Megválaszolatlan hozzászólások | Aktív témák Pontos idő: csüt. márc. 28, 2024 12:27



Hozzászólás a témához  [ 46 hozzászólás ] 
Segítséget kérnék 
Szerző Üzenet
vas-tag

Csatlakozott: kedd aug. 14, 2012 22:06
Hozzászólások: 1
Hozzászólás Re: Segítséget kérnék
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tóth László at 2012-08-14 23:35:57
Microsoft Windows XP Professional Szervizcsomag 3
System drive C: has 63 GB (83%) free of 76 GB
Total RAM: 247 MB (6% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:36:34, on 2012.08.14.
Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Tóth László\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tóth László\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tóth László\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASC.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Documents and Settings\Tóth László\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Tóth László\Dokumentumok\Downloads\RSIT.exe
C:\Program Files\trend micro\Tóth László.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.hu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
R3 - URLSearchHook: (no name) - {7757CBCC-0975-4b79-A519-90B142CA3A23} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - (no file)
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Tóth László\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msseces.exe] C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4974750625
O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - http://neptun1.ppke.hu/msrdp.cab
O22 - SharedTaskScheduler: Browseui előbetöltője - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Komponenskategóriák gyorsítótárazási szolgáltatása - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Logikai lemezkezelő felügyeleti szolgáltatás (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Eseménynapló (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe
O23 - Service: Google frissítés Szolgáltatás (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google frissítés Szolgáltatás (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IMAPI CD-égető COM-szolgáltatás (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Távoli asztal súgó-munkamenetének kezelője (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Teljesítménynaplók és riasztások (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Kötet árnyékmásolata (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: WMI teljesítményadapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 6817 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\ASC5_AutoCare.job
C:\WINDOWS\tasks\ASC5_AutoClean.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cd613ae02c8968.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1035525444-1801674531-1003Core1cd6752cab038.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1035525444-1801674531-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-12 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-12 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-02-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Tóth László\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-06-16 116648]
"msseces.exe"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setup.exe]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\SYSTEM32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRkrn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRSVC]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCMD"=0
"DisableTaskMgr"=0
"NoDispAppearancePage"=0
"NoDispSettingsPage"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCMD"=0
"DisableTaskMgr"=0
"NoDispAppearancePage"=0
"NoDispSettingsPage"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoViewContextMenu"=0
"NoFind"=0
"NoFile"=0
"NoRun"=0
"HideClock"=0
"NoTrayContextMenu"=0
"NoSetFolders"=0
"NoDevMgrUpdate"=0
"NoClose"=0
"NoDeletePrinter"=0
"NoDFSTab"=0
"NoLogoff"=0
"StartMenuLogoff"=0
"NoWindowsUpdate"=0
"NoEncryptOnMove"=0
"NoRunasInstallPrompt"=0
"NoResolveSearch"=0
"NoResolveTrack"=0
"NoStartMenuSubFolders"=0
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoViewOnDrive"=0
"DisableLocalMachineRun"=0
"DisableLocalMachineRunOnce"=0
"DisableCurrentUserRun"=0
"DisableCurrentUserRunOnce"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoViewContextMenu"=0
"NoFind"=0
"NoFile"=0
"NoRun"=0
"HideClock"=0
"NoTrayContextMenu"=0
"NoSetFolders"=0
"NoDevMgrUpdate"=0
"NoClose"=0
"NoDeletePrinter"=0
"NoDFSTab"=0
"NoLogoff"=0
"StartMenuLogoff"=0
"NoWindowsUpdate"=0
"NoEncryptOnMove"=0
"NoRunasInstallPrompt"=0
"NoResolveTrack"=0
"NoStartMenuSubFolders"=0
"NoDesktop"=0
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoViewOnDrive"=0
"NoDrives"=0
"DisableLocalMachineRun"=0
"DisableLocalMachineRunOnce"=0
"DisableCurrentUserRun"=0
"DisableCurrentUserRunOnce"=0
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecx.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.DIVX"=divx.dll
"vidc.XVID"=xvidvfw.dll
"msacm.lameacm"=lameACM.acm
"vidc.3iv2"=3ivxVfWCodec.dll
"VIDC.HFYU"=huffyuv.dll
"VIDC.wmv3"=wmv9vcm.dll
"VIDC.VP60"=vp6vfw.dll
"VIDC.VP61"=vp6vfw.dll
"VIDC.VP62"=vp6vfw.dll
"VIDC.VP31"=vp31vfw.dll
"vidc.MPG4"=Mpg4c32.dll
"vidc.MP42"=Mpg4c32.dll
"vidc.MP43"=Mpg4c32.dll
"msacm.ac3acm"=ac3acm.acm
"wave1"=serwvdrv.dll
"wave2"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - open - "%SystemRoot%\System32\WScript.exe" "%1" %*

======List of files/folders created in the last 1 month======

2012-08-14 22:45:43 ----D---- C:\Program Files\trend micro
2012-08-14 22:45:38 ----D---- C:\rsit
2012-08-14 22:23:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135$
2012-08-14 22:17:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2731847$
2012-08-14 22:16:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219$
2012-08-14 22:16:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2012-08-14 22:15:55 ----A---- C:\WINDOWS\imsins.BAK
2012-08-14 22:11:51 ----A---- C:\WINDOWS\system32\SET36.tmp
2012-08-14 22:11:49 ----A---- C:\WINDOWS\system32\SET35.tmp
2012-08-14 22:11:48 ----N---- C:\WINDOWS\system32\SET3B.tmp
2012-08-14 22:11:47 ----A---- C:\WINDOWS\system32\SET30.tmp
2012-08-14 22:11:46 ----A---- C:\WINDOWS\system32\SET34.tmp
2012-08-14 22:11:45 ----A---- C:\WINDOWS\system32\SET2F.tmp
2012-08-14 22:11:45 ----A---- C:\WINDOWS\system32\SET2E.tmp
2012-08-14 22:11:43 ----A---- C:\WINDOWS\system32\SET3A.tmp
2012-08-14 22:06:32 ----D---- C:\WINDOWS\LastGood
2012-07-29 19:08:51 ----D---- C:\Documents and Settings\Tóth László\Application Data\TomTom
2012-07-29 17:48:18 ----D---- C:\Documents and Settings\Tóth László\Application Data\Mozilla
2012-07-29 17:48:07 ----D---- C:\Program Files\Conduit
2012-07-29 17:22:45 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2012-07-29 14:43:21 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe

======List of files/folders modified in the last 1 month======

2012-08-14 23:24:58 ----D---- C:\WINDOWS\Prefetch
2012-08-14 23:21:42 ----D---- C:\WINDOWS\Temp
2012-08-14 22:45:43 ----RD---- C:\Program Files
2012-08-14 22:24:19 ----HD---- C:\WINDOWS\inf
2012-08-14 22:24:16 ----D---- C:\WINDOWS
2012-08-14 22:24:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-14 22:24:04 ----D---- C:\WINDOWS\system32\drivers
2012-08-14 22:23:41 ----HD---- C:\WINDOWS\$hf_mig$
2012-08-14 22:18:27 ----D---- C:\WINDOWS\Debug
2012-08-14 22:18:11 ----A---- C:\WINDOWS\system32\MRT.exe
2012-08-14 22:17:13 ----D---- C:\WINDOWS\system32
2012-08-14 22:16:04 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-14 22:15:34 ----D---- C:\Program Files\Internet Explorer
2012-08-14 22:06:33 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-08-14 21:11:38 ----A---- C:\WINDOWS\ModemLog_Bluetooth Fax Modem.txt
2012-08-14 21:11:38 ----A---- C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt
2012-08-14 21:11:32 ----A---- C:\WINDOWS\ModemLog_Controllerless PCI V.92 Modem.txt
2012-08-12 22:25:28 ----D---- C:\WINDOWS\system32\config
2012-07-31 23:23:44 ----SD---- C:\WINDOWS\Tasks
2012-07-29 20:43:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-07-29 20:42:53 ----SHD---- C:\WINDOWS\Installer
2012-07-29 20:42:53 ----D---- C:\WINDOWS\WinSxS
2012-07-29 20:42:38 ----D---- C:\Config.Msi
2012-07-29 19:48:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-07-29 18:19:20 ----D---- C:\Program Files\Google
2012-07-29 18:13:59 ----D---- C:\Documents and Settings\Tóth László\Application Data\uTorrent
2012-07-21 23:09:42 ----D---- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2012-07-21 22:46:30 ----D---- C:\Documents and Settings\Tóth László\Application Data\IObit

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2007-03-05 35600]
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-12-07 20576]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R1 intelppm;Intel processzor illesztőprogramja; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 MpKsl2f282199;MpKsl2f282199; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1592FA01-D660-444D-9B95-D9E056077AFB}\MpKsl2f282199.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2005-03-14 41984]
R2 irda;IrDA protokoll; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2001-10-22 9855]
R2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys []
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2005-05-12 1332544]
R3 gttap1;GoTrusted TAP Adapter; C:\WINDOWS\system32\DRIVERS\gttap1.sys [2008-03-18 20480]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 irsir;Microsoft soros infravörös illesztőprogram; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 MODEMCSA;Unimodem Streaming Filter eszköz; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 Rasirda;WAN miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-26 5888]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 usbuhci;Microsoft USB univerzális állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 Winachcf;Winachcf; C:\WINDOWS\system32\DRIVERS\winachcf.sys [2002-04-30 917988]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-05-23 16272]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-05-23 36496]
S3 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys []
S3 rtl8139;Realtek RTL8139(A/B/C) alapú PCI gyors Ethernet-adapter NT illesztőprogramja; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbprint;Microsoft USB PRINTER osztály; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB háttértár illesztőprogramja; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 WS2IFSL;Windows Socket 2.0 - nem IFS-t szolgáltató támogatási környezet; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-26 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 gupdate;Google frissítés Szolgáltatás (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-16 136176]
S2 Irmon;Infravörös figyelő; C:\WINDOWS\system32\svchost.exe [2012-01-17 14336]
S3 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2012-04-16 784792]
S3 aspnet_state;ASP.NET-állapotszolgáltatás; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Google frissítés Szolgáltatás (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-16 136176]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-02-12 153376]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2005-01-26 53337]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2005-01-26 53337]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2005-01-26 69718]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2012-01-17 14336]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 NetTcpPortSharing;Net.Tcp portmegosztási szolgáltatás; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------


kedd aug. 14, 2012 22:37
Profil Privát üzenet küldése
gyémánt tag
Avatar

Csatlakozott: pén. szept. 10, 2004 5:49
Hozzászólások: 2607
Hozzászólás Re: Segítséget kérnék
Létezik még olyan AVG verzió, amelyben a biztonsági eszköztárban van e-mail figyelő, mint amilyen a 7.8.31.1 eszköztár és a 2012.0.1913 AVG verzióban van?


kedd feb. 28, 2012 19:48
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
:D
Akkor csak nevezd at uninstall
es futtasd.
az antivirus nem szamit, mindig klik, ok, ok, ok,


vas. feb. 05, 2012 15:44
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
Visszatértem!
A COMBO Fixet hiába neveztem át nem letelepítődött,hanem újra lefutott végig adott logot is.
Most újra indítottam ,de továbbra is itt van mint uninstall.exe.
Igaz vírusirtót elfelejtettem kikapcsolni a futtatás előtt talán ez lehetett a hiba ?
Próbáljam újra?


vas. feb. 05, 2012 15:36
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
Nincsen mit köszönöd
Üdv.


vas. feb. 05, 2012 15:19
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
Rendben!
Hálás köszönet a segítségedért!!! Féltem hogy újra kell húzni a gépet.
Még egyszer KÖSZÖNÖM!
Üdv és további szép napot!: András


vas. feb. 05, 2012 15:12
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
Nem, eppen hogy az avirja motorja talan a legjobb, es talan a legokosab antivirus,
Ok.
tehat ha minden renben, akkor nevezd att a combofix ikonjat uninstall.exe
es futtasd le a combofix letelepitodik a geprol.

Meg minden esetre vizsgald le az Aviraval a gepet es keszek lennenk.


vas. feb. 05, 2012 15:02
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
Feltelepítettem az Avirát minden szépen működik,bár először megijedtem,mert a tálcán a hálózat ikonján megint pirosX volt,és azt hittem nem enged belépni a netbe ,de engedte és rendben van.
Még az lenne a kérdésem,hogy az Avira nem fogja e nagyon lassítani a gépet?


vas. feb. 05, 2012 14:51
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
igen ez windows program tehat megengedheted mert maskep nem fog mukodni.
Igen az AVG helyet telepitsd fel az Free AVIRAT.
Avira Free Antivirus
http://www.avira.com/en/avira-free-antivirus

Aztan ird meg a restartutan ha minden ok, e,


vas. feb. 05, 2012 13:58
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
Elindult minden rendesen,de a Pc tools tűzfal kiírta,hogy a Windows Naptár módosítani vagy irányítani
próbál egy másik alkalmazást.Nem tudom,hogy ezt most engedjem e?
Még a Windows biztonsági riasztás jelez,hogy nincs vírusirtóm,és a Windows Defender ki van kapcsolva


vas. feb. 05, 2012 13:46
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
ok, most ha bebotolsz a rendes windowsba, akkor mi van?? probald ki a gepet ,,ird le es ha van hiba jelentes akkor azt is,


vas. feb. 05, 2012 13:31
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
Igen csökkentettből engedte,le is futott most végzett.


vas. feb. 05, 2012 13:20
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
Ok, menj le csokkentet modba, es ad be azt a Chkdsk parancsot a parancssorba amit leirtam, aztan ird meg hogy le ment e vagy mi van.


vas. feb. 05, 2012 11:46
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
All processes killed
========== OTL ==========
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4 not found.
File C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll not found.
C:\Users\user_11\AppData\Roaming\AVG\Rescue\PC Tuneup 2011 folder moved successfully.
C:\Users\user_11\AppData\Roaming\AVG\Rescue folder moved successfully.
C:\Users\user_11\AppData\Roaming\AVG\PC Tuneup\User Reports folder moved successfully.
C:\Users\user_11\AppData\Roaming\AVG\PC Tuneup\Logs folder moved successfully.
C:\Users\user_11\AppData\Roaming\AVG\PC Tuneup folder moved successfully.
C:\Users\user_11\AppData\Roaming\AVG folder moved successfully.
Folder C:\Users\user_11\AppData\Roaming\AVG\ not found.
C:\Users\user_11\AppData\Roaming\AVG10\cfgall folder moved successfully.
C:\Users\user_11\AppData\Roaming\AVG10 folder moved successfully.
ADS C:\Users\user_11\Documents\könyvelő2.JPG:3or4kl4x13tuuug3Byamue2s4b deleted successfully.
ADS C:\Users\user_11\Documents\könyvelő.JPG:3or4kl4x13tuuug3Byamue2s4b deleted successfully.
ADS C:\Users\user_11\Desktop\lista.JPG:3or4kl4x13tuuug3Byamue2s4b deleted successfully.
ADS C:\ProgramData\TEMP:0B4227B4 deleted successfully.
ADS C:\ProgramData\TEMP:C31F31E6 deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: user_11
->Temp folder emptied: 61408 bytes
->Temporary Internet Files folder emptied: 1040724 bytes
->Google Chrome cache emptied: 30975115 bytes
->Flash cache emptied: 1094 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 31,00 mb



OTL by OldTimer - Version 3.2.31.0 log created on 02052012_113448

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


vas. feb. 05, 2012 11:39
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
Futtasd az OTL programot, az ablakjaba masold be a zold textet de most ra klikelsz az RUNFIX,, gombra,, a naplot a restart utan tedd ide
Kód:
:OTL
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
[2012.02.02 08:30:34 | 000,000,000 | ---D | C] -- C:\Users\user_11\AppData\Roaming\AVG
[2012.02.02 08:31:09 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\AVG
[2010.12.21 12:25:43 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\AVG10
@Alternate Data Stream - 172 bytes -> C:\Users\user_11\Documents\könyvelő2.JPG:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 172 bytes -> C:\Users\user_11\Documents\könyvelő.JPG:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 172 bytes -> C:\Users\user_11\Desktop\lista.JPG:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:C31F31E6
:Commands
[resethosts]
[emptytemp]
[clearallrestorepoints]
[start explorer]
[Reboot]


vas. feb. 05, 2012 11:24
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
OTL logfile created on: 2012.02.05. 10:44:57 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\user_11\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 0000040e | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.

