,a3,c7,fe,\
"rkeysecu"=hex:27,70,89,90,f2,19,b1,f4,77,b9,82,a7,27,8c,9d,dd
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(2648)
c:\windows\system32\ieframe.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Nero\Update\NASvc.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files\PC Tools Firewall Plus\FWService.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
c:\windows\system32\conime.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2013-09-24 12:52:04 - machine was rebooted
ComboFix-quarantined-files.txt 2013-09-24 10:52
ComboFix2.txt 2013-09-24 09:39
.
Pre-Run: 195 338 141 696 bájt szabad
Post-Run: 195 307 429 888 bájt szabad
.
- - End Of File - - 91E816A6EB1A13E746933A9F48F2969C
5C616939100B85E558DA92B899A0FC36


kedd szept. 24, 2013 11:55
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
Igen, volt neked Rendszerfajlo ferozes is, de a combofix kijavitotta..

Script készítés:
Kinyitunk - Notepadot (Jegyzetfüzetet)igy: Start>futtatás>beírod: notepad
és bemásolod- a Kód: címszó alatt található zöld textet(Kód: szó nélkül), aztán a notepadba beillesztett textet elmentjük scriptnek az asztalra , úgy:- Fájl>Mentés Másként>Fájlnév>CFScript.txt>Fájl típusa>Minden fájl>Mentés.(Ásztálra),.Kész, az astalon lévő CFScript txt húzzunk rá a ComboFix ikonnyara. Es mostan megcsinalod eztett:
KépA naplojat tedd ide.
Kód:
KILLALL::
Registry::
[-HKLM\~\startupfolder\C:^Users^user_11^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^RollerCoaster Tycoon 3 Registration.lnk]
[-HKLM\~\startupfolder\C:^Users^user_11^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TODOR.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000UA.job
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
ClearJavaCache::


kedd szept. 24, 2013 11:24
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: pén. feb. 26, 2010 8:35
Hozzászólások: 264
Hozzászólás Re: stell, help me
en latom azokat a jeleket, de az nem kinai jelek, de Unicode, jelek,

Én nem tudom milyen jelek,de amióta kitöröltetted velem azt az Avira Toolbart már nincs ott a
System 32-ben az a fajl sem.
2013-09-24 07:35 - 2013-09-24 07:35 - 98848089 _____ C:\Windows\system32\諉嫥ᰴŒ


kedd szept. 24, 2013 10:52
Profil Privát üzenet küldése
arany tag

Csatlakozott: pén. feb. 26, 2010 8:35
Hozzászólások: 264
Hozzászólás Re: stell, help me
ComboFix 13-09-24.01 - user_11 013.09.24. 11:26:02.6.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.36.1038.18.1023.423 [GMT 2:00]
Running from: c:\users\user_11\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: PC Tools Firewall Plus *Disabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\prefs.js
.
Infected copy of c:\windows\system32\Services.exe was found and disinfected
Restored copy from - c:\windows\ERDNT\cache\services.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-08-24 to 2013-09-24 )))))))))))))))))))))))))))))))
.
.
2013-09-24 09:32 . 2013-09-24 09:36 -------- d-----w- c:\users\user_11\AppData\Local\temp
2013-09-24 09:32 . 2013-09-24 09:34 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-24 09:32 . 2013-09-24 09:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-24 08:36 . 2013-09-24 08:36 -------- d-----w- c:\windows\ERUNT
2013-09-24 08:26 . 2013-09-24 08:28 -------- d-----w- C:\AdwCleaner
2013-09-24 07:12 . 2013-09-24 07:12 -------- d-----w- C:\FRST
2013-09-24 06:05 . 2013-09-15 22:50 7328304 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FFBE27E4-3A16-47D4-A1A6-D34A9A32FE89}\mpengine.dll
2013-09-23 13:29 . 2013-09-23 13:29 -------- d-----w- c:\users\user_11\AppData\Local\Apple
2013-09-15 14:42 . 2013-09-15 14:48 -------- d-----w- c:\program files\Assassins Creed III
2013-09-12 06:18 . 2013-08-08 01:45 2049536 ----a-w- c:\windows\system32\win32k.sys
2013-09-12 06:18 . 2013-07-16 04:35 615936 ----a-w- c:\windows\system32\themeui.dll
2013-09-06 21:12 . 2013-09-06 21:12 -------- d-----w- c:\programdata\Avery
2013-09-03 13:53 . 2013-09-03 13:53 187248 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2013-09-03 05:38 . 2013-09-03 05:38 -------- d-----w- c:\users\user_11\AppData\Roaming\Avira
2013-09-03 05:34 . 2013-09-04 11:34 88840 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-09-03 05:34 . 2013-09-04 11:34 136672 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-09-03 05:34 . 2013-09-03 05:33 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-09-03 05:34 . 2013-09-03 05:34 -------- d-----w- c:\program files\Avira
2013-09-02 11:04 . 2013-09-02 11:10 -------- d-----w- c:\users\user_11\AppData\Local\toolbarcleaner
2013-08-29 13:25 . 2013-08-29 13:25 -------- d-----w- c:\users\user_11\AppData\Roaming\VSRevoGroup
2013-08-29 07:42 . 2005-04-03 21:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2013-08-29 07:42 . 2005-04-03 21:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2013-08-29 07:42 . 2005-04-03 21:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2013-08-29 07:42 . 2005-04-03 21:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2013-08-29 07:42 . 2013-08-29 07:42 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2013-08-29 07:42 . 2013-08-29 07:42 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2013-08-28 05:44 . 2013-08-02 04:09 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-27 11:13 . 2013-08-27 11:13 -------- d-----w- c:\programdata\Electronic Arts
2013-08-27 10:59 . 2010-11-23 01:09 447752 ----a-w- c:\windows\system32\vp6vfw.dll
2013-08-27 10:59 . 2013-08-27 10:59 -------- d-----w- c:\program files\Microsoft WSE
2013-08-26 16:14 . 2013-08-28 06:06 -------- d-----w- c:\program files\Maxis
2013-08-26 16:06 . 2009-02-24 16:42 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-19 18:10 . 2012-09-10 08:28 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-19 18:10 . 2011-11-10 07:03 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-07 02:22 . 2010-12-06 12:38 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-07-24 11:37 . 2013-02-17 11:42 11092 ----a-w- c:\users\user_11\AppData\Roaming\TheHunterSettings_live.bin
2013-07-17 19:41 . 2013-08-14 07:29 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-10 09:47 . 2013-08-14 07:29 783360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 12:10 . 2013-08-14 07:29 1205168 ----a-w- c:\windows\system32\ntdll.dll
2013-07-08 04:55 . 2013-08-14 07:29 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-08 04:55 . 2013-08-14 07:29 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-08 04:20 . 2013-08-14 07:29 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-07-08 04:16 . 2013-08-14 07:29 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-08 04:16 . 2013-08-14 07:29 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-08 04:16 . 2013-08-14 07:29 992768 ----a-w- c:\windows\system32\crypt32.dll
2013-07-05 03:20 . 2013-08-14 07:30 914880 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-05 01:43 . 2013-08-14 07:30 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-06-29 19:38 . 2013-02-14 17:59 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-29 19:38 . 2012-08-01 18:03 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-29 19:38 . 2012-02-18 20:00 789416 ----a-w- c:\windows\system32\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2011-04-07 2672600]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-09-04 347192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^user_11^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^RollerCoaster Tycoon 3 Registration.lnk]
path=c:\users\user_11\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk
backup=c:\windows\pss\RollerCoaster Tycoon 3 Registration.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^user_11^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TODOR.lnk]
path=c:\users\user_11\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TODOR.lnk
backup=c:\windows\pss\TODOR.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
2013-07-27 08:41 1028896 ----a-w- c:\program files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 01:59 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-10 18:10]
.
2013-09-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000Core.job
- c:\users\user_11\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-07 11:36]
.
2013-09-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000UA.job
- c:\users\user_11\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-07 11:36]
.
.
------- Supplementary Scan -------
.
IE: E&xportálás a Microsoft Excel programba - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\user_11\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3660284441-3406738706-2838319646-1000\Software\SecuROM\License information*]
"datasecu"=hex:7f,1a,3c,53,41,e1,26,db,92,51,f0,de,7a,1e,21,7e,89,9f,5b,d5,1e,
f2,b1,1a,12,9d,74,78,20,b8,bd,a7,3a,1d,5b,71,dd,59,98,8a,a1,08,9e,a3,c7,fe,\
"rkeysecu"=hex:27,70,89,90,f2,19,b1,f4,77,b9,82,a7,27,8c,9d,dd
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Nero\Update\NASvc.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files\PC Tools Firewall Plus\FWService.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
c:\windows\system32\conime.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2013-09-24 11:39:20 - machine was rebooted
ComboFix-quarantined-files.txt 2013-09-24 09:39
.
Pre-Run: 195 354 693 632 bájt szabad
Post-Run: 195 318 706 176 bájt szabad
.
- - End Of File - - 7BE8147AEFAEDDDA65B003DFEC949595
5C616939100B85E558DA92B899A0FC36


kedd szept. 24, 2013 10:45
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
Na meg Fuutasd le a combofixet is, en latom azokat a jeleket, de az nem kinai jelek, de Unicode, jelek, majd meglatom mitt muttat a combofix.
http://www.bleepingcomputer.com/combofi ... t-combofix


kedd szept. 24, 2013 9:57
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: pén. feb. 26, 2010 8:35
Hozzászólások: 264
Hozzászólás Re: stell, help me
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.2 (09.22.2013:1)
OS: Windows Vista (TM) Business x86
Ran by user_11 on 2013.09.24. at 10:36:20,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\utorrentcontrol2



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Users\user_11\appdata\locallow\utorrentcontrol2"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2013.09.24. at 10:38:50,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


kedd szept. 24, 2013 9:48
Profil Privát üzenet küldése
arany tag

Csatlakozott: pén. feb. 26, 2010 8:35
Hozzászólások: 264
Hozzászólás Re: stell, help me
# AdwCleaner v3.005 - Report created 24/09/2013 at 10:27:57
# Updated 22/09/2013 by Xplode
# Operating System : Windows Vista (TM) Business Service Pack 2 (32 bits)
# Username : user_11 - INTENSA-11
# Running from : C:\Users\user_11\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Users\user_11\AppData\Local\Babylon
Folder Deleted : C:\Users\user_11\AppData\Local\Conduit
Folder Deleted : C:\Users\user_11\AppData\Local\cre
Folder Deleted : C:\Users\user_11\AppData\Local\Systweak
Folder Deleted : C:\Users\user_11\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\user_11\AppData\Roaming\Advanced System Protector
Folder Deleted : C:\Users\user_11\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\user_11\AppData\Roaming\Systweak
Folder Deleted : C:\Users\user_11\AppData\Roaming\yourfiledownloader
Folder Deleted : C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
File Deleted : C:\END

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16506


-\\ Google Chrome v

[ File : C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2922 octets] - [24/09/2013 10:27:04]
AdwCleaner[S0].txt - [2943 octets] - [24/09/2013 10:27:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3003 octets] ##########


És most kezdem a másikat!


kedd szept. 24, 2013 9:33
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
1:Futtasd az blogombol az ADWcleanert
http://www.viruskasino.com/2012/09/adwcleaner.html
Klikni>> SCAN>>mikkor bevegzi>>klik ..CLEAN>.az naplojat tedd ide.

2:Futtasd le az Junkwareremovaltool
http://www.viruskasino.com/2010/12/prog ... moval-tool

Az naplojat majd tedd idde, vard meg es legy turelmes...


kedd szept. 24, 2013 9:17
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: pén. feb. 26, 2010 8:35
Hozzászólások: 264
Hozzászólás Re: stell, help me
Start
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU
URLSearchHook: SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://search.yahoo.com/search?fr=vmn&t ... a-ch-rp&q={searchTerms}
SearchScopes: HKCU - {383AEE39-492C-438C-8224-5ECD4A84FC77} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_HU&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^HU&apn_uid=45594931-c295-4f71-b1fb-173750c435c1&apn_sauid=EE13009E-3EF1-43BB-A285-9282BFDE85C5
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://search.yahoo.com/search?fr=vmn&t ... a-ch-rp&q={searchTerms}
BHO: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
S3 catchme; \??\C:\Users\user_11\AppData\Local\Temp\catchme.sys [x]
Hosts:
End
*****************

HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} => Value deleted successfully.
HKCR\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{383AEE39-492C-438C-8224-5ECD4A84FC77} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{383AEE39-492C-438C-8224-5ECD4A84FC77} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7} => Key not found.
HKCR\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{41564952-412D-5637-00A7-7A786E7484D7} => Value not found.
HKCR\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} => Key not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh => Key not found.
"C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx" => File/Directory not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
APNMCP => Service not found.
catchme => Service deleted successfully.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.

==== End of Fixlog ====


kedd szept. 24, 2013 9:12
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
1:Telepisd le a geprol, ezt a programot.
Avira SearchFree Toolbar plus Web Protection Updater

2:Az Fixlist.txt odda tedd ahol az FRST.EXE program van.

Script készítés:
Kinyitunk - Notepadot (Jegyzetfüzetet)igy: Start>futtatás>beírod: notepad
és bemásolod- a Kód: címszó alatt található zöld textet(Kód: szó nélkül), aztán a notepadba beillesztett textet elmentjük scriptnek az asztalra , úgy:- Fájl>Mentés Másként>Fájlnév>Fixlist.txt>Fájl típusa>Minden fájl>Mentés.(Ásztálra),.Kész,
Majd Fuutasd ujbol az FRST.exe programot, de most vigyaz>>raklikelsz az FIX gombra

N anaplojat FIXLOG.txt, majd tedd idde.
Kód:
Start
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU
URLSearchHook: SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://search.yahoo.com/search?fr=vmn&t ... a-ch-rp&q={searchTerms}
SearchScopes: HKCU - {383AEE39-492C-438C-8224-5ECD4A84FC77} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_HU&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^HU&apn_uid=45594931-c295-4f71-b1fb-173750c435c1&apn_sauid=EE13009E-3EF1-43BB-A285-9282BFDE85C5
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://search.yahoo.com/search?fr=vmn&t ... a-ch-rp&q={searchTerms}
BHO: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
S3 catchme; \??\C:\Users\user_11\AppData\Local\Temp\catchme.sys [x]
Hosts:
End


kedd szept. 24, 2013 8:47
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: pén. feb. 26, 2010 8:35
Hozzászólások: 264
Hozzászólás Re: stell, help me
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-09-2013
Ran by user_11 at 2013-09-24 09:14:35
Running from C:\Users\user_11\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: PC Tools Firewall Plus (Enabled) {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.2.1.28086)
2007 Microsoft Office system (Version: 12.0.6612.1000)
A kiterjesztett Microsoft .NET-keretrendszer 4 HUN nyelvi csomagja (Version: 4.0.30319)
A Microsoft .NET-keretrendszer 4-es verziójához tartozó ügyfélprofil HUN nyelvi csomagja (Version: 4.0.30319)
abgx360 v1.0.6
Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
Adobe Reader X (10.1.8) - Hungarian (Version: 10.1.8)
Adobe Shockwave Player 12.0 (Version: 12.0.0.112)
AIDA64 Extreme Edition v2.80 (Version: 2.80)
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
Avira Free Antivirus (Version: 13.0.0.4052)
Avira SearchFree Toolbar plus Web Protection (Version: 12.2.2.663)
AVS Update Manager 1.0
AVS Video Converter 8
AVS4YOU Software Navigator 1.4
Bing Bar (Version: 7.0.619.0)
CCleaner (Version: 4.05)
D3DX10 (Version: 15.4.2368.0902)
Defraggler (Version: 2.15)
Free YouTube to MP3 Converter version 3.12.2.419 (Version: 3.12.2.419)
Google Chrome (HKCU Version: 29.0.1547.76)
ImgBurn (Version: 2.5.7.0)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 31 (Version: 6.0.310)
Java(TM) 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
LG PC Suite II (Version: 2.00.0000)
LG USB Modem driver (Version: 4.9.4)
Magic ISO Maker v5.4 (build 0239)
Mesh Runtime (Version: 15.4.5722.2)
Messenger kísérő (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 Language Pack SP1 - hun (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile HUN Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended HUN Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel 2007 Help-frissítés (KB963678)
Microsoft Office Excel MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Powerpoint 2007 Help-frissítés (KB963669)
Microsoft Office PowerPoint MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Hungarian) 2007 (Version: 12.0.4518.1029)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word 2007 Help-frissítés (KB963665)
Microsoft Office Word MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NBA 2K12 (Version: 1.0.0)
Nero BurnLite 10 (Version: 10.0.10500.5.100)
Nero BurnLite 10 (Version: 10.0.10600)
Nero Control Center 10 (Version: 10.0.13100.3.1)
Nero ControlCenter 10 Help (CHM) (Version: 1.0.10700)
Nero Core Components 10 (Version: 2.0.15100.0.1)
Nero Update (Version: 1.0.0018)
NVIDIA 3D Vision vezérlő illesztőprogram 320.49 (Version: 320.49)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA frissítések 7.2.17 (Version: 7.2.17)
NVIDIA GeForce Experience 1.6 (Version: 1.6)
NVIDIA Grafikus illesztőprogram 320.49 (Version: 320.49)
NVIDIA Install Application (Version: 2.1002.131.854)
NVIDIA PhysX (Version: 9.13.0604)
NVIDIA PhysX rendszerszoftver 9.13.0604 (Version: 9.13.0604)
NVIDIA Update Components (Version: 7.2.17)
NVIDIA Vezérlőpult 320.49 (Version: 320.49)
Nyelvi csomag a Microsoft .NET-keretrendszer 3.5 1. szervizcsomagjához – HUN
OpenAL
PC Tools Firewall Plus 7.0 (Version: 7.0)
PhotoScape
PVSonyDll (Version: 1.00.0001)
QuickTime (Version: 7.74.80.86)
RAF (Version: 1.00.0001)
Revo Uninstaller 1.95 (Version: 1.95)
Segoe UI (Version: 15.4.2271.0615)
Speccy (Version: 1.21)
swMSM (Version: 12.0.0.1)
Total Commander (Remove or Repair) (Version: 7.56a)
Unity Web Player (HKCU Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Vista Codec Package (Version: 5.9.8)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.10 (32-bit) (Version: 4.10.0)

==================== Restore Points =========================


==================== Hosts content: ==========================

2006-11-02 12:23 - 2013-04-05 23:35 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {108505C1-A2F4-47D2-841A-4AAFB3A108A3} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {2B205850-F456-4BC1-8C95-044428DF52DF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-19] (Adobe Systems Incorporated)
Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {5EBE0ADE-959F-424E-9AAF-0147AEE84AD2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {8012EF10-2882-4435-B9A0-5849ABCC625A} - System32\Tasks\AVG\PC Tuneup\Integrator\Start On user_11 Logon => C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe
Task: {95A6265C-82C7-4DFA-ACB1-982BC6B94ECB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000UA => C:\Users\user_11\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-07] (Google Inc.)
Task: {A72096C9-D2D9-4AEA-958F-A74099B77E57} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {EFD0256C-91A9-409A-B1EF-8F7FA32A407F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F2505C44-A955-40EF-9ACD-DCB510D595B4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000Core => C:\Users\user_11\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-07] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000Core.job => C:\Users\user_11\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000UA.job => C:\Users\user_11\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-07-10 06:37 - 2013-06-21 14:02 - 12427240 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2010-07-09 17:37 - 2013-06-21 11:52 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2012-02-03 09:27 - 2011-04-07 14:23 - 05118936 _____ (PC Tools) C:\Program Files\PC Tools Firewall Plus\FirewallPlugin.dll
2012-02-03 09:27 - 2011-04-07 14:23 - 03621336 _____ (PC Tools) C:\Program Files\PC Tools Firewall Plus\FirewallSDK.dll
2012-02-03 09:27 - 2011-04-07 14:23 - 00133080 _____ (PC Tools) C:\Program Files\Common Files\PC Tools\Comms\Comms.dll
2012-02-03 09:27 - 2011-04-07 14:23 - 00821208 _____ (PC Tools) C:\Program Files\PC Tools Firewall Plus\PPSupport.dll
2010-07-10 06:37 - 2013-06-21 14:02 - 02597856 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:2DAD076E
AlternateDataStreams: C:\ProgramData\TEMP:4CD3F344
AlternateDataStreams: C:\ProgramData\TEMP:587F3582
AlternateDataStreams: C:\ProgramData\TEMP:C31F31E6
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2 egér
Description: Microsoft PS/2 egér
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/24/2013 07:33:16 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/23/2013 03:20:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/23/2013 07:39:20 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/23/2013 07:28:47 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2013 02:37:30 PM) (Source: ESENT) (User: )
Description: Windows (3012) Windows: Adatbázis: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edbA(z) SystemIndex_0A tábla egyik indexe (System_ItemFolderPathDisplayNarrow40e) sérült (0).

Error: (09/22/2013 02:34:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2013 08:16:41 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2013 04:17:13 PM) (Source: Application Error) (User: )
Description: A hibát okozó alkalmazás: AC3MP.exe, verzió: 0.0.0.0, időbélyeg: 0x509d20c9, a hibát okozó modul: uplay_r1_loader.dll!UPLAY_ClearGameSession, verziószám: 6.0.6002.18881, időbélyeg: 0x51da3e27, kivételkód: 0xc0000139, hiba pozíciója: 0x00009f5d,
folyamatazonosító: 0x46c, az alkalmazás indításának időpontja: 0xAC3MP.exe0.

Error: (09/21/2013 01:43:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2013 10:01:41 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/22/2013 03:49:11 PM) (Source: bowser) (User: )
Description: A főtallózó az egyik gépről (ANDRÁS-PC) olyan kiszolgálói bejelentést kapott,
hogy ő a főtallózó a következő tartományra vagy átvitelre nézve: NetBT_Tcpip_{6A49D185-201E-4691-879E-01878F69.
A főtallózó leáll, vagy választást kezdeményez.

Error: (09/17/2013 05:52:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: 0x80070643Definition Update for Windows Defender - KB915597 (Definition 1.159.53.0){EAC7122F-BBF2-40BE-9F0D-5D56E8AB55D4}200

Error: (09/15/2013 07:06:10 PM) (Source: Service Control Manager) (User: )
Description: Ask Update Service1

Error: (09/14/2013 10:54:05 PM) (Source: Service Control Manager) (User: )
Description: Windows Search%%1053

Error: (09/14/2013 10:54:05 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Search

Error: (09/14/2013 10:50:06 PM) (Source: Service Control Manager) (User: )
Description: 1A szolgáltatás újraindításaWindows Search%%1056

Error: (09/14/2013 10:49:38 PM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (09/14/2013 10:49:38 PM) (Source: Service Control Manager) (User: )
Description: Windows Search%%1053

Error: (09/14/2013 10:49:38 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Search

Error: (09/14/2013 10:49:37 PM) (Source: Service Control Manager) (User: )
Description: Windows Search1300001A szolgáltatás újraindítása


Microsoft Office Sessions:
=========================
Error: (01/02/2013 05:48:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4719 seconds with 4080 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2013-01-25 00:26:48.197
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-25 00:26:48.060
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-25 00:26:47.898
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-25 00:26:47.772
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-25 00:26:47.645
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-25 00:26:47.518
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-25 00:26:47.391
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-25 00:26:47.263
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-25 00:26:47.101
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-25 00:26:46.976
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 60%
Total physical RAM: 1022.58 MB
Available physical RAM: 399.94 MB
Total Pagefile: 2303.48 MB
Available Pagefile: 1178.45 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:182.12 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: E913E925)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================


