Megválaszolatlan hozzászólások | Aktív témák Pontos idő: csüt. márc. 28, 2024 21:36



Hozzászólás a témához  [ 27 hozzászólás ] 
vírus "vaku effektussal" help.. 
Szerző Üzenet
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: vírus "vaku effektussal" help..
Ok, nincsen mit köszönöd
Üdv


hétf. jan. 30, 2012 9:28
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: vírus "vaku effektussal" help..
Oksa, rendben. Az eredetit töröltem, a becsomagoltat meghagytam. Nagyon nagyon szépen köszönöm a segítséget! És a kitartó munkát! Azt hiszem Győztünk 8) :lol: :P Ha bármi lenne esetleg akkor írok majd! Köszönöm még egyszer! :)


vas. jan. 29, 2012 23:13
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: vírus "vaku effektussal" help..
Ok, egyelore ne torold azt a fajlot, hagyd meg,, most mar nem veszejes, dolgoz a gepen es meglassuk ha minden jo e.
aztan ird meg.


szomb. jan. 28, 2012 8:04
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: vírus "vaku effektussal" help..
oké...nehezen, de sikerült rábírnom a gépet, hogy induljon el és töltse be a rendszert!
becsomagoltam, feltöltöttem, elküldtem neked priviben
és akkor most törlöm a gépemről manuálisan!


szomb. jan. 28, 2012 0:45
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: vírus "vaku effektussal" help..
uuuhpffff....

átneveztem a fájlt, ujra indítottam a gépet és azóta nem indul el a windows :S
nagyon kapaszkodik ez a fertőzés...... a kérdés az, hogy miben, ennyire? :P


szomb. jan. 28, 2012 0:33
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: vírus "vaku effektussal" help..
igen igy ahogy a Targe cimbora irja,,
1:Nevezd att ezt a fajlot,
C:\Users\Gábor\AppData\Roaming\Access File\Worker\wininiit.exe
wininiit.exe old--ra,

Es probalgasd ki a gepet, ha minden ok, akkor csomagold be ezt a fajlot, es tedd fell ide.
http://leteckaposta.cz/
A linket tedd a privat uzenetbe, es torold ki a szamitogeprol kezzel.


pén. jan. 27, 2012 7:55
Profil Privát üzenet küldése Honlap
a fórum lelke
Avatar

Csatlakozott: szer. márc. 24, 2004 13:43
Hozzászólások: 6663
Hozzászólás Re: vírus "vaku effektussal" help..
Nem feltétlen, de valahogy mégis eléggé gyanús a dolog, és lehet akár valamiféle kártevő is, bár a komolyabb vírusirtók nem haraptak rá.
Azt nem véletlenül írta stell, hogy ilyen dupla i-s fájlnév normálisan nincs fájl. Az elég trükkös megoldás, hogy rendszerfájlhoz nagyon hasonló, első blikkre szinte megkülönböztethetetlen nevet kapott.
Ilyen "valódi" rendszerfájl meg nem tartózkodik a Roaming mappa alatt.
Ki kell nyírni, illetve megtudni, mihez kapcsolódik.
Autoruns program se rossz, hogy ne tudjon elindulni, illetve valamelyik Process Expolrerrel megnézni, hogy fut-e vagy mihez kapcsolódik.
Illetve lehet további irtás.

Én csak azt nem értem, hogy ha kártevő, az újratelepítéssel ki kellett volna nyírnod, ha a telepítőid és programjaid nem voltak fertőzöttek.
Igaz ugyan, hogy az MBR-t nem pucoltad.


csüt. jan. 26, 2012 21:41
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: vírus "vaku effektussal" help..
mégiscsak vírus? :(


csüt. jan. 26, 2012 20:10
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: vírus "vaku effektussal" help..
SHA256: 72400478ddc38e3b719154ad2387a71fecb862196d1a125a69ec96ed5f5d5a81
File name: wininiit.exe
Detection ratio: 13 / 43
Analysis date: 2012-01-26 19:06:28 UTC ( 1 perc ago )
0
0
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Amber 20120126
AntiVir - 20120126
Antiy-AVL RiskTool/Win32.BitCoinMiner.gen 20120126
Avast - 20120126
AVG - 20120126
BitDefender - 20120126
ByteHero - 20120125
CAT-QuickHeal - 20120125
ClamAV - 20120126
Commtouch - 20120126
Comodo ApplicUnsaf.Win32.BitCoinMiner.~A 20120126
DrWeb Tool.BtcMine.18 20120126
Emsisoft Riskware.RiskTool.Win32.BitCoinMiner.AMN!A2 20120126
eSafe Win32.RiskwareBitCoi 20120126
eTrust-Vet - 20120126
F-Prot - 20120126
F-Secure - 20120126
Fortinet Riskware/BitCoinMiner 20120126
GData - 20120126
Ikarus - 20120126
Jiangmin - 20120125
K7AntiVirus Riskware 20120126
Kaspersky not-a-virus:RiskTool.Win32.BitCoinMiner.bev 20120126
McAfee - 20120126
McAfee-GW-Edition - 20120126
Microsoft - 20120126
NOD32 - 20120126
Norman - 20120126
nProtect Trojan/W32.Agent.241664.RP 20120126
Panda - 20120126
PCTools - 20120126
Prevx - 20120126
Rising - 20120118
Sophos - 20120126
SUPERAntiSpyware - 20120126
Symantec - 20120126
TheHacker - 20120126
TrendMicro HKTL_BITMINE 20120126
TrendMicro-HouseCall HKTL_BITMINE 20120126
VBA32 - 20120126
VIPRE RiskTool.Win32.BitCoinMiner 20120126
ViRobot - 20120126
VirusBuster - 20120126


csüt. jan. 26, 2012 20:09
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: vírus "vaku effektussal" help..
tigerpapo írta:
íme az eredmény:

SystemLook 30.07.11 by jpshortstuff
Log created at 22:55 on 22/01/2012 by Gábor
Administrator - Elevation successful

========== filefind ==========

Searching for "WININIIT.EXE"
C:\Users\Gábor\AppData\Roaming\Access File\Worker\wininiit.exe --a---- 241664 bytes [14:28 22/01/2012] [14:28 22/01/2012] DD22D41E1F2AA86FC0AA8E9D82466B39

-= EOF =-


C:\Users\Gábor\AppData\Roaming\Access File\Worker\wininiit.exe
Teszteld le az
www.virustotal.com
a linket tedd ide.


hétf. jan. 23, 2012 8:01
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: vírus "vaku effektussal" help..
íme az eredmény:

SystemLook 30.07.11 by jpshortstuff
Log created at 22:55 on 22/01/2012 by Gábor
Administrator - Elevation successful

========== filefind ==========

Searching for "WININIIT.EXE"
C:\Users\Gábor\AppData\Roaming\Access File\Worker\wininiit.exe --a---- 241664 bytes [14:28 22/01/2012] [14:28 22/01/2012] DD22D41E1F2AA86FC0AA8E9D82466B39

-= EOF =-


vas. jan. 22, 2012 22:57
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: vírus "vaku effektussal" help..
Kapcsold ki a rendszer vissza állítását, restart,, kapcsold be vissza.

Igen meg csinald meg, mert a bat, fajloban, erre az exe fajlora volt utasitas, de nekem ez a exe fajlo nem tetszik mert ijet nem ismerek
WININIIT.EXE

ismerek
WININIT.EXE

es ezert meg akkarom nezni mi ez.


vas. jan. 22, 2012 17:01
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: vírus "vaku effektussal" help..
Ezt az utolsó bejegyzésed még nem csináltam meg, de azóta újraindítottam és úgy tűnik az a vírus okozta a bat-os kavarodást. És most már nem ugrálgat fel-alá az az ablak. Megcsináljam még az utóbb írt lépéseket, vagy így már nem szükséges?


vas. jan. 22, 2012 16:56
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: vírus "vaku effektussal" help..
WININIIT.EXE
1:letöltjük az asztalra.
2:Futtassuk.
3:Az ablakába bemásoljuk a scriptet.
4:Klik-look.
A naplojat tedd ide.
http://jpshortstuff.247fixes.com/SystemLook.exe

Kód:
:filefind
WININIIT.EXE


vas. jan. 22, 2012 16:03
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: vírus "vaku effektussal" help..
file megsemmisült, de egyenlőre még nincs változás....


vas. jan. 22, 2012 15:54
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: vírus "vaku effektussal" help..
megcsináltam, olyan mintha még gyakrabban villogna

ComboFix 12-01-21.02 - Gábor 012.01.22. 15:44:16.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.36.1038.18.2047.1196 [GMT 1:00]
Running from: c:\users\Gßbor\Desktop\ComboFix.exe
Command switches used :: c:\users\Gßbor\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Gábor\15762.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-12-22 to 2012-01-22 )))))))))))))))))))))))))))))))
.
.
2012-01-22 14:48 . 2012-01-22 14:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-22 12:12 . 2012-01-22 12:13 -------- d-----w- C:\rsit
2012-01-22 12:12 . 2012-01-22 12:13 -------- d-----w- c:\program files\trend micro
2012-01-21 19:31 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-01-21 19:31 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-01-21 19:31 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-01-21 19:31 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-01-21 19:31 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-01-21 19:31 . 2011-11-28 17:52 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-01-21 19:31 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2012-01-21 19:31 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe
2012-01-21 19:30 . 2012-01-21 19:30 -------- d-----w- c:\programdata\AVAST Software
2012-01-21 19:30 . 2012-01-21 19:30 -------- d-----w- c:\program files\AVAST Software
2012-01-21 19:16 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2012-01-21 18:26 . 2012-01-21 18:26 -------- d-----w- c:\programdata\Malwarebytes
2012-01-21 18:26 . 2012-01-21 23:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-11 14:16 . 2012-01-11 14:20 -------- d-----w- C:\Star Wars Ultimate Soundtrack Collection
2012-01-10 20:26 . 2012-01-11 15:44 -------- d-----w- C:\Star.Wars.The.Clone.Wars.Season.1.PAL.DVDR.Hungarian-Fibonacci
2012-01-09 00:00 . 2012-01-09 00:01 -------- d-----w- c:\program files\Common Files\AVSMedia
2012-01-09 00:00 . 2012-01-09 00:11 -------- d-----w- c:\programdata\AVS4YOU
2012-01-09 00:00 . 2012-01-09 00:01 -------- d-----w- c:\program files\AVS4YOU
2012-01-09 00:00 . 2008-08-13 09:22 974848 ----a-w- c:\windows\system32\mfc70.dll
2012-01-09 00:00 . 2008-08-13 09:22 487424 ----a-w- c:\windows\system32\msvcp70.dll
2012-01-09 00:00 . 2008-08-13 09:22 344064 ----a-w- c:\windows\system32\msvcr70.dll
2012-01-09 00:00 . 2008-08-13 09:22 1700352 ----a-w- c:\windows\system32\GdiPlus.dll
2012-01-09 00:00 . 2008-08-13 09:22 24576 ----a-w- c:\windows\system32\msxml3a.dll
2012-01-08 18:39 . 2012-01-08 18:39 -------- d-----w- c:\programdata\ImTOO
2012-01-08 18:39 . 2012-01-08 18:39 -------- d-----w- c:\program files\ImTOO
2012-01-07 19:25 . 2008-09-15 15:49 3939328 ----a-w- c:\windows\Photo! 3D ScreenSaver.scr
2012-01-07 19:24 . 2012-01-07 19:24 -------- d-----w- c:\program files\Photo!
2012-01-07 19:10 . 2012-01-07 19:10 -------- d-----w- c:\program files\VideoLAN
2012-01-06 10:25 . 2012-01-22 14:12 -------- d-----w- C:\Fraps
2012-01-06 10:25 . 2012-01-06 10:45 -------- d-----w- c:\program files\TeamSpeak 3 Client
2012-01-06 05:25 . 2012-01-05 21:20 -------- d-----w- c:\windows\Panther
2012-01-06 01:39 . 2012-01-06 10:24 -------- d-----w- c:\program files\TC UP
2012-01-05 23:29 . 2012-01-05 23:29 -------- d-----w- c:\program files\Common Files\BioWare
2012-01-05 23:11 . 2012-01-21 23:48 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-05 23:11 . 2012-01-05 23:11 -------- d-----w- c:\windows\system32\Macromed
2012-01-05 23:07 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2012-01-05 23:03 . 2009-11-25 11:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2012-01-05 23:03 . 2009-11-25 11:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2012-01-05 23:03 . 2009-11-25 11:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2012-01-05 23:03 . 2009-11-25 11:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2012-01-05 23:03 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2012-01-05 22:53 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-01-05 22:51 . 2009-10-10 02:57 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2012-01-05 22:51 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2012-01-05 22:48 . 2008-05-30 13:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2012-01-05 22:48 . 2009-09-03 07:04 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2012-01-05 22:48 . 2009-08-19 07:20 507568 ----a-w- c:\windows\system32\winload.exe
2012-01-05 22:48 . 2009-08-19 07:20 442920 ----a-w- c:\windows\system32\winresume.exe
2012-01-05 22:48 . 2010-11-02 04:35 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2012-01-05 22:48 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll
2012-01-05 22:48 . 2010-11-02 04:35 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-01-05 22:48 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2012-01-05 22:48 . 2010-11-02 04:41 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-01-05 22:48 . 2010-06-26 05:14 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2012-01-05 22:48 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-01-05 22:46 . 2010-10-27 04:40 1289536 ----a-w- c:\windows\system32\ntdll.dll
2012-01-05 22:45 . 2011-02-19 05:32 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-01-05 22:44 . 2010-06-19 06:23 37376 ----a-w- c:\windows\system32\rtutils.dll
2012-01-05 22:43 . 2011-02-24 05:32 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-01-05 22:43 . 2011-10-01 04:43 708608 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-01-05 22:43 . 2010-08-21 05:33 530432 ----a-w- c:\windows\system32\comctl32.dll
2012-01-05 22:43 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll
2012-01-05 22:43 . 2010-07-29 06:30 197632 ----a-w- c:\windows\system32\ir32_32.dll
2012-01-05 22:43 . 2010-07-29 06:30 82944 ----a-w- c:\windows\system32\iccvid.dll
2012-01-05 22:43 . 2010-10-16 04:41 101760 ----a-w- c:\windows\system32\consent.exe
2012-01-05 22:43 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll
2012-01-05 22:42 . 2012-01-05 22:42 -------- d-----w- c:\program files\TeamViewer
2012-01-05 22:39 . 2012-01-05 22:39 -------- d-----w- c:\program files\uTorrent
2012-01-05 22:37 . 2011-04-22 19:36 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2012-01-05 22:36 . 2010-11-02 04:46 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-01-05 22:36 . 2011-02-03 05:45 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-01-05 22:36 . 2010-11-02 04:23 107520 ----a-w- c:\windows\system32\cdd.dll
2012-01-05 22:21 . 2012-01-05 22:21 -------- d-----w- c:\programdata\ATI
2012-01-05 22:15 . 2012-01-05 22:21 -------- d-----w- c:\program files\ATI Technologies
2012-01-05 22:15 . 2012-01-05 22:15 -------- d-----w- c:\program files\ATI
2012-01-05 22:14 . 2012-01-05 22:14 -------- d-----w- C:\ATI
2012-01-05 21:40 . 2011-11-30 01:21 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C9A83E99-2C9E-4803-927B-7C4DAA97F08A}\mpengine.dll
2012-01-05 21:40 . 2011-11-15 13:29 222080 ------w- c:\windows\system32\MpSigStub.exe
2012-01-05 21:39 . 2012-01-21 23:28 -------- d-sh--w- c:\windows\Installer
2012-01-05 21:26 . 2012-01-22 14:16 -------- d-----w- c:\windows\system32\wbem\Performance
2012-01-05 21:20 . 2012-01-22 14:48 -------- d-----w- c:\users\Gábor
2012-01-05 21:19 . 2012-01-05 21:19 -------- d-sh--we c:\users\Default\Sablonok
2012-01-05 21:19 . 2012-01-05 21:19 -------- d-sh--we c:\users\Default\Dokumentumok
2012-01-05 21:19 . 2012-01-05 21:19 -------- d-sh--we c:\programdata\Sablonok
2012-01-05 21:19 . 2012-01-05 21:19 -------- d-sh--we c:\programdata\Dokumentumok
2012-01-05 21:19 . 2012-01-05 21:19 -------- d-sh--we c:\programdata\Asztal
2012-01-05 21:19 . 2012-01-05 21:19 -------- d-----w- C:\Recovery
2012-01-05 20:27 . 2012-01-05 20:27 0 ----a-w- c:\windows\ativpsrm.bin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-21 07:54 . 2012-01-05 22:26 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 VD_FileDisk;VD_FileDisk; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-07-19 225280]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-07-20 47104]
.
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Gábor\AppData\Roaming\Mozilla\Firefox\Profiles\sc5snaof.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-01-22 15:50:39
ComboFix-quarantined-files.txt 2012-01-22 14:50
ComboFix2.txt 2012-01-22 13:34
.
Pre-Run: 5 004 414 976 bájt szabad
Post-Run: 4 958 588 928 bájt szabad
.
- - End Of File - - C5FB6C49549F79FE7AAA6299FF6144B4


vas. jan. 22, 2012 15:53
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: vírus "vaku effektussal" help..
Kinyitunk - Notepadot (Jegyzetfüzetet)igy: Start>futtatás>beírod: notepad
és bemásolod- a Kód: címszó alatt található zöld textet(Kód: szó nélkül), aztán a notepadba beillesztett textet elmentjük scriptnek az asztalra , úgy:- Fájl>Mentés Másként>Fájlnév>CFScript.txt>Fájl típusa>Minden fájl>Mentés.(Ásztálra),.Kész, az astalon lévő CFScript txt húzzunk rá a ComboFix ikonnyara. Es mostan megcsinalod eztett:
Kép
A combofix maga elindul es lehet hogy restartol es befejezi a scent.Amit majd ad tedd ide.

Kód:
KILLALL::
File::
c:\users\Gábor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\15762.exe
c:\users\Gábor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\15762.exe
ClearJavaCache::


vas. jan. 22, 2012 15:34
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: vírus "vaku effektussal" help..
VirusTotal
SHA256: c656bf9ce8555595a2602e12815e27295af3d32f640383a1f401fe65e79b55cc
Detection ratio: 1 / 43
Analysis date: 2012-01-22 14:29:54 UTC ( 1 minute ago )
0
0
Antivirus Result Update
AhnLab-V3 - 20120122
AntiVir TR/Dropper.Gen2 20120122
Antiy-AVL - 20120121
Avast - 20120122
AVG - 20120122
BitDefender - 20120122
ByteHero - 20120116
CAT-QuickHeal - 20120122
ClamAV - 20120121
Commtouch - 20120122
Comodo - 20120121
DrWeb - 20120122
Emsisoft - 20120122
eSafe - 20120120
eTrust-Vet - 20120121
F-Prot - 20120121
F-Secure - 20120122
Fortinet - 20120122
GData - 20120122
Ikarus - 20120122
Jiangmin - 20120121
K7AntiVirus - 20120120
Kaspersky - 20120122
McAfee - 20120120
McAfee-GW-Edition - 20120121
Microsoft - 20120122
NOD32 - 20120122
Norman - 20120122
nProtect - 20120122
Panda - 20120122
PCTools - 20120122
Prevx - 20120122
Rising - 20120118
Sophos - 20120122
SUPERAntiSpyware - 20120121
Symantec - 20120122
TheHacker - 20120122
TrendMicro - 20120122
TrendMicro-HouseCall - 20120122
VBA32 - 20120120
VIPRE - 20120122
ViRobot - 20120122
VirusBuster - 20120121


vas. jan. 22, 2012 15:32
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: vírus "vaku effektussal" help..
Meg ez is virus,
c:\users\Gábor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\15762.exe

Teszteld le a
www.virustotal.com
a linket a tesztrol tedd ide.


vas. jan. 22, 2012 15:18
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: vírus "vaku effektussal" help..
mégsem iktattuk ki :s újraindítás után visszatért :s
pióca :hm: :evil:


vas. jan. 22, 2012 15:15
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: vírus "vaku effektussal" help..
14:08:33.0105 3328 WacomPen - ok
14:08:33.0129 3328 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
14:08:33.0131 3328 WANARP - ok
14:08:33.0136 3328 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
14:08:33.0137 3328 Wanarpv6 - ok
14:08:33.0170 3328 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
14:08:33.0171 3328 Wd - ok
14:08:33.0226 3328 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
14:08:33.0231 3328 Wdf01000 - ok
14:08:33.0289 3328 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
14:08:33.0291 3328 WfpLwf - ok
14:08:33.0300 3328 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
14:08:33.0302 3328 WIMMount - ok
14:08:33.0351 3328 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:08:33.0352 3328 WmiAcpi - ok
14:08:33.0390 3328 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
14:08:33.0391 3328 ws2ifsl - ok
14:08:33.0417 3328 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
14:08:33.0420 3328 WudfPf - ok
14:08:33.0450 3328 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:08:33.0453 3328 WUDFRd - ok
14:08:33.0493 3328 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:08:33.0539 3328 \Device\Harddisk0\DR0 - ok
14:08:33.0554 3328 Boot (0x1200) (cb0549ed05af27be36a4eab019f02f93) \Device\Harddisk0\DR0\Partition0
14:08:33.0556 3328 \Device\Harddisk0\DR0\Partition0 - ok
14:08:33.0561 3328 Boot (0x1200) (95029b67e3bdbd2cda701f691b836395) \Device\Harddisk0\DR0\Partition1
14:08:33.0562 3328 \Device\Harddisk0\DR0\Partition1 - ok
14:08:33.0584 3328 Boot (0x1200) (737cad3952408e2fbcb99f60941ab04c) \Device\Harddisk0\DR0\Partition2
14:08:33.0585 3328 \Device\Harddisk0\DR0\Partition2 - ok
14:08:33.0606 3328 Boot (0x1200) (215ddbc2006bf5ecea89eb943bb4825c) \Device\Harddisk0\DR0\Partition3
14:08:33.0609 3328 \Device\Harddisk0\DR0\Partition3 - ok
14:08:33.0609 3328 ============================================================
14:08:33.0609 3328 Scan finished
14:08:33.0610 3328 ============================================================
14:08:33.0636 0416 Detected object count: 0
14:08:33.0636 0416 Actual detected object count: 0
14:09:12.0229 3860 ============================================================
14:09:12.0229 3860 Scan started
14:09:12.0229 3860 Mode: Manual; SigCheck; TDLFS;
14:09:12.0229 3860 ============================================================
14:09:12.0509 3860 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
14:09:12.0614 3860 1394ohci - ok
14:09:12.0639 3860 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
14:09:12.0653 3860 ACPI - ok
14:09:12.0674 3860 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
14:09:12.0691 3860 AcpiPmi - ok
14:09:12.0714 3860 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
14:09:12.0730 3860 adp94xx - ok
14:09:12.0743 3860 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
14:09:12.0757 3860 adpahci - ok
14:09:12.0767 3860 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
14:09:12.0779 3860 adpu320 - ok
14:09:12.0824 3860 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
14:09:12.0859 3860 AFD - ok
14:09:12.0874 3860 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
14:09:12.0884 3860 agp440 - ok
14:09:12.0908 3860 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
14:09:12.0919 3860 aic78xx - ok
14:09:12.0938 3860 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
14:09:12.0948 3860 aliide - ok
14:09:12.0957 3860 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
14:09:12.0969 3860 amdagp - ok
14:09:12.0988 3860 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
14:09:12.0997 3860 amdide - ok
14:09:13.0018 3860 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
14:09:13.0041 3860 AmdK8 - ok
14:09:13.0061 3860 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
14:09:13.0090 3860 AmdPPM - ok
14:09:13.0107 3860 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
14:09:13.0118 3860 amdsata - ok
14:09:13.0129 3860 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
14:09:13.0141 3860 amdsbs - ok
14:09:13.0158 3860 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
14:09:13.0167 3860 amdxata - ok
14:09:13.0187 3860 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
14:09:13.0209 3860 AppID - ok
14:09:13.0229 3860 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
14:09:13.0239 3860 arc - ok
14:09:13.0256 3860 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
14:09:13.0267 3860 arcsas - ok
14:09:13.0294 3860 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\Windows\system32\drivers\aswFsBlk.sys
14:09:13.0319 3860 aswFsBlk - ok
14:09:13.0340 3860 aswMonFlt (258143605e77e4008f1758481d6a977d) C:\Windows\system32\drivers\aswMonFlt.sys
14:09:13.0350 3860 aswMonFlt - ok
14:09:13.0371 3860 aswRdr (352d5a48ebab35a7693b048679304831) C:\Windows\system32\drivers\aswRdr.sys
14:09:13.0380 3860 aswRdr - ok
14:09:13.0405 3860 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\Windows\system32\drivers\aswSnx.sys
14:09:13.0421 3860 aswSnx - ok
14:09:13.0437 3860 aswSP (010012597333da1f46c3243f33f8409e) C:\Windows\system32\drivers\aswSP.sys
14:09:13.0450 3860 aswSP - ok
14:09:13.0460 3860 aswTdi (f9f84364416658e9786235904d448d37) C:\Windows\system32\drivers\aswTdi.sys
14:09:13.0469 3860 aswTdi - ok
14:09:13.0485 3860 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
14:09:13.0517 3860 AsyncMac - ok
14:09:13.0550 3860 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
14:09:13.0560 3860 atapi - ok
14:09:13.0701 3860 atikmdag (7db96c2801a78513bdc133c25d07929e) C:\Windows\system32\DRIVERS\atikmdag.sys
14:09:13.0824 3860 atikmdag - ok
14:09:13.0931 3860 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
14:09:13.0967 3860 b06bdrv - ok
14:09:14.0004 3860 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
14:09:14.0028 3860 b57nd60x - ok
14:09:14.0058 3860 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
14:09:14.0094 3860 Beep - ok
14:09:14.0128 3860 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
14:09:14.0156 3860 blbdrive - ok
14:09:14.0186 3860 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
14:09:14.0205 3860 bowser - ok
14:09:14.0221 3860 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:09:14.0244 3860 BrFiltLo - ok
14:09:14.0260 3860 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:09:14.0284 3860 BrFiltUp - ok
14:09:14.0306 3860 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
14:09:14.0322 3860 Brserid - ok
14:09:14.0331 3860 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
14:09:14.0362 3860 BrSerWdm - ok
14:09:14.0382 3860 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:09:14.0403 3860 BrUsbMdm - ok
14:09:14.0420 3860 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
14:09:14.0447 3860 BrUsbSer - ok
14:09:14.0480 3860 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
14:09:14.0509 3860 BthEnum - ok
14:09:14.0519 3860 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
14:09:14.0539 3860 BTHMODEM - ok
14:09:14.0562 3860 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
14:09:14.0589 3860 BthPan - ok
14:09:14.0622 3860 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys
14:09:14.0640 3860 BTHPORT - ok
14:09:14.0658 3860 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys
14:09:14.0673 3860 BTHUSB - ok
14:09:14.0701 3860 btmhsf (d517ba16793d76210c963dab2a88b74f) C:\Windows\system32\DRIVERS\btmhsf.sys
14:09:14.0727 3860 btmhsf - ok
14:09:14.0743 3860 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
14:09:14.0784 3860 cdfs - ok
14:09:14.0810 3860 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
14:09:14.0832 3860 cdrom - ok
14:09:14.0847 3860 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
14:09:14.0872 3860 circlass - ok
14:09:14.0902 3860 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
14:09:14.0915 3860 CLFS - ok
14:09:14.0927 3860 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
14:09:14.0941 3860 CmBatt - ok
14:09:14.0957 3860 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
14:09:14.0967 3860 cmdide - ok
14:09:14.0988 3860 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
14:09:15.0007 3860 CNG - ok
14:09:15.0020 3860 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
14:09:15.0031 3860 Compbatt - ok
14:09:15.0049 3860 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
14:09:15.0076 3860 CompositeBus - ok
14:09:15.0098 3860 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
14:09:15.0107 3860 crcdisk - ok
14:09:15.0148 3860 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
14:09:15.0164 3860 CSC - ok
14:09:15.0205 3860 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
14:09:15.0224 3860 DfsC - ok
14:09:15.0241 3860 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
14:09:15.0279 3860 discache - ok
14:09:15.0289 3860 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
14:09:15.0300 3860 Disk - ok
14:09:15.0343 3860 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
14:09:15.0367 3860 drmkaud - ok
14:09:15.0412 3860 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
14:09:15.0432 3860 DXGKrnl - ok
14:09:15.0502 3860 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
14:09:15.0551 3860 ebdrv - ok
14:09:15.0586 3860 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
14:09:15.0602 3860 elxstor - ok
14:09:15.0618 3860 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
14:09:15.0643 3860 ErrDev - ok
14:09:15.0674 3860 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
14:09:15.0700 3860 exfat - ok
14:09:15.0721 3860 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
14:09:15.0755 3860 fastfat - ok
14:09:15.0767 3860 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
14:09:15.0782 3860 fdc - ok
14:09:15.0799 3860 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
14:09:15.0810 3860 FileInfo - ok
14:09:15.0818 3860 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
14:09:15.0845 3860 Filetrace - ok
14:09:15.0853 3860 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
14:09:15.0876 3860 flpydisk - ok
14:09:15.0896 3860 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
14:09:15.0909 3860 FltMgr - ok
14:09:15.0936 3860 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
14:09:15.0946 3860 FsDepends - ok
14:09:15.0962 3860 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
14:09:15.0972 3860 Fs_Rec - ok
14:09:16.0007 3860 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
14:09:16.0021 3860 fvevol - ok
14:09:16.0031 3860 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:09:16.0042 3860 gagp30kx - ok
14:09:16.0061 3860 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
14:09:16.0072 3860 hcw85cir - ok
14:09:16.0156 3860 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
14:09:16.0187 3860 HdAudAddService - ok
14:09:16.0212 3860 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:09:16.0235 3860 HDAudBus - ok
14:09:16.0258 3860 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
14:09:16.0281 3860 HidBatt - ok
14:09:16.0291 3860 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
14:09:16.0307 3860 HidBth - ok
14:09:16.0315 3860 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
14:09:16.0331 3860 HidIr - ok
14:09:16.0346 3860 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
14:09:16.0367 3860 HidUsb - ok
14:09:16.0402 3860 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
14:09:16.0413 3860 HpSAMD - ok
14:09:16.0439 3860 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
14:09:16.0579 3860 HTTP - ok
14:09:16.0616 3860 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
14:09:16.0629 3860 hwpolicy - ok
14:09:16.0648 3860 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
14:09:16.0678 3860 i8042prt - ok
14:09:16.0692 3860 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
14:09:16.0710 3860 iaStorV - ok
14:09:16.0746 3860 iBtFltCoex (61401ba4183bc171ba114fce4981bb33) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
14:09:16.0756 3860 iBtFltCoex - ok
14:09:16.0781 3860 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
14:09:16.0791 3860 iirsp - ok
14:09:16.0812 3860 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
14:09:16.0822 3860 intelide - ok
14:09:16.0839 3860 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
14:09:16.0863 3860 intelppm - ok
14:09:16.0876 3860 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:09:16.0902 3860 IpFilterDriver - ok
14:09:16.0925 3860 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:09:16.0937 3860 IPMIDRV - ok
14:09:16.0950 3860 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
14:09:16.0986 3860 IPNAT - ok
14:09:17.0003 3860 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
14:09:17.0021 3860 IRENUM - ok
14:09:17.0038 3860 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
14:09:17.0048 3860 isapnp - ok
14:09:17.0067 3860 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
14:09:17.0080 3860 iScsiPrt - ok
14:09:17.0096 3860 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:09:17.0105 3860 kbdclass - ok
14:09:17.0127 3860 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
14:09:17.0149 3860 kbdhid - ok
14:09:17.0174 3860 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
14:09:17.0184 3860 KSecDD - ok
14:09:17.0221 3860 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
14:09:17.0232 3860 KSecPkg - ok
14:09:17.0261 3860 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
14:09:17.0296 3860 lltdio - ok
14:09:17.0327 3860 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:09:17.0339 3860 LSI_FC - ok
14:09:17.0353 3860 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:09:17.0363 3860 LSI_SAS - ok
14:09:17.0377 3860 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:09:17.0387 3860 LSI_SAS2 - ok
14:09:17.0415 3860 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:09:17.0426 3860 LSI_SCSI - ok
14:09:17.0438 3860 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
14:09:17.0476 3860 luafv - ok
14:09:17.0484 3860 MBAMProtector - ok
14:09:17.0511 3860 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
14:09:17.0521 3860 megasas - ok
14:09:17.0535 3860 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
14:09:17.0549 3860 MegaSR - ok
14:09:17.0567 3860 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
14:09:17.0609 3860 Modem - ok
14:09:17.0631 3860 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
14:09:17.0654 3860 monitor - ok
14:09:17.0675 3860 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
14:09:17.0685 3860 mouclass - ok
14:09:17.0694 3860 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
14:09:17.0721 3860 mouhid - ok
14:09:17.0744 3860 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
14:09:17.0755 3860 mountmgr - ok
14:09:17.0773 3860 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
14:09:17.0785 3860 mpio - ok
14:09:17.0806 3860 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
14:09:17.0839 3860 mpsdrv - ok
14:09:17.0853 3860 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
14:09:17.0872 3860 MRxDAV - ok
14:09:17.0900 3860 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:09:17.0924 3860 mrxsmb - ok
14:09:17.0960 3860 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:09:17.0986 3860 mrxsmb10 - ok
14:09:18.0013 3860 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:09:18.0026 3860 mrxsmb20 - ok
14:09:18.0043 3860 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
14:09:18.0053 3860 msahci - ok
14:09:18.0073 3860 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
14:09:18.0085 3860 msdsm - ok
14:09:18.0111 3860 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
14:09:18.0137 3860 Msfs - ok
14:09:18.0154 3860 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
14:09:18.0180 3860 mshidkmdf - ok
14:09:18.0194 3860 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
14:09:18.0203 3860 msisadrv - ok
14:09:18.0225 3860 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
14:09:18.0264 3860 MSKSSRV - ok
14:09:18.0290 3860 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
14:09:18.0327 3860 MSPCLOCK - ok
14:09:18.0351 3860 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
14:09:18.0397 3860 MSPQM - ok
14:09:18.0420 3860 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
14:09:18.0432 3860 MsRPC - ok
14:09:18.0454 3860 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
14:09:18.0465 3860 mssmbios - ok
14:09:18.0477 3860 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
14:09:18.0516 3860 MSTEE - ok
14:09:18.0536 3860 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
14:09:18.0550 3860 MTConfig - ok
14:09:18.0568 3860 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
14:09:18.0579 3860 Mup - ok
14:09:18.0604 3860 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
14:09:18.0632 3860 NativeWifiP - ok
14:09:18.0674 3860 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
14:09:18.0767 3860 NDIS - ok
14:09:18.0799 3860 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
14:09:18.0845 3860 NdisCap - ok
14:09:18.0866 3860 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
14:09:18.0907 3860 NdisTapi - ok
14:09:18.0916 3860 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
14:09:18.0944 3860 Ndisuio - ok
14:09:18.0965 3860 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
14:09:19.0004 3860 NdisWan - ok
14:09:19.0028 3860 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
14:09:19.0055 3860 NDProxy - ok
14:09:19.0188 3860 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
14:09:19.0215 3860 NetBIOS - ok
14:09:19.0250 3860 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
14:09:19.0288 3860 NetBT - ok
14:09:19.0318 3860 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
14:09:19.0328 3860 nfrd960 - ok
14:09:19.0346 3860 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
14:09:19.0385 3860 Npfs - ok
14:09:19.0406 3860 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
14:09:19.0438 3860 nsiproxy - ok
14:09:19.0479 3860 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
14:09:19.0505 3860 Ntfs - ok
14:09:19.0526 3860 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
14:09:19.0552 3860 Null - ok
14:09:19.0592 3860 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
14:09:19.0612 3860 NVENETFD - ok
14:09:19.0629 3860 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
14:09:19.0641 3860 nvraid - ok
14:09:19.0651 3860 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
14:09:19.0663 3860 nvstor - ok
14:09:19.0687 3860 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
14:09:19.0697 3860 nv_agp - ok
14:09:19.0716 3860 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
14:09:19.0739 3860 ohci1394 - ok
14:09:19.0782 3860 P17 (f646e128be4c7fad952e7876c97984d6) C:\Windows\system32\drivers\P17.sys
14:09:19.0814 3860 P17 - ok
14:09:19.0840 3860 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
14:09:19.0860 3860 Parport - ok
14:09:19.0882 3860 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
14:09:19.0892 3860 partmgr - ok
14:09:19.0911 3860 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
14:09:19.0931 3860 Parvdm - ok
14:09:19.0963 3860 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
14:09:19.0975 3860 pci - ok
14:09:19.0992 3860 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
14:09:20.0002 3860 pciide - ok
14:09:20.0035 3860 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
14:09:20.0048 3860 pcmcia - ok
14:09:20.0067 3860 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
14:09:20.0077 3860 pcw - ok
14:09:20.0115 3860 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
14:09:20.0160 3860 PEAUTH - ok
14:09:20.0220 3860 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
14:09:20.0261 3860 PptpMiniport - ok
14:09:20.0282 3860 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
14:09:20.0308 3860 Processor - ok
14:09:20.0333 3860 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
14:09:20.0361 3860 Psched - ok
14:09:20.0407 3860 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
14:09:20.0438 3860 ql2300 - ok
14:09:20.0454 3860 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
14:09:20.0467 3860 ql40xx - ok
14:09:20.0492 3860 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
14:09:20.0508 3860 QWAVEdrv - ok
14:09:20.0527 3860 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
14:09:20.0564 3860 RasAcd - ok
14:09:20.0589 3860 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:09:20.0623 3860 RasAgileVpn - ok
14:09:20.0646 3860 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:09:20.0685 3860 Rasl2tp - ok
14:09:20.0710 3860 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
14:09:20.0735 3860 RasPppoe - ok
14:09:20.0751 3860 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
14:09:20.0778 3860 RasSstp - ok
14:09:20.0791 3860 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
14:09:20.0835 3860 rdbss - ok
14:09:20.0857 3860 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
14:09:20.0884 3860 rdpbus - ok
14:09:20.0898 3860 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:09:20.0928 3860 RDPCDD - ok
14:09:20.0972 3860 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
14:09:20.0997 3860 RDPDR - ok
14:09:21.0008 3860 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
14:09:21.0042 3860 RDPENCDD - ok
14:09:21.0068 3860 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
14:09:21.0105 3860 RDPREFMP - ok
14:09:21.0131 3860 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
14:09:21.0158 3860 RDPWD - ok
14:09:21.0179 3860 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
14:09:21.0190 3860 rdyboost - ok
14:09:21.0231 3860 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
14:09:21.0260 3860 RFCOMM - ok
14:09:21.0286 3860 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
14:09:21.0322 3860 rspndr - ok
14:09:21.0352 3860 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
14:09:21.0363 3860 s3cap - ok
14:09:21.0448 3860 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
14:09:21.0478 3860 sbp2port - ok
14:09:21.0512 3860 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
14:09:21.0554 3860 scfilter - ok
14:09:21.0586 3860 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:09:21.0622 3860 secdrv - ok
14:09:21.0650 3860 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
14:09:21.0663 3860 Serenum - ok
14:09:21.0679 3860 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
14:09:21.0704 3860 Serial - ok
14:09:21.0726 3860 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
14:09:21.0746 3860 sermouse - ok
14:09:21.0790 3860 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
14:09:21.0816 3860 sffdisk - ok
14:09:21.0835 3860 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:09:21.0854 3860 sffp_mmc - ok
14:09:21.0875 3860 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
14:09:21.0888 3860 sffp_sd - ok
14:09:21.0902 3860 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
14:09:21.0927 3860 sfloppy - ok
14:09:21.0952 3860 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
14:09:21.0963 3860 sisagp - ok
14:09:21.0984 3860 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:09:21.0994 3860 SiSRaid2 - ok
14:09:22.0011 3860 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
14:09:22.0022 3860 SiSRaid4 - ok
14:09:22.0047 3860 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
14:09:22.0084 3860 Smb - ok
14:09:22.0106 3860 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
14:09:22.0117 3860 spldr - ok
14:09:22.0207 3860 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
14:09:22.0292 3860 srv - ok
14:09:22.0351 3860 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
14:09:22.0379 3860 srv2 - ok
14:09:22.0413 3860 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
14:09:22.0441 3860 srvnet - ok
14:09:22.0465 3860 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
14:09:22.0476 3860 stexstor - ok
14:09:22.0513 3860 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
14:09:22.0523 3860 storflt - ok
14:09:22.0545 3860 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
14:09:22.0556 3860 storvsc - ok
14:09:22.0582 3860 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
14:09:22.0593 3860 swenum - ok
14:09:22.0695 3860 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
14:09:22.0724 3860 Tcpip - ok
14:09:22.0751 3860 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
14:09:22.0778 3860 TCPIP6 - ok
14:09:22.0798 3860 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
14:09:22.0837 3860 tcpipreg - ok
14:09:22.0862 3860 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
14:09:22.0902 3860 TDPIPE - ok
14:09:22.0924 3860 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
14:09:22.0949 3860 TDTCP - ok
14:09:22.0968 3860 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
14:09:22.0994 3860 tdx - ok
14:09:23.0011 3860 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
14:09:23.0021 3860 TermDD - ok
14:09:23.0058 3860 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:09:23.0083 3860 tssecsrv - ok
14:09:23.0093 3860 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
14:09:23.0128 3860 tunnel - ok
14:09:23.0176 3860 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
14:09:23.0207 3860 uagp35 - ok
14:09:23.0295 3860 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
14:09:23.0325 3860 udfs - ok
14:09:23.0349 3860 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
14:09:23.0359 3860 uliagpkx - ok
14:09:23.0384 3860 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
14:09:23.0407 3860 umbus - ok
14:09:23.0425 3860 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
14:09:23.0452 3860 UmPass - ok
14:09:23.0488 3860 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
14:09:23.0508 3860 usbccgp - ok
14:09:23.0522 3860 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
14:09:23.0547 3860 usbcir - ok
14:09:23.0568 3860 usbehci (ff32d4f3ec3c68b2ca61782c7964f54e) C:\Windows\system32\DRIVERS\usbehci.sys
14:09:23.0596 3860 usbehci - ok
14:09:23.0619 3860 usbhub (b0dfc7b484e0ca0c27bda5433b82d94a) C:\Windows\system32\DRIVERS\usbhub.sys
14:09:23.0634 3860 usbhub - ok
14:09:23.0653 3860 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
14:09:23.0676 3860 usbohci - ok
14:09:23.0695 3860 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
14:09:23.0716 3860 usbprint - ok
14:09:23.0732 3860 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:09:23.0766 3860 USBSTOR - ok
14:09:23.0793 3860 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
14:09:23.0813 3860 usbuhci - ok
14:09:23.0840 3860 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
14:09:23.0851 3860 vdrvroot - ok
14:09:23.0906 3860 VD_FileDisk (a7a771aebb09b7932ba79d086cc7fd21) C:\Windows\system32\drivers\VD_FileDisk.sys
14:09:23.0915 3860 VD_FileDisk - ok
14:09:23.0955 3860 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
14:09:23.0999 3860 vga - ok
14:09:24.0029 3860 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
14:09:24.0093 3860 VgaSave - ok
14:09:24.0104 3860 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
14:09:24.0117 3860 vhdmp - ok
14:09:24.0132 3860 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
14:09:24.0144 3860 viaagp - ok
14:09:24.0153 3860 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
14:09:24.0179 3860 ViaC7 - ok
14:09:24.0199 3860 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
14:09:24.0210 3860 viaide - ok
14:09:24.0241 3860 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
14:09:24.0254 3860 vmbus - ok
14:09:24.0264 3860 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
14:09:24.0278 3860 VMBusHID - ok
14:09:24.0301 3860 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
14:09:24.0312 3860 volmgr - ok
14:09:24.0337 3860 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
14:09:24.0352 3860 volmgrx - ok
14:09:24.0366 3860 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
14:09:24.0379 3860 volsnap - ok
14:09:24.0390 3860 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
14:09:24.0402 3860 vsmraid - ok
14:09:24.0426 3860 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
14:09:24.0439 3860 vwifibus - ok
14:09:24.0458 3860 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
14:09:24.0472 3860 WacomPen - ok
14:09:24.0502 3860 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
14:09:24.0528 3860 WANARP - ok
14:09:24.0532 3860 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
14:09:24.0559 3860 Wanarpv6 - ok
14:09:24.0594 3860 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
14:09:24.0604 3860 Wd - ok
14:09:24.0668 3860 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
14:09:24.0686 3860 Wdf01000 - ok
14:09:24.0737 3860 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
14:09:24.0763 3860 WfpLwf - ok
14:09:24.0772 3860 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
14:09:24.0783 3860 WIMMount - ok
14:09:24.0832 3860 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:09:24.0855 3860 WmiAcpi - ok
14:09:24.0888 3860 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
14:09:24.0920 3860 ws2ifsl - ok
14:09:24.0943 3860 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
14:09:24.0974 3860 WudfPf - ok
14:09:24.0998 3860 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:09:25.0035 3860 WUDFRd - ok
14:09:25.0066 3860 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:09:25.0814 3860 \Device\Harddisk0\DR0 - ok
14:09:25.0848 3860 Boot (0x1200) (cb0549ed05af27be36a4eab019f02f93) \Device\Harddisk0\DR0\Partition0
14:09:25.0850 3860 \Device\Harddisk0\DR0\Partition0 - ok
14:09:25.0861 3860 Boot (0x1200) (95029b67e3bdbd2cda701f691b836395) \Device\Harddisk0\DR0\Partition1
14:09:25.0862 3860 \Device\Harddisk0\DR0\Partition1 - ok
14:09:25.0879 3860 Boot (0x1200) (737cad3952408e2fbcb99f60941ab04c) \Device\Harddisk0\DR0\Partition2
14:09:25.0880 3860 \Device\Harddisk0\DR0\Partition2 - ok
14:09:25.0899 3860 Boot (0x1200) (215ddbc2006bf5ecea89eb943bb4825c) \Device\Harddisk0\DR0\Partition3
14:09:25.0900 3860 \Device\Harddisk0\DR0\Partition3 - ok
14:09:25.0901 3860 ============================================================
14:09:25.0901 3860 Scan finished
14:09:25.0901 3860 ============================================================
14:09:25.0915 1940 Detected object count: 0
14:09:25.0915 1940 Actual detected object count: 0