1022,58 Mb Total Physical Memory | 530,85 Mb Available Physical Memory | 51,91% Memory free
2,25 Gb Paging File | 1,65 Gb Available in Paging File | 73,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 200,61 Gb Free Space | 86,14% Space Free | Partition Type: NTFS

Computer Name: INTENSA-11 | User Name: user_11 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.02.05 09:34:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\user_11\Desktop\OTL.exe
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.07 14:23:34 | 002,672,600 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
PRC - [2011.01.24 13:23:14 | 000,286,000 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe
PRC - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2007.10.26 14:28:06 | 001,524,512 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.01.24 13:23:14 | 000,286,000 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)
SRV - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2008.01.21 03:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.10.26 14:28:06 | 001,524,512 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)


========== Driver Services (SafeList) ==========

DRV - [2011.03.02 12:40:54 | 000,160,576 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2011.01.17 09:10:26 | 000,251,560 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\System32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2011.01.17 08:11:12 | 000,125,248 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2011.01.12 10:36:22 | 000,089,472 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)
DRV - [2010.07.10 05:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.07.08 08:49:10 | 000,057,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctNdis.sys -- (pctNdisMP)
DRV - [2010.07.08 08:49:10 | 000,057,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pctNdis.sys -- (pctNdis)
DRV - [2007.10.26 14:27:00 | 000,306,300 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2007.01.31 13:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
DRV - [2007.01.18 16:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006.11.02 08:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========







IE - HKU\S-1-5-21-3660284441-3406738706-2838319646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15425&l=dis
IE - HKU\S-1-5-21-3660284441-3406738706-2838319646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3660284441-3406738706-2838319646-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user_11\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user_11\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user_11\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\PFiles\Plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\user_11\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\user_11\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Google Update (Enabled) = C:\Users\user_11\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google-keres\u00E9s = C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: AT_MariahCarey = C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\eodbbhbmhfemocgkhhihfjnkifmcjmoi\3_0\
CHR - Extension: AdBlock = C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.16_0\
CHR - Extension: Gmail = C:\Users\user_11\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.02.04 21:37:49 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3660284441-3406738706-2838319646-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3660284441-3406738706-2838319646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-3660284441-3406738706-2838319646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A49D185-201E-4691-879E-01878F697AC6}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img22.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img22.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 30 Days ==========

[2012.02.05 09:34:43 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\user_11\Desktop\OTL.exe
[2012.02.04 22:37:41 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.02.04 22:37:14 | 002,322,184 | ---- | C] (ESET) -- C:\Users\user_11\Desktop\esetsmartinstaller_hun.exe
[2012.02.04 22:32:29 | 001,692,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Users\user_11\Desktop\avg_remover_stf_x86_2012_1796.exe
[2012.02.04 21:41:50 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.02.04 21:37:57 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.02.04 21:24:47 | 004,396,501 | R--- | C] (Swearware) -- C:\Users\user_11\Desktop\ComboFix.exe
[2012.02.04 20:13:58 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.02.04 20:13:58 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.02.04 20:13:58 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.02.04 20:13:53 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012.02.04 20:13:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.02.04 12:45:46 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.02.04 12:45:45 | 000,000,000 | ---D | C] -- C:\rsit
[2012.02.04 09:40:39 | 000,000,000 | ---D | C] -- C:\Users\user_11\DoctorWeb
[2012.02.03 14:04:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012.02.03 10:58:24 | 000,000,000 | ---D | C] -- C:\Users\user_11\AppData\Local\JollyBear
[2012.02.03 10:58:24 | 000,000,000 | ---D | C] -- C:\ProgramData\JollyBear
[2012.02.03 08:38:13 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.02.03 08:30:03 | 000,000,000 | ---D | C] -- C:\Users\user_11\AppData\Roaming\PCToolsFirewallPlus
[2012.02.03 08:29:21 | 000,218,592 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2012.02.03 08:29:21 | 000,160,576 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2012.02.03 08:29:19 | 000,251,560 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2012.02.03 08:29:19 | 000,105,280 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2012.02.03 08:27:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Firewall Plus
[2012.02.03 08:27:25 | 000,089,472 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctNdis-PacketFilter.sys
[2012.02.03 08:27:25 | 000,057,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctNdis.sys
[2012.02.03 08:27:25 | 000,032,808 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctNdis-DNS.sys
[2012.02.03 08:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2012.02.03 08:27:24 | 000,125,248 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplfw.sys
[2012.02.03 08:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Firewall Plus
[2012.02.03 07:43:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2012.02.03 07:43:44 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2012.02.03 07:43:18 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2012.02.03 07:42:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.02.03 07:42:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.02.02 18:20:33 | 000,000,000 | ---D | C] -- C:\Program Files\LeeGT-Games
[2012.02.02 18:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Big City Adventure 5 - London Story
[2012.02.02 17:00:47 | 000,000,000 | ---D | C] -- C:\Users\user_11\Desktop\jfrisstettbelpsianyag_trsasvllalkozs
[2012.02.02 17:00:38 | 000,000,000 | ---D | C] -- C:\Users\user_11\Desktop\FW__2011.08._11-13._alaptanfolyam_dokumentációi
[2012.02.02 16:38:37 | 000,000,000 | ---D | C] -- C:\Users\user_11\AppData\Roaming\WinRAR
[2012.02.02 16:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.02.02 16:38:36 | 000,000,000 | ---D | C] -- C:\Users\user_11\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.02.02 16:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.02.02 15:54:44 | 000,000,000 | ---D | C] -- C:\Users\user_11\Desktop\anya
[2012.02.02 08:30:34 | 000,000,000 | ---D | C] -- C:\Users\user_11\AppData\Roaming\AVG
[2012.02.02 08:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012.02.01 17:37:15 | 000,000,000 | ---D | C] -- C:\Users\user_11\AppData\Local\Mozilla
[2012.01.11 08:12:06 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012.01.11 08:12:04 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012.01.11 08:12:03 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.01.11 08:12:01 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.01.11 08:12:01 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll

========== Files - Modified Within 30 Days ==========

[2012.02.05 10:21:46 | 000,056,069 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.02.05 10:21:46 | 000,056,069 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.02.05 10:21:34 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.05 10:21:34 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.05 10:21:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.05 10:21:25 | 1073,004,544 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.05 10:03:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000UA.job
[2012.02.05 09:34:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\user_11\Desktop\OTL.exe
[2012.02.04 22:37:09 | 002,322,184 | ---- | M] (ESET) -- C:\Users\user_11\Desktop\esetsmartinstaller_hun.exe
[2012.02.04 22:32:22 | 001,692,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\user_11\Desktop\avg_remover_stf_x86_2012_1796.exe
[2012.02.04 21:37:49 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.02.04 21:25:00 | 004,396,501 | R--- | M] (Swearware) -- C:\Users\user_11\Desktop\ComboFix.exe
[2012.02.04 21:22:33 | 000,001,968 | ---- | M] () -- C:\Users\user_11\Documents\cc_20120204_212221.reg
[2012.02.04 17:22:16 | 000,001,356 | ---- | M] () -- C:\Users\user_11\AppData\Local\d3d9caps.dat
[2012.02.03 11:03:03 | 000,000,994 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000Core.job
[2012.02.03 08:41:47 | 000,010,940 | ---- | M] () -- C:\Users\user_11\Documents\cc_20120203_084111.reg
[2012.02.01 18:29:34 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.01.26 11:25:14 | 000,002,052 | ---- | M] () -- C:\Users\user_11\Desktop\Google Chrome.lnk
[2012.01.26 11:25:14 | 000,002,014 | ---- | M] () -- C:\Users\user_11\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012.01.12 03:04:04 | 000,613,306 | ---- | M] () -- C:\Windows\System32\perfh00E.dat
[2012.01.12 03:04:04 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.12 03:04:04 | 000,144,850 | ---- | M] () -- C:\Windows\System32\perfc00E.dat
[2012.01.12 03:04:04 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2012.02.05 08:51:30 | 1073,004,544 | -HS- | C] () -- C:\hiberfil.sys
[2012.02.04 21:22:26 | 000,001,968 | ---- | C] () -- C:\Users\user_11\Documents\cc_20120204_212221.reg
[2012.02.04 20:13:58 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.02.04 20:13:58 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.02.04 20:13:58 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.02.04 20:13:58 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.02.04 20:13:58 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.02.03 08:41:15 | 000,010,940 | ---- | C] () -- C:\Users\user_11\Documents\cc_20120203_084111.reg
[2011.11.11 09:33:30 | 000,024,206 | ---- | C] () -- C:\Users\user_11\AppData\Roaming\UserTile.png
[2011.04.01 09:47:58 | 000,006,144 | ---- | C] () -- C:\Users\user_11\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.13 11:52:14 | 000,413,696 | ---- | C] () -- C:\Windows\System32\ZSM1120.exe
[2010.12.13 11:52:14 | 000,167,936 | ---- | C] () -- C:\Windows\System32\hpsfs.dll
[2010.12.11 11:36:25 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.12.11 11:36:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.12.11 11:35:46 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010.12.06 16:53:01 | 000,056,069 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.12.06 16:53:01 | 000,056,069 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.12.06 15:57:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010.12.03 15:27:19 | 000,001,356 | ---- | C] () -- C:\Users\user_11\AppData\Local\d3d9caps.dat
[2008.01.21 07:53:15 | 000,613,306 | ---- | C] () -- C:\Windows\System32\perfh00E.dat
[2008.01.21 07:53:15 | 000,283,574 | ---- | C] () -- C:\Windows\System32\perfi00E.dat
[2008.01.21 07:53:15 | 000,144,850 | ---- | C] () -- C:\Windows\System32\perfc00E.dat
[2008.01.21 07:53:15 | 000,047,554 | ---- | C] () -- C:\Windows\System32\perfd00E.dat
[2007.10.26 14:28:18 | 000,197,408 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2006.11.02 13:56:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:43 | 000,372,176 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 11:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2012.02.02 08:31:09 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\AVG
[2010.12.21 12:25:43 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\AVG10
[2011.04.27 12:31:04 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\GHISLER
[2012.02.03 08:30:19 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\PCToolsFirewallPlus
[2011.11.11 09:33:30 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\PeerNetworking
[2012.02.05 10:20:42 | 000,032,524 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.11.03 07:23:19 | 000,638,240 | ---- | M] (Microsoft Corporation) MD5=CCDB0B2D1F2E016966B1DB1097E24842 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2006.11.02 13:36:30 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2008.08.08 11:09:50 | 000,057,344 | ---- | M] (Zenographics, Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\zimfprnt.dll
[2008.01.21 07:46:14 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\hu-HU\LMPRTPRC.DLL.mui

< %systemroot%\system32\Spool\prtprocs\*.* /s >
[2006.11.02 13:36:30 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll
[2008.08.08 11:09:50 | 000,057,344 | ---- | M] (Zenographics, Inc.) -- C:\Windows\system32\Spool\prtprocs\w32x86\zimfprnt.dll
[2008.01.21 07:46:14 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\system32\Spool\prtprocs\w32x86\hu-HU\LMPRTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /10 >

< %systemroot%\system32\drivers\*.sys /X >
[2006.09.18 22:26:46 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2006.09.18 22:26:46 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2008.01.21 03:24:15 | 000,000,003 | ---- | M] () -- C:\Windows\system32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2011.04.01 09:39:33 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010.07.10 05:37:00 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvBridge.kmd

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /10 >
[2012.02.05 10:21:34 | 000,003,712 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.05 10:21:34 | 000,003,712 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.01 18:29:34 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\config\*.sav >
[2008.01.21 04:20:25 | 017,223,680 | ---- | M] () -- C:\Windows\system32\config\COMPONENTS.SAV
[2008.01.21 04:20:08 | 000,106,496 | ---- | M] () -- C:\Windows\system32\config\DEFAULT.SAV
[2008.01.21 04:20:25 | 000,020,480 | ---- | M] () -- C:\Windows\system32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\system32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\system32\config\SYSTEM.SAV

< %systemroot%\Tasks\*.job >
[2012.02.03 11:03:03 | 000,000,994 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000Core.job
[2012.02.05 10:03:00 | 000,001,046 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000UA.job

< %systemroot%\*.* /U /s >
[12 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\b96d50058973e3df62dac7c0e0c51b67\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b96d50058973e3df62dac7c0e0c51b67\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\*.tmp -> ]

< %systemroot%\*. /rp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Nabídka Start\*.lnk /x >

< %ALLUSERSPROFILE%\Data Aplikácií\*.* >

< %ALLUSERSPROFILE%\Data Aplikácií\*.exe /s >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %APPDATA%\*. >
[2011.06.03 11:11:36 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\Adobe
[2012.02.02 08:31:09 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\AVG
[2010.12.21 12:25:43 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\AVG10
[2011.04.27 12:31:04 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\GHISLER
[2010.12.03 15:27:24 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\Identities
[2010.12.11 11:24:56 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\Macromedia
[2011.07.13 12:04:23 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\Malwarebytes
[2011.09.05 11:17:23 | 000,000,000 | --SD | M] -- C:\Users\user_11\AppData\Roaming\Microsoft
[2010.12.21 12:13:10 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\Nero
[2012.02.03 08:30:19 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\PCToolsFirewallPlus
[2011.11.11 09:33:30 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\PeerNetworking
[2012.02.02 16:39:22 | 000,000,000 | ---D | M] -- C:\Users\user_11\AppData\Roaming\WinRAR

< %APPDATA%\*.* >
[2011.11.11 09:33:30 | 000,024,206 | ---- | M] () -- C:\Users\user_11\AppData\Roaming\UserTile.png

< %APPDATA%\*.exe /s >

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\system32|bak;true;false;false /fp >

< %PROGRAMFILES%|bak;true;false;false /fp >

========== Alternate Data Streams ==========

@Alternate Data Stream - 172 bytes -> C:\Users\user_11\Documents\könyvelő2.JPG:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 172 bytes -> C:\Users\user_11\Documents\könyvelő.JPG:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 172 bytes -> C:\Users\user_11\Desktop\lista.JPG:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:C31F31E6

< End of report >

OTL Extras logfile created on: 2012.02.05. 10:44:57 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\user_11\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 0000040e | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.

1022,58 Mb Total Physical Memory | 530,85 Mb Available Physical Memory | 51,91% Memory free
2,25 Gb Paging File | 1,65 Gb Available in Paging File | 73,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 200,61 Gb Free Space | 86,14% Space Free | Partition Type: NTFS

Computer Name: INTENSA-11 | User Name: user_11 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{924B0779-C09C-431C-B3AC-BAAC882A2FF8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23A8E242-AE55-4E68-B713-DD673974BFE8}" = Big City Adventure 5 - London Story
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5380C741-5656-387C-9FB0-3E45D07F864A}" = Microsoft .NET Framework 3.5 Language Pack SP1 - hun
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{871DF2BE-41D2-4334-AC33-839AF16FC8FE}" = Cisco Systems VPN Client 5.0.02.0090
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-040E-0000-0000000FF1CE}" = Microsoft Office Access MUI (Hungarian) 2007
"{90120000-0015-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040E-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Hungarian) 2007
"{90120000-0016-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040E-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Hungarian) 2007
"{90120000-0018-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040E-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Hungarian) 2007
"{90120000-0019-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040E-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Hungarian) 2007
"{90120000-001A-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040E-0000-0000000FF1CE}" = Microsoft Office Word MUI (Hungarian) 2007
"{90120000-001B-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROHYBRIDR_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040E-0000-0000000FF1CE}" = Microsoft Office Proofing (Hungarian) 2007
"{90120000-006E-040E-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Hungarian) 2007
"{90120000-006E-040E-0000-0000000FF1CE}_PROHYBRIDR_{B3C14F81-2C4A-400D-9ECE-55A667F8F737}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-1038-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Hungarian
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{FD031145-2925-3FEF-9A4E-64047AAD8951}" = Microsoft .NET Framework 4 Client Profile HUN Language Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"ESET Online Scanner" = ESET Online Scanner v3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware 1.51.2.1300 verzió
"Microsoft .NET Framework 3.5 Language Pack SP1 - hun" = Nyelvi csomag a Microsoft .NET-keretrendszer 3.5 1. szervizcsomagjához – HUN
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile HUN Language Pack" = A Microsoft .NET-keretrendszer 4-es verziójához tartozó ügyfélprofil HUN nyelvi csomagja
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PC Tools Firewall Plus" = PC Tools Firewall Plus 7.0
"PROHYBRIDR" = 2007 Microsoft Office system
"Speccy" = Speccy
"Totalcmd" = Total Commander (Remove or Repair)
"WinRAR archiver" = WinRAR 4.10 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3660284441-3406738706-2838319646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Nero Toolbar Updater
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2012.02.04. 17:07:18 | Computer Name = INTENSA-11 | Source = WinMgmt | ID = 10
Description =

Error - 2012.02.04. 17:13:19 | Computer Name = INTENSA-11 | Source = EventSystem | ID = 4609
Description =

Error - 2012.02.04. 17:14:22 | Computer Name = INTENSA-11 | Source = WinMgmt | ID = 10
Description =

Error - 2012.02.04. 17:34:45 | Computer Name = INTENSA-11 | Source = EventSystem | ID = 4609
Description =

Error - 2012.02.04. 17:35:45 | Computer Name = INTENSA-11 | Source = Application Error | ID = 1000
Description = A hibát okozó alkalmazás: chrome.exe, verzió: 16.0.912.77, időbélyeg:
0x4f18cd7b, a hibát okozó modul: avgnpss.dll, verziószám: 10.0.0.1409, időbélyeg:
0x4e695b00, kivételkód: 0xc0000005, hiba pozíciója: 0x000d6e8c, folyamatazonosító:
0x3a8, az alkalmazás indításának időpontja: 0x01cce384f3a8cf76.

Error - 2012.02.04. 17:35:50 | Computer Name = INTENSA-11 | Source = WinMgmt | ID = 10
Description =

Error - 2012.02.04. 18:18:38 | Computer Name = INTENSA-11 | Source = Application Error | ID = 1000
Description = A hibát okozó alkalmazás: chrome.exe, verzió: 16.0.912.77, időbélyeg:
0x4f18cd7b, a hibát okozó modul: avgnpss.dll, verziószám: 10.0.0.1409, időbélyeg:
0x4e695b00, kivételkód: 0xc0000005, hiba pozíciója: 0x000d6e8c, folyamatazonosító:
0x11c, az alkalmazás indításának időpontja: 0x01cce38af0dc5e9c.

Error - 2012.02.04. 18:26:19 | Computer Name = INTENSA-11 | Source = Microsoft-Windows-CAPI2 | ID = 131584
Description =

Error - 2012.02.05. 3:53:06 | Computer Name = INTENSA-11 | Source = WinMgmt | ID = 10
Description =

Error - 2012.02.05. 5:23:11 | Computer Name = INTENSA-11 | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2012.02.04. 17:13:13 | Computer Name = INTENSA-11 | Source = DCOM | ID = 10005
Description =

Error - 2012.02.04. 17:13:19 | Computer Name = INTENSA-11 | Source = DCOM | ID = 10005
Description =

Error - 2012.02.04. 17:13:22 | Computer Name = INTENSA-11 | Source = DCOM | ID = 10005
Description =

Error - 2012.02.04. 17:14:23 | Computer Name = INTENSA-11 | Source = Service Control Manager | ID = 7001
Description =

Error - 2012.02.04. 17:14:23 | Computer Name = INTENSA-11 | Source = Service Control Manager | ID = 7026
Description =

Error - 2012.02.04. 17:34:39 | Computer Name = INTENSA-11 | Source = DCOM | ID = 10005
Description =

Error - 2012.02.04. 17:34:45 | Computer Name = INTENSA-11 | Source = DCOM | ID = 10005
Description =

Error - 2012.02.04. 17:34:48 | Computer Name = INTENSA-11 | Source = DCOM | ID = 10005
Description =

Error - 2012.02.04. 17:35:50 | Computer Name = INTENSA-11 | Source = Service Control Manager | ID = 7001
Description =

Error - 2012.02.04. 17:35:50 | Computer Name = INTENSA-11 | Source = Service Control Manager | ID = 7026
Description =


< End of report >


vas. feb. 05, 2012 11:01
Profil
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
Igen az user11 rendszergazda!
Csinálom OTL-t !


vas. feb. 05, 2012 10:41
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
ok, hagyd ki ezt a lepest es futtasd az OTL, programot,
A fiokod Rendszergazdai joggokal rendelkezik??


vas. feb. 05, 2012 10:31
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
Sajnálom,de ugyanazt írja!


vas. feb. 05, 2012 10:26
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
ok, meg probald igy
Win+R
beirni az ablakba cmd
benyomni Shift+Ctrl
Es ENTER
Beirni az ablakba az chkdsk c: /f/r
Enter
Restart, ha hibat jelez akkor irni


vas. feb. 05, 2012 10:16
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
Hát lehet ,hogy én nagyon béna vagyok,de ez nem megy!
Beírom cmd,klikk ok kiadott képernyőn klikk jobb gomb,de nem írki sehol olyan lehetőséget ,hogy rendszergazdai futtatás


vas. feb. 05, 2012 10:14
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
Igen, a parancssort futtatni mind rendszergazda, tehat jobb klik a parancsorra es futtasd mind rendszergazda,
tehat nyomd be az Win+R, ird be cmd
aztan jobb klik a cmd, futtatni mint rendszergazda,ha nemmegy irni.


vas. feb. 05, 2012 9:57
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
stell írta:
eloszor az Chkdsk c:/f/r

Sajnos ezt nem engedi,azt írja
A hozzáférés megtagadva mert nem rendelkezik megfelelő engedélyekkel
Ezen segédprogram meghívásához emelt szintű engedélyek szükségesek


vas. feb. 05, 2012 9:52
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
Nem, eloszor az Chkdsk c:/f/r
parancs, enter,, restart es hagyad a vizsgalatot, aztan mikkor vegez, az OTL


vas. feb. 05, 2012 9:46
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
Az AVG PC tenup letelepítve!
Lenne még egy kérdésem mielőtt a többit elkezdem,hogy az OTLS dolgot a chkdsk vizsgálat előtt csináljam?
Itt a kért log:

09:49:14.0693 0656 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49
09:49:15.0895 0656 ============================================================
09:49:15.0895 0656 Current date / time: 2012/02/03 09:49:15.0895
09:49:15.0895 0656 SystemInfo:
09:49:15.0895 0656
09:49:15.0895 0656 OS Version: 6.0.6002 ServicePack: 2.0
09:49:15.0895 0656 Product type: Workstation
09:49:15.0895 0656 ComputerName: INTENSA-11
09:49:15.0896 0656 UserName: user_11
09:49:15.0896 0656 Windows directory: C:\Windows
09:49:15.0896 0656 System windows directory: C:\Windows
09:49:15.0896 0656 Processor architecture: Intel x86
09:49:15.0896 0656 Number of processors: 2
09:49:15.0896 0656 Page size: 0x1000
09:49:15.0896 0656 Boot type: Normal boot
09:49:15.0896 0656 ============================================================
09:49:17.0866 0656 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:49:17.0896 0656 \Device\Harddisk0\DR0:
09:49:17.0896 0656 MBR used
09:49:17.0897 0656 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
09:49:17.0924 0656 Initialize success
09:49:17.0924 0656 ============================================================
09:49:41.0858 4200 ============================================================
09:49:41.0858 4200 Scan started
09:49:41.0858 4200 Mode: Manual;
09:49:41.0858 4200 ============================================================
09:49:42.0733 4200 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
09:49:42.0748 4200 ACPI - ok
09:49:42.0827 4200 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
09:49:42.0842 4200 adp94xx - ok
09:49:42.0889 4200 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
09:49:42.0889 4200 adpahci - ok
09:49:42.0920 4200 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
09:49:42.0936 4200 adpu160m - ok
09:49:42.0983 4200 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
09:49:42.0983 4200 adpu320 - ok
09:49:43.0045 4200 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
09:49:43.0108 4200 AFD - ok
09:49:43.0155 4200 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
09:49:43.0155 4200 agp440 - ok
09:49:43.0202 4200 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
09:49:43.0233 4200 aic78xx - ok
09:49:43.0264 4200 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
09:49:43.0264 4200 aliide - ok
09:49:43.0295 4200 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
09:49:43.0295 4200 amdagp - ok
09:49:43.0327 4200 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
09:49:43.0327 4200 amdide - ok
09:49:43.0342 4200 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
09:49:43.0373 4200 AmdK7 - ok
09:49:43.0389 4200 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
09:49:43.0420 4200 AmdK8 - ok
09:49:43.0467 4200 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
09:49:43.0483 4200 arc - ok
09:49:43.0498 4200 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
09:49:43.0498 4200 arcsas - ok
09:49:43.0530 4200 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
09:49:43.0530 4200 AsyncMac - ok
09:49:43.0561 4200 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
09:49:43.0561 4200 atapi - ok
09:49:43.0639 4200 AVGIDSDriver (1c8d965bbcaa9ee5defdb54743437086) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
09:49:43.0655 4200 AVGIDSDriver - ok
09:49:43.0702 4200 AVGIDSEH (c59c9bc3f0612bd207ccdc5d8cb9ce39) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
09:49:43.0702 4200 AVGIDSEH - ok
09:49:43.0717 4200 AVGIDSFilter (c5559de2ec66cede15a1664f6d183d8e) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
09:49:43.0717 4200 AVGIDSFilter - ok
09:49:43.0764 4200 AVGIDSShim (ae5e9667fa40206796d1bd5bd0427a8a) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
09:49:43.0764 4200 AVGIDSShim - ok
09:49:43.0842 4200 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\Windows\system32\DRIVERS\avgldx86.sys
09:49:43.0858 4200 Avgldx86 - ok
09:49:43.0905 4200 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\Windows\system32\DRIVERS\avgmfx86.sys
09:49:43.0920 4200 Avgmfx86 - ok
09:49:43.0936 4200 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\Windows\system32\DRIVERS\avgrkx86.sys
09:49:43.0936 4200 Avgrkx86 - ok
09:49:43.0967 4200 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\Windows\system32\DRIVERS\avgtdix.sys
09:49:43.0983 4200 Avgtdix - ok
09:49:44.0014 4200 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
09:49:44.0030 4200 Beep - ok
09:49:44.0077 4200 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
09:49:44.0077 4200 blbdrive - ok
09:49:44.0108 4200 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
09:49:44.0139 4200 bowser - ok
09:49:44.0186 4200 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
09:49:44.0202 4200 BrFiltLo - ok
09:49:44.0248 4200 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
09:49:44.0264 4200 BrFiltUp - ok
09:49:44.0295 4200 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
09:49:44.0327 4200 Brserid - ok
09:49:44.0358 4200 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
09:49:44.0389 4200 BrSerWdm - ok
09:49:44.0420 4200 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
09:49:44.0420 4200 BrUsbMdm - ok
09:49:44.0436 4200 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
09:49:44.0467 4200 BrUsbSer - ok
09:49:44.0498 4200 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
09:49:44.0498 4200 BTHMODEM - ok
09:49:44.0545 4200 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
09:49:44.0592 4200 cdfs - ok
09:49:44.0686 4200 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
09:49:44.0717 4200 cdrom - ok
09:49:44.0764 4200 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
09:49:44.0764 4200 circlass - ok
09:49:44.0795 4200 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
09:49:44.0811 4200 CLFS - ok
09:49:44.0858 4200 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
09:49:44.0858 4200 cmdide - ok
09:49:44.0889 4200 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
09:49:44.0889 4200 Compbatt - ok
09:49:44.0905 4200 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
09:49:44.0920 4200 crcdisk - ok
09:49:44.0936 4200 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
09:49:44.0952 4200 Crusoe - ok
09:49:45.0030 4200 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
09:49:45.0030 4200 CSC - ok
09:49:45.0077 4200 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys
09:49:45.0092 4200 CVirtA - ok
09:49:45.0170 4200 CVPNDRVA (8a15d7bd4cf1a8ccd7c65f7349f22e35) C:\Windows\system32\Drivers\CVPNDRVA.sys
09:49:45.0202 4200 CVPNDRVA - ok
09:49:45.0233 4200 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
09:49:45.0233 4200 DfsC - ok
09:49:45.0358 4200 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
09:49:45.0436 4200 disk - ok
09:49:45.0498 4200 DNE (7b4fdfbe97c047175e613aa96f3de987) C:\Windows\system32\DRIVERS\dne2000.sys
09:49:45.0498 4200 DNE - ok
09:49:45.0561 4200 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
09:49:45.0577 4200 drmkaud - ok
09:49:45.0717 4200 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
09:49:45.0733 4200 DXGKrnl - ok
09:49:45.0780 4200 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
09:49:45.0827 4200 E1G60 - ok
09:49:45.0920 4200 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
09:49:45.0936 4200 Ecache - ok
09:49:45.0983 4200 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
09:49:45.0983 4200 elxstor - ok
09:49:46.0014 4200 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
09:49:46.0045 4200 ErrDev - ok
09:49:46.0108 4200 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
09:49:46.0139 4200 exfat - ok
09:49:46.0202 4200 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
09:49:46.0233 4200 fastfat - ok
09:49:46.0264 4200 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
09:49:46.0264 4200 fdc - ok
09:49:46.0295 4200 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
09:49:46.0295 4200 FileInfo - ok
09:49:46.0311 4200 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
09:49:46.0327 4200 Filetrace - ok
09:49:46.0342 4200 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
09:49:46.0389 4200 flpydisk - ok
09:49:46.0420 4200 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
09:49:46.0436 4200 FltMgr - ok
09:49:46.0452 4200 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
09:49:46.0483 4200 Fs_Rec - ok
09:49:46.0514 4200 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
09:49:46.0514 4200 gagp30kx - ok
09:49:46.0577 4200 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
09:49:46.0608 4200 HdAudAddService - ok
09:49:46.0733 4200 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:49:46.0748 4200 HDAudBus - ok
09:49:46.0780 4200 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
09:49:46.0795 4200 HidBth - ok
09:49:46.0827 4200 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
09:49:46.0858 4200 HidIr - ok
09:49:46.0889 4200 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
09:49:46.0905 4200 HidUsb - ok
09:49:46.0952 4200 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
09:49:46.0967 4200 HpCISSs - ok
09:49:47.0030 4200 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
09:49:47.0030 4200 HTTP - ok
09:49:47.0061 4200 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
09:49:47.0061 4200 i2omp - ok
09:49:47.0108 4200 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
09:49:47.0108 4200 i8042prt - ok
09:49:47.0139 4200 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
09:49:47.0155 4200 iaStorV - ok
09:49:47.0186 4200 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
09:49:47.0217 4200 iirsp - ok
09:49:47.0248 4200 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
09:49:47.0248 4200 intelide - ok
09:49:47.0264 4200 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
09:49:47.0264 4200 intelppm - ok
09:49:47.0295 4200 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:49:47.0311 4200 IpFilterDriver - ok
09:49:47.0342 4200 IpInIp - ok
09:49:47.0373 4200 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
09:49:47.0389 4200 IPMIDRV - ok
09:49:47.0420 4200 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
09:49:47.0436 4200 IPNAT - ok
09:49:47.0467 4200 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
09:49:47.0483 4200 IRENUM - ok
09:49:47.0514 4200 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
09:49:47.0514 4200 isapnp - ok
09:49:47.0608 4200 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
09:49:47.0608 4200 iScsiPrt - ok
09:49:47.0639 4200 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
09:49:47.0639 4200 iteatapi - ok
09:49:47.0686 4200 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
09:49:47.0702 4200 iteraid - ok
09:49:47.0717 4200 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
09:49:47.0717 4200 kbdclass - ok
09:49:47.0764 4200 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
09:49:47.0795 4200 kbdhid - ok
09:49:47.0873 4200 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
09:49:47.0889 4200 KSecDD - ok
09:49:47.0920 4200 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
09:49:47.0952 4200 lltdio - ok
09:49:47.0998 4200 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
09:49:48.0014 4200 LSI_FC - ok
09:49:48.0045 4200 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
09:49:48.0045 4200 LSI_SAS - ok
09:49:48.0092 4200 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
09:49:48.0092 4200 LSI_SCSI - ok
09:49:48.0123 4200 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
09:49:48.0123 4200 luafv - ok
09:49:48.0155 4200 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
09:49:48.0155 4200 megasas - ok
09:49:48.0186 4200 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
09:49:48.0202 4200 MegaSR - ok
09:49:48.0233 4200 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
09:49:48.0248 4200 Modem - ok
09:49:48.0280 4200 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
09:49:48.0280 4200 monitor - ok
09:49:48.0295 4200 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
09:49:48.0311 4200 mouclass - ok
09:49:48.0327 4200 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
09:49:48.0342 4200 mouhid - ok
09:49:48.0358 4200 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
09:49:48.0358 4200 MountMgr - ok
09:49:48.0405 4200 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
09:49:48.0420 4200 mpio - ok
09:49:48.0436 4200 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
09:49:48.0436 4200 mpsdrv - ok
09:49:48.0467 4200 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
09:49:48.0467 4200 Mraid35x - ok
09:49:48.0483 4200 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
09:49:48.0483 4200 MRxDAV - ok
09:49:48.0545 4200 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:49:48.0561 4200 mrxsmb - ok
09:49:48.0608 4200 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:49:48.0608 4200 mrxsmb10 - ok
09:49:48.0639 4200 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:49:48.0639 4200 mrxsmb20 - ok
09:49:48.0670 4200 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
09:49:48.0670 4200 msahci - ok
09:49:48.0702 4200 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
09:49:48.0702 4200 msdsm - ok
09:49:48.0748 4200 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
09:49:48.0748 4200 Msfs - ok
09:49:48.0780 4200 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
09:49:48.0780 4200 msisadrv - ok
09:49:48.0811 4200 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
09:49:48.0827 4200 MSKSSRV - ok
09:49:48.0858 4200 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
09:49:48.0889 4200 MSPCLOCK - ok
09:49:48.0905 4200 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
09:49:48.0920 4200 MSPQM - ok
09:49:48.0952 4200 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
09:49:48.0967 4200 MsRPC - ok
09:49:48.0983 4200 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
09:49:48.0983 4200 mssmbios - ok
09:49:49.0014 4200 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
09:49:49.0030 4200 MSTEE - ok
09:49:49.0061 4200 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
09:49:49.0061 4200 Mup - ok
09:49:49.0108 4200 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
09:49:49.0123 4200 NativeWifiP - ok
09:49:49.0248 4200 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
09:49:49.0264 4200 NDIS - ok
09:49:49.0280 4200 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
09:49:49.0280 4200 NdisTapi - ok
09:49:49.0311 4200 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
09:49:49.0311 4200 Ndisuio - ok
09:49:49.0358 4200 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
09:49:49.0373 4200 NdisWan - ok
09:49:49.0405 4200 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
09:49:49.0405 4200 NDProxy - ok
09:49:49.0420 4200 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
09:49:49.0420 4200 NetBIOS - ok
09:49:49.0436 4200 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
09:49:49.0452 4200 netbt - ok
09:49:49.0498 4200 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
09:49:49.0498 4200 nfrd960 - ok
09:49:49.0530 4200 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
09:49:49.0530 4200 Npfs - ok
09:49:49.0545 4200 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
09:49:49.0561 4200 nsiproxy - ok
09:49:49.0623 4200 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
09:49:49.0655 4200 Ntfs - ok
09:49:49.0686 4200 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
09:49:49.0686 4200 ntrigdigi - ok
09:49:49.0717 4200 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
09:49:49.0717 4200 Null - ok
09:49:50.0858 4200 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:49:51.0092 4200 nvlddmkm - ok
09:49:51.0327 4200 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
09:49:51.0342 4200 nvraid - ok
09:49:51.0358 4200 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
09:49:51.0358 4200 nvstor - ok
09:49:51.0420 4200 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
09:49:51.0436 4200 nv_agp - ok
09:49:51.0452 4200 NwlnkFlt - ok
09:49:51.0452 4200 NwlnkFwd - ok
09:49:51.0483 4200 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
09:49:51.0514 4200 ohci1394 - ok
09:49:51.0608 4200 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
09:49:51.0623 4200 Parport - ok
09:49:51.0655 4200 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
09:49:51.0655 4200 partmgr - ok
09:49:51.0670 4200 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
09:49:51.0702 4200 Parvdm - ok
09:49:51.0764 4200 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
09:49:51.0780 4200 pci - ok
09:49:51.0795 4200 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
09:49:51.0811 4200 pciide - ok
09:49:51.0827 4200 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
09:49:51.0842 4200 pcmcia - ok
09:49:51.0920 4200 PCTAppEvent (7ea0ebd6e5aa687e116eb185a7cfb667) C:\Windows\system32\drivers\PCTAppEvent.sys
09:49:51.0936 4200 PCTAppEvent - ok
09:49:51.0983 4200 PCTFW-PacketFilter (60af5fa418efe284fb81dbbf5a0391fb) C:\Windows\system32\drivers\pctNdis-PacketFilter.sys
09:49:51.0983 4200 PCTFW-PacketFilter - ok
09:49:52.0030 4200 pctgntdi (5be722c8c9bba995693c8cd524d83b27) C:\Windows\System32\drivers\pctgntdi.sys
09:49:52.0030 4200 pctgntdi - ok
09:49:52.0061 4200 pctNdis (3ec79cfb2e0e74aada8b561ed8904577) C:\Windows\system32\DRIVERS\pctNdis.sys
09:49:52.0061 4200 pctNdis - ok
09:49:52.0077 4200 pctNdisMP (3ec79cfb2e0e74aada8b561ed8904577) C:\Windows\system32\DRIVERS\pctNdis.sys
09:49:52.0077 4200 pctNdisMP - ok
09:49:52.0123 4200 pctplfw (fe6803af91ddb32ff8edf5d6c0d370af) C:\Windows\System32\drivers\pctplfw.sys
09:49:52.0139 4200 pctplfw - ok
09:49:52.0202 4200 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
09:49:52.0233 4200 PEAUTH - ok
09:49:52.0280 4200 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
09:49:52.0295 4200 PptpMiniport - ok
09:49:52.0311 4200 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
09:49:52.0327 4200 Processor - ok
09:49:52.0389 4200 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
09:49:52.0389 4200 PSched - ok
09:49:52.0467 4200 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
09:49:52.0514 4200 ql2300 - ok
09:49:52.0530 4200 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
09:49:52.0545 4200 ql40xx - ok
09:49:52.0561 4200 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
09:49:52.0561 4200 QWAVEdrv - ok
09:49:52.0592 4200 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
09:49:52.0592 4200 RasAcd - ok
09:49:52.0608 4200 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:49:52.0623 4200 Rasl2tp - ok
09:49:52.0655 4200 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
09:49:52.0670 4200 RasPppoe - ok
09:49:52.0717 4200 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
09:49:52.0748 4200 RasSstp - ok
09:49:52.0889 4200 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
09:49:52.0936 4200 rdbss - ok
09:49:52.0967 4200 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:49:52.0983 4200 RDPCDD - ok
09:49:53.0061 4200 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
09:49:53.0092 4200 rdpdr - ok
09:49:53.0108 4200 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
09:49:53.0108 4200 RDPENCDD - ok
09:49:53.0155 4200 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
09:49:53.0186 4200 RDPWD - ok
09:49:53.0233 4200 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
09:49:53.0233 4200 rspndr - ok
09:49:53.0280 4200 RTL8169 (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys
09:49:53.0280 4200 RTL8169 - ok
09:49:53.0311 4200 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
09:49:53.0342 4200 sbp2port - ok
09:49:53.0358 4200 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
09:49:53.0373 4200 secdrv - ok
09:49:53.0405 4200 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
09:49:53.0405 4200 Serenum - ok
09:49:53.0420 4200 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
09:49:53.0452 4200 Serial - ok
09:49:53.0467 4200 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
09:49:53.0467 4200 sermouse - ok
09:49:53.0514 4200 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
09:49:53.0545 4200 sffdisk - ok
09:49:53.0561 4200 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
09:49:53.0561 4200 sffp_mmc - ok
09:49:53.0592 4200 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
09:49:53.0592 4200 sffp_sd - ok
09:49:53.0623 4200 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
09:49:53.0623 4200 sfloppy - ok
09:49:53.0655 4200 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
09:49:53.0655 4200 sisagp - ok
09:49:53.0670 4200 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
09:49:53.0686 4200 SiSRaid2 - ok
09:49:53.0702 4200 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
09:49:53.0702 4200 SiSRaid4 - ok
09:49:53.0733 4200 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
09:49:53.0733 4200 Smb - ok
09:49:53.0764 4200 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
09:49:53.0764 4200 spldr - ok
09:49:53.0827 4200 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
09:49:53.0873 4200 srv - ok
09:49:53.0952 4200 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
09:49:53.0967 4200 srv2 - ok
09:49:54.0014 4200 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
09:49:54.0045 4200 srvnet - ok
09:49:54.0092 4200 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
09:49:54.0092 4200 swenum - ok
09:49:54.0123 4200 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
09:49:54.0123 4200 Symc8xx - ok
09:49:54.0155 4200 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
09:49:54.0170 4200 Sym_hi - ok
09:49:54.0202 4200 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
09:49:54.0202 4200 Sym_u3 - ok
09:49:54.0373 4200 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
09:49:54.0436 4200 Tcpip - ok
09:49:54.0452 4200 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
09:49:54.0467 4200 Tcpip6 - ok
09:49:54.0577 4200 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
09:49:54.0608 4200 tcpipreg - ok
09:49:54.0639 4200 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
09:49:54.0655 4200 TDPIPE - ok
09:49:54.0670 4200 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
09:49:54.0686 4200 TDTCP - ok
09:49:54.0748 4200 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
09:49:54.0780 4200 tdx - ok
09:49:54.0827 4200 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
09:49:54.0858 4200 TermDD - ok
09:49:54.0920 4200 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:49:54.0952 4200 tssecsrv - ok
09:49:54.0998 4200 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
09:49:54.0998 4200 tunmp - ok
09:49:55.0014 4200 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
09:49:55.0030 4200 tunnel - ok
09:49:55.0061 4200 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
09:49:55.0061 4200 uagp35 - ok
09:49:55.0092 4200 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
09:49:55.0092 4200 udfs - ok
09:49:55.0139 4200 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
09:49:55.0155 4200 uliagpkx - ok
09:49:55.0186 4200 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
09:49:55.0186 4200 uliahci - ok
09:49:55.0233 4200 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
09:49:55.0233 4200 UlSata - ok
09:49:55.0264 4200 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
09:49:55.0264 4200 ulsata2 - ok
09:49:55.0264 4200 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
09:49:55.0295 4200 umbus - ok
09:49:55.0342 4200 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
09:49:55.0373 4200 usbccgp - ok
09:49:55.0405 4200 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
09:49:55.0420 4200 usbcir - ok
09:49:55.0483 4200 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
09:49:55.0498 4200 usbehci - ok
09:49:55.0545 4200 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
09:49:55.0561 4200 usbhub - ok
09:49:55.0608 4200 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
09:49:55.0608 4200 usbohci - ok
09:49:55.0623 4200 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
09:49:55.0655 4200 usbprint - ok
09:49:55.0670 4200 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
09:49:55.0702 4200 usbscan - ok
09:49:55.0733 4200 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:49:55.0733 4200 USBSTOR - ok
09:49:55.0748 4200 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
09:49:55.0748 4200 usbuhci - ok
09:49:55.0795 4200 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
09:49:55.0795 4200 vga - ok
09:49:55.0827 4200 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
09:49:55.0827 4200 VgaSave - ok
09:49:55.0842 4200 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
09:49:55.0858 4200 viaagp - ok
09:49:55.0873 4200 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
09:49:55.0889 4200 ViaC7 - ok
09:49:55.0905 4200 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
09:49:55.0905 4200 viaide - ok
09:49:55.0920 4200 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
09:49:55.0920 4200 volmgr - ok
09:49:55.0967 4200 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
09:49:55.0983 4200 volmgrx - ok
09:49:55.0998 4200 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
09:49:55.0998 4200 volsnap - ok
09:49:56.0030 4200 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
09:49:56.0045 4200 vsmraid - ok
09:49:56.0092 4200 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
09:49:56.0108 4200 WacomPen - ok
09:49:56.0139 4200 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
09:49:56.0155 4200 Wanarp - ok
09:49:56.0170 4200 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
09:49:56.0170 4200 Wanarpv6 - ok
09:49:56.0202 4200 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
09:49:56.0202 4200 Wd - ok
09:49:56.0248 4200 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
09:49:56.0248 4200 Wdf01000 - ok
09:49:56.0373 4200 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
09:49:56.0389 4200 WmiAcpi - ok
09:49:56.0436 4200 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
09:49:56.0436 4200 ws2ifsl - ok
09:49:56.0514 4200 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:49:56.0514 4200 WUDFRd - ok
09:49:56.0561 4200 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
09:49:56.0608 4200 \Device\Harddisk0\DR0 - ok
09:49:56.0623 4200 Boot (0x1200) (e982a5627d1a44002757b95ec0eb607a) \Device\Harddisk0\DR0\Partition0
09:49:56.0623 4200 \Device\Harddisk0\DR0\Partition0 - ok
09:49:56.0623 4200 ============================================================
09:49:56.0623 4200 Scan finished
09:49:56.0623 4200 ============================================================
09:49:56.0639 4192 Detected object count: 0
09:49:56.0639 4192 Actual detected object count: 0
09:50:13.0077 0564 Deinitialize success


vas. feb. 05, 2012 9:39
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
Na meglassuk, mert hasznaltal majd minden virus eltavolito programot, es igy a nyomokat, elrejteted elolem.

ezt feltétlenül letelepíteni a Gépről
AVG PC tuneup

Es a parancssorba add be ezt a Parancsot,
chkdsk c: /f /r
enter>>beleegyezes>.restart es hagyod hogy az chkdsk megvizsgalja alemezet.

3: tedd meg ide ezt a naplot evvel a datomal a log.txt.
C:\TDSSKiller.2.7.9.0_03.02.2012_09.49.14_log.txt

4:Letolteni az asztalra>OTListIt2>>
http://oldtimer.geekstogo.com/OTL.exe
-Futatni
-bepipazni
-Scan all users.
-Lop check.
-Purity check.
-v sekciobaExtra Registry>bepotyozni>Use SafeList
-az ablakjaba -customscan/fixes masold be a textet-es klik RUNSCAN
-5-10 perc mulva add logot tedd ide
-OTL.txt (az asztalon lesz).
-exras.txt-a talcan lesz.

Kód:
netsvcs
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\Spool\prtprocs\*.* /s
%systemroot%\system32\drivers\*.sys /10
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /10
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job
%systemroot%\*.* /U /s
%systemroot%\*. /rp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Nabídka Start\*.lnk /x
%ALLUSERSPROFILE%\Data Aplikácií\*.*
%ALLUSERSPROFILE%\Data Aplikácií\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\system32|bak;true;false;false /fp
%PROGRAMFILES%|bak;true;false;false /fp


vas. feb. 05, 2012 9:26
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
Szia!
Még tegnap megcsináltam amiket írtál.
Az AVG letelepítődött,de maradt még valami AVG PC tuneup ezt mint kiderült egy kollégám telepítette.
Az ESET lefutott semmit nem talált
Most bekapcsoltam és rendes módban először csak fekete képernyő volt,már azt hittem semmi nem változott,amikor megjelent egy kis ablak amin hirtelen végigfutottak feliratok Kb 1mp alatt és most simán
működik minden! Az AVG lehetett a problémás?
Ide teszem az ESET logját,csak ezt találtam:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=59225a10ece1734db0bba6eb7db2721c
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-02-04 10:16:12
# local_time=2012-02-04 11:16:12 )
# country="Hungary"
# lang=1038
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 39211 39211 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 35479071 165924288 0 0
# compatibility_mode=8192 67108863 100 0 3725 3725 0 0
# scanned=91886
# found=0
# cleaned=0
# scan_time=2185


vas. feb. 05, 2012 9:09
Profil
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
Ok holnap!
Jó éjt!


szomb. feb. 04, 2012 22:29
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
Ok, holnap, csokkentet modban.
:majd le kell zsedni az AVG, evvel a programmal.
http://www.avg.com/us-en/utilities

Es Futtasd le az ESET online skanert, holnap a naplojat tedd ide
http://www.eset.hu/tamogatas/viruslabor ... ellenorzes
jo ejt.


szomb. feb. 04, 2012 22:23
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
Sajnos továbbra sem jó!
Most beadta a megszokott képernyőt,de továbbra sem működik semmi!
A tálcán a hálózatcsatlakozás pirosX a parancsikonok nem működnek,
a start menüből nem lehet indítani semmit,kikapcsolást sem.
Nem bánnám ha holnap folytatnánk ,ha lehet!


szomb. feb. 04, 2012 22:20
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
Igen, ezt a hibat a combofix neha kiirja, aztan a restart utan mar ok.
Tehat probald most a windowsba es ird meg mi van.


szomb. feb. 04, 2012 22:06
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
Hát ez nem akar összejönni!
Mielőtt a Combofix kiadta volna a logot újraindított és én nem nyomtam meg az F8-at
így rendes módban indult,de az üdvözlő szöveg után most már csak egy sötét
képernyő volt.Vártam de újra kellett indítani csökkentettben,ott adta ki a logot is.
Viszont közben a tálcán megjelent egy riasztás Windows biztonsági központ néven,
amikor pedig beakartam lépni a netbe,nem engedte,sőt azt írta,hogy olyan parancsra
kattintottam ami törlésre van ítélve,vagy valami ilyesmi.Ezért megint újra indítás csökkentettben
és csak így működött.
Bocsi ,hogy ezeket leírom,de hátha segít valamit.
Látom közben írtál,megpróbálom Újra!


szomb. feb. 04, 2012 22:03
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
Mi a helyzet?? probald ki es ird meg.


