Terminál Fórum https://forum.technokrata.hu/forum/ |
|
STELL Segit https://forum.technokrata.hu/forum/viewtopic.php?f=15&t=38893 |
Oldal: 14 / 16 |
Szerző: | stell [ kedd dec. 28, 2010 16:54 ] |
Hozzászólás témája: | Re: STELL Segit |
http://www.virus-stell.com/2010/08/root ... -tdl3.html Futtasd le, a TDSSkillert a logjat tedd ide |
Szerző: | bbbcars [ hétf. dec. 27, 2010 22:55 ] |
Hozzászólás témája: | Re: STELL Segit |
kékhalál nincs de leállitás kép bejön 5percig tölt és a gép kékkép gyorsan bevillan utána ujra indul. |
Szerző: | stell [ hétf. dec. 27, 2010 19:07 ] |
Hozzászólás témája: | Re: STELL Segit |
Na mi a helyzet a gépel??? |
Szerző: | bbbcars [ hétf. dec. 27, 2010 18:23 ] |
Hozzászólás témája: | Re: STELL Segit |
All processes killed ========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ deleted successfully. C:\Program Files\Winamp Toolbar\winamptb.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}\ deleted successfully. Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\Windows\Downloaded Program Files\gp.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. C:\Users\BRUNO\AppData\Roaming\IObit\Advanced SystemCare\Backup\Registry folder moved successfully. C:\Users\BRUNO\AppData\Roaming\IObit\Advanced SystemCare\Backup folder moved successfully. C:\Users\BRUNO\AppData\Roaming\IObit\Advanced SystemCare folder moved successfully. C:\Users\BRUNO\AppData\Roaming\IObit folder moved successfully. C:\Windows\System32\dataclens.dll moved successfully. ADS C:\ProgramData\TEMP:B6418BC9 deleted successfully. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe deleted successfully. ========== FILES ========== C:\Program Files\FlashGet Network\FlashGet 3\skin\international\default\sound folder moved successfully. C:\Program Files\FlashGet Network\FlashGet 3\skin\international\default\image folder moved successfully. C:\Program Files\FlashGet Network\FlashGet 3\skin\international\default folder moved successfully. C:\Program Files\FlashGet Network\FlashGet 3\skin\international folder moved successfully. C:\Program Files\FlashGet Network\FlashGet 3\skin folder moved successfully. C:\Program Files\FlashGet Network\FlashGet 3\FGResDetector_I\lang folder moved successfully. C:\Program Files\FlashGet Network\FlashGet 3\FGResDetector_I\image folder moved successfully. C:\Program Files\FlashGet Network\FlashGet 3\FGResDetector_I\data\tmp folder moved successfully. C:\Program Files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images folder moved successfully. C:\Program Files\FlashGet Network\FlashGet 3\FGResDetector_I\data folder moved successfully. C:\Program Files\FlashGet Network\FlashGet 3\FGResDetector_I folder moved successfully. C:\Program Files\FlashGet Network\FlashGet 3\dat folder moved successfully. C:\Program Files\FlashGet Network\FlashGet 3\config folder moved successfully. C:\Program Files\FlashGet Network\FlashGet 3 folder moved successfully. C:\Program Files\FlashGet Network folder moved successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: BRUNO ->Temp folder emptied: 42947214 bytes ->Temporary Internet Files folder emptied: 670536 bytes ->Java cache emptied: 3941887 bytes ->FireFox cache emptied: 51044890 bytes ->Google Chrome cache emptied: 214702789 bytes ->Flash cache emptied: 3393 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Mcx2-BRUNO-PC ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Mcx3-BRUNO-PC ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 26847918 bytes Total Files Cleaned = 324,00 mb [EMPTYFLASH] User: All Users User: BRUNO ->Flash cache emptied: 0 bytes User: Default User: Default User User: Mcx2-BRUNO-PC User: Mcx3-BRUNO-PC User: Public Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.18.0 log created on 12272010_181350 Files\Folders moved on Reboot... Registry entries deleted on Reboot... |
Szerző: | stell [ hétf. dec. 27, 2010 9:36 ] |
Hozzászólás témája: | Re: STELL Segit |
Futtasd az OTL=programot, az ablakjaba masold be a zld textet es , most klik RUNFIX a logot a restart utan tedd ide Kód: :OTL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\BRUNO\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll File not found O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.) [2010.12.24 18:49:20 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\AppData\Roaming\IObit [2010.12.07 01:32:31 | 000,054,784 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\System32\dataclens.dll @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:B6418BC9 :reg [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" =- :files C:\Program Files\FlashGet Network :Commands [resethosts] [emptytemp] [clearallrestorepoints] [start explorer] [EMPTYFLASH] [Reboot] |
Szerző: | bbbcars [ vas. dec. 26, 2010 17:49 ] |
Hozzászólás témája: | Re: STELL Segit |
3.-dik részlet OTL-böl ========== LOP Check ========== [2010.11.03 21:33:16 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\BitDefender [2010.11.20 00:40:45 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\BITS [2010.10.07 19:24:21 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\BSplayer [2010.10.07 19:10:26 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\BSplayer Pro [2010.07.19 15:26:11 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\DAEMON Tools Lite [2010.08.17 16:25:36 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Datel [2010.09.19 01:22:16 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\DVDVideoSoftIEHelpers [2010.07.22 14:21:59 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\FlashGet [2010.08.17 17:38:06 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\GameTuts [2010.10.05 17:32:17 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\ImgBurn [2010.12.24 18:49:20 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\IObit [2010.11.21 14:17:49 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\New Technology Studio [2010.11.14 02:20:26 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Sinvise Systems [2010.10.20 19:49:24 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\SystemRequirementsLab [2010.10.27 21:12:31 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Tunngle [2006.01.01 00:12:57 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\uTorrent [2010.12.20 06:17:31 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s > "DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) "msnmsgr" = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background -- [2010.04.16 21:11:38 | 003,872,080 | ---- | M] (Microsoft Corporation) < c:\windows\*.* /U > < %SYSTEMDRIVE%\*.exe > [2010.10.15 22:50:16 | 000,095,232 | ---- | M] (MuOnline.HU Team) -- C:\MuOnline.HU.exe [2010.11.19 13:32:36 | 000,467,702 | ---- | M] () -- C:\Uninstal.exe < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.08.19 11:34:12 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Adobe [2010.12.19 17:15:14 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Apple Computer [2010.11.03 21:33:16 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\BitDefender [2010.11.20 00:40:45 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\BITS [2010.10.07 19:24:21 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\BSplayer [2010.10.07 19:10:26 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\BSplayer Pro [2010.07.19 15:26:11 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\DAEMON Tools Lite [2010.08.17 16:25:36 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Datel [2010.11.03 19:49:21 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\DivX [2010.09.19 01:22:16 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\DVDVideoSoftIEHelpers [2010.07.22 14:21:59 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\FlashGet [2010.08.17 17:38:06 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\GameTuts [2010.07.19 14:34:09 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Identities [2010.10.05 17:32:17 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\ImgBurn [2010.10.23 09:57:51 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\InstallShield [2010.12.24 18:49:20 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\IObit [2010.07.19 15:46:12 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Macromedia [2010.12.23 21:58:30 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Malwarebytes [2009.07.14 09:38:50 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Media Center Programs [2010.12.11 01:01:18 | 000,000,000 | --SD | M] -- C:\Users\BRUNO\AppData\Roaming\Microsoft [2010.08.11 12:20:35 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Mozilla [2010.11.21 14:17:49 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\New Technology Studio [2010.09.16 15:42:09 | 000,000,000 | RH-D | M] -- C:\Users\BRUNO\AppData\Roaming\SecuROM [2010.11.14 02:20:26 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Sinvise Systems [2010.12.24 18:28:30 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Skype [2010.12.24 17:46:29 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\skypePM [2010.10.20 19:49:24 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\SystemRequirementsLab [2010.10.22 19:23:57 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\teamspeak2 [2010.10.27 21:12:31 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Tunngle [2006.01.01 00:12:57 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\uTorrent [2010.12.16 22:45:12 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\vlc [2010.09.27 19:57:48 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Winamp [2010.07.19 16:53:44 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\WinRAR [2010.11.04 22:45:19 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\Xfire < %APPDATA%\*.exe /s > [2009.08.11 20:21:26 | 000,087,552 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe [2009.08.11 20:21:30 | 000,090,112 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe [2010.03.22 13:52:04 | 000,697,690 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe [2010.02.23 16:01:52 | 001,185,871 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\BSplayer\FFDShow\unins000.exe [2010.08.14 09:42:54 | 000,113,152 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe [2010.08.14 09:45:10 | 000,358,400 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe [2010.08.14 09:42:06 | 000,137,728 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe [2010.09.30 14:30:22 | 000,042,305 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe [2010.09.08 15:00:09 | 000,005,310 | R--- | M] () -- C:\Users\BRUNO\AppData\Roaming\Microsoft\Installer\{27F6403E-6540-4431-B18E-B0BE2C253A9B}\icon64.exe [2010.11.06 14:58:21 | 000,049,152 | R--- | M] (InstallShield Software Corp.) -- C:\Users\BRUNO\AppData\Roaming\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe [2010.11.16 19:33:50 | 000,010,134 | R--- | M] () -- C:\Users\BRUNO\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe [2010.10.21 20:12:40 | 003,920,702 | ---- | M] () -- C:\Users\BRUNO\AppData\Roaming\Mozilla\Firefox\Profiles\w4tpnptl.default\extensions\firesheep@codebutler.com\platform\WINNT_x86-msvc\firesheep-backend.exe < MD5 for: AGP440.SYS > [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\ERDNT\cache\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys < MD5 for: AUTOCHK.EXE > [2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe [2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe < MD5 for: CDROM.SYS > [2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys [2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys [2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache\cngaudit.dll [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: CRYPTSVC.DLL > [2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\ERDNT\cache\cryptsvc.dll [2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\System32\cryptsvc.dll [2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll < MD5 for: EXPLORER.EXE > [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\ERDNT\cache\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe < MD5 for: HAL.DLL > [2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll [2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll < MD5 for: IASTORV.SYS > [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys < MD5 for: ISAPNP.SYS > [2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys [2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\isapnp.sys [2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys < MD5 for: LSASS.EXE > [2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\ERDNT\cache\lsass.exe [2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe [2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe [2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe [2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe < MD5 for: NDIS.SYS > [2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\ERDNT\cache\ndis.sys [2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys [2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys < MD5 for: NETLOGON.DLL > [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache\netlogon.dll [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVRAID.SYS > [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\drivers\nvraid.sys [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys < MD5 for: NVSTOR.SYS > [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache\scecli.dll [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll < MD5 for: SMSS.EXE > [2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe [2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe < MD5 for: SVCHOST.EXE > [2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe [2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe [2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe < MD5 for: TCPIP.SYS > [2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys [2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys [2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\ERDNT\cache\tcpip.sys [2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\System32\drivers\tcpip.sys [2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys < MD5 for: USERINIT.EXE > [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WINLOGON.EXE > [2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe [2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe [2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < MD5 for: WS2_32.DLL > [2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\ERDNT\cache\ws2_32.dll [2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll [2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2010.12.07 01:32:31 | 000,054,784 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\System32\dataclens.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > [2010.07.19 15:01:16 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > [2010.12.07 01:32:31 | 000,054,784 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\System32\dataclens.dll < reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c > < reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c > HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs < reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c > HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs < %systemroot%\system32\drivers\*.sys /3 > < %systemroot%\system32\*.* /3 > [2010.12.26 11:15:33 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.12.26 11:15:33 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.12.26 03:25:50 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat [2010.12.26 17:06:27 | 000,118,438 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.12.26 17:06:27 | 000,166,534 | ---- | M] () -- C:\Windows\System32\perfc00E.dat [2010.12.26 17:06:27 | 000,647,308 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.12.26 17:06:27 | 000,676,678 | ---- | M] () -- C:\Windows\System32\perfh00E.dat [2010.12.26 17:06:27 | 001,606,526 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI ========== Alternate Data Streams ========== @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:B6418BC9 |
Szerző: | bbbcars [ vas. dec. 26, 2010 17:48 ] |
Hozzászólás témája: | Re: STELL Segit |
========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch IE - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: firesheep@codebutler.com:0.1 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.24 04:59:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.24 04:59:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.11.07 02:52:21 | 000,000,000 | ---D | M] [2010.08.11 12:20:35 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\mozilla\Extensions [2010.08.11 12:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BRUNO\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2010.12.24 05:09:43 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\mozilla\Firefox\Profiles\w4tpnptl.default\extensions [2010.08.20 14:48:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BRUNO\AppData\Roaming\mozilla\Firefox\Profiles\w4tpnptl.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.12.03 22:21:08 | 000,000,000 | ---D | M] -- C:\Users\BRUNO\AppData\Roaming\mozilla\Firefox\Profiles\w4tpnptl.default\extensions\firesheep@codebutler.com [2010.08.11 12:20:17 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010.12.24 04:59:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2010.12.24 04:59:26 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll [2010.12.24 04:59:26 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll [2010.12.24 04:59:28 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll [2008.06.11 21:45:28 | 000,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll [2010.12.19 17:12:11 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll [2010.12.19 17:12:11 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll [2010.12.19 17:12:11 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll [2010.12.19 17:12:11 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll [2010.12.19 17:12:12 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll [2010.12.19 17:12:12 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll [2010.12.19 17:12:12 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll [2010.07.23 01:53:36 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml [2010.07.23 01:53:36 | 000,000,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml [2010.07.23 01:53:36 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml [2010.07.23 01:53:36 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\polymeta.xml [2010.07.23 01:53:36 | 000,001,628 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\sztaki-en-hu.xml [2010.07.23 01:53:36 | 000,000,974 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\vatera.xml [2010.07.23 01:53:36 | 000,001,189 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-hu.xml O1 HOSTS File: ([2010.12.25 19:38:33 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\BRUNO\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll File not found O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [PC Auto Shutdown] C:\Program Files\PC Auto Shutdown\AutoShutdown.exe (GoldSolution Software, Inc.) O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Free YouTube Download - C:\Users\BRUNO\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\BRUNO\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O9 - Extra Button: Küldés blogba - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Küldés blogba a Windows Live Writer programmal - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000052 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000054 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000055 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000056 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000057 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000060 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000061 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000062 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000063 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000064 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000065 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000066 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O15 - HKU\S-1-5-21-3237398822-3423884846-2355971879-1001\..Trusted Domains: kuaiche.com ([software] http in Trusted sites) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/Messenger ... E_UNO1.cab (UnoCtrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.) O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010.01.19 14:29:50 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 14 Days ========== [2010.12.26 16:52:51 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\BRUNO\Desktop\OTL.exe [2010.12.25 21:27:02 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\Desktop\1287485256_Mercedes Benz Sprinter truck [2010.12.25 21:27:00 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\Desktop\1286274720_DAFxf105 [2010.12.25 21:26:58 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\Desktop\1286274752_bode [2010.12.25 21:26:55 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\Desktop\1284729396_Renault Magnum with Trailer [2010.12.25 19:41:34 | 000,000,000 | ---D | C] -- C:\Windows\temp [2010.12.25 19:41:02 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2010.12.25 19:17:52 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2010.12.25 15:49:40 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2010.12.25 15:49:40 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2010.12.25 15:49:40 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2010.12.25 15:49:31 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2010.12.25 15:48:18 | 000,000,000 | ---D | C] -- C:\Qoobox [2010.12.24 18:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\FreeApps [2010.12.24 18:49:47 | 000,000,000 | ---D | C] -- C:\ProgramData\FreeApp [2010.12.24 18:49:20 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\AppData\Roaming\IObit [2010.12.24 18:48:13 | 010,160,048 | ---- | C] (IObit ) -- C:\Users\BRUNO\Desktop\asc-setup.exe [2010.12.24 18:47:07 | 001,061,888 | ---- | C] (J.C. Kessels) -- C:\Windows\System32\MyDefragScreenSaver_v4.3.1.exe [2010.12.24 18:47:07 | 000,475,648 | ---- | C] (J.C. Kessels) -- C:\Windows\System32\MyDefragScreenSaver_v4.3.1.scr [2010.12.24 18:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\MyDefrag v4.3.1 [2010.12.24 18:46:28 | 002,082,630 | ---- | C] (J.C. Kessels ) -- C:\Users\BRUNO\Desktop\MyDefrag-v4.3.1.exe [2010.12.24 02:46:19 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\Desktop\Asztal [2010.12.23 21:58:30 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\AppData\Roaming\Malwarebytes [2010.12.23 21:58:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.12.23 21:58:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.12.23 21:58:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.12.23 21:58:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010.12.23 10:29:52 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2010.12.21 15:20:07 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010.12.20 15:26:59 | 000,043,520 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusb0.dll [2010.12.20 15:26:59 | 000,028,672 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\drivers\libusb0.sys [2010.12.20 15:26:59 | 000,000,000 | ---D | C] -- C:\Program Files\LibUSB-Win32 [2010.12.20 01:29:45 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\.shsh [2010.12.19 17:14:06 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\AppData\Roaming\Apple Computer [2010.12.19 17:14:06 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\AppData\Local\Apple Computer [2010.12.19 17:13:50 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll [2010.12.19 17:13:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2010.12.19 17:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2010.12.19 17:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010.12.19 17:13:25 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010.12.19 17:11:52 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2010.12.19 17:11:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2010.12.19 17:06:43 | 000,000,000 | ---D | C] -- C:\Users\BRUNO\AppData\Local\Apple [2010.12.19 17:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2010.12.19 17:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2010.12.19 17:04:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2010.12.19 17:04:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2010.12.15 16:17:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.12.15 16:17:30 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.12.15 16:17:28 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.12.15 16:17:28 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.12.15 16:17:28 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.12.15 16:17:28 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.12.15 16:17:28 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.12.15 16:17:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.12.15 16:17:28 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.12.15 16:17:28 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.12.15 16:17:28 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010.12.15 16:17:28 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.12.15 16:17:24 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010.12.15 16:17:24 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010.12.15 16:17:24 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010.12.15 16:17:24 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe [2010.12.15 16:17:23 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.12.15 16:17:23 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.12.15 16:17:21 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll [2010.12.15 16:17:20 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010.12.15 16:17:18 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys ========== Files - Modified Within 14 Days ========== [2010.12.26 17:06:27 | 000,676,678 | ---- | M] () -- C:\Windows\System32\perfh00E.dat [2010.12.26 17:06:27 | 000,647,308 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.12.26 17:06:27 | 000,166,534 | ---- | M] () -- C:\Windows\System32\perfc00E.dat [2010.12.26 17:06:27 | 000,118,438 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.12.26 16:36:27 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3237398822-3423884846-2355971879-1001UA.job [2010.12.26 13:35:41 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\BRUNO\Desktop\OTL.exe [2010.12.26 11:15:33 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.12.26 11:15:33 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.12.26 11:08:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.12.26 11:07:58 | 804,954,112 | -HS- | M] () -- C:\hiberfil.sys [2010.12.26 03:25:50 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat [2010.12.25 21:26:43 | 001,168,208 | ---- | M] () -- C:\Users\BRUNO\Desktop\1287485256_Mercedes Benz Sprinter truck.rar [2010.12.25 21:25:16 | 000,869,159 | ---- | M] () -- C:\Users\BRUNO\Desktop\1286274720_DAFxf105.rar [2010.12.25 21:25:12 | 001,694,689 | ---- | M] () -- C:\Users\BRUNO\Desktop\1286274752_bode.rar [2010.12.25 21:24:56 | 002,577,462 | ---- | M] () -- C:\Users\BRUNO\Desktop\1284729396_Renault Magnum with Trailer.rar [2010.12.25 21:23:00 | 000,137,207 | ---- | M] () -- C:\Users\BRUNO\Desktop\mercedesbenzategoroyalmail.zip [2010.12.25 20:36:01 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3237398822-3423884846-2355971879-1001Core.job [2010.12.25 19:38:33 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2010.12.25 15:47:13 | 003,998,064 | R--- | M] () -- C:\Users\BRUNO\Desktop\ComboFix.exe [2010.12.25 11:01:39 | 000,000,826 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2010.12.24 18:49:56 | 000,000,971 | ---- | M] () -- C:\Users\BRUNO\Desktop\FreeApps.lnk [2010.12.24 18:49:23 | 000,001,207 | ---- | M] () -- C:\Users\BRUNO\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk [2010.12.24 18:49:23 | 000,001,183 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk [2010.12.24 18:49:23 | 000,000,135 | ---- | M] () -- C:\Users\BRUNO\Desktop\IObit Freeware.url [2010.12.24 18:48:48 | 010,160,048 | ---- | M] (IObit ) -- C:\Users\BRUNO\Desktop\asc-setup.exe [2010.12.24 18:47:08 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\MyDefrag.lnk [2010.12.24 18:46:45 | 002,082,630 | ---- | M] (J.C. Kessels ) -- C:\Users\BRUNO\Desktop\MyDefrag-v4.3.1.exe [2010.12.24 04:13:35 | 000,011,123 | ---- | M] () -- C:\Users\BRUNO\Documents\makesig.jpg [2010.12.23 21:58:15 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.12.23 10:30:01 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk [2010.12.20 23:37:13 | 000,000,907 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.umbrella [2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.12.19 17:13:54 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2010.12.19 17:12:01 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2010.12.19 16:57:24 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2010.12.16 22:36:48 | 000,000,041 | -HS- | M] () -- C:\ProgramData\.zreglib [2010.12.16 20:34:59 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\CloneCD.lnk [2010.12.16 07:57:39 | 000,418,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.12.16 02:36:32 | 000,002,401 | ---- | M] () -- C:\Users\BRUNO\Desktop\Google Chrome.lnk [2010.12.14 20:53:25 | 004,698,112 | ---- | M] () -- C:\Users\BRUNO\Documents\E00000EB484C316F ========== Files Created - No Company Name ========== [2010.12.25 21:26:42 | 001,168,208 | ---- | C] () -- C:\Users\BRUNO\Desktop\1287485256_Mercedes Benz Sprinter truck.rar [2010.12.25 21:25:16 | 000,869,159 | ---- | C] () -- C:\Users\BRUNO\Desktop\1286274720_DAFxf105.rar [2010.12.25 21:25:10 | 001,694,689 | ---- | C] () -- C:\Users\BRUNO\Desktop\1286274752_bode.rar [2010.12.25 21:24:55 | 002,577,462 | ---- | C] () -- C:\Users\BRUNO\Desktop\1284729396_Renault Magnum with Trailer.rar [2010.12.25 21:23:11 | 000,137,207 | ---- | C] () -- C:\Users\BRUNO\Desktop\mercedesbenzategoroyalmail.zip [2010.12.25 15:49:40 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2010.12.25 15:49:40 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2010.12.25 15:49:40 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2010.12.25 15:49:40 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2010.12.25 15:49:40 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2010.12.25 15:46:48 | 003,998,064 | R--- | C] () -- C:\Users\BRUNO\Desktop\ComboFix.exe [2010.12.24 18:49:56 | 000,000,971 | ---- | C] () -- C:\Users\BRUNO\Desktop\FreeApps.lnk [2010.12.24 18:49:23 | 000,001,207 | ---- | C] () -- C:\Users\BRUNO\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk [2010.12.24 18:49:23 | 000,001,183 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk [2010.12.24 18:49:23 | 000,000,135 | ---- | C] () -- C:\Users\BRUNO\Desktop\IObit Freeware.url [2010.12.24 18:47:08 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\MyDefrag.lnk [2010.12.24 04:13:35 | 000,011,123 | ---- | C] () -- C:\Users\BRUNO\Documents\makesig.jpg [2010.12.23 21:58:15 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.12.23 10:30:01 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk [2010.12.19 17:13:54 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2010.12.19 17:12:01 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2010.12.19 16:57:24 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2010.12.16 20:38:53 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.12.07 01:32:31 | 000,054,784 | RHS- | C] () -- C:\Windows\System32\dataclens.dll [2010.11.17 21:57:27 | 000,000,075 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat [2010.10.19 19:10:43 | 000,057,344 | ---- | C] () -- C:\Windows\System32\zlib1i.dll [2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2010.10.07 19:10:54 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010.10.07 19:10:54 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010.09.10 21:33:33 | 000,000,826 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010.08.24 20:04:18 | 000,000,110 | ---- | C] () -- C:\Windows\System32\RichardBurnsRally.ini [2010.08.23 12:09:44 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll [2010.08.16 02:16:26 | 000,000,110 | ---- | C] () -- C:\Windows\System32\winsden.dll [2010.08.10 01:46:18 | 000,007,593 | ---- | C] () -- C:\Users\BRUNO\AppData\Local\Resmon.ResmonCfg [2010.07.28 20:36:43 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.07.22 15:44:44 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010.07.22 15:44:44 | 000,022,328 | ---- | C] () -- C:\Users\BRUNO\AppData\Roaming\PnkBstrK.sys [2010.07.22 15:44:19 | 000,000,294 | ---- | C] () -- C:\Windows\game.ini [2010.07.22 14:22:07 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI [2010.07.19 15:01:16 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010.07.09 20:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2010.06.25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll [2010.05.20 14:27:26 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini [2009.08.03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2005.12.13 07:17:50 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll [2002.12.19 20:04:56 | 003,050,298 | ---- | C] () -- C:\Windows\System32\PDFREPORT_XP.dll |
Szerző: | bbbcars [ vas. dec. 26, 2010 17:46 ] |
Hozzászólás témája: | Re: STELL Segit |
OTL logfile created on: 2010.12.26. 17:17:38 - Run 2 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\BRUNO\Desktop An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040e | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd. 1 024,00 Mb Total Physical Memory | 269,00 Mb Available Physical Memory | 26,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 52,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 39,06 Gb Total Space | 8,75 Gb Free Space | 22,41% Space Free | Partition Type: NTFS Drive D: | 114,32 Gb Total Space | 13,24 Gb Free Space | 11,58% Space Free | Partition Type: NTFS Drive F: | 39,06 Gb Total Space | 12,23 Gb Free Space | 31,31% Space Free | Partition Type: NTFS Drive G: | 109,98 Gb Total Space | 4,55 Gb Free Space | 4,13% Space Free | Partition Type: NTFS Computer Name: BRUNO-PC | User Name: BRUNO | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days ========== Processes (SafeList) ========== PRC - [2010.12.26 13:35:41 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\BRUNO\Desktop\OTL.exe PRC - [2010.12.20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2010.12.09 00:28:23 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Users\BRUNO\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2010.12.07 11:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2010.12.06 08:31:52 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2010.12.06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2010.10.16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.09.14 11:47:24 | 000,716,024 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files\Tunngle\TnglCtrl.exe PRC - [2010.08.12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET NOD32 Antivirus\ekrn.exe PRC - [2010.08.12 14:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET NOD32 Antivirus\egui.exe PRC - [2010.05.20 14:27:24 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe PRC - [2010.05.20 14:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe PRC - [2010.04.16 17:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe PRC - [2010.04.12 09:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE PRC - [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2010.02.18 15:13:02 | 000,441,624 | ---- | M] (GoldSolution Software, Inc.) -- C:\Program Files\PC Auto Shutdown\ShutdownService.exe PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.09.27 16:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009.01.29 23:20:49 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe PRC - [2008.04.16 19:18:12 | 002,516,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe ========== Modules (SafeList) ========== MOD - [2010.12.26 13:35:41 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\BRUNO\Desktop\OTL.exe MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2009.07.14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll MOD - [2009.07.14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009.07.14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009.07.14 02:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009.07.14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009.07.14 02:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll MOD - [2009.07.14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009.07.14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009.07.14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009.07.14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll ========== Win32 Services (SafeList) ========== SRV - [2010.12.20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010.12.07 11:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2010.12.06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010.10.16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.09.14 11:47:24 | 000,716,024 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2010.08.12 14:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2010.08.12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2010.07.20 13:43:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010.06.25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2010.05.20 14:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc) SRV - [2010.03.18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2010.03.18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpActivator) SRV - [2010.03.18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetPipeActivator) SRV - [2010.03.18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetMsmqActivator) SRV - [2010.02.18 15:13:02 | 000,441,624 | ---- | M] (GoldSolution Software, Inc.) [Auto | Running] -- C:\Program Files\PC Auto Shutdown\ShutdownService.exe -- (PCAutoShutdown_Service) SRV - [2009.09.27 16:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2009.07.14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009.07.14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009.07.14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009.07.14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009.07.14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009.07.14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009.07.14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.07.14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009.07.14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009.07.14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009.07.14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Telepítő (AxInstSV) SRV - [2009.07.14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\BRUNO\AppData\Local\Temp\catchme.sys -- (catchme) DRV - [2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2010.07.29 13:31:26 | 000,136,632 | ---- | M] (ESET) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2010.07.29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010.07.29 13:31:26 | 000,096,920 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2010.07.19 15:01:16 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010.06.25 18:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF) DRV - [2010.05.20 14:27:26 | 001,961,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000) DRV - [2010.04.27 15:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2010.04.27 15:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2010.04.27 15:57:24 | 000,031,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmHidLo.sys -- (WmHidLo) DRV - [2010.04.27 15:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2010.04.27 13:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter) DRV - [2010.04.12 09:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu) DRV - [2010.02.03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2009.12.11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009.09.28 00:12:22 | 009,509,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009.09.16 07:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle) DRV - [2009.08.21 21:24:03 | 000,066,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009.07.14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009.07.14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus) DRV - [2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt) DRV - [2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus) DRV - [2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009.07.14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt) DRV - [2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci) DRV - [2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UmPass) DRV - [2009.07.14 00:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB audio-illesztőprogram (WDM) DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID) DRV - [2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap) DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID) DRV - [2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM) DRV - [2009.07.13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009.07.13 23:02:53 | 000,545,792 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr73.sys -- (netr73) DRV - [2009.07.13 23:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2009.02.17 18:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2007.12.21 08:20:14 | 000,030,216 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\easdrv.sys -- (easdrv) DRV - [2007.03.20 11:33:26 | 000,028,672 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0) DRV - [2007.02.22 11:28:48 | 000,030,864 | ---- | M] (Licensed for Sysinfo Lab) [Kernel | Auto | Running] -- C:\Program Files\ASTRA32\astra32.sys -- (ASTRA32) DRV - [2007.02.16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2005.11.03 15:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x) DRV - [2005.08.10 15:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x) DRV - [2005.08.10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2005.05.16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) |
Szerző: | bbbcars [ vas. dec. 26, 2010 17:41 ] |
Hozzászólás témája: | Re: STELL Segit |
Extra Log: OTL Extras logfile created on: 2010.12.26. 17:17:38 - Run 2 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\BRUNO\Desktop An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040e | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd. 1 024,00 Mb Total Physical Memory | 269,00 Mb Available Physical Memory | 26,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 52,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 39,06 Gb Total Space | 8,75 Gb Free Space | 22,41% Space Free | Partition Type: NTFS Drive D: | 114,32 Gb Total Space | 13,24 Gb Free Space | 11,58% Space Free | Partition Type: NTFS Drive F: | 39,06 Gb Total Space | 12,23 Gb Free Space | 31,31% Space Free | Partition Type: NTFS Drive G: | 109,98 Gb Total Space | 4,55 Gb Free Space | 4,13% Space Free | Partition Type: NTFS Computer Name: BRUNO-PC | User Name: BRUNO | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{16B07D27-7A78-4C25-B76A-6EDB751B18CA}" = Windows Live Movie Maker "{19D26A2C-D822-484F-908F-34EA2FB8852E}" = Shutdown Timer "{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live feltöltőeszköz "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{257A92C3-7E41-4678-9144-6920F4289D0F}" = Windows Live Messenger "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21 "{27F6403E-6540-4431-B18E-B0BE2C253A9B}" = Stílus Mánia "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{408A2284-6037-46D9-8EA5-D5173CED3DB3}" = Windows Live Fotótár "{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™ 2 Házi kedvenc "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4EDD761B-5253-4CD1-A309-9DFEE960E344}" = Logitech Gaming Software 5.09 "{51D199F4-5593-4BC9-B2A5-BB1CDE0C894A}" = aerosoft's - Mega Airport Paris CDG "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Trendi Tini Cuccok "{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2 "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam "{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = The Sims™ 2 Konyhai és Fürdőszobai Lakberendezési Cuccok "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Álomotthon Cuccok "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Megnyitottunk – Vár az üzlet! "{7F9783DE-C0E9-4971-AE44-D34A2E03F877}" = Windows Live Writer "{80DB2577-43E3-4C34-00AF-0D7967B942C9}" = The Sims 2 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = The Sims™ 2 Divatos H&M® Cuccok "{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 Szabadidő "{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 Egyetem "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{92C7D009-A464-4948-A980-7A3E28CB2F49}" = Richard Burns Rally "{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X "{99A98C71-A900-44E7-AD98-70E6368FB4D0}" = Windows Live Essentials "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims™ 2 Csilli-villi Cuccok "{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{B2F4835F-346A-35FF-9B5F-1360B559310E}" = Microsoft .NET Framework 4 Extended HUN Language Pack "{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation "{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Nagyvárosi Élet "{BB6BE4FE-E508-4ED8-8C63-8C98187842D5}" = ESET NOD32 Antivirus "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3 "{C0A6901F-C919-47A3-A4D9-E2056314086B}" = aerosoft's - London Heathrow 2008 "{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D86B6E8D-F224-4BB6-B959-C8EDC5300B5D}" = aerosoft's - Mega Airport Stockholm Arlanda "{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Évszakok "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = The Sims™ 2 Bulis! Cuccok "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{EE7D2735-9566-4E60-95AD-44282A7362BE}_is1" = Aerosoft - Gibraltar FS2004 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F1566481-372B-422E-8181-ABAA88A80FC1}" = Windows Live Sync "{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Jó utat! "{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner "{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Éjszakák "{FD031145-2925-3FEF-9A4E-64047AAD8951}" = Microsoft .NET Framework 4 Client Profile HUN Language Pack "737-300 Pilot in Command" = 737-300 Pilot in Command "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AnalogX FastCache" = AnalogX FastCache "ASTRA32_is1" = ASTRA32 - Advanced System Information Tool 2.06 "Bonus Dice Special Edition (rw005)" = Bonus Dice Special Edition (rw005) "BSPlayerf" = BS.Player FREE "CloneCD" = CloneCD "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Counter Strike 1.6 V36.1 C'zrd" = Counter Strike 1.6 V36.1 C'zrd "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "DivX Setup.divx.com" = DivX Setup "Double Dice Silver Edition" = Double Dice Silver Edition "Download Youtube Music_is1" = Download Youtube Music 3.0 "DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar "eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook! "ENTERPRISE" = Microsoft Office Enterprise 2007 "FarmingSimulator2011EN_is1" = Farming Simulator 2011 "FlashGet 3.3" = FlashGet 3.3 "Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4 "Free YouTube Download_is1" = Free YouTube Download 2.9 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8 "FreeApp v1" = FreeApps "FSFDT FSCopilot" = FSFDT FSCopilot "ImgBurn" = ImgBurn "InstallShield_{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2 "InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "IvAe_is1" = The Eye v1.0.6 (b345) "IvAp_is1" = IvAp v1.4.2 b2411 "Kresz-teszt_is1" = Kresz-teszt 2.2 "LibUSB-Win32_is1" = LibUSB-Win32-0.1.12.1 "LogMeIn Hamachi" = LogMeIn Hamachi "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Messenger Plus! Live" = Messenger Plus! Live "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile HUN Language Pack" = A Microsoft .NET-keretrendszer 4-es verziójához tartozó ügyfélprofil HUN nyelvi csomagja "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended HUN Language Pack" = A kiterjesztett Microsoft .NET-keretrendszer 4 HUN nyelvi csomagja "MKV TO AVI CONVERTER_is1" = MKV TO AVI CONVERTER version 3.1 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MuOnline.HU Season3" = MuOnline.HU Season3 "MuOnline.HU Season4" = MuOnline.HU Season4 "MyDefrag v4.3.1_is1" = MyDefrag v4.3.1 "NVIDIA Drivers" = NVIDIA Drivers "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "PC Auto Shutdown_is1" = PC Auto Shutdown 4.2 "PFConfig" = PFConfig 1.0.295 "PowerISO" = PowerISO "ReadyDriver Plus_is1" = ReadyDriver Plus 1.1 "Speccy" = Speccy "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamViewer 6" = TeamViewer 6 "Test Drive Unlimited 2 Beta_is1" = Test Drive Unlimited 2 Beta "Tunngle beta_is1" = Tunngle beta "Uninstall_is1" = Uninstall 1.0.0.1 "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.4 "Winamp" = Winamp "Winamp Toolbar" = Winamp Toolbar "WinLiveSuite_Wave3" = Windows Live Essentials "WinPcapInst" = WinPcap 4.1.2 "WinRAR archiver" = WinRAR archiváló "World of Warcraft" = World of Warcraft "Xfire" = Xfire (remove only) "XPort 360_is1" = XPort 360 "Xvid_is1" = Xvid 1.2.2 final uninstall "ZOTAC FireStorm" = ZOTAC FireStorm ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "uTorrent" = µTorrent "Winamp Detect" = Winamp Detector Plug-in ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2010.12.19. 12:09:48 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.19. 12:09:49 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.19. 12:09:49 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.19. 12:09:49 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.19. 12:09:49 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.19. 12:09:50 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.19. 12:09:50 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.19. 12:10:45 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.19. 12:10:48 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.20. 1:17:50 | Computer Name = BRUNO-PC | Source = Application Error | ID = 1000 Description = A hibát okozó alkalmazás neve: mDNSResponder.exe, verzió: 2.0.4.0, időbélyeg: 0x4cae1be1 A hibát okozó modul neve: mDNSResponder.exe, verzió: 2.0.4.0, időbélyeg: 0x4cae1be1 Kivételkód: 0xc0000005 Hiba pozíciója: 0x0000110a A hibát okozó folyamat azonosítója: 0x17c A hibát okozó alkalmazás indításának időpontja: 0x01cba00534a9d0c0 A hibát okozó alkalmazás elérési útja: C:\Program Files\Bonjour\mDNSResponder.exe A hibát okozó modul elérési útja: C:\Program Files\Bonjour\mDNSResponder.exe Jelentés azonosítója: 7d00a4c0-0bf8-11e0-9740-0019215af2af [ Media Center Events ] Error - 2010.09.17. 18:16:11 | Computer Name = BRUNO-PC | Source = Microsoft-Windows-Media Center Extender | ID = 543 Description = Error - 2010.10.07. 17:12:49 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0 Description = 23:12:49 - Hiba történt az internethez való kapcsolódás közben. 23:12:49 - A kiszolgáló nem érhető el.. Error - 2010.10.07. 17:13:00 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0 Description = 23:12:55 - Hiba történt az internethez való kapcsolódás közben. 23:12:55 - A kiszolgáló nem érhető el.. Error - 2010.11.08. 11:04:05 | Computer Name = BRUNO-PC | Source = Microsoft-Windows-Media Center Extender | ID = 800 Description = Error - 2010.11.08. 11:55:18 | Computer Name = BRUNO-PC | Source = Microsoft-Windows-Media Center Extender | ID = 800 Description = Error - 2010.11.29. 2:10:12 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0 Description = 7:10:07 - Hiba történt az internethez való kapcsolódás közben. 7:10:07 - A kiszolgáló nem érhető el.. Error - 2010.12.24. 17:37:55 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0 Description = 22:37:55 - Hiba történt az internethez való kapcsolódás közben. 22:37:55 - A kiszolgáló nem érhető el.. Error - 2010.12.24. 17:38:06 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0 Description = 22:38:01 - Hiba történt az internethez való kapcsolódás közben. 22:38:01 - A kiszolgáló nem érhető el.. [ OSession Events ] Error - 2010.08.15. 12:21:42 | Computer Name = BRUNO-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 2010.11.27. 9:03:30 | Computer Name = BRUNO-PC | Source = EventLog | ID = 6008 Description = Az előző rendszerleállítás (?2010.?11.?27. - 13:31:11) váratlan volt. Error - 2010.11.27. 9:03:54 | Computer Name = BRUNO-PC | Source = Service Control Manager | ID = 7026 Description = A következő boot- vagy rendszerindító illesztőprogram(ok) nem indult(ak) el: sfdrv01 sfsync02 sfvfs02 Error - 2010.11.27. 9:04:04 | Computer Name = BRUNO-PC | Source = WMPNetworkSvc | ID = 866306 Description = Error - 2010.11.27. 9:04:04 | Computer Name = BRUNO-PC | Source = WMPNetworkSvc | ID = 866306 Description = Error - 2010.11.27. 10:53:06 | Computer Name = BRUNO-PC | Source = volsnap | ID = 393252 Description = A(z) C: kötet árnyékmásolatait a program megszüntette, mert az árnyékmásolatok tárolására szolgáló lemezterületet egy felhasználó által beállított korlát miatt nem sikerült megnövelni. Error - 2010.11.27. 18:13:00 | Computer Name = BRUNO-PC | Source = Service Control Manager | ID = 7016 Description = A szolgáltatás (NVIDIA Display Driver Service) a következő érvénytelen állapotot jelentette: 32. Error - 2010.11.27. 21:10:53 | Computer Name = BRUNO-PC | Source = Application Popup | ID = 875 Description = A(z) sfsync02.sys illesztőprogram betöltése le van tiltva. Error - 2010.11.27. 21:10:54 | Computer Name = BRUNO-PC | Source = Application Popup | ID = 875 Description = A(z) sfvfs02.sys illesztőprogram betöltése le van tiltva. Error - 2010.11.27. 21:10:54 | Computer Name = BRUNO-PC | Source = Application Popup | ID = 875 Description = A(z) sfdrv01.sys illesztőprogram betöltése le van tiltva. Error - 2010.11.27. 21:11:19 | Computer Name = BRUNO-PC | Source = Service Control Manager | ID = 7026 Description = A következő boot- vagy rendszerindító illesztőprogram(ok) nem indult(ak) el: sfdrv01 sfsync02 sfvfs02 < End of report > |
Szerző: | bbbcars [ vas. dec. 26, 2010 16:56 ] |
Hozzászólás témája: | Re: STELL Segit |
Bemásoltam én alulra de akkor bemásolom mégegyszer. |
Szerző: | stell [ vas. dec. 26, 2010 14:10 ] |
Hozzászólás témája: | Re: STELL Segit |
Az extras.txt az jo, de nem jol csinaltad Irtam Masold be azOTL>> Also ablkjaba az Zold textet innen, es klik RUNSCAN, ad 2 logot OTL.TXT es extras.txt, mind 2=tot tedd ide Kód: netsvcs drivers32 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s c:\windows\*.* /U %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s /md5start eventlog.dll scecli.dll netlogon.dll cngaudit.dll sceclt.dll ntelogon.dll logevent.dll iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys nvrd32.sys symmpi.sys adp3132.sys mv61xx.sys nvraid.sys ndis.sys winlogon.exe explorer.exe userinit.exe lsass.exe svchost.exe smss.exe hal.dll ws2_32.dll tcpip.sys cryptsvc.dll Changer.sys JakNDis.sys isapnp.sys cdrom.sys autochk.exe /md5stop %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 CREATERESTOREPOINT |
Szerző: | bbbcars [ vas. dec. 26, 2010 13:58 ] |
Hozzászólás témája: | Re: STELL Segit |
És az extras: OTL Extras logfile created on: 2010.12.26. 13:38:19 - Run 1 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\BRUNO\Downloads An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040e | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd. 1 024,00 Mb Total Physical Memory | 226,00 Mb Available Physical Memory | 22,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 57,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 39,06 Gb Total Space | 8,81 Gb Free Space | 22,56% Space Free | Partition Type: NTFS Drive D: | 114,32 Gb Total Space | 13,24 Gb Free Space | 11,58% Space Free | Partition Type: NTFS Drive F: | 39,06 Gb Total Space | 12,23 Gb Free Space | 31,31% Space Free | Partition Type: NTFS Drive G: | 109,98 Gb Total Space | 4,55 Gb Free Space | 4,13% Space Free | Partition Type: NTFS Computer Name: BRUNO-PC | User Name: BRUNO | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{16B07D27-7A78-4C25-B76A-6EDB751B18CA}" = Windows Live Movie Maker "{19D26A2C-D822-484F-908F-34EA2FB8852E}" = Shutdown Timer "{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live feltöltőeszköz "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{257A92C3-7E41-4678-9144-6920F4289D0F}" = Windows Live Messenger "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21 "{27F6403E-6540-4431-B18E-B0BE2C253A9B}" = Stílus Mánia "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{408A2284-6037-46D9-8EA5-D5173CED3DB3}" = Windows Live Fotótár "{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™ 2 Házi kedvenc "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4EDD761B-5253-4CD1-A309-9DFEE960E344}" = Logitech Gaming Software 5.09 "{51D199F4-5593-4BC9-B2A5-BB1CDE0C894A}" = aerosoft's - Mega Airport Paris CDG "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Trendi Tini Cuccok "{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2 "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam "{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = The Sims™ 2 Konyhai és Fürdőszobai Lakberendezési Cuccok "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Álomotthon Cuccok "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Megnyitottunk – Vár az üzlet! "{7F9783DE-C0E9-4971-AE44-D34A2E03F877}" = Windows Live Writer "{80DB2577-43E3-4C34-00AF-0D7967B942C9}" = The Sims 2 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = The Sims™ 2 Divatos H&M® Cuccok "{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 Szabadidő "{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 Egyetem "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{92C7D009-A464-4948-A980-7A3E28CB2F49}" = Richard Burns Rally "{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X "{99A98C71-A900-44E7-AD98-70E6368FB4D0}" = Windows Live Essentials "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims™ 2 Csilli-villi Cuccok "{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{B2F4835F-346A-35FF-9B5F-1360B559310E}" = Microsoft .NET Framework 4 Extended HUN Language Pack "{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation "{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Nagyvárosi Élet "{BB6BE4FE-E508-4ED8-8C63-8C98187842D5}" = ESET NOD32 Antivirus "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3 "{C0A6901F-C919-47A3-A4D9-E2056314086B}" = aerosoft's - London Heathrow 2008 "{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D86B6E8D-F224-4BB6-B959-C8EDC5300B5D}" = aerosoft's - Mega Airport Stockholm Arlanda "{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Évszakok "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = The Sims™ 2 Bulis! Cuccok "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{EE7D2735-9566-4E60-95AD-44282A7362BE}_is1" = Aerosoft - Gibraltar FS2004 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F1566481-372B-422E-8181-ABAA88A80FC1}" = Windows Live Sync "{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Jó utat! "{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner "{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Éjszakák "{FD031145-2925-3FEF-9A4E-64047AAD8951}" = Microsoft .NET Framework 4 Client Profile HUN Language Pack "737-300 Pilot in Command" = 737-300 Pilot in Command "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AnalogX FastCache" = AnalogX FastCache "ASTRA32_is1" = ASTRA32 - Advanced System Information Tool 2.06 "Bonus Dice Special Edition (rw005)" = Bonus Dice Special Edition (rw005) "BSPlayerf" = BS.Player FREE "CloneCD" = CloneCD "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Counter Strike 1.6 V36.1 C'zrd" = Counter Strike 1.6 V36.1 C'zrd "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "DivX Setup.divx.com" = DivX Setup "Double Dice Silver Edition" = Double Dice Silver Edition "Download Youtube Music_is1" = Download Youtube Music 3.0 "DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar "eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook! "ENTERPRISE" = Microsoft Office Enterprise 2007 "FarmingSimulator2011EN_is1" = Farming Simulator 2011 "FlashGet 3.3" = FlashGet 3.3 "Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4 "Free YouTube Download_is1" = Free YouTube Download 2.9 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8 "FreeApp v1" = FreeApps "FSFDT FSCopilot" = FSFDT FSCopilot "ImgBurn" = ImgBurn "InstallShield_{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2 "InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "IvAe_is1" = The Eye v1.0.6 (b345) "IvAp_is1" = IvAp v1.4.2 b2411 "Kresz-teszt_is1" = Kresz-teszt 2.2 "LibUSB-Win32_is1" = LibUSB-Win32-0.1.12.1 "LogMeIn Hamachi" = LogMeIn Hamachi "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Messenger Plus! Live" = Messenger Plus! Live "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile HUN Language Pack" = A Microsoft .NET-keretrendszer 4-es verziójához tartozó ügyfélprofil HUN nyelvi csomagja "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended HUN Language Pack" = A kiterjesztett Microsoft .NET-keretrendszer 4 HUN nyelvi csomagja "MKV TO AVI CONVERTER_is1" = MKV TO AVI CONVERTER version 3.1 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MuOnline.HU Season3" = MuOnline.HU Season3 "MuOnline.HU Season4" = MuOnline.HU Season4 "MyDefrag v4.3.1_is1" = MyDefrag v4.3.1 "NVIDIA Drivers" = NVIDIA Drivers "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "PC Auto Shutdown_is1" = PC Auto Shutdown 4.2 "PFConfig" = PFConfig 1.0.295 "PowerISO" = PowerISO "ReadyDriver Plus_is1" = ReadyDriver Plus 1.1 "Speccy" = Speccy "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamViewer 6" = TeamViewer 6 "Test Drive Unlimited 2 Beta_is1" = Test Drive Unlimited 2 Beta "Tunngle beta_is1" = Tunngle beta "Uninstall_is1" = Uninstall 1.0.0.1 "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.4 "Winamp" = Winamp "Winamp Toolbar" = Winamp Toolbar "WinLiveSuite_Wave3" = Windows Live Essentials "WinPcapInst" = WinPcap 4.1.2 "WinRAR archiver" = WinRAR archiváló "World of Warcraft" = World of Warcraft "Xfire" = Xfire (remove only) "XPort 360_is1" = XPort 360 "Xvid_is1" = Xvid 1.2.2 final uninstall "ZOTAC FireStorm" = ZOTAC FireStorm ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "uTorrent" = µTorrent "Winamp Detect" = Winamp Detector Plug-in ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2010.12.19. 12:09:48 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.19. 12:09:49 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.19. 12:09:49 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.19. 12:09:49 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.19. 12:09:49 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.19. 12:09:50 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.19. 12:09:50 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.19. 12:10:45 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.19. 12:10:48 | Computer Name = BRUNO-PC | Source = MsiInstaller | ID = 11711 Description = Error - 2010.12.20. 1:17:50 | Computer Name = BRUNO-PC | Source = Application Error | ID = 1000 Description = A hibát okozó alkalmazás neve: mDNSResponder.exe, verzió: 2.0.4.0, időbélyeg: 0x4cae1be1 A hibát okozó modul neve: mDNSResponder.exe, verzió: 2.0.4.0, időbélyeg: 0x4cae1be1 Kivételkód: 0xc0000005 Hiba pozíciója: 0x0000110a A hibát okozó folyamat azonosítója: 0x17c A hibát okozó alkalmazás indításának időpontja: 0x01cba00534a9d0c0 A hibát okozó alkalmazás elérési útja: C:\Program Files\Bonjour\mDNSResponder.exe A hibát okozó modul elérési útja: C:\Program Files\Bonjour\mDNSResponder.exe Jelentés azonosítója: 7d00a4c0-0bf8-11e0-9740-0019215af2af [ Media Center Events ] Error - 2010.09.17. 18:16:11 | Computer Name = BRUNO-PC | Source = Microsoft-Windows-Media Center Extender | ID = 543 Description = Error - 2010.10.07. 17:12:49 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0 Description = 23:12:49 - Hiba történt az internethez való kapcsolódás közben. 23:12:49 - A kiszolgáló nem érhető el.. Error - 2010.10.07. 17:13:00 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0 Description = 23:12:55 - Hiba történt az internethez való kapcsolódás közben. 23:12:55 - A kiszolgáló nem érhető el.. Error - 2010.11.08. 11:04:05 | Computer Name = BRUNO-PC | Source = Microsoft-Windows-Media Center Extender | ID = 800 Description = Error - 2010.11.08. 11:55:18 | Computer Name = BRUNO-PC | Source = Microsoft-Windows-Media Center Extender | ID = 800 Description = Error - 2010.11.29. 2:10:12 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0 Description = 7:10:07 - Hiba történt az internethez való kapcsolódás közben. 7:10:07 - A kiszolgáló nem érhető el.. Error - 2010.12.24. 17:37:55 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0 Description = 22:37:55 - Hiba történt az internethez való kapcsolódás közben. 22:37:55 - A kiszolgáló nem érhető el.. Error - 2010.12.24. 17:38:06 | Computer Name = BRUNO-PC | Source = MCUpdate | ID = 0 Description = 22:38:01 - Hiba történt az internethez való kapcsolódás közben. 22:38:01 - A kiszolgáló nem érhető el.. [ OSession Events ] Error - 2010.08.15. 12:21:42 | Computer Name = BRUNO-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 2010.11.27. 9:03:18 | Computer Name = BRUNO-PC | Source = Application Popup | ID = 875 Description = A(z) sfdrv01.sys illesztőprogram betöltése le van tiltva. Error - 2010.11.27. 9:03:30 | Computer Name = BRUNO-PC | Source = EventLog | ID = 6008 Description = Az előző rendszerleállítás (?2010.?11.?27. - 13:31:11) váratlan volt. Error - 2010.11.27. 9:03:54 | Computer Name = BRUNO-PC | Source = Service Control Manager | ID = 7026 Description = A következő boot- vagy rendszerindító illesztőprogram(ok) nem indult(ak) el: sfdrv01 sfsync02 sfvfs02 Error - 2010.11.27. 9:04:04 | Computer Name = BRUNO-PC | Source = WMPNetworkSvc | ID = 866306 Description = Error - 2010.11.27. 9:04:04 | Computer Name = BRUNO-PC | Source = WMPNetworkSvc | ID = 866306 Description = Error - 2010.11.27. 10:53:06 | Computer Name = BRUNO-PC | Source = volsnap | ID = 393252 Description = A(z) C: kötet árnyékmásolatait a program megszüntette, mert az árnyékmásolatok tárolására szolgáló lemezterületet egy felhasználó által beállított korlát miatt nem sikerült megnövelni. Error - 2010.11.27. 18:13:00 | Computer Name = BRUNO-PC | Source = Service Control Manager | ID = 7016 Description = A szolgáltatás (NVIDIA Display Driver Service) a következő érvénytelen állapotot jelentette: 32. Error - 2010.11.27. 21:10:53 | Computer Name = BRUNO-PC | Source = Application Popup | ID = 875 Description = A(z) sfsync02.sys illesztőprogram betöltése le van tiltva. Error - 2010.11.27. 21:10:54 | Computer Name = BRUNO-PC | Source = Application Popup | ID = 875 Description = A(z) sfvfs02.sys illesztőprogram betöltése le van tiltva. Error - 2010.11.27. 21:10:54 | Computer Name = BRUNO-PC | Source = Application Popup | ID = 875 Description = A(z) sfdrv01.sys illesztőprogram betöltése le van tiltva. < End of report > |
Szerző: | bbbcars [ vas. dec. 26, 2010 13:57 ] |
Hozzászólás témája: | Re: STELL Segit |
Na szia lefutattam itt az eredmény. netsvcs drivers32 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s c:\windows\*.* /U %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s /md5start eventlog.dll scecli.dll netlogon.dll cngaudit.dll sceclt.dll ntelogon.dll logevent.dll iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys nvrd32.sys symmpi.sys adp3132.sys mv61xx.sys nvraid.sys ndis.sys winlogon.exe explorer.exe userinit.exe lsass.exe svchost.exe smss.exe hal.dll ws2_32.dll tcpip.sys cryptsvc.dll Changer.sys JakNDis.sys isapnp.sys cdrom.sys autochk.exe /md5stop %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 CREATERESTOREPOINT |
Szerző: | stell [ vas. dec. 26, 2010 11:56 ] |
Hozzászólás témája: | Re: STELL Segit |
Letolteni az asztalra>OTListIt2>> http://oldtimer.geekstogo.com/OTL.exe -Futatni - file age at valtoztani 30 >14day ra. -bepipazni -Scan all users. -Lop check. -Purity check. -v sekciobaExtra Registry>bepotyozni>Use SafeList -az ablakjaba -customscan/fixes masold be a textet-es klik RUNSCAN -5-10 perc mulva add logot tedd ide -OTL.txt (az asztalon lesz). -exras.txt-a talcan lesz. Kód: netsvcs drivers32 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s c:\windows\*.* /U %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s /md5start eventlog.dll scecli.dll netlogon.dll cngaudit.dll sceclt.dll ntelogon.dll logevent.dll iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys nvrd32.sys symmpi.sys adp3132.sys mv61xx.sys nvraid.sys ndis.sys winlogon.exe explorer.exe userinit.exe lsass.exe svchost.exe smss.exe hal.dll ws2_32.dll tcpip.sys cryptsvc.dll Changer.sys JakNDis.sys isapnp.sys cdrom.sys autochk.exe /md5stop %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 CREATERESTOREPOINT |
Szerző: | bbbcars [ vas. dec. 26, 2010 11:34 ] |
Hozzászólás témája: | Re: STELL Segit |
Rákattintottam de azt írta hogy kivan kapcsolva. Amugy a gép még mindig kékhalált kap kikapcsolásnál.A játékokba a pingem még mindig magas. A Cracktöl már megszabadultam meg az egész játéktól |
Szerző: | stell [ vas. dec. 26, 2010 8:53 ] |
Hozzászólás témája: | Re: STELL Segit |
Azta crackod kitorolni a geprol A SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} Fent van e a Gepen??mert csak a rezidens spyware pajzat latom. Hogy viselkedik a gep?? |
Szerző: | bbbcars [ szomb. dec. 25, 2010 19:48 ] |
Hozzászólás témája: | Re: STELL Segit |
Naszoval annyi még hogy van egy csrss.exe az nem veszélyes? eddig volt egy botcuklar.exe nevü fájlom malware le is kapta ez a fj állandoan huzta a CPU-t. Közbe virustotal-al megnéztem tesom hülye mmorpg-s játékának az egyik fájlját itt az eredmény ..... http://www.virustotal.com/file-scan/report.html?id=2e9e7a8d36f316e54cfda969c265f78b3f2eccc1aa61ec4747030e33fa11bd72-1291518586 NA és itt a log stell: ComboFix 10-12-24.01 - BRUNO 010.12.25. 19:20:06.2.2 - x86 Microsoft Windows 7 Professional 6.1.7600.0.1250.36.1038.18.1024.423 [GMT 1:00] Running from: c:\users\BRUNO\Desktop\ComboFix.exe Command switches used :: c:\users\BRUNO\Desktop\CFScript.txt AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1} SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point FILE :: "c:\program files\IObit\Advanced SystemCare 3\AWC.exe" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\IObit c:\program files\IObit\Advanced SystemCare 3\AutoCare.exe c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe c:\program files\IObit\Advanced SystemCare 3\AWC.exe c:\program files\IObit\Advanced SystemCare 3\AWCInit.exe c:\program files\IObit\Advanced SystemCare 3\AwcSchedule.dll c:\program files\IObit\Advanced SystemCare 3\chkdskback.exe c:\program files\IObit\Advanced SystemCare 3\ContextMenu.exe c:\program files\IObit\Advanced SystemCare 3\CookiesBK.pln c:\program files\IObit\Advanced SystemCare 3\CoolTrayIcon_D6plus.bpl c:\program files\IObit\Advanced SystemCare 3\Def.dbd c:\program files\IObit\Advanced SystemCare 3\DiskMap.dll c:\program files\IObit\Advanced SystemCare 3\ESR.exe c:\program files\IObit\Advanced SystemCare 3\EULA.rtf c:\program files\IObit\Advanced SystemCare 3\FFSweep.dll c:\program files\IObit\Advanced SystemCare 3\FileSweep.dll c:\program files\IObit\Advanced SystemCare 3\FreeSoftwareDownloader_ASC.exe c:\program files\IObit\Advanced SystemCare 3\Help.html c:\program files\IObit\Advanced SystemCare 3\IEFavBK.pln c:\program files\IObit\Advanced SystemCare 3\Images\care.png c:\program files\IObit\Advanced SystemCare 3\Images\ds.png c:\program files\IObit\Advanced SystemCare 3\Images\home.png c:\program files\IObit\Advanced SystemCare 3\Images\mw.png c:\program files\IObit\Advanced SystemCare 3\Images\tips.jpg c:\program files\IObit\Advanced SystemCare 3\Images\tips2.jpg c:\program files\IObit\Advanced SystemCare 3\Images\ut.png c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe c:\program files\IObit\Advanced SystemCare 3\Language\Albanian.lng c:\program files\IObit\Advanced SystemCare 3\Language\Belarusian.lng c:\program files\IObit\Advanced SystemCare 3\Language\Brasil.lng c:\program files\IObit\Advanced SystemCare 3\Language\ChineseSimp.lng c:\program files\IObit\Advanced SystemCare 3\Language\ChineseTrad.lng c:\program files\IObit\Advanced SystemCare 3\Language\Czech.lng c:\program files\IObit\Advanced SystemCare 3\Language\Dansk.lng c:\program files\IObit\Advanced SystemCare 3\Language\Dutch.lng c:\program files\IObit\Advanced SystemCare 3\Language\English.lng c:\program files\IObit\Advanced SystemCare 3\Language\Finnish.lng c:\program files\IObit\Advanced SystemCare 3\Language\French.lng c:\program files\IObit\Advanced SystemCare 3\Language\German.lng c:\program files\IObit\Advanced SystemCare 3\Language\Hebrew.lng c:\program files\IObit\Advanced SystemCare 3\Language\Hungarian.lng c:\program files\IObit\Advanced SystemCare 3\Language\Italiano.lng c:\program files\IObit\Advanced SystemCare 3\Language\Japanese.lng c:\program files\IObit\Advanced SystemCare 3\Language\Korean.lng c:\program files\IObit\Advanced SystemCare 3\Language\Persian.lng c:\program files\IObit\Advanced SystemCare 3\Language\Polish.lng c:\program files\IObit\Advanced SystemCare 3\Language\Portuguese(BRAZIL).lng c:\program files\IObit\Advanced SystemCare 3\Language\Romanian.lng c:\program files\IObit\Advanced SystemCare 3\Language\Russian.lng c:\program files\IObit\Advanced SystemCare 3\Language\Slovenian.lng c:\program files\IObit\Advanced SystemCare 3\Language\Spanish.lng c:\program files\IObit\Advanced SystemCare 3\Language\Srpski.lng c:\program files\IObit\Advanced SystemCare 3\Language\Svenska.lng c:\program files\IObit\Advanced SystemCare 3\Language\Swedish.lng c:\program files\IObit\Advanced SystemCare 3\Language\Turkish.lng c:\program files\IObit\Advanced SystemCare 3\Language\Ukrainian.lng c:\program files\IObit\Advanced SystemCare 3\Language\Valencian.lng c:\program files\IObit\Advanced SystemCare 3\License.dat c:\program files\IObit\Advanced SystemCare 3\News\bnews.html c:\program files\IObit\Advanced SystemCare 3\News\Css\bstyle.css c:\program files\IObit\Advanced SystemCare 3\News\Css\wstyle.css c:\program files\IObit\Advanced SystemCare 3\News\wnews.html c:\program files\IObit\Advanced SystemCare 3\NtfsData.dll c:\program files\IObit\Advanced SystemCare 3\RegeditBK.pln c:\program files\IObit\Advanced SystemCare 3\Registration.exe c:\program files\IObit\Advanced SystemCare 3\Routine.dll c:\program files\IObit\Advanced SystemCare 3\rtl70.bpl c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_01.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_01_mouseover.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_02.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_02_mouseover.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_03.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_03_mouseover.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_04.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_04_mouseover.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_down.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_left.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_right.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_up.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Bg_Content.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\BG_Main.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_1.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_2.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_3.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_en_1.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_en_2.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_en_3.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Check.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Checked.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Close1.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Close2.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Content_bg_1.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Content_bg_2.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Content_bg_3.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Flag.ico c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Layout.ini c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Min1.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Min2.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\scan.avi c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Shadow.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Bottom.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Selected_1.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Selected_2.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Selected_3.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_UnSelected_1.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_UnSelected_2.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_UnSelected_3.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Title.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\UnCheck.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Unchecked.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Upgrade1.png c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Upgrade2.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_01.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_01_mouseover.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_02.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_02_mouseover.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_03.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_03_mouseover.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_04.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_04_mouseover.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_down.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_left.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_right.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_up.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Bg_Content.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\BG_Main.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_1.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_2.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_3.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_en_1.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_en_2.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_en_3.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Check.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Checked.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Close1.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Close2.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Content_bg_1.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Content_bg_2.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Content_bg_3.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Flag.ico c:\program files\IObit\Advanced SystemCare 3\Skin\White\Layout.ini c:\program files\IObit\Advanced SystemCare 3\Skin\White\Min1.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Min2.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\scan.avi c:\program files\IObit\Advanced SystemCare 3\Skin\White\Shadow.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Bottom.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_BottomLine.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Selected_1.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Selected_2.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Selected_3.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_UnSelected_1.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_UnSelected_2.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_UnSelected_3.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Title.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\UnCheck.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Unchecked.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Upgrade1.png c:\program files\IObit\Advanced SystemCare 3\Skin\White\Upgrade2.png c:\program files\IObit\Advanced SystemCare 3\sqlite3.dll c:\program files\IObit\Advanced SystemCare 3\StartMenu.exe c:\program files\IObit\Advanced SystemCare 3\STFix.dll c:\program files\IObit\Advanced SystemCare 3\Sup_DiskCleaner.exe c:\program files\IObit\Advanced SystemCare 3\Sup_DiskDoctor.exe c:\program files\IObit\Advanced SystemCare 3\Sup_FileShredder.exe c:\program files\IObit\Advanced SystemCare 3\Sup_GameBooster.exe c:\program files\IObit\Advanced SystemCare 3\Sup_InternetBooster.exe c:\program files\IObit\Advanced SystemCare 3\Sup_IS360.exe c:\program files\IObit\Advanced SystemCare 3\Sup_ISD.exe c:\program files\IObit\Advanced SystemCare 3\Sup_RegistryDefrag.exe c:\program files\IObit\Advanced SystemCare 3\Sup_ShortcutsFixer.exe c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe c:\program files\IObit\Advanced SystemCare 3\Sus_DriverBackUp.exe c:\program files\IObit\Advanced SystemCare 3\Sus_PIeHelp.exe c:\program files\IObit\Advanced SystemCare 3\Sus_SystemBackup.exe c:\program files\IObit\Advanced SystemCare 3\Sus_SystemFileScan.exe c:\program files\IObit\Advanced SystemCare 3\Sut_AutoShutDown.exe c:\program files\IObit\Advanced SystemCare 3\Sut_ClonedFilesFinder.exe c:\program files\IObit\Advanced SystemCare 3\Sut_ContextManager.exe c:\program files\IObit\Advanced SystemCare 3\Sut_DiskExplorer.exe c:\program files\IObit\Advanced SystemCare 3\Sut_RestoreCenter.exe c:\program files\IObit\Advanced SystemCare 3\Sut_SoftUninstal.exe c:\program files\IObit\Advanced SystemCare 3\Sut_StartUpManager.exe c:\program files\IObit\Advanced SystemCare 3\Sut_SysInfo.exe c:\program files\IObit\Advanced SystemCare 3\Sut_WinManager.exe c:\program files\IObit\Advanced SystemCare 3\TurboBoost.exe c:\program files\IObit\Advanced SystemCare 3\unins000.dat c:\program files\IObit\Advanced SystemCare 3\unins000.exe c:\program files\IObit\Advanced SystemCare 3\unins000.msg c:\program files\IObit\Advanced SystemCare 3\Update History.txt c:\program files\IObit\Advanced SystemCare 3\Update\awc3check.upt c:\program files\IObit\Advanced SystemCare 3\vcl70.bpl c:\program files\IObit\Advanced SystemCare 3\vclx70.bpl c:\program files\IObit\Advanced SystemCare 3\winSkinD7R.bpl c:\program files\IObit\Advanced SystemCare 3\Wizard.exe c:\program files\IObit\Game Booster\AutoUpdate.exe c:\program files\IObit\Game Booster\Boost.exe c:\program files\IObit\Game Booster\GameBooster.exe c:\program files\IObit\Game Booster\GameBox.exe c:\program files\IObit\Game Booster\gbinit.exe c:\program files\IObit\Game Booster\IObitDownloader.exe c:\program files\IObit\Game Booster\Language\ChineseSimp.lng c:\program files\IObit\Game Booster\Language\ChineseTrad.lng c:\program files\IObit\Game Booster\Language\Czech.lng c:\program files\IObit\Game Booster\Language\English.lng c:\program files\IObit\Game Booster\Language\French.lng c:\program files\IObit\Game Booster\Language\Hungarian.lng c:\program files\IObit\Game Booster\Language\Italian.lng c:\program files\IObit\Game Booster\Language\Polish.lng c:\program files\IObit\Game Booster\Language\Portuguese(BRAZIL).lng c:\program files\IObit\Game Booster\Language\Romanian.lng c:\program files\IObit\Game Booster\Language\Russian.lng c:\program files\IObit\Game Booster\Language\Spanish.lng c:\program files\IObit\Game Booster\Language\Swedish.lng c:\program files\IObit\Game Booster\Language\Turkish.lng c:\program files\IObit\Game Booster\license.dat c:\program files\IObit\Game Booster\madbasic_.bpl c:\program files\IObit\Game Booster\maddisAsm_.bpl c:\program files\IObit\Game Booster\madexcept_.bpl c:\program files\IObit\Game Booster\News\gb_sidebg154x430.gif c:\program files\IObit\Game Booster\News\gbnews.html c:\program files\IObit\Game Booster\News\jquery.js c:\program files\IObit\Game Booster\PowerConfig.dll c:\program files\IObit\Game Booster\rtl120.bpl c:\program files\IObit\Game Booster\sqlite3.dll c:\program files\IObit\Game Booster\unins000.dat c:\program files\IObit\Game Booster\unins000.exe c:\program files\IObit\Game Booster\unins000.msg c:\program files\IObit\Game Booster\Update\Update.Ini c:\program files\IObit\Game Booster\vcl120.bpl c:\program files\IObit\Game Booster\vclx120.bpl c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html c:\users\BRUNO\AppData\Roaming\FlashGetBHO c:\users\BRUNO\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll c:\users\BRUNO\AppData\Roaming\FlashGetBHO\FlashGetHook.dll c:\users\BRUNO\AppData\Roaming\FlashGetBHO\GetAllUrl.htm c:\users\BRUNO\AppData\Roaming\FlashGetBHO\GetUrl.htm . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_eixjgtaw -------\Service_nmbqkg ((((((((((((((((((((((((( Files Created from 2010-11-25 to 2010-12-25 ))))))))))))))))))))))))))))))) . 2010-12-25 18:36 . 2010-12-25 18:36 -------- d-----w- c:\users\Mcx3-BRUNO-PC\AppData\Local\temp 2010-12-25 18:36 . 2010-12-25 18:36 -------- d-----w- c:\users\Mcx2-BRUNO-PC\AppData\Local\temp 2010-12-24 17:49 . 2010-12-24 17:49 -------- d-----w- c:\program files\FreeApps 2010-12-24 17:49 . 2010-12-24 17:49 -------- d-----w- c:\programdata\FreeApp 2010-12-24 17:49 . 2010-12-24 17:49 -------- d-----w- c:\users\BRUNO\AppData\Roaming\IObit 2010-12-24 17:47 . 2010-12-25 17:45 -------- d-----w- c:\program files\MyDefrag v4.3.1 2010-12-24 17:47 . 2010-05-21 11:11 475648 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.scr 2010-12-24 17:47 . 2010-05-21 11:11 1061888 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.exe 2010-12-23 20:58 . 2010-12-23 20:58 -------- d-----w- c:\users\BRUNO\AppData\Roaming\Malwarebytes 2010-12-23 20:58 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-12-23 20:58 . 2010-12-23 20:58 -------- d-----w- c:\programdata\Malwarebytes 2010-12-23 20:58 . 2010-12-23 20:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-12-23 20:58 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-12-23 09:29 . 2010-12-23 09:29 -------- d-----w- c:\program files\TeamViewer 2010-12-20 14:26 . 2010-12-20 14:26 -------- d-----w- c:\program files\LibUSB-Win32 2010-12-20 14:26 . 2007-03-20 10:33 28672 ----a-w- c:\windows\system32\drivers\libusb0.sys 2010-12-20 14:26 . 2007-03-20 10:33 43520 ----a-w- c:\windows\system32\libusb0.dll 2010-12-20 00:29 . 2005-12-31 23:12 -------- d-----w- c:\users\BRUNO\.shsh 2010-12-19 16:14 . 2010-12-19 16:18 -------- d-----w- c:\users\BRUNO\AppData\Local\Apple Computer 2010-12-19 16:14 . 2010-12-19 16:15 -------- d-----w- c:\users\BRUNO\AppData\Roaming\Apple Computer 2010-12-19 16:13 . 2010-12-19 16:13 -------- dc----w- c:\windows\system32\DRVSTORE 2010-12-19 16:13 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2010-12-19 16:13 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll 2010-12-19 16:13 . 2010-12-19 16:13 -------- d-----w- c:\program files\iPod 2010-12-19 16:13 . 2010-12-19 16:13 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-12-19 16:13 . 2010-12-19 16:13 -------- d-----w- c:\program files\iTunes 2010-12-19 16:11 . 2010-12-19 16:13 -------- d-----w- c:\programdata\Apple Computer 2010-12-19 16:11 . 2010-12-19 16:12 -------- d-----w- c:\program files\QuickTime 2010-12-19 16:06 . 2010-12-19 16:06 -------- d-----w- c:\users\BRUNO\AppData\Local\Apple 2010-12-19 16:06 . 2010-12-19 16:06 -------- d-----w- c:\program files\Apple Software Update 2010-12-19 16:05 . 2010-12-19 16:05 -------- d-----w- c:\program files\Bonjour 2010-12-19 16:04 . 2010-12-19 16:13 -------- d-----w- c:\program files\Common Files\Apple 2010-12-19 16:04 . 2010-12-19 16:06 -------- d-----w- c:\programdata\Apple 2010-12-10 18:50 . 2010-12-10 18:50 -------- d-----w- c:\program files\Common Files\Skype 2010-12-08 23:04 . 2009-03-18 15:35 26176 ---ha-w- c:\windows\system32\hamachi.sys 2010-12-08 23:04 . 2010-12-08 23:04 -------- d-----w- c:\program files\LogMeIn Hamachi 2010-12-07 00:32 . 2010-12-07 00:32 54784 --sha-r- c:\windows\system32\dataclens.dll 2010-12-03 21:24 . 2010-12-24 18:27 -------- d-----w- c:\program files\WinPcap 2010-12-03 09:00 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8FC3961E-64B5-4614-87D6-1065C58460FA}\mpengine.dll 2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-24 22:39 . 2010-09-10 20:31 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2010-11-19 12:32 . 2010-11-19 12:17 467702 ----a-w- C:\Uninstal.exe 2010-11-18 20:01 . 2009-08-18 10:30 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll 2010-11-18 20:01 . 2009-08-18 10:24 17816 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2010-11-18 16:50 . 2010-11-18 16:50 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2010-11-06 13:58 . 2010-11-06 13:58 49152 ----a-r- c:\users\BRUNO\AppData\Roaming\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe 2010-10-19 19:41 . 2010-10-19 19:41 34064 ----a-w- c:\windows\system32\lhacm.acm 2010-10-19 09:41 . 2010-07-19 14:21 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-15 21:50 . 2010-09-06 20:38 95232 ----a-w- C:\MuOnline.HU.exe 2010-10-14 00:36 . 2010-10-14 00:36 15451288 ----a-w- c:\windows\system32\xlive.dll 2010-10-14 00:36 . 2010-10-14 00:36 13642904 ----a-w- c:\windows\system32\xlivefnt.dll 2010-10-08 12:34 . 2010-10-08 12:34 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2010-10-07 11:23 . 2010-10-07 11:23 91424 ----a-w- c:\windows\system32\dnssd.dll 2010-10-07 11:23 . 2010-10-07 11:23 75040 ----a-w- c:\windows\system32\jdns_sd.dll 2010-10-07 11:23 . 2010-10-07 11:23 197920 ----a-w- c:\windows\system32\dnssdX.dll 2010-10-07 11:23 . 2010-10-07 11:23 107808 ----a-w- c:\windows\system32\dns-sd.exe 2010-09-28 14:44 . 2010-09-28 14:44 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2010-09-28 14:44 . 2010-09-28 14:44 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888] "{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184] [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch] [HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] 2010-04-27 08:08 2393184 ----a-w- c:\program files\DVDVideoSoftTB\tbDVDV.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184] [HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184] [HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224] "VX1000"="c:\windows\vVX1000.exe" [2010-05-20 762736] "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "PC Auto Shutdown"="c:\program files\PC Auto Shutdown\AutoShutdown.exe" [2010-02-18 1387520] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064] "LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-12-06 1910152] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632] R3 netr73;RT73 vezeték nélküli USB LAN-kártyaillesztő Vista rendszerhez;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792] R3 WatAdminSvc;Windows aktiválási technológiák szolgáltatás;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-20 1343400] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-19 691696] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\ASTRA32\ASTRA32.sys [2007-02-22 30864] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144] S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920] S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 1238408] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088] S2 PCAutoShutdown_Service;PCAutoShutdown_Service;c:\program files\PC Auto Shutdown\ShutdownService.exe [2010-02-18 441624] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-09-27 240232] S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008] S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-09-14 716024] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2007-03-20 28672] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-12-20 20952] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-08-21 66592] S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136] S3 yukonw7;NDIS6.2 miniport-illesztőprogram Marvell Yukon Ethernet-vezérlőhöz;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296] . Contents of the 'Scheduled Tasks' folder 2010-12-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3237398822-3423884846-2355971879-1001Core.job - c:\users\BRUNO\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-19 15:26] 2010-12-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3237398822-3423884846-2355971879-1001UA.job - c:\users\BRUNO\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-19 15:26] . . ------- Supplementary Scan ------- . uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\BRUNO\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm IE: Free YouTube to Mp3 Converter - c:\users\BRUNO\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm Trusted Zone: kuaiche.com\software TCP: {D46AD85E-962A-4B3A-AA44-576D14F44444} = 208.67.222.222,208.67.220.220 FF - ProfilePath - c:\users\BRUNO\AppData\Roaming\Mozilla\Firefox\Profiles\w4tpnptl.default\ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Firesheep: firesheep@codebutler.com - %profile%\extensions\firesheep@codebutler.com FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} . - - - - ORPHANS REMOVED - - - - AddRemove-Advanced SystemCare 3_is1 - c:\program files\IObit\Advanced SystemCare 3\unins000.exe AddRemove-Game Booster_is1 - c:\program files\IObit\Game Booster\unins000.exe . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\¬ *] @Allowed: (Read) (RestrictedCode) DUMPHIVE0.003 (REGF) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\nvvsvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\system32\taskhost.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Microsoft LifeCam\MSCamS32.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\UI0Detect.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\taskhost.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\conhost.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\sppsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Completion time: 2010-12-25 19:41:32 - machine was rebooted ComboFix-quarantined-files.txt 2010-12-25 18:41 ComboFix2.txt 2010-12-25 15:13 Pre-Run: 9 574 830 080 bájt szabad Post-Run: 9 316 921 344 bájt szabad - - End Of File - - 37758D8C260D3F4ADD73BD0E75592F93 |
Szerző: | bbbcars [ szomb. dec. 25, 2010 19:21 ] |
Hozzászólás témája: | Re: STELL Segit |
Köszönöm a gyors segitséget http://www.virustotal.com/file-scan/reanalysis.html?id=7a9fc8377004ec0292f13a3ea9b1d9b47b48f3076d6cf652ff5d9118ab3ed876-1293300996 megcsinal mindjart a CFScriptes dolgot. és irog a logot. |
Szerző: | stell [ szomb. dec. 25, 2010 18:30 ] |
Hozzászólás témája: | Re: STELL Segit |
igen, van ot egy par szöcske. 1:Letelepíteni a gépről c:\program files\AskBarDis 2: kikapcsolni a Windows Defender>>pajzsat. ot van ez ESET. 3:Letesztelni a http://www.virustotal.com c:\program files\FreeApps\FreeApps.exe a linket tedd ide. Kinyitunk - Notepadot (Jegyzetfüzetet)igy: Start>futtatás>beírod: notepad és bemásolod- a Kód: címszó alatt található zöld textet(Kód: szó nélkül), aztán a notepadba beillesztett textet elmentjük scriptnek az asztalra , úgy:- Fájl>Mentés Másként>Fájlnév>CFScript.txt>Fájl típusa>Minden fájl>Mentés.(Ásztálra),.Kész, az astalon lévő CFScript txt húzzunk rá a ComboFix ikonnyara. Es mostan megcsinalod eztett: A combofix maga elindul es lehet hogy restartol es befejezi a scent.Amit majd ad tedd ide. Kód: KILLALL:: Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WinampAgent"=- "Start WingMan Profiler"=- "DivXUpdate"=- "Malwarebytes' Anti-Malware (reboot)"=- "Malwarebytes' Anti-Malware"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"=- "msnmsgr"=- "FreeApp"=- Driver:: eixjgtaw nmbqkg Folder:: c:\users\BRUNO\AppData\Roaming\FlashGetBHO c:\program files\IObit File:: c:\program files\IObit\Advanced SystemCare 3\AWC.exe DDS:: uStart Page = hxxp://google.flashget.com/ IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: Download all by FlashGet3 - c:\users\BRUNO\AppData\Roaming\FlashGetBHO\GetAllUrl.htm IE: Download by FlashGet3 - c:\users\BRUNO\AppData\Roaming\FlashGetBHO\GetUrl.htm RegNull:: [HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\¬ *] |
Szerző: | bbbcars [ szomb. dec. 25, 2010 16:38 ] |
Hozzászólás témája: | Re: STELL Segit |
Sziasztok! Lenne egy olyanproblémám hogy elsődleges:kikapcsolásnál kékhalált kapok. Folyamatosan lassu a gép a pingen a játékokba állandoan felverődik 70röl 600-ra . Ezekkel 1hete még semmi problémám nemvolt. ComboFix LOG: ComboFix 10-12-24.01 - BRUNO 010.12.25. 15:52:34.1.2 - x86 Microsoft Windows 7 Professional 6.1.7600.0.1250.36.1038.18.1024.348 [GMT 1:00] Running from: c:\users\BRUNO\Desktop\ComboFix.exe AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1} SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . ADS - Windows: deleted 24 bytes in 1 streams. ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\BRUNO\AppData\Roaming\edxLabs c:\users\BRUNO\AppData\Roaming\edxLabs\PrivateServer_edxSilkroadLoader\PrivateServer_edxSilkroadLoader.ini c:\windows\system32\arp.exe D:\install.exe . ((((((((((((((((((((((((( Files Created from 2010-11-25 to 2010-12-25 ))))))))))))))))))))))))))))))) . 2010-12-25 15:10 . 2010-12-25 15:10 -------- d-----w- c:\users\Mcx3-BRUNO-PC\AppData\Local\temp 2010-12-24 17:49 . 2010-12-24 17:49 -------- d-----w- c:\program files\FreeApps 2010-12-24 17:49 . 2010-12-24 17:49 -------- d-----w- c:\programdata\FreeApp 2010-12-24 17:49 . 2010-12-24 17:49 -------- d-----w- c:\users\BRUNO\AppData\Roaming\IObit 2010-12-24 17:47 . 2010-12-24 20:18 -------- d-----w- c:\program files\MyDefrag v4.3.1 2010-12-24 17:47 . 2010-05-21 11:11 475648 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.scr 2010-12-24 17:47 . 2010-05-21 11:11 1061888 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.exe 2010-12-23 20:58 . 2010-12-23 20:58 -------- d-----w- c:\users\BRUNO\AppData\Roaming\Malwarebytes 2010-12-23 20:58 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-12-23 20:58 . 2010-12-23 20:58 -------- d-----w- c:\programdata\Malwarebytes 2010-12-23 20:58 . 2010-12-23 20:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-12-23 20:58 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-12-23 09:29 . 2010-12-23 09:29 -------- d-----w- c:\program files\TeamViewer 2010-12-20 14:26 . 2010-12-20 14:26 -------- d-----w- c:\program files\LibUSB-Win32 2010-12-20 14:26 . 2007-03-20 10:33 28672 ----a-w- c:\windows\system32\drivers\libusb0.sys 2010-12-20 14:26 . 2007-03-20 10:33 43520 ----a-w- c:\windows\system32\libusb0.dll 2010-12-20 00:29 . 2005-12-31 23:12 -------- d-----w- c:\users\BRUNO\.shsh 2010-12-19 16:14 . 2010-12-19 16:18 -------- d-----w- c:\users\BRUNO\AppData\Local\Apple Computer 2010-12-19 16:14 . 2010-12-19 16:15 -------- d-----w- c:\users\BRUNO\AppData\Roaming\Apple Computer 2010-12-19 16:13 . 2010-12-19 16:13 -------- dc----w- c:\windows\system32\DRVSTORE 2010-12-19 16:13 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2010-12-19 16:13 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll 2010-12-19 16:13 . 2010-12-19 16:13 -------- d-----w- c:\program files\iPod 2010-12-19 16:13 . 2010-12-19 16:13 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-12-19 16:13 . 2010-12-19 16:13 -------- d-----w- c:\program files\iTunes 2010-12-19 16:11 . 2010-12-19 16:13 -------- d-----w- c:\programdata\Apple Computer 2010-12-19 16:11 . 2010-12-19 16:12 -------- d-----w- c:\program files\QuickTime 2010-12-19 16:06 . 2010-12-19 16:06 -------- d-----w- c:\users\BRUNO\AppData\Local\Apple 2010-12-19 16:06 . 2010-12-19 16:06 -------- d-----w- c:\program files\Apple Software Update 2010-12-19 16:05 . 2010-12-19 16:05 -------- d-----w- c:\program files\Bonjour 2010-12-19 16:04 . 2010-12-19 16:13 -------- d-----w- c:\program files\Common Files\Apple 2010-12-19 16:04 . 2010-12-19 16:06 -------- d-----w- c:\programdata\Apple 2010-12-10 18:50 . 2010-12-10 18:50 -------- d-----w- c:\program files\Common Files\Skype 2010-12-08 23:04 . 2009-03-18 15:35 26176 ---ha-w- c:\windows\system32\hamachi.sys 2010-12-08 23:04 . 2010-12-08 23:04 -------- d-----w- c:\program files\LogMeIn Hamachi 2010-12-07 00:32 . 2010-12-07 00:32 54784 --sha-r- c:\windows\system32\dataclens.dll 2010-12-03 21:24 . 2010-12-24 18:27 -------- d-----w- c:\program files\WinPcap 2010-12-03 09:00 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8FC3961E-64B5-4614-87D6-1065C58460FA}\mpengine.dll 2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-24 22:39 . 2010-09-10 20:31 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2010-11-19 12:32 . 2010-11-19 12:17 467702 ----a-w- C:\Uninstal.exe 2010-11-18 20:01 . 2009-08-18 10:30 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll 2010-11-18 20:01 . 2009-08-18 10:24 17816 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2010-11-18 16:50 . 2010-11-18 16:50 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2010-11-06 13:58 . 2010-11-06 13:58 49152 ----a-r- c:\users\BRUNO\AppData\Roaming\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe 2010-10-19 19:41 . 2010-10-19 19:41 34064 ----a-w- c:\windows\system32\lhacm.acm 2010-10-19 09:41 . 2010-07-19 14:21 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-15 21:50 . 2010-09-06 20:38 95232 ----a-w- C:\MuOnline.HU.exe 2010-10-14 00:36 . 2010-10-14 00:36 15451288 ----a-w- c:\windows\system32\xlive.dll 2010-10-14 00:36 . 2010-10-14 00:36 13642904 ----a-w- c:\windows\system32\xlivefnt.dll 2010-10-08 12:34 . 2010-10-08 12:34 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2010-10-07 11:23 . 2010-10-07 11:23 91424 ----a-w- c:\windows\system32\dnssd.dll 2010-10-07 11:23 . 2010-10-07 11:23 75040 ----a-w- c:\windows\system32\jdns_sd.dll 2010-10-07 11:23 . 2010-10-07 11:23 197920 ----a-w- c:\windows\system32\dnssdX.dll 2010-10-07 11:23 . 2010-10-07 11:23 107808 ----a-w- c:\windows\system32\dns-sd.exe 2010-09-28 14:44 . 2010-09-28 14:44 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2010-09-28 14:44 . 2010-09-28 14:44 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888] "{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184] [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch] [HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-08-26 08:32 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] 2010-04-27 08:08 2393184 ----a-w- c:\program files\DVDVideoSoftTB\tbDVDV.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944] "{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944] "{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] "Google Update"="c:\users\BRUNO\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-07-19 136176] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "FreeApp"="c:\program files\FreeApps\FreeApps.exe" [2010-12-24 814496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-07-12 74752] "Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-05-05 153672] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224] "VX1000"="c:\windows\vVX1000.exe" [2010-05-20 762736] "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "PC Auto Shutdown"="c:\program files\PC Auto Shutdown\AutoShutdown.exe" [2010-02-18 1387520] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1164584] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064] "LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-12-06 1910152] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp R0 eixjgtaw;eixjgtaw;c:\windows\System32\drivers\muac.sys [x] R0 nmbqkg;nmbqkg;c:\windows\System32\drivers\fqartc.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632] R3 netr73;RT73 vezeték nélküli USB LAN-kártyaillesztő Vista rendszerhez;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792] R3 WatAdminSvc;Windows aktiválási technológiák szolgáltatás;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-20 1343400] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-19 691696] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\ASTRA32\ASTRA32.sys [2007-02-22 30864] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144] S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920] S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 1238408] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088] S2 PCAutoShutdown_Service;PCAutoShutdown_Service;c:\program files\PC Auto Shutdown\ShutdownService.exe [2010-02-18 441624] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-09-27 240232] S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008] S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-09-14 716024] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2007-03-20 28672] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-12-20 20952] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-08-21 66592] S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136] S3 yukonw7;NDIS6.2 miniport-illesztőprogram Marvell Yukon Ethernet-vezérlőhöz;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296] . Contents of the 'Scheduled Tasks' folder 2010-12-25 c:\windows\Tasks\AWC Startup.job - c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-12-24 15:19] 2010-12-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3237398822-3423884846-2355971879-1001Core.job - c:\users\BRUNO\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-19 15:26] 2010-12-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3237398822-3423884846-2355971879-1001UA.job - c:\users\BRUNO\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-19 15:26] . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.flashget.com/ uInternet Settings,ProxyOverride = *.local IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: Download all by FlashGet3 - c:\users\BRUNO\AppData\Roaming\FlashGetBHO\GetAllUrl.htm IE: Download by FlashGet3 - c:\users\BRUNO\AppData\Roaming\FlashGetBHO\GetUrl.htm IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\BRUNO\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm IE: Free YouTube to Mp3 Converter - c:\users\BRUNO\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm Trusted Zone: kuaiche.com\software TCP: {D46AD85E-962A-4B3A-AA44-576D14F44444} = 208.67.222.222,208.67.220.220 FF - ProfilePath - c:\users\BRUNO\AppData\Roaming\Mozilla\Firefox\Profiles\w4tpnptl.default\ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Firesheep: firesheep@codebutler.com - %profile%\extensions\firesheep@codebutler.com FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} . - - - - ORPHANS REMOVED - - - - AddRemove-BDE - c:\program files\none\BDE\DeIsL1.isu AddRemove-Ultimate Traffic for FS2004 (2007 Edition) - d:\program files\Microsoft Games\Flight Simulator 9\UnUT2004.exe . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:47,71,cd,64,d3,fd,1a,c7,91,d2,e7,3e,33,64,e1,2a,9c,09,59,22,7b,23,9a, 9b,c5,f1,ee,4d,2f,9d,93,c6,29,11,2d,01,11,e4,50,24,4a,07,d5,53,0e,0f,32,c5,\ "??"=hex:fb,f2,26,f0,54,10,94,92,e6,30,f1,7d,5e,5a,fd,00 [HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\Software\SecuROM\License information*] "datasecu"=hex:67,d4,cf,47,af,8e,af,a7,49,d1,1a,1d,bd,38,68,e8,26,f6,08,7c,2a, 33,c4,45,b1,a9,fc,f6,0d,dc,1e,f4,8f,08,f5,a2,d1,ec,cb,7d,bf,82,bb,c7,55,ad,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 [HKEY_USERS\S-1-5-21-3237398822-3423884846-2355971879-1001\¬ *] @Allowed: (Read) (RestrictedCode) DUMPHIVE0.003 (REGF) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2010-12-25 16:13:12 ComboFix-quarantined-files.txt 2010-12-25 15:13 Pre-Run: 8 773 492 736 bájt szabad Post-Run: 9 605 038 080 bájt szabad - - End Of File - - 8F28742F9A9D8CFA61F214D223267028 |
Szerző: | stell [ hétf. nov. 29, 2010 14:00 ] |
Hozzászólás témája: | Re: STELL Segit |
üdv olvasd mit írtam viewtopic.php?f=15&p=971500#p971500 |
Szerző: | Toni72 [ hétf. nov. 29, 2010 13:30 ] |
Hozzászólás témája: | Re: STELL Segit |
ha vki tudna segíteni az internet problémámon, azt nagyon megköszönném, megjavítottam a registryt is, mégsem tudom firssíteni a virusírtót, sem a firefoxot, skype-ot, steam-et használni... nyitottam már egy külön topicot erről, oda várom a válaszokat kérlek segítsetek, mert nagyon jó lenne, ha végre normálisan menne minden köszi |
Szerző: | stell [ kedd nov. 23, 2010 9:12 ] |
Hozzászólás témája: | Re: STELL Segit |
Igen, így van ahogy Laci cimbora írja, ha ezek a szöcskék kellenek neked, akkor csak virtual box, és itt csinálsz velők amit akarsz, de nem tudom minek , kellenek ezek, neked. |
Szerző: | Laci_L [ vas. nov. 21, 2010 22:03 ] |
Hozzászólás témája: | Re: STELL Segit |
Bár nem stell vagyok, de amit tudok, elmondom: 1. Nem minden vírusos, amit annak jelez, de ez fordítva igaz lehet. 2. Le kell ellenőrizni minden gyanús fájlt a virustotal.com -on. Ha ott 0/42 az eredmény, az némileg megnyugtató. 3. Minden vírusos (vagy gyanús) Keygen-t, Patch-et csak virtuális gépen szabad futtatni, és az eredményt visszamásolni. 4. Ha szükséges, ugyanide kell telepíteni a programot is, és itt futtatni a Patch-et. A módosított fájlokat visszamásolni az alapgépre. Összehasonlítani az eredeti (módosítatlan) fájlokkal (Total Commander-rel). Ha néhány bájtnál nagyobb egy-egy eltérés, újra vírusellenőrzés mindegyikre. 5. Csak ezután lehet menteni a változásokat, és futtatni az okosított programot az alapgépen. stell azt fogja mondani, hogy ne warezolj, mert ráfázol előbb-utóbb. |
Szerző: | energoman [ vas. nov. 21, 2010 14:41 ] |
Hozzászólás témája: | Re: STELL Segit |
sziasztok, Stell téged mint hozzáértőt szeretnélek kérdezni hogy felhomályosíts. Hogyan tudom eldönteni valamiről hogy vírus vagy féreg vagy... Ugye rengetek xyz.exe (mindenféle generátorok) van társítva mindenféle célból a programokhoz. Ezek többnyire a vírusellenőrző programok számára kártevőként van azonosítva, ami ránézésre nem mondható hogy valóban kártevő e. Szóval mik azok a fontosabb lépések amit ilyenkor figyelni kell. Tudsz ehhez mondani néhány jó tanácsot. Én személy szerint a COMODO tűzfal és antivirust használom rezidens programoknak, és mit mondjak eléggé agresszivan mindenre rámondja hogy vírus vagy ...., de nem szívesen törlöm ki ezeket, mert még kellhetnek. Köszi előre is a tanítást. üdv enero |
Szerző: | dorci19 [ csüt. szept. 16, 2010 17:39 ] |
Hozzászólás témája: | Re: STELL Segit |
jó rendben értem. |
Szerző: | stell [ csüt. szept. 16, 2010 17:32 ] |
Hozzászólás témája: | Re: STELL Segit |
De ez nem minden, kikel probalni aaz egerel kicserelni, masik gepbe kiprobalni, vagy esteleg eztet. http://www.virus-stell.com/2010/04/viru ... ive-t.html Ment e azelot<<<???ha nem akkor feltelepiteni az SP3-ast, es igy tovabb, lehet akar mi,,, |
Szerző: | dorci19 [ csüt. szept. 16, 2010 17:06 ] |
Hozzászólás témája: | Re: STELL Segit |
probáltam elosztóval is anélkül is. két USB van mindkettőbe probáltam de nem jó. |
Szerző: | stell [ csüt. szept. 16, 2010 16:59 ] |
Hozzászólás témája: | Re: STELL Segit |
Ezt igy nem lehet megoldani,, kikel probalni mindent, mas USB-hez kapcsolni, ha van tobb Eloszto nelkul, at telepiteni a mobil drivereket, es igy tovabb,, |
Szerző: | dorci19 [ csüt. szept. 16, 2010 16:37 ] |
Hozzászólás témája: | Re: STELL Segit |
megcsináltam de semmi sem változott. ugyan ugy csak az egeret és billentyűzetet ismeri fel. semmi mást. |
Szerző: | stell [ csüt. szept. 16, 2010 16:23 ] |
Hozzászólás témája: | Re: STELL Segit |
belepni az eszkozkezelobe, es tavolisd el az oszes USB-eszkozoket-restart es hagyad hogy a windows ujra telepitse okket. |
Szerző: | dorci19 [ csüt. szept. 16, 2010 15:36 ] |
Hozzászólás témája: | Re: STELL Segit |
nem lehet látni. ahogy bedugom ki irja h a windows nem tudja felismerni. |
Szerző: | stell [ csüt. szept. 16, 2010 7:58 ] |
Hozzászólás témája: | Re: STELL Segit |
kapcsold a gephez a mobilt es nezd meg ha latni e az sajat gepben. |
Szerző: | dorci19 [ szer. szept. 15, 2010 19:56 ] |
Hozzászólás témája: | Re: STELL Segit |
nem jó. ugyan ugy csak az egeret és a billentyüzetet ismeri fel. az USB elosztót pendrive-ot nem. |
Szerző: | dorci19 [ szer. szept. 15, 2010 19:29 ] |
Hozzászólás témája: | Re: STELL Segit |
nekem nincs futtatás hanem összefésülés van. azt megcsináltam de még nem inditottam ujra a gépet. |
Szerző: | stell [ szer. szept. 15, 2010 19:22 ] |
Hozzászólás témája: | Re: STELL Segit |
Kinyitunk - Notepadot (Jegyzetfüzetet)igy: Start>futtatás>beírod: notepad és bemásolod- a Kód: címszó alatt található zöld textet(Kód: szó nélkül), aztán a notepadba beillesztett textet elmentjük scriptnek az asztalra , úgy:- Fájl>Mentés Másként>Fájlnév>fix.reg>Fájl típusa>Minden fájl>Mentés.(Ásztálra),.Kész, Jobb klik a fix.reg fajlora-futtatni mint rendszergazda-bele egyezel, ok, restart-kiprobalni: Kód: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CDRom] "AutoRun"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=- "NoDriveAutoRun"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=- "NoDriveAutoRun"=- [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=- "NoDriveAutoRun"=- |
Szerző: | dorci19 [ szer. szept. 15, 2010 19:18 ] |
Hozzászólás témája: | Re: STELL Segit |
ezt nem értem. hogy kell futtatni? hova másoljam be? |
Szerző: | stell [ szer. szept. 15, 2010 18:34 ] |
Hozzászólás témája: | Re: STELL Segit |
Udv Futtasd le ezt a scriptet, mint fix.reg restart es probald ki: Kód: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CDRom] "AutoRun"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=- "NoDriveAutoRun"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=- "NoDriveAutoRun"=- [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=- "NoDriveAutoRun"=- |
Szerző: | dorci19 [ szer. szept. 15, 2010 11:36 ] |
Hozzászólás témája: | Re: STELL Segit |
Szia Stell. Van egy kis gondom az USB csatlakózóba bedugom a pendrive-ot vagy van ilyen Usb elosztóm és nem ismeri fel a telefon memoria kártyáját is csatlakoztattam de azt sem. Mi lehet a baj? |
Szerző: | stell [ szer. szept. 08, 2010 19:48 ] |
Hozzászólás témája: | Re: STELL Segit |
Igen, mit csináljak veletek, amikkor latom, hogy nálatok nincsen egy komoly fórum,[a Terminal-forumot kiveve] ahol, tényleg értenek a a mai vírusokhoz,Es ez nekem a hobbim, a bort tedd el, a pincébe, mert lehet hogy a jövő évben megyek a Balatonra. Nincsen mit, üdv. |
Szerző: | LustaBagoly [ szer. szept. 08, 2010 19:41 ] |
Hozzászólás témája: | Re: STELL Segit |
Rendben én se akarlak tovább nyaggatni. Tudom, hogy nem azért csinálod, de szívem szerint már megleptelek volna egy üveg borral vagy pezsgővel. Mindig készségesen segítesz itt mindenkinek és sok bajtól, bosszúságtól és fölösleges pénzkidobástól mentesz meg minket. köszönöm az újabb elsősegélyt és nem fenyegetésből mondom, de hallasz még felőlem, ha nem is ma, de a jövőben valamikor biztos. További szép estét. |
Szerző: | patrasz [ szer. szept. 08, 2010 19:39 ] |
Hozzászólás témája: | Re: STELL Segit |
Na kiírom ide is szóval a Combofix log: ComboFix 10-09-07.01 - PALLAGI ZSOLT 010.09.08. 20:09:38.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.36.1038.18.511.315 [GMT 2:00] Running from: c:\documents and settings\PALLAGI ZSOLT\Asztal\ComboFix.exe Command switches used :: c:\documents and settings\PALLAGI ZSOLT\Asztal\WindowsXP-KB310994-SP2-Pro-BootDisk-HUN.exe AV: ESET Smart Security 4.2 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ESET Személyi tűzfal *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} * Resident AV is active . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\ss3unstl.exe . ((((((((((((((((((((((((( Files Created from 2010-08-08 to 2010-09-08 ))))))))))))))))))))))))))))))) . 2010-09-08 17:23 . 2010-09-08 16:36 52224 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\components\FFExternalAlert.dll 2010-09-08 17:23 . 2010-09-08 16:36 101376 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\components\RadioWMPCore.dll 2010-09-07 20:20 . 2010-09-07 20:20 -------- d-----w- c:\program files\trend micro 2010-09-07 20:20 . 2010-09-07 20:20 -------- d-----w- C:\rsit 2010-08-23 19:05 . 2010-08-23 19:05 -------- d--h--w- c:\windows\PIF . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-08 17:58 . 2010-06-08 20:58 -------- d-----w- c:\documents and settings\PALLAGI ZSOLT\Application Data\uTorrent 2010-08-12 17:57 . 2010-06-08 22:42 17728 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-08-11 20:23 . 2001-10-26 11:00 95768 ----a-w- c:\windows\system32\perfc00E.dat 2010-08-11 20:23 . 2001-10-26 11:00 439510 ----a-w- c:\windows\system32\perfh00E.dat 2010-08-03 08:13 . 2010-08-03 08:13 -------- d-----w- c:\documents and settings\PALLAGI ZSOLT\Application Data\DVDVideoSoftIEHelpers 2010-08-03 08:13 . 2010-06-09 22:41 -------- d-----w- c:\program files\Common Files\DVDVideoSoft 2010-06-30 12:33 . 2002-09-20 16:04 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-24 12:26 . 2002-09-20 16:05 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 09:02 . 2002-09-20 15:41 1851904 ----a-w- c:\windows\system32\win32k.sys 2010-06-23 07:59 . 2010-06-23 07:59 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-06-21 15:27 . 2001-10-26 11:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2001-10-26 11:00 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 14:31 . 2010-06-08 19:59 744448 ----a-w- c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe 2010-06-14 07:43 . 2002-09-20 16:04 1172480 ----a-w- c:\windows\system32\msxml3.dll 2010-06-13 10:08 . 2010-06-13 10:08 61440 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-26a72d79-n\decora-sse.dll 2010-06-13 10:08 . 2010-06-13 10:08 503808 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-5488d642-n\msvcp71.dll 2010-06-13 10:08 . 2010-06-13 10:08 499712 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-5488d642-n\jmc.dll 2010-06-13 10:08 . 2010-06-13 10:08 348160 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-5488d642-n\msvcr71.dll 2010-06-13 10:08 . 2010-06-13 10:08 12800 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-26a72d79-n\decora-d3d.dll 2010-06-12 08:16 . 2010-06-12 08:17 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-06-11 18:27 . 2010-06-08 20:02 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-06-09 322352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-04-26 2161480] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-10-06 5058560] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2009-10-30 11:57 369200 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2010-06-09 07:29 322352 ----a-w- c:\program files\uTorrent\uTorrent.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010.04.26. 8:13 114984] R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010.04.26. 8:13 810120] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010.06.23. 9:59 691696] . Contents of the 'Scheduled Tasks' folder 2010-09-08 c:\windows\Tasks\WGASetup.job - c:\windows\system32\KB905474\wgasetup.exe [2010-06-15 20:18] . . ------- Supplementary Scan ------- . IE: E&xportálás Microsoft Excel formátumba - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 IE: Free YouTube to Mp3 Converter - c:\documents and settings\PALLAGI ZSOLT\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms} FF - component: c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\components\FFExternalAlert.dll FF - component: c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\components\RadioWMPCore.dll FF - component: c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{ee4c73ff-7a1b-4330-acec-45e409118cc1}\components\FFExternalAlert.dll FF - component: c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{ee4c73ff-7a1b-4330-acec-45e409118cc1}\components\RadioWMPCore.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHANS REMOVED - - - - MSConfigStartUp-CTFMON - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-09-08 20:19 Windows 5.1.2600 Szervizcsomag 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2010-09-08 20:23:25 ComboFix-quarantined-files.txt 2010-09-08 18:23 Pre-Run: 4 985 643 008 bájt szabad Post-Run: 4 942 761 984 bájt szabad WindowsXP-KB310994-SP2-Pro-BootDisk-HUN.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional - magyar" /fastdetect - - End Of File - - BDD37C9742C3C8345CAE7938096E5F88 Ja igen aGyurma az nem én vagyok |
Szerző: | stell [ szer. szept. 08, 2010 19:33 ] |
Hozzászólás témája: | Re: STELL Segit |
Akkor meg ne babraljuk, ami mukodik aztat ugy kell hagyni, |
Szerző: | LustaBagoly [ szer. szept. 08, 2010 19:32 ] |
Hozzászólás témája: | Re: STELL Segit |
A baj az , hogy már megint esik az eső! Másrészről, hogy pár napja félbemaradt a gépem vizsgálata. G-mer folyton fagyott mikor menteni akartam a log-ot. Akkor kértél meg, hogy nézzem át eszközkezelőt nincs-e PIO módban a vezérlő. Onnan jutottunk ide. Viszont azóta nem volt kékhalál mióta hagytam az alap hangkártya drivert amit a rendszer telepített fel magától kérdés nélkül. |
Szerző: | stell [ szer. szept. 08, 2010 19:24 ] |
Hozzászólás témája: | Re: STELL Segit |
ok,az SPTD-driver ot van azok kozot, tehat a Daemon renben van, a masikat nem latom ott, tehat tilds le azt is, amejiknel sarga kerdojel, van, habar en nem szeretem a sarga kerdo jeleket,,akkor ha a hang , jo hagyad ugy,, ne telepitsd a codecot,,neked jo akkor nekem is, Most akkor mia Baj?? |
Szerző: | LustaBagoly [ szer. szept. 08, 2010 19:18 ] |
Hozzászólás témája: | Re: STELL Segit |
Pont belefért a képbe az összes, az AFD-vel kezdődik és a XDva359-el fejeződik be: http://kepfeltoltes.co.hu/share-BFE7_4C87D1E1.html Biztos, hogy kell nekem ez a codec? Mert én egy Sound Blaster Live! Value (CT 4670) hangkártyát használok nem az integráltat. |
Szerző: | stell [ szer. szept. 08, 2010 19:00 ] |
Hozzászólás témája: | Re: STELL Segit |
http://www.realtek.com.tw/downloads/dow ... Down=false hagyad letiltva, tolds le inen a codecot, az xp-re-telepitsd fel, aztan tavolitsd el a sarga AUDIOS drivert restart. daemon, de a masik a kedojeles az Alcohole . menj az eszkozkezelobe-febnt a tetejen Ful-megjelenites,-megjelenited a rejtet eszkozoket-kinyitod a nem plug and play-eszkozt es csinalj screenshotot. |
Szerző: | LustaBagoly [ szer. szept. 08, 2010 18:31 ] |
Hozzászólás témája: | Re: STELL Segit |
Igen van hang nálam. Itt egy kép a hangkártya eszközökről: http://kepfeltoltes.co.hu/share-3F35_4C87C546.html Igen fent van nekem a Daemon Tools Lite. Engedélyeztem a sárga kérdőjeles dolgot és újraindítottam. Ugyanúgy kérdőjeles. Én úgy tudom, hogy az a videokártyának a része - házimozi rendszerhez - amit én nem használok. Azért gondoltam, hogyha nem működik akkor letiltom azzal nem ártok. Szerk: Nagyon úgy fest a dolog, hogy az az integrált hangkártyának a drivere. http://en.wikipedia.org/wiki/Intel_High ... tion_Audio |
Szerző: | stell [ szer. szept. 08, 2010 18:12 ] |
Hozzászólás témája: | Re: STELL Segit |
Nem ertem hogy miert van a masodlagos ide csatornan 5UDMA, csak 2-nek kene lenie, sarga kerdojel,hang , enged meg es restart, ha meg mindig sarga lesz ott akkor ujra kel telepiteni a hang kartyadat, mert nem jo a driver,, mukodik egyaltalan a hang?? sarga kerdojel SCSSI ezek a Daemon Alcohool -emulatorok -e, felvan neked ezek telepitve?? |
Szerző: | LustaBagoly [ szer. szept. 08, 2010 17:58 ] |
Hozzászólás témája: | Re: STELL Segit |
Itt vannak a képek: http://kepfeltoltes.co.hu/share-A98C_4C87C1B0.html http://kepfeltoltes.co.hu/share-A134_4C87C1B0.html |
Oldal: 14 / 16 | Időzóna: UTC + 1 óra |
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |