UDv
pontosan, ne alinket tedd ide, hanem klikelj a linkre, olvasd el mi van oda irva , es tedd ide az RSIT logjat.

egyszerűen bios resetet csináltál, de gondolom hogy a ventilátor segített, akkor processzor melegedés volt.
Fo hogy jo lett.

Hali Stell. Úgy látszik "megoldottam" megtisztítottam a ventilátorom a gépbe és én ezt úgy szoktam hogy áramtalanítom.
Nos ezután mindig felajánlotta a gép hogy mikor bekapcsoltam hogy default vagy last known god modba inditsa. Szerintem a biosra gondolatot. Nem értek hozzá annyira és a defaultot nyomtam azóta nem volt fagyás. Lehet megoldottam. Remélem nagyjából érthető mit gagyogtam.
Üdv Outsider

nincsen mit, aztán írd meg ha rendbe jön, hogy mi volt a hiba.
üdv

Értem. kösz a segítséget.

ez renben van, de ahogy irtam a hiba a processzor korul van , vegy huztad a procit, vagy valami mas,,lehet akarmi,,ezert azt tanacsolom hogy vidd a szervizbe.

Felraktam a képeket arra az oldalra amit adtál itt a link: http://leteckaposta.cz/226120728
Üdv

Rendben fel rakom arra amit adtál nekem se ment most. Na ez érdekes ha belépek látszódik a rar de ha FTP-n kapcsolódok akkor meg nincs is ott. ÁÁÁ. Még a délelőtt folyamán vagy délután feltöltöm mert most a bátyám gépén "játszogatok."Be patient"
Üdv Outsider

http://www.leteckaposta.cz/
Jatszd fel ide, es a linket tedd ide, ezek a magyar szerverek, valahogy nekem nem mennek.

Megcsináltam itt vannak a képek amit csinált a program.
http://addat.hu/244791f1/2010-11-22.rar.html

Neked lekel tesztelni a processzort, en nem probaltam ezt a programot. csak lattam hogy evvel is lehet, tehat fordulj valami hardwer forumra, es biztosan segitenek, mivel a hibat a processzor produkalja.

Üdv bocsi Stell leírnád hogy mit tegyek evvel a programmal?

Tehát akkor lehet új processzort venni. Fsza. Nem értem hogy hogy mehetett tönkre mert elvileg hűtése az van bőven. Na mindegy megnézem amit adtál. Illetve mellékeltél. Köszi a segítséget.
Üdv

Tehát itt van ez szinte mindig .WHEA_UNCORRECTABLE_ERROR,ezt a hibat a processzor
generálta . Ez a hardver hiba
A legtöbb esetben , az adatok írása az L1 cache-ba, az elsődleges feldolgozó mag.
Néhány közülük előfordulnak a kezelése a TLB cache, az elsődleges feldolgozó mag.
TLB másodlagos gyorsítótár a processzor és használják a fordításra a memória címet..
Ha nincsen szükséges adat a processzor először az L1 cache-ban keres.
Tehát még a TLB hiba valószínűleg hibája által okozott az L1 cache.

1:Lehet közvetlenül L1cache felrobbant-tönkre ment, 2;huzatot Processzor, vagy processzor túlmelegedés.

Van 1-jelentess a Grafikus kártyára, de ez is az L1-cache-ra mutat.. Talán ki kéne próbálnom egy CPU terheléses vizsgálat, lehetőleg windows nélkül, (bármilyen bootolható CD-t)
Azt hiszem, már láttam Prime95 egy bootolható CD-t, de nem tudom hol.

A legtöbb esetben ez a processor hibaja és talán lehet észlelni is GoldMemory. De nem jótállok erte:)
Alternatív megoldásként próbáld OCCT http://www.slunecnice.cz/sw/occt/
vagy valami ilyesmi

Egyre ****. 1 percen belül 2x is kékhalál...

Nem értem feltettem megint.
http://addat.hu/9978ab76/Minidump.rar.html probáld meg most.

nem, ez van oda irva
Sajnáljuk, de a keresett fájl nem található.

Üdv. Sikerült leszedni a minidump mappát? Stell

Köszönöm szépen stell!

Üdv.:Sanyi

udv
En szerintem nincsen miert agodnod, ezt a kiirast a windows beepitet seged program Dr. Watson csinalta, hozza akart ferni a PCTOOLS tuzfalhoz,
Ez a kis seged program tobb gondod okoz, mint hasznot, ezert kikel a regeditben kapcsolni, igy
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ AeDebug]
Érték neve: Auto
Adatok: REG_SZ (string text)
Érték: (0 = üzenet, 1 = üzenetet, és futtassa a Dr. Watson)

Változtatás az érték nevet >> 0.>>ra.

Szia stell!

Ezt a logot találtam a C-n:


Microsoft (R) DrWtsn32
Copyright (C) 1985-2001 Microsoft Corp. minden jog fenntartva.



Alkalmazáskivétel történt:
Alkalmazás: C:\Program Files\PC Tools Firewall Plus\FWService.exe (pid=1760)
Dátum: 2010. 11. 16. Időpont: 18:36:32.937
Kivételszám: c0000005 (hozzáférés megsértése)

*----> Rendszerinformáció <----*
Számítógépnév:
Felhasználónév: ŸŸ
Terminál-munkamenet azonosítója: 0
Processzorok száma: 2
Windows verzió: 5.1

*----> Feladatlista <----*
0 System Process
4 System
776 smss.exe
824 csrss.exe
856 winlogon.exe
900 services.exe
912 lsass.exe
1112 svchost.exe
1168 svchost.exe
1288 svchost.exe
1536 svchost.exe
1760 FWService.exe
3120 alg.exe
2312 logonui.exe
2972 wuauclt.exe
2228 drwtsn32.exe

*----> Modullista <----*
(0000000000400000 - 00000000004ca000: C:\Program Files\PC Tools Firewall Plus\FWService.exe
(00000000007a0000 - 00000000007cd000: C:\Program Files\PC Tools Firewall Plus\PCTWSC.dll
(0000000000e00000 - 00000000012d1000: C:\Program Files\PC Tools Firewall Plus\FirewallSDK.dll
(0000000001610000 - 0000000001666000: C:\Program Files\PC Tools Firewall Plus\PluginDllFW.dll
(0000000001690000 - 0000000001719000: C:\Program Files\Common Files\PC Tools\GenTDI\GenericTdiDll.dll
(0000000004180000 - 0000000004455000: C:\WINDOWS\system32\xpsp2res.dll
(0000000010000000 - 000000001034c000: C:\Program Files\PC Tools Firewall Plus\FirewallWrapper.dll
(0000000040360000 - 00000000403a5000: C:\WINDOWS\system32\iertutil.dll
(0000000045300000 - 0000000045428000: C:\WINDOWS\system32\urlmon.dll
(000000004d520000 - 000000004d579000: C:\WINDOWS\system32\WINHTTP.dll
(000000005b0e0000 - 000000005b135000: C:\WINDOWS\system32\NETAPI32.dll
(000000005b1d0000 - 000000005b208000: C:\WINDOWS\system32\uxtheme.dll
(000000005d520000 - 000000005d5ba000: C:\WINDOWS\system32\comctl32.dll
(000000005ddb0000 - 000000005ddb9000: C:\WINDOWS\system32\RPCNS4.dll
(0000000066780000 - 00000000667d8000: C:\WINDOWS\system32\hnetcfg.dll
(0000000068000000 - 0000000068036000: C:\WINDOWS\system32\rsaenh.dll
(00000000719f0000 - 0000000071a30000: C:\WINDOWS\system32\mswsock.dll
(0000000071a30000 - 0000000071a38000: C:\WINDOWS\System32\wshtcpip.dll
(0000000071a40000 - 0000000071a48000: C:\WINDOWS\system32\WS2HELP.dll
(0000000071a50000 - 0000000071a67000: C:\WINDOWS\system32\WS2_32.dll
(0000000071ba0000 - 0000000071bb3000: C:\WINDOWS\system32\SAMLIB.dll
(0000000072260000 - 0000000072265000: C:\WINDOWS\system32\SensApi.dll
(0000000074e80000 - 0000000074e8e000: C:\WINDOWS\system32\wbem\wbemsvc.dll
(0000000074ea0000 - 0000000074ea8000: C:\WINDOWS\system32\wbem\wbemprox.dll
(0000000075240000 - 0000000075277000: C:\WINDOWS\system32\wbem\wbemcomn.dll
(0000000075650000 - 00000000756c6000: C:\WINDOWS\system32\wbem\fastprox.dll
(0000000076050000 - 00000000760b5000: C:\WINDOWS\system32\MSVCP60.dll
(0000000076360000 - 000000007637d000: C:\WINDOWS\system32\IMM32.DLL
(00000000765b0000 - 00000000765c3000: C:\WINDOWS\system32\cryptnet.dll
(0000000076770000 - 000000007677c000: C:\WINDOWS\system32\cryptdll.dll
(0000000076780000 - 0000000076793000: C:\WINDOWS\system32\NTDSAPI.dll
(00000000769a0000 - 0000000076a56000: C:\WINDOWS\system32\USERENV.dll
(0000000076b00000 - 0000000076b11000: C:\WINDOWS\system32\ATL.DLL
(0000000076b20000 - 0000000076b4e000: C:\WINDOWS\system32\WINMM.dll
(0000000076be0000 - 0000000076beb000: C:\WINDOWS\system32\PSAPI.DLL
(0000000076c20000 - 0000000076c4e000: C:\WINDOWS\system32\WINTRUST.dll
(0000000076c80000 - 0000000076ca8000: C:\WINDOWS\system32\IMAGEHLP.dll
(0000000076d30000 - 0000000076d48000: C:\WINDOWS\system32\MPRAPI.dll
(0000000076d50000 - 0000000076d69000: C:\WINDOWS\system32\iphlpapi.dll
(0000000076e00000 - 0000000076e25000: C:\WINDOWS\system32\adsldpc.dll
(0000000076e70000 - 0000000076e7e000: C:\WINDOWS\system32\rtutils.dll
(0000000076e80000 - 0000000076e92000: C:\WINDOWS\system32\rasman.dll
(0000000076ea0000 - 0000000076ecf000: C:\WINDOWS\system32\TAPI32.dll
(0000000076ed0000 - 0000000076f0c000: C:\WINDOWS\system32\RASAPI32.DLL
(0000000076f10000 - 0000000076f37000: C:\WINDOWS\system32\DNSAPI.dll
(0000000076f50000 - 0000000076f7d000: C:\WINDOWS\system32\WLDAP32.dll
(0000000076fb0000 - 0000000076fb6000: C:\WINDOWS\system32\rasadhlp.dll
(0000000076fc0000 - 000000007703f000: C:\WINDOWS\system32\CLBCATQ.DLL
(0000000077040000 - 000000007710b000: C:\WINDOWS\system32\COMRes.dll
(0000000077110000 - 000000007719b000: C:\WINDOWS\system32\OLEAUT32.dll
(00000000773c0000 - 00000000774c3000: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
(00000000774d0000 - 000000007760d000: C:\WINDOWS\system32\ole32.dll
(0000000077680000 - 00000000776a1000: C:\WINDOWS\system32\NTMARTA.DLL
(0000000077910000 - 0000000077a06000: C:\WINDOWS\system32\SETUPAPI.dll
(0000000077a70000 - 0000000077b06000: C:\WINDOWS\system32\CRYPT32.dll
(0000000077b10000 - 0000000077b22000: C:\WINDOWS\system32\MSASN1.dll
(0000000077b30000 - 0000000077b52000: C:\WINDOWS\system32\Apphelp.dll
(0000000077bf0000 - 0000000077bf8000: C:\WINDOWS\system32\VERSION.dll
(0000000077c00000 - 0000000077c58000: C:\WINDOWS\system32\msvcrt.dll
(0000000077c60000 - 0000000077c85000: C:\WINDOWS\system32\msv1_0.dll
(0000000077cb0000 - 0000000077ce2000: C:\WINDOWS\system32\ACTIVEDS.dll
(0000000077dc0000 - 0000000077e6b000: C:\WINDOWS\system32\ADVAPI32.dll
(0000000077e70000 - 0000000077f03000: C:\WINDOWS\system32\RPCRT4.dll
(0000000077f10000 - 0000000077f59000: C:\WINDOWS\system32\GDI32.dll
(0000000077f60000 - 0000000077fd6000: C:\WINDOWS\system32\SHLWAPI.dll
(0000000077fe0000 - 0000000077ff1000: C:\WINDOWS\system32\Secur32.dll
(000000007c800000 - 000000007c8fb000: C:\WINDOWS\system32\kernel32.dll
(000000007c900000 - 000000007c9b4000: C:\WINDOWS\system32\ntdll.dll
(000000007c9c0000 - 000000007d1dc000: C:\WINDOWS\system32\SHELL32.dll
(000000007e360000 - 000000007e3f1000: C:\WINDOWS\system32\USER32.dll

*----> A szál (azonosító: 0xa00) <----*

eax=03f7847c ebx=01b64e48 ecx=00000000 edx=7c90e514 esi=01b64e40 edi=01b65074
eip=00eace56 esp=03f78468 ebp=0142e720 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202

*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Program Files\PC Tools Firewall Plus\FirewallSDK.dll -
függvény: FirewallSDK
Error 0x80070057
HIBA ->00eace56 8b01 mov eax,[ecx] ds:0023:00000000=????????
Error 0x80070057

*----> Az egymásba ágyazott függvényhívások (fordított sorrendben) <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
0142e720 00000000 000003d8 00000000 00000000 FirewallSDK+0xace56