szomb. feb. 04, 2012 21:51
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
ComboFix 12-02-05.01 - user_11 012.02.04. 21:27:00.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.36.1038.18.1023.688 [GMT 1:00]
Running from: c:\users\user_11\Desktop\ComboFix.exe
Command switches used :: c:\users\user_11\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: PC Tools Firewall Plus *Enabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\assets\oobe\b.png
c:\program files\Ask.com\assets\oobe\bl.png
c:\program files\Ask.com\assets\oobe\br.png
c:\program files\Ask.com\assets\oobe\l.png
c:\program files\Ask.com\assets\oobe\pointer.png
c:\program files\Ask.com\assets\oobe\r.png
c:\program files\Ask.com\assets\oobe\t.png
c:\program files\Ask.com\assets\oobe\tl.png
c:\program files\Ask.com\assets\oobe\tr.png
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_9430.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\precache.exe
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\Updater\config.xml
c:\program files\Ask.com\Updater\Updater.exe
c:\program files\Ask.com\UpdateTask.exe
C:\uninstall.exe
c:\uninstall.exe\023.dat
c:\uninstall.exe\023v.dat
c:\uninstall.exe\3rr
c:\uninstall.exe\AppData.folder.dat
c:\uninstall.exe\AppDataFile.cfx
c:\uninstall.exe\AppDataFolder.cfx
c:\uninstall.exe\appinit.bad
c:\uninstall.exe\asp.str
c:\uninstall.exe\Assoc.cmd
c:\uninstall.exe\attr.dat
c:\uninstall.exe\ATTRIB.3XE
c:\uninstall.exe\av.cmd
c:\uninstall.exe\av.vbs
c:\uninstall.exe\AWF.cmd
c:\uninstall.exe\badclsid
c:\uninstall.exe\BFE.dat
c:\uninstall.exe\Boot-Rk.cmd
c:\uninstall.exe\Boot.bat
c:\uninstall.exe\BootDrv.vbs
c:\uninstall.exe\c.bat
c:\uninstall.exe\c.mrk
c:\uninstall.exe\Cache.folder.dat
c:\uninstall.exe\Catch-sub.cmd
c:\uninstall.exe\catchme.3XE
c:\uninstall.exe\CF-Script.cmd
c:\uninstall.exe\CF25024.3XE
c:\uninstall.exe\Cfiles.dat
c:\uninstall.exe\CHCP.bat
c:\uninstall.exe\clsid.c
c:\uninstall.exe\clsid.dat
c:\uninstall.exe\Combobatch.bat
c:\uninstall.exe\ComboFix-Download.3XE
c:\uninstall.exe\ConEnv.sed
c:\uninstall.exe\Cookies.folder.dat
c:\uninstall.exe\Create.cmd
c:\uninstall.exe\Creg.dat
c:\uninstall.exe\CregC.cmd
c:\uninstall.exe\CregC.dat
c:\uninstall.exe\CregC_.dat
c:\uninstall.exe\CSCRIPT.3XE
c:\uninstall.exe\CCS.bat
c:\uninstall.exe\d-delA.dat
c:\uninstall.exe\dd.3XE
c:\uninstall.exe\ddsDo.sed
c:\uninstall.exe\DelClsid.bat
c:\uninstall.exe\DelClsid64.bat
c:\uninstall.exe\Desktop.folder.dat
c:\uninstall.exe\desktop.ini
c:\uninstall.exe\DesktopFile.cfx
c:\uninstall.exe\DisclaimED.dat
c:\uninstall.exe\dll_whitelist.dat
c:\uninstall.exe\dnd.dat
c:\uninstall.exe\DPF.str
c:\uninstall.exe\DrvRun.vbs
c:\uninstall.exe\dumphive.3XE
c:\uninstall.exe\embedded.sed
c:\uninstall.exe\en-US\iexplore.exe
c:\uninstall.exe\Env.sed
c:\uninstall.exe\ERDNT.e_e
c:\uninstall.exe\ERDNTDOS.LOC
c:\uninstall.exe\ERDNTWIN.LOC
c:\uninstall.exe\ERUNT.3XE
c:\uninstall.exe\erunt.dat
c:\uninstall.exe\ERUNT.LOC
c:\uninstall.exe\Exe.reg
c:\uninstall.exe\extract.3XE
c:\uninstall.exe\f_system
c:\uninstall.exe\FavoriteFolder.cfx
c:\uninstall.exe\Favorites.folder.dat
c:\uninstall.exe\FavoritesFile.cfx
c:\uninstall.exe\FD-SV.cmd
c:\uninstall.exe\FdsvOK
c:\uninstall.exe\ffdefstr.dll
c:\uninstall.exe\FileKill.3XE
c:\uninstall.exe\files.pif
c:\uninstall.exe\Fin.dat
c:\uninstall.exe\FIND3M.bat
c:\uninstall.exe\FIXLSP.bat
c:\uninstall.exe\FKMGen.cmd
c:\uninstall.exe\ForeignWht
c:\uninstall.exe\Gateway
c:\uninstall.exe\GetHive.cmd
c:\uninstall.exe\grep.3XE
c:\uninstall.exe\gsar.3XE
c:\uninstall.exe\handle.3XE
c:\uninstall.exe\hidec.3XE
c:\uninstall.exe\history.bat
c:\uninstall.exe\History.folder.dat
c:\uninstall.exe\hu-HU\ATTRIB.3XE.mui
c:\uninstall.exe\hu-HU\CF25024.3XE.mui
c:\uninstall.exe\hu-HU\cmd.3XE.mui
c:\uninstall.exe\hu-HU\CSCRIPT.3XE.mui
c:\uninstall.exe\hu-HU\PING.3XE.mui
c:\uninstall.exe\hu-HU\REGT.3XE.mui
c:\uninstall.exe\hu-HU\ROUTE.3XE.mui
c:\uninstall.exe\iexplore.exe
c:\uninstall.exe\image001.gif
c:\uninstall.exe\Imefile.dat
c:\uninstall.exe\katch.cmd
c:\uninstall.exe\Kill-All.cmd
c:\uninstall.exe\kmd.dat
c:\uninstall.exe\Lang.bat
c:\uninstall.exe\List-B.bat
c:\uninstall.exe\List-C.bat
c:\uninstall.exe\List.bat
c:\uninstall.exe\lnkread.vbs
c:\uninstall.exe\LocalAppData.folder.dat
c:\uninstall.exe\LocalAppDataFile.cfx
c:\uninstall.exe\LocalAppDataFolder.cfx
c:\uninstall.exe\LocalService.dat
c:\uninstall.exe\LocalServiceNetworkRestricted.dat
c:\uninstall.exe\LocalSettings.folder.dat
c:\uninstall.exe\LocalSettingsFile.cfx
c:\uninstall.exe\LocalSystemNetworkRestricted.dat
c:\uninstall.exe\mbr.3XE
c:\uninstall.exe\mbr.chk
c:\uninstall.exe\md5sum.pif
c:\uninstall.exe\Mirrors
c:\uninstall.exe\MoveIt.bat
c:\uninstall.exe\mtee.3XE
c:\uninstall.exe\MUI
c:\uninstall.exe\Music.folder.dat
c:\uninstall.exe\MWindows.dat
c:\uninstall.exe\mynul.dat
c:\uninstall.exe\N_\17024
c:\uninstall.exe\N_\19529
c:\uninstall.exe\N_\2563
c:\uninstall.exe\N_\30281
c:\uninstall.exe\N_\32064
c:\uninstall.exe\N_\6873
c:\uninstall.exe\N_\7565
c:\uninstall.exe\N_\CmdLine00
c:\uninstall.exe\ncmd.com
c:\uninstall.exe\ND_.bat
c:\uninstall.exe\ND_64.bat
c:\uninstall.exe\ndis_combofix.dat
c:\uninstall.exe\NetHood.folder.dat
c:\uninstall.exe\netsvc.bad.dat
c:\uninstall.exe\netsvc.dat
c:\uninstall.exe\NetworkService.dat
c:\uninstall.exe\NirCmd.3XE
c:\uninstall.exe\NircmdB.exe
c:\uninstall.exe\NirCmdC.3XE
c:\uninstall.exe\NIRKMD.3XE
c:\uninstall.exe\NlsLanguageDefault
c:\uninstall.exe\notifykeys.dat
c:\uninstall.exe\notifykeysB.dat
c:\uninstall.exe\NT-OS.cmd
c:\uninstall.exe\NULL
c:\uninstall.exe\OsId.txt
c:\uninstall.exe\OSid.vbs
c:\uninstall.exe\pausep.3XE
c:\uninstall.exe\pend.txt
c:\uninstall.exe\Personal.folder.dat
c:\uninstall.exe\PersonalFile.cfx
c:\uninstall.exe\PersonalFolder.cfx
c:\uninstall.exe\pev.3XE
c:\uninstall.exe\PEV.exe
c:\uninstall.exe\pevb.3XE
c:\uninstall.exe\Pictures.folder.dat
c:\uninstall.exe\PING.3XE
c:\uninstall.exe\Policies.dat
c:\uninstall.exe\powp.dat
c:\uninstall.exe\PreDIR
c:\uninstall.exe\Prep.inf
c:\uninstall.exe\PrintHood.folder.dat
c:\uninstall.exe\Profiles.Folder.dat
c:\uninstall.exe\Profiles.Folder.folder.dat
c:\uninstall.exe\ProfilesFile.cfx
c:\uninstall.exe\ProfilesFolder.cfx
c:\uninstall.exe\progfile.dat
c:\uninstall.exe\Programs.folder.dat
c:\uninstall.exe\ProgramsFile.cfx
c:\uninstall.exe\ProgramsFolder.cfx
c:\uninstall.exe\Purity.dat
c:\uninstall.exe\PV.3XE
c:\uninstall.exe\pv.com
c:\uninstall.exe\rar_sfx.cmd
c:\uninstall.exe\RCLink.dat
c:\uninstall.exe\RcVer00
c:\uninstall.exe\Recent.folder.dat
c:\uninstall.exe\REGDACL.sed
c:\uninstall.exe\RegDo.sed
c:\uninstall.exe\region.dat
c:\uninstall.exe\RegScan.cmd
c:\uninstall.exe\RegScan64.cmd
c:\uninstall.exe\REGT.3XE
c:\uninstall.exe\Resident.txt
c:\uninstall.exe\restore_pt.dat
c:\uninstall.exe\restore_pt.vbs
c:\uninstall.exe\Rkey.cmd
c:\uninstall.exe\rmbr.3XE
c:\uninstall.exe\rogues.dat
c:\uninstall.exe\ROUTE.3XE
c:\uninstall.exe\run.sed
c:\uninstall.exe\run2.sed
c:\uninstall.exe\Rust.str
c:\uninstall.exe\s0rt.3XE
c:\uninstall.exe\safeboot.dat
c:\uninstall.exe\safeboot.def.dat
c:\uninstall.exe\sed.3XE
c:\uninstall.exe\SendTo.folder.dat
c:\uninstall.exe\SetEnvmt.bat
c:\uninstall.exe\setpath.3XE
c:\uninstall.exe\SetPath.bat
c:\uninstall.exe\setpath_N.cmd
c:\uninstall.exe\SF.exe
c:\uninstall.exe\sfx.cmd
c:\uninstall.exe\SnapShot.cmd
c:\uninstall.exe\SRestore.cmd
c:\uninstall.exe\srizbi.md5
c:\uninstall.exe\Start_dat
c:\uninstall.exe\StartMenu.folder.dat
c:\uninstall.exe\StartMenuFile.cfx
c:\uninstall.exe\StartMenuFolder.cfx
c:\uninstall.exe\StartUp.folder.dat
c:\uninstall.exe\StartUpFile.cfx
c:\uninstall.exe\SuppScan.cmd
c:\uninstall.exe\svc_wht.dat
c:\uninstall.exe\SvcDrv.vbs
c:\uninstall.exe\svchost.dat
c:\uninstall.exe\swreg.3XE
c:\uninstall.exe\swsc.3XE
c:\uninstall.exe\swxcacls.3XE
c:\uninstall.exe\SysPath.dat
c:\uninstall.exe\system_ini.dat
c:\uninstall.exe\tail.3XE
c:\uninstall.exe\temp00
c:\uninstall.exe\Templates.folder.dat
c:\uninstall.exe\TemplatesFile.cfx
c:\uninstall.exe\TemplatesFolder.cfx
c:\uninstall.exe\toolbar.sed
c:\uninstall.exe\unhand.dat
c:\uninstall.exe\Update-CF.cmd
c:\uninstall.exe\user_11.user.cf
c:\uninstall.exe\v_wht.dat
c:\uninstall.exe\VerCF.bat
c:\uninstall.exe\version.txt
c:\uninstall.exe\VikPev00
c:\uninstall.exe\Vikpev01
c:\uninstall.exe\VInfo
c:\uninstall.exe\VInfo2
c:\uninstall.exe\VINFO3
c:\uninstall.exe\Vipev.dat
c:\uninstall.exe\Vista.krl
c:\uninstall.exe\Vista.mac
c:\uninstall.exe\vistaMcode.dat
c:\uninstall.exe\vistareg.dat
c:\uninstall.exe\vRun_DLL
c:\uninstall.exe\vun.dat
c:\uninstall.exe\VwinTemp.dacl
c:\uninstall.exe\w_sock.dll
c:\uninstall.exe\w7Mcode.dat
c:\uninstall.exe\whiteAll.dat
c:\uninstall.exe\whitedir.dat
c:\uninstall.exe\whitedirCreated.dat
c:\uninstall.exe\Wmi_rem.vbs
c:\uninstall.exe\xpmcode.dat
c:\uninstall.exe\XPSBoot.reg
c:\uninstall.exe\zDomain.dat
c:\uninstall.exe\zhsvc.dat
c:\uninstall.exe\zip.3XE
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_64494552
.
.
((((((((((((((((((((((((( Files Created from 2012-01-04 to 2012-02-04 )))))))))))))))))))))))))))))))
.
.
2012-02-04 11:45 . 2012-02-04 11:46 -------- d-----w- c:\program files\trend micro
2012-02-04 11:45 . 2012-02-04 11:46 -------- d-----w- C:\rsit
2012-02-04 08:40 . 2012-02-04 08:40 -------- d-----w- c:\users\user_11\DoctorWeb
2012-02-03 09:58 . 2012-02-04 11:17 -------- d-----w- c:\programdata\JollyBear
2012-02-03 09:58 . 2012-02-03 09:58 -------- d-----w- c:\users\user_11\AppData\Local\JollyBear
2012-02-03 07:30 . 2012-02-03 07:30 -------- d-----w- c:\users\user_11\AppData\Roaming\PCToolsFirewallPlus
2012-02-03 07:29 . 2011-03-02 11:40 160576 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2012-02-03 07:29 . 2010-03-29 10:06 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2012-02-03 07:29 . 2011-03-24 11:39 105280 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2012-02-03 07:29 . 2011-01-17 08:10 251560 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2012-02-03 07:27 . 2012-02-04 11:17 -------- d-----w- c:\program files\Common Files\PC Tools
2012-02-03 07:27 . 2011-01-12 09:36 89472 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter.sys
2012-02-03 07:27 . 2010-07-08 07:49 57536 ----a-w- c:\windows\system32\drivers\pctNdis.sys
2012-02-03 07:27 . 2010-02-05 07:26 32808 ----a-w- c:\windows\system32\drivers\pctNdis-DNS.sys
2012-02-03 07:27 . 2011-01-17 07:11 125248 ----a-w- c:\windows\system32\drivers\pctplfw.sys
2012-02-03 07:27 . 2012-02-04 11:19 -------- d-----w- c:\program files\PC Tools Firewall Plus
2012-02-03 06:43 . 2012-02-04 11:17 -------- d-----w- c:\program files\Defraggler
2012-02-03 06:43 . 2012-02-04 11:17 -------- d-----w- c:\program files\Speccy
2012-02-03 06:42 . 2012-02-04 11:17 -------- d-----w- c:\program files\CCleaner
2012-02-02 17:20 . 2012-02-04 11:17 -------- d-----w- c:\program files\LeeGT-Games
2012-02-02 07:30 . 2012-02-02 07:31 -------- d-----w- c:\users\user_11\AppData\Roaming\AVG
2012-02-01 16:37 . 2012-02-01 16:37 -------- d-----w- c:\users\user_11\AppData\Local\Mozilla
2012-01-26 10:26 . 2011-11-17 06:48 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-26 10:26 . 2011-11-16 16:23 278528 ----a-w- c:\windows\system32\schannel.dll
2012-01-26 10:26 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-26 10:26 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-01-26 10:26 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll
2012-01-26 10:26 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe
2012-01-11 07:12 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll
2012-01-11 07:12 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-01-11 07:12 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 07:12 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-11 07:12 . 2011-12-01 15:21 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-01-11 07:12 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-01-11 07:12 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 07:12 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-01 17:29 . 2011-11-10 07:03 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 13:37 . 2011-12-15 07:20 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-11-08 14:42 . 2011-12-15 07:19 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2012-01-17 2339168]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2011-04-07 2672600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-12-07 11:36 136176 ----atw- c:\users\user_11\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000Core.job
- c:\users\user_11\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-07 11:36]
.
2012-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000UA.job
- c:\users\user_11\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-07 11:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://eu.ask.com?o=15425&l=dis
IE: E&xportálás a Microsoft Excel programba - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-04 21:39
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\windows\helppane.exe
.
**************************************************************************
.
Completion time: 2012-02-04 21:41:48 - machine was rebooted
ComboFix-quarantined-files.txt 2012-02-04 20:41
ComboFix2.txt 2012-02-04 20:08
ComboFix3.txt 2012-02-04 19:19
.
Pre-Run: 216 751 419 392 bájt szabad
Post-Run: 216 460 058 624 bájt szabad
.
- - End Of File - - 2E088A4E257954C9893F55801EDFCAC5


szomb. feb. 04, 2012 21:47
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
Nemm.....
Nevezd att a combofix ikonjat, uninstall.exe es futtasd, a combofix letelepítődik a geprol, aztan ujbol tolds le az asztalra, es dobd bele az CFScript.txt, a naplojat tedd ide.


szomb. feb. 04, 2012 20:56
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
Sajnos elfelejtettem átállítani a Combofix letöltésénél,hogy az asztalra tegye,de kitettem
parancsikonként,most ráhúzhatom arra?Onnan is indítottam el


szomb. feb. 04, 2012 20:52
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
c:\users\user_11\Downloads\ComboFix.exe

A combofixnek az Asztalon kell lenie.
Kinyitunk - Notepadot (Jegyzetfüzetet)igy: Start>futtatás>beírod: notepad
és bemásolod- a Kód: címszó alatt található zöld textet(Kód: szó nélkül), aztán a notepadba beillesztett textet elmentjük scriptnek az asztalra , úgy:- Fájl>Mentés Másként>Fájlnév>CFScript.txt>Fájl típusa>Minden fájl>Mentés.(Ásztálra),.Kész, az astalon lévő CFScript txt húzzunk rá a ComboFix ikonnyara. Es mostan megcsinalod eztett:
Kép
A combofix maga elindul es lehet hogy restartol es befejezi a scent.a naplojat tedd ide.