kedd szept. 24, 2013 8:18
Profil Privát üzenet küldése
arany tag

Csatlakozott: pén. feb. 26, 2010 8:35
Hozzászólások: 264
Hozzászólás Re: stell, help me
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-09-2013
Ran by user_11 (administrator) on INTENSA-11 on 24-09-2013 09:12:53
Running from C:\Users\user_11\Desktop
Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: 040E
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(PC Tools) C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(PC Tools) C:\Program Files\PC Tools Firewall Plus\FWService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Google Inc.) C:\Users\user_11\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [00PCTFW] - C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe [2672600 2011-04-07] (PC Tools)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1558480 2013-07-26] (APN)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU
URLSearchHook: SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://search.yahoo.com/search?fr=vmn&t ... a-ch-rp&q={searchTerms}
SearchScopes: HKCU - {383AEE39-492C-438C-8224-5ECD4A84FC77} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_HU&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^HU&apn_uid=45594931-c295-4f71-b1fb-173750c435c1&apn_sauid=EE13009E-3EF1-43BB-A285-9282BFDE85C5
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://search.yahoo.com/search?fr=vmn&t ... a-ch-rp&q={searchTerms}
BHO: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 27 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "https://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\user_11\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\user_11\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\user_11\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (registryAccess) - C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl\7.15.13.0_0\background/registryAccess.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\user_11\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\user_11\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\20.53263_0
CHR Extension: (Google Docs) - C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: (Google Search) - C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (uTorrentControl2) - C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.5.0.1_0
CHR Extension: (Gmail) - C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR StartMenuInternet: Google Chrome - C:\Users\user_11\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-04] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
R2 PCToolsFirewallPlus; C:\Program Files\PC Tools Firewall Plus\FWService.exe [286000 2011-01-24] (PC Tools)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-09-03] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 PCTAppEvent; C:\Windows\system32\drivers\PCTAppEvent.sys [160576 2011-03-02] (PC Tools)
R3 PCTFW-PacketFilter; C:\Windows\system32\drivers\pctNdis-PacketFilter.sys [89472 2011-01-12] (PC Tools)
R1 pctgntdi; C:\Windows\System32\drivers\pctgntdi.sys [251560 2011-01-17] (PC Tools)
S3 pctNdis; C:\Windows\System32\DRIVERS\pctNdis.sys [57536 2010-07-08] (PC Tools)
R3 pctNdisMP; C:\Windows\System32\DRIVERS\pctNdis.sys [57536 2010-07-08] (PC Tools)
R3 pctplfw; C:\Windows\System32\drivers\pctplfw.sys [125248 2011-01-17] (PC Tools)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-03] (Avira GmbH)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2012-03-26] (AnchorFree Inc)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-11] (LG Electronics Inc.)
S3 catchme; \??\C:\Users\user_11\AppData\Local\Temp\catchme.sys [x]
S3 cnnctfy2MP; system32\DRIVERS\cnnctfy2.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-24 09:12 - 2013-09-24 09:12 - 00000000 ____D C:\FRST
2013-09-24 09:11 - 2013-09-24 09:11 - 01088653 _____ (Farbar) C:\Users\user_11\Desktop\FRST.exe
2013-09-24 07:35 - 2013-09-24 07:35 - 98848089 _____ C:\Windows\system32\諉嫥ᰴŒ
2013-09-23 15:29 - 2013-09-23 15:29 - 00000000 ____D C:\Users\user_11\AppData\Local\Apple
2013-09-23 07:42 - 2013-09-24 08:07 - 00041467 _____ C:\Windows\WindowsUpdate.log
2013-09-15 16:42 - 2013-09-15 16:48 - 00000000 ____D C:\Program Files\Assassins Creed III
2013-09-15 16:42 - 2013-09-15 16:42 - 00001704 _____ C:\Users\Public\Desktop\Assassins Creed III.lnk
2013-09-15 16:42 - 2013-09-15 16:42 - 00001674 _____ C:\Users\Public\Desktop\Cat-A-Cat Games.lnk
2013-09-12 08:41 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 08:41 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 08:41 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 08:41 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 08:41 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-12 08:41 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 08:41 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-12 08:41 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 08:41 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 08:41 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-12 08:41 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-12 08:41 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 08:41 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 08:41 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 08:41 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-12 08:41 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 08:18 - 2013-08-08 03:45 - 02049536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 08:18 - 2013-07-16 06:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-09-06 23:12 - 2013-09-06 23:12 - 00000000 ____D C:\ProgramData\Avery
2013-09-03 07:38 - 2013-09-03 07:38 - 00000000 ____D C:\Users\user_11\AppData\Roaming\Avira
2013-09-03 07:36 - 2013-09-03 07:36 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-03 07:36 - 2013-09-03 07:36 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-03 07:34 - 2013-09-04 13:34 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-03 07:34 - 2013-09-04 13:34 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-03 07:34 - 2013-09-03 07:34 - 00000000 ____D C:\Program Files\Avira
2013-09-03 07:34 - 2013-09-03 07:33 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-03 07:34 - 2013-09-03 07:33 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-09-02 13:04 - 2013-09-02 13:10 - 00000000 ____D C:\Users\user_11\AppData\Local\toolbarcleaner
2013-09-02 13:04 - 2013-09-02 13:04 - 00000403 _____ C:\prefs.js
2013-09-02 09:25 - 2013-09-02 09:26 - 00000000 ___SD C:\32788R22FWJFW
2013-08-29 15:25 - 2013-08-29 15:25 - 00000000 ____D C:\Users\user_11\AppData\Roaming\VSRevoGroup
2013-08-28 07:44 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-27 13:13 - 2013-08-27 13:13 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-08-27 12:59 - 2013-08-27 12:59 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-08-27 12:59 - 2010-11-23 03:09 - 00447752 _____ (On2.com) C:\Windows\system32\vp6vfw.dll
2013-08-26 18:14 - 2013-08-28 08:06 - 00000000 ____D C:\Program Files\Maxis
2013-08-26 18:06 - 2009-02-24 18:42 - 00116736 _____ (MagicISO, Inc.) C:\Windows\system32\Drivers\mcdbus.sys
2013-08-26 17:58 - 2013-08-26 18:14 - 00000531 _____ C:\Windows\eReg.dat

==================== One Month Modified Files and Folders =======

2013-09-24 09:12 - 2013-09-24 09:12 - 00000000 ____D C:\FRST
2013-09-24 09:11 - 2013-09-24 09:11 - 01088653 _____ (Farbar) C:\Users\user_11\Desktop\FRST.exe
2013-09-24 09:10 - 2012-09-10 10:28 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-24 08:59 - 2010-12-07 13:36 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000UA.job
2013-09-24 08:58 - 2010-12-07 13:36 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000Core.job
2013-09-24 08:07 - 2013-09-23 07:42 - 00041467 _____ C:\Windows\WindowsUpdate.log
2013-09-24 07:35 - 2013-09-24 07:35 - 98848089 _____ C:\Windows\system32\諉嫥ᰴŒ
2013-09-24 07:31 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-24 07:31 - 2006-11-02 14:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-24 07:31 - 2006-11-02 14:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-23 22:06 - 2006-11-02 15:01 - 00032524 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-23 15:29 - 2013-09-23 15:29 - 00000000 ____D C:\Users\user_11\AppData\Local\Apple
2013-09-23 08:15 - 2011-05-09 12:10 - 00002052 _____ C:\Users\user_11\Desktop\Google Chrome.lnk
2013-09-19 20:10 - 2012-09-10 10:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-19 20:10 - 2011-11-10 09:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-18 13:44 - 2012-11-26 18:34 - 00000000 ____D C:\Users\user_11\Desktop\minta
2013-09-15 22:36 - 2012-10-31 09:37 - 00000000 ____D C:\Users\user_11\AppData\Roaming\uTorrent
2013-09-15 16:48 - 2013-09-15 16:42 - 00000000 ____D C:\Program Files\Assassins Creed III
2013-09-15 16:42 - 2013-09-15 16:42 - 00001704 _____ C:\Users\Public\Desktop\Assassins Creed III.lnk
2013-09-15 16:42 - 2013-09-15 16:42 - 00001674 _____ C:\Users\Public\Desktop\Cat-A-Cat Games.lnk
2013-09-14 22:43 - 2011-11-11 13:28 - 00000000 ____D C:\Windows\Minidump
2013-09-14 10:37 - 2010-12-06 14:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-12 08:46 - 2006-11-02 14:47 - 00382328 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 08:34 - 2006-11-02 12:24 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-09-08 22:03 - 2012-02-10 11:26 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-09-08 21:34 - 2013-07-04 13:33 - 00000000 ____D C:\Users\user_11\Desktop\Beosztás
2013-09-07 11:02 - 2010-12-03 16:27 - 00102784 _____ C:\Users\user_11\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-06 23:12 - 2013-09-06 23:12 - 00000000 ____D C:\ProgramData\Avery
2013-09-04 13:34 - 2013-09-03 07:34 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-04 13:34 - 2013-09-03 07:34 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-03 07:49 - 2011-07-13 13:09 - 00000000 ____D C:\Users\user_11\Desktop\vírus vizsgálók
2013-09-03 07:38 - 2013-09-03 07:38 - 00000000 ____D C:\Users\user_11\AppData\Roaming\Avira
2013-09-03 07:36 - 2013-09-03 07:36 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-03 07:36 - 2013-09-03 07:36 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-03 07:34 - 2013-09-03 07:34 - 00000000 ____D C:\Program Files\Avira
2013-09-03 07:34 - 2012-05-14 12:48 - 00000000 ____D C:\ProgramData\Avira
2013-09-03 07:33 - 2013-09-03 07:34 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-03 07:33 - 2013-09-03 07:34 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-09-02 19:42 - 2012-02-04 13:45 - 00000000 ____D C:\rsit
2013-09-02 19:41 - 2012-02-04 13:45 - 00000000 ____D C:\Program Files\trend micro
2013-09-02 13:10 - 2013-09-02 13:04 - 00000000 ____D C:\Users\user_11\AppData\Local\toolbarcleaner
2013-09-02 13:04 - 2013-09-02 13:04 - 00000403 _____ C:\prefs.js
2013-09-02 12:21 - 2012-02-03 08:43 - 00000000 ____D C:\Program Files\Defraggler
2013-09-02 09:26 - 2013-09-02 09:25 - 00000000 ___SD C:\32788R22FWJFW
2013-09-02 09:26 - 2012-02-04 21:13 - 00000000 ____D C:\Windows\ERDNT
2013-09-02 09:16 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2013-08-29 15:25 - 2013-08-29 15:25 - 00000000 ____D C:\Users\user_11\AppData\Roaming\VSRevoGroup
2013-08-29 14:57 - 2008-01-21 08:53 - 01567830 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-28 08:06 - 2013-08-26 18:14 - 00000000 ____D C:\Program Files\Maxis
2013-08-27 13:13 - 2013-08-27 13:13 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-08-27 12:59 - 2013-08-27 12:59 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-08-26 18:14 - 2013-08-26 17:58 - 00000531 _____ C:\Windows\eReg.dat
2013-08-26 15:31 - 2012-02-03 08:42 - 00000000 ____D C:\Program Files\CCleaner

