Megválaszolatlan hozzászólások | Aktív témák Pontos idő: csüt. márc. 28, 2024 10:22



Hozzászólás a témához  [ 774 hozzászólás ]  Oldal Előző  1 ... 11, 12, 13, 14, 15, 16  Következő
STELL Segit 
Szerző Üzenet
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
http://www.virus-stell.com/2010/08/root ... -tdl3.html
Futtasd le, a TDSSkillert a logjat tedd ide


kedd dec. 28, 2010 16:54
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. dec. 25, 2010 16:35
Hozzászólások: 27
Hozzászólás Re: STELL Segit
kékhalál nincs de leállitás kép bejön 5percig tölt és a gép kékkép gyorsan bevillan utána ujra indul.


hétf. dec. 27, 2010 22:55
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
Na mi a helyzet a gépel???


hétf. dec. 27, 2010 19:07
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. dec. 25, 2010 16:35
Hozzászólások: 27
Hozzászólás Re: STELL Segit
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ deleted successfully.
C:\Program Files\Winamp Toolbar\winamptb.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Users\BRUNO\AppData\Roaming\IObit\Advanced SystemCare\Backup\Registry folder moved successfully.
C:\Users\BRUNO\AppData\Roaming\IObit\Advanced SystemCare\Backup folder moved successfully.
C:\Users\BRUNO\AppData\Roaming\IObit\Advanced SystemCare folder moved successfully.
C:\Users\BRUNO\AppData\Roaming\IObit folder moved successfully.
C:\Windows\System32\dataclens.dll moved successfully.
ADS C:\ProgramData\TEMP:B6418BC9 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe deleted successfully.
========== FILES ==========
C:\Program Files\FlashGet Network\FlashGet 3\skin\international\default\sound folder moved successfully.
C:\Program Files\FlashGet Network\FlashGet 3\skin\international\default\image folder moved successfully.
C:\Program Files\FlashGet Network\FlashGet 3\skin\international\default folder moved successfully.
C:\Program Files\FlashGet Network\FlashGet 3\skin\international folder moved successfully.
C:\Program Files\FlashGet Network\FlashGet 3\skin folder moved successfully.
C:\Program Files\FlashGet Network\FlashGet 3\FGResDetector_I\lang folder moved successfully.
C:\Program Files\FlashGet Network\FlashGet 3\FGResDetector_I\image folder moved successfully.
C:\Program Files\FlashGet Network\FlashGet 3\FGResDetector_I\data\tmp folder moved successfully.
C:\Program Files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images folder moved successfully.
C:\Program Files\FlashGet Network\FlashGet 3\FGResDetector_I\data folder moved successfully.
C:\Program Files\FlashGet Network\FlashGet 3\FGResDetector_I folder moved successfully.
C:\Program Files\FlashGet Network\FlashGet 3\dat folder moved successfully.
C:\Program Files\FlashGet Network\FlashGet 3\config folder moved successfully.
C:\Program Files\FlashGet Network\FlashGet 3 folder moved successfully.
C:\Program Files\FlashGet Network folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: BRUNO
->Temp folder emptied: 42947214 bytes
->Temporary Internet Files folder emptied: 670536 bytes
->Java cache emptied: 3941887 bytes
->FireFox cache emptied: 51044890 bytes
->Google Chrome cache emptied: 214702789 bytes
->Flash cache emptied: 3393 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Mcx2-BRUNO-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Mcx3-BRUNO-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 26847918 bytes

Total Files Cleaned = 324,00 mb



[EMPTYFLASH]

User: All Users

User: BRUNO
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Mcx2-BRUNO-PC

User: Mcx3-BRUNO-PC

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.18.0 log created on 12272010_181350

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


hétf. dec. 27, 2010 18:23
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
Futtasd az OTL=programot, az ablakjaba masold be a zld textet es , most klik RUNFIX
a logot a restart utan tedd ide
Kód:
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\BRUNO\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll File not found
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
[2010.12.24 18:49:20 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\AppData\Roaming\IObit
[2010.12.07 01:32:31 | 000,054,784 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\System32\dataclens.dll
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:B6418BC9
:reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" =-
:files
C:\Program Files\FlashGet Network
:Commands
[resethosts]
[emptytemp]
[clearallrestorepoints]
[start explorer]
[EMPTYFLASH]
[Reboot]


hétf. dec. 27, 2010 9:36
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. dec. 25, 2010 16:35
Hozzászólások: 27
Hozzászólás Re: STELL Segit
3.-dik részlet OTL-böl
========== LOP Check ==========

[2010.11.03 21:33:16 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\BitDefender
[2010.11.20 00:40:45 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\BITS
[2010.10.07 19:24:21 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\BSplayer
[2010.10.07 19:10:26 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\BSplayer Pro
[2010.07.19 15:26:11 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\DAEMON Tools Lite
[2010.08.17 16:25:36 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Datel
[2010.09.19 01:22:16 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.07.22 14:21:59 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\FlashGet
[2010.08.17 17:38:06 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\GameTuts
[2010.10.05 17:32:17 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\ImgBurn
[2010.12.24 18:49:20 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\IObit
[2010.11.21 14:17:49 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\New Technology Studio
[2010.11.14 02:20:26 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Sinvise Systems
[2010.10.20 19:49:24 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\SystemRequirementsLab
[2010.10.27 21:12:31 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Tunngle
[2006.01.01 00:12:57 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\uTorrent
[2010.12.20 06:17:31 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"msnmsgr" = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background -- [2010.04.16 21:11:38 | 003,872,080 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >
[2010.10.15 22:50:16 | 000,095,232 | ---- | M] (MuOnline.HU Team) -- C:\MuOnline.HU.exe
[2010.11.19 13:32:36 | 000,467,702 | ---- | M] () -- C:\Uninstal.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.08.19 11:34:12 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Adobe
[2010.12.19 17:15:14 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Apple Computer
[2010.11.03 21:33:16 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\BitDefender
[2010.11.20 00:40:45 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\BITS
[2010.10.07 19:24:21 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\BSplayer
[2010.10.07 19:10:26 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\BSplayer Pro
[2010.07.19 15:26:11 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\DAEMON Tools Lite
[2010.08.17 16:25:36 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Datel
[2010.11.03 19:49:21 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\DivX
[2010.09.19 01:22:16 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.07.22 14:21:59 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\FlashGet
[2010.08.17 17:38:06 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\GameTuts
[2010.07.19 14:34:09 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Identities
[2010.10.05 17:32:17 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\ImgBurn
[2010.10.23 09:57:51 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\InstallShield
[2010.12.24 18:49:20 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\IObit
[2010.07.19 15:46:12 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Macromedia
[2010.12.23 21:58:30 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Malwarebytes
[2009.07.14 09:38:50 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Media Center Programs
[2010.12.11 01:01:18 | 000,000,000 | --SD | M] -- C:\Users\BRUNO\AppData\Roaming\Microsoft
[2010.08.11 12:20:35 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Mozilla
[2010.11.21 14:17:49 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\New Technology Studio
[2010.09.16 15:42:09 | 000,000,000 | RH-D | M] -- C:\Users\BRUNO\AppData\Roaming\SecuROM
[2010.11.14 02:20:26 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Sinvise Systems
[2010.12.24 18:28:30 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Skype
[2010.12.24 17:46:29 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\skypePM
[2010.10.20 19:49:24 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\SystemRequirementsLab
[2010.10.22 19:23:57 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\teamspeak2
[2010.10.27 21:12:31 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Tunngle
[2006.01.01 00:12:57 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\uTorrent
[2010.12.16 22:45:12 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\vlc
[2010.09.27 19:57:48 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Winamp
[2010.07.19 16:53:44 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\WinRAR
[2010.11.04 22:45:19 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Xfire

< %APPDATA%\*.exe /s >
[2009.08.11 20:21:26 | 000,087,552 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 20:21:30 | 000,090,112 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 13:52:04 | 000,697,690 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 16:01:52 | 001,185,871 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 09:42:54 | 000,113,152 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 09:45:10 | 000,358,400 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 09:42:06 | 000,137,728 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 14:30:22 | 000,042,305 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2010.09.08 15:00:09 | 000,005,310 | R--- | M] () -- C:\Users\BRUNO\AppData\Roaming\Microsoft\Installer\{27F6403E-6540-4431-B18E-B0BE2C253A9B}\icon64.exe
[2010.11.06 14:58:21 | 000,049,152 | R--- | M] (InstallShield Software Corp.) -- C:\Users\BRUNO\AppData\Roaming\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe
[2010.11.16 19:33:50 | 000,010,134 | R--- | M] () -- C:\Users\BRUNO\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2010.10.21 20:12:40 | 003,920,702 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\Mozilla\Firefox\Profiles\w4tpnptl.default\extensions\firesheep@codebutler.com\platform\WINNT_x86-msvc\firesheep-backend.exe


< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\ERDNT\cache\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\ERDNT\cache\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\System32\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\ERDNT\cache\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\ERDNT\cache\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\ERDNT\cache\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\drivers\nvraid.sys
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\ERDNT\cache\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\System32\drivers\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\ERDNT\cache\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.12.07 01:32:31 | 000,054,784 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\System32\dataclens.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.07.19 15:01:16 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.12.07 01:32:31 | 000,054,784 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\System32\dataclens.dll

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.12.26 11:15:33 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.26 11:15:33 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.26 03:25:50 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat
[2010.12.26 17:06:27 | 000,118,438 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.12.26 17:06:27 | 000,166,534 | ---- | M] () -- C:\Windows\System32\perfc00E.dat
[2010.12.26 17:06:27 | 000,647,308 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.12.26 17:06:27 | 000,676,678 | ---- | M] () -- C:\Windows\System32\perfh00E.dat
[2010.12.26 17:06:27 | 001,606,526 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:B6418BC9


vas. dec. 26, 2010 17:49
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. dec. 25, 2010 16:35
Hozzászólások: 27
Hozzászólás Re: STELL Segit
========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: firesheep@codebutler.com:0.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.24 04:59:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.24 04:59:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.11.07 02:52:21 | 000,000,000 | ---D | M]

[2010.08.11 12:20:35 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\mozilla\Extensions
[2010.08.11 12:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BRUNO\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.12.24 05:09:43 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\mozilla\Firefox\Profiles\w4tpnptl.default\extensions
[2010.08.20 14:48:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BRUNO\AppData\Roaming\mozilla\Firefox\Profiles\w4tpnptl.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.12.03 22:21:08 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\mozilla\Firefox\Profiles\w4tpnptl.default\extensions\firesheep@codebutler.com
[2010.08.11 12:20:17 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.12.24 04:59:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.12.24 04:59:26 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.12.24 04:59:26 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2010.12.24 04:59:28 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2008.06.11 21:45:28 | 000,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010.12.19 17:12:11 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2010.12.19 17:12:11 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2010.12.19 17:12:11 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2010.12.19 17:12:11 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2010.12.19 17:12:12 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2010.12.19 17:12:12 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2010.12.19 17:12:12 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2010.07.23 01:53:36 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2010.07.23 01:53:36 | 000,000,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010.07.23 01:53:36 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.07.23 01:53:36 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\polymeta.xml
[2010.07.23 01:53:36 | 000,001,628 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\sztaki-en-hu.xml
[2010.07.23 01:53:36 | 000,000,974 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\vatera.xml
[2010.07.23 01:53:36 | 000,001,189 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-hu.xml

O1 HOSTS File: ([2010.12.25 19:38:33 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\BRUNO\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PC Auto Shutdown] C:\Program Files\PC Auto Shutdown\AutoShutdown.exe (GoldSolution Software, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\BRUNO\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\BRUNO\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: Küldés blogba - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Küldés blogba a Windows Live Writer programmal - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000052 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000054 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000055 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000056 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000057 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000060 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000061 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000062 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000063 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000064 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000065 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000066 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/Messenger ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.01.19 14:29:50 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010.12.26 16:52:51 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\BRUNO\Desktop\OTL.exe
[2010.12.25 21:27:02 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\Desktop\1287485256_Mercedes Benz Sprinter truck
[2010.12.25 21:27:00 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\Desktop\1286274720_DAFxf105
[2010.12.25 21:26:58 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\Desktop\1286274752_bode
[2010.12.25 21:26:55 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\Desktop\1284729396_Renault Magnum with Trailer
[2010.12.25 19:41:34 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.12.25 19:41:02 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.12.25 19:17:52 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010.12.25 15:49:40 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010.12.25 15:49:40 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010.12.25 15:49:40 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010.12.25 15:49:31 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.12.25 15:48:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.12.24 18:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\FreeApps
[2010.12.24 18:49:47 | 000,000,000 | ---D | C] -- C:\ProgramData\FreeApp
[2010.12.24 18:49:20 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\AppData\Roaming\IObit
[2010.12.24 18:48:13 | 010,160,048 | ---- | C] (IObit ) -- C:\Users\BRUNO\Desktop\asc-setup.exe
[2010.12.24 18:47:07 | 001,061,888 | ---- | C] (J.C. Kessels) -- C:\Windows\System32\MyDefragScreenSaver_v4.3.1.exe
[2010.12.24 18:47:07 | 000,475,648 | ---- | C] (J.C. Kessels) -- C:\Windows\System32\MyDefragScreenSaver_v4.3.1.scr
[2010.12.24 18:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\MyDefrag v4.3.1
[2010.12.24 18:46:28 | 002,082,630 | ---- | C] (J.C. Kessels ) -- C:\Users\BRUNO\Desktop\MyDefrag-v4.3.1.exe
[2010.12.24 02:46:19 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\Desktop\Asztal
[2010.12.23 21:58:30 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\AppData\Roaming\Malwarebytes
[2010.12.23 21:58:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.23 21:58:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.23 21:58:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.23 21:58:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.12.23 10:29:52 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010.12.21 15:20:07 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.12.20 15:26:59 | 000,043,520 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusb0.dll
[2010.12.20 15:26:59 | 000,028,672 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\drivers\libusb0.sys
[2010.12.20 15:26:59 | 000,000,000 | ---D | C] -- C:\Program Files\LibUSB-Win32
[2010.12.20 01:29:45 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\.shsh
[2010.12.19 17:14:06 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\AppData\Roaming\Apple Computer
[2010.12.19 17:14:06 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\AppData\Local\Apple Computer
[2010.12.19 17:13:50 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010.12.19 17:13:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010.12.19 17:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010.12.19 17:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010.12.19 17:13:25 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.12.19 17:11:52 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010.12.19 17:11:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.12.19 17:06:43 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\AppData\Local\Apple
[2010.12.19 17:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010.12.19 17:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010.12.19 17:04:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010.12.19 17:04:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010.12.15 16:17:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.12.15 16:17:30 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.12.15 16:17:28 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.12.15 16:17:28 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.12.15 16:17:28 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.12.15 16:17:28 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.12.15 16:17:28 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.12.15 16:17:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.12.15 16:17:28 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.12.15 16:17:28 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.12.15 16:17:28 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.12.15 16:17:28 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.12.15 16:17:24 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010.12.15 16:17:24 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010.12.15 16:17:24 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010.12.15 16:17:24 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2010.12.15 16:17:23 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.12.15 16:17:23 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.12.15 16:17:21 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2010.12.15 16:17:20 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010.12.15 16:17:18 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

========== Files - Modified Within 14 Days ==========

[2010.12.26 17:06:27 | 000,676,678 | ---- | M] () -- C:\Windows\System32\perfh00E.dat
[2010.12.26 17:06:27 | 000,647,308 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.12.26 17:06:27 | 000,166,534 | ---- | M] () -- C:\Windows\System32\perfc00E.dat
[2010.12.26 17:06:27 | 000,118,438 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.12.26 16:36:27 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3237398822-3423884846-2355971879-1001UA.job
[2010.12.26 13:35:41 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\BRUNO\Desktop\OTL.exe
[2010.12.26 11:15:33 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.26 11:15:33 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.26 11:08:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.26 11:07:58 | 804,954,112 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.26 03:25:50 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat
[2010.12.25 21:26:43 | 001,168,208 | ---- | M] () -- C:\Users\BRUNO\Desktop\1287485256_Mercedes Benz Sprinter truck.rar
[2010.12.25 21:25:16 | 000,869,159 | ---- | M] () -- C:\Users\BRUNO\Desktop\1286274720_DAFxf105.rar
[2010.12.25 21:25:12 | 001,694,689 | ---- | M] () -- C:\Users\BRUNO\Desktop\1286274752_bode.rar
[2010.12.25 21:24:56 | 002,577,462 | ---- | M] () -- C:\Users\BRUNO\Desktop\1284729396_Renault Magnum with Trailer.rar
[2010.12.25 21:23:00 | 000,137,207 | ---- | M] () -- C:\Users\BRUNO\Desktop\mercedesbenzategoroyalmail.zip
[2010.12.25 20:36:01 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3237398822-3423884846-2355971879-1001Core.job
[2010.12.25 19:38:33 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.12.25 15:47:13 | 003,998,064 | R--- | M] () -- C:\Users\BRUNO\Desktop\ComboFix.exe
[2010.12.25 11:01:39 | 000,000,826 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010.12.24 18:49:56 | 000,000,971 | ---- | M] () -- C:\Users\BRUNO\Desktop\FreeApps.lnk
[2010.12.24 18:49:23 | 000,001,207 | ---- | M] () -- C:\Users\BRUNO\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010.12.24 18:49:23 | 000,001,183 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010.12.24 18:49:23 | 000,000,135 | ---- | M] () -- C:\Users\BRUNO\Desktop\IObit Freeware.url
[2010.12.24 18:48:48 | 010,160,048 | ---- | M] (IObit ) -- C:\Users\BRUNO\Desktop\asc-setup.exe
[2010.12.24 18:47:08 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\MyDefrag.lnk
[2010.12.24 18:46:45 | 002,082,630 | ---- | M] (J.C. Kessels ) -- C:\Users\BRUNO\Desktop\MyDefrag-v4.3.1.exe
[2010.12.24 04:13:35 | 000,011,123 | ---- | M] () -- C:\Users\BRUNO\Documents\makesig.jpg
[2010.12.23 21:58:15 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.23 10:30:01 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2010.12.20 23:37:13 | 000,000,907 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.umbrella
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.19 17:13:54 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.12.19 17:12:01 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.12.19 16:57:24 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.12.16 22:36:48 | 000,000,041 | -HS- | M] () -- C:\ProgramData\.zreglib
[2010.12.16 20:34:59 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\CloneCD.lnk
[2010.12.16 07:57:39 | 000,418,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.16 02:36:32 | 000,002,401 | ---- | M] () -- C:\Users\BRUNO\Desktop\Google Chrome.lnk
[2010.12.14 20:53:25 | 004,698,112 | ---- | M] () -- C:\Users\BRUNO\Documents\E00000EB484C316F

========== Files Created - No Company Name ==========

[2010.12.25 21:26:42 | 001,168,208 | ---- | C] () -- C:\Users\BRUNO\Desktop\1287485256_Mercedes Benz Sprinter truck.rar
[2010.12.25 21:25:16 | 000,869,159 | ---- | C] () -- C:\Users\BRUNO\Desktop\1286274720_DAFxf105.rar
[2010.12.25 21:25:10 | 001,694,689 | ---- | C] () -- C:\Users\BRUNO\Desktop\1286274752_bode.rar
[2010.12.25 21:24:55 | 002,577,462 | ---- | C] () -- C:\Users\BRUNO\Desktop\1284729396_Renault Magnum with Trailer.rar
[2010.12.25 21:23:11 | 000,137,207 | ---- | C] () -- C:\Users\BRUNO\Desktop\mercedesbenzategoroyalmail.zip
[2010.12.25 15:49:40 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010.12.25 15:49:40 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010.12.25 15:49:40 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2010.12.25 15:49:40 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010.12.25 15:49:40 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.12.25 15:46:48 | 003,998,064 | R--- | C] () -- C:\Users\BRUNO\Desktop\ComboFix.exe
[2010.12.24 18:49:56 | 000,000,971 | ---- | C] () -- C:\Users\BRUNO\Desktop\FreeApps.lnk
[2010.12.24 18:49:23 | 000,001,207 | ---- | C] () -- C:\Users\BRUNO\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010.12.24 18:49:23 | 000,001,183 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010.12.24 18:49:23 | 000,000,135 | ---- | C] () -- C:\Users\BRUNO\Desktop\IObit Freeware.url
[2010.12.24 18:47:08 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\MyDefrag.lnk
[2010.12.24 04:13:35 | 000,011,123 | ---- | C] () -- C:\Users\BRUNO\Documents\makesig.jpg
[2010.12.23 21:58:15 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.23 10:30:01 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2010.12.19 17:13:54 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.12.19 17:12:01 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.12.19 16:57:24 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.12.16 20:38:53 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.12.07 01:32:31 | 000,054,784 | RHS- | C] () -- C:\Windows\System32\dataclens.dll
[2010.11.17 21:57:27 | 000,000,075 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat
[2010.10.19 19:10:43 | 000,057,344 | ---- | C] () -- C:\Windows\System32\zlib1i.dll
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.10.07 19:10:54 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.10.07 19:10:54 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.09.10 21:33:33 | 000,000,826 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.08.24 20:04:18 | 000,000,110 | ---- | C] () -- C:\Windows\System32\RichardBurnsRally.ini
[2010.08.23 12:09:44 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2010.08.16 02:16:26 | 000,000,110 | ---- | C] () -- C:\Windows\System32\winsden.dll
[2010.08.10 01:46:18 | 000,007,593 | ---- | C] () -- C:\Users\BRUNO\AppData\Local\Resmon.ResmonCfg
[2010.07.28 20:36:43 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.07.22 15:44:44 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.07.22 15:44:44 | 000,022,328 | ---- | C] () -- C:\Users\BRUNO\AppData\Roaming\PnkBstrK.sys
[2010.07.22 15:44:19 | 000,000,294 | ---- | C] () -- C:\Windows\game.ini
[2010.07.22 14:22:07 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010.07.19 15:01:16 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.07.09 20:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010.06.25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2010.05.20 14:27:26 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2009.08.03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2005.12.13 07:17:50 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll
[2002.12.19 20:04:56 | 003,050,298 | ---- | C] () -- C:\Windows\System32\PDFREPORT_XP.dll


vas. dec. 26, 2010 17:48
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. dec. 25, 2010 16:35
Hozzászólások: 27
Hozzászólás Re: STELL Segit
OTL logfile created on: 2010.12.26. 17:17:38 - Run 2
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\BRUNO\Desktop
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040e | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.

1 024,00 Mb Total Physical Memory | 269,00 Mb Available Physical Memory | 26,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 8,75 Gb Free Space | 22,41% Space Free | Partition Type: NTFS
Drive D: | 114,32 Gb Total Space | 13,24 Gb Free Space | 11,58% Space Free | Partition Type: NTFS
Drive F: | 39,06 Gb Total Space | 12,23 Gb Free Space | 31,31% Space Free | Partition Type: NTFS
Drive G: | 109,98 Gb Total Space | 4,55 Gb Free Space | 4,13% Space Free | Partition Type: NTFS

Computer Name: BRUNO-PC | User Name: BRUNO | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Processes (SafeList) ==========

PRC - [2010.12.26 13:35:41 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\BRUNO\Desktop\OTL.exe
PRC - [2010.12.20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010.12.09 00:28:23 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Users\BRUNO\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010.12.07 11:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010.12.06 08:31:52 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2010.12.06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010.10.16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.09.14 11:47:24 | 000,716,024 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files\Tunngle\TnglCtrl.exe
PRC - [2010.08.12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010.08.12 14:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET NOD32 Antivirus\egui.exe
PRC - [2010.05.20 14:27:24 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2010.05.20 14:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010.04.16 17:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2010.04.12 09:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010.02.18 15:13:02 | 000,441,624 | ---- | M] (GoldSolution Software, Inc.) -- C:\Program Files\PC Auto Shutdown\ShutdownService.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.09.27 16:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.01.29 23:20:49 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
PRC - [2008.04.16 19:18:12 | 002,516,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe


========== Modules (SafeList) ==========

MOD - [2010.12.26 13:35:41 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\BRUNO\Desktop\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.07.14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2009.07.14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 02:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll
MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 02:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
MOD - [2009.07.14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll
MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.12.20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010.12.07 11:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010.12.06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.10.16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.09.14 11:47:24 | 000,716,024 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2010.08.12 14:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.08.12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2010.07.20 13:43:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.06.25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010.05.20 14:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010.03.18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010.03.18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpActivator)
SRV - [2010.03.18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetPipeActivator)
SRV - [2010.03.18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetMsmqActivator)
SRV - [2010.02.18 15:13:02 | 000,441,624 | ---- | M] (GoldSolution Software, Inc.) [Auto | Running] -- C:\Program Files\PC Auto Shutdown\ShutdownService.exe -- (PCAutoShutdown_Service)
SRV - [2009.09.27 16:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009.07.14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Telepítő (AxInstSV)
SRV - [2009.07.14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\BRUNO\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010.07.29 13:31:26 | 000,136,632 | ---- | M] (ESET) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010.07.29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.07.29 13:31:26 | 000,096,920 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2010.07.19 15:01:16 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.06.25 18:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2010.05.20 14:27:26 | 001,961,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000)
DRV - [2010.04.27 15:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2010.04.27 15:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2010.04.27 15:57:24 | 000,031,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2010.04.27 15:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2010.04.27 13:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2010.04.12 09:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010.02.03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.12.11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.09.28 00:12:22 | 009,509,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.09.16 07:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV - [2009.08.21 21:24:03 | 000,066,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UmPass)
DRV - [2009.07.14 00:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB audio-illesztőprogram (WDM)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009.07.13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.13 23:02:53 | 000,545,792 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2009.07.13 23:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009.02.17 18:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2007.12.21 08:20:14 | 000,030,216 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\easdrv.sys -- (easdrv)
DRV - [2007.03.20 11:33:26 | 000,028,672 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2007.02.22 11:28:48 | 000,030,864 | ---- | M] (Licensed for Sysinfo Lab) [Kernel | Auto | Running] -- C:\Program Files\ASTRA32\astra32.sys -- (ASTRA32)
DRV - [2007.02.16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005.11.03 15:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.08.10 15:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005.08.10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)


vas. dec. 26, 2010 17:46
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. dec. 25, 2010 16:35
Hozzászólások: 27
Hozzászólás Re: STELL Segit
Extra Log:

OTL Extras logfile created on: 2010.12.26. 17:17:38 - Run 2
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\BRUNO\Desktop
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040e | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.

1 024,00 Mb Total Physical Memory | 269,00 Mb Available Physical Memory | 26,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 8,75 Gb Free Space | 22,41% Space Free | Partition Type: NTFS
Drive D: | 114,32 Gb Total Space | 13,24 Gb Free Space | 11,58% Space Free | Partition Type: NTFS
Drive F: | 39,06 Gb Total Space | 12,23 Gb Free Space | 31,31% Space Free | Partition Type: NTFS
Drive G: | 109,98 Gb Total Space | 4,55 Gb Free Space | 4,13% Space Free | Partition Type: NTFS

Computer Name: BRUNO-PC | User Name: BRUNO | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{16B07D27-7A78-4C25-B76A-6EDB751B18CA}" = Windows Live Movie Maker
"{19D26A2C-D822-484F-908F-34EA2FB8852E}" = Shutdown Timer
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live feltöltőeszköz
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{257A92C3-7E41-4678-9144-6920F4289D0F}" = Windows Live Messenger
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{27F6403E-6540-4431-B18E-B0BE2C253A9B}" = Stílus Mánia
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{408A2284-6037-46D9-8EA5-D5173CED3DB3}" = Windows Live Fotótár
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™ 2 Házi kedvenc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EDD761B-5253-4CD1-A309-9DFEE960E344}" = Logitech Gaming Software 5.09
"{51D199F4-5593-4BC9-B2A5-BB1CDE0C894A}" = aerosoft's - Mega Airport Paris CDG
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Trendi Tini Cuccok
"{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = The Sims™ 2 Konyhai és Fürdőszobai Lakberendezési Cuccok
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Álomotthon Cuccok
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Megnyitottunk – Vár az üzlet!
"{7F9783DE-C0E9-4971-AE44-D34A2E03F877}" = Windows Live Writer
"{80DB2577-43E3-4C34-00AF-0D7967B942C9}" = The Sims 2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = The Sims™ 2 Divatos H&M® Cuccok
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 Szabadidő
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 Egyetem
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92C7D009-A464-4948-A980-7A3E28CB2F49}" = Richard Burns Rally
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{99A98C71-A900-44E7-AD98-70E6368FB4D0}" = Windows Live Essentials
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims™ 2 Csilli-villi Cuccok
"{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B2F4835F-346A-35FF-9B5F-1360B559310E}" = Microsoft .NET Framework 4 Extended HUN Language Pack
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Nagyvárosi Élet
"{BB6BE4FE-E508-4ED8-8C63-8C98187842D5}" = ESET NOD32 Antivirus
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C0A6901F-C919-47A3-A4D9-E2056314086B}" = aerosoft's - London Heathrow 2008
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D86B6E8D-F224-4BB6-B959-C8EDC5300B5D}" = aerosoft's - Mega Airport Stockholm Arlanda
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Évszakok
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = The Sims™ 2 Bulis! Cuccok
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7D2735-9566-4E60-95AD-44282A7362BE}_is1" = Aerosoft - Gibraltar FS2004
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1566481-372B-422E-8181-ABAA88A80FC1}" = Windows Live Sync
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Jó utat!
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Éjszakák
"{FD031145-2925-3FEF-9A4E-64047AAD8951}" = Microsoft .NET Framework 4 Client Profile HUN Language Pack
"737-300 Pilot in Command" = 737-300 Pilot in Command
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AnalogX FastCache" = AnalogX FastCache
"ASTRA32_is1" = ASTRA32 - Advanced System Information Tool 2.06
"Bonus Dice Special Edition (rw005)" = Bonus Dice Special Edition (rw005)
"BSPlayerf" = BS.Player FREE
"CloneCD" = CloneCD
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Counter Strike 1.6 V36.1 C'zrd" = Counter Strike 1.6 V36.1 C'zrd
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Setup.divx.com" = DivX Setup
"Double Dice Silver Edition" = Double Dice Silver Edition
"Download Youtube Music_is1" = Download Youtube Music 3.0
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FarmingSimulator2011EN_is1" = Farming Simulator 2011
"FlashGet 3.3" = FlashGet 3.3
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube Download_is1" = Free YouTube Download 2.9
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"FreeApp v1" = FreeApps
"FSFDT FSCopilot" = FSFDT FSCopilot
"ImgBurn" = ImgBurn
"InstallShield_{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"IvAe_is1" = The Eye v1.0.6 (b345)
"IvAp_is1" = IvAp v1.4.2 b2411
"Kresz-teszt_is1" = Kresz-teszt 2.2
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.12.1
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile HUN Language Pack" = A Microsoft .NET-keretrendszer 4-es verziójához tartozó ügyfélprofil HUN nyelvi csomagja
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended HUN Language Pack" = A kiterjesztett Microsoft .NET-keretrendszer 4 HUN nyelvi csomagja
"MKV TO AVI CONVERTER_is1" = MKV TO AVI CONVERTER version 3.1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MuOnline.HU Season3" = MuOnline.HU Season3
"MuOnline.HU Season4" = MuOnline.HU Season4
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PC Auto Shutdown_is1" = PC Auto Shutdown 4.2
"PFConfig" = PFConfig 1.0.295
"PowerISO" = PowerISO
"ReadyDriver Plus_is1" = ReadyDriver Plus 1.1
"Speccy" = Speccy
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 6" = TeamViewer 6
"Test Drive Unlimited 2 Beta_is1" = Test Drive Unlimited 2 Beta
"Tunngle beta_is1" = Tunngle beta
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.4
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR archiváló
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)
"XPort 360_is1" = XPort 360
"Xvid_is1" = Xvid 1.2.2 final uninstall
"ZOTAC FireStorm" = ZOTAC FireStorm

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2010.12.19. 12:09:48 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.19. 12:09:49 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.19. 12:09:49 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.19. 12:09:49 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.19. 12:09:49 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.19. 12:09:50 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.19. 12:09:50 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.19. 12:10:45 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.19. 12:10:48 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.20. 1:17:50 | Computer Name = BRUNO-PC | Source = Application Error | ID = 1000
Description = A hibát okozó alkalmazás neve: mDNSResponder.exe, verzió: 2.0.4.0,
időbélyeg: 0x4cae1be1 A hibát okozó modul neve: mDNSResponder.exe, verzió: 2.0.4.0,
időbélyeg: 0x4cae1be1 Kivételkód: 0xc0000005 Hiba pozíciója: 0x0000110a A hibát okozó
folyamat azonosítója: 0x17c A hibát okozó alkalmazás indításának időpontja: 0x01cba00534a9d0c0
A
hibát okozó alkalmazás elérési útja: C:\Program Files\Bonjour\mDNSResponder.exe
A
hibát okozó modul elérési útja: C:\Program Files\Bonjour\mDNSResponder.exe Jelentés
azonosítója: 7d00a4c0-0bf8-11e0-9740-0019215af2af

[ Media Center Events ]
Error - 2010.09.17. 18:16:11 | Computer Name = BRUNO-PC | Source = Microsoft-Windows-Media Center Extender | ID = 543
Description =

Error - 2010.10.07. 17:12:49 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0
Description = 23:12:49 - Hiba történt az internethez való kapcsolódás közben. 23:12:49
- A kiszolgáló nem érhető el..

Error - 2010.10.07. 17:13:00 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0
Description = 23:12:55 - Hiba történt az internethez való kapcsolódás közben. 23:12:55
- A kiszolgáló nem érhető el..

Error - 2010.11.08. 11:04:05 | Computer Name = BRUNO-PC | Source = Microsoft-Windows-Media Center Extender | ID = 800
Description =

Error - 2010.11.08. 11:55:18 | Computer Name = BRUNO-PC | Source = Microsoft-Windows-Media Center Extender | ID = 800
Description =

Error - 2010.11.29. 2:10:12 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0
Description = 7:10:07 - Hiba történt az internethez való kapcsolódás közben. 7:10:07
- A kiszolgáló nem érhető el..

Error - 2010.12.24. 17:37:55 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0
Description = 22:37:55 - Hiba történt az internethez való kapcsolódás közben. 22:37:55
- A kiszolgáló nem érhető el..

Error - 2010.12.24. 17:38:06 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0
Description = 22:38:01 - Hiba történt az internethez való kapcsolódás közben. 22:38:01
- A kiszolgáló nem érhető el..

[ OSession Events ]
Error - 2010.08.15. 12:21:42 | Computer Name = BRUNO-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2010.11.27. 9:03:30 | Computer Name = BRUNO-PC | Source = EventLog | ID = 6008
Description = Az előző rendszerleállítás (?2010.?11.?27. - 13:31:11) váratlan volt.

Error - 2010.11.27. 9:03:54 | Computer Name = BRUNO-PC | Source = Service Control Manager | ID = 7026
Description = A következő boot- vagy rendszerindító illesztőprogram(ok) nem indult(ak)
el: sfdrv01 sfsync02 sfvfs02

Error - 2010.11.27. 9:04:04 | Computer Name = BRUNO-PC | Source = WMPNetworkSvc | ID = 866306
Description =

Error - 2010.11.27. 9:04:04 | Computer Name = BRUNO-PC | Source = WMPNetworkSvc | ID = 866306
Description =

Error - 2010.11.27. 10:53:06 | Computer Name = BRUNO-PC | Source = volsnap | ID = 393252
Description = A(z) C: kötet árnyékmásolatait a program megszüntette, mert az árnyékmásolatok
tárolására szolgáló lemezterületet egy felhasználó által beállított korlát miatt
nem sikerült megnövelni.

Error - 2010.11.27. 18:13:00 | Computer Name = BRUNO-PC | Source = Service Control Manager | ID = 7016
Description = A szolgáltatás (NVIDIA Display Driver Service) a következő érvénytelen
állapotot jelentette: 32.

Error - 2010.11.27. 21:10:53 | Computer Name = BRUNO-PC | Source = Application Popup | ID = 875
Description = A(z) sfsync02.sys illesztőprogram betöltése le van tiltva.

Error - 2010.11.27. 21:10:54 | Computer Name = BRUNO-PC | Source = Application Popup | ID = 875
Description = A(z) sfvfs02.sys illesztőprogram betöltése le van tiltva.

Error - 2010.11.27. 21:10:54 | Computer Name = BRUNO-PC | Source = Application Popup | ID = 875
Description = A(z) sfdrv01.sys illesztőprogram betöltése le van tiltva.

Error - 2010.11.27. 21:11:19 | Computer Name = BRUNO-PC | Source = Service Control Manager | ID = 7026
Description = A következő boot- vagy rendszerindító illesztőprogram(ok) nem indult(ak)
el: sfdrv01 sfsync02 sfvfs02


< End of report >


vas. dec. 26, 2010 17:41
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. dec. 25, 2010 16:35
Hozzászólások: 27
Hozzászólás Re: STELL Segit
Bemásoltam én alulra de akkor bemásolom mégegyszer. :)


vas. dec. 26, 2010 16:56
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
Az extras.txt az jo, de nem jol csinaltad
Irtam
Masold be azOTL>> Also ablkjaba az Zold textet innen, es klik RUNSCAN, ad 2 logot OTL.TXT es extras.txt, mind 2=tot tedd ide
Kód:
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT


vas. dec. 26, 2010 14:10
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. dec. 25, 2010 16:35
Hozzászólások: 27
Hozzászólás Re: STELL Segit
És az extras:

OTL Extras logfile created on: 2010.12.26. 13:38:19 - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\BRUNO\Downloads
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040e | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.

1 024,00 Mb Total Physical Memory | 226,00 Mb Available Physical Memory | 22,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 57,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 8,81 Gb Free Space | 22,56% Space Free | Partition Type: NTFS
Drive D: | 114,32 Gb Total Space | 13,24 Gb Free Space | 11,58% Space Free | Partition Type: NTFS
Drive F: | 39,06 Gb Total Space | 12,23 Gb Free Space | 31,31% Space Free | Partition Type: NTFS
Drive G: | 109,98 Gb Total Space | 4,55 Gb Free Space | 4,13% Space Free | Partition Type: NTFS

Computer Name: BRUNO-PC | User Name: BRUNO | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{16B07D27-7A78-4C25-B76A-6EDB751B18CA}" = Windows Live Movie Maker
"{19D26A2C-D822-484F-908F-34EA2FB8852E}" = Shutdown Timer
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live feltöltőeszköz
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{257A92C3-7E41-4678-9144-6920F4289D0F}" = Windows Live Messenger
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{27F6403E-6540-4431-B18E-B0BE2C253A9B}" = Stílus Mánia
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{408A2284-6037-46D9-8EA5-D5173CED3DB3}" = Windows Live Fotótár
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™ 2 Házi kedvenc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EDD761B-5253-4CD1-A309-9DFEE960E344}" = Logitech Gaming Software 5.09
"{51D199F4-5593-4BC9-B2A5-BB1CDE0C894A}" = aerosoft's - Mega Airport Paris CDG
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Trendi Tini Cuccok
"{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = The Sims™ 2 Konyhai és Fürdőszobai Lakberendezési Cuccok
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Álomotthon Cuccok
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Megnyitottunk – Vár az üzlet!
"{7F9783DE-C0E9-4971-AE44-D34A2E03F877}" = Windows Live Writer
"{80DB2577-43E3-4C34-00AF-0D7967B942C9}" = The Sims 2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = The Sims™ 2 Divatos H&M® Cuccok
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 Szabadidő
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 Egyetem
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92C7D009-A464-4948-A980-7A3E28CB2F49}" = Richard Burns Rally
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{99A98C71-A900-44E7-AD98-70E6368FB4D0}" = Windows Live Essentials
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims™ 2 Csilli-villi Cuccok
"{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B2F4835F-346A-35FF-9B5F-1360B559310E}" = Microsoft .NET Framework 4 Extended HUN Language Pack
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Nagyvárosi Élet
"{BB6BE4FE-E508-4ED8-8C63-8C98187842D5}" = ESET NOD32 Antivirus
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C0A6901F-C919-47A3-A4D9-E2056314086B}" = aerosoft's - London Heathrow 2008
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D86B6E8D-F224-4BB6-B959-C8EDC5300B5D}" = aerosoft's - Mega Airport Stockholm Arlanda
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Évszakok
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = The Sims™ 2 Bulis! Cuccok
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7D2735-9566-4E60-95AD-44282A7362BE}_is1" = Aerosoft - Gibraltar FS2004
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1566481-372B-422E-8181-ABAA88A80FC1}" = Windows Live Sync
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Jó utat!
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Éjszakák
"{FD031145-2925-3FEF-9A4E-64047AAD8951}" = Microsoft .NET Framework 4 Client Profile HUN Language Pack
"737-300 Pilot in Command" = 737-300 Pilot in Command
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AnalogX FastCache" = AnalogX FastCache
"ASTRA32_is1" = ASTRA32 - Advanced System Information Tool 2.06
"Bonus Dice Special Edition (rw005)" = Bonus Dice Special Edition (rw005)
"BSPlayerf" = BS.Player FREE
"CloneCD" = CloneCD
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Counter Strike 1.6 V36.1 C'zrd" = Counter Strike 1.6 V36.1 C'zrd
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Setup.divx.com" = DivX Setup
"Double Dice Silver Edition" = Double Dice Silver Edition
"Download Youtube Music_is1" = Download Youtube Music 3.0
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FarmingSimulator2011EN_is1" = Farming Simulator 2011
"FlashGet 3.3" = FlashGet 3.3
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube Download_is1" = Free YouTube Download 2.9
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"FreeApp v1" = FreeApps
"FSFDT FSCopilot" = FSFDT FSCopilot
"ImgBurn" = ImgBurn
"InstallShield_{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"IvAe_is1" = The Eye v1.0.6 (b345)
"IvAp_is1" = IvAp v1.4.2 b2411
"Kresz-teszt_is1" = Kresz-teszt 2.2
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.12.1
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile HUN Language Pack" = A Microsoft .NET-keretrendszer 4-es verziójához tartozó ügyfélprofil HUN nyelvi csomagja
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended HUN Language Pack" = A kiterjesztett Microsoft .NET-keretrendszer 4 HUN nyelvi csomagja
"MKV TO AVI CONVERTER_is1" = MKV TO AVI CONVERTER version 3.1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MuOnline.HU Season3" = MuOnline.HU Season3
"MuOnline.HU Season4" = MuOnline.HU Season4
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PC Auto Shutdown_is1" = PC Auto Shutdown 4.2
"PFConfig" = PFConfig 1.0.295
"PowerISO" = PowerISO
"ReadyDriver Plus_is1" = ReadyDriver Plus 1.1
"Speccy" = Speccy
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 6" = TeamViewer 6
"Test Drive Unlimited 2 Beta_is1" = Test Drive Unlimited 2 Beta
"Tunngle beta_is1" = Tunngle beta
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.4
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR archiváló
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)
"XPort 360_is1" = XPort 360
"Xvid_is1" = Xvid 1.2.2 final uninstall
"ZOTAC FireStorm" = ZOTAC FireStorm

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2010.12.19. 12:09:48 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.19. 12:09:49 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.19. 12:09:49 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.19. 12:09:49 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.19. 12:09:49 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.19. 12:09:50 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.19. 12:09:50 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.19. 12:10:45 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.19. 12:10:48 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711
Description =

Error - 2010.12.20. 1:17:50 | Computer Name = BRUNO-PC | Source = Application Error | ID = 1000
Description = A hibát okozó alkalmazás neve: mDNSResponder.exe, verzió: 2.0.4.0,
időbélyeg: 0x4cae1be1 A hibát okozó modul neve: mDNSResponder.exe, verzió: 2.0.4.0,
időbélyeg: 0x4cae1be1 Kivételkód: 0xc0000005 Hiba pozíciója: 0x0000110a A hibát okozó
folyamat azonosítója: 0x17c A hibát okozó alkalmazás indításának időpontja: 0x01cba00534a9d0c0
A
hibát okozó alkalmazás elérési útja: C:\Program Files\Bonjour\mDNSResponder.exe
A
hibát okozó modul elérési útja: C:\Program Files\Bonjour\mDNSResponder.exe Jelentés
azonosítója: 7d00a4c0-0bf8-11e0-9740-0019215af2af

[ Media Center Events ]
Error - 2010.09.17. 18:16:11 | Computer Name = BRUNO-PC | Source = Microsoft-Windows-Media Center Extender | ID = 543
Description =

Error - 2010.10.07. 17:12:49 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0
Description = 23:12:49 - Hiba történt az internethez való kapcsolódás közben. 23:12:49
- A kiszolgáló nem érhető el..

Error - 2010.10.07. 17:13:00 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0
Description = 23:12:55 - Hiba történt az internethez való kapcsolódás közben. 23:12:55
- A kiszolgáló nem érhető el..

Error - 2010.11.08. 11:04:05 | Computer Name = BRUNO-PC | Source = Microsoft-Windows-Media Center Extender | ID = 800
Description =

Error - 2010.11.08. 11:55:18 | Computer Name = BRUNO-PC | Source = Microsoft-Windows-Media Center Extender | ID = 800
Description =

Error - 2010.11.29. 2:10:12 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0
Description = 7:10:07 - Hiba történt az internethez való kapcsolódás közben. 7:10:07
- A kiszolgáló nem érhető el..

Error - 2010.12.24. 17:37:55 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0
Description = 22:37:55 - Hiba történt az internethez való kapcsolódás közben. 22:37:55
- A kiszolgáló nem érhető el..

Error - 2010.12.24. 17:38:06 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0
Description = 22:38:01 - Hiba történt az internethez való kapcsolódás közben. 22:38:01
- A kiszolgáló nem érhető el..

[ OSession Events ]
Error - 2010.08.15. 12:21:42 | Computer Name = BRUNO-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2010.11.27. 9:03:18 | Computer Name = BRUNO-PC | Source = Application Popup | ID = 875
Description = A(z) sfdrv01.sys illesztőprogram betöltése le van tiltva.

Error - 2010.11.27. 9:03:30 | Computer Name = BRUNO-PC | Source = EventLog | ID = 6008
Description = Az előző rendszerleállítás (?2010.?11.?27. - 13:31:11) váratlan volt.

Error - 2010.11.27. 9:03:54 | Computer Name = BRUNO-PC | Source = Service Control Manager | ID = 7026
Description = A következő boot- vagy rendszerindító illesztőprogram(ok) nem indult(ak)
el: sfdrv01 sfsync02 sfvfs02

Error - 2010.11.27. 9:04:04 | Computer Name = BRUNO-PC | Source = WMPNetworkSvc | ID = 866306
Description =

Error - 2010.11.27. 9:04:04 | Computer Name = BRUNO-PC | Source = WMPNetworkSvc | ID = 866306
Description =

Error - 2010.11.27. 10:53:06 | Computer Name = BRUNO-PC | Source = volsnap | ID = 393252
Description = A(z) C: kötet árnyékmásolatait a program megszüntette, mert az árnyékmásolatok
tárolására szolgáló lemezterületet egy felhasználó által beállított korlát miatt
nem sikerült megnövelni.

Error - 2010.11.27. 18:13:00 | Computer Name = BRUNO-PC | Source = Service Control Manager | ID = 7016
Description = A szolgáltatás (NVIDIA Display Driver Service) a következő érvénytelen
állapotot jelentette: 32.

Error - 2010.11.27. 21:10:53 | Computer Name = BRUNO-PC | Source = Application Popup | ID = 875
Description = A(z) sfsync02.sys illesztőprogram betöltése le van tiltva.

Error - 2010.11.27. 21:10:54 | Computer Name = BRUNO-PC | Source = Application Popup | ID = 875
Description = A(z) sfvfs02.sys illesztőprogram betöltése le van tiltva.

Error - 2010.11.27. 21:10:54 | Computer Name = BRUNO-PC | Source = Application Popup | ID = 875
Description = A(z) sfdrv01.sys illesztőprogram betöltése le van tiltva.


< End of report >


vas. dec. 26, 2010 13:58
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. dec. 25, 2010 16:35
Hozzászólások: 27
Hozzászólás Re: STELL Segit
Na szia lefutattam itt az eredmény.
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT


vas. dec. 26, 2010 13:57
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
Letolteni az asztalra>OTListIt2>> http://oldtimer.geekstogo.com/OTL.exe
-Futatni
- file age at valtoztani 30 >14day ra.
-bepipazni
-Scan all users.
-Lop check.
-Purity check.
-v sekciobaExtra Registry>bepotyozni>Use SafeList
-az ablakjaba -customscan/fixes masold be a textet-es klik RUNSCAN
-5-10 perc mulva add logot tedd ide
-OTL.txt (az asztalon lesz).
-exras.txt-a talcan lesz.

Kód:
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT


vas. dec. 26, 2010 11:56
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. dec. 25, 2010 16:35
Hozzászólások: 27
Hozzászólás Re: STELL Segit
Rákattintottam de azt írta hogy kivan kapcsolva.
Amugy a gép még mindig kékhalált kap kikapcsolásnál.A játékokba a pingem még mindig magas.
A Cracktöl már megszabadultam meg az egész játéktól


vas. dec. 26, 2010 11:34
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
Azta crackod kitorolni a geprol
A SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
Fent van e a Gepen??mert csak a rezidens spyware pajzat latom.
Hogy viselkedik a gep??


vas. dec. 26, 2010 8:53
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. dec. 25, 2010 16:35
Hozzászólások: 27
Hozzászólás Re: STELL Segit
Naszoval annyi még hogy van egy csrss.exe az nem veszélyes? eddig volt egy botcuklar.exe nevü fájlom malware le is kapta ez a fj állandoan huzta a CPU-t.
Közbe virustotal-al megnéztem tesom hülye mmorpg-s játékának az egyik fájlját itt az eredmény .....
http://www.virustotal.com/file-scan/report.html?id=2e9e7a8d36f316e54cfda969c265f78b3f2eccc1aa61ec4747030e33fa11bd72-1291518586



NA és itt a log stell:
ComboFix 10-12-24.01 - BRUNO 010.12.25. 19:20:06.2.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.36.1038.18.1024.423 [GMT 1:00]
Running from: c:\users\BRUNO\Desktop\ComboFix.exe
Command switches used :: c:\users\BRUNO\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point

FILE ::
"c:\program files\IObit\Advanced SystemCare 3\AWC.exe"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\IObit
c:\program files\IObit\Advanced SystemCare 3\AutoCare.exe
c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe
c:\program files\IObit\Advanced SystemCare 3\AWC.exe
c:\program files\IObit\Advanced SystemCare 3\AWCInit.exe
c:\program files\IObit\Advanced SystemCare 3\AwcSchedule.dll
c:\program files\IObit\Advanced SystemCare 3\chkdskback.exe
c:\program files\IObit\Advanced SystemCare 3\ContextMenu.exe
c:\program files\IObit\Advanced SystemCare 3\CookiesBK.pln
c:\program files\IObit\Advanced SystemCare 3\CoolTrayIcon_D6plus.bpl
c:\program files\IObit\Advanced SystemCare 3\Def.dbd
c:\program files\IObit\Advanced SystemCare 3\DiskMap.dll
c:\program files\IObit\Advanced SystemCare 3\ESR.exe
c:\program files\IObit\Advanced SystemCare 3\EULA.rtf
c:\program files\IObit\Advanced SystemCare 3\FFSweep.dll
c:\program files\IObit\Advanced SystemCare 3\FileSweep.dll
c:\program files\IObit\Advanced SystemCare 3\FreeSoftwareDownloader_ASC.exe
c:\program files\IObit\Advanced SystemCare 3\Help.html
c:\program files\IObit\Advanced SystemCare 3\IEFavBK.pln
c:\program files\IObit\Advanced SystemCare 3\Images\care.png
c:\program files\IObit\Advanced SystemCare 3\Images\ds.png
c:\program files\IObit\Advanced SystemCare 3\Images\home.png
c:\program files\IObit\Advanced SystemCare 3\Images\mw.png
c:\program files\IObit\Advanced SystemCare 3\Images\tips.jpg
c:\program files\IObit\Advanced SystemCare 3\Images\tips2.jpg
c:\program files\IObit\Advanced SystemCare 3\Images\ut.png
c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe
c:\program files\IObit\Advanced SystemCare 3\Language\Albanian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Belarusian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Brasil.lng
c:\program files\IObit\Advanced SystemCare 3\Language\ChineseSimp.lng
c:\program files\IObit\Advanced SystemCare 3\Language\ChineseTrad.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Czech.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Dansk.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Dutch.lng
c:\program files\IObit\Advanced SystemCare 3\Language\English.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Finnish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\French.lng
c:\program files\IObit\Advanced SystemCare 3\Language\German.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Hebrew.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Hungarian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Italiano.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Japanese.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Korean.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Persian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Polish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Portuguese(BRAZIL).lng
c:\program files\IObit\Advanced SystemCare 3\Language\Romanian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Russian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Slovenian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Spanish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Srpski.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Svenska.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Swedish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Turkish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Ukrainian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Valencian.lng
c:\program files\IObit\Advanced SystemCare 3\License.dat
c:\program files\IObit\Advanced SystemCare 3\News\bnews.html
c:\program files\IObit\Advanced SystemCare 3\News\Css\bstyle.css
c:\program files\IObit\Advanced SystemCare 3\News\Css\wstyle.css
c:\program files\IObit\Advanced SystemCare 3\News\wnews.html
c:\program files\IObit\Advanced SystemCare 3\NtfsData.dll
c:\program files\IObit\Advanced SystemCare 3\RegeditBK.pln
c:\program files\IObit\Advanced SystemCare 3\Registration.exe
c:\program files\IObit\Advanced SystemCare 3\Routine.dll
c:\program files\IObit\Advanced SystemCare 3\rtl70.bpl
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_01.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_01_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_02.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_02_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_03.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_03_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_04.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_04_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_down.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_left.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_right.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_up.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Bg_Content.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\BG_Main.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_en_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_en_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_en_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Check.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Checked.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Close1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Close2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Content_bg_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Content_bg_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Content_bg_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Flag.ico
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Layout.ini
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Min1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Min2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\scan.avi
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Shadow.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Bottom.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Selected_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Selected_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Selected_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_UnSelected_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_UnSelected_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_UnSelected_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Title.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\UnCheck.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Unchecked.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Upgrade1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Upgrade2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_01.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_01_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_02.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_02_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_03.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_03_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_04.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_04_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_down.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_left.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_right.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_up.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Bg_Content.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\BG_Main.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_en_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_en_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_en_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Check.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Checked.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Close1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Close2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Content_bg_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Content_bg_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Content_bg_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Flag.ico
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Layout.ini
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Min1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Min2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\scan.avi
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Shadow.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Bottom.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_BottomLine.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Selected_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Selected_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Selected_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_UnSelected_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_UnSelected_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_UnSelected_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Title.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\UnCheck.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Unchecked.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Upgrade1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Upgrade2.png
c:\program files\IObit\Advanced SystemCare 3\sqlite3.dll
c:\program files\IObit\Advanced SystemCare 3\StartMenu.exe
c:\program files\IObit\Advanced SystemCare 3\STFix.dll
c:\program files\IObit\Advanced SystemCare 3\Sup_DiskCleaner.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_DiskDoctor.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_FileShredder.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_GameBooster.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_InternetBooster.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_IS360.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_ISD.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_RegistryDefrag.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_ShortcutsFixer.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
c:\program files\IObit\Advanced SystemCare 3\Sus_DriverBackUp.exe
c:\program files\IObit\Advanced SystemCare 3\Sus_PIeHelp.exe
c:\program files\IObit\Advanced SystemCare 3\Sus_SystemBackup.exe
c:\program files\IObit\Advanced SystemCare 3\Sus_SystemFileScan.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_AutoShutDown.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_ClonedFilesFinder.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_ContextManager.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_DiskExplorer.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_RestoreCenter.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_SoftUninstal.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_StartUpManager.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_SysInfo.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_WinManager.exe
c:\program files\IObit\Advanced SystemCare 3\TurboBoost.exe
c:\program files\IObit\Advanced SystemCare 3\unins000.dat
c:\program files\IObit\Advanced SystemCare 3\unins000.exe
c:\program files\IObit\Advanced SystemCare 3\unins000.msg
c:\program files\IObit\Advanced SystemCare 3\Update History.txt
c:\program files\IObit\Advanced SystemCare 3\Update\awc3check.upt
c:\program files\IObit\Advanced SystemCare 3\vcl70.bpl
c:\program files\IObit\Advanced SystemCare 3\vclx70.bpl
c:\program files\IObit\Advanced SystemCare 3\winSkinD7R.bpl
c:\program files\IObit\Advanced SystemCare 3\Wizard.exe
c:\program files\IObit\Game Booster\AutoUpdate.exe
c:\program files\IObit\Game Booster\Boost.exe
c:\program files\IObit\Game Booster\GameBooster.exe
c:\program files\IObit\Game Booster\GameBox.exe
c:\program files\IObit\Game Booster\gbinit.exe
c:\program files\IObit\Game Booster\IObitDownloader.exe
c:\program files\IObit\Game Booster\Language\ChineseSimp.lng
c:\program files\IObit\Game Booster\Language\ChineseTrad.lng
c:\program files\IObit\Game Booster\Language\Czech.lng
c:\program files\IObit\Game Booster\Language\English.lng
c:\program files\IObit\Game Booster\Language\French.lng
c:\program files\IObit\Game Booster\Language\Hungarian.lng
c:\program files\IObit\Game Booster\Language\Italian.lng
c:\program files\IObit\Game Booster\Language\Polish.lng
c:\program files\IObit\Game Booster\Language\Portuguese(BRAZIL).lng
c:\program files\IObit\Game Booster\Language\Romanian.lng
c:\program files\IObit\Game Booster\Language\Russian.lng
c:\program files\IObit\Game Booster\Language\Spanish.lng
c:\program files\IObit\Game Booster\Language\Swedish.lng
c:\program files\IObit\Game Booster\Language\Turkish.lng
c:\program files\IObit\Game Booster\license.dat
c:\program files\IObit\Game Booster\madbasic_.bpl
c:\program files\IObit\Game Booster\maddisAsm_.bpl
c:\program files\IObit\Game Booster\madexcept_.bpl
c:\program files\IObit\Game Booster\News\gb_sidebg154x430.gif
c:\program files\IObit\Game Booster\News\gbnews.html
c:\program files\IObit\Game Booster\News\jquery.js
c:\program files\IObit\Game Booster\PowerConfig.dll
c:\program files\IObit\Game Booster\rtl120.bpl
c:\program files\IObit\Game Booster\sqlite3.dll
c:\program files\IObit\Game Booster\unins000.dat
c:\program files\IObit\Game Booster\unins000.exe
c:\program files\IObit\Game Booster\unins000.msg
c:\program files\IObit\Game Booster\Update\Update.Ini
c:\program files\IObit\Game Booster\vcl120.bpl
c:\program files\IObit\Game Booster\vclx120.bpl
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
c:\users\BRUNO\AppData\Roaming\FlashGetBHO
c:\users\BRUNO\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
c:\users\BRUNO\AppData\Roaming\FlashGetBHO\FlashGetHook.dll
c:\users\BRUNO\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
c:\users\BRUNO\AppData\Roaming\FlashGetBHO\GetUrl.htm

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_eixjgtaw
-------\Service_nmbqkg


((((((((((((((((((((((((( Files Created from 2010-11-25 to 2010-12-25 )))))))))))))))))))))))))))))))
.

2010-12-25 18:36 . 2010-12-25 18:36 -------- d-----w- c:\users\Mcx3-BRUNO-PC\AppData\Local\temp
2010-12-25 18:36 . 2010-12-25 18:36 -------- d-----w- c:\users\Mcx2-BRUNO-PC\AppData\Local\temp
2010-12-24 17:49 . 2010-12-24 17:49 -------- d-----w- c:\program files\FreeApps
2010-12-24 17:49 . 2010-12-24 17:49 -------- d-----w- c:\programdata\FreeApp
2010-12-24 17:49 . 2010-12-24 17:49 -------- d-----w- c:\users\BRUNO\AppData\Roaming\IObit
2010-12-24 17:47 . 2010-12-25 17:45 -------- d-----w- c:\program files\MyDefrag v4.3.1
2010-12-24 17:47 . 2010-05-21 11:11 475648 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.scr
2010-12-24 17:47 . 2010-05-21 11:11 1061888 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.exe
2010-12-23 20:58 . 2010-12-23 20:58 -------- d-----w- c:\users\BRUNO\AppData\Roaming\Malwarebytes
2010-12-23 20:58 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-23 20:58 . 2010-12-23 20:58 -------- d-----w- c:\programdata\Malwarebytes
2010-12-23 20:58 . 2010-12-23 20:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-23 20:58 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-23 09:29 . 2010-12-23 09:29 -------- d-----w- c:\program files\TeamViewer
2010-12-20 14:26 . 2010-12-20 14:26 -------- d-----w- c:\program files\LibUSB-Win32
2010-12-20 14:26 . 2007-03-20 10:33 28672 ----a-w- c:\windows\system32\drivers\libusb0.sys
2010-12-20 14:26 . 2007-03-20 10:33 43520 ----a-w- c:\windows\system32\libusb0.dll
2010-12-20 00:29 . 2005-12-31 23:12 -------- d-----w- c:\users\BRUNO\.shsh
2010-12-19 16:14 . 2010-12-19 16:18 -------- d-----w- c:\users\BRUNO\AppData\Local\Apple Computer
2010-12-19 16:14 . 2010-12-19 16:15 -------- d-----w- c:\users\BRUNO\AppData\Roaming\Apple Computer
2010-12-19 16:13 . 2010-12-19 16:13 -------- dc----w- c:\windows\system32\DRVSTORE
2010-12-19 16:13 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-12-19 16:13 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-12-19 16:13 . 2010-12-19 16:13 -------- d-----w- c:\program files\iPod
2010-12-19 16:13 . 2010-12-19 16:13 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-12-19 16:13 . 2010-12-19 16:13 -------- d-----w- c:\program files\iTunes
2010-12-19 16:11 . 2010-12-19 16:13 -------- d-----w- c:\programdata\Apple Computer
2010-12-19 16:11 . 2010-12-19 16:12 -------- d-----w- c:\program files\QuickTime
2010-12-19 16:06 . 2010-12-19 16:06 -------- d-----w- c:\users\BRUNO\AppData\Local\Apple
2010-12-19 16:06 . 2010-12-19 16:06 -------- d-----w- c:\program files\Apple Software Update
2010-12-19 16:05 . 2010-12-19 16:05 -------- d-----w- c:\program files\Bonjour
2010-12-19 16:04 . 2010-12-19 16:13 -------- d-----w- c:\program files\Common Files\Apple
2010-12-19 16:04 . 2010-12-19 16:06 -------- d-----w- c:\programdata\Apple
2010-12-10 18:50 . 2010-12-10 18:50 -------- d-----w- c:\program files\Common Files\Skype
2010-12-08 23:04 . 2009-03-18 15:35 26176 ---ha-w- c:\windows\system32\hamachi.sys
2010-12-08 23:04 . 2010-12-08 23:04 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-12-07 00:32 . 2010-12-07 00:32 54784 --sha-r- c:\windows\system32\dataclens.dll
2010-12-03 21:24 . 2010-12-24 18:27 -------- d-----w- c:\program files\WinPcap
2010-12-03 09:00 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8FC3961E-64B5-4614-87D6-1065C58460FA}\mpengine.dll
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-24 22:39 . 2010-09-10 20:31 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-11-19 12:32 . 2010-11-19 12:17 467702 ----a-w- C:\Uninstal.exe
2010-11-18 20:01 . 2009-08-18 10:30 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2010-11-18 20:01 . 2009-08-18 10:24 17816 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2010-11-18 16:50 . 2010-11-18 16:50 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-11-06 13:58 . 2010-11-06 13:58 49152 ----a-r- c:\users\BRUNO\AppData\Roaming\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe
2010-10-19 19:41 . 2010-10-19 19:41 34064 ----a-w- c:\windows\system32\lhacm.acm
2010-10-19 09:41 . 2010-07-19 14:21 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-15 21:50 . 2010-09-06 20:38 95232 ----a-w- C:\MuOnline.HU.exe
2010-10-14 00:36 . 2010-10-14 00:36 15451288 ----a-w- c:\windows\system32\xlive.dll
2010-10-14 00:36 . 2010-10-14 00:36 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2010-10-08 12:34 . 2010-10-08 12:34 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-10-07 11:23 . 2010-10-07 11:23 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-10-07 11:23 . 2010-10-07 11:23 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-10-07 11:23 . 2010-10-07 11:23 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-10-07 11:23 . 2010-10-07 11:23 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-09-28 14:44 . 2010-09-28 14:44 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-09-28 14:44 . 2010-09-28 14:44 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]

[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2010-04-27 08:08 2393184 ----a-w- c:\program files\DVDVideoSoftTB\tbDVDV.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"VX1000"="c:\windows\vVX1000.exe" [2010-05-20 762736]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"PC Auto Shutdown"="c:\program files\PC Auto Shutdown\AutoShutdown.exe" [2010-02-18 1387520]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-12-06 1910152]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R3 netr73;RT73 vezeték nélküli USB LAN-kártyaillesztő Vista rendszerhez;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 WatAdminSvc;Windows aktiválási technológiák szolgáltatás;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-20 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-19 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\ASTRA32\ASTRA32.sys [2007-02-22 30864]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 1238408]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
S2 PCAutoShutdown_Service;PCAutoShutdown_Service;c:\program files\PC Auto Shutdown\ShutdownService.exe [2010-02-18 441624]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-09-27 240232]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-09-14 716024]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2007-03-20 28672]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-12-20 20952]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-08-21 66592]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
S3 yukonw7;NDIS6.2 miniport-illesztőprogram Marvell Yukon Ethernet-vezérlőhöz;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]

.
Contents of the 'Scheduled Tasks' folder

2010-12-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3237398822-3423884846-2355971879-1001Core.job
- c:\users\BRUNO\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-19 15:26]

2010-12-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3237398822-3423884846-2355971879-1001UA.job
- c:\users\BRUNO\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-19 15:26]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\BRUNO\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\BRUNO\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
Trusted Zone: kuaiche.com\software
TCP: {D46AD85E-962A-4B3A-AA44-576D14F44444} = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\BRUNO\AppData\Roaming\Mozilla\Firefox\Profiles\w4tpnptl.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Firesheep: firesheep@codebutler.com - %profile%\extensions\firesheep@codebutler.com
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
.
- - - - ORPHANS REMOVED - - - -

AddRemove-Advanced SystemCare 3_is1 - c:\program files\IObit\Advanced SystemCare 3\unins000.exe
AddRemove-Game Booster_is1 - c:\program files\IObit\Game Booster\unins000.exe


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\¬ *]
@Allowed: (Read) (RestrictedCode)
DUMPHIVE0.003 (REGF)

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\taskhost.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\UI0Detect.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2010-12-25 19:41:32 - machine was rebooted
ComboFix-quarantined-files.txt 2010-12-25 18:41
ComboFix2.txt 2010-12-25 15:13

Pre-Run: 9 574 830 080 bájt szabad
Post-Run: 9 316 921 344 bájt szabad

- - End Of File - - 37758D8C260D3F4ADD73BD0E75592F93


szomb. dec. 25, 2010 19:48
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. dec. 25, 2010 16:35
Hozzászólások: 27
Hozzászólás Re: STELL Segit
Köszönöm a gyors segitséget
http://www.virustotal.com/file-scan/reanalysis.html?id=7a9fc8377004ec0292f13a3ea9b1d9b47b48f3076d6cf652ff5d9118ab3ed876-1293300996
megcsinal mindjart a CFScriptes dolgot. és irog a logot.


szomb. dec. 25, 2010 19:21
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
igen, van ot egy par szöcske. :wink:
1:Letelepíteni a gépről
c:\program files\AskBarDis

2: kikapcsolni a Windows Defender>>pajzsat. ot van ez ESET.
3:Letesztelni a http://www.virustotal.com
c:\program files\FreeApps\FreeApps.exe
a linket tedd ide.

Kinyitunk - Notepadot (Jegyzetfüzetet)igy: Start>futtatás>beírod: notepad
és bemásolod- a Kód: címszó alatt található zöld textet(Kód: szó nélkül), aztán a notepadba beillesztett textet elmentjük scriptnek az asztalra , úgy:- Fájl>Mentés Másként>Fájlnév>CFScript.txt>Fájl típusa>Minden fájl>Mentés.(Ásztálra),.Kész, az astalon lévő CFScript txt húzzunk rá a ComboFix ikonnyara. Es mostan megcsinalod eztett:
Kép
A combofix maga elindul es lehet hogy restartol es befejezi a scent.Amit majd ad tedd ide.
Kód:
KILLALL::
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"=-
"Start WingMan Profiler"=-
"DivXUpdate"=-
"Malwarebytes' Anti-Malware (reboot)"=-
"Malwarebytes' Anti-Malware"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
"msnmsgr"=-
"FreeApp"=-
Driver::
eixjgtaw
nmbqkg
Folder::
c:\users\BRUNO\AppData\Roaming\FlashGetBHO
c:\program files\IObit
File::
c:\program files\IObit\Advanced SystemCare 3\AWC.exe
DDS::
uStart Page = hxxp://google.flashget.com/
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download all by FlashGet3 - c:\users\BRUNO\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\BRUNO\AppData\Roaming\FlashGetBHO\GetUrl.htm
RegNull::
[HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\¬ *]


szomb. dec. 25, 2010 18:30
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. dec. 25, 2010 16:35
Hozzászólások: 27
Hozzászólás Re: STELL Segit
Sziasztok! Lenne egy olyanproblémám hogy elsődleges:kikapcsolásnál kékhalált kapok. Folyamatosan lassu a gép a pingen a játékokba állandoan felverődik 70röl 600-ra . Ezekkel 1hete még semmi problémám nemvolt.

ComboFix LOG:

ComboFix 10-12-24.01 - BRUNO 010.12.25. 15:52:34.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.36.1038.18.1024.348 [GMT 1:00]
Running from: c:\users\BRUNO\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
ADS - Windows: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\BRUNO\AppData\Roaming\edxLabs
c:\users\BRUNO\AppData\Roaming\edxLabs\PrivateServer_edxSilkroadLoader\PrivateServer_edxSilkroadLoader.ini
c:\windows\system32\arp.exe
D:\install.exe

.
((((((((((((((((((((((((( Files Created from 2010-11-25 to 2010-12-25 )))))))))))))))))))))))))))))))
.

2010-12-25 15:10 . 2010-12-25 15:10 -------- d-----w- c:\users\Mcx3-BRUNO-PC\AppData\Local\temp
2010-12-24 17:49 . 2010-12-24 17:49 -------- d-----w- c:\program files\FreeApps
2010-12-24 17:49 . 2010-12-24 17:49 -------- d-----w- c:\programdata\FreeApp
2010-12-24 17:49 . 2010-12-24 17:49 -------- d-----w- c:\users\BRUNO\AppData\Roaming\IObit
2010-12-24 17:47 . 2010-12-24 20:18 -------- d-----w- c:\program files\MyDefrag v4.3.1
2010-12-24 17:47 . 2010-05-21 11:11 475648 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.scr
2010-12-24 17:47 . 2010-05-21 11:11 1061888 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.exe
2010-12-23 20:58 . 2010-12-23 20:58 -------- d-----w- c:\users\BRUNO\AppData\Roaming\Malwarebytes
2010-12-23 20:58 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-23 20:58 . 2010-12-23 20:58 -------- d-----w- c:\programdata\Malwarebytes
2010-12-23 20:58 . 2010-12-23 20:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-23 20:58 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-23 09:29 . 2010-12-23 09:29 -------- d-----w- c:\program files\TeamViewer
2010-12-20 14:26 . 2010-12-20 14:26 -------- d-----w- c:\program files\LibUSB-Win32
2010-12-20 14:26 . 2007-03-20 10:33 28672 ----a-w- c:\windows\system32\drivers\libusb0.sys
2010-12-20 14:26 . 2007-03-20 10:33 43520 ----a-w- c:\windows\system32\libusb0.dll
2010-12-20 00:29 . 2005-12-31 23:12 -------- d-----w- c:\users\BRUNO\.shsh
2010-12-19 16:14 . 2010-12-19 16:18 -------- d-----w- c:\users\BRUNO\AppData\Local\Apple Computer
2010-12-19 16:14 . 2010-12-19 16:15 -------- d-----w- c:\users\BRUNO\AppData\Roaming\Apple Computer
2010-12-19 16:13 . 2010-12-19 16:13 -------- dc----w- c:\windows\system32\DRVSTORE
2010-12-19 16:13 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-12-19 16:13 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-12-19 16:13 . 2010-12-19 16:13 -------- d-----w- c:\program files\iPod
2010-12-19 16:13 . 2010-12-19 16:13 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-12-19 16:13 . 2010-12-19 16:13 -------- d-----w- c:\program files\iTunes
2010-12-19 16:11 . 2010-12-19 16:13 -------- d-----w- c:\programdata\Apple Computer
2010-12-19 16:11 . 2010-12-19 16:12 -------- d-----w- c:\program files\QuickTime
2010-12-19 16:06 . 2010-12-19 16:06 -------- d-----w- c:\users\BRUNO\AppData\Local\Apple
2010-12-19 16:06 . 2010-12-19 16:06 -------- d-----w- c:\program files\Apple Software Update
2010-12-19 16:05 . 2010-12-19 16:05 -------- d-----w- c:\program files\Bonjour
2010-12-19 16:04 . 2010-12-19 16:13 -------- d-----w- c:\program files\Common Files\Apple
2010-12-19 16:04 . 2010-12-19 16:06 -------- d-----w- c:\programdata\Apple
2010-12-10 18:50 . 2010-12-10 18:50 -------- d-----w- c:\program files\Common Files\Skype
2010-12-08 23:04 . 2009-03-18 15:35 26176 ---ha-w- c:\windows\system32\hamachi.sys
2010-12-08 23:04 . 2010-12-08 23:04 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-12-07 00:32 . 2010-12-07 00:32 54784 --sha-r- c:\windows\system32\dataclens.dll
2010-12-03 21:24 . 2010-12-24 18:27 -------- d-----w- c:\program files\WinPcap
2010-12-03 09:00 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8FC3961E-64B5-4614-87D6-1065C58460FA}\mpengine.dll
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-24 22:39 . 2010-09-10 20:31 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-11-19 12:32 . 2010-11-19 12:17 467702 ----a-w- C:\Uninstal.exe
2010-11-18 20:01 . 2009-08-18 10:30 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2010-11-18 20:01 . 2009-08-18 10:24 17816 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2010-11-18 16:50 . 2010-11-18 16:50 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-11-06 13:58 . 2010-11-06 13:58 49152 ----a-r- c:\users\BRUNO\AppData\Roaming\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe
2010-10-19 19:41 . 2010-10-19 19:41 34064 ----a-w- c:\windows\system32\lhacm.acm
2010-10-19 09:41 . 2010-07-19 14:21 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-15 21:50 . 2010-09-06 20:38 95232 ----a-w- C:\MuOnline.HU.exe
2010-10-14 00:36 . 2010-10-14 00:36 15451288 ----a-w- c:\windows\system32\xlive.dll
2010-10-14 00:36 . 2010-10-14 00:36 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2010-10-08 12:34 . 2010-10-08 12:34 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-10-07 11:23 . 2010-10-07 11:23 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-10-07 11:23 . 2010-10-07 11:23 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-10-07 11:23 . 2010-10-07 11:23 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-10-07 11:23 . 2010-10-07 11:23 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-09-28 14:44 . 2010-09-28 14:44 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-09-28 14:44 . 2010-09-28 14:44 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]

[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-26 08:32 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2010-04-27 08:08 2393184 ----a-w- c:\program files\DVDVideoSoftTB\tbDVDV.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Google Update"="c:\users\BRUNO\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-07-19 136176]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"FreeApp"="c:\program files\FreeApps\FreeApps.exe" [2010-12-24 814496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-07-12 74752]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-05-05 153672]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"VX1000"="c:\windows\vVX1000.exe" [2010-05-20 762736]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"PC Auto Shutdown"="c:\program files\PC Auto Shutdown\AutoShutdown.exe" [2010-02-18 1387520]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1164584]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-12-06 1910152]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R0 eixjgtaw;eixjgtaw;c:\windows\System32\drivers\muac.sys [x]
R0 nmbqkg;nmbqkg;c:\windows\System32\drivers\fqartc.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R3 netr73;RT73 vezeték nélküli USB LAN-kártyaillesztő Vista rendszerhez;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 WatAdminSvc;Windows aktiválási technológiák szolgáltatás;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-20 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-19 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\ASTRA32\ASTRA32.sys [2007-02-22 30864]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 1238408]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
S2 PCAutoShutdown_Service;PCAutoShutdown_Service;c:\program files\PC Auto Shutdown\ShutdownService.exe [2010-02-18 441624]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-09-27 240232]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-09-14 716024]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2007-03-20 28672]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-12-20 20952]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-08-21 66592]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
S3 yukonw7;NDIS6.2 miniport-illesztőprogram Marvell Yukon Ethernet-vezérlőhöz;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]

.
Contents of the 'Scheduled Tasks' folder

2010-12-25 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-12-24 15:19]

2010-12-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3237398822-3423884846-2355971879-1001Core.job
- c:\users\BRUNO\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-19 15:26]

2010-12-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3237398822-3423884846-2355971879-1001UA.job
- c:\users\BRUNO\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-19 15:26]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.flashget.com/
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download all by FlashGet3 - c:\users\BRUNO\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\BRUNO\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\BRUNO\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\BRUNO\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
Trusted Zone: kuaiche.com\software
TCP: {D46AD85E-962A-4B3A-AA44-576D14F44444} = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\BRUNO\AppData\Roaming\Mozilla\Firefox\Profiles\w4tpnptl.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Firesheep: firesheep@codebutler.com - %profile%\extensions\firesheep@codebutler.com
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
.
- - - - ORPHANS REMOVED - - - -

AddRemove-BDE - c:\program files\none\BDE\DeIsL1.isu
AddRemove-Ultimate Traffic for FS2004 (2007 Edition) - d:\program files\Microsoft Games\Flight Simulator 9\UnUT2004.exe


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:47,71,cd,64,d3,fd,1a,c7,91,d2,e7,3e,33,64,e1,2a,9c,09,59,22,7b,23,9a,
9b,c5,f1,ee,4d,2f,9d,93,c6,29,11,2d,01,11,e4,50,24,4a,07,d5,53,0e,0f,32,c5,\
"??"=hex:fb,f2,26,f0,54,10,94,92,e6,30,f1,7d,5e,5a,fd,00

[HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\Software\SecuROM\License information*]
"datasecu"=hex:67,d4,cf,47,af,8e,af,a7,49,d1,1a,1d,bd,38,68,e8,26,f6,08,7c,2a,
33,c4,45,b1,a9,fc,f6,0d,dc,1e,f4,8f,08,f5,a2,d1,ec,cb,7d,bf,82,bb,c7,55,ad,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98

[HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\¬ *]
@Allowed: (Read) (RestrictedCode)
DUMPHIVE0.003 (REGF)

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-12-25 16:13:12
ComboFix-quarantined-files.txt 2010-12-25 15:13

Pre-Run: 8 773 492 736 bájt szabad
Post-Run: 9 605 038 080 bájt szabad

- - End Of File - - 8F28742F9A9D8CFA61F214D223267028


szomb. dec. 25, 2010 16:38
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
üdv
olvasd mit írtam
viewtopic.php?f=15&p=971500#p971500


hétf. nov. 29, 2010 14:00
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: hétf. nov. 22, 2010 8:46
Hozzászólások: 21
Hozzászólás Re: STELL Segit
ha vki tudna segíteni az internet problémámon, azt nagyon megköszönném, megjavítottam a registryt is, mégsem tudom firssíteni a virusírtót, sem a firefoxot, skype-ot, steam-et használni...
nyitottam már egy külön topicot erről, oda várom a válaszokat
kérlek segítsetek, mert nagyon jó lenne, ha végre normálisan menne minden :(
köszi


hétf. nov. 29, 2010 13:30
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
Igen, így van ahogy Laci cimbora írja, ha ezek a szöcskék kellenek neked, akkor csak virtual box, és itt csinálsz velők amit akarsz, de nem tudom minek , kellenek ezek, neked.


kedd nov. 23, 2010 9:12
Profil Privát üzenet küldése Honlap
a fórum lelke
Avatar

Csatlakozott: szer. márc. 24, 2004 13:43
Hozzászólások: 11865
Tartózkodási hely: Budapest, Solymár
Hozzászólás Re: STELL Segit
Bár nem stell vagyok, de amit tudok, elmondom:

1. Nem minden vírusos, amit annak jelez, de ez fordítva igaz lehet.
2. Le kell ellenőrizni minden gyanús fájlt a virustotal.com -on. Ha ott 0/42 az eredmény, az némileg megnyugtató.
3. Minden vírusos (vagy gyanús) Keygen-t, Patch-et csak virtuális gépen szabad futtatni, és az eredményt visszamásolni.
4. Ha szükséges, ugyanide kell telepíteni a programot is, és itt futtatni a Patch-et. A módosított fájlokat visszamásolni az alapgépre. Összehasonlítani az eredeti (módosítatlan) fájlokkal (Total Commander-rel). Ha néhány bájtnál nagyobb egy-egy eltérés, újra vírusellenőrzés mindegyikre.
5. Csak ezután lehet menteni a változásokat, és futtatni az okosított programot az alapgépen.

stell azt fogja mondani, hogy ne warezolj, mert ráfázol előbb-utóbb. :D


vas. nov. 21, 2010 22:03
Profil Privát üzenet küldése
gyémánt tag
Avatar

Csatlakozott: szer. márc. 24, 2004 13:43
Hozzászólások: 2584
Tartózkodási hely: miskolc
Hozzászólás Re: STELL Segit
sziasztok,
Stell téged mint hozzáértőt szeretnélek kérdezni hogy felhomályosíts.
Hogyan tudom eldönteni valamiről hogy vírus vagy féreg vagy...
Ugye rengetek xyz.exe (mindenféle generátorok) van társítva mindenféle célból a programokhoz. Ezek többnyire a vírusellenőrző programok számára kártevőként van azonosítva, ami ránézésre nem mondható hogy valóban kártevő e.
Szóval mik azok a fontosabb lépések amit ilyenkor figyelni kell.
Tudsz ehhez mondani néhány jó tanácsot.
Én személy szerint a COMODO tűzfal és antivirust használom rezidens programoknak, és mit mondjak eléggé agresszivan mindenre rámondja hogy vírus vagy ...., de nem szívesen törlöm ki ezeket, mert még kellhetnek.

Köszi előre is a tanítást.
üdv
enero


vas. nov. 21, 2010 14:41
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. jún. 06, 2010 21:49
Hozzászólások: 33
Hozzászólás Re: STELL Segit
jó rendben értem.


csüt. szept. 16, 2010 17:39
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
De ez nem minden, kikel probalni aaz egerel kicserelni, masik gepbe kiprobalni, vagy esteleg eztet.
http://www.virus-stell.com/2010/04/viru ... ive-t.html

Ment e azelot<<<???ha nem akkor feltelepiteni az SP3-ast, es igy tovabb, lehet akar mi,,,


csüt. szept. 16, 2010 17:32
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. jún. 06, 2010 21:49
Hozzászólások: 33
Hozzászólás Re: STELL Segit
probáltam elosztóval is anélkül is. két USB van mindkettőbe probáltam de nem jó.


csüt. szept. 16, 2010 17:06
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
Ezt igy nem lehet megoldani,, kikel probalni mindent,
mas USB-hez kapcsolni, ha van tobb
Eloszto nelkul, at telepiteni a mobil drivereket, es igy tovabb,,


csüt. szept. 16, 2010 16:59
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. jún. 06, 2010 21:49
Hozzászólások: 33
Hozzászólás Re: STELL Segit
megcsináltam de semmi sem változott. ugyan ugy csak az egeret és billentyűzetet ismeri fel. semmi mást.


csüt. szept. 16, 2010 16:37
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
belepni az eszkozkezelobe, es tavolisd el az oszes USB-eszkozoket-restart es hagyad hogy a windows ujra telepitse okket.


csüt. szept. 16, 2010 16:23
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. jún. 06, 2010 21:49
Hozzászólások: 33
Hozzászólás Re: STELL Segit
nem lehet látni. ahogy bedugom ki irja h a windows nem tudja felismerni.


csüt. szept. 16, 2010 15:36
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
kapcsold a gephez a mobilt es nezd meg ha latni e az sajat gepben.


csüt. szept. 16, 2010 7:58
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. jún. 06, 2010 21:49
Hozzászólások: 33
Hozzászólás Re: STELL Segit
nem jó. ugyan ugy csak az egeret és a billentyüzetet ismeri fel. az USB elosztót pendrive-ot nem.


szer. szept. 15, 2010 19:56
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. jún. 06, 2010 21:49
Hozzászólások: 33
Hozzászólás Re: STELL Segit
nekem nincs futtatás hanem összefésülés van. azt megcsináltam de még nem inditottam ujra a gépet.


szer. szept. 15, 2010 19:29
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
Kinyitunk - Notepadot (Jegyzetfüzetet)igy: Start>futtatás>beírod: notepad
és bemásolod- a Kód: címszó alatt található zöld textet(Kód: szó nélkül), aztán a notepadba beillesztett textet elmentjük scriptnek az asztalra , úgy:- Fájl>Mentés Másként>Fájlnév>fix.reg>Fájl típusa>Minden fájl>Mentés.(Ásztálra),.Kész,
Jobb klik a fix.reg fajlora-futtatni mint rendszergazda-bele egyezel, ok, restart-kiprobalni:
Kód:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CDRom]
"AutoRun"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=-
"NoDriveAutoRun"=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=-
"NoDriveAutoRun"=-

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=-
"NoDriveAutoRun"=-


szer. szept. 15, 2010 19:22
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. jún. 06, 2010 21:49
Hozzászólások: 33
Hozzászólás Re: STELL Segit
ezt nem értem. hogy kell futtatni? hova másoljam be?


szer. szept. 15, 2010 19:18
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
Udv
Futtasd le ezt a scriptet, mint
fix.reg
restart es probald ki:
Kód:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CDRom]
"AutoRun"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=-
"NoDriveAutoRun"=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=-
"NoDriveAutoRun"=-

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=-
"NoDriveAutoRun"=-


szer. szept. 15, 2010 18:34
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. jún. 06, 2010 21:49
Hozzászólások: 33
Hozzászólás Re: STELL Segit
Szia Stell.
Van egy kis gondom az USB csatlakózóba bedugom a pendrive-ot vagy van ilyen Usb elosztóm és nem ismeri fel a telefon memoria kártyáját is csatlakoztattam de azt sem.
Mi lehet a baj?


szer. szept. 15, 2010 11:36
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
:D
Igen, mit csináljak veletek, :lol: amikkor latom, hogy nálatok nincsen egy komoly fórum,[a Terminal-forumot kiveve] ahol, tényleg értenek a a mai vírusokhoz,Es ez nekem a hobbim, a bort tedd el, a pincébe, mert lehet hogy a jövő évben megyek a Balatonra. :hm:
Nincsen mit, üdv.


szer. szept. 08, 2010 19:48
Profil Privát üzenet küldése Honlap
arany tag
Avatar

Csatlakozott: pén. ápr. 23, 2010 12:42
Hozzászólások: 140
Hozzászólás Re: STELL Segit
Rendben én se akarlak tovább nyaggatni. Tudom, hogy nem azért csinálod, de szívem szerint már megleptelek volna egy üveg borral vagy pezsgővel. Mindig készségesen segítesz itt mindenkinek és sok bajtól, bosszúságtól és fölösleges pénzkidobástól mentesz meg minket. köszönöm az újabb elsősegélyt és nem fenyegetésből mondom, de hallasz még felőlem, ha nem is ma, de a jövőben valamikor biztos. :twisted:
További szép estét.


szer. szept. 08, 2010 19:41
Profil Privát üzenet küldése
vas-tag

Csatlakozott: kedd szept. 07, 2010 21:16
Hozzászólások: 8
Hozzászólás Re: STELL Segit
Na kiírom ide is szóval a Combofix log:

ComboFix 10-09-07.01 - PALLAGI ZSOLT 010.09.08. 20:09:38.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.36.1038.18.511.315 [GMT 2:00]
Running from: c:\documents and settings\PALLAGI ZSOLT\Asztal\ComboFix.exe
Command switches used :: c:\documents and settings\PALLAGI ZSOLT\Asztal\WindowsXP-KB310994-SP2-Pro-BootDisk-HUN.exe
AV: ESET Smart Security 4.2 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Személyi tűzfal *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\ss3unstl.exe

.
((((((((((((((((((((((((( Files Created from 2010-08-08 to 2010-09-08 )))))))))))))))))))))))))))))))
.

2010-09-08 17:23 . 2010-09-08 16:36 52224 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\components\FFExternalAlert.dll
2010-09-08 17:23 . 2010-09-08 16:36 101376 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\components\RadioWMPCore.dll
2010-09-07 20:20 . 2010-09-07 20:20 -------- d-----w- c:\program files\trend micro
2010-09-07 20:20 . 2010-09-07 20:20 -------- d-----w- C:\rsit
2010-08-23 19:05 . 2010-08-23 19:05 -------- d--h--w- c:\windows\PIF

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-08 17:58 . 2010-06-08 20:58 -------- d-----w- c:\documents and settings\PALLAGI ZSOLT\Application Data\uTorrent
2010-08-12 17:57 . 2010-06-08 22:42 17728 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-11 20:23 . 2001-10-26 11:00 95768 ----a-w- c:\windows\system32\perfc00E.dat
2010-08-11 20:23 . 2001-10-26 11:00 439510 ----a-w- c:\windows\system32\perfh00E.dat
2010-08-03 08:13 . 2010-08-03 08:13 -------- d-----w- c:\documents and settings\PALLAGI ZSOLT\Application Data\DVDVideoSoftIEHelpers
2010-08-03 08:13 . 2010-06-09 22:41 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-06-30 12:33 . 2002-09-20 16:04 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:26 . 2002-09-20 16:05 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2002-09-20 15:41 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-23 07:59 . 2010-06-23 07:59 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-21 15:27 . 2001-10-26 11:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2001-10-26 11:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2010-06-08 19:59 744448 ----a-w- c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
2010-06-14 07:43 . 2002-09-20 16:04 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-13 10:08 . 2010-06-13 10:08 61440 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-26a72d79-n\decora-sse.dll
2010-06-13 10:08 . 2010-06-13 10:08 503808 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-5488d642-n\msvcp71.dll
2010-06-13 10:08 . 2010-06-13 10:08 499712 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-5488d642-n\jmc.dll
2010-06-13 10:08 . 2010-06-13 10:08 348160 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-5488d642-n\msvcr71.dll
2010-06-13 10:08 . 2010-06-13 10:08 12800 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-26a72d79-n\decora-d3d.dll
2010-06-12 08:16 . 2010-06-12 08:17 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-11 18:27 . 2010-06-08 20:02 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-06-09 322352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-04-26 2161480]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-10-06 5058560]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2010-06-09 07:29 322352 ----a-w- c:\program files\uTorrent\uTorrent.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010.04.26. 8:13 114984]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010.04.26. 8:13 810120]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010.06.23. 9:59 691696]
.
Contents of the 'Scheduled Tasks' folder

2010-09-08 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-06-15 20:18]
.
.
------- Supplementary Scan -------
.
IE: E&xportálás Microsoft Excel formátumba - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\documents and settings\PALLAGI ZSOLT\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - component: c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{ee4c73ff-7a1b-4330-acec-45e409118cc1}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{ee4c73ff-7a1b-4330-acec-45e409118cc1}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-CTFMON - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-08 20:19
Windows 5.1.2600 Szervizcsomag 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-09-08 20:23:25
ComboFix-quarantined-files.txt 2010-09-08 18:23

Pre-Run: 4 985 643 008 bájt szabad
Post-Run: 4 942 761 984 bájt szabad

WindowsXP-KB310994-SP2-Pro-BootDisk-HUN.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional - magyar" /fastdetect

- - End Of File - - BDD37C9742C3C8345CAE7938096E5F88




Ja igen aGyurma az nem én vagyok :gigalol:


A hozzászólást 1 alkalommal szerkesztették, utoljára patrasz szer. szept. 08, 2010 19:45-kor.



szer. szept. 08, 2010 19:39
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
Akkor meg ne babraljuk, ami mukodik aztat ugy kell hagyni, :D


szer. szept. 08, 2010 19:33
Profil Privát üzenet küldése Honlap
arany tag
Avatar

Csatlakozott: pén. ápr. 23, 2010 12:42
Hozzászólások: 140
Hozzászólás Re: STELL Segit
A baj az , hogy már megint esik az eső! :) Másrészről, hogy pár napja félbemaradt a gépem vizsgálata. G-mer folyton fagyott mikor menteni akartam a log-ot. Akkor kértél meg, hogy nézzem át eszközkezelőt nincs-e PIO módban a vezérlő. Onnan jutottunk ide. :P
Viszont azóta nem volt kékhalál mióta hagytam az alap hangkártya drivert amit a rendszer telepített fel magától kérdés nélkül.


szer. szept. 08, 2010 19:32
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
ok,az SPTD-driver ot van azok kozot, tehat a Daemon renben van, a masikat nem latom ott, tehat tilds le azt is, amejiknel sarga kerdojel, van, habar en nem szeretem a sarga kerdo jeleket,,akkor ha a hang , jo hagyad ugy,, :D ne telepitsd a codecot,,neked jo akkor nekem is, :wink:
Most akkor mia Baj??


szer. szept. 08, 2010 19:24
Profil Privát üzenet küldése Honlap
arany tag
Avatar

Csatlakozott: pén. ápr. 23, 2010 12:42
Hozzászólások: 140
Hozzászólás Re: STELL Segit
Pont belefért a képbe az összes, az AFD-vel kezdődik és a XDva359-el fejeződik be:

http://kepfeltoltes.co.hu/share-BFE7_4C87D1E1.html

Biztos, hogy kell nekem ez a codec? Mert én egy Sound Blaster Live! Value (CT 4670) hangkártyát használok nem az integráltat.


szer. szept. 08, 2010 19:18
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
http://www.realtek.com.tw/downloads/dow ... Down=false

hagyad letiltva, tolds le inen a codecot, az xp-re-telepitsd fel, aztan tavolitsd el a sarga AUDIOS drivert restart.
daemon, de a masik a kedojeles az Alcohole .
menj az eszkozkezelobe-febnt a tetejen Ful-megjelenites,-megjelenited a rejtet eszkozoket-kinyitod a nem plug and play-eszkozt es csinalj screenshotot.


szer. szept. 08, 2010 19:00
Profil Privát üzenet küldése Honlap
arany tag
Avatar

Csatlakozott: pén. ápr. 23, 2010 12:42
Hozzászólások: 140
Hozzászólás Re: STELL Segit
Igen van hang nálam. Itt egy kép a hangkártya eszközökről:

http://kepfeltoltes.co.hu/share-3F35_4C87C546.html

Igen fent van nekem a Daemon Tools Lite.

Engedélyeztem a sárga kérdőjeles dolgot és újraindítottam. Ugyanúgy kérdőjeles. Én úgy tudom, hogy az a videokártyának a része - házimozi rendszerhez - amit én nem használok. Azért gondoltam, hogyha nem működik akkor letiltom azzal nem ártok.

Szerk: Nagyon úgy fest a dolog, hogy az az integrált hangkártyának a drivere.
http://en.wikipedia.org/wiki/Intel_High ... tion_Audio


szer. szept. 08, 2010 18:31
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: STELL Segit
Nem ertem hogy miert van a masodlagos ide csatornan 5UDMA, csak 2-nek kene lenie,

sarga kerdojel,hang , enged meg es restart, ha meg mindig sarga lesz ott akkor ujra kel telepiteni a hang kartyadat, mert nem jo a driver,, mukodik egyaltalan a hang??

sarga kerdojel SCSSI ezek a Daemon Alcohool -emulatorok -e, felvan neked ezek telepitve??


szer. szept. 08, 2010 18:12
Profil Privát üzenet küldése Honlap
arany tag
Avatar

Csatlakozott: pén. ápr. 23, 2010 12:42
Hozzászólások: 140
Hozzászólás Re: STELL Segit
Itt vannak a képek:

http://kepfeltoltes.co.hu/share-A98C_4C87C1B0.html

http://kepfeltoltes.co.hu/share-A134_4C87C1B0.html


szer. szept. 08, 2010 17:58
Profil Privát üzenet küldése
Hozzászólások megjelenítése:  Rendezés  
Hozzászólás a témához   [ 774 hozzászólás ]  Oldal Előző  1 ... 11, 12, 13, 14, 15, 16  Következő

Ki van itt

Jelenlévő fórumozók: nincs regisztrált felhasználó valamint 12 vendég


Nem nyithatsz témákat ebben a fórumban.
Nem válaszolhatsz egy témára ebben a fórumban.
Nem szerkesztheted a hozzászólásaidat ebben a fórumban.
Nem törölheted a hozzászólásaidat ebben a fórumban.

Keresés:
Ugrás:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by ST Software for PTF.
Magyar fordítás © Magyar phpBB Közösség