Kód:
KILLALL::
Driver::
64494552
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\DeterministicNetworks\DNE\Parameters]
Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
[-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ApnUpdater"=-
Folder::
c:\program files\Ask.com
ClearJavaCache::


szomb. feb. 04, 2012 20:42
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
ComboFix 12-02-05.01 - user_11 012.02.04. 20:14:51.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.36.1038.18.1023.556 [GMT 1:00]
Running from: c:\users\user_11\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: PC Tools Firewall Plus *Enabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Files Created from 2012-01-04 to 2012-02-04 )))))))))))))))))))))))))))))))
.
.
2012-02-04 19:18 . 2012-02-04 19:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-04 11:45 . 2012-02-04 11:46 -------- d-----w- c:\program files\trend micro
2012-02-04 11:45 . 2012-02-04 11:46 -------- d-----w- C:\rsit
2012-02-04 08:40 . 2012-02-04 08:40 -------- d-----w- c:\users\user_11\DoctorWeb
2012-02-03 09:58 . 2012-02-04 11:17 -------- d-----w- c:\programdata\JollyBear
2012-02-03 09:58 . 2012-02-03 09:58 -------- d-----w- c:\users\user_11\AppData\Local\JollyBear
2012-02-03 07:30 . 2012-02-03 07:30 -------- d-----w- c:\users\user_11\AppData\Roaming\PCToolsFirewallPlus
2012-02-03 07:29 . 2011-03-02 11:40 160576 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2012-02-03 07:29 . 2010-03-29 10:06 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2012-02-03 07:29 . 2011-03-24 11:39 105280 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2012-02-03 07:29 . 2011-01-17 08:10 251560 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2012-02-03 07:27 . 2012-02-04 11:17 -------- d-----w- c:\program files\Common Files\PC Tools
2012-02-03 07:27 . 2011-01-12 09:36 89472 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter.sys
2012-02-03 07:27 . 2010-07-08 07:49 57536 ----a-w- c:\windows\system32\drivers\pctNdis.sys
2012-02-03 07:27 . 2010-02-05 07:26 32808 ----a-w- c:\windows\system32\drivers\pctNdis-DNS.sys
2012-02-03 07:27 . 2011-01-17 07:11 125248 ----a-w- c:\windows\system32\drivers\pctplfw.sys
2012-02-03 07:27 . 2012-02-04 11:19 -------- d-----w- c:\program files\PC Tools Firewall Plus
2012-02-03 06:43 . 2012-02-04 11:17 -------- d-----w- c:\program files\Defraggler
2012-02-03 06:43 . 2012-02-04 11:17 -------- d-----w- c:\program files\Speccy
2012-02-03 06:42 . 2012-02-04 11:17 -------- d-----w- c:\program files\CCleaner
2012-02-02 17:20 . 2012-02-04 11:17 -------- d-----w- c:\program files\LeeGT-Games
2012-02-02 07:30 . 2012-02-02 07:31 -------- d-----w- c:\users\user_11\AppData\Roaming\AVG
2012-02-01 16:37 . 2012-02-01 16:37 -------- d-----w- c:\users\user_11\AppData\Local\Mozilla
2012-01-26 10:26 . 2011-11-17 06:48 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-26 10:26 . 2011-11-16 16:23 278528 ----a-w- c:\windows\system32\schannel.dll
2012-01-26 10:26 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-26 10:26 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-01-26 10:26 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll
2012-01-26 10:26 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe
2012-01-11 07:12 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll
2012-01-11 07:12 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-01-11 07:12 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 07:12 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-11 07:12 . 2011-12-01 15:21 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-01-11 07:12 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-01-11 07:12 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 07:12 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-01 17:29 . 2011-11-10 07:03 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 13:37 . 2011-12-15 07:20 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-11-08 14:42 . 2011-12-15 07:19 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-03 15:31 1514152 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2012-01-17 2339168]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-01-03 1391272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2011-04-07 2672600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-12-07 11:36 136176 ----atw- c:\users\user_11\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 64494552
*NewlyCreated* - ECACHE
*Deregistered* - 64494552
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000Core.job
- c:\users\user_11\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-07 11:36]
.
2012-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000UA.job
- c:\users\user_11\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-07 11:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://eu.ask.com?o=15425&l=dis
IE: E&xportálás a Microsoft Excel programba - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-04 20:18
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\
.
Completion time: 2012-02-04 20:19:36
ComboFix-quarantined-files.txt 2012-02-04 19:19
.
Pre-Run: 216 908 931 072 bájt szabad
Post-Run: 216 834 412 544 bájt szabad
.
- - End Of File - - E39545BE3C29900E1059D0C4840DEF3C


szomb. feb. 04, 2012 20:26
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
meg lássuk, hogy mi van,
Futtasd le a combofixet a naplóját tedd ide.
http://www.virus-stell.com/2010/04/combofix.html


szomb. feb. 04, 2012 20:07
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
Igen,de semmi változást nem hozott.
Fogalmam sincs mit csináljak,lehet hogy el lett állítva valami,mert néha a kollégák is
használják ezt a gépet.


szomb. feb. 04, 2012 20:05
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
Ok, Edig virust nem latok..majd letelepited a rendes windowsban,
Rendszer visszallitast mar próbáltad??


szomb. feb. 04, 2012 19:58
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
A következő a helyzet mivel rendes indításnál nem működik semmi ezért csökkentett módban
próbáltam letelepíteni azt a programot,de nem lehet.
A következő hibaüzenet jelenik meg:
"Nem lehet hozzáférni a Windows Installer szolgáltatáshoz.
Ez akkor fordulhat elő,ha a Windows Installer nincs helyesen telepítve."