*----> A veremtár tartalma <----*
0000000003f78468 4b e6 21 f2 08 00 00 00 - 78 fb 42 01 8c eb f7 03 K.!.....x.B.....
0000000003f78478 40 4e b6 01 54 9f 10 01 - 73 00 00 00 00 00 40 01 @N..T...s.....@.
0000000003f78488 00 00 00 00 52 b2 fe 00 - 9b e6 21 f2 f4 84 f7 03 ....R.....!.....
0000000003f78498 00 00 00 00 07 00 00 00 - cc 84 f7 03 00 00 f7 03 ................
0000000003f784a8 a8 01 0c 01 ff ff ff ff - 5e 5e ed 00 00 00 00 00 ........^^......
0000000003f784b8 07 00 00 00 58 b9 10 01 - 01 eb f7 03 7b 5e ed 00 ....X.......{^..
0000000003f784c8 00 00 00 00 00 00 00 00 - 00 00 00 00 78 b9 10 01 ............x...
0000000003f784d8 01 ff ff ff 7c eb f7 03 - 00 00 00 00 00 00 00 00 ....|...........
0000000003f784e8 00 00 00 00 5b e6 21 f2 - 7c eb f7 03 88 be 0a 01 ....[.!.|.......
0000000003f784f8 00 00 00 00 0c e4 ea 00 - 40 4e b6 01 2f e7 21 f2 ........@N../.!.
0000000003f78508 7c e7 42 01 20 e7 42 01 - cc 15 83 7c 20 e7 42 01 |.B. .B....| .B.
0000000003f78518 00 00 00 01 01 00 00 00 - 6a 87 f7 03 40 4e b6 01 ........j...@N..
0000000003f78528 70 e8 42 01 d8 91 b5 01 - 00 00 00 00 d4 91 b5 01 p.B.............
0000000003f78538 02 00 00 00 00 00 00 00 - 00 00 00 00 70 e8 42 01 ............p.B.
0000000003f78548 d4 91 b5 01 00 00 00 00 - b0 97 b5 01 00 00 00 00 ................
0000000003f78558 00 00 00 00 00 00 00 00 - 0f 00 00 00 0f 00 00 00 ................
0000000003f78568 02 00 00 00 7b 00 34 00 - 42 00 30 00 31 00 43 00 ....{.4.B.0.1.C.
0000000003f78578 45 00 34 00 46 00 2d 00 - 45 00 31 00 46 00 37 00 E.4.F.-.E.1.F.7.
0000000003f78588 2d 00 34 00 32 00 39 00 - 37 00 2d 00 38 00 31 00 -.4.2.9.7.-.8.1.
0000000003f78598 38 00 31 00 2d 00 38 00 - 46 00 45 00 36 00 37 00 8.1.-.8.F.E.6.7.

Van miért aggodnom?

Köszi

No megsem jó ez a tragacs. Medal nál is kifagy. itt a minidump
http://addat.hu/59d30a95/Minidump.rar.html

ok, ha lesz , akkor tedd fell a minidump-ot valahova es megnezem,
nincsen mit
udv.

Hali Stell. Eddig nem volt kékhalálom. Az arma 2 is fent van de még nem használtam.
Eddig a Cod Black OPS is ki szokott "kékhalálozni" eddig semmi csak kifagyott most de ez előfordul.
Köszönöm még egyszer a fáradozásod.
Üdv Outsider

Inkab varjal 1-ket nappot, es meglatod lesz e kekhalal, aztan tedd fell, es ha lesz akkor ez a program okozza.
nincsen mitt.

Rendben. Felteszem az Arma 2-őt. De nem értem hogy miért halt meg a gép tőle eredeti játék pedig.
Köszönöm a segítséged és fáradozásod Stell.
Üdv Outsider

:torold az TDSSKILLER programot
2:Futtasd az OTL-klik-Cleanup-yes, yes,
3:Ha meg lesz kekhalal, akkor elenitsd meg a rejtet mappak es fajlokat.
Talald meg c:Windows\minidump mappat, a tartalmat csomagold be es tedd fell valahova, a linket meg tedd ide, majd en megnezem
egyelore ez minden..

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\Temp\CabCB10.tmp moved successfully.
C:\WINDOWS\Temp\TarCB21.tmp moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Outsider
->Temp folder emptied: 306 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 49685540 bytes
->Flash cache emptied: 1282 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 47,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Outsider
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11182010_132335

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Kerlek olvasd eloszor el mit irok, most mar nem a reportot csinaljuk, hanem valami masat.

========== Files Created - No Company Name ==========

[2010.11.18 12:01:49 | 001,224,671 | ---- | C] () -- C:\Users\Outsider\Desktop\tdsskiller.zip
[2010.11.17 14:26:38 | 000,000,927 | ---- | C] () -- C:\Users\Outsider\Documents\Megosztási mappák.lnk
[2010.11.16 12:26:51 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.11.13 18:04:52 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.11.13 17:58:06 | 000,000,961 | ---- | C] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2010.11.13 17:50:58 | 000,004,962 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010.11.13 17:33:11 | 000,000,962 | ---- | C] () -- C:\Users\Outsider\Desktop\ArmA 2 indítása.lnk
[2010.11.13 17:21:33 | 000,001,427 | ---- | C] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.11.13 17:19:07 | 000,001,294 | ---- | C] () -- C:\Users\Outsider\Desktop\Call of Duty Word at War.lnk
[2010.11.13 17:17:46 | 000,000,359 | ---- | C] () -- C:\Users\Outsider\Desktop\Számítógép parancsikonja.lnk
[2010.11.13 17:17:04 | 000,000,290 | ---- | C] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010.11.13 17:17:04 | 000,000,272 | ---- | C] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010.11.13 17:04:49 | 1610,260,480 | -HS- | C] () -- C:\hiberfil.sys
[2010.11.13 17:03:48 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.11.13 17:03:47 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2008.01.04 10:26:41 | 000,007,605 | ---- | C] () -- C:\Users\Outsider\AppData\Local\Resmon.ResmonCfg

========== LOP Check ==========

[2008.01.03 22:30:47 | 000,000,000 | ---D | M] -- C:\Users\Outsider\AppData\Roaming\DAEMON Tools Lite
[2010.11.18 10:10:50 | 000,000,000 | ---D | M] -- C:\Users\Outsider\AppData\Roaming\uTorrent
[2009.07.14 05:53:46 | 000,007,120 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\ERDNT\cache\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< %SYSTEMDRIVE%\viamraid.sys /s /md5 >

< %SYSTEMDRIVE%\nvata.sys /s /md5 >

< %SYSTEMDRIVE%\NDIS.sys /s /md5 >
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\ERDNT\cache\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

< %SYSTEMROOT%\*. /mp /s >

< %SYSTEMROOT%\system32\*.dll /lockedfiles >

< %SYSTEMROOT%\Tasks\*.job /lockedfiles >

< End of report >

Itt a report.
OTL logfile created on: 2010.11.18. 12:32:31 - Run 3
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Outsider\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040e | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 63,52 Gb Free Space | 65,11% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 84,42 Mb Free Space | 84,43% Space Free | Partition Type: NTFS
Drive E: | 51,39 Gb Total Space | 5,74 Gb Free Space | 11,16% Space Free | Partition Type: NTFS
Drive F: | 7,68 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: OUTSIDER-PC | User Name: Outsider | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.11.18 11:38:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Outsider\Desktop\OTL.exe
PRC - [2010.10.27 07:17:17 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.10.27 07:17:17 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010.10.16 12:42:38 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010.10.16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2009.12.25 18:51:14 | 008,129,056 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (SafeList) ==========

MOD - [2010.11.18 11:38:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Outsider\Desktop\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.07.14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.10.16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.03.30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.07.14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Telepítő (AxInstSV)
SRV - [2009.07.14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2008.01.02 13:29:54 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)


========== Driver Services (SafeList) ==========

DRV - [2010.11.13 18:04:52 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.10.22 07:23:05 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.02.03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.12.25 18:28:34 | 002,981,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.12.11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009.07.13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: belle.starr.colt@gmx.com:3.7

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2008.01.01 21:15:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2008.01.01 21:15:13 | 000,000,000 | ---D | M]

[2008.01.01 21:15:39 | 000,000,000 | ---D | M] -- C:\Users\Outsider\AppData\Roaming\mozilla\Extensions
[2010.11.17 20:12:23 | 000,000,000 | ---D | M] -- C:\Users\Outsider\AppData\Roaming\mozilla\Firefox\Profiles\5z8gcyys.default\extensions
[2008.01.02 13:42:01 | 000,000,000 | ---D | M] -- C:\Users\Outsider\AppData\Roaming\mozilla\Firefox\Profiles\5z8gcyys.default\extensions\belle.starr.colt@gmx.com
[2008.01.01 21:59:23 | 000,000,000 | ---D | M] -- C:\Users\Outsider\AppData\Roaming\mozilla\Firefox\Profiles\5z8gcyys.default\extensions\personas@christopher.beard
[2008.01.01 21:15:13 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.10.27 06:48:52 | 000,000,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010.10.27 06:48:52 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\polymeta.xml
[2010.10.27 06:48:52 | 000,001,628 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\sztaki-en-hu.xml
[2010.10.27 06:48:52 | 000,000,974 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\vatera.xml
[2010.10.27 06:48:52 | 000,001,189 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-hu.xml

O1 HOSTS File: ([2010.11.18 10:28:50 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.05.29 04:44:52 | 001,075,256 | R--- | M] () - F:\AutoRun.bmp -- [ UDF ]
O32 - AutoRun File - [2009.05.27 16:41:16 | 000,000,461 | R--- | M] () - F:\Autorun.csv -- [ UDF ]
O32 - AutoRun File - [2009.05.29 04:44:52 | 000,000,488 | R--- | M] () - F:\AutoRun.dat -- [ UDF ]
O32 - AutoRun File - [2009.03.26 08:20:12 | 000,704,512 | R--- | M] () - F:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2009.05.29 04:44:52 | 000,000,048 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009.05.29 04:44:52 | 000,263,138 | R--- | M] () - F:\autorun.wav -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)


========== Files/Folders - Created Within 30 Days ==========

[2010.11.18 12:01:58 | 000,000,000 | ---D | C] -- C:\Users\Outsider\Desktop\tdsskiller
[2010.11.18 11:38:24 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Outsider\Desktop\OTL.exe
[2010.11.18 10:29:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.11.18 10:29:47 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\temp
[2010.11.18 10:24:30 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.11.18 08:27:38 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.11.17 17:59:55 | 000,520,192 | ---- | C] (ScreenTime Media) -- C:\Windows\System32\Grand Theft Auto IV Screenshot.scr
[2010.11.17 17:59:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\Grand Theft Auto IV Screenshot dir
[2010.11.17 14:28:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.11.17 14:28:11 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010.11.17 14:28:11 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2010.11.17 14:28:11 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2010.11.17 14:26:07 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\Windows Live
[2010.11.17 11:41:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.11.17 11:40:56 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010.11.16 16:22:21 | 000,000,000 | ---D | C] -- C:\Program Files\ArmA Edit
[2010.11.13 18:09:10 | 000,000,000 | ---D | C] -- C:\Users\Outsider\Documents\ArmA 2
[2010.11.13 18:09:10 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\ArmA 2
[2010.11.13 18:04:40 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.11.13 18:04:11 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\DAEMON Tools Lite
[2010.11.13 18:04:09 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.11.13 18:02:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010.11.13 18:02:03 | 002,981,024 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.11.13 18:02:03 | 002,630,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.11.13 18:02:03 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010.11.13 18:02:03 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010.11.13 18:02:03 | 001,539,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.11.13 18:02:03 | 000,954,128 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2010.11.13 18:02:03 | 000,783,632 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2010.11.13 18:02:03 | 000,705,808 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2010.11.13 18:02:03 | 000,551,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.11.13 18:02:03 | 000,371,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.11.13 18:02:03 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010.11.13 18:02:03 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010.11.13 18:02:03 | 000,311,568 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010.11.13 18:02:03 | 000,296,864 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010.11.13 18:02:03 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010.11.13 18:02:03 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010.11.13 18:02:03 | 000,269,584 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2010.11.13 18:02:03 | 000,239,376 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2010.11.13 18:02:03 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010.11.13 18:02:03 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010.11.13 18:02:03 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010.11.13 18:02:03 | 000,146,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2010.11.13 18:02:03 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010.11.13 18:02:03 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010.11.13 18:02:03 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2010.11.13 18:02:03 | 000,101,136 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2010.11.13 18:02:03 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2010.11.13 18:02:03 | 000,093,456 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2010.11.13 18:02:03 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010.11.13 18:02:03 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2010.11.13 18:02:03 | 000,058,128 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2010.11.13 18:02:03 | 000,056,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.11.13 18:02:03 | 000,056,592 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2010.11.13 18:02:03 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010.11.13 18:02:02 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010.11.13 18:01:57 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010.11.13 18:01:56 | 000,838,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.11.13 18:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010.11.13 17:58:06 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010.11.13 17:58:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010.11.13 17:58:00 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\Winamp
[2010.11.13 17:58:00 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010.11.13 17:56:39 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2010.11.13 17:56:39 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2010.11.13 17:56:39 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010.11.13 17:56:39 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2010.11.13 17:56:39 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010.11.13 17:56:39 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2010.11.13 17:56:39 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010.11.13 17:56:39 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2010.11.13 17:56:39 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2010.11.13 17:56:39 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2010.11.13 17:56:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010.11.13 17:56:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010.11.13 17:56:39 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2010.11.13 17:56:39 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010.11.13 17:56:39 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010.11.13 17:56:38 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010.11.13 17:56:38 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.11.13 17:56:38 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.11.13 17:56:38 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010.11.13 17:56:38 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010.11.13 17:56:37 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010.11.13 17:56:37 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010.11.13 17:56:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010.11.13 17:56:37 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010.11.13 17:56:37 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010.11.13 17:56:37 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010.11.13 17:56:37 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010.11.13 17:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.11.13 17:51:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.11.13 17:50:59 | 014,899,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010.11.13 17:50:59 | 010,084,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010.11.13 17:50:59 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.11.13 17:50:58 | 013,019,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010.11.13 17:50:58 | 010,023,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2010.11.13 17:50:58 | 004,837,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010.11.13 17:50:58 | 002,912,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010.11.13 17:50:58 | 002,666,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010.11.13 17:50:58 | 001,719,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010.11.13 17:50:58 | 000,888,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322050.dll
[2010.11.13 17:50:58 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322030.dll
[2010.11.13 17:50:58 | 000,319,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdecodemft.dll
[2010.11.13 17:50:58 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010.11.13 17:50:18 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.11.13 17:50:05 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.11.13 17:44:40 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\LogMeIn Hamachi
[2010.11.13 17:44:20 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2010.11.13 17:43:50 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.11.13 17:33:48 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\Macromedia
[2010.11.13 17:33:48 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\Adobe
[2010.11.13 17:33:40 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.11.13 17:33:05 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010.11.13 17:33:05 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010.11.13 17:33:05 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010.11.13 17:33:05 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010.11.13 17:33:05 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010.11.13 17:33:04 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010.11.13 17:33:04 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010.11.13 17:33:04 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010.11.13 17:33:04 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010.11.13 17:33:04 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010.11.13 17:33:04 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010.11.13 17:33:03 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010.11.13 17:33:03 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010.11.13 17:33:03 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010.11.13 17:33:03 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010.11.13 17:33:03 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010.11.13 17:33:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010.11.13 17:33:03 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010.11.13 17:33:03 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010.11.13 17:33:03 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010.11.13 17:33:02 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010.11.13 17:33:02 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010.11.13 17:33:02 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010.11.13 17:33:02 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010.11.13 17:33:02 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010.11.13 17:33:02 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010.11.13 17:33:02 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010.11.13 17:33:02 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010.11.13 17:33:02 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010.11.13 17:33:02 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010.11.13 17:33:02 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010.11.13 17:33:02 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010.11.13 17:33:01 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010.11.13 17:33:01 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010.11.13 17:33:01 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010.11.13 17:33:01 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010.11.13 17:33:01 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010.11.13 17:33:01 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010.11.13 17:33:01 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010.11.13 17:33:00 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010.11.13 17:33:00 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010.11.13 17:33:00 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010.11.13 17:33:00 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010.11.13 17:33:00 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010.11.13 17:33:00 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010.11.13 17:33:00 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010.11.13 17:33:00 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010.11.13 17:32:59 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010.11.13 17:32:59 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010.11.13 17:32:59 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010.11.13 17:32:58 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010.11.13 17:32:58 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010.11.13 17:32:58 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010.11.13 17:32:58 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010.11.13 17:32:58 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010.11.13 17:32:56 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010.11.13 17:32:55 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010.11.13 17:32:55 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010.11.13 17:32:55 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010.11.13 17:32:55 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010.11.13 17:32:55 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010.11.13 17:32:55 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010.11.13 17:32:54 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010.11.13 17:32:54 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010.11.13 17:31:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.11.13 17:25:00 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\Mozilla
[2010.11.13 17:20:39 | 000,000,000 | ---D | C] -- C:\Program Files\ArmA 2
[2010.11.13 17:17:29 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Searches
[2010.11.13 17:17:28 | 000,000,000 | -H-D | C] -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010.11.13 17:17:18 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\Identities
[2010.11.13 17:17:16 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Contacts
[2010.11.13 17:17:06 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\VirtualStore
[2010.11.13 17:17:04 | 000,000,000 | --SD | C] -- C:\Users\Outsider\AppData\Roaming\Microsoft
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Videos
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Saved Games
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Pictures
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Music
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Links
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Favorites
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Downloads
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Documents
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Desktop
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Documents\Zene
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Documents\Videók
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\AppData\Local\Temporary Internet Files
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Start Menu
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\SendTo
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Sablonok
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Recent
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\PrintHood
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\NetHood
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Local Settings
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Documents\Képek
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\AppData\Local\History
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Dokumentumok
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Cookies
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Application Data
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\AppData\Local\Application Data
[2010.11.13 17:17:04 | 000,000,000 | -H-D | C] -- C:\Users\Outsider\AppData
[2010.11.13 17:17:04 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\Microsoft
[2010.11.13 17:17:04 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\Media Center Programs
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Zene
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Videók
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Sablonok
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Képek
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumentumok
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Asztal
[2010.11.13 17:16:51 | 000,000,000 | ---D | C] -- C:\Recovery
[2010.11.13 17:07:40 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.11.13 17:05:07 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.11.13 17:04:49 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.11.13 17:04:00 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.11.13 17:03:47 | 000,000,000 | ---D | C] -- C:\Boot
[2010.11.13 16:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\Full Spectrum Warriors

========== Files - Modified Within 30 Days ==========

[2010.11.18 12:01:51 | 001,224,671 | ---- | M] () -- C:\Users\Outsider\Desktop\tdsskiller.zip
[2010.11.18 11:38:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Outsider\Desktop\OTL.exe
[2010.11.18 10:28:50 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.11.18 10:17:28 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.18 10:17:28 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.18 10:14:54 | 000,640,158 | ---- | M] () -- C:\Windows\System32\perfh00E.dat
[2010.11.18 10:14:54 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.18 10:14:54 | 000,148,262 | ---- | M] () -- C:\Windows\System32\perfc00E.dat
[2010.11.18 10:14:54 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.18 10:10:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.18 10:10:10 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.18 10:10:10 | 120,840,010 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.11.17 17:59:55 | 000,520,192 | ---- | M] (ScreenTime Media) -- C:\Windows\System32\Grand Theft Auto IV Screenshot.scr
[2010.11.17 14:26:38 | 000,000,927 | ---- | M] () -- C:\Users\Outsider\Documents\Megosztási mappák.lnk
[2010.11.16 12:26:51 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.11.13 18:04:52 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.11.13 17:58:06 | 000,000,961 | ---- | M] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2010.11.13 17:33:11 | 000,000,962 | ---- | M] () -- C:\Users\Outsider\Desktop\ArmA 2 indítása.lnk
[2010.11.13 17:21:33 | 000,001,427 | ---- | M] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.11.13 17:17:46 | 000,000,359 | ---- | M] () -- C:\Users\Outsider\Desktop\Számítógép parancsikonja.lnk
[2010.11.13 17:14:20 | 000,066,752 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.11.13 17:03:48 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.11.01 16:46:59 | 000,001,294 | ---- | M] () -- C:\Users\Outsider\Desktop\Call of Duty Word at War.lnk
[2010.10.22 07:23:05 | 014,899,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010.10.22 07:23:05 | 010,084,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010.10.22 07:23:05 | 010,023,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2010.10.22 07:23:05 | 005,473,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010.10.22 07:23:05 | 000,888,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322050.dll
[2010.10.22 07:23:05 | 000,813,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322030.dll
[2010.10.22 07:23:05 | 000,319,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdecodemft.dll
[2010.10.22 07:23:05 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.10.22 07:23:05 | 000,004,962 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2010.10.22 07:23:04 | 004,837,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010.10.22 07:23:04 | 002,912,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010.10.22 07:23:04 | 002,666,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010.10.22 07:23:02 | 013,019,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010.10.22 07:23:02 | 001,719,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010.10.22 07:23:02 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

ha renben lesz a gep, , majd aztan, igen, mert ez a program gondod okozot a szamitogepnek, es nyugodtan lehet felelos a kek halal ert, is.

Újra rakhatom az Arma 2-őt? Vagy felejtős lesz?

Ezt a programot leszedni a geprol:


Valami problem van az CDROM, meghajtoval, kabelala:


Futtasd az OTL-progit, az ablakjaba masold be a zold textet, es most klik RunFix
a restart utan ad -1 logot, tedd ide.

OTL Extras logfile created on: 2010.11.18. 12:32:31 - Run 3
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Outsider\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040e | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 63,52 Gb Free Space | 65,11% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 84,42 Mb Free Space | 84,43% Space Free | Partition Type: NTFS
Drive E: | 51,39 Gb Total Space | 5,74 Gb Free Space | 11,16% Space Free | Partition Type: NTFS
Drive F: | 7,68 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: OUTSIDER-PC | User Name: Outsider | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6997644B-5E1C-453A-82E8-7DBAA4DD41F9}" = ArmA Edit
"{6B0A2ECE-E4C6-4BA3-AE9D-8B827F03B992}" = Windows Live UX Platform Language Pack
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision illesztőprogram 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Vezérlőpult 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafikus illesztőprogram 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX rendszerszoftver 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3ECEB0A-82A0-4DB9-BB44-393A66BA0871}" = Messenger kísérő
"{FD031145-2925-3FEF-9A4E-64047AAD8951}" = Microsoft .NET Framework 4 Client Profile HUN Language Pack
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ArmA 2" = ArmA 2 Uninstall
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"Grand Theft Auto IV Screenshot" = Grand Theft Auto IV Screenshot Screen Saver
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile HUN Language Pack" = A Microsoft .NET-keretrendszer 4-es verziójához tartozó ügyfélprofil HUN nyelvi csomagja
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiváló

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2008.01.04. 5:37:04 | Computer Name = Outsider-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nem sikerült kibontani a külső féltől származó legfelső szintű listát
az automatikus frissítési kabinetfájlból: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Hiba: Az aktuális rendszerórához vagy az aláírt fájl időbélyegéhez viszonyítva
a tanúsítvány nincs az érvényességi idején belül. .

Error - 2008.01.04. 5:38:51 | Computer Name = Outsider-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nem sikerült kibontani a külső féltől származó legfelső szintű listát
az automatikus frissítési kabinetfájlból: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Hiba: Az aktuális rendszerórához vagy az aláírt fájl időbélyegéhez viszonyítva
a tanúsítvány nincs az érvényességi idején belül. .

Error - 2008.01.04. 5:39:10 | Computer Name = Outsider-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nem sikerült kibontani a külső féltől származó legfelső szintű listát
az automatikus frissítési kabinetfájlból: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Hiba: Az aktuális rendszerórához vagy az aláírt fájl időbélyegéhez viszonyítva
a tanúsítvány nincs az érvényességi idején belül. .

Error - 2008.01.04. 5:39:35 | Computer Name = Outsider-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nem sikerült kibontani a külső féltől származó legfelső szintű listát
az automatikus frissítési kabinetfájlból: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Hiba: Az aktuális rendszerórához vagy az aláírt fájl időbélyegéhez viszonyítva
a tanúsítvány nincs az érvényességi idején belül. .

Error - 2008.01.04. 5:40:13 | Computer Name = Outsider-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nem sikerült kibontani a külső féltől származó legfelső szintű listát
az automatikus frissítési kabinetfájlból: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Hiba: Az aktuális rendszerórához vagy az aláírt fájl időbélyegéhez viszonyítva
a tanúsítvány nincs az érvényességi idején belül. .

Error - 2010.11.16. 9:31:00 | Computer Name = Outsider-PC | Source = SideBySide | ID = 16842785
Description = Az aktiválási környezet létrehozása "c:\program files\msn messenger\device
manager\dpinst64.exe" esetében nem sikerült. A(z) Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
függő szerelvény nem található. Használja a sxstrace.exe fájlt a részletes diagnosztikához.

Error - 2010.11.16. 11:56:26 | Computer Name = Outsider-PC | Source = Application Error | ID = 1000
Description = A hibát okozó alkalmazás neve: arma2.exe, verzió: 1.1.0.57631, időbélyeg:
0x4a204efe A hibát okozó modul neve: arma2.exe, verzió: 1.1.0.57631, időbélyeg:
0x4a204efe Kivételkód: 0xc0000005 Hiba pozíciója: 0x004e08d8 A hibát okozó folyamat
azonosítója: 0xdf8 A hibát okozó alkalmazás indításának időpontja: 0x01cb85a63ca6047b
A
hibát okozó alkalmazás elérési útja: C:\Program Files\ArmA 2\arma2.exe A hibát okozó
modul elérési útja: C:\Program Files\ArmA 2\arma2.exe Jelentés azonosítója: 10a5db0c-f19a-11df-afc5-001d7dd767b2

Error - 2010.11.17. 9:27:35 | Computer Name = Outsider-PC | Source = VSS | ID = 8194
Description =

Error - 2010.11.17. 13:46:48 | Computer Name = Outsider-PC | Source = Application Error | ID = 1000
Description = A hibát okozó alkalmazás neve: arma2.exe, verzió: 1.1.0.57631, időbélyeg:
0x4a204efe A hibát okozó modul neve: arma2.exe, verzió: 1.1.0.57631, időbélyeg:
0x4a204efe Kivételkód: 0xc0000005 Hiba pozíciója: 0x004a3044 A hibát okozó folyamat
azonosítója: 0xe98 A hibát okozó alkalmazás indításának időpontja: 0x01cb867a1f3bdc03
A
hibát okozó alkalmazás elérési útja: C:\Program Files\ArmA 2\arma2.exe A hibát okozó
modul elérési útja: C:\Program Files\ArmA 2\arma2.exe Jelentés azonosítója: a63d9877-f272-11df-ab35-001d7dd767b2

Error - 2010.11.18. 3:11:49 | Computer Name = Outsider-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

[ System Events ]
Error - 2010.11.17. 16:30:09 | Computer Name = Outsider-PC | Source = cdrom | ID = 262151
Description = Hibás blokk az eszközön (\Device\CdRom0).

Error - 2010.11.17. 16:30:13 | Computer Name = Outsider-PC | Source = cdrom | ID = 262151
Description = Hibás blokk az eszközön (\Device\CdRom0).

Error - 2010.11.17. 16:30:17 | Computer Name = Outsider-PC | Source = cdrom | ID = 262151
Description = Hibás blokk az eszközön (\Device\CdRom0).

Error - 2010.11.17. 16:30:21 | Computer Name = Outsider-PC | Source = cdrom | ID = 262151
Description = Hibás blokk az eszközön (\Device\CdRom0).

Error - 2010.11.17. 17:10:48 | Computer Name = Outsider-PC | Source = cdrom | ID = 262151
Description = Hibás blokk az eszközön (\Device\CdRom0).

Error - 2010.11.17. 17:10:52 | Computer Name = Outsider-PC | Source = cdrom | ID = 262151
Description = Hibás blokk az eszközön (\Device\CdRom0).

Error - 2010.11.18. 5:10:23 | Computer Name = Outsider-PC | Source = EventLog | ID = 6008
Description = Az előző rendszerleállítás (?2010.?11.?18. - 10:08:27) váratlan volt.

Error - 2010.11.18. 5:10:30 | Computer Name = Outsider-PC | Source = BugCheck | ID = 1001
Description =

Error - 2010.11.18. 5:25:03 | Computer Name = Outsider-PC | Source = Service Control Manager | ID = 7030
Description = A(z) PEVSystemStart szolgáltatás interaktív szolgáltatásként van megjelölve.
A rendszer azonban úgy van beállítva, hogy az interaktív szolgáltatások nem futhatnak.
Ez a szolgáltatás valószínűleg nem működik megfelelően.

Error - 2010.11.18. 5:28:52 | Computer Name = Outsider-PC | Source = Service Control Manager | ID = 7030
Description = A(z) PEVSystemStart szolgáltatás interaktív szolgáltatásként van megjelölve.
A rendszer azonban úgy van beállítva, hogy az interaktív szolgáltatások nem futhatnak.
Ez a szolgáltatás valószínűleg nem működik megfelelően.


< End of report >

ok, akkor meg egyszer, de mar nemmuszaj be masolnod az ablakba a zold textet, csak siman futtasd le es pipald be az extrat is, es csak eztet tedd ide.

Bocsánat 2x ra nem pipáltam be az extrát. Csinálom pill

ok
meg a extras.txt-a talcan lesz, ha nincsen ott talald meg.

[2010.11.18 12:01:49 | 001,224,671 | ---- | C] () -- C:\Users\Outsider\Desktop\tdsskiller.zip
[2010.11.17 14:26:38 | 000,000,927 | ---- | C] () -- C:\Users\Outsider\Documents\Megosztási mappák.lnk
[2010.11.16 12:26:51 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.11.13 18:04:52 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.11.13 17:58:06 | 000,000,961 | ---- | C] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2010.11.13 17:50:58 | 000,004,962 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010.11.13 17:33:11 | 000,000,962 | ---- | C] () -- C:\Users\Outsider\Desktop\ArmA 2 indítása.lnk
[2010.11.13 17:21:33 | 000,001,427 | ---- | C] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.11.13 17:19:07 | 000,001,294 | ---- | C] () -- C:\Users\Outsider\Desktop\Call of Duty Word at War.lnk
[2010.11.13 17:17:46 | 000,000,359 | ---- | C] () -- C:\Users\Outsider\Desktop\Számítógép parancsikonja.lnk
[2010.11.13 17:17:04 | 000,000,290 | ---- | C] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010.11.13 17:17:04 | 000,000,272 | ---- | C] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010.11.13 17:04:49 | 1610,260,480 | -HS- | C] () -- C:\hiberfil.sys
[2010.11.13 17:03:48 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.11.13 17:03:47 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2008.01.04 10:26:41 | 000,007,605 | ---- | C] () -- C:\Users\Outsider\AppData\Local\Resmon.ResmonCfg

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\ERDNT\cache\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< %SYSTEMDRIVE%\viamraid.sys /s /md5 >

< %SYSTEMDRIVE%\nvata.sys /s /md5 >

< %SYSTEMDRIVE%\NDIS.sys /s /md5 >
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\ERDNT\cache\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

< %SYSTEMROOT%\*. /mp /s >

< %SYSTEMROOT%\system32\*.dll /lockedfiles >

< %SYSTEMROOT%\Tasks\*.job /lockedfiles >

< End of report >

OTL logfile created on: 2010.11.18. 12:06:21 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Outsider\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040e | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 63,54 Gb Free Space | 65,13% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 84,42 Mb Free Space | 84,43% Space Free | Partition Type: NTFS
Drive E: | 51,39 Gb Total Space | 5,74 Gb Free Space | 11,16% Space Free | Partition Type: NTFS
Drive F: | 7,68 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: OUTSIDER-PC | User Name: Outsider | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.11.18 11:38:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Outsider\Desktop\OTL.exe
PRC - [2010.10.27 07:17:17 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.10.27 07:17:17 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010.10.16 12:42:38 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010.10.16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2009.12.25 18:51:14 | 008,129,056 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (SafeList) ==========

MOD - [2010.11.18 11:38:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Outsider\Desktop\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.07.14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.10.16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.03.30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.07.14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Telepítő (AxInstSV)
SRV - [2009.07.14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2008.01.02 13:29:54 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)


========== Driver Services (SafeList) ==========

DRV - [2010.11.13 18:04:52 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.10.22 07:23:05 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.02.03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.12.25 18:28:34 | 002,981,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.12.11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009.07.13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: belle.starr.colt@gmx.com:3.7

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2008.01.01 21:15:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2008.01.01 21:15:13 | 000,000,000 | ---D | M]

[2008.01.01 21:15:39 | 000,000,000 | ---D | M] -- C:\Users\Outsider\AppData\Roaming\mozilla\Extensions
[2010.11.17 20:12:23 | 000,000,000 | ---D | M] -- C:\Users\Outsider\AppData\Roaming\mozilla\Firefox\Profiles\5z8gcyys.default\extensions
[2008.01.02 13:42:01 | 000,000,000 | ---D | M] -- C:\Users\Outsider\AppData\Roaming\mozilla\Firefox\Profiles\5z8gcyys.default\extensions\belle.starr.colt@gmx.com
[2008.01.01 21:59:23 | 000,000,000 | ---D | M] -- C:\Users\Outsider\AppData\Roaming\mozilla\Firefox\Profiles\5z8gcyys.default\extensions\personas@christopher.beard
[2008.01.01 21:15:13 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.10.27 06:48:52 | 000,000,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010.10.27 06:48:52 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\polymeta.xml
[2010.10.27 06:48:52 | 000,001,628 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\sztaki-en-hu.xml
[2010.10.27 06:48:52 | 000,000,974 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\vatera.xml
[2010.10.27 06:48:52 | 000,001,189 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-hu.xml

O1 HOSTS File: ([2010.11.18 10:28:50 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.05.29 04:44:52 | 001,075,256 | R--- | M] () - F:\AutoRun.bmp -- [ UDF ]
O32 - AutoRun File - [2009.05.27 16:41:16 | 000,000,461 | R--- | M] () - F:\Autorun.csv -- [ UDF ]
O32 - AutoRun File - [2009.05.29 04:44:52 | 000,000,488 | R--- | M] () - F:\AutoRun.dat -- [ UDF ]
O32 - AutoRun File - [2009.03.26 08:20:12 | 000,704,512 | R--- | M] () - F:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2009.05.29 04:44:52 | 000,000,048 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009.05.29 04:44:52 | 000,263,138 | R--- | M] () - F:\autorun.wav -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)


========== Files/Folders - Created Within 30 Days ==========

[2010.11.18 12:01:58 | 000,000,000 | ---D | C] -- C:\Users\Outsider\Desktop\tdsskiller
[2010.11.18 11:38:24 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Outsider\Desktop\OTL.exe
[2010.11.18 10:29:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.11.18 10:29:47 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\temp
[2010.11.18 10:24:30 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.11.18 08:27:38 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.11.17 17:59:55 | 000,520,192 | ---- | C] (ScreenTime Media) -- C:\Windows\System32\Grand Theft Auto IV Screenshot.scr
[2010.11.17 17:59:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\Grand Theft Auto IV Screenshot dir
[2010.11.17 14:28:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.11.17 14:28:11 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010.11.17 14:28:11 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2010.11.17 14:28:11 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2010.11.17 14:26:07 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\Windows Live
[2010.11.17 11:41:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.11.17 11:40:56 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010.11.16 16:22:21 | 000,000,000 | ---D | C] -- C:\Program Files\ArmA Edit
[2010.11.13 18:09:10 | 000,000,000 | ---D | C] -- C:\Users\Outsider\Documents\ArmA 2
[2010.11.13 18:09:10 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\ArmA 2
[2010.11.13 18:04:40 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.11.13 18:04:11 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\DAEMON Tools Lite
[2010.11.13 18:04:09 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.11.13 18:02:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010.11.13 18:02:03 | 002,981,024 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.11.13 18:02:03 | 002,630,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.11.13 18:02:03 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010.11.13 18:02:03 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010.11.13 18:02:03 | 001,539,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.11.13 18:02:03 | 000,954,128 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2010.11.13 18:02:03 | 000,783,632 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2010.11.13 18:02:03 | 000,705,808 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2010.11.13 18:02:03 | 000,551,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.11.13 18:02:03 | 000,371,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.11.13 18:02:03 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010.11.13 18:02:03 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010.11.13 18:02:03 | 000,311,568 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010.11.13 18:02:03 | 000,296,864 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010.11.13 18:02:03 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010.11.13 18:02:03 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010.11.13 18:02:03 | 000,269,584 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2010.11.13 18:02:03 | 000,239,376 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2010.11.13 18:02:03 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010.11.13 18:02:03 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010.11.13 18:02:03 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010.11.13 18:02:03 | 000,146,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2010.11.13 18:02:03 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010.11.13 18:02:03 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010.11.13 18:02:03 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2010.11.13 18:02:03 | 000,101,136 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2010.11.13 18:02:03 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2010.11.13 18:02:03 | 000,093,456 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2010.11.13 18:02:03 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010.11.13 18:02:03 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2010.11.13 18:02:03 | 000,058,128 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2010.11.13 18:02:03 | 000,056,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.11.13 18:02:03 | 000,056,592 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2010.11.13 18:02:03 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010.11.13 18:02:02 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010.11.13 18:01:57 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010.11.13 18:01:56 | 000,838,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.11.13 18:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010.11.13 17:58:06 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010.11.13 17:58:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010.11.13 17:58:00 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\Winamp
[2010.11.13 17:58:00 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010.11.13 17:56:39 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2010.11.13 17:56:39 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2010.11.13 17:56:39 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010.11.13 17:56:39 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2010.11.13 17:56:39 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010.11.13 17:56:39 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2010.11.13 17:56:39 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010.11.13 17:56:39 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2010.11.13 17:56:39 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2010.11.13 17:56:39 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2010.11.13 17:56:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010.11.13 17:56:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010.11.13 17:56:39 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2010.11.13 17:56:39 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010.11.13 17:56:39 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010.11.13 17:56:38 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010.11.13 17:56:38 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.11.13 17:56:38 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.11.13 17:56:38 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010.11.13 17:56:38 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010.11.13 17:56:37 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010.11.13 17:56:37 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010.11.13 17:56:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010.11.13 17:56:37 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010.11.13 17:56:37 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010.11.13 17:56:37 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010.11.13 17:56:37 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010.11.13 17:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.11.13 17:51:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.11.13 17:50:59 | 014,899,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010.11.13 17:50:59 | 010,084,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010.11.13 17:50:59 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.11.13 17:50:58 | 013,019,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010.11.13 17:50:58 | 010,023,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2010.11.13 17:50:58 | 004,837,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010.11.13 17:50:58 | 002,912,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010.11.13 17:50:58 | 002,666,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010.11.13 17:50:58 | 001,719,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010.11.13 17:50:58 | 000,888,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322050.dll
[2010.11.13 17:50:58 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322030.dll
[2010.11.13 17:50:58 | 000,319,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdecodemft.dll
[2010.11.13 17:50:58 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010.11.13 17:50:18 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.11.13 17:50:05 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.11.13 17:44:40 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\LogMeIn Hamachi
[2010.11.13 17:44:20 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2010.11.13 17:43:50 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.11.13 17:33:48 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\Macromedia
[2010.11.13 17:33:48 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\Adobe
[2010.11.13 17:33:40 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.11.13 17:33:05 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010.11.13 17:33:05 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010.11.13 17:33:05 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010.11.13 17:33:05 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010.11.13 17:33:05 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010.11.13 17:33:04 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010.11.13 17:33:04 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010.11.13 17:33:04 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010.11.13 17:33:04 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010.11.13 17:33:04 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010.11.13 17:33:04 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010.11.13 17:33:03 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010.11.13 17:33:03 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010.11.13 17:33:03 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010.11.13 17:33:03 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010.11.13 17:33:03 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010.11.13 17:33:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010.11.13 17:33:03 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010.11.13 17:33:03 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010.11.13 17:33:03 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010.11.13 17:33:02 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010.11.13 17:33:02 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010.11.13 17:33:02 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010.11.13 17:33:02 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010.11.13 17:33:02 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010.11.13 17:33:02 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010.11.13 17:33:02 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010.11.13 17:33:02 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010.11.13 17:33:02 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010.11.13 17:33:02 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010.11.13 17:33:02 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010.11.13 17:33:02 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010.11.13 17:33:01 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010.11.13 17:33:01 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010.11.13 17:33:01 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010.11.13 17:33:01 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010.11.13 17:33:01 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010.11.13 17:33:01 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010.11.13 17:33:01 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010.11.13 17:33:00 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010.11.13 17:33:00 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010.11.13 17:33:00 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010.11.13 17:33:00 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010.11.13 17:33:00 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010.11.13 17:33:00 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010.11.13 17:33:00 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010.11.13 17:33:00 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010.11.13 17:32:59 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010.11.13 17:32:59 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010.11.13 17:32:59 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010.11.13 17:32:58 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010.11.13 17:32:58 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010.11.13 17:32:58 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010.11.13 17:32:58 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010.11.13 17:32:58 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010.11.13 17:32:56 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010.11.13 17:32:55 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010.11.13 17:32:55 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010.11.13 17:32:55 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010.11.13 17:32:55 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010.11.13 17:32:55 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010.11.13 17:32:55 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010.11.13 17:32:54 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010.11.13 17:32:54 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010.11.13 17:31:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.11.13 17:25:00 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\Mozilla
[2010.11.13 17:20:39 | 000,000,000 | ---D | C] -- C:\Program Files\ArmA 2
[2010.11.13 17:17:29 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Searches
[2010.11.13 17:17:28 | 000,000,000 | -H-D | C] -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010.11.13 17:17:18 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\Identities
[2010.11.13 17:17:16 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Contacts
[2010.11.13 17:17:06 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\VirtualStore
[2010.11.13 17:17:04 | 000,000,000 | --SD | C] -- C:\Users\Outsider\AppData\Roaming\Microsoft
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Videos
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Saved Games
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Pictures
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Music
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Links
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Favorites
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Downloads
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Documents
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Desktop
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Documents\Zene
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Documents\Videók
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\AppData\Local\Temporary Internet Files
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Start Menu
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\SendTo
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Sablonok
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Recent
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\PrintHood
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\NetHood
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Local Settings
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Documents\Képek
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\AppData\Local\History
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Dokumentumok
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Cookies
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Application Data
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\AppData\Local\Application Data
[2010.11.13 17:17:04 | 000,000,000 | -H-D | C] -- C:\Users\Outsider\AppData
[2010.11.13 17:17:04 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\Microsoft
[2010.11.13 17:17:04 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\Media Center Programs
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Zene
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Videók
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Sablonok
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Képek
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumentumok
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Asztal
[2010.11.13 17:16:51 | 000,000,000 | ---D | C] -- C:\Recovery
[2010.11.13 17:07:40 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.11.13 17:05:07 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.11.13 17:04:49 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.11.13 17:04:00 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.11.13 17:03:47 | 000,000,000 | ---D | C] -- C:\Boot
[2010.11.13 16:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\Full Spectrum Warriors

