Terminál Fórum https://forum.technokrata.hu/forum/ |
|
Idegesítő problémák a géppel https://forum.technokrata.hu/forum/viewtopic.php?f=15&t=39733 |
Oldal: 1 / 1 |
Szerző: | stell [ kedd feb. 22, 2011 17:41 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
Nincsen mit Üdv. |
Szerző: | FTR [ kedd feb. 22, 2011 12:08 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
most minden jó! köszönöm szépen ha lesz még vmi szólok. még egyszer köszönöm |
Szerző: | stell [ kedd feb. 22, 2011 7:15 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
Na én ezt honnan tudjam, hogy a csak a chrome rosz, telepítsd újra. |
Szerző: | FTR [ hétf. feb. 21, 2011 22:10 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
a firefoxot rakjam újra? ott jó... a chrome-ban rossz AVPtool semmi a hang probléma: újra telepítettem a hang drivert és néha még mindig elmegy |
Szerző: | stell [ hétf. feb. 21, 2011 9:31 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
Nezd at a gepet evvel http://www.virus-stell.com/2010/04/avptool.html Át telepíteni a FireFoxot Ujra telepiteni az Flash playert http://get.adobe.com/flashplayer/ |
Szerző: | FTR [ vas. feb. 20, 2011 21:11 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
most tovább megy de így is néha megfagy azért köszönöm a segítséget néha meg eltűnik az audio out azért igyekszem megoldani amit tudok. köszi |
Szerző: | stell [ vas. feb. 20, 2011 19:20 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
Ok most csinald meg eztett> A fix.reg futtatasa utan, restartolni a gepet es kiprobalni http://www.virus-stell.com/2010/04/ninc ... okban.html |
Szerző: | FTR [ vas. feb. 20, 2011 19:07 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
SystemLook 04.09.10 by jpshortstuff Log created at 19:01 on 20/02/2011 by FTR Administrator - Elevation successful ========== reg ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"="midimap.dll" "msacm.imaadpcm"="imaadp32.acm" "msacm.msadpcm"="msadp32.acm" "msacm.msg711"="msg711.acm" "msacm.msgsm610"="msgsm32.acm" "msacm.trspch"="tssoft32.acm" "vidc.cvid"="iccvid.dll" "vidc.I420"="msh263.drv" "vidc.iv31"="ir32_32.dll" "vidc.iv32"="ir32_32.dll" "vidc.iv41"="ir41_32.ax" "vidc.iyuv"="iyuv_32.dll" "vidc.mrle"="msrle32.dll" "vidc.msvc"="msvidc32.dll" "vidc.uyvy"="msyuv.dll" "vidc.yuy2"="msyuv.dll" "vidc.yvu9"="tsbyuv.dll" "vidc.yvyu"="msyuv.dll" "wavemapper"="msacm32.drv" "msacm.msg723"="msg723.acm" "vidc.M263"="msh263.drv" "vidc.M261"="msh261.drv" "msacm.msaudio1"="msaud32.acm" "msacm.sl_anet"="sl_anet.acm" "msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" "vidc.iv50"="ir50_32.dll" "msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" "vidc.ffds"="ffdshow.ax" "wave"="wdmaud.drv" "midi"="wdmaud.drv" "mixer"="wdmaud.drv" "aux"="wdmaud.drv" "vidc.DIVX"="DivX.dll" "vidc.yv12"="DivX.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server] -= EOF =- |
Szerző: | stell [ vas. feb. 20, 2011 18:52 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
http://www.virus-stell.com/2010/04/systemlook.html Tolds le a systemlook programot, es tedd bele az a scriptet, ami ot van mint pelda, a logjat tedd ide. Aztan elmegy ide a szlovak blogomba http://virusstell.blogspot.com/2011/01/ ... citac.html Vymažte Flash cache. Megtalalod azon az oldalon ahol leszel ezt a linket >>>odkaz <<Flash cache. Vymažte Flash cache. 1.Kliknite na >>>odkaz <<ide ra klikelsz, ez kinyissa a flash playerodat, az allol>.fogod latni a web oldalakat <<tavolids el mindet>>es probald ki, |
Szerző: | FTR [ vas. feb. 20, 2011 18:34 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
Igen a böngészőmben! például ha megnyitom a youtube-ot elindul egy videó 10-20 másodperc múlva megáll, a keresősáv rózsaszín mintha végig betöltötte volna, ha frissítek ugyanúgy megáll, ha továbbpörgetem vissza ugrik oda ahol kifagyott... jah és úgy néz ki csak a Chrome csinálja a firefoxban jó viszont szeretném a chromet használni továbbra is Kód: All processes killed ========== OTL ========== Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 deleted successfully. Invalid CLSID key: _nltide_2 Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 not found. Invalid CLSID key: _nltide_2 C:\WINDOWS\msdownld.tmp folder deleted successfully. C:\WINDOWS\SET3.tmp deleted successfully. C:\WINDOWS\SET4.tmp deleted successfully. C:\WINDOWS\SET8.tmp deleted successfully. C:\WINDOWS\System32\CONFIG.TMP deleted successfully. C:\WINDOWS\QTFont.qfn moved successfully. C:\WINDOWS\QTFont.for moved successfully. ========== FILES ========== [color=#A23BEC]< ipconfig /flushdns /c >[/color] Windows IP konfiguráció A DNS-feloldási gyorsítótár kiürítése sikeresen megtörtént. C:\Documents and Settings\FTR\Asztal\cmd.bat deleted successfully. C:\Documents and Settings\FTR\Asztal\cmd.txt deleted successfully. ========== COMMANDS ========== C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully Restore point Set: OTL Restore Point (0) [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 8374218 bytes ->Temporary Internet Files folder emptied: 383553 bytes ->FireFox cache emptied: 3799663 bytes User: FTR ->Temp folder emptied: 116328 bytes ->Temporary Internet Files folder emptied: 85794 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 53980359 bytes ->Google Chrome cache emptied: 54630974 bytes ->Flash cache emptied: 1616 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 16384 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 15715 bytes Total Files Cleaned = 116,00 mb OTL by OldTimer - Version 3.2.20.6 log created on 02202011_181525 Files\Folders moved on Reboot... Registry entries deleted on Reboot... |
Szerző: | stell [ szomb. feb. 19, 2011 22:13 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
Futtasd az OTL-programot, az ablakjaba masold be a zold textet es most klik az RunFix gombra, a logot a restart utan tedd ide Kód: :OTL O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2011.02.14 23:10:20 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2011.02.06 02:11:20 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for :Files ipconfig /flushdns /c :Commands [purity] [resethosts] [CreateRestorePoint] [emptytemp] [start explorer] most Akkor próbáld ki hogy hol nem játszik a Video?/a Böngészőben?? Ird le pontosabban, hogy mit csinál. |
Szerző: | FTR [ szomb. feb. 19, 2011 21:41 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
remélem jól csináltam: OTL logfile created on: 2011.02.19. 21:26:00 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\FTR\Asztal Windows XP Professional Edition Szervizcsomag 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000040E | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd. 751,00 Mb Total Physical Memory | 228,00 Mb Available Physical Memory | 30,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 62,00% Paging File free Paging file location(s): C:\pagefile.sys 1128 2256 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 16,82 Gb Total Space | 5,29 Gb Free Space | 31,42% Space Free | Partition Type: NTFS Drive D: | 39,06 Gb Total Space | 10,74 Gb Free Space | 27,51% Space Free | Partition Type: NTFS Computer Name: FTR-7CBA9B98186 | User Name: FTR | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.02.19 21:19:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\FTR\Asztal\OTL.exe PRC - [2011.02.19 14:51:43 | 000,122,064 | ---- | M] (dotSyntax, LLC) -- C:\Program Files\Digsby\lib\digsby-app.exe PRC - [2011.02.10 04:14:59 | 000,994,872 | ---- | M] (Google Inc.) -- C:\Documents and Settings\FTR\Local Settings\Application Data\Google\Chrome\Application\chrome.exe PRC - [2010.12.17 19:03:20 | 000,395,640 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\TC UP\PLUGINS\Media\uTorrent\utorrent.exe PRC - [2010.12.08 22:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe PRC - [2010.11.17 09:17:26 | 000,151,552 | -HS- | M] () -- C:\WINDOWS\kmsem\KMService.exe PRC - [2010.11.17 09:17:26 | 000,008,192 | -HS- | M] () -- C:\WINDOWS\system32\srvany.exe PRC - [2010.09.25 20:39:29 | 000,554,312 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32krn.exe PRC - [2008.06.11 19:13:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe PRC - [2008.04.15 12:00:00 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008.03.11 21:13:08 | 000,788,332 | ---- | M] () -- C:\Program Files\Digsby\lib\aspell\bin\aspell.exe PRC - [2007.04.30 16:13:54 | 003,450,608 | ---- | M] (Stardock) -- C:\Program Files\Stardock\ObjectDock\ObjectDock.exe PRC - [2006.08.10 22:08:04 | 002,379,776 | ---- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe PRC - [2006.08.10 16:10:56 | 000,110,592 | ---- | M] () -- C:\WINDOWS\ATK0100\HControl.exe ========== Modules (SafeList) ========== MOD - [2011.02.19 21:19:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\FTR\Asztal\OTL.exe MOD - [2010.08.23 17:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2007.04.30 15:48:50 | 000,112,400 | ---- | M] () -- C:\Program Files\Stardock\ObjectDock\DockShellHook.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (WMPNetworkSvc) SRV - [2010.11.23 23:53:13 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.11.17 09:17:26 | 000,008,192 | -HS- | M] () [Auto | Running] -- C:\WINDOWS\system32\srvany.exe -- (KMService) SRV - [2010.10.04 12:40:02 | 000,054,784 | ---- | M] (Macrovision) [Auto | Stopped] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA) SRV - [2010.09.25 20:39:29 | 000,554,312 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn) SRV - [2010.03.25 06:55:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme) DRV - [2010.10.04 12:40:04 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA) DRV - [2010.09.25 20:39:29 | 000,511,832 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON) DRV - [2010.09.25 20:39:29 | 000,015,160 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv) DRV - [2009.03.11 01:37:35 | 000,118,656 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2008.04.15 12:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2006.01.13 10:30:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vd_filedisk.sys -- (VD_FileDisk) DRV - [2005.11.10 13:14:12 | 004,064,256 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005.08.19 06:20:44 | 000,190,912 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2005.04.18 22:21:08 | 000,027,136 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk) DRV - [2005.02.17 23:07:48 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2005.02.16 19:50:00 | 001,036,928 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP) DRV - [2005.02.16 19:50:00 | 000,702,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2005.02.16 19:50:00 | 000,163,328 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2004.12.06 15:51:10 | 000,051,328 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\rimsptsk.sys -- (rimsptsk) DRV - [2004.08.22 13:01:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt) DRV - [2004.08.22 13:01:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\d347bus.sys -- (d347bus) DRV - [2004.07.29 12:59:58 | 000,211,072 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RT2500.sys -- (RT2500) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1390067357-842925246-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-1390067357-842925246-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {cbafdacb-a320-4294-9516-494f93d5d1b3}:1.0.6 FF - prefs.js..extensions.enabledItems: adonis.cuhk@gmail.com:1.4 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..network.proxy.type: 4 FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010.12.19 12:40:31 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010.12.19 12:40:32 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.02.06 01:23:25 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.02.06 01:23:20 | 000,000,000 | ---D | M] [2010.10.25 21:44:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\FTR\Application Data\Mozilla\Extensions [2011.02.19 20:13:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\FTR\Application Data\Mozilla\Firefox\Profiles\bcf1mejs.default\extensions [2010.09.27 00:38:23 | 000,000,000 | ---D | M] (Digsby Donates) -- C:\Documents and Settings\FTR\Application Data\Mozilla\Firefox\Profiles\bcf1mejs.default\extensions\{cbafdacb-a320-4294-9516-494f93d5d1b3} [2010.11.30 23:06:33 | 000,000,000 | ---D | M] (Google Docs Viewer) -- C:\Documents and Settings\FTR\Application Data\Mozilla\Firefox\Profiles\bcf1mejs.default\extensions\adonis.cuhk@gmail.com [2011.02.09 14:03:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011.02.09 