Ez számomra érthetetlen hiszen tegnapig minden simán működött!
A TDSSKillert lefuttattam ez a legfrissebb :
19:41:12.0953 0432 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49
19:41:13.0125 0432 ============================================================
19:41:13.0125 0432 Current date / time: 2012/02/04 19:41:13.0125
19:41:13.0125 0432 SystemInfo:
19:41:13.0125 0432
19:41:13.0125 0432 OS Version: 6.0.6002 ServicePack: 2.0
19:41:13.0125 0432 Product type: Workstation
19:41:13.0125 0432 ComputerName: INTENSA-11
19:41:13.0125 0432 UserName: user_11
19:41:13.0125 0432 Windows directory: C:\Windows
19:41:13.0125 0432 System windows directory: C:\Windows
19:41:13.0125 0432 Processor architecture: Intel x86
19:41:13.0125 0432 Number of processors: 2
19:41:13.0125 0432 Page size: 0x1000
19:41:13.0125 0432 Boot type: Safe boot with network
19:41:13.0125 0432 ============================================================
19:41:14.0234 0432 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:41:14.0234 0432 \Device\Harddisk0\DR0:
19:41:14.0234 0432 MBR used
19:41:14.0234 0432 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
19:41:14.0250 0432 Initialize success
19:41:14.0250 0432 ============================================================
19:41:20.0343 0464 ============================================================
19:41:20.0343 0464 Scan started
19:41:20.0343 0464 Mode: Manual;
19:41:20.0343 0464 ============================================================
19:41:21.0968 0464 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
19:41:21.0984 0464 ACPI - ok
19:41:22.0109 0464 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
19:41:22.0109 0464 adp94xx - ok
19:41:22.0187 0464 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
19:41:22.0218 0464 adpahci - ok
19:41:22.0328 0464 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
19:41:22.0343 0464 adpu160m - ok
19:41:22.0375 0464 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
19:41:22.0375 0464 adpu320 - ok
19:41:22.0500 0464 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
19:41:22.0515 0464 AFD - ok
19:41:22.0578 0464 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
19:41:22.0578 0464 agp440 - ok
19:41:22.0625 0464 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:41:22.0625 0464 aic78xx - ok
19:41:22.0734 0464 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
19:41:22.0734 0464 aliide - ok
19:41:22.0765 0464 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
19:41:22.0765 0464 amdagp - ok
19:41:22.0843 0464 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
19:41:22.0843 0464 amdide - ok
19:41:22.0953 0464 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
19:41:22.0984 0464 AmdK7 - ok
19:41:23.0062 0464 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
19:41:23.0078 0464 AmdK8 - ok
19:41:23.0312 0464 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
19:41:23.0328 0464 arc - ok
19:41:23.0453 0464 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
19:41:23.0453 0464 arcsas - ok
19:41:23.0546 0464 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:41:23.0562 0464 AsyncMac - ok
19:41:23.0671 0464 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
19:41:23.0671 0464 atapi - ok
19:41:23.0875 0464 AVGIDSDriver (1c8d965bbcaa9ee5defdb54743437086) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
19:41:23.0890 0464 AVGIDSDriver - ok
19:41:24.0015 0464 AVGIDSEH (c59c9bc3f0612bd207ccdc5d8cb9ce39) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
19:41:24.0031 0464 AVGIDSEH - ok
19:41:24.0125 0464 AVGIDSFilter (c5559de2ec66cede15a1664f6d183d8e) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
19:41:24.0140 0464 AVGIDSFilter - ok
19:41:24.0218 0464 AVGIDSShim (ae5e9667fa40206796d1bd5bd0427a8a) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
19:41:24.0234 0464 AVGIDSShim - ok
19:41:24.0343 0464 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\Windows\system32\DRIVERS\avgldx86.sys
19:41:24.0375 0464 Avgldx86 - ok
19:41:24.0421 0464 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\Windows\system32\DRIVERS\avgmfx86.sys
19:41:24.0437 0464 Avgmfx86 - ok
19:41:24.0562 0464 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\Windows\system32\DRIVERS\avgrkx86.sys
19:41:24.0578 0464 Avgrkx86 - ok
19:41:24.0656 0464 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\Windows\system32\DRIVERS\avgtdix.sys
19:41:24.0671 0464 Avgtdix - ok
19:41:24.0765 0464 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:41:24.0765 0464 Beep - ok
19:41:24.0859 0464 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
19:41:24.0859 0464 blbdrive - ok
19:41:24.0937 0464 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
19:41:24.0937 0464 bowser - ok
19:41:25.0031 0464 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:41:25.0046 0464 BrFiltLo - ok
19:41:25.0109 0464 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:41:25.0140 0464 BrFiltUp - ok
19:41:25.0265 0464 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:41:25.0281 0464 Brserid - ok
19:41:25.0343 0464 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:41:25.0359 0464 BrSerWdm - ok
19:41:25.0468 0464 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:41:25.0484 0464 BrUsbMdm - ok
19:41:25.0562 0464 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:41:25.0578 0464 BrUsbSer - ok
19:41:25.0687 0464 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:41:25.0703 0464 BTHMODEM - ok
19:41:25.0828 0464 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:41:25.0843 0464 cdfs - ok
19:41:25.0968 0464 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
19:41:25.0984 0464 cdrom - ok
19:41:26.0046 0464 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
19:41:26.0046 0464 circlass - ok
19:41:26.0093 0464 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
19:41:26.0125 0464 CLFS - ok
19:41:26.0359 0464 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
19:41:26.0375 0464 cmdide - ok
19:41:26.0453 0464 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
19:41:26.0453 0464 Compbatt - ok
19:41:26.0546 0464 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
19:41:26.0562 0464 crcdisk - ok
19:41:26.0625 0464 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
19:41:26.0640 0464 Crusoe - ok
19:41:26.0734 0464 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
19:41:26.0750 0464 CSC - ok
19:41:26.0796 0464 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys
19:41:26.0812 0464 CVirtA - ok
19:41:27.0031 0464 CVPNDRVA (8a15d7bd4cf1a8ccd7c65f7349f22e35) C:\Windows\system32\Drivers\CVPNDRVA.sys
19:41:27.0078 0464 CVPNDRVA - ok
19:41:27.0156 0464 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
19:41:27.0156 0464 DfsC - ok
19:41:27.0234 0464 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
19:41:27.0250 0464 disk - ok
19:41:27.0390 0464 DNE (7b4fdfbe97c047175e613aa96f3de987) C:\Windows\system32\DRIVERS\dne2000.sys
19:41:27.0390 0464 DNE - ok
19:41:27.0515 0464 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:41:27.0531 0464 drmkaud - ok
19:41:27.0718 0464 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
19:41:27.0765 0464 DXGKrnl - ok
19:41:27.0859 0464 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:41:27.0859 0464 E1G60 - ok
19:41:27.0968 0464 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
19:41:27.0984 0464 Ecache - ok
19:41:28.0093 0464 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
19:41:28.0109 0464 elxstor - ok
19:41:28.0187 0464 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
19:41:28.0203 0464 ErrDev - ok
19:41:28.0312 0464 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
19:41:28.0328 0464 exfat - ok
19:41:28.0437 0464 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
19:41:28.0453 0464 fastfat - ok
19:41:28.0531 0464 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
19:41:28.0562 0464 fdc - ok
19:41:28.0609 0464 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:41:28.0625 0464 FileInfo - ok
19:41:28.0671 0464 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:41:28.0671 0464 Filetrace - ok
19:41:28.0718 0464 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:41:28.0734 0464 flpydisk - ok
19:41:28.0781 0464 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
19:41:28.0796 0464 FltMgr - ok
19:41:28.0843 0464 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
19:41:28.0843 0464 Fs_Rec - ok
19:41:28.0906 0464 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
19:41:28.0921 0464 gagp30kx - ok
19:41:29.0015 0464 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
19:41:29.0031 0464 HdAudAddService - ok
19:41:29.0093 0464 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:41:29.0125 0464 HDAudBus - ok
19:41:29.0187 0464 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:41:29.0203 0464 HidBth - ok
19:41:29.0265 0464 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:41:29.0265 0464 HidIr - ok
19:41:29.0343 0464 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
19:41:29.0359 0464 HidUsb - ok
19:41:29.0406 0464 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
19:41:29.0406 0464 HpCISSs - ok
19:41:29.0500 0464 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
19:41:29.0515 0464 HTTP - ok
19:41:29.0562 0464 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
19:41:29.0562 0464 i2omp - ok
19:41:29.0656 0464 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:41:29.0656 0464 i8042prt - ok
19:41:29.0703 0464 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
19:41:29.0718 0464 iaStorV - ok
19:41:29.0765 0464 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:41:29.0765 0464 iirsp - ok
19:41:29.0843 0464 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
19:41:29.0843 0464 intelide - ok
19:41:29.0921 0464 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
19:41:29.0937 0464 intelppm - ok
19:41:30.0015 0464 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:41:30.0046 0464 IpFilterDriver - ok
19:41:30.0093 0464 IpInIp - ok
19:41:30.0125 0464 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
19:41:30.0140 0464 IPMIDRV - ok
19:41:30.0187 0464 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:41:30.0203 0464 IPNAT - ok
19:41:30.0250 0464 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:41:30.0250 0464 IRENUM - ok
19:41:30.0312 0464 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
19:41:30.0312 0464 isapnp - ok
19:41:30.0375 0464 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
19:41:30.0390 0464 iScsiPrt - ok
19:41:30.0437 0464 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:41:30.0437 0464 iteatapi - ok
19:41:30.0484 0464 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:41:30.0484 0464 iteraid - ok
19:41:30.0531 0464 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:41:30.0531 0464 kbdclass - ok
19:41:30.0609 0464 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
19:41:30.0609 0464 kbdhid - ok
19:41:30.0671 0464 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
19:41:30.0703 0464 KSecDD - ok
19:41:30.0765 0464 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:41:30.0781 0464 lltdio - ok
19:41:30.0843 0464 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
19:41:30.0859 0464 LSI_FC - ok
19:41:30.0937 0464 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
19:41:30.0937 0464 LSI_SAS - ok
19:41:31.0000 0464 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
19:41:31.0000 0464 LSI_SCSI - ok
19:41:31.0031 0464 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:41:31.0031 0464 luafv - ok
19:41:31.0062 0464 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
19:41:31.0062 0464 megasas - ok
19:41:31.0078 0464 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
19:41:31.0093 0464 MegaSR - ok
19:41:31.0109 0464 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:41:31.0109 0464 Modem - ok
19:41:31.0156 0464 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:41:31.0156 0464 monitor - ok
19:41:31.0187 0464 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:41:31.0187 0464 mouclass - ok
19:41:31.0218 0464 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
19:41:31.0218 0464 mouhid - ok
19:41:31.0218 0464 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:41:31.0218 0464 MountMgr - ok
19:41:31.0265 0464 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
19:41:31.0265 0464 mpio - ok
19:41:31.0281 0464 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:41:31.0281 0464 mpsdrv - ok
19:41:31.0312 0464 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:41:31.0312 0464 Mraid35x - ok
19:41:31.0328 0464 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
19:41:31.0328 0464 MRxDAV - ok
19:41:31.0375 0464 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:41:31.0375 0464 mrxsmb - ok
19:41:31.0390 0464 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:41:31.0390 0464 mrxsmb10 - ok
19:41:31.0406 0464 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:41:31.0406 0464 mrxsmb20 - ok
19:41:31.0421 0464 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
19:41:31.0437 0464 msahci - ok
19:41:31.0453 0464 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
19:41:31.0453 0464 msdsm - ok
19:41:31.0500 0464 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:41:31.0500 0464 Msfs - ok
19:41:31.0531 0464 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:41:31.0546 0464 msisadrv - ok
19:41:31.0593 0464 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:41:31.0593 0464 MSKSSRV - ok
19:41:31.0640 0464 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:41:31.0640 0464 MSPCLOCK - ok
19:41:31.0656 0464 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:41:31.0656 0464 MSPQM - ok
19:41:31.0718 0464 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
19:41:31.0718 0464 MsRPC - ok
19:41:31.0734 0464 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:41:31.0734 0464 mssmbios - ok
19:41:31.0750 0464 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:41:31.0750 0464 MSTEE - ok
19:41:31.0781 0464 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
19:41:31.0781 0464 Mup - ok
19:41:31.0812 0464 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
19:41:31.0812 0464 NativeWifiP - ok
19:41:31.0875 0464 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
19:41:31.0875 0464 NDIS - ok
19:41:31.0890 0464 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:41:31.0890 0464 NdisTapi - ok
19:41:31.0906 0464 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:41:31.0906 0464 Ndisuio - ok
19:41:31.0937 0464 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:41:31.0937 0464 NdisWan - ok
19:41:31.0968 0464 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:41:31.0968 0464 NDProxy - ok
19:41:31.0984 0464 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:41:31.0984 0464 NetBIOS - ok
19:41:32.0000 0464 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
19:41:32.0000 0464 netbt - ok
19:41:32.0031 0464 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:41:32.0031 0464 nfrd960 - ok
19:41:32.0062 0464 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
19:41:32.0062 0464 Npfs - ok
19:41:32.0109 0464 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:41:32.0109 0464 nsiproxy - ok
19:41:32.0156 0464 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
19:41:32.0171 0464 Ntfs - ok
19:41:32.0187 0464 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:41:32.0187 0464 ntrigdigi - ok
19:41:32.0218 0464 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:41:32.0218 0464 Null - ok
19:41:32.0453 0464 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:41:32.0562 0464 nvlddmkm - ok
19:41:32.0656 0464 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
19:41:32.0656 0464 nvraid - ok
19:41:32.0703 0464 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
19:41:32.0703 0464 nvstor - ok
19:41:32.0750 0464 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
19:41:32.0750 0464 nv_agp - ok
19:41:32.0765 0464 NwlnkFlt - ok
19:41:32.0781 0464 NwlnkFwd - ok
19:41:32.0796 0464 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
19:41:32.0796 0464 ohci1394 - ok
19:41:32.0843 0464 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
19:41:32.0843 0464 Parport - ok
19:41:32.0875 0464 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
19:41:32.0875 0464 partmgr - ok
19:41:32.0890 0464 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
19:41:32.0890 0464 Parvdm - ok
19:41:32.0921 0464 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
19:41:32.0937 0464 pci - ok
19:41:32.0937 0464 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
19:41:32.0937 0464 pciide - ok
19:41:32.0968 0464 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:41:32.0968 0464 pcmcia - ok
19:41:33.0000 0464 PCTAppEvent (7ea0ebd6e5aa687e116eb185a7cfb667) C:\Windows\system32\drivers\PCTAppEvent.sys
19:41:33.0000 0464 PCTAppEvent - ok
19:41:33.0031 0464 PCTFW-PacketFilter (60af5fa418efe284fb81dbbf5a0391fb) C:\Windows\system32\drivers\pctNdis-PacketFilter.sys
19:41:33.0031 0464 PCTFW-PacketFilter - ok
19:41:33.0078 0464 pctgntdi (5be722c8c9bba995693c8cd524d83b27) C:\Windows\System32\drivers\pctgntdi.sys
19:41:33.0078 0464 pctgntdi - ok
19:41:33.0125 0464 pctNdis (3ec79cfb2e0e74aada8b561ed8904577) C:\Windows\system32\DRIVERS\pctNdis.sys
19:41:33.0125 0464 pctNdis - ok
19:41:33.0125 0464 pctNdisMP (3ec79cfb2e0e74aada8b561ed8904577) C:\Windows\system32\DRIVERS\pctNdis.sys
19:41:33.0125 0464 pctNdisMP - ok
19:41:33.0156 0464 pctplfw (fe6803af91ddb32ff8edf5d6c0d370af) C:\Windows\System32\drivers\pctplfw.sys
19:41:33.0156 0464 pctplfw - ok
19:41:33.0203 0464 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:41:33.0218 0464 PEAUTH - ok
19:41:33.0281 0464 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:41:33.0281 0464 PptpMiniport - ok
19:41:33.0312 0464 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
19:41:33.0312 0464 Processor - ok
19:41:33.0359 0464 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
19:41:33.0359 0464 PSched - ok
19:41:33.0421 0464 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
19:41:33.0437 0464 ql2300 - ok
19:41:33.0468 0464 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:41:33.0468 0464 ql40xx - ok
19:41:33.0484 0464 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:41:33.0484 0464 QWAVEdrv - ok
19:41:33.0500 0464 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:41:33.0500 0464 RasAcd - ok
19:41:33.0531 0464 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:41:33.0546 0464 Rasl2tp - ok
19:41:33.0593 0464 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
19:41:33.0593 0464 RasPppoe - ok
19:41:33.0593 0464 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
19:41:33.0609 0464 RasSstp - ok
19:41:33.0625 0464 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
19:41:33.0640 0464 rdbss - ok
19:41:33.0656 0464 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:41:33.0656 0464 RDPCDD - ok
19:41:33.0687 0464 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
19:41:33.0687 0464 rdpdr - ok
19:41:33.0703 0464 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:41:33.0703 0464 RDPENCDD - ok
19:41:33.0734 0464 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
19:41:33.0734 0464 RDPWD - ok
19:41:33.0765 0464 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:41:33.0765 0464 rspndr - ok
19:41:33.0812 0464 RTL8169 (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys
19:41:33.0812 0464 RTL8169 - ok
19:41:33.0859 0464 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:41:33.0859 0464 sbp2port - ok
19:41:33.0890 0464 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:41:33.0890 0464 secdrv - ok
19:41:33.0921 0464 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
19:41:33.0921 0464 Serenum - ok
19:41:33.0937 0464 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
19:41:33.0937 0464 Serial - ok
19:41:33.0953 0464 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:41:33.0968 0464 sermouse - ok
19:41:33.0984 0464 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
19:41:33.0984 0464 sffdisk - ok
19:41:34.0015 0464 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
19:41:34.0015 0464 sffp_mmc - ok
19:41:34.0031 0464 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
19:41:34.0031 0464 sffp_sd - ok
19:41:34.0046 0464 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:41:34.0046 0464 sfloppy - ok
19:41:34.0078 0464 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
19:41:34.0078 0464 sisagp - ok
19:41:34.0093 0464 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
19:41:34.0093 0464 SiSRaid2 - ok
19:41:34.0109 0464 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
19:41:34.0109 0464 SiSRaid4 - ok
19:41:34.0140 0464 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
19:41:34.0140 0464 Smb - ok
19:41:34.0156 0464 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:41:34.0156 0464 spldr - ok
19:41:34.0187 0464 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
19:41:34.0203 0464 srv - ok
19:41:34.0234 0464 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
19:41:34.0234 0464 srv2 - ok
19:41:34.0265 0464 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
19:41:34.0265 0464 srvnet - ok
19:41:34.0296 0464 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:41:34.0296 0464 swenum - ok
19:41:34.0312 0464 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:41:34.0312 0464 Symc8xx - ok
19:41:34.0328 0464 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:41:34.0328 0464 Sym_hi - ok
19:41:34.0359 0464 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:41:34.0359 0464 Sym_u3 - ok
19:41:34.0421 0464 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
19:41:34.0421 0464 Tcpip - ok
19:41:34.0453 0464 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
19:41:34.0453 0464 Tcpip6 - ok
19:41:34.0484 0464 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
19:41:34.0484 0464 tcpipreg - ok
19:41:34.0500 0464 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:41:34.0500 0464 TDPIPE - ok
19:41:34.0531 0464 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:41:34.0531 0464 TDTCP - ok
19:41:34.0578 0464 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
19:41:34.0578 0464 tdx - ok
19:41:34.0609 0464 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
19:41:34.0609 0464 TermDD - ok
19:41:34.0640 0464 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:41:34.0640 0464 tssecsrv - ok
19:41:34.0687 0464 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:41:34.0687 0464 tunmp - ok
19:41:34.0703 0464 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
19:41:34.0703 0464 tunnel - ok
19:41:34.0718 0464 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
19:41:34.0734 0464 uagp35 - ok
19:41:34.0750 0464 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
19:41:34.0750 0464 udfs - ok
19:41:34.0781 0464 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
19:41:34.0796 0464 uliagpkx - ok
19:41:34.0812 0464 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
19:41:34.0812 0464 uliahci - ok
19:41:34.0843 0464 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:41:34.0843 0464 UlSata - ok
19:41:34.0859 0464 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:41:34.0859 0464 ulsata2 - ok
19:41:34.0875 0464 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:41:34.0875 0464 umbus - ok
19:41:34.0921 0464 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
19:41:34.0921 0464 usbccgp - ok
19:41:34.0937 0464 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:41:34.0937 0464 usbcir - ok
19:41:34.0984 0464 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
19:41:34.0984 0464 usbehci - ok
19:41:35.0031 0464 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
19:41:35.0031 0464 usbhub - ok
19:41:35.0062 0464 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
19:41:35.0062 0464 usbohci - ok
19:41:35.0078 0464 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
19:41:35.0093 0464 usbprint - ok
19:41:35.0109 0464 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
19:41:35.0109 0464 usbscan - ok
19:41:35.0140 0464 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:41:35.0140 0464 USBSTOR - ok
19:41:35.0156 0464 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
19:41:35.0156 0464 usbuhci - ok
19:41:35.0203 0464 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
19:41:35.0203 0464 vga - ok
19:41:35.0218 0464 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:41:35.0218 0464 VgaSave - ok
19:41:35.0250 0464 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
19:41:35.0250 0464 viaagp - ok
19:41:35.0265 0464 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
19:41:35.0265 0464 ViaC7 - ok
19:41:35.0281 0464 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
19:41:35.0281 0464 viaide - ok
19:41:35.0281 0464 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:41:35.0296 0464 volmgr - ok
19:41:35.0312 0464 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
19:41:35.0328 0464 volmgrx - ok
19:41:35.0359 0464 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
19:41:35.0359 0464 volsnap - ok
19:41:35.0375 0464 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
19:41:35.0375 0464 vsmraid - ok
19:41:35.0421 0464 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:41:35.0421 0464 WacomPen - ok
19:41:35.0437 0464 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:41:35.0437 0464 Wanarp - ok
19:41:35.0437 0464 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:41:35.0453 0464 Wanarpv6 - ok
19:41:35.0484 0464 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
19:41:35.0484 0464 Wd - ok
19:41:35.0515 0464 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:41:35.0515 0464 Wdf01000 - ok
19:41:35.0593 0464 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
19:41:35.0593 0464 WmiAcpi - ok
19:41:35.0625 0464 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:41:35.0625 0464 ws2ifsl - ok
19:41:35.0687 0464 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:41:35.0687 0464 WUDFRd - ok
19:41:35.0734 0464 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:41:35.0781 0464 \Device\Harddisk0\DR0 - ok
19:41:35.0781 0464 Boot (0x1200) (e982a5627d1a44002757b95ec0eb607a) \Device\Harddisk0\DR0\Partition0
19:41:35.0781 0464 \Device\Harddisk0\DR0\Partition0 - ok
19:41:35.0796 0464 ============================================================
19:41:35.0796 0464 Scan finished
19:41:35.0796 0464 ============================================================
19:41:35.0796 0456 Detected object count: 0
19:41:35.0796 0456 Actual detected object count: 0


szomb. feb. 04, 2012 19:53
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
1:Telepítsd le a számítógépről az
C:\Program Files\Ask.com

2: futtasd le az TDSSKILLER programot, az REPORT naplot tedd ide.
http://www.virus-stell.com/2010/08/root ... -tdl3.html