vas. jan. 22, 2012 15:06
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: vírus "vaku effektussal" help..
jah és a harmadjára csinált tdsskiller naplója:

14:07:10.0605 0896 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
14:07:10.0997 0896 ============================================================
14:07:10.0997 0896 Current date / time: 2012/01/22 14:07:10.0997
14:07:10.0997 0896 SystemInfo:
14:07:10.0997 0896
14:07:10.0997 0896 OS Version: 6.1.7600 ServicePack: 0.0
14:07:10.0997 0896 Product type: Workstation
14:07:10.0998 0896 ComputerName: GÁBORASZTALI-PC
14:07:10.0998 0896 UserName: Gábor
14:07:10.0998 0896 Windows directory: C:\Windows
14:07:10.0998 0896 System windows directory: C:\Windows
14:07:10.0998 0896 Processor architecture: Intel x86
14:07:10.0998 0896 Number of processors: 2
14:07:10.0998 0896 Page size: 0x1000
14:07:10.0998 0896 Boot type: Normal boot
14:07:10.0998 0896 ============================================================
14:07:11.0697 0896 Drive \Device\Harddisk0\DR0 - Size: 0x2E93D2DE00 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x64F1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
14:07:11.0820 0896 Initialize success
14:08:24.0919 3328 ============================================================
14:08:24.0919 3328 Scan started
14:08:24.0919 3328 Mode: Manual;
14:08:24.0919 3328 ============================================================
14:08:25.0230 3328 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
14:08:25.0233 3328 1394ohci - ok
14:08:25.0263 3328 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
14:08:25.0267 3328 ACPI - ok
14:08:25.0298 3328 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
14:08:25.0300 3328 AcpiPmi - ok
14:08:25.0347 3328 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
14:08:25.0354 3328 adp94xx - ok
14:08:25.0368 3328 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
14:08:25.0372 3328 adpahci - ok
14:08:25.0385 3328 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
14:08:25.0388 3328 adpu320 - ok
14:08:25.0448 3328 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
14:08:25.0453 3328 AFD - ok
14:08:25.0473 3328 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
14:08:25.0475 3328 agp440 - ok
14:08:25.0507 3328 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
14:08:25.0511 3328 aic78xx - ok
14:08:25.0555 3328 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
14:08:25.0556 3328 aliide - ok
14:08:25.0566 3328 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
14:08:25.0567 3328 amdagp - ok
14:08:25.0587 3328 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
14:08:25.0588 3328 amdide - ok
14:08:25.0616 3328 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
14:08:25.0617 3328 AmdK8 - ok
14:08:25.0635 3328 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
14:08:25.0637 3328 AmdPPM - ok
14:08:25.0666 3328 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
14:08:25.0668 3328 amdsata - ok
14:08:25.0687 3328 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
14:08:25.0689 3328 amdsbs - ok
14:08:25.0707 3328 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
14:08:25.0708 3328 amdxata - ok
14:08:25.0736 3328 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
14:08:25.0738 3328 AppID - ok
14:08:25.0763 3328 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
14:08:25.0764 3328 arc - ok
14:08:25.0780 3328 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
14:08:25.0783 3328 arcsas - ok
14:08:25.0836 3328 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\Windows\system32\drivers\aswFsBlk.sys
14:08:25.0838 3328 aswFsBlk - ok
14:08:25.0882 3328 aswMonFlt (258143605e77e4008f1758481d6a977d) C:\Windows\system32\drivers\aswMonFlt.sys
14:08:25.0885 3328 aswMonFlt - ok
14:08:25.0929 3328 aswRdr (352d5a48ebab35a7693b048679304831) C:\Windows\system32\drivers\aswRdr.sys
14:08:25.0930 3328 aswRdr - ok
14:08:25.0956 3328 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\Windows\system32\drivers\aswSnx.sys
14:08:25.0961 3328 aswSnx - ok
14:08:25.0978 3328 aswSP (010012597333da1f46c3243f33f8409e) C:\Windows\system32\drivers\aswSP.sys
14:08:25.0980 3328 aswSP - ok
14:08:25.0991 3328 aswTdi (f9f84364416658e9786235904d448d37) C:\Windows\system32\drivers\aswTdi.sys
14:08:25.0992 3328 aswTdi - ok
14:08:26.0010 3328 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
14:08:26.0012 3328 AsyncMac - ok
14:08:26.0040 3328 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
14:08:26.0040 3328 atapi - ok
14:08:26.0161 3328 atikmdag (7db96c2801a78513bdc133c25d07929e) C:\Windows\system32\DRIVERS\atikmdag.sys
14:08:26.0211 3328 atikmdag - ok
14:08:26.0367 3328 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
14:08:26.0381 3328 b06bdrv - ok
14:08:26.0445 3328 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
14:08:26.0449 3328 b57nd60x - ok
14:08:26.0475 3328 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
14:08:26.0476 3328 Beep - ok
14:08:26.0511 3328 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
14:08:26.0512 3328 blbdrive - ok
14:08:26.0544 3328 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
14:08:26.0546 3328 bowser - ok
14:08:26.0562 3328 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:08:26.0563 3328 BrFiltLo - ok
14:08:26.0585 3328 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:08:26.0586 3328 BrFiltUp - ok
14:08:26.0614 3328 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
14:08:26.0619 3328 Brserid - ok
14:08:26.0639 3328 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
14:08:26.0641 3328 BrSerWdm - ok
14:08:26.0657 3328 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:08:26.0658 3328 BrUsbMdm - ok
14:08:26.0670 3328 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
14:08:26.0672 3328 BrUsbSer - ok
14:08:26.0731 3328 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
14:08:26.0732 3328 BthEnum - ok
14:08:26.0744 3328 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
14:08:26.0745 3328 BTHMODEM - ok
14:08:26.0764 3328 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
14:08:26.0765 3328 BthPan - ok
14:08:26.0814 3328 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys
14:08:26.0820 3328 BTHPORT - ok
14:08:26.0851 3328 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys
14:08:26.0853 3328 BTHUSB - ok
14:08:26.0902 3328 btmhsf (d517ba16793d76210c963dab2a88b74f) C:\Windows\system32\DRIVERS\btmhsf.sys
14:08:26.0906 3328 btmhsf - ok
14:08:26.0936 3328 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
14:08:26.0937 3328 cdfs - ok
14:08:26.0970 3328 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
14:08:26.0972 3328 cdrom - ok
14:08:27.0007 3328 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
14:08:27.0009 3328 circlass - ok
14:08:27.0037 3328 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
14:08:27.0041 3328 CLFS - ok
14:08:27.0074 3328 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
14:08:27.0076 3328 CmBatt - ok
14:08:27.0092 3328 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
14:08:27.0094 3328 cmdide - ok
14:08:27.0114 3328 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
14:08:27.0120 3328 CNG - ok
14:08:27.0129 3328 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
14:08:27.0131 3328 Compbatt - ok
14:08:27.0159 3328 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
14:08:27.0160 3328 CompositeBus - ok
14:08:27.0183 3328 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
14:08:27.0184 3328 crcdisk - ok
14:08:27.0233 3328 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
14:08:27.0239 3328 CSC - ok
14:08:27.0300 3328 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
14:08:27.0302 3328 DfsC - ok
14:08:27.0326 3328 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
14:08:27.0327 3328 discache - ok
14:08:27.0349 3328 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
14:08:27.0350 3328 Disk - ok
14:08:27.0395 3328 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
14:08:27.0396 3328 drmkaud - ok
14:08:27.0439 3328 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
14:08:27.0443 3328 DXGKrnl - ok
14:08:27.0570 3328 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
14:08:27.0631 3328 ebdrv - ok
14:08:27.0680 3328 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
14:08:27.0687 3328 elxstor - ok
14:08:27.0703 3328 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
14:08:27.0704 3328 ErrDev - ok
14:08:27.0734 3328 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
14:08:27.0737 3328 exfat - ok
14:08:27.0756 3328 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
14:08:27.0759 3328 fastfat - ok
14:08:27.0780 3328 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
14:08:27.0781 3328 fdc - ok
14:08:27.0799 3328 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
14:08:27.0800 3328 FileInfo - ok
14:08:27.0812 3328 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
14:08:27.0812 3328 Filetrace - ok
14:08:27.0829 3328 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
14:08:27.0830 3328 flpydisk - ok
14:08:27.0849 3328 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
14:08:27.0852 3328 FltMgr - ok
14:08:27.0880 3328 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
14:08:27.0881 3328 FsDepends - ok
14:08:27.0905 3328 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
14:08:27.0906 3328 Fs_Rec - ok
14:08:27.0950 3328 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
14:08:27.0954 3328 fvevol - ok
14:08:27.0965 3328 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:08:27.0967 3328 gagp30kx - ok
14:08:27.0987 3328 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
14:08:27.0989 3328 hcw85cir - ok
14:08:28.0053 3328 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
14:08:28.0058 3328 HdAudAddService - ok
14:08:28.0082 3328 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:08:28.0084 3328 HDAudBus - ok
14:08:28.0103 3328 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
14:08:28.0104 3328 HidBatt - ok
14:08:28.0113 3328 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
14:08:28.0116 3328 HidBth - ok
14:08:28.0126 3328 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
14:08:28.0128 3328 HidIr - ok
14:08:28.0162 3328 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
14:08:28.0164 3328 HidUsb - ok
14:08:28.0196 3328 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
14:08:28.0198 3328 HpSAMD - ok
14:08:28.0234 3328 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
14:08:28.0241 3328 HTTP - ok
14:08:28.0262 3328 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
14:08:28.0263 3328 hwpolicy - ok
14:08:28.0277 3328 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
14:08:28.0279 3328 i8042prt - ok
14:08:28.0294 3328 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
14:08:28.0298 3328 iaStorV - ok
14:08:28.0333 3328 iBtFltCoex (61401ba4183bc171ba114fce4981bb33) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
14:08:28.0335 3328 iBtFltCoex - ok
14:08:28.0360 3328 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
14:08:28.0362 3328 iirsp - ok
14:08:28.0384 3328 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
14:08:28.0385 3328 intelide - ok
14:08:28.0409 3328 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
14:08:28.0411 3328 intelppm - ok
14:08:28.0426 3328 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:08:28.0428 3328 IpFilterDriver - ok
14:08:28.0441 3328 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:08:28.0443 3328 IPMIDRV - ok
14:08:28.0455 3328 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
14:08:28.0459 3328 IPNAT - ok
14:08:28.0491 3328 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
14:08:28.0492 3328 IRENUM - ok
14:08:28.0518 3328 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
14:08:28.0519 3328 isapnp - ok
14:08:28.0556 3328 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
14:08:28.0560 3328 iScsiPrt - ok
14:08:28.0592 3328 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:08:28.0593 3328 kbdclass - ok
14:08:28.0687 3328 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
14:08:28.0712 3328 kbdhid - ok
14:08:28.0744 3328 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
14:08:28.0747 3328 KSecDD - ok
14:08:28.0783 3328 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
14:08:28.0787 3328 KSecPkg - ok
14:08:28.0832 3328 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
14:08:28.0834 3328 lltdio - ok
14:08:28.0865 3328 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:08:28.0867 3328 LSI_FC - ok
14:08:28.0882 3328 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:08:28.0884 3328 LSI_SAS - ok
14:08:28.0906 3328 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:08:28.0907 3328 LSI_SAS2 - ok
14:08:28.0928 3328 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:08:28.0931 3328 LSI_SCSI - ok
14:08:28.0960 3328 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
14:08:28.0962 3328 luafv - ok
14:08:28.0978 3328 MBAMProtector - ok
14:08:29.0016 3328 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
14:08:29.0017 3328 megasas - ok
14:08:29.0040 3328 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
14:08:29.0044 3328 MegaSR - ok
14:08:29.0063 3328 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
14:08:29.0065 3328 Modem - ok
14:08:29.0094 3328 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
14:08:29.0095 3328 monitor - ok
14:08:29.0112 3328 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
14:08:29.0114 3328 mouclass - ok
14:08:29.0137 3328 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
14:08:29.0138 3328 mouhid - ok
14:08:29.0157 3328 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
14:08:29.0159 3328 mountmgr - ok
14:08:29.0179 3328 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
14:08:29.0181 3328 mpio - ok
14:08:29.0202 3328 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
14:08:29.0204 3328 mpsdrv - ok
14:08:29.0219 3328 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
14:08:29.0221 3328 MRxDAV - ok
14:08:29.0264 3328 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:08:29.0267 3328 mrxsmb - ok
14:08:29.0290 3328 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:08:29.0295 3328 mrxsmb10 - ok
14:08:29.0331 3328 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:08:29.0336 3328 mrxsmb20 - ok
14:08:29.0356 3328 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
14:08:29.0358 3328 msahci - ok
14:08:29.0379 3328 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
14:08:29.0382 3328 msdsm - ok
14:08:29.0417 3328 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
14:08:29.0419 3328 Msfs - ok
14:08:29.0442 3328 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
14:08:29.0443 3328 mshidkmdf - ok
14:08:29.0458 3328 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
14:08:29.0459 3328 msisadrv - ok
14:08:29.0497 3328 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
14:08:29.0498 3328 MSKSSRV - ok
14:08:29.0529 3328 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
14:08:29.0530 3328 MSPCLOCK - ok
14:08:29.0548 3328 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
14:08:29.0549 3328 MSPQM - ok
14:08:29.0567 3328 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
14:08:29.0570 3328 MsRPC - ok
14:08:29.0594 3328 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
14:08:29.0595 3328 mssmbios - ok
14:08:29.0616 3328 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
14:08:29.0617 3328 MSTEE - ok
14:08:29.0634 3328 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
14:08:29.0636 3328 MTConfig - ok
14:08:29.0657 3328 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
14:08:29.0659 3328 Mup - ok
14:08:29.0701 3328 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
14:08:29.0707 3328 NativeWifiP - ok
14:08:29.0749 3328 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
14:08:29.0758 3328 NDIS - ok
14:08:29.0788 3328 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
14:08:29.0790 3328 NdisCap - ok
14:08:29.0815 3328 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
14:08:29.0816 3328 NdisTapi - ok
14:08:29.0834 3328 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
14:08:29.0836 3328 Ndisuio - ok
14:08:29.0855 3328 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
14:08:29.0858 3328 NdisWan - ok
14:08:29.0877 3328 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
14:08:29.0879 3328 NDProxy - ok
14:08:29.0905 3328 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
14:08:29.0907 3328 NetBIOS - ok
14:08:29.0918 3328 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
14:08:29.0922 3328 NetBT - ok
14:08:29.0968 3328 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
14:08:29.0970 3328 nfrd960 - ok
14:08:29.0996 3328 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
14:08:29.0998 3328 Npfs - ok
14:08:30.0015 3328 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
14:08:30.0017 3328 nsiproxy - ok
14:08:30.0062 3328 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
14:08:30.0076 3328 Ntfs - ok
14:08:30.0093 3328 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
14:08:30.0095 3328 Null - ok
14:08:30.0180 3328 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
14:08:30.0189 3328 NVENETFD - ok
14:08:30.0222 3328 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
14:08:30.0227 3328 nvraid - ok
14:08:30.0245 3328 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
14:08:30.0247 3328 nvstor - ok
14:08:30.0271 3328 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
14:08:30.0273 3328 nv_agp - ok
14:08:30.0291 3328 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
14:08:30.0293 3328 ohci1394 - ok
14:08:30.0366 3328 P17 (f646e128be4c7fad952e7876c97984d6) C:\Windows\system32\drivers\P17.sys
14:08:30.0381 3328 P17 - ok
14:08:30.0433 3328 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
14:08:30.0435 3328 Parport - ok
14:08:30.0457 3328 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
14:08:30.0458 3328 partmgr - ok
14:08:30.0478 3328 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
14:08:30.0479 3328 Parvdm - ok
14:08:30.0505 3328 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
14:08:30.0508 3328 pci - ok
14:08:30.0526 3328 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
14:08:30.0527 3328 pciide - ok
14:08:30.0553 3328 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
14:08:30.0557 3328 pcmcia - ok
14:08:30.0577 3328 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
14:08:30.0578 3328 pcw - ok
14:08:30.0638 3328 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
14:08:30.0651 3328 PEAUTH - ok
14:08:30.0754 3328 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
14:08:30.0756 3328 PptpMiniport - ok
14:08:30.0774 3328 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
14:08:30.0776 3328 Processor - ok
14:08:30.0817 3328 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
14:08:30.0820 3328 Psched - ok
14:08:30.0863 3328 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
14:08:30.0881 3328 ql2300 - ok
14:08:30.0892 3328 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
14:08:30.0894 3328 ql40xx - ok
14:08:30.0918 3328 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
14:08:30.0920 3328 QWAVEdrv - ok
14:08:30.0937 3328 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
14:08:30.0938 3328 RasAcd - ok
14:08:30.0974 3328 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:08:30.0975 3328 RasAgileVpn - ok
14:08:30.0997 3328 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:08:30.0999 3328 Rasl2tp - ok
14:08:31.0028 3328 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
14:08:31.0030 3328 RasPppoe - ok
14:08:31.0053 3328 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
14:08:31.0055 3328 RasSstp - ok
14:08:31.0067 3328 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
14:08:31.0071 3328 rdbss - ok
14:08:31.0101 3328 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
14:08:31.0103 3328 rdpbus - ok
14:08:31.0117 3328 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:08:31.0118 3328 RDPCDD - ok
14:08:31.0157 3328 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
14:08:31.0160 3328 RDPDR - ok
14:08:31.0183 3328 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
14:08:31.0184 3328 RDPENCDD - ok
14:08:31.0205 3328 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
14:08:31.0206 3328 RDPREFMP - ok
14:08:31.0225 3328 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
14:08:31.0229 3328 RDPWD - ok
14:08:31.0248 3328 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
14:08:31.0251 3328 rdyboost - ok
14:08:31.0302 3328 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
14:08:31.0305 3328 RFCOMM - ok
14:08:31.0324 3328 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
14:08:31.0327 3328 rspndr - ok
14:08:31.0354 3328 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
14:08:31.0355 3328 s3cap - ok
14:08:31.0435 3328 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
14:08:31.0437 3328 sbp2port - ok
14:08:31.0457 3328 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
14:08:31.0459 3328 scfilter - ok
14:08:31.0498 3328 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:08:31.0499 3328 secdrv - ok
14:08:31.0537 3328 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
14:08:31.0539 3328 Serenum - ok
14:08:31.0565 3328 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
14:08:31.0567 3328 Serial - ok
14:08:31.0588 3328 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
14:08:31.0589 3328 sermouse - ok
14:08:31.0636 3328 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
14:08:31.0637 3328 sffdisk - ok
14:08:31.0655 3328 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:08:31.0657 3328 sffp_mmc - ok
14:08:31.0671 3328 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
14:08:31.0673 3328 sffp_sd - ok
14:08:31.0689 3328 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
14:08:31.0690 3328 sfloppy - ok
14:08:31.0715 3328 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
14:08:31.0717 3328 sisagp - ok
14:08:31.0739 3328 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:08:31.0740 3328 SiSRaid2 - ok
14:08:31.0757 3328 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
14:08:31.0760 3328 SiSRaid4 - ok
14:08:31.0784 3328 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
14:08:31.0787 3328 Smb - ok
14:08:31.0819 3328 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
14:08:31.0821 3328 spldr - ok
14:08:31.0867 3328 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
14:08:31.0872 3328 srv - ok
14:08:31.0905 3328 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
14:08:31.0910 3328 srv2 - ok
14:08:31.0943 3328 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
14:08:31.0946 3328 srvnet - ok
14:08:31.0979 3328 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
14:08:31.0980 3328 stexstor - ok
14:08:32.0026 3328 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
14:08:32.0027 3328 storflt - ok
14:08:32.0059 3328 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
14:08:32.0061 3328 storvsc - ok
14:08:32.0079 3328 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
14:08:32.0080 3328 swenum - ok
14:08:32.0151 3328 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
14:08:32.0167 3328 Tcpip - ok
14:08:32.0203 3328 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
14:08:32.0212 3328 TCPIP6 - ok
14:08:32.0237 3328 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
14:08:32.0239 3328 tcpipreg - ok
14:08:32.0260 3328 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
14:08:32.0262 3328 TDPIPE - ok
14:08:32.0279 3328 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
14:08:32.0281 3328 TDTCP - ok
14:08:32.0300 3328 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
14:08:32.0302 3328 tdx - ok
14:08:32.0334 3328 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
14:08:32.0335 3328 TermDD - ok
14:08:32.0372 3328 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:08:32.0374 3328 tssecsrv - ok
14:08:32.0393 3328 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
14:08:32.0396 3328 tunnel - ok
14:08:32.0407 3328 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
14:08:32.0409 3328 uagp35 - ok
14:08:32.0428 3328 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
14:08:32.0432 3328 udfs - ok
14:08:32.0452 3328 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
14:08:32.0455 3328 uliagpkx - ok
14:08:32.0482 3328 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
14:08:32.0484 3328 umbus - ok
14:08:32.0507 3328 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
14:08:32.0509 3328 UmPass - ok
14:08:32.0546 3328 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
14:08:32.0549 3328 usbccgp - ok
14:08:32.0571 3328 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
14:08:32.0574 3328 usbcir - ok
14:08:32.0602 3328 usbehci (ff32d4f3ec3c68b2ca61782c7964f54e) C:\Windows\system32\DRIVERS\usbehci.sys
14:08:32.0604 3328 usbehci - ok
14:08:32.0635 3328 usbhub (b0dfc7b484e0ca0c27bda5433b82d94a) C:\Windows\system32\DRIVERS\usbhub.sys
14:08:32.0640 3328 usbhub - ok
14:08:32.0652 3328 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
14:08:32.0654 3328 usbohci - ok
14:08:32.0670 3328 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
14:08:32.0672 3328 usbprint - ok
14:08:32.0690 3328 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:08:32.0692 3328 USBSTOR - ok
14:08:32.0718 3328 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
14:08:32.0719 3328 usbuhci - ok
14:08:32.0748 3328 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
14:08:32.0750 3328 vdrvroot - ok
14:08:32.0806 3328 VD_FileDisk (a7a771aebb09b7932ba79d086cc7fd21) C:\Windows\system32\drivers\VD_FileDisk.sys
14:08:32.0807 3328 VD_FileDisk - ok
14:08:32.0831 3328 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
14:08:32.0832 3328 vga - ok
14:08:32.0847 3328 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
14:08:32.0848 3328 VgaSave - ok
14:08:32.0860 3328 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
14:08:32.0864 3328 vhdmp - ok
14:08:32.0883 3328 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
14:08:32.0885 3328 viaagp - ok
14:08:32.0896 3328 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
14:08:32.0897 3328 ViaC7 - ok
14:08:32.0917 3328 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
14:08:32.0918 3328 viaide - ok
14:08:32.0950 3328 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
14:08:32.0954 3328 vmbus - ok
14:08:32.0965 3328 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
14:08:32.0967 3328 VMBusHID - ok
14:08:32.0985 3328 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
14:08:32.0986 3328 volmgr - ok
14:08:33.0013 3328 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
14:08:33.0018 3328 volmgrx - ok
14:08:33.0033 3328 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
14:08:33.0037 3328 volsnap - ok
14:08:33.0060 3328 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
14:08:33.0063 3328 vsmraid - ok
14:08:33.0085 3328 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
14:08:33.0087 3328 vwifibus - ok
14:08:33.0104 3328 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys


vas. jan. 22, 2012 15:05
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: vírus "vaku effektussal" help..
Öhm....megcsináltam amire kértél...és..és eltünt a fel-fel ugráló ablak :P...ezzel kiírtottuk végleg a vírust?