14:03:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010.12.19 12:40:31 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO [2010.12.19 12:40:32 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA [2011.02.06 01:15:00 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010.12.03 19:44:48 | 000,000,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml [2010.12.03 19:44:48 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\polymeta.xml [2010.12.03 19:44:48 | 000,001,628 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\sztaki-en-hu.xml [2010.12.03 19:44:48 | 000,000,974 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\vatera.xml [2010.12.03 19:44:48 | 000,001,189 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-hu.xml O1 HOSTS File: ([2011.02.19 19:31:02 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Digsby Donates) - {998A3C0C-8914-4D2A-AE36-BFA2E5AE6D5D} - C:\Program Files\Digsby Donates\ShoppingBHO.dll (Freecause Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-21-1390067357-842925246-1644491937-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.) O4 - HKLM..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe () O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe () O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset ) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [UpdateReminder] C:\Program Files\Eset\UpdateReminder.exe (ESET, spol. s r.o.) O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Indítópult\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock) O4 - Startup: C:\Documents and Settings\FTR\Start Menu\Programs\Indítópult\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\FTR\Start Menu\Programs\Indítópult\digsby.lnk = C:\Program Files\Digsby\digsby.exe () O4 - Startup: C:\Documents and Settings\FTR\Start Menu\Programs\Indítópult\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1390067357-842925246-1644491937-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1390067357-842925246-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1390067357-842925246-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1390067357-842925246-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: E&xportálás a Microsoft Excel programba - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset ) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset ) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset ) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset ) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset ) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\imon.dll (Eset ) O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://www.heszir.hu/PecsIndex/ActiveX/mgaxctrl.cab (Autodesk MapGuide ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.4.2_05) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\WINDOWS\system32\acaptuser32.dll) - C:\WINDOWS\system32\acaptuser32.dll (Adobe Systems, Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Jelenlegi saját honlap) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\FTR\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\FTR\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.09.25 19:32:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafikus leképezés (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {32D5C62B-F3B4-3EC3-2D0D-2874245E777F} - NetShow ActiveX: {33F33C1A-E45B-FF2E-7725-CC160D0289C3} - DirectAnimation ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dinamikus HTML-adatkapcsolások a Javához ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java-osztályok ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7 ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Windows XP biztonsági frissítés - KB923789 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {B0087AEE-2CA7-4296-B0C3-663AA619DF1B} - Google Toolbar for Internet Explorer 8 ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Feladatütemező ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /HideWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.ffds - C:\WINDOWS\System32\ffdshow.ax () Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found ========== Files/Folders - Created Within 30 Days ========== [2011.02.19 21:19:10 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\FTR\Asztal\OTL.exe [2011.02.19 19:31:22 | 000,000,000 | ---D | C] -- C:\RECYCLER [2011.02.19 19:30:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2011.02.19 19:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\xerox [2011.02.19 19:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\windows media player [2011.02.19 19:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage [2011.02.19 19:21:46 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011.02.19 19:20:24 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011.02.19 19:15:44 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011.02.19 19:15:44 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011.02.19 19:15:44 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011.02.19 19:15:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011.02.19 18:19:46 | 000,000,000 | ---D | C] -- C:\Qoobox [2011.02.06 23:09:23 | 000,000,000 | ---D | C] -- C:\Program Files\Starcraft [2011.02.06 19:31:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FTR\Start Menu\Programs\Counter-Strike 1.6 [2011.02.06 19:29:41 | 000,000,000 | ---D | C] -- C:\Program Files\Counter-Strike 1.6 [2011.02.06 01:23:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox [2011.02.06 01:15:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun [2011.02.06 01:15:15 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2011.02.06 01:15:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2011.02.06 01:15:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2011.02.06 01:15:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2011.02.06 01:15:15 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2011.02.06 01:11:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\FTR\Recent [2011.02.02 01:40:54 | 002,120,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll [2011.02.02 01:40:54 | 000,133,616 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll [2011.02.02 01:40:54 | 000,126,448 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe [2011.02.02 01:40:54 | 