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-24 07:48

==================== End Of Log ============================


kedd szept. 24, 2013 8:17
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
Szia .
Tedd idde az FRST naplojat.
http://www.bleepingcomputer.com/downloa ... scan-tool/
Tolds le az asztalra, futtasd, mint rencszergazda,bepipazni mindent.
Klikni - SCAN
FRST.txt a Addition.txt>>tedd idde.


kedd szept. 24, 2013 7:57
Profil Privát üzenet küldése Honlap
arany tag

Csatlakozott: pén. feb. 26, 2010 8:35
Hozzászólások: 264
Hozzászólás Re: stell, help me
Szia Stell!

Újra a segítségedet szeretném kérni. Nem tudom van e jelentősége,de
nem rég észre vettem,hogy a Windows\ System 32-be különös kínai írásjeleket tartalmazó fájlok
települnek,minden rendszerindításkor.Nem tudom melyik program hozza létre,de a vírusirtó semmit nem jelez,a vírustotal pedig azt írja,hogy a fájl használatban van zárjam be a programot. :roll:

Lehet,hogy nem vírus ,de nyugodtabb lennék ha ezt Te mondanád!
Előre is köszönöm!


kedd szept. 24, 2013 7:07
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
Na ez lehet akarmi, Nem kompatilibus MEMORIA,ELEM, BIOS, POR. VENTILATOR, ALAPLAP, satb,satb, Keres Valami HP --Forumot, sajnos ense tudhatok mindent.


kedd máj. 14, 2013 13:00
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: csüt. márc. 01, 2012 18:41
Hozzászólások: 24
Hozzászólás Re: stell, help me
Szia!
Leszedtem a Memtest86-ot. Mivel ez egy DOS-os program USB-röl bootolva elkezdte csinálni, majd 5 perc és a gép kikapcsolt szintúgy... most mi legyen szerinted?
Ha memória baja van, az windows-nál miért nem mutatkozik? Ott miért nem kapcsol ki a gép?


kedd máj. 14, 2013 12:16
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
UDV
Idézet:
El is kezdi olvasni a lemezt és a még a DOS ablakban megy alul a csík a windows file-ok másolása miatt, majd egész egyszerűen kikapcsol a gép

Ilyen virus nincsen, Csinaljal MEMTESZTET


kedd máj. 14, 2013 8:23
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: csüt. márc. 01, 2012 18:41
Hozzászólások: 24
Hozzászólás Re: stell, help me
Szia!

Van egy nagy problémám, és nekem gyanús, hogy nem hardveres, legalábbis nagyon remélem, és az is hogy tudsz nekem segíteni.
A problémám a következő:
Egy laptopom van (HP Pavilion DV6-1120EH)
Mostanában **** a Winfos rajta. Sokat tétovázik, lassú, akad, megfagy az internet stb... semmi komoly csak a szokásos kis bosszantó apróságok. Gondoltam legyalulom és rányomok egy friss rendszert, ez általában meg szokta gyógyitani. Ez a mostani, már elég régóta rajta van, és tele van minden ****... Szóval a lényeg megprobáltam újra telepíteni. Ezt én minidg BIOS-ból inditva, a bootot CD-indításra teszem, és törlöm a régi rendszert, formázok és telepítek. A gondom az hogy el sem jutok idáig!
A BIOS-ba belépek, ott kiválasztom, hogy lemezről bootoljon, ez ok. El is kezdi olvasni a lemezt és a még a DOS ablakban megy alul a csík a windows file-ok másolása miatt, majd egész egyszerűen kikapcsol a gép (értsd ezt úgy, hogy a DVD, még szinte pörög!) tehát valamiért olyan a fázis mindha kirántanám a hálozatból akksi nélkül. Agyon probálgattam... DVD nélkül is! Ha csak a BIOS-ban kotvatok sokáig egyszer csak megunja és kikapcsol. Tehát nem hiszem hogy a lemez a ludas. Először nyomtam egy defaultot, de nem használt. A legujjabb BIOS volt rajta. Most vissza raktam egy régebbit, hátha azzal menni fog, de nem. Annyi lett, hogy később kapcsol ki, de kikapcsol. Nem tudom mihez kötni ezt a kikapcsolást, hogy miért csinálja... Ha engedem hogy feláljon rajta a Windows, annak nincs ilyen baja. Ott még nem kapcsolt ki soha! Ezért is gondolom nem hardver hiba. Bár minden megeshet... Arra gondoltam lehet ez egy fajta vírus? Tudsz segíteni?


hétf. máj. 13, 2013 10:52
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
Udv.
Ugy van ahogy a Laci cimbora irja, az a vices oldal, nem vices, de mar nem letezik, ezert irja eztet, ami a masik oldalt ileti, nekem kise nyissa azt az oldalt, ha neked bajokat csinal, akkor minek megy arra az oldalra??

Idézet:
A HDD-n megszüntettem minden particiót, de akkor is a WinXpProf telepítése vacakol (a fent leírt módon)


Ha uj particiokat raksz es uj telepitest, akkor nem kene semmi bajnak lennie, ha csak nem fertozot a lementet adatok, programok, kepek, es ha vissza rakod oket akkor ujra megfertosod a gepet, ezt csak az Fileinfectorok tudjak, Virut, Jefo, atd


hétf. jan. 07, 2013 11:15
Profil Privát üzenet küldése Honlap
arany tag
Avatar

Csatlakozott: pén. ápr. 18, 2008 21:47
Hozzászólások: 274
Tartózkodási hely: Padlásszoba kicsi számítógépasztala
Hozzászólás Re: stell, help me
Akkor is bosszantó az ilyen "Vicces" oldal.
Azért remélem még Stell gépközelben és a többi kérdésemre tud válaszolni.
VadGyermek


szomb. dec. 29, 2012 16:33
Profil Privát üzenet küldése Honlap
a fórum lelke
Avatar

Csatlakozott: szer. márc. 24, 2004 13:43
Hozzászólások: 11960
Tartózkodási hely: Budapest, Solymár
Hozzászólás Re: stell, help me
VadGyermek írta:
... Rá klikkeltem erre az általad megadott linkre, de valami vírusos oldal jött be:
http://squito-web.com/stell/forum/index.php ...