az eredmények:

Model Name Size
SAMSUNG HD200HJ SCSI Disk Device \\.\PHYSICALDRIVE0 200046551040
Bootable Name Size Type
FALSE Disk #0, Partition #0 37748736000 Installable File System
TRUE Disk #0, Partition #1 53245640704 Installable File System
FALSE Disk #0, Partition #2 52427751424 Installable File System
FALSE Disk #0, Partition #3 56623104000 Installable File System



ComboFix 12-01-21.02 - Gábor 012.01.22. 14:27:11.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.36.1038.18.2047.1257 [GMT 1:00]
Running from: c:\users\Gábor\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Gábor\AppData\Roaming\explorer.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-12-22 to 2012-01-22 )))))))))))))))))))))))))))))))
.
.
2012-01-22 13:32 . 2012-01-22 13:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-22 12:57 . 2012-01-22 13:26 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C9A83E99-2C9E-4803-927B-7C4DAA97F08A}\offreg.dll
2012-01-22 12:12 . 2012-01-22 12:13 -------- d-----w- C:\rsit
2012-01-22 12:12 . 2012-01-22 12:13 -------- d-----w- c:\program files\trend micro
2012-01-21 19:31 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-01-21 19:31 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-01-21 19:31 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-01-21 19:31 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-01-21 19:31 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-01-21 19:31 . 2011-11-28 17:52 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-01-21 19:31 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2012-01-21 19:31 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe
2012-01-21 19:30 . 2012-01-21 19:30 -------- d-----w- c:\programdata\AVAST Software
2012-01-21 19:30 . 2012-01-21 19:30 -------- d-----w- c:\program files\AVAST Software
2012-01-21 19:16 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2012-01-21 18:26 . 2012-01-21 18:26 -------- d-----w- c:\programdata\Malwarebytes
2012-01-21 18:26 . 2012-01-21 23:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-11 14:16 . 2012-01-11 14:20 -------- d-----w- C:\Star Wars Ultimate Soundtrack Collection
2012-01-10 20:26 . 2012-01-11 15:44 -------- d-----w- C:\Star.Wars.The.Clone.Wars.Season.1.PAL.DVDR.Hungarian-Fibonacci
2012-01-09 00:00 . 2012-01-09 00:01 -------- d-----w- c:\program files\Common Files\AVSMedia
2012-01-09 00:00 . 2012-01-09 00:11 -------- d-----w- c:\programdata\AVS4YOU
2012-01-09 00:00 . 2012-01-09 00:01 -------- d-----w- c:\program files\AVS4YOU
2012-01-09 00:00 . 2008-08-13 09:22 974848 ----a-w- c:\windows\system32\mfc70.dll
2012-01-09 00:00 . 2008-08-13 09:22 487424 ----a-w- c:\windows\system32\msvcp70.dll
2012-01-09 00:00 . 2008-08-13 09:22 344064 ----a-w- c:\windows\system32\msvcr70.dll
2012-01-09 00:00 . 2008-08-13 09:22 1700352 ----a-w- c:\windows\system32\GdiPlus.dll
2012-01-09 00:00 . 2008-08-13 09:22 24576 ----a-w- c:\windows\system32\msxml3a.dll
2012-01-08 18:39 . 2012-01-08 18:39 -------- d-----w- c:\programdata\ImTOO
2012-01-08 18:39 . 2012-01-08 18:39 -------- d-----w- c:\program files\ImTOO
2012-01-07 19:25 . 2008-09-15 15:49 3939328 ----a-w- c:\windows\Photo! 3D ScreenSaver.scr
2012-01-07 19:24 . 2012-01-07 19:24 -------- d-----w- c:\program files\Photo!
2012-01-07 19:10 . 2012-01-07 19:10 -------- d-----w- c:\program files\VideoLAN
2012-01-06 10:25 . 2012-01-22 13:24 -------- d-----w- C:\Fraps
2012-01-06 10:25 . 2012-01-06 10:45 -------- d-----w- c:\program files\TeamSpeak 3 Client
2012-01-06 05:25 . 2012-01-05 21:20 -------- d-----w- c:\windows\Panther
2012-01-06 01:39 . 2012-01-06 10:24 -------- d-----w- c:\program files\TC UP
2012-01-05 23:29 . 2012-01-05 23:29 -------- d-----w- c:\program files\Common Files\BioWare
2012-01-05 23:11 . 2012-01-21 23:48 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-05 23:11 . 2012-01-05 23:11 -------- d-----w- c:\windows\system32\Macromed
2012-01-05 23:07 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2012-01-05 23:03 . 2009-11-25 11:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2012-01-05 23:03 . 2009-11-25 11:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2012-01-05 23:03 . 2009-11-25 11:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2012-01-05 23:03 . 2009-11-25 11:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2012-01-05 23:03 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2012-01-05 22:53 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-01-05 22:51 . 2009-10-10 02:57 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2012-01-05 22:51 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2012-01-05 22:48 . 2008-05-30 13:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2012-01-05 22:48 . 2009-09-03 07:04 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2012-01-05 22:48 . 2009-08-19 07:20 507568 ----a-w- c:\windows\system32\winload.exe
2012-01-05 22:48 . 2009-08-19 07:20 442920 ----a-w- c:\windows\system32\winresume.exe
2012-01-05 22:48 . 2010-11-02 04:35 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2012-01-05 22:48 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll
2012-01-05 22:48 . 2010-11-02 04:35 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-01-05 22:48 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2012-01-05 22:48 . 2010-11-02 04:41 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-01-05 22:48 . 2010-06-26 05:14 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2012-01-05 22:48 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-01-05 22:46 . 2010-10-27 04:40 1289536 ----a-w- c:\windows\system32\ntdll.dll
2012-01-05 22:45 . 2011-02-19 05:32 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-01-05 22:44 . 2010-06-19 06:23 37376 ----a-w- c:\windows\system32\rtutils.dll
2012-01-05 22:43 . 2011-02-24 05:32 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-01-05 22:43 . 2011-10-01 04:43 708608 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-01-05 22:43 . 2010-08-21 05:33 530432 ----a-w- c:\windows\system32\comctl32.dll
2012-01-05 22:43 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll
2012-01-05 22:43 . 2010-07-29 06:30 197632 ----a-w- c:\windows\system32\ir32_32.dll
2012-01-05 22:43 . 2010-07-29 06:30 82944 ----a-w- c:\windows\system32\iccvid.dll
2012-01-05 22:43 . 2010-10-16 04:41 101760 ----a-w- c:\windows\system32\consent.exe
2012-01-05 22:43 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll
2012-01-05 22:42 . 2012-01-05 22:42 -------- d-----w- c:\program files\TeamViewer
2012-01-05 22:39 . 2012-01-05 22:39 -------- d-----w- c:\program files\uTorrent
2012-01-05 22:37 . 2011-04-22 19:36 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2012-01-05 22:36 . 2010-11-02 04:46 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-01-05 22:36 . 2011-02-03 05:45 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-01-05 22:36 . 2010-11-02 04:23 107520 ----a-w- c:\windows\system32\cdd.dll
2012-01-05 22:21 . 2012-01-05 22:21 -------- d-----w- c:\programdata\ATI
2012-01-05 22:15 . 2012-01-05 22:21 -------- d-----w- c:\program files\ATI Technologies
2012-01-05 22:15 . 2012-01-05 22:15 -------- d-----w- c:\program files\ATI
2012-01-05 22:14 . 2012-01-05 22:14 -------- d-----w- C:\ATI
2012-01-05 21:40 . 2011-11-30 01:21 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C9A83E99-2C9E-4803-927B-7C4DAA97F08A}\mpengine.dll
2012-01-05 21:40 . 2011-11-15 13:29 222080 ------w- c:\windows\system32\MpSigStub.exe
2012-01-05 21:39 . 2012-01-21 23:28 -------- d-sh--w- c:\windows\Installer
2012-01-05 21:26 . 2012-01-22 13:29 -------- d-----w- c:\windows\system32\wbem\Performance
2012-01-05 21:20 . 2012-01-05 21:20 -------- d-----w- c:\users\Gábor
2012-01-05 21:19 . 2012-01-05 21:19 -------- d-sh--we c:\users\Default\Sablonok
2012-01-05 21:19 . 2012-01-05 21:19 -------- d-sh--we c:\users\Default\Dokumentumok
2012-01-05 21:19 . 2012-01-05 21:19 -------- d-sh--we c:\programdata\Sablonok
2012-01-05 21:19 . 2012-01-05 21:19 -------- d-sh--we c:\programdata\Dokumentumok
2012-01-05 21:19 . 2012-01-05 21:19 -------- d-sh--we c:\programdata\Asztal
2012-01-05 21:19 . 2012-01-05 21:19 -------- d-----w- C:\Recovery
2012-01-05 20:27 . 2012-01-05 20:27 0 ----a-w- c:\windows\ativpsrm.bin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-10 21:37 . 2012-01-10 21:38 598016 ----a-w- c:\users\Gábor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\15762.exe
2012-01-10 21:37 . 2012-01-10 21:38 598016 ----a-w- c:\users\Gábor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\15762.exe
2011-12-21 07:54 . 2012-01-05 22:26 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
c:\users\Gábor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
15762.exe [2012-1-10 598016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 VD_FileDisk;VD_FileDisk; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-07-19 225280]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-07-20 47104]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Gábor\AppData\Roaming\Mozilla\Firefox\Profiles\sc5snaof.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-Malwarebytes' Anti-Malware - c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
AddRemove-Malwarebytes' Anti-Malware_is1 - c:\program files\Malwarebytes' Anti-Malware\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-01-22 14:34:30
ComboFix-quarantined-files.txt 2012-01-22 13:34
.
Pre-Run: 4 764 217 344 bájt szabad
Post-Run: 4 738 764 800 bájt szabad
.
- - End Of File - - 9F68249A745EA21DE7F631DCEFC0C777


vas. jan. 22, 2012 15:01
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: vírus "vaku effektussal" help..
igen, a gep megvan tamadva,
1:Telepitsd le a geprol az C:\Program Files\Spyware Terminator

2:Futtasd le ezt a fajlot mint.
disk.bat,csinalsz disk.bat fajlot, ha nem tudod hogyan kell, ird ide. a naplojat tedd ide,
Kód:
@ECHO OFF
ECHO script created by: www.viruskasino.com
%windir%\SYSTEM32\WBEM\wmic.exe diskdrive get name,size,model>>log.txt
%windir%\SYSTEM32\WBEM\wmic.exe partition get name, bootable,size,type >>log.txt
del %0


3:Futtatod az TDSSKILLERT a naplojat tedd ide.
http://www.virus-stell.com/2010/08/root ... -tdl3.html

4:Es vegul az Combofixet futtatod, a naplojat tedd ide,
http://www.virus-stell.com/2010/04/combofix.html

aztan meglassuk,


vas. jan. 22, 2012 13:48
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: vírus "vaku effektussal" help..
oké, nagyon szépen köszönöm, hogy segítsz :)
ezt az eredményt kaptam:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Gábor at 2012-01-22 13:12:55
Microsoft Windows 7 Ultimate
System drive C: has 5 GB (13%) free of 36 GB
Total RAM: 2047 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:13:12, on 2012.01.22.
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Normal

Running processes:
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Fraps\fraps.exe
C:\Users\Gábor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\15762.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Gábor\Desktop\RSIT.exe
C:\Program Files\trend micro\Gábor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [explorer.exe] C:\Users\Gábor\AppData\Roaming\explorer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - Startup: 15762.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 18748 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Gábor\AppData\Roaming\Mozilla\Firefox\Profiles\sc5snaof.default

prefs.js - "browser.startup.homepage" - "http://www.facebook.com/"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
creativecommons.xml
eBay-hu.xml
google.xml
sztaki-en-hu.xml
vatera.xml
wikipedia-hu.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /starttray []
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-01-10 2775728]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-01-10 3609776]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"explorer.exe"=C:\Users\Gábor\AppData\Roaming\explorer.exe [2012-01-10 1169224]