Latom hogy mar futtatad, tehat tedd ide ezt
C:\TDSSKiller.2.7.9.0_03.02.2012_09.49.14_log.txt


szomb. feb. 04, 2012 19:21
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Re: Segítséget kérnék
Szia!
Logfile of random's system information tool 1.09 (written by random/random)
Run by user_11 at 2012-02-04 12:45:45
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 207 GB (87%) free of 238 GB
Total RAM: 1023 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:46:15, on 2012.02.04.
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19170)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Users\user_11\Downloads\RSIT.exe
C:\Program Files\trend micro\user_11.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15425&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'HÁLÓZATI SZOLGÁLTATÁS')
O8 - Extra context menu item: E&xportálás a Microsoft Excel programba - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 17701 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3660284441-3406738706-2838319646-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2011-09-09 2276704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-01-03 1514152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-01-03 1514152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2012-01-17 2339168]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2012-01-03 1391272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"00PCTFW"=C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe [2011-04-07 2672600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\user_11\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-07 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
C:\Windows\INSTAL~1\{871DF~1\ICON3E~1.ICO [2010-12-13 6144]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-02-04 12:45:46 ----D---- C:\Program Files\trend micro
2012-02-04 12:45:45 ----D---- C:\rsit
2012-02-04 12:27:50 ----A---- C:\Windows\ntbtlog.txt
2012-02-03 14:04:13 ----D---- C:\Windows\system32\appmgmt
2012-02-03 10:58:24 ----D---- C:\ProgramData\JollyBear
2012-02-03 09:49:14 ----A---- C:\TDSSKiller.2.7.9.0_03.02.2012_09.49.14_log.txt
2012-02-03 08:38:13 ----D---- C:\Windows\pss
2012-02-03 08:30:03 ----D---- C:\Users\user_11\AppData\Roaming\PCToolsFirewallPlus
2012-02-03 08:29:21 ----A---- C:\Windows\system32\drivers\PCTCore.sys
2012-02-03 08:29:21 ----A---- C:\Windows\system32\drivers\PCTAppEvent.sys
2012-02-03 08:29:19 ----A---- C:\Windows\system32\drivers\pctwfpfilter.sys
2012-02-03 08:29:19 ----A---- C:\Windows\system32\drivers\pctgntdi.sys
2012-02-03 08:27:25 ----D---- C:\Program Files\Common Files\PC Tools
2012-02-03 08:27:25 ----A---- C:\Windows\system32\drivers\pctNdis-PacketFilter.sys
2012-02-03 08:27:25 ----A---- C:\Windows\system32\drivers\pctNdis-DNS.sys
2012-02-03 08:27:25 ----A---- C:\Windows\system32\drivers\pctNdis.sys
2012-02-03 08:27:24 ----A---- C:\Windows\system32\drivers\pctplfw.sys
2012-02-03 08:27:23 ----D---- C:\Program Files\PC Tools Firewall Plus
2012-02-03 07:43:44 ----D---- C:\Program Files\Defraggler
2012-02-03 07:43:18 ----D---- C:\Program Files\Speccy
2012-02-03 07:42:33 ----D---- C:\Program Files\CCleaner
2012-02-02 18:20:33 ----D---- C:\Program Files\LeeGT-Games
2012-02-02 16:38:37 ----D---- C:\Users\user_11\AppData\Roaming\WinRAR
2012-02-02 16:38:17 ----D---- C:\Program Files\WinRAR
2012-02-02 08:30:34 ----D---- C:\Users\user_11\AppData\Roaming\AVG
2012-02-02 08:29:32 ----AD---- C:\ProgramData\TEMP
2012-01-26 11:26:14 ----A---- C:\Windows\system32\schannel.dll
2012-01-26 11:26:14 ----A---- C:\Windows\system32\lsasrv.dll
2012-01-26 11:26:14 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-01-26 11:26:13 ----A---- C:\Windows\system32\winhttp.dll
2012-01-26 11:26:13 ----A---- C:\Windows\system32\secur32.dll
2012-01-26 11:26:13 ----A---- C:\Windows\system32\lsass.exe
2012-01-11 08:12:06 ----A---- C:\Windows\system32\winmm.dll
2012-01-11 08:12:06 ----A---- C:\Windows\system32\mciseq.dll
2012-01-11 08:12:05 ----A---- C:\Windows\system32\ntdll.dll
2012-01-11 08:12:04 ----A---- C:\Windows\system32\packager.dll
2012-01-11 08:12:03 ----A---- C:\Windows\system32\winsrv.dll
2012-01-11 08:12:02 ----A---- C:\Windows\system32\jscript.dll
2012-01-11 08:12:01 ----A---- C:\Windows\system32\quartz.dll
2012-01-11 08:12:01 ----A---- C:\Windows\system32\qdvd.dll

======List of files/folders modified in the last 1 month======

2012-02-04 12:45:46 ----RD---- C:\Program Files
2012-02-04 12:27:50 ----D---- C:\Windows
2012-02-04 12:19:32 ----D---- C:\Windows\System32
2012-02-04 12:18:47 ----D---- C:\Windows\system32\wbem
2012-02-04 12:18:01 ----D---- C:\Windows\system32\config
2012-02-04 12:17:53 ----D---- C:\Windows\Tasks
2012-02-04 12:17:52 ----SHD---- C:\Windows\Installer
2012-02-04 12:17:52 ----D---- C:\Windows\system32\spool
2012-02-04 12:17:52 ----D---- C:\Windows\system32\Msdtc
2012-02-04 12:17:52 ----D---- C:\Windows\system32\drivers\AVG
2012-02-04 12:17:52 ----D---- C:\Windows\system32\catroot2
2012-02-04 12:17:52 ----D---- C:\Windows\registration
2012-02-04 12:17:52 ----D---- C:\Windows\inf
2012-02-04 12:16:41 ----SHD---- C:\System Volume Information
2012-02-04 10:28:34 ----D---- C:\Windows\system32\drivers
2012-02-04 10:21:21 ----D---- C:\Windows\Temp
2012-02-04 10:21:04 ----D---- C:\Windows\Prefetch
2012-02-04 09:33:36 ----D---- C:\Windows\SoftwareDistribution
2012-02-03 10:58:24 ----HD---- C:\ProgramData
2012-02-03 08:40:21 ----D---- C:\Windows\Panther
2012-02-03 08:40:21 ----D---- C:\Windows\Debug
2012-02-03 08:28:53 ----D---- C:\Windows\system32\catroot
2012-02-03 08:27:25 ----D---- C:\Program Files\Common Files
2012-02-02 08:29:35 ----D---- C:\Windows\system32\Tasks
2012-02-02 08:29:16 ----D---- C:\Program Files\AVG
2012-02-01 18:48:17 ----D---- C:\Windows\Minidump
2012-02-01 18:48:12 ----SD---- C:\Windows\Downloaded Program Files
2012-01-27 07:40:45 ----D---- C:\Windows\winsxs
2012-01-26 11:47:16 ----D---- C:\ProgramData\MFAData
2012-01-12 13:35:47 ----D---- C:\Program Files\Ask.com
2012-01-12 03:37:22 ----D---- C:\Windows\Microsoft.NET
2012-01-12 03:36:51 ----RSD---- C:\Windows\assembly
2012-01-12 03:06:39 ----A---- C:\Windows\system32\mrt.exe
2012-01-12 03:05:58 ----D---- C:\Program Files\Windows Mail
2012-01-12 03:04:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-12 03:02:53 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2011-04-04 297168]
R1 pctgntdi;pctgntdi; \??\C:\Windows\System32\drivers\pctgntdi.sys [2011-01-17 251560]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2007-01-31 127376]
R3 pctNdisMP;PC Tools Driver; C:\Windows\system32\DRIVERS\pctNdis.sys [2010-07-08 57536]
R3 RTL8169;Realtek 8169 NT-illesztőprogram; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2011-01-07 248656]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-03-01 34896]
S2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2007-10-26 306300]
S2 PCTAppEvent;PCTAppEvent Driver; \??\C:\Windows\system32\drivers\PCTAppEvent.sys [2011-03-02 160576]
S3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-05-27 134480]
S3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 24144]
S3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2011-02-10 28624]
S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 drmkaud;Microsoft Kernel DRM-hangdekódoló; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA funkció-illesztőprogram High Definition Audio hangszolgáltatáshoz; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Microsoft Streaming szolgáltatásproxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming óraproxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming minőségkezelő proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming cél/fogadók közötti konverter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-07-10 11008040]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver; \??\C:\Windows\system32\drivers\pctNdis-PacketFilter.sys [2011-01-12 89472]
S3 pctNdis;PC Tools Firewall Intermediate Filter Service; C:\Windows\system32\DRIVERS\pctNdis.sys [2010-07-08 57536]
S3 pctplfw;pctplfw; \??\C:\Windows\System32\drivers\pctplfw.sys [2011-01-17 125248]
S3 usbscan;USB képolvasó-illesztőprogram; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-01-31 7391072]
S2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2007-10-26 1524512]
S2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
S2 PCToolsFirewallPlus;PC Tools Firewall Plus; C:\Program Files\PC Tools Firewall Plus\FWService.exe [2011-01-24 286000]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.09 2012-02-04 12:46:17

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
A Microsoft .NET-keretrendszer 4-es verziójához tartozó ügyfélprofil HUN nyelvi csomagja-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1038 /parameterfolder ClientLP
Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe -maintain plugin
Adobe Reader X (10.1.2) - Hungarian-->MsiExec.exe /I{AC76BA86-7AD7-1038-7B44-AA1000000001}
Ask Toolbar-->MsiExec.exe /X{86D4B82A-ABED-442A-BE86-96357B70F4FE}
AVG 2011-->"C:\Program Files\AVG\AVG10\avgmfapx.exe" /AppMode=SETUP /Uninstall
AVG 2011-->MsiExec.exe /I{E533E637-FB3E-4F28-8B18-449CC9AB7235}
AVG 2011-->MsiExec.exe /I{FA1162AE-AF27-44A9-9C78-0C46BD44D75F}
AVG PC Tuneup-->"C:\Program Files\AVG\AVG PC Tuneup\unins000.exe"
Big City Adventure 5 - London Story-->MsiExec.exe /I{23A8E242-AE55-4E68-B713-DD673974BFE8}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cisco Systems VPN Client 5.0.02.0090-->MsiExec.exe /X{871DF2BE-41D2-4334-AC33-839AF16FC8FE}
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Malwarebytes' Anti-Malware 1.51.2.1300 verzió-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - hun-->MsiExec.exe /I{5380C741-5656-387C-9FB0-3E45D07F864A}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile HUN Language Pack-->MsiExec.exe /X{FD031145-2925-3FEF-9A4E-64047AAD8951}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040E-0000-0000000FF1CE} /uninstall {077B54FF-6531-42E7-9D6A-93B0B029CFA0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040E-0000-0000000FF1CE} /uninstall {B3C14F81-2C4A-400D-9ECE-55A667F8F737}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-0015-040E-0000-0000000FF1CE}
Microsoft Office Excel 2007 Help-frissítés (KB963678)-->msiexec /package {90120000-0016-040E-0000-0000000FF1CE} /uninstall {76BD9044-91EB-46FC-8CA6-0AA239BB8A93}
Microsoft Office Excel MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-0016-040E-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-001A-040E-0000-0000000FF1CE}
Microsoft Office Powerpoint 2007 Help-frissítés (KB963669)-->msiexec /package {90120000-0018-040E-0000-0000000FF1CE} /uninstall {6863CE52-1321-482E-B930-B325EE09AEFF}
Microsoft Office PowerPoint MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-0018-040E-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2007-->MsiExec.exe /X{90120000-001F-040E-0000-0000000FF1CE}
Microsoft Office Proofing (Hungarian) 2007-->MsiExec.exe /X{90120000-002C-040E-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040E-0000-0000000FF1CE} /uninstall {573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}
Microsoft Office Publisher MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-0019-040E-0000-0000000FF1CE}
Microsoft Office Shared MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-006E-040E-0000-0000000FF1CE}
Microsoft Office Word 2007 Help-frissítés (KB963665)-->msiexec /package {90120000-001B-040E-0000-0000000FF1CE} /uninstall {0E56E23A-EDB8-42C7-A285-7258C5944EB4}
Microsoft Office Word MUI (Hungarian) 2007-->MsiExec.exe /X{90120000-001B-040E-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero BurnLite 10-->MsiExec.exe /I{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}
Nero BurnLite 10-->MsiExec.exe /X{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}
Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel
NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
Nyelvi csomag a Microsoft .NET-keretrendszer 3.5 1. szervizcsomagjához – HUN-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - hun\setup.exe
PC Tools Firewall Plus 7.0-->C:\Program Files\PC Tools Firewall Plus\unins000.exe /LOG
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB2553089)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
Security Update for 2007 Microsoft Office System (KB2553090)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
Security Update for 2007 Microsoft Office System (KB2584063)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for A Microsoft .NET-keretrendszer 4-es verziójához tartozó ügyfélprofil HUN nyelvi csomagja (KB2478663)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for A Microsoft .NET-keretrendszer 4-es verziójához tartozó ügyfélprofil HUN nyelvi csomagja (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Speccy-->"C:\Program Files\Speccy\uninst.exe"
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {B7873DF5-9E1C-45EE-8895-D29C6AE01202}
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {48202D27-A6D4-4264-A184-51A6E8AD7C40}
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C20964A7-5181-45E5-9E82-72F5D400DEBF}
Update for Microsoft Office 2007 System (KB2539530)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {567103D1-96CD-4B76-93B9-2681A187DEFF}
Update for Microsoft Office Outlook 2007 (KB2583910)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {BDC21583-5601-4B2B-88F3-7919F6DE8FB1}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR 4.10 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: INTENSA-11
Event Code: 4373
Message: A Windows szolgáltatáskezelő sikeresen beállította a(z) KB2509553(Security Update) csomagot erre az állapotra: Telepítve(Installed)
Record Number: 273497
Source Name: Microsoft-Windows-Servicing
Time Written: 20110914131950.000000-000
Event Type: Információ
User: INTENSA-11\user_11

Computer Name: INTENSA-11
Event Code: 4373
Message: A Windows szolgáltatáskezelő sikeresen beállította a(z) KB2509553(Security Update) csomagot erre az állapotra: Telepítve(Installed)
Record Number: 273496
Source Name: Microsoft-Windows-Servicing
Time Written: 20110914131950.000000-000
Event Type: Információ
User: INTENSA-11\user_11

Computer Name: INTENSA-11
Event Code: 4373
Message: A Windows szolgáltatáskezelő sikeresen beállította a(z) KB2509553(Security Update) csomagot erre az állapotra: Telepítve(Installed)
Record Number: 273495
Source Name: Microsoft-Windows-Servicing
Time Written: 20110914131950.000000-000
Event Type: Információ
User: INTENSA-11\user_11

Computer Name: INTENSA-11
Event Code: 4373
Message: A Windows szolgáltatáskezelő sikeresen beállította a(z) KB2509553(Security Update) csomagot erre az állapotra: Telepítve(Installed)
Record Number: 273494
Source Name: Microsoft-Windows-Servicing
Time Written: 20110914131950.000000-000
Event Type: Információ
User: INTENSA-11\user_11

Computer Name: INTENSA-11
Event Code: 4373
Message: A Windows szolgáltatáskezelő sikeresen beállította a(z) KB2509553(Security Update) csomagot erre az állapotra: Telepítve(Installed)
Record Number: 273493
Source Name: Microsoft-Windows-Servicing
Time Written: 20110914131950.000000-000
Event Type: Információ
User: INTENSA-11\user_11

=====Application event log=====

Computer Name: 26L2233C2-11
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 5
Source Name: Microsoft-Windows-WMI
Time Written: 20101203141950.000000-000
Event Type: Információ
User:

Computer Name: WIN-7ICP3H37ARJ
Event Code: 4625
Message: Az EventSystem alrendszer 86400 másodpercre letiltja az eseménynapló ismétlődő bejegyzéseit. A letiltási időkorlát a REG_DWORD érték SuppressDuplicateDuration azonosítóval vezérelhető a következő beállításkulcsban: HKLM\Software\Microsoft\EventSystem\EventLog\
Record Number: 4
Source Name: Microsoft-Windows-EventSystem
Time Written: 20101203141947.000000-000
Event Type: Információ
User:

Computer Name: WIN-7ICP3H37ARJ
Event Code: 900
Message: A szoftverlicencelési szolgáltatás most indul el.

Record Number: 3
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20101203141946.000000-000
Event Type: Információ
User:

Computer Name: WIN-7ICP3H37ARJ
Event Code: 1531
Message: A felhasználói profil szolgáltatás sikeresen elindult.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101203141946.000000-000
Event Type: Információ
User: NT AUTHORITY\SYSTEM

Computer Name: 26L2233C2-11
Event Code: 2
Message: A tanúsítványszolgáltatások ügyfele le lett állítva.
Record Number: 1
Source Name: Microsoft-Windows-CertificateServicesClient
Time Written: 20080121025823.474800-000
Event Type: Információ
User: NT AUTHORITY\SYSTEM


szomb. feb. 04, 2012 18:46
Profil
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Segítséget kérnék
Üdv
Csökkentet módból tedd ide az RSIT naplóját
http://www.virus-stell.com/2010/04/rsit.html


szomb. feb. 04, 2012 18:31
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. feb. 04, 2012 15:24
Hozzászólások: 23
Hozzászólás Segítséget kérnék
Helló!
Szeretnék segítséget kérni,nem tudom mi lett a gépemmel csak csökkentett módban tudom használni.
Ha rendesen indítom nem tudok belépni a netbe és semmilyen programba.
Attól félek valami komolyabb vírus lehet,bár lefuttattam a Dr webet csökkentettben, gyors és teljes vizsgálatban sem jelzett vírust.
Kérem ha tudtok segítsetek mert ez a gép a munkaeszközöm,és nem szeretném ha újra kéne telepíteni.
Előre is köszönöm!


szomb. feb. 04, 2012 15:40
Profil
Hozzászólások megjelenítése:  Rendezés  
Hozzászólás a témához   [ 46 hozzászólás ] 

Ki van itt

Jelenlévő fórumozók: nincs regisztrált felhasználó valamint 6 vendég


Nem nyithatsz témákat ebben a fórumban.
Nem válaszolhatsz egy témára ebben a fórumban.
Nem szerkesztheted a hozzászólásaidat ebben a fórumban.
Nem törölheted a hozzászólásaidat ebben a fórumban.

Keresés:
Ugrás:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by ST Software for PTF.
Magyar fordítás © Magyar phpBB Közösség