Szia Stell! Átmásolok ide mindent ami eddig történt, így tán jobban megtalálod.
1. Szia Stell!
Szerintem nekem is el kellene a segítség, mert piszok lassú a gép meg a net is , ugy hogy újra hozzád fordulnék ha lehet! (Egyszer már március környékén segítettél (
http://squito-web.com/stell/forum/viewtopic.php?t=52)
RSIT log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by PALLAGI ZSOLT at 2010-09-07 22:20:03
Microsoft Windows XP Professional Szervizcsomag 3
System drive C: has 5 GB (38%) free of 12 GB
Total RAM: 511 MB (28% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live bejelentkezési segítség - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-12 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-06-12 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-04-26 2161480]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-10-06 5058560]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-06-09 322352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2010-06-09 322352]
C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-09-07 22:20:18 ----D---- C:\Program Files\trend micro
2010-09-07 22:20:03 ----D---- C:\rsit
2010-08-23 21:05:42 ----HD---- C:\WINDOWS\PIF
2010-08-11 22:28:41 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-11 22:28:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-11 22:26:07 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-11 22:25:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-11 22:08:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-11 22:08:10 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-11 22:03:57 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-11 22:03:35 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
======List of files/folders modified in the last 1 months======
2010-09-07 22:20:24 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-07 22:20:18 ----RD---- C:\Program Files
2010-09-07 22:20:10 ----D---- C:\Documents and Settings\PALLAGI ZSOLT\Application Data\uTorrent
2010-09-07 22:20:07 ----D---- C:\WINDOWS\Prefetch
2010-09-07 22:18:29 ----D---- C:\WINDOWS\Temp
2010-09-07 09:15:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-05 13:54:50 ----A---- C:\WINDOWS\winamp.ini
2010-09-05 07:53:57 ----D---- C:\WINDOWS
2010-09-03 00:13:42 ----SHD---- C:\WINDOWS\Installer
2010-09-03 00:13:36 ----D---- C:\Config.Msi
2010-09-03 00:05:12 ----D---- C:\WINDOWS\system32
2010-08-12 20:10:28 ----D---- C:\WINDOWS\Debug
2010-08-12 08:53:17 ----RSD---- C:\WINDOWS\assembly
2010-08-12 08:46:30 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-11 22:29:02 ----HD---- C:\WINDOWS\inf
2010-08-11 22:28:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-11 22:28:50 ----D---- C:\WINDOWS\system32\drivers
2010-08-11 22:28:38 ----D---- C:\WINDOWS\$hf_mig$
2010-08-11 22:23:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-11 22:20:34 ----D---- C:\WINDOWS\WinSxS
2010-08-11 22:09:47 ----D---- C:\Program Files\Internet Explorer
2010-08-11 22:09:10 ----D---- C:\WINDOWS\ie8updates
2010-08-11 22:04:02 ----D---- C:\Program Files\Movie Maker
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sisagp;SIS AGP-buszszűrő; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-13 40960]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-06-23 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 ehdrv;ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [2010-04-26 114984]
R1 epfwtdi;epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [2010-04-26 55232]
R1 intelppm;Intel processzor illesztőprogramja; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R2 eamon;eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [2010-04-26 139192]
R2 epfw;epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [2010-04-26 134488]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-02-27 611820]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [2010-04-26 32584]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-10-06 1550043]
R3 SISNIC;SiS PCI gyors Ethernet-adapterillesztő; C:\WINDOWS\System32\DRIVERS\sisnic.sys [2004-08-03 32768]
S3 adupapjq;adupapjq; C:\WINDOWS\system32\drivers\adupapjq.sys []
S3 USBSTOR;USB háttértár illesztőprogramja; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-04-26 810120]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-06-12 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2003-10-06 81920]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-04-26 33560]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;A Windows Media Player hálózatmegosztási szolgáltatása; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-10 919040]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
2.Na kiírom ide is szóval a Combofix log:
ComboFix 10-09-07.01 - PALLAGI ZSOLT 010.09.08. 20:09:38.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.36.1038.18.511.315 [GMT 2:00]
Running from: c:\documents and settings\PALLAGI ZSOLT\Asztal\ComboFix.exe
Command switches used :: c:\documents and settings\PALLAGI ZSOLT\Asztal\WindowsXP-KB310994-SP2-Pro-BootDisk-HUN.exe
AV: ESET Smart Security 4.2 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Személyi tűzfal *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\ss3unstl.exe
.
((((((((((((((((((((((((( Files Created from 2010-08-08 to 2010-09-08 )))))))))))))))))))))))))))))))
.
2010-09-08 17:23 . 2010-09-08 16:36 52224 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\components\FFExternalAlert.dll
2010-09-08 17:23 . 2010-09-08 16:36 101376 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\components\RadioWMPCore.dll
2010-09-07 20:20 . 2010-09-07 20:20 -------- d-----w- c:\program files\trend micro
2010-09-07 20:20 . 2010-09-07 20:20 -------- d-----w- C:\rsit
2010-08-23 19:05 . 2010-08-23 19:05 -------- d--h--w- c:\windows\PIF
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-08 17:58 . 2010-06-08 20:58 -------- d-----w- c:\documents and settings\PALLAGI ZSOLT\Application Data\uTorrent
2010-08-12 17:57 . 2010-06-08 22:42 17728 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-11 20:23 . 2001-10-26 11:00 95768 ----a-w- c:\windows\system32\perfc00E.dat
2010-08-11 20:23 . 2001-10-26 11:00 439510 ----a-w- c:\windows\system32\perfh00E.dat
2010-08-03 08:13 . 2010-08-03 08:13 -------- d-----w- c:\documents and settings\PALLAGI ZSOLT\Application Data\DVDVideoSoftIEHelpers
2010-08-03 08:13 . 2010-06-09 22:41 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-06-30 12:33 . 2002-09-20 16:04 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:26 . 2002-09-20 16:05 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2002-09-20 15:41 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-23 07:59 . 2010-06-23 07:59 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-21 15:27 . 2001-10-26 11:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2001-10-26 11:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2010-06-08 19:59 744448 ----a-w- c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
2010-06-14 07:43 . 2002-09-20 16:04 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-13 10:08 . 2010-06-13 10:08 61440 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-26a72d79-n\decora-sse.dll
2010-06-13 10:08 . 2010-06-13 10:08 503808 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-5488d642-n\msvcp71.dll
2010-06-13 10:08 . 2010-06-13 10:08 499712 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-5488d642-n\jmc.dll
2010-06-13 10:08 . 2010-06-13 10:08 348160 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-5488d642-n\msvcr71.dll
2010-06-13 10:08 . 2010-06-13 10:08 12800 ----a-w- c:\documents and settings\PALLAGI ZSOLT\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-26a72d79-n\decora-d3d.dll
2010-06-12 08:16 . 2010-06-12 08:17 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-11 18:27 . 2010-06-08 20:02 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-06-09 322352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-04-26 2161480]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-10-06 5058560]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2010-06-09 07:29 322352 ----a-w- c:\program files\uTorrent\uTorrent.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010.04.26. 8:13 114984]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010.04.26. 8:13 810120]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010.06.23. 9:59 691696]
.
Contents of the 'Scheduled Tasks' folder
2010-09-08 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-06-15 20:18]
.
.
------- Supplementary Scan -------
.
IE: E&xportálás Microsoft Excel formátumba - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\documents and settings\PALLAGI ZSOLT\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm
DPF: DirectAnimation Java Classes -
file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - component: c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{ee4c73ff-7a1b-4330-acec-45e409118cc1}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\PALLAGI ZSOLT\Application Data\Mozilla\Firefox\Profiles\917ynt8x.default\extensions\{ee4c73ff-7a1b-4330-acec-45e409118cc1}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-CTFMON - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-09-08 20:19
Windows 5.1.2600 Szervizcsomag 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2010-09-08 20:23:25
ComboFix-quarantined-files.txt 2010-09-08 18:23
Pre-Run: 4 985 643 008 bájt szabad
Post-Run: 4 942 761 984 bájt szabad
WindowsXP-KB310994-SP2-Pro-BootDisk-HUN.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional - magyar" /fastdetect
- - End Of File - - BDD37C9742C3C8345CAE7938096E5F88