C:\Users\Gábor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
15762.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Gábor\AppData\Local\Temp\tmp92B1.tmp.exe"="C:\Users\Gábor\AppData\Local\Temp\tmp92B1.tmp.exe:*:Enabled:Windows Messanger"
"C:\Users\Gábor\AppData\Roaming\Sun Microsystems\java.exe"="C:\Users\Gábor\AppData\Roaming\Sun Microsystems\java.exe:*:Enabled:Windows Messanger"
"C:\Users\GBOR~1\AppData\Local\Temp\49531.exe"="C:\Users\GBOR~1\AppData\Local\Temp\49531.exe:*:Enabled:Windows Messanger"
"C:\Users\GBOR~1\AppData\Local\Temp\22864.exe"="C:\Users\GBOR~1\AppData\Local\Temp\22864.exe:*:Enabled:Windows Messanger"
"C:\Users\GBOR~1\AppData\Local\Temp\98515.exe"="C:\Users\GBOR~1\AppData\Local\Temp\98515.exe:*:Enabled:Windows Messanger"
"C:\Users\GBOR~1\AppData\Local\Temp\3203.exe"="C:\Users\GBOR~1\AppData\Local\Temp\3203.exe:*:Enabled:Windows Messanger"
"C:\Users\GBOR~1\AppData\Local\Temp\22975.exe"="C:\Users\GBOR~1\AppData\Local\Temp\22975.exe:*:Enabled:Windows Messanger"
"C:\Users\GBOR~1\AppData\Local\Temp\28249.exe"="C:\Users\GBOR~1\AppData\Local\Temp\28249.exe:*:Enabled:Windows Messanger"
"C:\Users\GBOR~1\AppData\Local\Temp\52455.exe"="C:\Users\GBOR~1\AppData\Local\Temp\52455.exe:*:Enabled:Windows Messanger"
"C:\Users\Gábor\AppData\Local\Temp\svchost.exe"="C:\Users\Gábor\AppData\Local\Temp\svchost.exe:*:Enabled:Windows Messanger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-01-22 13:12:55 ----D---- C:\rsit
2012-01-22 13:12:55 ----D---- C:\Program Files\trend micro
2012-01-22 13:11:01 ----D---- C:\Users\Gábor\AppData\Roaming\Access File
2012-01-21 20:31:50 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-01-21 20:31:50 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-01-21 20:31:48 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2012-01-21 20:31:47 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-01-21 20:31:46 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-01-21 20:31:45 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-01-21 20:31:12 ----A---- C:\Windows\avastSS.scr
2012-01-21 20:31:10 ----A---- C:\Windows\system32\aswBoot.exe
2012-01-21 20:30:59 ----D---- C:\ProgramData\AVAST Software
2012-01-21 20:30:59 ----D---- C:\Program Files\AVAST Software
2012-01-21 20:16:51 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2012-01-21 20:16:50 ----D---- C:\Users\Gábor\AppData\Roaming\Spyware Terminator
2012-01-21 20:16:50 ----D---- C:\ProgramData\Spyware Terminator
2012-01-21 20:15:11 ----D---- C:\Program Files\Spyware Terminator
2012-01-21 19:26:38 ----D---- C:\Users\Gábor\AppData\Roaming\Malwarebytes
2012-01-21 19:26:33 ----D---- C:\ProgramData\Malwarebytes
2012-01-21 19:26:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-01-11 15:16:39 ----D---- C:\Star Wars Ultimate Soundtrack Collection
2012-01-10 22:33:59 ----D---- C:\Users\Gábor\AppData\Roaming\Sun Microsystems
2012-01-10 22:03:29 ----RSH---- C:\Users\Gábor\AppData\Roaming\explorer.exe
2012-01-10 21:26:40 ----D---- C:\Star.Wars.The.Clone.Wars.Season.1.PAL.DVDR.Hungarian-Fibonacci
2012-01-09 01:11:29 ----D---- C:\Users\Gábor\AppData\Roaming\AVS4YOU
2012-01-09 01:00:50 ----D---- C:\Program Files\Common Files\AVSMedia
2012-01-09 01:00:17 ----D---- C:\ProgramData\AVS4YOU
2012-01-09 01:00:17 ----D---- C:\Program Files\AVS4YOU
2012-01-09 01:00:17 ----A---- C:\Windows\system32\msxml3a.dll
2012-01-09 01:00:17 ----A---- C:\Windows\system32\msvcr70.dll
2012-01-09 01:00:17 ----A---- C:\Windows\system32\msvcp70.dll
2012-01-09 01:00:17 ----A---- C:\Windows\system32\mfc70.dll
2012-01-09 01:00:17 ----A---- C:\Windows\system32\GdiPlus.dll
2012-01-08 19:43:03 ----D---- C:\Users\Gábor\AppData\Roaming\NetWeave
2012-01-08 19:40:13 ----D---- C:\Users\Gábor\AppData\Roaming\ImTOO
2012-01-08 19:39:18 ----D---- C:\ProgramData\ImTOO
2012-01-08 19:39:18 ----D---- C:\Program Files\ImTOO
2012-01-08 19:38:36 ----D---- C:\Users\Gábor\AppData\Roaming\ztdirgfo
2012-01-07 20:25:01 ----D---- C:\Users\Gábor\AppData\Roaming\Photo! 3D Album
2012-01-07 20:25:00 ----A---- C:\Windows\Photo! 3D ScreenSaver.scr
2012-01-07 20:24:59 ----D---- C:\Program Files\Photo!
2012-01-07 20:18:29 ----D---- C:\Users\Gábor\AppData\Roaming\vlc
2012-01-07 20:10:06 ----D---- C:\Program Files\VideoLAN
2012-01-06 11:56:34 ----D---- C:\Users\Gábor\AppData\Roaming\ts3overlay
2012-01-06 11:26:44 ----D---- C:\Users\Gábor\AppData\Roaming\TS3Client
2012-01-06 11:25:57 ----D---- C:\Fraps
2012-01-06 11:25:41 ----D---- C:\Program Files\TeamSpeak 3 Client
2012-01-06 06:25:10 ----D---- C:\Windows\Panther
2012-01-06 02:40:13 ----D---- C:\Users\Gábor\AppData\Roaming\HEXelon
2012-01-06 02:39:02 ----D---- C:\Program Files\TC UP
2012-01-06 00:29:45 ----D---- C:\Program Files\Common Files\BioWare
2012-01-06 00:24:08 ----D---- C:\Users\Gábor\AppData\Roaming\Macromedia
2012-01-06 00:24:07 ----D---- C:\Users\Gábor\AppData\Roaming\Adobe
2012-01-06 00:14:50 ----RASH---- C:\MSDOS.SYS
2012-01-06 00:14:50 ----RASH---- C:\IO.SYS
2012-01-06 00:11:58 ----D---- C:\Windows\system32\Macromed
2012-01-06 00:07:54 ----A---- C:\Windows\system32\msv1_0.dll
2012-01-06 00:03:36 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2012-01-06 00:03:36 ----A---- C:\Windows\system32\PresentationHost.exe
2012-01-06 00:03:36 ----A---- C:\Windows\system32\netfxperf.dll
2012-01-06 00:03:36 ----A---- C:\Windows\system32\mscoree.dll
2012-01-06 00:03:36 ----A---- C:\Windows\system32\dfshim.dll
2012-01-05 23:55:03 ----A---- C:\Windows\system32\MRT.exe
2012-01-05 23:53:01 ----A---- C:\Windows\system32\browserchoice.exe
2012-01-05 23:51:29 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2012-01-05 23:51:16 ----A---- C:\Windows\system32\drivers\ks.sys
2012-01-05 23:50:53 ----A---- C:\Windows\system32\wcncsvc.dll
2012-01-05 23:50:13 ----A---- C:\Windows\system32\mshtml.dll
2012-01-05 23:50:09 ----A---- C:\Windows\system32\iertutil.dll
2012-01-05 23:50:08 ----A---- C:\Windows\system32\wininet.dll
2012-01-05 23:50:08 ----A---- C:\Windows\system32\urlmon.dll
2012-01-05 23:50:02 ----A---- C:\Windows\system32\ieframe.dll
2012-01-05 23:50:01 ----A---- C:\Windows\system32\mstime.dll
2012-01-05 23:50:01 ----A---- C:\Windows\system32\msfeeds.dll
2012-01-05 23:50:00 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-01-05 23:50:00 ----A---- C:\Windows\system32\iepeers.dll
2012-01-05 23:50:00 ----A---- C:\Windows\system32\iedkcs32.dll
2012-01-05 23:49:59 ----A---- C:\Windows\system32\url.dll
2012-01-05 23:49:59 ----A---- C:\Windows\system32\mshtmled.dll
2012-01-05 23:49:59 ----A---- C:\Windows\system32\licmgr10.dll
2012-01-05 23:49:59 ----A---- C:\Windows\system32\ieui.dll
2012-01-05 23:49:58 ----A---- C:\Windows\system32\msfeedssync.exe
2012-01-05 23:49:58 ----A---- C:\Windows\system32\jsproxy.dll
2012-01-05 23:49:52 ----A---- C:\Windows\system32\drivers\afd.sys
2012-01-05 23:49:41 ----A---- C:\Windows\system32\upnp.dll
2012-01-05 23:49:40 ----A---- C:\Windows\system32\msxml6.dll
2012-01-05 23:49:39 ----A---- C:\Windows\system32\WebClnt.dll
2012-01-05 23:49:39 ----A---- C:\Windows\system32\msxml3.dll
2012-01-05 23:49:39 ----A---- C:\Windows\system32\davclnt.dll
2012-01-05 23:49:38 ----A---- C:\Windows\system32\wscsvc.dll
2012-01-05 23:49:38 ----A---- C:\Windows\system32\wscapi.dll
2012-01-05 23:49:38 ----A---- C:\Windows\system32\winhttp.dll
2012-01-05 23:49:38 ----A---- C:\Windows\system32\slwga.dll
2012-01-05 23:48:50 ----A---- C:\Windows\system32\D3DX9_38.dll
2012-01-05 23:48:39 ----A---- C:\Windows\system32\winload.exe
2012-01-05 23:48:39 ----A---- C:\Windows\system32\CertEnroll.dll
2012-01-05 23:48:38 ----A---- C:\Windows\system32\winresume.exe
2012-01-05 23:48:09 ----A---- C:\Windows\system32\d3d10warp.dll
2012-01-05 23:48:08 ----A---- C:\Windows\system32\mf.dll
2012-01-05 23:48:06 ----A---- C:\Windows\system32\WMVDECOD.DLL
2012-01-05 23:48:06 ----A---- C:\Windows\system32\d3d10_1core.dll
2012-01-05 23:48:05 ----A---- C:\Windows\system32\XpsRasterService.dll
2012-01-05 23:48:05 ----A---- C:\Windows\system32\mfreadwrite.dll
2012-01-05 23:48:05 ----A---- C:\Windows\system32\ExplorerFrame.dll
2012-01-05 23:47:59 ----A---- C:\Windows\system32\KernelBase.dll
2012-01-05 23:47:59 ----A---- C:\Windows\system32\kernel32.dll
2012-01-05 23:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-01-05 23:47:58 ----A---- C:\Windows\system32\winsrv.dll
2012-01-05 23:47:58 ----A---- C:\Windows\system32\conhost.exe
2012-01-05 23:47:55 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-01-05 23:47:55 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-01-05 23:47:55 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-01-05 23:47:55 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-01-05 23:47:55 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-01-05 23:47:55 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-01-05 23:47:55 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-01-05 23:47:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-01-05 23:47:55 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-01-05 23:47:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-01-05 23:47:44 ----A---- C:\Windows\system32\msdri.dll
2012-01-05 23:47:19 ----A---- C:\Windows\system32\tquery.dll
2012-01-05 23:47:19 ----A---- C:\Windows\system32\mssrch.dll
2012-01-05 23:47:17 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2012-01-05 23:47:17 ----A---- C:\Windows\system32\SearchIndexer.exe
2012-01-05 23:47:17 ----A---- C:\Windows\system32\mssvp.dll
2012-01-05 23:47:17 ----A---- C:\Windows\system32\mssph.dll
2012-01-05 23:47:16 ----A---- C:\Windows\system32\SearchFilterHost.exe
2012-01-05 23:47:16 ----A---- C:\Windows\system32\mssphtb.dll
2012-01-05 23:47:16 ----A---- C:\Windows\system32\msscntrs.dll
2012-01-05 23:47:05 ----A---- C:\Windows\system32\lsasrv.dll
2012-01-05 23:47:05 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-01-05 23:47:03 ----A---- C:\Windows\system32\win32k.sys
2012-01-05 23:46:59 ----A---- C:\Windows\system32\ntdll.dll
2012-01-05 23:46:57 ----A---- C:\Windows\system32\drivers\srv.sys
2012-01-05 23:46:56 ----A---- C:\Windows\system32\drivers\srvnet.sys
2012-01-05 23:46:56 ----A---- C:\Windows\system32\drivers\srv2.sys
2012-01-05 23:46:41 ----A---- C:\Windows\system32\shell32.dll
2012-01-05 23:46:38 ----A---- C:\Windows\system32\CPFilters.dll
2012-01-05 23:46:37 ----A---- C:\Windows\system32\sbe.dll
2012-01-05 23:46:31 ----A---- C:\Windows\system32\tzres.dll
2012-01-05 23:46:13 ----A---- C:\Windows\system32\XpsPrint.dll
2012-01-05 23:46:11 ----A---- C:\Windows\system32\odbc32.dll
2012-01-05 23:46:07 ----A---- C:\Windows\system32\wmicmiplugin.dll
2012-01-05 23:46:07 ----A---- C:\Windows\system32\taskschd.dll
2012-01-05 23:46:07 ----A---- C:\Windows\system32\taskeng.exe
2012-01-05 23:46:07 ----A---- C:\Windows\system32\taskcomp.dll
2012-01-05 23:46:07 ----A---- C:\Windows\system32\schedsvc.dll
2012-01-05 23:46:06 ----A---- C:\Windows\system32\t2embed.dll
2012-01-05 23:46:06 ----A---- C:\Windows\system32\schtasks.exe
2012-01-05 23:46:01 ----A---- C:\Windows\system32\poqexec.exe
2012-01-05 23:45:59 ----A---- C:\Windows\system32\d2d1.dll
2012-01-05 23:45:58 ----A---- C:\Windows\system32\FntCache.dll
2012-01-05 23:45:58 ----A---- C:\Windows\system32\DWrite.dll
2012-01-05 23:45:52 ----A---- C:\Windows\system32\wmp.dll
2012-01-05 23:45:51 ----A---- C:\Windows\system32\wmploc.DLL
2012-01-05 23:45:49 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2012-01-05 23:45:48 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2012-01-05 23:45:48 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2012-01-05 23:45:46 ----A---- C:\Windows\system32\kerberos.dll
2012-01-05 23:45:44 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-01-05 23:45:41 ----A---- C:\Windows\system32\inetcomm.dll
2012-01-05 23:45:40 ----A---- C:\Windows\system32\psisdecd.dll
2012-01-05 23:45:36 ----A---- C:\Windows\system32\odbcjt32.dll
2012-01-05 23:45:36 ----A---- C:\Windows\system32\odbccp32.dll
2012-01-05 23:45:35 ----A---- C:\Windows\system32\odbctrac.dll
2012-01-05 23:45:35 ----A---- C:\Windows\system32\odbccu32.dll
2012-01-05 23:45:35 ----A---- C:\Windows\system32\odbccr32.dll
2012-01-05 23:45:31 ----A---- C:\Windows\explorer.exe
2012-01-05 23:45:30 ----A---- C:\Windows\system32\umpnpmgr.dll
2012-01-05 23:45:29 ----A---- C:\Windows\system32\atmfd.dll
2012-01-05 23:45:28 ----A---- C:\Windows\system32\atmlib.dll
2012-01-05 23:45:26 ----D---- C:\Users\Gábor\AppData\Roaming\TeamViewer
2012-01-05 23:45:24 ----A---- C:\Windows\system32\dnsrslvr.dll
2012-01-05 23:45:24 ----A---- C:\Windows\system32\dnsapi.dll
2012-01-05 23:45:23 ----A---- C:\Windows\system32\dnscacheugc.exe
2012-01-05 23:45:21 ----A---- C:\Windows\system32\vbscript.dll
2012-01-05 23:45:21 ----A---- C:\Windows\system32\jscript.dll
2012-01-05 23:45:19 ----A---- C:\Windows\system32\apphelp.dll
2012-01-05 23:45:16 ----A---- C:\Windows\system32\drivers\bowser.sys
2012-01-05 23:45:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-01-05 23:45:08 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-01-05 23:45:04 ----A---- C:\Windows\system32\srvsvc.dll
2012-01-05 23:44:57 ----A---- C:\Windows\system32\rtutils.dll
2012-01-05 23:44:56 ----A---- C:\Windows\system32\csrsrv.dll
2012-01-05 23:44:53 ----A---- C:\Windows\system32\mfc42.dll
2012-01-05 23:44:52 ----A---- C:\Windows\system32\mfc42u.dll
2012-01-05 23:44:49 ----A---- C:\Windows\system32\mstscax.dll
2012-01-05 23:44:49 ----A---- C:\Windows\system32\mstsc.exe
2012-01-05 23:44:47 ----A---- C:\Windows\system32\drivers\fvevol.sys
2012-01-05 23:44:45 ----A---- C:\Windows\system32\EncDec.dll
2012-01-05 23:44:44 ----A---- C:\Windows\system32\winlogon.exe
2012-01-05 23:44:42 ----A---- C:\Windows\system32\oleaut32.dll
2012-01-05 23:44:42 ----A---- C:\Windows\system32\oleacc.dll
2012-01-05 23:44:40 ----A---- C:\Windows\system32\xmllite.dll
2012-01-05 23:44:36 ----A---- C:\Windows\system32\d3d10_1.dll
2012-01-05 23:44:35 ----A---- C:\Windows\system32\wmpmde.dll
2012-01-05 23:44:30 ----A---- C:\Windows\system32\ole32.dll
2012-01-05 23:44:29 ----A---- C:\Windows\system32\spoolsv.exe
2012-01-05 23:44:27 ----A---- C:\Windows\system32\prevhost.exe
2012-01-05 23:44:25 ----A---- C:\Windows\system32\webio.dll
2012-01-05 23:44:25 ----A---- C:\Windows\system32\drivers\dfsc.sys
2012-01-05 23:44:23 ----A---- C:\Windows\system32\FXSCOVER.exe
2012-01-05 23:44:13 ----A---- C:\Windows\system32\secproc_isv.dll
2012-01-05 23:44:12 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2012-01-05 23:44:12 ----A---- C:\Windows\system32\secproc_ssp.dll
2012-01-05 23:44:12 ----A---- C:\Windows\system32\secproc.dll
2012-01-05 23:44:12 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2012-01-05 23:44:12 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2012-01-05 23:44:12 ----A---- C:\Windows\system32\RMActivate_isv.exe
2012-01-05 23:44:12 ----A---- C:\Windows\system32\RMActivate.exe
2012-01-05 23:44:11 ----A---- C:\Windows\system32\wintrust.dll
2012-01-05 23:44:10 ----A---- C:\Windows\system32\fontsub.dll
2012-01-05 23:44:08 ----A---- C:\Windows\system32\msasn1.dll
2012-01-05 23:44:07 ----A---- C:\Windows\system32\drivers\usbhub.sys
2012-01-05 23:44:07 ----A---- C:\Windows\system32\drivers\usbehci.sys
2012-01-05 23:44:05 ----A---- C:\Windows\system32\mfc40u.dll
2012-01-05 23:44:05 ----A---- C:\Windows\system32\mfc40.dll
2012-01-05 23:44:03 ----A---- C:\Windows\system32\tsbyuv.dll
2012-01-05 23:44:03 ----A---- C:\Windows\system32\quartz.dll
2012-01-05 23:44:03 ----A---- C:\Windows\system32\msyuv.dll
2012-01-05 23:44:03 ----A---- C:\Windows\system32\msvidc32.dll
2012-01-05 23:44:03 ----A---- C:\Windows\system32\msrle32.dll
2012-01-05 23:44:03 ----A---- C:\Windows\system32\mciavi32.dll
2012-01-05 23:44:03 ----A---- C:\Windows\system32\iyuv_32.dll
2012-01-05 23:44:03 ----A---- C:\Windows\system32\avifil32.dll
2012-01-05 23:44:02 ----A---- C:\Windows\system32\schannel.dll
2012-01-05 23:44:01 ----A---- C:\Windows\system32\cabview.dll
2012-01-05 23:43:59 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2012-01-05 23:43:54 ----A---- C:\Windows\system32\comctl32.dll
2012-01-05 23:43:53 ----A---- C:\Windows\system32\asycfilt.dll
2012-01-05 23:43:51 ----A---- C:\Windows\system32\ir32_32.dll
2012-01-05 23:43:51 ----A---- C:\Windows\system32\iccvid.dll
2012-01-05 23:43:50 ----A---- C:\Windows\system32\consent.exe
2012-01-05 23:43:47 ----A---- C:\Windows\system32\StructuredQuery.dll
2012-01-05 23:42:04 ----D---- C:\Program Files\TeamViewer
2012-01-05 23:39:35 ----D---- C:\Program Files\uTorrent
2012-01-05 23:38:39 ----D---- C:\Users\Gábor\AppData\Roaming\uTorrent
2012-01-05 23:37:44 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2012-01-05 23:36:23 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2012-01-05 23:36:22 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2012-01-05 23:36:22 ----A---- C:\Windows\system32\cdd.dll
2012-01-05 23:26:07 ----D---- C:\Users\Gábor\AppData\Roaming\Mozilla
2012-01-05 23:25:59 ----D---- C:\Program Files\Mozilla Firefox
2012-01-05 23:21:33 ----D---- C:\ProgramData\ATI
2012-01-05 23:21:32 ----D---- C:\Users\Gábor\AppData\Roaming\ATI
2012-01-05 23:15:29 ----D---- C:\Program Files\ATI Technologies
2012-01-05 23:15:25 ----D---- C:\Program Files\ATI
2012-01-05 23:14:50 ----D---- C:\ATI
2012-01-05 22:54:09 ----D---- C:\Program Files\WinRAR
2012-01-05 22:40:53 ----N---- C:\Windows\system32\MpSigStub.exe
2012-01-05 22:39:22 ----SHD---- C:\Windows\Installer
2012-01-05 22:26:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-05 22:20:18 ----D---- C:\Users\Gábor\AppData\Roaming\Identities
2012-01-05 22:20:11 ----SD---- C:\Users\Gábor\AppData\Roaming\Microsoft
2012-01-05 22:20:11 ----D---- C:\Users\Gábor\AppData\Roaming\Media Center Programs
2012-01-05 22:19:56 ----SHD---- C:\Recovery
2012-01-05 22:19:56 ----SHD---- C:\ProgramData\Sablonok
2012-01-05 22:19:56 ----SHD---- C:\ProgramData\Dokumentumok
2012-01-05 22:19:56 ----SHD---- C:\ProgramData\Asztal
2012-01-05 21:29:01 ----D---- C:\Windows\SoftwareDistribution
2012-01-05 21:26:12 ----D---- C:\Windows\Prefetch
2012-01-05 21:25:54 ----ASH---- C:\pagefile.sys
2012-01-05 21:25:53 ----SHD---- C:\System Volume Information
2012-01-05 21:25:53 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 month======

2012-01-22 13:12:55 ----RD---- C:\Program Files
2012-01-22 13:11:20 ----D---- C:\Windows\Temp
2012-01-22 13:10:57 ----D---- C:\Windows\system32\Tasks
2012-01-22 02:16:08 ----D---- C:\Windows\system32\config
2012-01-22 00:41:35 ----D---- C:\Windows\System32
2012-01-22 00:41:35 ----D---- C:\Windows\inf
2012-01-22 00:33:16 ----D---- C:\Windows\system32\drivers
2012-01-22 00:28:36 ----HD---- C:\ProgramData
2012-01-22 00:27:59 ----D---- C:\Windows\system32\DriverStore
2012-01-22 00:27:59 ----D---- C:\Windows\system32\catroot
2012-01-21 20:59:38 ----D---- C:\Windows\Downloaded Program Files
2012-01-21 20:31:12 ----D---- C:\Windows
2012-01-21 19:06:49 ----D---- C:\Windows\system32\LogFiles
2012-01-10 21:19:33 ----D---- C:\Windows\system32\wdi
2012-01-09 01:10:51 ----D---- C:\Windows\winsxs
2012-01-09 01:00:50 ----D---- C:\Program Files\Common Files
2012-01-06 17:39:55 ----D---- C:\Windows\rescache
2012-01-06 17:38:57 ----D---- C:\Windows\Logs
2012-01-06 12:17:17 ----D---- C:\Windows\Microsoft.NET
2012-01-06 12:17:08 ----RSD---- C:\Windows\assembly
2012-01-06 11:20:54 ----SD---- C:\ProgramData\Microsoft
2012-01-06 11:20:52 ----D---- C:\Windows\system32\drivers\UMDF
2012-01-06 00:23:28 ----D---- C:\Windows\system32\catroot2
2012-01-06 00:16:16 ----D---- C:\Windows\system32\migration
2012-01-06 00:16:16 ----D---- C:\Program Files\Internet Explorer
2012-01-06 00:16:15 ----RSD---- C:\Windows\Fonts
2012-01-06 00:16:15 ----D---- C:\Windows\ehome
2012-01-06 00:16:15 ----D---- C:\Program Files\Windows Mail
2012-01-06 00:16:15 ----D---- C:\Program Files\Common Files\System
2012-01-06 00:16:14 ----D---- C:\Windows\system32\hu-HU
2012-01-06 00:16:11 ----D---- C:\Windows\system32\Boot
2012-01-06 00:16:11 ----D---- C:\Windows\AppPatch
2012-01-06 00:16:11 ----D---- C:\Program Files\Windows Media Player
2012-01-05 23:55:04 ----D---- C:\Windows\debug
2012-01-05 23:16:10 ----D---- C:\Program Files\Common Files\microsoft shared
2012-01-05 22:40:40 ----D---- C:\Windows\system32\restore
2012-01-05 22:26:12 ----D---- C:\Windows\system32\wbem
2012-01-05 22:20:17 ----SHD---- C:\$Recycle.Bin
2012-01-05 22:20:09 ----RD---- C:\Users
2012-01-05 22:19:56 ----D---- C:\Program Files\Windows NT
2012-01-05 21:40:29 ----D---- C:\Windows\system32\CodeIntegrity
2012-01-05 21:28:21 ----D---- C:\Windows\system32\sysprep
2012-01-05 21:26:42 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
R1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2011-01-26 24680]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 BthEnum;Bluetooth kérési blokk illesztőprogramja; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth-eszköz (személyes hálózat); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth-rádió USB illesztőprogramja; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-07-19 225280]
R3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-07-20 47104]
R3 NVENETFD;NVIDIA nForce hálózati vezérlő illesztőprogramja; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2007-02-05 1122304]
R3 RFCOMM;Bluetooth-eszköz (RFCOMM protokoll TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Bluetooth-portillesztőprogram; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-01-10 482992]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------


vas. jan. 22, 2012 13:14
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: vírus "vaku effektussal" help..
üdv
Ahogy nézem ez fertőzés, a .bat fajló rejtetten próbálja futtatni az exe fajlot.

Tedd ide az RSIT naplojat,
http://www.virus-stell.com/2010/04/rsit.html


vas. jan. 22, 2012 9:53
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás vírus "vaku effektussal" help..
Sziasztok!

Néhány hete elkezdett kék halálozni a gépem minden leállítás előtt. Nem állt le mikor rá kattintottam, hanem bedobta a kék halált. Vírusirtó (Nod32) kimutatta hogy trójai, de nem tudtam kiírtani. Formáztam a rendszer meghajtóját és újra telepítettem a rendszert (w7).
Erre egy új jelenséggel találtam szembe magam, ami azóta zavaróan aggasztó "lakótárs" kíván lenni a számítógépemben. Vaku szerűen felvillan majd egyből el is tűnik a képernyőn 1 másodpercenként egy DOS-os ablak, amit el sem lehet olvasni, gyors eltűnése miatt, de a frapssal sikerült megörökíteni egy másodpercet az életéből, melyet az alábbi linken nézhettek meg. Próbálkoztam vírusírtókkal kiírtani, de igazából nem tudom mi akarna ez lenni, és úgyérzem zsákutca minden próbálkozásom!
Ezért fordultam hozzátok, bízva, bizakodva a legjobbakban és tapasztaltabb segítségetekben, mert nekem semmi tapasztalatom nincs e felől.

http://kepfeltoltes.hu/view/120122/Dwm_2012-01-21_19-14-52-75_www.kepfeltoltes.hu_.jpg

Nagyon hálás lennék, ha valaki segítene nekem, e problémám megoldásában.

üdv: tigerpapo


vas. jan. 22, 2012 1:36
Profil Privát üzenet küldése
Hozzászólások megjelenítése:  Rendezés  
Hozzászólás a témához   [ 27 hozzászólás ] 

Ki van itt

Jelenlévő fórumozók: nincs regisztrált felhasználó valamint 8 vendég


Nem nyithatsz témákat ebben a fórumban.
Nem válaszolhatsz egy témára ebben a fórumban.
Nem szerkesztheted a hozzászólásaidat ebben a fórumban.
Nem törölheted a hozzászólásaidat ebben a fórumban.

Keresés:
Ugrás:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by ST Software for PTF.
Magyar fordítás © Magyar phpBB Közösség