000,123,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe [2011.02.02 01:40:54 | 000,068,592 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe [2011.02.02 01:40:54 | 000,068,080 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe [2011.02.02 01:36:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FTR\Dokumentumok\Downloads [2011.01.21 15:44:12 | 000,439,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll [2011.01.20 21:56:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2010.09.25 21:02:10 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys [2010.09.25 21:02:10 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys [2004.11.24 19:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.02.19 21:24:00 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011.02.19 21:19:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\FTR\Asztal\OTL.exe [2011.02.19 21:09:00 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-842925246-1644491937-1003UA.job [2011.02.19 19:31:02 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011.02.19 19:31:00 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cbb7663d472ad4.job [2011.02.19 19:30:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.02.19 19:21:54 | 000,000,336 | RHS- | M] () -- C:\boot.ini [2011.02.19 19:11:59 | 000,033,645 | ---- | M] () -- C:\Documents and Settings\FTR\Asztal\confirmation.aspx [2011.02.19 18:58:07 | 000,000,415 | ---- | M] () -- C:\Documents and Settings\FTR\Asztal\details.aspx [2011.02.19 18:56:11 | 004,271,141 | R--- | M] () -- C:\Documents and Settings\FTR\Asztal\ComboFix.exe [2011.02.19 18:09:00 | 000,001,068 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-842925246-1644491937-1003Core.job [2011.02.19 17:52:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.02.19 15:28:48 | 000,081,920 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER [2011.02.14 23:10:20 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2011.02.14 20:27:41 | 001,081,312 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.02.14 19:18:36 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011.02.14 18:01:40 | 000,002,268 | ---- | M] () -- C:\Documents and Settings\FTR\Asztal\Google Chrome.lnk [2011.02.14 18:01:40 | 000,002,246 | ---- | M] () -- C:\Documents and Settings\FTR\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2011.02.09 13:54:48 | 000,000,000 | ---- | M] () -- C:\WINDOWS\vpd.properties [2011.02.06 19:32:01 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\FTR\Asztal\Counter-Strike 1.6.lnk [2011.02.06 02:35:41 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\FTR\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.02.06 02:11:20 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for [2011.02.06 01:23:26 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\FTR\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011.02.06 01:23:26 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Asztal\Mozilla Firefox.lnk [2011.02.06 01:14:58 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2011.02.06 01:14:58 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2011.02.06 01:14:57 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2011.02.06 01:14:57 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2011.02.06 01:14:57 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2011.01.31 10:05:53 | 001,966,080 | ---- | M] () -- C:\WINDOWS\System32\tabló.pdf [2011.01.28 04:35:26 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\imon1.dat [2011.01.21 15:44:12 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll [2011.01.21 15:44:12 | 000,439,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll [2011.01.21 06:15:19 | 011,493,138 | ---- | M] () -- C:\Documents and Settings\FTR\Asztal\Diploma.docx [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.02.19 19:21:54 | 000,000,220 | ---- | C] () -- C:\Boot.bak [2011.02.19 19:21:48 | 000,260,272 | RHS- | C] () -- C:\cmldr [2011.02.19 19:15:45 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011.02.19 19:15:45 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011.02.19 19:15:44 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011.02.19 19:15:44 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011.02.19 19:15:44 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011.02.19 19:12:04 | 000,033,645 | ---- | C] () -- C:\Documents and Settings\FTR\Asztal\confirmation.aspx [2011.02.19 18:58:29 | 000,000,415 | ---- | C] () -- C:\Documents and Settings\FTR\Asztal\details.aspx [2011.02.19 18:56:39 | 004,271,141 | R--- | C] () -- C:\Documents and Settings\FTR\Asztal\ComboFix.exe [2011.02.09 13:56:29 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2011.02.06 19:32:01 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\FTR\Asztal\Counter-Strike 1.6.lnk [2011.02.06 02:11:20 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn [2011.02.06 02:11:20 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for [2011.02.06 01:23:26 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\FTR\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011.02.06 01:23:26 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Asztal\Mozilla Firefox.lnk [2011.01.31 10:05:50 | 001,966,080 | ---- | C] () -- C:\WINDOWS\System32\tabló.pdf [2011.01.28 04:35:26 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\imon1.dat [2011.01.14 23:13:28 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2010.12.24 12:36:48 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS [2010.12.24 12:35:31 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys [2010.09.27 20:19:49 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\FTR\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.09.27 01:57:19 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2010.09.25 21:22:42 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010.09.25 20:40:50 | 000,015,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys [2004.10.12 06:40:58 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2004.10.12 06:39:48 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2004.10.12 06:39:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2004.10.09 06:40:16 | 000,454,144 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2004.10.05 08:16:08 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2004.10.03 17:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll ========== LOP Check ========== [2010.10.04 12:38:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk [2010.09.25 21:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\GHISLER [2010.09.25 21:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\HEXelon [2010.10.04 12:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FTR\Application Data\Autodesk [2010.12.23 21:55:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FTR\Application Data\BinarySense [2010.09.25 22:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FTR\Application Data\DeepBurner [2010.09.27 00:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FTR\Application Data\FCSB000062215 [2010.09.25 20:02:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FTR\Application Data\GHISLER [2011.02.09 13:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FTR\Application Data\Graphisoft [2010.09.25 20:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FTR\Application Data\HEXelon [2010.12.22 17:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FTR\Application Data\Opera [2010.09.28 08:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FTR\Application Data\SumatraPDF [2010.09.27 00:21:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FTR\Application Data\uTorrent ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.03.11 01:40:32 | 017,817,560 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys < MD5 for: ATAPI.SYS > [2009.03.11 01:40:32 | 017,817,560 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008.04.13 10:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys [2008.04.13 10:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2008.04.13 11:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys < MD5 for: EVENTLOG.DLL > [2008.04.15 12:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4BFA2DC223A814CCD1D07C6A0E26C72B -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008.04.15 12:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4BFA2DC223A814CCD1D07C6A0E26C72B -- C:\WINDOWS\system32\eventlog.dll < MD5 for: IASTOR.SYS > [2009.03.11 01:37:08 | 000,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\WINDOWS\NLDRV\008\iastor.sys [2009.03.11 01:37:14 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\WINDOWS\NLDRV\009\iastor.sys < MD5 for: NETLOGON.DLL > [2008.04.15 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=A792F49B07A36D7F64D236C45BAC4A50 -- C:\WINDOWS\ERDNT\cache\netlogon.dll [2008.04.15 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=A792F49B07A36D7F64D236C45BAC4A50 -- C:\WINDOWS\system32\netlogon.dll < MD5 for: NVGTS.SYS > [2009.03.11 01:37:29 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=37954CD1D0AFC11BECD149F7C3EC88C2 -- C:\WINDOWS\NLDRV\014\nvgts.sys [2009.03.11 01:37:32 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=EA98BFE4931BD13D747D647C1859796E -- C:\WINDOWS\NLDRV\015\nvgts.sys < MD5 for: NVRD32.SYS > [2009.03.11 01:37:31 | 000,133,152 | ---- | M] (NVIDIA Corporation) MD5=BEF704AA9E17D176A46DDF77C6A52194 -- C:\WINDOWS\NLDRV\014\nvrd32.sys < MD5 for: SCECLI.DLL > [2008.04.15 12:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=4F6A0B812BD286E97E26DF3E225ABCFB -- C:\WINDOWS\ERDNT\cache\scecli.dll [2008.04.15 12:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=4F6A0B812BD286E97E26DF3E225ABCFB -- C:\WINDOWS\system32\scecli.dll < MD5 for: VIAMRAID.SYS > [2009.03.11 01:37:37 | 000,117,248 | ---- | M] (VIA Technologies inc,.ltd) MD5=00046AA2E396EDC2238556E740A8E5AF -- C:\WINDOWS\NLDRV\022\viamraid.sys < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2010.09.25 21:20:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2010.09.25 21:20:52 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2010.09.25 21:20:51 | 000,446,464 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\system32\drivers\*.sys /90 > < End of report > OTL Extras logfile created on: 2011.02.19. 21:26:00 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\FTR\Asztal Windows XP Professional Edition Szervizcsomag 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000040E | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd. 751,00 Mb Total Physical Memory | 228,00 Mb Available Physical Memory | 30,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 62,00% Paging File free Paging file location(s): C:\pagefile.sys 1128 2256 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 16,82 Gb Total Space | 5,29 Gb Free Space | 31,42% Space Free | Partition Type: NTFS Drive D: | 39,06 Gb Total Space | 10,74 Gb Free Space | 27,51% Space Free | Partition Type: NTFS Computer Name: FTR-7CBA9B98186 | User Name: FTR | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-1390067357-842925246-1644491937-1003\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 "DisableUnicastResponsesToMulticastBroadcast" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 "DisableNotifications" = 0 "DisableUnicastResponsesToMulticastBroadcast" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\TC UP\PLUGINS\Media\uTorrent\utorrent.exe" = C:\Program Files\TC UP\PLUGINS\Media\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Digsby\digsby.exe" = C:\Program Files\Digsby\digsby.exe:*:Enabled:Digsby -- () "C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{236BB7C4-4419-42FD-040E-1E257A25E34D}" = Adobe Photoshop CS2 "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23 "{350C940e-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5783F2D7-0201-040E-0002-0060B0CE6BBA}" = AutoCAD 2004 Magyar verzió "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05 "{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0 "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile "{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer "{90140000-0010-040E-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Hungarian) 14 "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-040E-0000-0000000FF1CE}" = Microsoft Office Access MUI (Hungarian) 2010 "{90140000-0016-040E-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Hungarian) 2010 "{90140000-0018-040E-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Hungarian) 2010 "{90140000-0019-040E-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Hungarian) 