========== Files - Modified Within 30 Days ==========

[2010.11.18 12:01:51 | 001,224,671 | ---- | M] () -- C:\Users\Outsider\Desktop\tdsskiller.zip
[2010.11.18 11:38:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Outsider\Desktop\OTL.exe
[2010.11.18 10:28:50 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.11.18 10:17:28 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.18 10:17:28 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.18 10:14:54 | 000,640,158 | ---- | M] () -- C:\Windows\System32\perfh00E.dat
[2010.11.18 10:14:54 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.18 10:14:54 | 000,148,262 | ---- | M] () -- C:\Windows\System32\perfc00E.dat
[2010.11.18 10:14:54 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.18 10:10:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.18 10:10:10 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.18 10:10:10 | 120,840,010 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.11.17 17:59:55 | 000,520,192 | ---- | M] (ScreenTime Media) -- C:\Windows\System32\Grand Theft Auto IV Screenshot.scr
[2010.11.17 14:26:38 | 000,000,927 | ---- | M] () -- C:\Users\Outsider\Documents\Megosztási mappák.lnk
[2010.11.16 12:26:51 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.11.13 18:04:52 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.11.13 17:58:06 | 000,000,961 | ---- | M] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2010.11.13 17:33:11 | 000,000,962 | ---- | M] () -- C:\Users\Outsider\Desktop\ArmA 2 indítása.lnk
[2010.11.13 17:21:33 | 000,001,427 | ---- | M] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.11.13 17:17:46 | 000,000,359 | ---- | M] () -- C:\Users\Outsider\Desktop\Számítógép parancsikonja.lnk
[2010.11.13 17:14:20 | 000,066,752 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.11.13 17:03:48 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.11.01 16:46:59 | 000,001,294 | ---- | M] () -- C:\Users\Outsider\Desktop\Call of Duty Word at War.lnk
[2010.10.22 07:23:05 | 014,899,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010.10.22 07:23:05 | 010,084,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010.10.22 07:23:05 | 010,023,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2010.10.22 07:23:05 | 005,473,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010.10.22 07:23:05 | 000,888,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322050.dll
[2010.10.22 07:23:05 | 000,813,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322030.dll
[2010.10.22 07:23:05 | 000,319,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdecodemft.dll
[2010.10.22 07:23:05 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.10.22 07:23:05 | 000,004,962 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2010.10.22 07:23:04 | 004,837,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010.10.22 07:23:04 | 002,912,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010.10.22 07:23:04 | 002,666,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010.10.22 07:23:02 | 013,019,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010.10.22 07:23:02 | 001,719,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010.10.22 07:23:02 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

========== Files Created - No Company Name ==========

A tsdkiller elvileg:

2010/11/18 12:02:01.0077 TDSS rootkit removing tool 2.4.8.0 Nov 17 2010 07:23:12
2010/11/18 12:02:01.0077 ================================================================================
2010/11/18 12:02:01.0077 SystemInfo:
2010/11/18 12:02:01.0077
2010/11/18 12:02:01.0077 OS Version: 6.1.7600 ServicePack: 0.0
2010/11/18 12:02:01.0077 Product type: Workstation
2010/11/18 12:02:01.0077 ComputerName: OUTSIDER-PC
2010/11/18 12:02:01.0078 UserName: Outsider
2010/11/18 12:02:01.0078 Windows directory: C:\Windows
2010/11/18 12:02:01.0078 System windows directory: C:\Windows
2010/11/18 12:02:01.0078 Processor architecture: Intel x86
2010/11/18 12:02:01.0078 Number of processors: 2
2010/11/18 12:02:01.0078 Page size: 0x1000
2010/11/18 12:02:01.0078 Boot type: Normal boot
2010/11/18 12:02:01.0078 ================================================================================
2010/11/18 12:02:03.0166 Initialize success
2010/11/18 12:02:17.0374 ================================================================================
2010/11/18 12:02:17.0374 Scan started
2010/11/18 12:02:17.0374 Mode: Manual;
2010/11/18 12:02:17.0374 ================================================================================
2010/11/18 12:02:18.0104 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2010/11/18 12:02:18.0144 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2010/11/18 12:02:18.0179 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2010/11/18 12:02:18.0221 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2010/11/18 12:02:18.0329 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2010/11/18 12:02:18.0384 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2010/11/18 12:02:18.0460 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2010/11/18 12:02:18.0548 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2010/11/18 12:02:18.0620 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2010/11/18 12:02:18.0673 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2010/11/18 12:02:18.0756 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2010/11/18 12:02:18.0809 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2010/11/18 12:02:18.0862 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2010/11/18 12:02:18.0887 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2010/11/18 12:02:18.0929 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
2010/11/18 12:02:18.0963 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2010/11/18 12:02:19.0004 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
2010/11/18 12:02:19.0055 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2010/11/18 12:02:19.0184 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2010/11/18 12:02:19.0230 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2010/11/18 12:02:19.0279 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/11/18 12:02:19.0310 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2010/11/18 12:02:19.0442 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2010/11/18 12:02:19.0526 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2010/11/18 12:02:19.0594 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2010/11/18 12:02:19.0693 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2010/11/18 12:02:19.0740 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2010/11/18 12:02:19.0785 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2010/11/18 12:02:19.0839 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2010/11/18 12:02:19.0945 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2010/11/18 12:02:19.0991 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2010/11/18 12:02:20.0033 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2010/11/18 12:02:20.0079 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2010/11/18 12:02:20.0121 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2010/11/18 12:02:20.0336 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2010/11/18 12:02:20.0395 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2010/11/18 12:02:20.0552 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2010/11/18 12:02:20.0720 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2010/11/18 12:02:20.0832 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/11/18 12:02:20.0861 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2010/11/18 12:02:20.0906 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2010/11/18 12:02:20.0953 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2010/11/18 12:02:20.0995 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2010/11/18 12:02:21.0044 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2010/11/18 12:02:21.0116 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
2010/11/18 12:02:21.0230 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2010/11/18 12:02:21.0291 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2010/11/18 12:02:21.0334 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2010/11/18 12:02:21.0415 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2010/11/18 12:02:21.0505 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
2010/11/18 12:02:21.0662 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2010/11/18 12:02:21.0785 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2010/11/18 12:02:21.0916 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2010/11/18 12:02:22.0182 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2010/11/18 12:02:22.0241 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2010/11/18 12:02:22.0281 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2010/11/18 12:02:22.0343 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2010/11/18 12:02:22.0389 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2010/11/18 12:02:22.0421 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/11/18 12:02:22.0513 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2010/11/18 12:02:22.0584 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2010/11/18 12:02:22.0634 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2010/11/18 12:02:22.0726 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2010/11/18 12:02:22.0810 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2010/11/18 12:02:22.0890 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2010/11/18 12:02:22.0950 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2010/11/18 12:02:23.0026 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2010/11/18 12:02:23.0102 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/11/18 12:02:23.0166 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2010/11/18 12:02:23.0219 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2010/11/18 12:02:23.0251 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2010/11/18 12:02:23.0301 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2010/11/18 12:02:23.0351 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2010/11/18 12:02:23.0464 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2010/11/18 12:02:23.0535 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2010/11/18 12:02:23.0606 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/11/18 12:02:23.0683 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
2010/11/18 12:02:23.0750 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2010/11/18 12:02:23.0924 IntcAzAudAddService (37b96b2ec34819cbc145ad5ab3afab19) C:\Windows\system32\drivers\RTKVHDA.sys
2010/11/18 12:02:24.0066 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2010/11/18 12:02:24.0136 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2010/11/18 12:02:24.0181 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/11/18 12:02:24.0222 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2010/11/18 12:02:24.0282 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2010/11/18 12:02:24.0344 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2010/11/18 12:02:24.0397 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2010/11/18 12:02:24.0457 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/11/18 12:02:24.0510 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/11/18 12:02:24.0591 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/11/18 12:02:24.0665 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2010/11/18 12:02:24.0719 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2010/11/18 12:02:24.0897 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/11/18 12:02:24.0945 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2010/11/18 12:02:24.0978 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2010/11/18 12:02:25.0011 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2010/11/18 12:02:25.0044 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2010/11/18 12:02:25.0085 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2010/11/18 12:02:25.0165 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2010/11/18 12:02:25.0242 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2010/11/18 12:02:25.0281 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2010/11/18 12:02:25.0351 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2010/11/18 12:02:25.0405 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2010/11/18 12:02:25.0480 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2010/11/18 12:02:25.0541 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2010/11/18 12:02:25.0601 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2010/11/18 12:02:25.0635 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2010/11/18 12:02:25.0667 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2010/11/18 12:02:25.0794 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/11/18 12:02:25.0960 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/11/18 12:02:26.0015 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/11/18 12:02:26.0093 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2010/11/18 12:02:26.0137 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2010/11/18 12:02:26.0218 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2010/11/18 12:02:26.0299 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2010/11/18 12:02:26.0335 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2010/11/18 12:02:26.0423 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2010/11/18 12:02:26.0556 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/11/18 12:02:26.0586 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2010/11/18 12:02:26.0632 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2010/11/18 12:02:26.0704 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/11/18 12:02:26.0817 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2010/11/18 12:02:26.0855 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2010/11/18 12:02:26.0906 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2010/11/18 12:02:26.0970 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2010/11/18 12:02:27.0075 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2010/11/18 12:02:27.0153 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2010/11/18 12:02:27.0184 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/11/18 12:02:27.0306 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/11/18 12:02:27.0357 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/11/18 12:02:27.0401 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2010/11/18 12:02:27.0443 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2010/11/18 12:02:27.0518 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2010/11/18 12:02:27.0625 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2010/11/18 12:02:27.0675 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2010/11/18 12:02:27.0773 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2010/11/18 12:02:27.0846 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2010/11/18 12:02:27.0938 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2010/11/18 12:02:28.0075 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
2010/11/18 12:02:28.0364 nvlddmkm (bd409de5681c74c1de51d72427dc202d) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2010/11/18 12:02:28.0688 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
2010/11/18 12:02:28.0730 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
2010/11/18 12:02:28.0778 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2010/11/18 12:02:28.0811 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/11/18 12:02:28.0853 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2010/11/18 12:02:28.0902 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2010/11/18 12:02:28.0943 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2010/11/18 12:02:29.0044 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2010/11/18 12:02:29.0084 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2010/11/18 12:02:29.0120 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2010/11/18 12:02:29.0160 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2010/11/18 12:02:29.0200 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2010/11/18 12:02:29.0390 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2010/11/18 12:02:29.0442 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2010/11/18 12:02:29.0501 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2010/11/18 12:02:29.0570 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2010/11/18 12:02:29.0696 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2010/11/18 12:02:29.0754 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2010/11/18 12:02:29.0801 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2010/11/18 12:02:29.0856 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2010/11/18 12:02:29.0974 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/11/18 12:02:30.0028 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/11/18 12:02:30.0064 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2010/11/18 12:02:30.0099 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2010/11/18 12:02:30.0155 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2010/11/18 12:02:30.0246 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/11/18 12:02:30.0337 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
2010/11/18 12:02:30.0412 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2010/11/18 12:02:30.0491 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2010/11/18 12:02:30.0565 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2010/11/18 12:02:30.0635 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2010/11/18 12:02:30.0766 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2010/11/18 12:02:30.0829 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
2010/11/18 12:02:30.0891 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2010/11/18 12:02:30.0951 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2010/11/18 12:02:31.0060 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/11/18 12:02:31.0140 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2010/11/18 12:02:31.0187 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2010/11/18 12:02:31.0267 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2010/11/18 12:02:31.0337 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/11/18 12:02:31.0390 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2010/11/18 12:02:31.0468 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/11/18 12:02:31.0558 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2010/11/18 12:02:31.0621 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2010/11/18 12:02:31.0677 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2010/11/18 12:02:31.0756 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2010/11/18 12:02:31.0798 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2010/11/18 12:02:31.0885 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2010/11/18 12:02:31.0991 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2010/11/18 12:02:31.0992 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2010/11/18 12:02:31.0998 sptd - detected Locked file (1)
2010/11/18 12:02:32.0131 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS\srv.sys
2010/11/18 12:02:32.0190 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS\srv2.sys
2010/11/18 12:02:32.0251 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS\srvnet.sys
2010/11/18 12:02:32.0386 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2010/11/18 12:02:32.0473 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
2010/11/18 12:02:32.0509 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
2010/11/18 12:02:32.0628 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2010/11/18 12:02:32.0719 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2010/11/18 12:02:32.0893 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2010/11/18 12:02:32.0953 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2010/11/18 12:02:33.0055 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2010/11/18 12:02:33.0095 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2010/11/18 12:02:33.0125 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2010/11/18 12:02:33.0161 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2010/11/18 12:02:33.0239 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/11/18 12:02:33.0343 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2010/11/18 12:02:33.0398 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2010/11/18 12:02:33.0462 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2010/11/18 12:02:33.0587 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2010/11/18 12:02:33.0638 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2010/11/18 12:02:33.0677 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2010/11/18 12:02:33.0803 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/11/18 12:02:33.0847 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2010/11/18 12:02:33.0891 usbehci (ff32d4f3ec3c68b2ca61782c7964f54e) C:\Windows\system32\DRIVERS\usbehci.sys
2010/11/18 12:02:34.0016 usbhub (b0dfc7b484e0ca0c27bda5433b82d94a) C:\Windows\system32\DRIVERS\usbhub.sys
2010/11/18 12:02:34.0069 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2010/11/18 12:02:34.0113 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2010/11/18 12:02:34.0209 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/11/18 12:02:34.0259 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/11/18 12:02:34.0331 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2010/11/18 12:02:34.0434 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/11/18 12:02:34.0469 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2010/11/18 12:02:34.0529 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2010/11/18 12:02:34.0579 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2010/11/18 12:02:34.0649 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2010/11/18 12:02:34.0715 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2010/11/18 12:02:34.0784 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
2010/11/18 12:02:34.0843 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
2010/11/18 12:02:34.0912 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2010/11/18 12:02:34.0968 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2010/11/18 12:02:35.0029 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2010/11/18 12:02:35.0085 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2010/11/18 12:02:35.0168 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2010/11/18 12:02:35.0238 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2010/11/18 12:02:35.0332 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/18 12:02:35.0344 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/18 12:02:35.0495 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2010/11/18 12:02:35.0556 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2010/11/18 12:02:35.0729 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2010/11/18 12:02:35.0764 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2010/11/18 12:02:35.0989 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/11/18 12:02:36.0120 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/11/18 12:02:36.0171 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2010/11/18 12:02:36.0232 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/11/18 12:02:36.0315 ================================================================================
2010/11/18 12:02:36.0315 Scan finished
2010/11/18 12:02:36.0315 ================================================================================
2010/11/18 12:02:36.0328 Detected object count: 1
2010/11/18 12:02:42.0855 Locked file(sptd) - User select action: Skip

nem csinaltad ugy ahogy leirtam:


es a TDSS killer logjat se latom, tehat meg egyszer olvasd el mit irtam,

Rendben. Here it is:

OTL logfile created on: 2010.11.18. 11:41:30 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Outsider\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040e | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 63,56 Gb Free Space | 65,16% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 84,42 Mb Free Space | 84,43% Space Free | Partition Type: NTFS
Drive E: | 51,39 Gb Total Space | 5,74 Gb Free Space | 11,16% Space Free | Partition Type: NTFS
Drive F: | 7,68 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: OUTSIDER-PC | User Name: Outsider | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.11.18 11:38:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Outsider\Desktop\OTL.exe
PRC - [2010.10.27 07:17:17 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.10.27 07:17:17 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010.10.16 12:42:38 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010.10.16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2009.12.25 18:51:14 | 008,129,056 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (SafeList) ==========

MOD - [2010.11.18 11:38:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Outsider\Desktop\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.07.14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.10.16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.03.30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.07.14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Telepítő (AxInstSV)
SRV - [2009.07.14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2008.01.02 13:29:54 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)


========== Driver Services (SafeList) ==========

DRV - [2010.11.13 18:04:52 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.10.22 07:23:05 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.02.03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.12.25 18:28:34 | 002,981,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.12.11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009.07.13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-435621387-1028846745-452285694-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: belle.starr.colt@gmx.com:3.7

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2008.01.01 21:15:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2008.01.01 21:15:13 | 000,000,000 | ---D | M]

[2008.01.01 21:15:39 | 000,000,000 | ---D | M] -- C:\Users\Outsider\AppData\Roaming\mozilla\Extensions
[2010.11.17 20:12:23 | 000,000,000 | ---D | M] -- C:\Users\Outsider\AppData\Roaming\mozilla\Firefox\Profiles\5z8gcyys.default\extensions
[2008.01.02 13:42:01 | 000,000,000 | ---D | M] -- C:\Users\Outsider\AppData\Roaming\mozilla\Firefox\Profiles\5z8gcyys.default\extensions\belle.starr.colt@gmx.com
[2008.01.01 21:59:23 | 000,000,000 | ---D | M] -- C:\Users\Outsider\AppData\Roaming\mozilla\Firefox\Profiles\5z8gcyys.default\extensions\personas@christopher.beard
[2008.01.01 21:15:13 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.10.27 06:48:52 | 000,000,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010.10.27 06:48:52 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\polymeta.xml
[2010.10.27 06:48:52 | 000,001,628 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\sztaki-en-hu.xml
[2010.10.27 06:48:52 | 000,000,974 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\vatera.xml
[2010.10.27 06:48:52 | 000,001,189 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-hu.xml

O1 HOSTS File: ([2010.11.18 10:28:50 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-21-435621387-1028846745-452285694-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-435621387-1028846745-452285694-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-435621387-1028846745-452285694-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-435621387-1028846745-452285694-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.05.29 04:44:52 | 001,075,256 | R--- | M] () - F:\AutoRun.bmp -- [ UDF ]
O32 - AutoRun File - [2009.05.27 16:41:16 | 000,000,461 | R--- | M] () - F:\Autorun.csv -- [ UDF ]
O32 - AutoRun File - [2009.05.29 04:44:52 | 000,000,488 | R--- | M] () - F:\AutoRun.dat -- [ UDF ]
O32 - AutoRun File - [2009.03.26 08:20:12 | 000,704,512 | R--- | M] () - F:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2009.05.29 04:44:52 | 000,000,048 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009.05.29 04:44:52 | 000,263,138 | R--- | M] () - F:\autorun.wav -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.11.18 11:38:24 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Outsider\Desktop\OTL.exe
[2010.11.18 10:29:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.11.18 10:29:47 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\temp
[2010.11.18 10:24:30 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.11.18 08:27:38 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.11.17 17:59:55 | 000,520,192 | ---- | C] (ScreenTime Media) -- C:\Windows\System32\Grand Theft Auto IV Screenshot.scr
[2010.11.17 17:59:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\Grand Theft Auto IV Screenshot dir
[2010.11.17 14:28:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.11.17 14:26:07 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\Windows Live
[2010.11.17 11:41:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.11.16 16:22:21 | 000,000,000 | ---D | C] -- C:\Program Files\ArmA Edit
[2010.11.13 18:09:10 | 000,000,000 | ---D | C] -- C:\Users\Outsider\Documents\ArmA 2
[2010.11.13 18:09:10 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\ArmA 2
[2010.11.13 18:04:40 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.11.13 18:04:11 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\DAEMON Tools Lite
[2010.11.13 18:04:09 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.11.13 18:02:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010.11.13 18:02:03 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010.11.13 18:02:03 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010.11.13 18:02:03 | 000,954,128 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2010.11.13 18:02:03 | 000,783,632 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2010.11.13 18:02:03 | 000,705,808 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2010.11.13 18:02:03 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010.11.13 18:02:03 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010.11.13 18:02:03 | 000,311,568 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010.11.13 18:02:03 | 000,296,864 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010.11.13 18:02:03 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010.11.13 18:02:03 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010.11.13 18:02:03 | 000,269,584 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2010.11.13 18:02:03 | 000,239,376 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2010.11.13 18:02:03 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010.11.13 18:02:03 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010.11.13 18:02:03 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010.11.13 18:02:03 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010.11.13 18:02:03 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010.11.13 18:02:03 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2010.11.13 18:02:03 | 000,101,136 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2010.11.13 18:02:03 | 000,093,456 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2010.11.13 18:02:03 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010.11.13 18:02:03 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2010.11.13 18:02:03 | 000,058,128 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2010.11.13 18:02:03 | 000,056,592 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2010.11.13 18:02:03 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010.11.13 18:02:02 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010.11.13 18:01:57 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010.11.13 18:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010.11.13 17:58:06 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010.11.13 17:58:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010.11.13 17:58:00 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\Winamp
[2010.11.13 17:58:00 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010.11.13 17:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.11.13 17:51:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.11.13 17:50:59 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.11.13 17:50:18 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.11.13 17:50:05 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.11.13 17:44:40 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\LogMeIn Hamachi
[2010.11.13 17:44:20 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2010.11.13 17:43:50 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.11.13 17:33:48 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\Macromedia
[2010.11.13 17:33:48 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\Adobe
[2010.11.13 17:31:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.11.13 17:25:00 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\Mozilla
[2010.11.13 17:20:39 | 000,000,000 | ---D | C] -- C:\Program Files\ArmA 2
[2010.11.13 17:17:29 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Searches
[2010.11.13 17:17:28 | 000,000,000 | -H-D | C] -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010.11.13 17:17:18 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\Identities
[2010.11.13 17:17:16 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Contacts
[2010.11.13 17:17:06 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\VirtualStore
[2010.11.13 17:17:04 | 000,000,000 | --SD | C] -- C:\Users\Outsider\AppData\Roaming\Microsoft
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Videos
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Saved Games
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Pictures
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Music
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Links
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Favorites
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Downloads
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Documents
[2010.11.13 17:17:04 | 000,000,000 | R--D | C] -- C:\Users\Outsider\Desktop
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Documents\Zene
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Documents\Videók
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\AppData\Local\Temporary Internet Files
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Start Menu
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\SendTo
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Sablonok
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Recent
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\PrintHood
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\NetHood
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Local Settings
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Documents\Képek
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\AppData\Local\History
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Dokumentumok
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Cookies
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\Application Data
[2010.11.13 17:17:04 | 000,000,000 | -HSD | C] -- C:\Users\Outsider\AppData\Local\Application Data
[2010.11.13 17:17:04 | 000,000,000 | -H-D | C] -- C:\Users\Outsider\AppData
[2010.11.13 17:17:04 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Local\Microsoft
[2010.11.13 17:17:04 | 000,000,000 | ---D | C] -- C:\Users\Outsider\AppData\Roaming\Media Center Programs
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Zene
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Videók
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Sablonok
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Képek
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumentumok
[2010.11.13 17:16:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Asztal
[2010.11.13 17:16:51 | 000,000,000 | ---D | C] -- C:\Recovery
[2010.11.13 17:07:40 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.11.13 17:05:07 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.11.13 17:04:49 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.11.13 17:04:00 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.11.13 17:03:47 | 000,000,000 | ---D | C] -- C:\Boot
[2010.11.13 16:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\Full Spectrum Warriors

========== Files - Modified Within 30 Days ==========

[2010.11.18 11:38:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Outsider\Desktop\OTL.exe
[2010.11.18 10:28:50 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.11.18 10:17:28 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.18 10:17:28 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.18 10:14:54 | 000,640,158 | ---- | M] () -- C:\Windows\System32\perfh00E.dat
[2010.11.18 10:14:54 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.18 10:14:54 | 000,148,262 | ---- | M] () -- C:\Windows\System32\perfc00E.dat
[2010.11.18 10:14:54 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.18 10:10:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.18 10:10:10 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.18 10:10:10 | 120,840,010 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.11.17 17:59:55 | 000,520,192 | ---- | M] (ScreenTime Media) -- C:\Windows\System32\Grand Theft Auto IV Screenshot.scr
[2010.11.17 14:26:38 | 000,000,927 | ---- | M] () -- C:\Users\Outsider\Documents\Megosztási mappák.lnk
[2010.11.16 12:26:51 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.11.13 18:04:52 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.11.13 17:58:06 | 000,000,961 | ---- | M] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2010.11.13 17:33:11 | 000,000,962 | ---- | M] () -- C:\Users\Outsider\Desktop\ArmA 2 indítása.lnk
[2010.11.13 17:21:33 | 000,001,427 | ---- | M] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.11.13 17:17:46 | 000,000,359 | ---- | M] () -- C:\Users\Outsider\Desktop\Számítógép parancsikonja.lnk
[2010.11.13 17:14:20 | 000,066,752 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.11.13 17:03:48 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.11.01 16:46:59 | 000,001,294 | ---- | M] () -- C:\Users\Outsider\Desktop\Call of Duty Word at War.lnk
[2010.10.22 07:23:05 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.10.22 07:23:05 | 000,004,962 | ---- | M] () -- C:\Windows\System32\nvinfo.pb

========== Files Created - No Company Name ==========

[2010.11.17 14:26:38 | 000,000,927 | ---- | C] () -- C:\Users\Outsider\Documents\Megosztási mappák.lnk
[2010.11.16 12:26:51 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.11.13 18:04:52 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.11.13 17:58:06 | 000,000,961 | ---- | C] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2010.11.13 17:50:58 | 000,004,962 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010.11.13 17:33:11 | 000,000,962 | ---- | C] () -- C:\Users\Outsider\Desktop\ArmA 2 indítása.lnk
[2010.11.13 17:21:33 | 000,001,427 | ---- | C] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.11.13 17:19:07 | 000,001,294 | ---- | C] () -- C:\Users\Outsider\Desktop\Call of Duty Word at War.lnk
[2010.11.13 17:17:46 | 000,000,359 | ---- | C] () -- C:\Users\Outsider\Desktop\Számítógép parancsikonja.lnk
[2010.11.13 17:17:04 | 000,000,290 | ---- | C] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010.11.13 17:17:04 | 000,000,272 | ---- | C] () -- C:\Users\Outsider\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010.11.13 17:04:49 | 1610,260,480 | -HS- | C] () -- C:\hiberfil.sys
[2010.11.13 17:03:48 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.11.13 17:03:47 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2008.01.04 10:26:41 | 000,007,605 | ---- | C] () -- C:\Users\Outsider\AppData\Local\Resmon.ResmonCfg

========== LOP Check ==========

[2008.01.03 22:30:47 | 000,000,000 | ---D | M] -- C:\Users\Outsider\AppData\Roaming\DAEMON Tools Lite
[2010.11.18 10:10:50 | 000,000,000 | ---D | M] -- C:\Users\Outsider\AppData\Roaming\uTorrent
[2009.07.14 05:53:46 | 000,007,120 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

ok, valamit kitorolt a combofix, rootkitet nem talalt,
nevezd at a combofix ikonjat uninstall
es futtasd, a combofix letelepitodig a geprol,
meg valamit megnezunk, egy ket programal, hogy lassam nincsen e meg valami virus, aztan meglassuk, tehat most csinald meg ezeket.
1:futtatod a TDSS-killert
http://www.virus-stell.com/2010/08/root ... -tdl3.html
logjat tedd ide.
2: futtatod az OTL-progit a logokat tedd ide.
Letolteni az asztalra>OTListIt2>> http://oldtimer.geekstogo.com/OTL.exe
-Futatni
- file age at valtoztani 30 > 7day ra.
-bepipazni
-Scan all users.
-Lop check.
-Purity check.
-v sekciobaExtra Registry>bepotyozni>Use SafeList
-az ablakjaba -customscan/fixes masold be a textet-es klik RUNSCAN
-5-10 perc mulva add logot tedd ide
-OTL.txt (az asztalon lesz).
-exras.txt-a talcan lesz.

Ok megcsinálta a jegyzetet:

ComboFix 10-11-17.02 - Outsider 010.11.18. 10:25:17.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.36.1038.18.2048.1063 [GMT 1:00]
Running from: c:\users\Outsider\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Uninstall.lnk

.
((((((((((((((((((((((((( Files Created from 2010-10-18 to 2010-11-18 )))))))))))))))))))))))))))))))
.

2010-11-18 09:28 . 2010-11-18 09:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-18 07:27 . 2010-11-18 07:27 -------- d-----w- c:\program files\trend micro
2010-11-18 07:27 . 2010-11-18 07:27 -------- d-----w- C:\rsit
2010-11-17 16:59 . 2010-11-17 17:00 -------- d-----w- c:\windows\system32\Grand Theft Auto IV Screenshot dir
2010-11-17 16:59 . 2010-11-17 16:59 520192 ----a-w- c:\windows\system32\Grand Theft Auto IV Screenshot.scr
2010-11-17 13:28 . 2010-11-18 09:10 -------- d-----w- c:\program files\Microsoft Silverlight
2010-11-17 13:28 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2010-11-17 13:28 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2010-11-17 13:28 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll
2010-11-17 13:27 . 2010-11-17 13:27 6260088 ----a-w- c:\program files\Common Files\Windows Live\.cache\3c36e0861cb865b04\Silverlight.4.0.exe
2010-11-17 10:41 . 2010-11-17 10:41 -------- d-----w- c:\program files\Microsoft.NET
2010-11-17 10:40 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-11-16 15:22 . 2010-11-16 15:22 -------- d-----w- c:\program files\ArmA Edit
2010-11-16 11:03 . 2010-10-18 07:41 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F2F2E346-A935-4642-A06E-66C47ECB88F1}\mpengine.dll
2010-11-16 10:44 . 2010-11-16 10:44 169320 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10135.bin
2010-11-13 17:04 . 2010-11-13 17:04 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-11-13 17:04 . 2010-11-13 17:05 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-11-13 17:04 . 2010-11-13 17:04 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-11-13 17:01 . 2009-11-24 16:40 838176 ----a-w- c:\windows\RtlExUpd.dll
2010-11-13 17:01 . 2010-11-13 17:01 -------- d-----w- c:\program files\Common Files\InstallShield
2010-11-13 16:58 . 2010-11-13 16:58 -------- d-----w- c:\program files\Winamp Detect
2010-11-13 16:58 . 2010-11-13 16:58 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2010-11-13 16:58 . 2010-11-13 16:58 -------- d-----w- c:\program files\Winamp
2010-11-13 16:51 . 2010-11-18 09:10 -------- d-----w- c:\programdata\NVIDIA
2010-11-13 16:51 . 2010-11-13 16:51 -------- d-----w- c:\programdata\NVIDIA Corporation
2010-11-13 16:44 . 2010-11-13 16:44 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-11-13 16:43 . 2010-11-18 06:55 -------- d-sh--w- c:\windows\Installer
2010-11-13 16:32 . 2007-03-05 11:42 15128 ----a-w- c:\windows\system32\x3daudio1_1.dll
2010-11-13 16:31 . 2010-11-13 16:31 -------- d-----w- c:\windows\system32\Macromed
2010-11-13 16:20 . 2010-11-18 09:14 -------- d-----w- c:\windows\system32\wbem\Performance
2010-11-13 16:20 . 2010-11-17 20:45 -------- d-----w- c:\program files\ArmA 2
2010-11-13 16:18 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
2010-11-13 16:18 . 2009-12-29 06:55 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-11-13 16:17 . 2008-01-04 09:31 -------- d-----w- c:\users\Outsider
2010-11-13 16:16 . 2010-11-13 16:16 -------- d-sh--we c:\users\Default\Sablonok
2010-11-13 16:16 . 2010-11-13 16:16 -------- d-sh--we c:\users\Default\Dokumentumok
2010-11-13 16:16 . 2010-11-13 16:16 -------- d-sh--we c:\programdata\Sablonok
2010-11-13 16:16 . 2010-11-13 16:16 -------- d-sh--we c:\programdata\Dokumentumok
2010-11-13 16:16 . 2010-11-13 16:16 -------- d-sh--we c:\programdata\Asztal
2010-11-13 16:16 . 2010-11-13 16:16 -------- d-----w- C:\Recovery
2010-11-13 16:04 . 2010-11-13 16:16 -------- d-----w- c:\windows\Panther
2010-11-13 16:03 . 2010-11-13 16:03 -------- d-----w- C:\Boot
2010-11-13 15:45 . 2008-01-04 08:22 -------- d-----w- c:\program files\Full Spectrum Warriors

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-22 06:23 . 2009-07-13 22:09 5473896 ----a-w- c:\windows\system32\nvwgf2um.dll
2010-10-22 06:23 . 2010-11-13 16:50 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2010-10-16 11:42 . 2010-10-16 11:42 66664 ----a-w- c:\windows\system32\nvshext.dll
2010-10-16 11:42 . 2010-10-16 11:42 600680 ----a-w- c:\windows\system32\nvvsvc.exe
2010-10-16 11:42 . 2010-10-16 11:42 1881704 ----a-w- c:\windows\system32\nvsvcr.dll
2010-10-16 11:42 . 2010-10-16 11:42 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-10-16 11:42 . 2010-10-16 11:42 3420776 ----a-w- c:\windows\system32\nvcpl.dll
2010-10-16 11:42 . 2010-10-16 11:42 2079336 ----a-w- c:\windows\system32\nvsvc.dll
2010-09-22 23:47 . 2010-09-22 23:47 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-21 13:03 . 2010-09-21 13:03 208768 ----a-w- c:\windows\system32\LIVESSP.DLL
2010-09-08 04:30 . 2008-01-01 19:23 978432 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 04:28 . 2008-01-01 19:23 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 03:22 . 2008-01-01 19:23 386048 ----a-w- c:\windows\system32\html.iec
2010-09-08 02:48 . 2008-01-01 19:23 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-09-01 04:23 . 2008-01-01 19:22 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2010-09-01 02:34 . 2008-01-01 19:22 2327552 ----a-w- c:\windows\system32\win32k.sys
2010-08-31 04:32 . 2008-01-01 19:14 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-08-31 04:32 . 2008-01-01 19:14 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-27 05:46 . 2008-01-01 19:22 168448 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 03:31 . 2008-01-01 19:22 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-27 03:30 . 2008-01-01 19:22 308736 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-08-27 03:30 . 2008-01-01 19:22 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-08-26 04:39 . 2008-01-01 19:15 109056 ----a-w- c:\windows\system32\t2embed.dll
2010-08-21 05:36 . 2008-01-01 19:13 738816 ----a-w- c:\windows\system32\wmpmde.dll
2010-08-21 05:36 . 2008-01-01 19:22 224256 ----a-w- c:\windows\system32\schannel.dll
2010-08-21 05:33 . 2008-01-01 19:22 530432 ----a-w- c:\windows\system32\comctl32.dll
2010-08-21 05:32 . 2008-01-01 19:16 316928 ----a-w- c:\windows\system32\spoolsv.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2008-01-02 328056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-12-25 8129056]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 WatAdminSvc;Windows aktiválási technológiák szolgáltatás;c:\windows\system32\Wat\WatAdminSvc.exe [2008-01-02 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-13 691696]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]

.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\users\Outsider\AppData\Roaming\Mozilla\Firefox\Profiles\5z8gcyys.default\
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-msnmsgr - c:\program files\MSN Messenger\MsnMsgr.Exe


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-11-18 10:29:45
ComboFix-quarantined-files.txt 2010-11-18 09:29

Pre-Run: 68 029 104 128 bájt szabad
Post-Run: 68 166 975 488 bájt szabad

- - End Of File - - 0E2A790D61C0D9C35D409B52C98C4B06

ok, csináld meg az elemzést, ha tudod, az tan futtasd le a combofixet
http://www.virus-stell.com/2010/04/combofix.html

Letöltöd az asztalra és , jobb klik az ikonra és futtasd mint rendszergazda, a logjat tedd ide, a win-7 re a javító konzol nem kell.

Ööö aszt hittem ha lefagy akkor csinál valami fájlt. Bocs de nem használtam ilyet még. Itt a leírás amit készített a program:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Outsider at 2010-11-18 08:27:37
Microsoft Windows 7 Ultimate
System drive C: has 65 GB (65%) free of 100 GB
Total RAM: 2048 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:27:44, on 2010.11.18.
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Outsider\Desktop\RSIT.exe
C:\Program Files\trend micro\Outsider.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'HÁLÓZATI SZOLGÁLTATÁS')
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 18307 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-23 393600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-12-25 8129056]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2008-01-02 328056]
"msnmsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2010-11-18 08:27:38 ----D---- C:\Program Files\trend micro
2010-11-18 08:27:37 ----D---- C:\rsit
2010-11-17 17:59:55 ----D---- C:\Windows\system32\Grand Theft Auto IV Screenshot dir
2010-11-17 14:28:48 ----D---- C:\Program Files\Microsoft Silverlight
2010-11-17 14:28:11 ----A---- C:\Windows\system32\WMVDECOD.DLL
2010-11-17 14:28:11 ----A---- C:\Windows\system32\mfreadwrite.dll
2010-11-17 14:28:11 ----A---- C:\Windows\system32\mf.dll
2010-11-17 11:41:57 ----D---- C:\Program Files\Microsoft.NET
2010-11-17 11:40:56 ----A---- C:\Windows\system32\drivers\ks.sys
2010-11-16 16:22:21 ----D---- C:\Program Files\ArmA Edit
2010-11-13 18:04:52 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-11-13 18:04:40 ----D---- C:\Program Files\DAEMON Tools Lite
2010-11-13 18:04:11 ----D---- C:\Users\Outsider\AppData\Roaming\DAEMON Tools Lite
2010-11-13 18:04:09 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-11-13 18:02:22 ----D---- C:\Windows\system32\RTCOM
2010-11-13 18:02:03 ----D---- C:\Program Files\Realtek
2010-11-13 18:02:03 ----A---- C:\Windows\system32\WavesLib.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\SRSWOW.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\SRSTSXT.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\SRSTSHD.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\SRSHP360.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\RtkPgExt.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\RtkCoInst.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\RtkApoApi.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\RtkAPO.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\RTEEP32A.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\RTEEL32A.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\RTEEG32A.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\RTEED32A.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\RP3DHT32.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\RP3DAA32.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\FMAPO.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\DTSVoiceClarityDLL.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\DTSS2SpeakerDLL.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\DTSNeoPCDLL.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\DTSLimiterDLL.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\DTSLFXAPO.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\DTSGFXAPO.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\DTSGainCompensatorDLL.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\DTSBoostDLL.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\DTSBassEnhancementDLL.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys
2010-11-13 18:02:03 ----A---- C:\Windows\system32\AERTARen.dll
2010-11-13 18:02:03 ----A---- C:\Windows\system32\AERTACap.dll
2010-11-13 18:02:02 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-13 18:01:57 ----HD---- C:\Program Files\Temp
2010-11-13 18:01:56 ----A---- C:\Windows\RtlExUpd.dll
2010-11-13 18:01:54 ----D---- C:\Program Files\Common Files\InstallShield
2010-11-13 17:58:06 ----D---- C:\Program Files\Winamp Detect
2010-11-13 17:58:02 ----D---- C:\Program Files\Common Files\PX Storage Engine
2010-11-13 17:58:00 ----D---- C:\Users\Outsider\AppData\Roaming\Winamp
2010-11-13 17:58:00 ----D---- C:\Program Files\Winamp
2010-11-13 17:56:39 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-11-13 17:56:39 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-11-13 17:56:39 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-11-13 17:56:39 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-11-13 17:56:39 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-11-13 17:56:39 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-11-13 17:56:39 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-11-13 17:56:39 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-11-13 17:56:39 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-11-13 17:56:39 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-11-13 17:56:39 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-11-13 17:56:39 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-11-13 17:56:39 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-11-13 17:56:39 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-11-13 17:56:39 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-11-13 17:56:38 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-11-13 17:56:38 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-11-13 17:56:38 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-11-13 17:56:38 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-11-13 17:56:38 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-11-13 17:56:37 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-11-13 17:56:37 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-11-13 17:56:37 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-11-13 17:56:37 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-11-13 17:56:37 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-11-13 17:56:37 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-11-13 17:56:37 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-11-13 17:51:49 ----D---- C:\ProgramData\NVIDIA
2010-11-13 17:51:15 ----D---- C:\ProgramData\NVIDIA Corporation
2010-11-13 17:50:59 ----A---- C:\Windows\system32\OpenCL.dll
2010-11-13 17:50:59 ----A---- C:\Windows\system32\nvoglv32.dll
2010-11-13 17:50:59 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2010-11-13 17:50:58 ----A---- C:\Windows\system32\nvgenco322030.dll
2010-11-13 17:50:58 ----A---- C:\Windows\system32\nvdispco322050.dll
2010-11-13 17:50:58 ----A---- C:\Windows\system32\nvdecodemft.dll
2010-11-13 17:50:58 ----A---- C:\Windows\system32\nvd3dum.dll
2010-11-13 17:50:58 ----A---- C:\Windows\system32\nvcuvid.dll
2010-11-13 17:50:58 ----A---- C:\Windows\system32\nvcuvenc.dll
2010-11-13 17:50:58 ----A---- C:\Windows\system32\nvcuda.dll
2010-11-13 17:50:58 ----A---- C:\Windows\system32\nvcompiler.dll
2010-11-13 17:50:58 ----A---- C:\Windows\system32\nvapi.dll
2010-11-13 17:50:18 ----D---- C:\Program Files\NVIDIA Corporation
2010-11-13 17:50:05 ----D---- C:\NVIDIA
2010-11-13 17:44:20 ----D---- C:\Program Files\LogMeIn Hamachi
2010-11-13 17:43:50 ----SHD---- C:\Windows\Installer
2010-11-13 17:33:48 ----D---- C:\Users\Outsider\AppData\Roaming\Macromedia
2010-11-13 17:33:48 ----D---- C:\Users\Outsider\AppData\Roaming\Adobe
2010-11-13 17:33:40 ----N---- C:\Windows\system32\MpSigStub.exe
2010-11-13 17:33:05 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-11-13 17:33:05 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-11-13 17:33:05 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-11-13 17:33:05 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-11-13 17:33:05 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-11-13 17:33:04 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-11-13 17:33:04 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-11-13 17:33:04 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-11-13 17:33:04 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-11-13 17:33:04 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-11-13 17:33:04 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-11-13 17:33:03 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-11-13 17:33:03 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-11-13 17:33:03 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-11-13 17:33:03 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-11-13 17:33:03 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-11-13 17:33:03 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-11-13 17:33:03 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-11-13 17:33:03 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-11-13 17:33:03 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-11-13 17:33:02 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-11-13 17:33:02 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-11-13 17:33:02 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-11-13 17:33:02 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-11-13 17:33:02 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-11-13 17:33:02 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-11-13 17:33:02 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-11-13 17:33:02 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-11-13 17:33:02 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-11-13 17:33:02 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-11-13 17:33:02 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-11-13 17:33:02 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-11-13 17:33:01 ----A---- C:\Windows\system32\xinput1_3.dll
2010-11-13 17:33:01 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-11-13 17:33:01 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-11-13 17:33:01 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-11-13 17:33:01 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-11-13 17:33:01 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-11-13 17:33:01 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-11-13 17:33:00 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-11-13 17:33:00 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-11-13 17:33:00 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-11-13 17:33:00 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-11-13 17:33:00 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-11-13 17:33:00 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-11-13 17:33:00 ----A---- C:\Windows\system32\d3dx10.dll
2010-11-13 17:33:00 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-11-13 17:32:59 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-11-13 17:32:59 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-11-13 17:32:59 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-11-13 17:32:58 ----A---- C:\Windows\system32\xinput1_2.dll
2010-11-13 17:32:58 ----A---- C:\Windows\system32\xinput1_1.dll
2010-11-13 17:32:58 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-11-13 17:32:58 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-11-13 17:32:58 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-11-13 17:32:56 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-11-13 17:32:55 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-11-13 17:32:55 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-11-13 17:32:55 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-11-13 17:32:55 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-11-13 17:32:55 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-11-13 17:32:55 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-11-13 17:32:54 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-11-13 17:32:54 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-11-13 17:31:35 ----D---- C:\Windows\system32\Macromed
2010-11-13 17:23:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-13 17:20:39 ----D---- C:\Program Files\ArmA 2
2010-11-13 17:18:14 ----A---- C:\Windows\system32\wintrust.dll
2010-11-13 17:18:14 ----A---- C:\Windows\system32\cabview.dll
2010-11-13 17:17:18 ----D---- C:\Users\Outsider\AppData\Roaming\Identities
2010-11-13 17:17:04 ----SD---- C:\Users\Outsider\AppData\Roaming\Microsoft
2010-11-13 17:17:04 ----D---- C:\Users\Outsider\AppData\Roaming\Media Center Programs
2010-11-13 17:16:51 ----SHD---- C:\Recovery
2010-11-13 17:16:51 ----SHD---- C:\ProgramData\Sablonok
2010-11-13 17:16:51 ----SHD---- C:\ProgramData\Dokumentumok
2010-11-13 17:16:51 ----SHD---- C:\ProgramData\Asztal
2010-11-13 17:07:40 ----D---- C:\Windows\SoftwareDistribution
2010-11-13 17:05:07 ----D---- C:\Windows\Prefetch
2010-11-13 17:04:50 ----ASH---- C:\pagefile.sys
2010-11-13 17:04:49 ----SHD---- C:\System Volume Information
2010-11-13 17:04:49 ----ASH---- C:\hiberfil.sys
2010-11-13 17:04:00 ----D---- C:\Windows\Panther
2010-11-13 17:03:48 ----RASH---- C:\BOOTSECT.BAK
2010-11-13 17:03:47 ----SHD---- C:\Boot
2010-11-13 16:45:37 ----D---- C:\Program Files\Full Spectrum Warriors
2010-10-16 12:42:46 ----A---- C:\Windows\system32\nvvsvc.exe
2010-10-16 12:42:46 ----A---- C:\Windows\system32\nvsvcr.dll
2010-10-16 12:42:46 ----A---- C:\Windows\system32\nvshext.dll
2010-10-16 12:42:46 ----A---- C:\Windows\system32\nvmctray.dll
2010-10-16 12:42:42 ----A---- C:\Windows\system32\nvcpl.dll
2010-10-16 12:42:38 ----A---- C:\Windows\system32\nvsvc.dll
2010-09-23 00:47:28 ----A---- C:\Windows\system32\sirenacm.dll
2010-09-21 14:03:14 ----A---- C:\Windows\system32\LIVESSP.DLL

======List of files/folders modified in the last 3 months======

2010-11-18 08:27:38 ----RD---- C:\Program Files
2010-11-18 08:27:38 ----D---- C:\Windows\Temp
2010-11-18 08:05:04 ----D---- C:\Windows\system32\config
2010-11-18 07:54:29 ----D---- C:\Windows\System32
2010-11-18 07:54:28 ----D---- C:\Windows\inf
2010-11-18 07:51:54 ----D---- C:\Users\Outsider\AppData\Roaming\uTorrent
2010-11-17 20:01:45 ----D---- C:\Windows\Minidump
2010-11-17 20:01:34 ----D---- C:\Windows
2010-11-17 14:42:31 ----D---- C:\Windows\winsxs
2010-11-17 14:31:32 ----D---- C:\Program Files\Windows Live
2010-11-17 14:30:41 ----SD---- C:\ProgramData\Microsoft
2010-11-17 14:30:36 ----D---- C:\Program Files\Common Files\microsoft shared
2010-11-17 14:30:17 ----D---- C:\Windows\system32\catroot
2010-11-17 14:12:46 ----D---- C:\Windows\Microsoft.NET
2010-11-17 14:12:11 ----RSD---- C:\Windows\assembly
2010-11-17 12:47:08 ----D---- C:\Windows\system32\DriverStore
2010-11-17 12:47:08 ----D---- C:\Windows\system32\drivers
2010-11-17 12:47:08 ----D---- C:\Windows\ehome
2010-11-17 12:47:08 ----D---- C:\Windows\AppPatch
2010-11-17 11:44:22 ----D---- C:\Windows\system32\hu-HU
2010-11-17 11:41:58 ----D---- C:\Windows\system32\en-US
2010-11-17 11:40:36 ----D---- C:\Program Files\Internet Explorer
2010-11-17 11:40:27 ----D---- C:\Windows\system32\catroot2
2010-11-16 14:38:34 ----D---- C:\Windows\rescache
2010-11-16 12:26:50 ----D---- C:\Windows\system32\drivers\UMDF
2010-11-13 18:04:53 ----D---- C:\Windows\system32\Tasks
2010-11-13 17:51:39 ----D---- C:\Windows\Help
2010-11-13 17:25:07 ----D---- C:\Windows\system32\CodeIntegrity
2010-11-13 17:20:52 ----D---- C:\Windows\system32\wbem
2010-11-13 17:18:15 ----D---- C:\Windows\system32\restore
2010-11-13 17:17:14 ----SHD---- C:\$Recycle.Bin
2010-11-13 17:17:01 ----RD---- C:\Users
2010-11-13 17:16:51 ----D---- C:\Windows\system32\Recovery
2010-11-13 17:16:51 ----D---- C:\Program Files\Windows NT
2010-11-13 17:13:54 ----D---- C:\Windows\system32\sysprep
2010-11-13 17:05:32 ----D---- C:\Windows\CSC
2010-11-02 16:47:16 ----A---- C:\Windows\system32\MRT.exe
2010-10-22 07:23:05 ----A---- C:\Windows\system32\nvwgf2um.dll
2010-09-08 05:30:04 ----A---- C:\Windows\system32\wininet.dll
2010-09-08 05:30:01 ----A---- C:\Windows\system32\urlmon.dll
2010-09-08 05:28:53 ----A---- C:\Windows\system32\mstime.dll
2010-09-08 05:28:44 ----A---- C:\Windows\system32\mshtmled.dll
2010-09-08 05:28:44 ----A---- C:\Windows\system32\mshtml.dll
2010-09-08 05:28:42 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-09-08 05:28:42 ----A---- C:\Windows\system32\msfeeds.dll
2010-09-08 05:28:15 ----A---- C:\Windows\system32\licmgr10.dll
2010-09-08 05:28:11 ----A---- C:\Windows\system32\jsproxy.dll
2010-09-08 05:28:01 ----A---- C:\Windows\system32\ieui.dll
2010-09-08 05:28:01 ----A---- C:\Windows\system32\iertutil.dll
2010-09-08 05:28:01 ----A---- C:\Windows\system32\iepeers.dll
2010-09-08 05:28:01 ----A---- C:\Windows\system32\ieframe.dll
2010-09-08 05:27:56 ----A---- C:\Windows\system32\iedkcs32.dll
2010-09-08 05:25:58 ----A---- C:\Windows\system32\msfeedssync.exe
2010-09-01 05:29:28 ----A---- C:\Windows\system32\wmp.dll
2010-09-01 05:23:49 ----A---- C:\Windows\system32\wmploc.DLL
2010-08-31 05:32:30 ----A---- C:\Windows\system32\mfc40u.dll
2010-08-31 05:32:30 ----A---- C:\Windows\system32\mfc40.dll
2010-08-27 06:46:48 ----A---- C:\Windows\system32\srvsvc.dll
2010-08-26 05:39:58 ----A---- C:\Windows\system32\t2embed.dll
2010-08-21 06:36:33 ----A---- C:\Windows\system32\wmpmde.dll
2010-08-21 06:36:24 ----A---- C:\Windows\system32\schannel.dll
2010-08-21 06:33:24 ----A---- C:\Windows\system32\comctl32.dll
2010-08-21 06:32:37 ----A---- C:\Windows\system32\spoolsv.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-13 691696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-12-25 2981024]
R3 NVENETFD;NVIDIA nForce hálózati vezérlő illesztőprogramja; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 apq1uoc8;apq1uoc8; C:\Windows\system32\drivers\apq1uoc8.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 600680]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2008-01-02 1343400]

-----------------EOF-----------------

Rendben. Most töltöm le asztán kiderül. Küldöm az elemzést.
Köszi megint
Üdv Outsider

csinálj kekhalal elemzest és tedd ide a logjat ,es az RSIT logjat is.
http://www.virus-stell.com/2010/04/kek- ... mzese.html
http://www.virus-stell.com/2010/04/rsit.html