Nem vírusos az, hanem Squito (egy Fórumtag) weboldala. Amit nem tart karban, és mellesleg van egy ilyen elágazása. Csak ennyi. :)


szomb. dec. 29, 2012 16:13
Profil Privát üzenet küldése
arany tag
Avatar

Csatlakozott: pén. ápr. 18, 2008 21:47
Hozzászólások: 274
Tartózkodási hely: Padlásszoba kicsi számítógépasztala
Hozzászólás Re: stell, help me
Szia Stell!
Rá klikkeltem erre az általad megadott linkre, de valami vírusos oldal jött be:
http://squito-web.com/stell/forum/index.php
Ha esetleg itt is megtalálható vagy, akkor kérlek segíts a következő problémán:
A www.mehano.si oldalon valami nagyon furcsa vírus van. Egyik víruskereső sem találja meg a vírust. Ha rámész az oldalra, akkor először szépen behozza az oldalt. Ezek után az összes intenet böngésző leblokkol. Ha újra feltelepíted a winXp prof sp2 lemezről az operációs rendszert, akkor a telepítésnél kihagyja a hálózat telepítésnél az előreugró ablakot. Ha feltelepült a WinXp és naprakészen van a frissítés, akkor sem működnek az internet böngészők. A Combofix sem talált semmit. A HDD-n megszüntettem minden particiót, de akkor is a WinXpProf telepítése vacakol (a fent leírt módon). De ennek ellenére működnek az internet böngészők. Most a Kaspersky Internet Security próba változata van fent. A Panda IS 2013-mal kaptam be a vírust. Szerintem nagyon megfertőződött a HDD. Kérlek segíts!
Köszönettel: VadGyermek!


szomb. dec. 29, 2012 15:30
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: csüt. szept. 20, 2012 8:55
Hozzászólások: 14
Hozzászólás Re: stell, help me
Köszi :)


pén. szept. 21, 2012 11:57
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: szer. márc. 24, 2004 13:43
Hozzászólások: 11960
Tartózkodási hely: Budapest, Solymár
Hozzászólás Re: stell, help me
vollmoon írta:
Rendszerleíró?

Az bizony. :)

Még mindig jobb (nyilván nem fért az ikonba az egész név), mint amit írtál: register (az egészen mást jelent).
A hivatalos neve magyarul: Rendszerleíró adatbázis, angolul: Registry (röviden).

Megnézheted: Futtatás > regedit. Ott van az ablak tetején.

De nagyon óvatosan bánj vele, mert egy hibás szerkesztéssel, törléssel haza lehet vele vágni a gépet. Telepítheted újra.


csüt. szept. 20, 2012 19:31
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: csüt. szept. 20, 2012 8:55
Hozzászólások: 14
Hozzászólás Re: stell, help me
Rendszerleíró?


csüt. szept. 20, 2012 18:49
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: szer. márc. 24, 2004 13:43
Hozzászólások: 11960
Tartózkodási hely: Budapest, Solymár
Hozzászólás Re: stell, help me
vollmoon írta:
Köszönöm, CCleaner futtatva (bár registerre vonatkozó dolgot nem találtam benne) ...

Pedig van: a bal oldali ikonsoron felülről a második. :shock:


csüt. szept. 20, 2012 16:26
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
Nincsen mitt.
udv


csüt. szept. 20, 2012 15:24
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: csüt. szept. 20, 2012 8:55
Hozzászólások: 14
Hozzászólás Re: stell, help me
Ok, Köszönöm az időt és a fáradtságot :)


csüt. szept. 20, 2012 15:22
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
Igen a combofix mappat torolheted, es az Malwarebytes programmal csinalj teljes vizsgalatot.

Felesleges fajlok eltakaritast mart csinaltunk, az OTL programmal, a temp mappakat toroltuk, es a tobbit csak a CCleaneral kell, mas semmi programot nehasznalj.
udv


csüt. szept. 20, 2012 15:19
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: csüt. szept. 20, 2012 8:55
Hozzászólások: 14
Hozzászólás Re: stell, help me
Szia, malewarrel gyors keresést végeztem, az eredmény:

Malwarebytes Anti-Malware (Próba) 1.65.0.1400
www.malwarebytes.org

Adatbázis verzió: v2012.09.20.06

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
Anyu :: K-0CA84B23E3914 [rendszergazda]

Védelem: Engedélyezve

2012.09.20. 15:54:13
mbam-log-2012-09-20 (15-54-13).txt

Vizsgálat típusa: Gyorsvizsgálat
Engedélyezett vizsgálati beállítások: Memória | Indítópult | Rendszerleíró | Rendszerfájlok | Heurisztikus/Extra | Heurisztikus/Shuriken | PUP | PUM
Letiltott vizsgálati beállítások: P2P
Átvizsgált objektumok: 266011
Eltelt idő: 5 perc, 7 másodperc

Fertőzött memóriafolyamatok: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött memória modulok: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró kulcsok: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró értékek: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró adatelemek: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött mappák: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött fájlok: 1
C:\Documents and Settings\Anyu_2\Application Data\avdrn.dat (Malware.Trace) -> A karanténba helyezés, és a törlés sikerült.

(befejezés)


Olyan kérdésem lenne még, hogy, amit léterhozott mappát a Combofix a C-n azt törölhetem-e? És esetleg tudnál e egy jó, felesleges fájlokat eltakarító programot?


csüt. szept. 20, 2012 15:02
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
Ez a legjobb ami jelenleg van,tudd magyarul is csak a telepitesnel alisd be a magyar nyelvet.
Csinalj egy teljes vizsgalatot az Malwarebytes programmal, megis hagyhattod es itt ott lefutattni, akkor majd magatol keri a frissitest is,
Itt a szlovak blogomban van az Utasitas, ha talal valamit torolni es ide tehetedd a naplojat is, vagy ird meg ha talal valamit.
http://www.viruskasino.com/2011/03/navo ... bytes.html

Nincsen mit.


csüt. szept. 20, 2012 14:44
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: csüt. szept. 20, 2012 8:55
Hozzászólások: 14
Hozzászólás Re: stell, help me
Köszönöm, CCleaner futtatva (bár registerre vonatkozó dolgot nem találtam benne), a pendriveról lejött a top_secret.vbe.
Tudnál ajánlani esetleg egy ingyenes anti malewaret és spywaret?
Még egyszer köszönöm :)


csüt. szept. 20, 2012 14:39
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
Ok, en szerintem renben van, meg kikell tisztitani az CCLEANER programmal a registert is,
Nincsen tuzfalad,
Ha minden ok akkor ez minden.


csüt. szept. 20, 2012 14:06
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: csüt. szept. 20, 2012 8:55
Hozzászólások: 14
Hozzászólás Re: stell, help me
Log fájl tartalma:

All processes killed
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP konfiguráció
A DNS-feloldási gyorsítótár kiürítése sikeresen megtörtént.
D:\Marcsi\cmd.bat deleted successfully.
D:\Marcsi\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Anyu
->Temp folder emptied: 617178 bytes
->Temporary Internet Files folder emptied: 9346799 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 74266773 bytes
->Flash cache emptied: 23531 bytes

User: Anyu_2
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 12682447 bytes
->Java cache emptied: 79125884 bytes
->FireFox cache emptied: 655435143 bytes
->Flash cache emptied: 320905 bytes

User: Apu
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 92101207 bytes
->Flash cache emptied: 20739 bytes

User: Bea
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 4418245 bytes
->Java cache emptied: 52246977 bytes
->FireFox cache emptied: 644766569 bytes
->Flash cache emptied: 128129 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Rendszergazda
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114058 bytes
%systemroot%\System32 .tmp files removed: 2855 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32768 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 452 bytes

Total Files Cleaned = 1 552,00 mb


OTL by OldTimer - Version 3.2.64.0 log created on 09202012_144407

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


csüt. szept. 20, 2012 13:55
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
ok, ez renben van kitorolt mindent amitt kellet,

:arrow: 1:most telepitsd le a combofixet.
Tolds le ezt a kis programot es futtasd le, ez letelepitje a combofixet
http://download.bleepingcomputer.com/sUBs/CF_UNINST.EXE

:arrow:
Tolds le az asztalra az OTL.exe programot, <<futtasd, pipazd be ALL USERS,
Az ablakjaba masold be a zold textet, amit ide teszet, es ra klikelsz az RunFix gombra, he keri a restartot akkor restart, aztan a nalojat tedd ide.
http://oldtimer.geekstogo.com/OTL.exe

Kód:
:Files
ipconfig /flushdns /c
:Commands
[clearallrestorepoints]
[resethosts]
[emptytemp]


csüt. szept. 20, 2012 13:40
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: csüt. szept. 20, 2012 8:55
Hozzászólások: 14
Hozzászólás Re: stell, help me
Mielőtt létrejött volna teljesen a log fájl, megint újraindult.

Ennyi van a log fájlból:
ComboFix 12-09-18.07 - Rendszergazda 012.09.20. 14:14:18.3.2 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.2.1250.36.1038.18.1022.821 [GMT 2:00]
Running from: D:\Marcsi\ComboFix.exe
Command switches used :: C:\Documents and Settings\Rendszergazda\Asztal\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\system32\mm.vbe"


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


c:\windows\system32\mm.vbe


((((((((((((((((((((((((( Files Created from 2012-08-20 to 2012-09-20 )))))))))))))))))))))))))))))))


2012-09-20 11:25:10 . 2012-09-20 11:25:11 -------- d-----w- C:\Documents and Settings\Rendszergazda
2012-09-20 07:42:17 . 2012-09-20 10:09:04 -------- d-----w- C:\Program Files\trend micro
2012-09-20 07:42:12 . 2012-09-20 07:42:44 -------- d-----w- C:\rsit
2012-09-12 18:42:46 . 2012-09-12 19:32:18 -------- d-----w- C:\Program Files\YourFileDownloader
2012-09-12 18:42:46 . 2012-09-12 18:42:46 -------- d-----w- C:\Documents and Settings\Anyu\Application Data\YourFileDownloader
2012-09-04 19:11:10 . 2012-09-04 19:11:10 -------- d-----w- C:\Documents and Settings\Anyu_2\Local Settings\Application Data\Temp
2012-08-25 09:10:33 . 2012-08-25 09:10:33 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
.


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-09-20 12:23:13 . 2009-06-18 12:31:45 16608 ----a-w- C:\WINDOWS\gdrv.sys
2012-09-03 06:57:08 . 2012-05-20 05:53:55 696520 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-09-03 06:57:08 . 2011-05-22 07:15:58 73416 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2012-07-05 20:07:08 . 2012-04-09 10:33:11 143872 ----a-w- C:\WINDOWS\system32\javacpl.cpl
2012-07-05 20:06:30 . 2012-08-17 07:46:43 772544 ----a-w- C:\WINDOWS\system32\npDeployJava1.dll
2012-07-05 20:06:20 . 2012-04-09 10:33:11 687544 ----a-w- C:\WINDOWS\system32\deployJava1.dll
2012-07-03 12:42:25 . 2004-07-17 09:36:38 12400 ----a-w- C:\WINDOWS\system32\drivers\secdrv.sys
2009-05-01 21:02:48 . 2012-09-08 18:01:43 1044480 ----a-w- C:\Program Files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02:48 . 2012-09-08 18:01:45 200704 ----a-w- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
2012-09-08 18:01:54 . 2012-09-08 18:01:39 266720 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll


((((((((((((((((((((((((((((( SnapShot@2012-09-20_11.36.48 )))))))))))))))))))))))))))))))))))))))))

+ 2012-09-20 12:23:15 . 2012-09-20 12:23:15 16384 C:\WINDOWS\temp\Perflib_Perfdata_5c8.dat
+ 2012-09-20 12:23:57 . 2012-09-20 12:23:57 16384 C:\WINDOWS\temp\Perflib_Perfdata_524.dat

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01:17 122512 ----a-w- C:\Program Files\Alwil Software\Avast5\ashShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 13:35:10 202024]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2009-04-23 13:51:38 691656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-02-13 06:31:34 16857600]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-10-07 05:33:00 13574144]
"nwiz"="nwiz.exe" [2008-10-07 05:33:00 1630208]
"UIExec"="C:\Program Files\T-Mobile Internet Manager\UIExec.exe" [2009-03-31 14:13:56 132608]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 14:47:52 15360]

C:\Documents and Settings\Anyu\Start Menu\Programs\Indítópult\
Total Commander.lnk - C:\totalcmd\TOTALCMD.EXE [2009-6-18 1080264]
µTorrent.lnk - C:\Program Files\uTorrent\uTorrent.exe [2009-6-19 1022352]

C:\Documents and Settings\Anyu\Start Menu\Programs\Indítópult\
Total Commander.lnk - C:\totalcmd\TOTALCMD.EXE [2009-6-18 1080264]
µTorrent.lnk - C:\Program Files\uTorrent\uTorrent.exe [2009-6-19 1022352]

C:\Documents and Settings\Anyu\Start Menu\Programs\Indítópult\
Total Commander.lnk - C:\totalcmd\TOTALCMD.EXE [2009-6-18 1080264]
µTorrent.lnk - C:\Program Files\uTorrent\uTorrent.exe [2009-6-19 1022352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX100 Series]
2008-02-05 15:00:00 188928 ----a-w- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIEDE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Documents and Settings\\Bea\\Local Settings\\Application Data\\Skype\\Phone\\Skype.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=

R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [2009.06.18. 17:54:57 721904]
R1 aswSnx;aswSnx;C:\WINDOWS\system32\drivers\aswSnx.sys [2011.06.04. 14:11:56 435032]
R1 aswSP;aswSP;C:\WINDOWS\system32\drivers\aswSP.sys [2009.06.18. 14:57:52 314456]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [2009.06.18. 14:57:52 20568]
R2 ES lite Service;ES lite Service for program management.;C:\Program Files\Gigabyte\EasySaver\essvr.exe [2009.06.18. 14:32:53 80392]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [2011.06.23. 18:27:55 238952]
R2 UI Assistant Service;UI Assistant Service;C:\Program Files\T-Mobile Internet Manager\AssistantServices.exe [2011.05.30. 21:22:39 241664]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [2011.06.23. 18:27:55 36608]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012.05.20. 7:53:55 250568]
S3 FlashUSB;FlashUSB;C:\WINDOWS\system32\drivers\FlashUsb.sys [2010.02.27. 19:03:46 16896]
S3 massfilter;ZTE Mass Storage Filter Driver;C:\WINDOWS\system32\drivers\massfilter.sys [2011.05.30. 21:22:54 7680]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012.05.21. 21:29:08 114144]
S3 pccsmcfd;PCCS Mode Change Filter Driver;C:\WINDOWS\system32\drivers\pccsmcfd.sys [2010.11.07. 16:38:27 18816]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\E:\NTGLM7X.sys --> E:\NTGLM7X.sys [?]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\WINDOWS\system32\drivers\ss_bbus.sys [2011.06.30. 19:53:56 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\WINDOWS\system32\drivers\ss_bmdfl.sys [2011.06.30. 19:53:56 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\WINDOWS\system32\drivers\ss_bmdm.sys [2011.06.30. 19:53:56 121856]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - FSUSBEXDISK
*Deregistered* - BMLoad

Contents of the 'Scheduled Tasks' folder

2012-09-20 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-20 05:53:55 . 2012-09-03 06:57:08]


------- Supplementary Scan -------

uStart Page = hxxp://www.google.hu/
IE: E&xportálás Microsoft Excel formátumba - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Bea\Start Menu\Programs\IMVU\Run IMVU.lnk
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - C:\Documents and Settings\Anyu\Application Data\Mozilla\Firefox\Profiles\h91b6awq.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://hu.start3.mozilla.com/firefox?cl ... u:official


**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-20 14:23:59
Windows 5.1.2600 Szervizcsomag 2 NTFS

scanning hidden processes ...

A kérdésem az, hogy futtassam e újra a Combofixet és ha igen a script nélkül, vagy azzal?
Köszi és bocsi


csüt. szept. 20, 2012 13:31
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
Script készítés:
Kinyitunk - Notepadot (Jegyzetfüzetet)igy: Start>futtatás>beírod: notepad
és bemásolod- a Kód: címszó alatt található zöld textet(Kód: szó nélkül), aztán a notepadba beillesztett textet elmentjük scriptnek az asztalra , úgy:- Fájl>Mentés Másként>Fájlnév>CFScript.txt>Fájl típusa>Minden fájl>Mentés.(Ásztálra),.Kész, az astalon lévő CFScript txt húzzunk rá a ComboFix ikonnyara. Es mostan megcsinalod eztett:
Kép
A combofix maga elindul es lehet hogy restartol es befejezi a scent.A naplojat tedd ide.

Kód:
KILLALL::
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"=-
"NvMediaCenter"=-
"NeroFilterCheck"=-
"NBKeyScan"=-
"ISUSPM Startup"=-
"ISUSScheduler"=-
"TkBellExe"=-
"mm.vbe"=-
"SunJavaUpdateSched"=-
"Adobe ARM"=-
File::
c:\windows\system32\mm.vbe
DDS::
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Bea\Start Menu\Programs\IMVU\Run IMVU.lnk
ClearJavaCache::


csüt. szept. 20, 2012 12:59
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: csüt. szept. 20, 2012 8:55
Hozzászólások: 14
Hozzászólás Re: stell, help me
Szia most lefutott, gond nélkül, felül az eredmény.


csüt. szept. 20, 2012 12:43
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: csüt. szept. 20, 2012 8:55
Hozzászólások: 14
Hozzászólás Re: stell, help me
ComboFix 12-09-18.07 - Rendszergazda 012.09.20. 13:32:40.2.2 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.2.1250.36.1038.18.1022.797 [GMT 2:00]
Running from: d:\marcsi\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Anyu\Application Data\Toolbar4
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\paypal.url
c:\windows\system32\SET64.tmp
c:\windows\system32\SET69.tmp
c:\windows\system32\SET70.tmp
c:\windows\system32\SET79.tmp
c:\windows\system32\SET7A.tmp
c:\windows\system32\SET7B.tmp
c:\windows\system32\SET7E.tmp
c:\windows\system32\winx.url
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Files Created from 2012-08-20 to 2012-09-20 )))))))))))))))))))))))))))))))
.
.
2012-09-20 11:25 . 2012-09-20 11:25 -------- d-----w- c:\documents and settings\Rendszergazda
2012-09-20 07:42 . 2012-09-20 10:09 -------- d-----w- c:\program files\trend micro
2012-09-20 07:42 . 2012-09-20 07:42 -------- d-----w- C:\rsit
2012-09-12 18:42 . 2012-09-12 19:32 -------- d-----w- c:\program files\YourFileDownloader
2012-09-12 18:42 . 2012-09-12 18:42 -------- d-----w- c:\documents and settings\Anyu\Application Data\YourFileDownloader
2012-09-04 19:11 . 2012-09-04 19:11 -------- d-----w- c:\documents and settings\Anyu_2\Local Settings\Application Data\Temp
2012-08-25 09:10 . 2012-08-25 09:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Playrix Entertainment
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-20 10:55 . 2009-06-18 12:31 16608 ----a-w- c:\windows\gdrv.sys
2012-09-03 06:57 . 2012-05-20 05:53 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-03 06:57 . 2011-05-22 07:15 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-15 11:02 . 2012-07-25 14:07 4431 ----a-w- c:\windows\system32\mm.vbe
2012-07-05 20:07 . 2012-04-09 10:33 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-07-05 20:06 . 2012-08-17 07:46 772544 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-05 20:06 . 2012-04-09 10:33 687544 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-03 12:42 . 2004-07-17 09:36 12400 ----a-w- c:\windows\system32\drivers\secdrv.sys
2009-05-01 21:02 . 2012-09-08 18:01 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2012-09-08 18:01 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2012-09-08 18:01 . 2012-09-08 18:01 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="m‘|\ü" [X]
"RTHDCPL"="RTHDCPL.EXE" [2008-02-13 16857600]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"nwiz"="nwiz.exe" [2008-10-07 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-08-01 180269]
"UIExec"="c:\program files\T-Mobile Internet Manager\UIExec.exe" [2009-03-31 132608]
"mm.vbe"="c:\windows\system32\mm.vbe" [2012-07-15 4431]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\Anyu\Start Menu\Programs\Indítópult\
Total Commander.lnk - c:\totalcmd\TOTALCMD.EXE [2009-6-18 1080264]
µTorrent.lnk - c:\program files\uTorrent\uTorrent.exe [2009-6-19 1022352]
.
c:\documents and settings\Anyu\Start Menu\Programs\Indítópult\
Total Commander.lnk - c:\totalcmd\TOTALCMD.EXE [2009-6-18 1080264]
µTorrent.lnk - c:\program files\uTorrent\uTorrent.exe [2009-6-19 1022352]
.
c:\documents and settings\Anyu\Start Menu\Programs\Indítópult\
Total Commander.lnk - c:\totalcmd\TOTALCMD.EXE [2009-6-18 1080264]
µTorrent.lnk - c:\program files\uTorrent\uTorrent.exe [2009-6-19 1022352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX100 Series]
2008-02-05 15:00 188928 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIEDE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Documents and Settings\\Bea\\Local Settings\\Application Data\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009.06.18. 17:54 721904]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011.06.04. 14:11 435032]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009.06.18. 14:57 314456]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009.06.18. 14:57 20568]
S2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\essvr.exe [2009.06.18. 14:32 80392]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2011.06.23. 18:27 238952]
S2 UI Assistant Service;UI Assistant Service;c:\program files\T-Mobile Internet Manager\AssistantServices.exe [2011.05.30. 21:22 241664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012.05.20. 7:53 250568]
S3 FlashUSB;FlashUSB;c:\windows\system32\drivers\FlashUsb.sys [2010.02.27. 19:03 16896]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011.06.23. 18:27 36608]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2011.05.30. 21:22 7680]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012.05.21. 21:29 114144]
S3 pccsmcfd;PCCS Mode Change Filter Driver;c:\windows\system32\drivers\pccsmcfd.sys [2010.11.07. 16:38 18816]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2011.06.30. 19:53 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2011.06.30. 19:53 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2011.06.30. 19:53 121856]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - BMLoad
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-20 06:57]
.
.
------- Supplementary Scan -------
.
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Bea\Start Menu\Programs\IMVU\Run IMVU.lnk
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\documents and settings\Anyu\Application Data\Mozilla\Firefox\Profiles\h91b6awq.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://hu.start3.mozilla.com/firefox?cl ... u:official
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-NPSStartup - (no file)
HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil10q_Plugin.exe
AddRemove-BDE - c:\program files\none\BDE\DeIsL1.isu
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-20 13:36
Windows 5.1.2600 Szervizcsomag 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2012-09-20 13:38:02
ComboFix-quarantined-files.txt 2012-09-20 11:38
.
Pre-Run: 16 540 856 320 bájt szabad
Post-Run: 16 486 285 312 bájt szabad
.
- - End Of File - - 96CC7B185F31D713AED2DF4E40A229DD


csüt. szept. 20, 2012 12:41
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: stell, help me
Ha csak enyi az egesz, akkor epen hogy csinalni akarta anaplot, es nem fejezte be, tehat ujbol, mert nekem ez a naplo kell, latnom kell...
D:\Marcsi\ComboFix.exe>>Az asztalra tedd az combofix ikojat,,
Menj le az csokkentet modba a halozattal>>futtasd ujbol a combofixet, az asztalon kell hogy legyen az ikonja>>>mikker lefutt akkor varnod kell meg megcsinalja a naplot, es az a naplo,,combofix.txt>>>>majd automatikusan kinyilik, es ennek a tartalmat masold ide,


csüt. szept. 20, 2012 12:22
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: csüt. szept. 20, 2012 8:55
Hozzászólások: 14
Hozzászólás Re: stell, help me
Viszont találtam egy ilyen nevű fájlt a ComboFix mappában.
Annak a tartalma:

ComboFix 12-09-18.07 - Anyu 012.09.20. 12:46:35.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1250.36.1038.18.1022.424 [GMT 2:00]
Running from: D:\Marcsi\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Created a new restore point

ADS - WINDOWS: deleted 0 bytes in 1 streams.


csüt. szept. 20, 2012 12:20
Profil Privát üzenet küldése
Hozzászólások megjelenítése:  Rendezés  
Hozzászólás a témához   [ 1923 hozzászólás ]  Oldal Előző  1, 2, 3, 4, 5, 6, 7 ... 39  Következő

Ki van itt

Jelenlévő fórumozók: nincs regisztrált felhasználó valamint 4 vendég


Nem nyithatsz témákat ebben a fórumban.
Nem válaszolhatsz egy témára ebben a fórumban.
Nem szerkesztheted a hozzászólásaidat ebben a fórumban.
Nem törölheted a hozzászólásaidat ebben a fórumban.

Keresés:
Ugrás:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by ST Software for PTF.
Magyar fordítás © Magyar phpBB Közösség