2010 "{90140000-001A-040E-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Hungarian) 2010 "{90140000-001B-040E-0000-0000000FF1CE}" = Microsoft Office Word MUI (Hungarian) 2010 "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010 "{90140000-002C-040E-0000-0000000FF1CE}" = Microsoft Office Proofing (Hungarian) 2010 "{90140000-0044-040E-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Hungarian) 2010 "{90140000-006E-040E-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Hungarian) 2010 "{90140000-00A1-040E-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Hungarian) 2010 "{90140000-00BA-040E-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Hungarian) 2010 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch "{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch "{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0 "{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX v2.1 "{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-040E-1E257A25E34D}" = Adobe Photoshop CS2 "AIMP2" = AIMP2 "Autodesk Express Viewer" = Autodesk Express Viewer "CCleaner" = CCleaner (remove only) "CdaC13Ba" = SafeCast Shared Components "ClocX" = ClocX (1.5b1) "Counter-Strike 1.6" = Counter-Strike 1.6 "Digsby" = Digsby "Digsby Donates" = Digsby Donates "DivX Setup.divx.com" = DivX Setup "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "HControl" = ATK0100 ACPI UTILITY "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "NOD32" = NOD32 antivirus system "ObjectDock" = ObjectDock "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "Picasa 3" = Picasa 3 "QuickTime" = QuickTime "SynTPDeinstKey" = Synaptics Pointing Device Driver "Total Commander Ultima Prime 3.1_is1" = TC UP "XP Codec Pack" = XP Codec Pack ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1390067357-842925246-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2011.01.18. 18:31:15 | Computer Name = FTR-7CBA9B98186 | Source = Application Error | ID = 1000 Description = Hibás alkalmazás: digsby-app.exe, verzió: 1.0.0.0, hibás modul: unknown, verzió: 0.0.0.0, memóriacím: 0x00000000. Error - 2011.01.21. 5:31:30 | Computer Name = FTR-7CBA9B98186 | Source = Application Error | ID = 1000 Description = Hibás alkalmazás: acrobat.exe, verzió: 9.0.0.332, hibás modul: acrobat.dll, verzió: 9.0.0.332, memóriacím: 0x001c5154. Error - 2011.01.31. 12:51:15 | Computer Name = FTR-7CBA9B98186 | Source = EventSystem | ID = 4609 Description = A COM+ eseményrendszer rossz visszatérő kódot észlelt a belső feldolgozás során. HRESULT: 800706BA a(z) 44 / d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp sorból. Forduljon a Microsoft technikai tanácsadásához, és jelezze a hibá Error - 2011.02.05. 20:15:14 | Computer Name = FTR-7CBA9B98186 | Source = MsiInstaller | ID = 11500 Description = Product: Windows Media Player Firefox Plugin -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one. Error - 2011.02.05. 20:15:15 | Computer Name = FTR-7CBA9B98186 | Source = MsiInstaller | ID = 11500 Description = Product: Windows Media Player Firefox Plugin -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one. Error - 2011.02.05. 20:15:32 | Computer Name = FTR-7CBA9B98186 | Source = MsiInstaller | ID = 11500 Description = Product: Windows Media Player Firefox Plugin -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one. Error - 2011.02.05. 20:15:33 | Computer Name = FTR-7CBA9B98186 | Source = MsiInstaller | ID = 11500 Description = Product: Windows Media Player Firefox Plugin -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one. Error - 2011.02.05. 20:16:44 | Computer Name = FTR-7CBA9B98186 | Source = MsiInstaller | ID = 11500 Description = Product: Windows Media Player Firefox Plugin -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one. Error - 2011.02.05. 21:21:57 | Computer Name = FTR-7CBA9B98186 | Source = Application Error | ID = 1000 Description = Hibás alkalmazás: chrome.exe, verzió: 0.0.0.0, hibás modul: imon.dll, verzió: 2.70.42.0, memóriacím: 0x00020d87. Error - 2011.02.06. 18:11:49 | Computer Name = FTR-7CBA9B98186 | Source = Application Error | ID = 1000 Description = Hibás alkalmazás: starcraft + broodwar + patch 1.1.61.exe, verzió: 0.0.0.0, hibás modul: , verzió: 0.0.0.0, memóriacím: 0x00000000. [ System Events ] Error - 2011.02.19. 14:17:56 | Computer Name = FTR-7CBA9B98186 | Source = Service Control Manager | ID = 7031 Description = A(z) NOD32 Kernel Service szolgáltatás váratlanul leállt. Ez a(z) 1. alkalommal fordult elő. 0 milliszekundumon belül a következő ellenintézkedés történik: A szolgáltatás újraindítása. Error - 2011.02.19. 14:18:08 | Computer Name = FTR-7CBA9B98186 | Source = Service Control Manager | ID = 7031 Description = A(z) NOD32 Kernel Service szolgáltatás váratlanul leállt. Ez a(z) 2. alkalommal fordult elő. 0 milliszekundumon belül a következő ellenintézkedés történik: A szolgáltatás újraindítása. Error - 2011.02.19. 14:18:15 | Computer Name = FTR-7CBA9B98186 | Source = Service Control Manager | ID = 7031 Description = A(z) NOD32 Kernel Service szolgáltatás váratlanul leállt. Ez a(z) 3. alkalommal fordult elő. 0 milliszekundumon belül a következő ellenintézkedés történik: A szolgáltatás újraindítása. Error - 2011.02.19. 14:18:29 | Computer Name = FTR-7CBA9B98186 | Source = Service Control Manager | ID = 7034 Description = A(z) C-DillaCdaC11BA szolgáltatás váratlanul leállt. Ez a(z) 1. alkalommal fordult elő. Error - 2011.02.19. 14:18:33 | Computer Name = FTR-7CBA9B98186 | Source = Service Control Manager | ID = 7031 Description = A(z) KMService szolgáltatás váratlanul leállt. Ez a(z) 1. alkalommal fordult elő. 60000 milliszekundumon belül a következő ellenintézkedés történik: A szolgáltatás újraindítása. Error - 2011.02.19. 14:18:53 | Computer Name = FTR-7CBA9B98186 | Source = Service Control Manager | ID = 7031 Description = A(z) NOD32 Kernel Service szolgáltatás váratlanul leállt. Ez a(z) 4. alkalommal fordult elő. 0 milliszekundumon belül a következő ellenintézkedés történik: A szolgáltatás újraindítása. Error - 2011.02.19. 14:22:44 | Computer Name = FTR-7CBA9B98186 | Source = Service Control Manager | ID = 7031 Description = A(z) KMService szolgáltatás váratlanul leállt. Ez a(z) 1. alkalommal fordult elő. 60000 milliszekundumon belül a következő ellenintézkedés történik: A szolgáltatás újraindítása. Error - 2011.02.19. 14:25:02 | Computer Name = FTR-7CBA9B98186 | Source = Service Control Manager | ID = 7031 Description = A(z) KMService szolgáltatás váratlanul leállt. Ez a(z) 1. alkalommal fordult elő. 60000 milliszekundumon belül a következő ellenintézkedés történik: A szolgáltatás újraindítása. Error - 2011.02.19. 14:33:08 | Computer Name = FTR-7CBA9B98186 | Source = Service Control Manager | ID = 7022 Description = A következő szolgáltatás nem indul el: NOD32 Kernel Service. Error - 2011.02.19. 14:35:19 | Computer Name = FTR-7CBA9B98186 | Source = Service Control Manager | ID = 7034 Description = A(z) C-DillaCdaC11BA szolgáltatás váratlanul leállt. Ez a(z) 1. alkalommal fordult elő. < End of report > |
Szerző: | stell [ szomb. feb. 19, 2011 20:56 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
tolds le az asztalra OTListIt2>> OTL futtasdt -bepipazni -Scan all users. -Lop check. -Purity check. -v sekciobaExtra Registry>potyozd be>Use SafeList -az ablakba Custom Scans/Fixes>tedd be a zold textet-klik-Run SCAN -a skan vegen-tedd be a naplokat -OTL.txt (az asztalon lesz). -Extras.txt [a talcan lesz.] Kód: msconfig safebootminimal activex drivers32 netsvcs %SYSTEMDRIVE%\*.exe /md5start eventlog.dll scecli.dll netlogon.dll cngaudit.dll sceclt.dll ntelogon.dll logevent.dll iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys nvrd32.sys symmpi.sys adp3132.sys mv61xx.sys nvraid.sys /md5stop %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\drivers\*.sys /90 |
Szerző: | FTR [ szomb. feb. 19, 2011 20:55 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
torrent jó videók rossz hang most jó |
Szerző: | stell [ szomb. feb. 19, 2011 20:42 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
ok, meg az említett problémák fennállnak e?? |
Szerző: | FTR [ szomb. feb. 19, 2011 20:39 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
http://www.virustotal.com/file-scan/rep ... 298142374# http://www.virustotal.com/file-scan/rep ... 1298143041 http://www.virustotal.com/file-scan/rep ... 1298143245 http://www.virustotal.com/file-scan/rep ... 1298143410 http://www.virustotal.com/file-scan/rep ... 1298143520 http://www.virustotal.com/file-scan/rep ... 1298143763 |
Szerző: | stell [ szomb. feb. 19, 2011 19:56 ] |
Hozzászólás témája: | Re: Idegesítő problémák a géppel |
Teszteld le a www.virustotal.com Ha kiirja hogy mar volt tesztelve>>klik>>REANALYSE Az linkeket a tesztrol tedd ide. c:\windows\system32\drivers\tcpip.sys c:\windows\system32\es.dll c:\windows\system32\mswsock.dll c:\windows\system32\mspmsnsv.dll c:\program files\Digsby Donates\ShoppingBHO.dll c:\program files\Digsby\digsby.exe |
Szerző: | FTR [ szomb. feb. 19, 2011 19:44 ] |
Hozzászólás témája: | Idegesítő problémák a géppel |
Üdv! itt a log: ComboFix 11-02-18.05 - FTR 011.02.19. 19:22:55.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.36.1038.18.751.417 [GMT 1:00] Running from: c:\documents and settings\FTR\Asztal\ComboFix.exe AV: ESET NOD32 Antivirus System 2.70 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\FTR\Application Data\Local c:\documents and settings\FTR\Application Data\Local\Temp\DDM\Settings\0.ddi c:\documents and settings\FTR\Application Data\Local\Temp\DDM\Settings\1.ddi c:\documents and settings\FTR\Application Data\Local\Temp\DDM\Settings\2.ddi c:\documents and settings\FTR\Application Data\Local\Temp\DDM\Settings\dffklnypvikc.avi.ddr c:\documents and settings\FTR\Application Data\Local\Temp\DDM\Settings\idnhslmibthq.avi.ddr c:\documents and settings\FTR\Application Data\Local\Temp\DDM\Settings\iyjvjhuzhqnp.avi.ddr c:\documents and settings\FTR\Application Data\Local\Temp\DDM\Settings\settings.ddi c:\documents and settings\FTR\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\dffklnypvikc.avi c:\documents and settings\FTR\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\idnhslmibthq.avi.ddp c:\documents and settings\FTR\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\iyjvjhuzhqnp.avi c:\windows\daemon.dll . ((((((((((((((((((((((((( Files Created from 2011-01-19 to 2011-02-19 ))))))))))))))))))))))))))))))) . 2011-02-19 18:30 . 2011-02-19 18:30 -------- d-----w- c:\windows\system32\xircom 2011-02-19 18:30 . 2011-02-19 18:30 -------- d-----w- c:\windows\system32\wbem\snmp 2011-02-19 18:30 . 2011-02-19 18:30 -------- d-----w- c:\program files\microsoft frontpage 2011-02-06 22:09 . 2011-02-06 22:09 -------- d-----w- c:\program files\Starcraft 2011-02-06 18:29 . 2011-02-06 23:15 -------- d-----w- c:\program files\Counter-Strike 1.6 2011-02-06 01:11 . 2011-02-06 01:11 1409 ----a-w- c:\windows\QTFont.for 2011-02-06 00:15 . 2011-02-06 00:14 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-02-06 00:15 . 2011-02-06 00:14 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-02-02 00:40 . 2010-07-12 18:36 133616 ------w- c:\windows\system32\pxafs.dll 2011-02-02 00:40 . 2010-07-12 18:36 126448 ------w- c:\windows\system32\pxinsi64.exe 2011-02-02 00:40 . 2010-07-12 18:36 123888 ------w- c:\windows\system32\pxcpyi64.exe 2011-01-21 14:44 . 2011-01-21 14:44 439296 ------w- c:\windows\system32\dllcache\shimgvw.dll 2011-01-20 20:56 . 2011-02-09 12:58 -------- d-----w- c:\windows\ie8updates . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-02-19 14:28 . 2010-10-08 14:28 81920 ----a-w- c:\windows\ALCFDRTM.VER 2011-01-21 14:44 . 2008-04-15 11:00 439296 ----a-w- c:\windows\system32\shimgvw.dll 2011-01-07 14:09 . 2008-04-15 11:00 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-12-31 14:04 . 2009-03-11 00:36 1854976 ----a-w- c:\windows\system32\win32k.sys 2010-12-22 12:34 . 2008-04-15 11:00 301568 ----a-w- c:\windows\system32\kerberos.dll 2010-12-20 17:25 . 2008-04-15 11:00 733696 ----a-w- c:\windows\system32\lsasrv.dll 2010-12-09 15:15 . 2008-04-15 11:00 724992 ----a-w- c:\windows\system32\ntdll.dll 2010-12-09 15:14 . 2009-03-11 00:36 2194176 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-12-09 15:14 . 2008-08-14 18:27 2070784 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-12-09 14:30 . 2008-04-15 11:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr 2010-11-17 08:17 151552 --sha-w- c:\windows\kmsem\KMService.exe 2010-11-17 08:17 8192 --sha-w- c:\windows\system32\srvany.exe . ------- Sigcheck ------- [-] 2009-03-11 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2009-03-11 00:36 . B654958AAD9C242B48F42B9B7B621EB7 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll [-] 2009-03-11 . A89B80B5A9DFABAFB420EF7137068804 . 246784 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll [-] 2009-03-11 00:28 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{998A3C0C-8914-4D2A-AE36-BFA2E5AE6D5D}] 2010-09-26 23:37 647680 ----a-w- c:\program files\Digsby Donates\ShoppingBHO.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-12-03 14944136] "Google Update"="c:\documents and settings\FTR\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-12-22 136176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2010-09-25 951624] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-19 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-19 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-19 114688] "SoundMan"="SOUNDMAN.EXE" [2005-09-21 86016] "AlcWzrd"="ALCWZRD.EXE" [2005-10-11 2807808] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-10-04 98304] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-08-19 737369] "UpdateReminder"="c:\program files\Eset\UpdateReminder.exe" [2010-11-03 413696] "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-11 37232] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376] "DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360] "ASUS Live Update"="c:\program files\ASUS\ASUS Live Update\ALU.exe" [2006-02-21 180224] "HControl"="c:\windows\ATK0100\HControl.exe" [2006-08-10 110592] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-01-10 1230704] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_2"="shell32" [X] "_nltide_3"="advpack.dll" [2010-11-06 124928] c:\documents and settings\FTR\Start Menu\Programs\Indˇt˘pult\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] digsby.lnk - c:\program files\Digsby\digsby.exe [2010-3-3 141488] Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-9-25 3450608] c:\documents and settings\FTR\Start Menu\Programs\Indˇt˘pult\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] digsby.lnk - c:\program files\Digsby\digsby.exe [2010-3-3 141488] Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-9-25 3450608] c:\documents and settings\Default User\Start Menu\Programs\Indˇt˘pult\ Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-9-25 3450608] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\acaptuser32.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\TC UP\\PLUGINS\\Media\\uTorrent\\utorrent.exe"= "c:\\Program Files\\Digsby\\digsby.exe"= "c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2010.09.25. 21:02 155136] R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2010.09.25. 21:02 5248] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2010.09.25. 20:40 15160] R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [2010.09.25. 20:42 15872] R2 KMService;KMService;c:\windows\system32\srvany.exe [2010.11.17. 6:56 8192] S2 gupdate;Google frissítési szolgáltatás (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011.01.19. 0:14 135664] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010.03.25. 6:55 30969208] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010.01.09. 18:07 4640000] . Contents of the 'Scheduled Tasks' folder 2011-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cbb7663d472ad4.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-18 23:14] 2011-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-18 23:14] 2011-02-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-842925246-1644491937-1003Core.job - c:\documents and settings\FTR\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-12-22 17:04] 2011-02-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-842925246-1644491937-1003UA.job - c:\documents and settings\FTR\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-12-22 17:04] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xportálás a Microsoft Excel programba - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll TCP: {4754980C-C4CB-490A-9EC1-2B02C70C07AF} = 85.90.16.90,192.168.255.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL FF - ProfilePath - c:\documents and settings\FTR\Application Data\Mozilla\Firefox\Profiles\bcf1mejs.default\ FF - prefs.js: network.proxy.type - 4 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Digsby Donates: {cbafdacb-a320-4294-9516-494f93d5d1b3} - %profile%\extensions\{cbafdacb-a320-4294-9516-494f93d5d1b3} FF - Ext: Google Docs Viewer: adonis.cuhk@gmail.com - %profile%\extensions\adonis.cuhk@gmail.com FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\DivX\DivX Plus Web Player\firefox\wpa FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff . . ------- File Associations ------- . .scr=AutoCADScriptFile . - - - - ORPHANS REMOVED - - - - AddRemove-CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10431966 - c:\program files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10431966\HXFSETUP.EXE -U -IHDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_10431966 ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-02-19 19:33 Windows 5.1.2600 Szervizcsomag 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'lsass.exe'(860) c:\windows\system32\imon.dll c:\program files\Eset\pr_imon.dll - - - - - - - > 'explorer.exe'(3108) c:\windows\system32\WININET.dll c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf c:\progra~1\MICROS~1\Office14\1038\GrooveIntlResource.dll c:\windows\system32\mshtml.dll c:\windows\system32\msimtf.dll c:\windows\system32\MSCTF.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Java\jre6\bin\jqs.exe c:\windows\kmsem\KMService.exe c:\program files\Eset\nod32krn.exe c:\windows\ATK0100\ATKOSD.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\system32\taskmgr.exe . ************************************************************************** . Completion time: 2011-02-19 19:35:42 - machine was rebooted ComboFix-quarantined-files.txt 2011-02-19 18:35 Pre-Run: 5 562 195 968 bájt szabad Post-Run: 5 694 533 632 bájt szabad WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional - magyar" /noexecute=optin /fastdetect - - End Of File - - 8636FE26F49BBDDC15BFD3D10B483864 |
Oldal: 1 / 1 | Időzóna: UTC + 1 óra |
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |