Megválaszolatlan hozzászólások | Aktív témák Pontos idő: csüt. márc. 28, 2024 12:15



Hozzászólás a témához  [ 38 hozzászólás ] 
BackDoor.Dorkbot vírus 
Szerző Üzenet
vas-tag

Csatlakozott: kedd márc. 26, 2013 12:59
Hozzászólások: 2
Hozzászólás Re: BackDoor.Dorkbot vírus
mégegyszer átnyálaztam a témát és most ugynézki sikerül:)


kedd márc. 26, 2013 13:51
Profil Privát üzenet küldése
vas-tag

Csatlakozott: kedd márc. 26, 2013 12:59
Hozzászólások: 2
Hozzászólás Re: BackDoor.Dorkbot vírus
Hello! Elolvastam az eddigieket de nekem nem világos teljesen vagy csak rosszul értelmeztem a dolgokat. A problémám az hogy van egy 1 terás külsővinyóm és bekapot egy vírust. elvileg backdoor. ami rajta voltak mappák parancsikont csinált belőlük és nem lehet megnyitni. de foglalják a lemezterületet. valahogy vissza szeretném hozni az adatokat mer elég fontosak! windows 7 em van. ha szánna rám valaki egy kis időt akkor megköszönném!:)


kedd márc. 26, 2013 13:16
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: szer. márc. 24, 2004 13:43
Hozzászólások: 11865
Tartózkodási hely: Budapest, Solymár
Hozzászólás Re: BackDoor.Dorkbot vírus
stell írta:
... nem akarjak azt csinálni amit írok...

Igazad van, de ne gurulj be teljesen. :wink:

Keep on smiling. :D


pén. dec. 14, 2012 20:55
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: BackDoor.Dorkbot vírus
Mivel hogy, nem csináltad azt amit írtam, evvel a te témadal nem fogok foglalkozni.
Meg kérem a bajba kerülőkét hogy ne is írjanak ide , ha nem akarjak azt csinálni amit írok.
Feleslegesen használjak a drága időmet.
Köszönöm


pén. dec. 14, 2012 16:54
Profil Privát üzenet küldése Honlap
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: BackDoor.Dorkbot vírus
En ertetem a kerdest, igen mert hozza kapcsoltad a fertőzőt pendrivt a gepedhez, amit leirtam mindent a te gepeden csinaljad.


csüt. dec. 13, 2012 16:47
Profil Privát üzenet küldése Honlap
vas-tag

Csatlakozott: csüt. dec. 13, 2012 13:26
Hozzászólások: 2
Hozzászólás Re: BackDoor.Dorkbot vírus
Tudtam, hogy itt megkapom a profi segítséget! Hálás köszönet! Még ezután fogok hozzá és mielőtt nekikezdek azért megemlítem, hogy a "rákerülhettet-e valami a gépemre így is" kérdés alatt a saját gépemet értettem és nem a haverét amit teklepítettem és ami végül a mappáimat karanténba tette. Az én gépem találta viszont a két exe-t a pendrive-on és azokat már ő tette karanténba. Remélem ez nem fog gondot okozni!? Egyébként egy darkbot D vírussal állok szemben pontosan. Ha rákerült valami mégis a saját gépemre akkor mivel tudnék utánajárni a legnagyobb sikerrel? A pendrive adatai is nagyon fontosak de a gépem méginkább! Nem szeretném valami folyamat a háttérben megindulhasson rajta.


csüt. dec. 13, 2012 16:10
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: BackDoor.Dorkbot vírus
Udv
Es miert rogton Formazas, es ujra rakas, ez minek??
Idézet:
Kérdésem az lenne, hogy rákerülhetett -e valami a gépemre így is?

A Valasz igen.

Idézet:
Valamint, hogy van-e esély az adataimat valahogyan visszanyernem a pendrive-ról?

A Valasz igen.De csaj akkor ha mindent megcsinalsz amit ide irok.

kapcsod a géphez mindent amit az usb-hasznalsz, ...
csinalsz egy fix.bat fajlot es rateszed a pendrivre ,ahol az lathatatlan adatok vannak,es futtatod.
Kód:
@ECHO OFF
ECHO (www.viruskasino.com)
REM script created by: www.viruskasino.com
attrib -s -h -r -a /s /d
rd /s /q recycler
PAUSE

mikker lefut,akkor benyomsz akar mijen bilentyut.

2:letoltod az USBFIX programot az asztalra es futtatod,
http://www.commentcamarche.net/download ... 838-usbfix
Nyomod az gombot DELETE, mikkor lefut a naplojat tedd ide
C:\USBFix.txt<<<itt lesz majd.
video.
http://www.youtube.com/watch?v=dtEfuOWFGDY

3:Letöltöd az asztalra az Malwarebytes Anti-Rootkit
http://www.bleepingcomputer.com/downloa ... it/dl/133/
Kicsomagolni>.tuttatni>.klik az MBANR>>klik az Next aztan Update<<a frissites utan ujbol klik>>Next
Bepipazni mind 3-lehetoseget es klik Scan.
Ha talal valamit, elenorizni ha mindenut van e pipa, ,bepipazni az Create Restore point es klik CleanUp
a szamitogep restartol>>a naploja majd kinyílik, tedd ide mbar-log.txt.

4:Futtatod a combofixet , a naplojat tedd ide.
http://www.bleepingcomputer.com/combofi ... t-combofix

Aztan majd meglassuk, hogy mit latok a naplokban.


csüt. dec. 13, 2012 14:58
Profil Privát üzenet küldése Honlap
vas-tag

Csatlakozott: csüt. dec. 13, 2012 13:26
Hozzászólások: 2
Hozzászólás Re: BackDoor.Dorkbot vírus
Tiszteletem/Sziasztok!
Először is örülök, hogy megtaláltam a fórumot és azzal kezdeném rögtön az elején, hogy végigolvastam az összes hozzászólást mégis engedjétek meg, hogy kérdezzek mert nem értek a dologhoz. Történt hogy tegnap haver gépét telepítettem és hiányzó driverért mentem a netre. Beszedtem a darkbotot, pendrive benne volt a gépben természetesen. Újratelepítettem raktam Eset Smart Sec. 5-öst és amikor betettem a pendrive-ot rá is csapott és minden mappát karanténba tett ("törléssel megtisztítva, karanténba helyezve"). A pendrive-on nem látom őket de ott vannak az adatok az tuti, mert tele van mind a 4gb. Saját gépemre rádugva az Eset meg is vizsgálja mindet és ráadásul talált 2 trójait még ezután (exe file-ok)!!!
Kérdésem az lenne, hogy rákerülhetett -e valami a gépemre így is? (Ad-aware és Eset full scan nem talált semmit.) Valamint, hogy van-e esély az adataimat valahogyan visszanyernem a pendrive-ról? Xp-t használunk, ezt csak azért említem mert olvastam ez sem mindig mindegy.
Előre is köszönöm a segítséget!


csüt. dec. 13, 2012 13:38
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: BackDoor.Dorkbot vírus
Igen, énszerintem a win8, helyet rakd a win7,rendszert, es aztan a tobbi rendszert vizsgald att az USBFIX programmal, es az Malwarebytes programmal is, teljes vizsgalat.


vas. dec. 02, 2012 9:55
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
Végül is formáztam a pendrive-ot, nem akarom tovább terjeszteni a férget.
A gépen hogy szabaduljak meg a féregtől? Rakjak fel egy másik rendszert? Van egy másik gépem is amin win7 van, kiváncsi lennék rá az a rendszer tiszta-e! A vírusirtó nem jelzet semmit ott. Leellenőrizzem a win7-en valamelyik programmal?


szomb. dec. 01, 2012 10:21
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: BackDoor.Dorkbot vírus
Azt mond meg hogy minek neked az Win8, es meg hozza megvan torve, az Win8 ra meg nincsen sok diagnosztikus eszkoz.
Nem ez a virus ,nem virus hanem FÉREG.
Ez amit az USBFIX kitorolt, ez nem a fajloid voltak, hanem ezt a FEREG hozta letre, azert raktam vissza hogy az USBFIX lassa mirol van szo, a te fajloid ott vannak mindig az G:\meghajton, de elvanak rejtve, ez ez azt jelenti hogy a rendszer mindig fertőzőt, de mivelhogy nincsen anyi diagnosztikus eszkoz, nem tudom hogy mit futtatcsak ezen a Törőt win8, rendszeren,


pén. nov. 30, 2012 17:27
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
Háát a pendrive-ról letörölt mindent ami fertőzött volt. Tehát a fájlok nagy része törlődött, javítani nem javította a fertőzött fájlokat, bár biztos már nem lehetett!

de azt honnan tudom meg hogy megszabadultam a vírustól?


pén. nov. 30, 2012 15:57
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: BackDoor.Dorkbot vírus
na es, most mar jo??, mert ide a combofixet nem engedhesuk, mert ez win8, es itt nem megy, es ha menne is, akkor tonkre teheti a rendszert,
Futtattad mindenűt ,minden meghajtón???azt a recycler.bat fajlot??


pén. nov. 30, 2012 11:44
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
Úgy néz ki letörölte a fájlokat a pendriveról!


pén. nov. 30, 2012 10:26
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 7 x86

Account is Administrative

Internet Explorer version: 9.10.9200.16433

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.796000 GHz
Memory total: 1475792896, free: 744247296

------------ Kernel report ------------
11/30/2012 09:54:48
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\system32\drivers\tpm.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\pciide.sys
\SystemRoot\System32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\pcmcia.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\atapi.sys
\SystemRoot\System32\drivers\ataport.SYS
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\DRIVERS\avglogx.sys
\SystemRoot\system32\DRIVERS\avgmfx86.sys
\SystemRoot\system32\DRIVERS\avgidshx.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx86.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\dtsoftbus01.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\avgwfpx.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\System32\Drivers\VD_FileDisk.SYS
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\avgidsshimw8x.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\System32\drivers\amdk8.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\system32\DRIVERS\bcmwl63.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\usbohci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\parport.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\HpqKbFiltr.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\b57nd60x.sys
\SystemRoot\System32\drivers\1394ohci.sys
\SystemRoot\System32\drivers\sdbus.sys
\SystemRoot\system32\DRIVERS\cpqbttn.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\system32\drivers\ADIHdAud.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\VSTAZL3.SYS
\SystemRoot\system32\DRIVERS\VSTDPV3.SYS
\SystemRoot\system32\DRIVERS\VSTCNXT3.SYS
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\drivers\parvdm.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\ATSwpWDF.sys
\SystemRoot\system32\DRIVERS\mslldp.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff846d2918
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xffffffff839d0870
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
DriverEntry returned 0x0
Function returned 0x0
Downloaded database version: v2012.11.30.05
Downloaded database version: v2012.11.29.01
Initializing...
Scan Interrupted
Initializing...
Done!
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff846d2918, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff846d2598, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff846d2918, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff84613408, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff839d0870, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Upper DeviceData: 0xffffffffa59b1360, 0xffffffff846d2918, 0xffffffff84b70a80
Lower DeviceData: 0xffffffffa1be4cb0, 0xffffffff839d0870, 0xffffffff9e73e718
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: B2EDB2ED

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 716800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 718848 Numsec = 40894464

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 41613312 Numsec = 114685952

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 80026361856 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-156281488-156301488)...
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff8583e030, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8590c828, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8583e030, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff858bfc70, DeviceName: \Device\00000052\, DriverName: \Driver\USBSTOR\
------------ End ----------
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C3072E18

Partition information:

Partition 0 type is Other (0xb)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 7864257
Partition file system is FAT32
Partition is not bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 4026531840 bytes
Sector size: 512 bytes

Done!
Performing system, memory and registry scan...
Read File: File "C:\ProgramData\AVG2013\Chjw\7e121bf5121bb15f.dat" is sparse (flags = 32768)
Done!
Scan finished
=======================================


pén. nov. 30, 2012 10:24
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
############################## | UsbFix V 7.100 | [Deletion]

User: Tigerpapó (Administrator) # PROXIMUS
Updated 11/11/2012 by El Desaparecido
Started at 09:35:10 | 30/11/2012

Website: http://sosvirus.org
Contact: contact@eldesaparecido.com

PC: Hewlett-Packard (HP Compaq nx6325 (EY351EA#ACQ)) (X86-based PC
CPU: Mobile AMD Sempron(tm) Processor 3500+ (1796)
RAM -> [Total : 1407 | Free : 1058]
BIOS: EPP runtime BIOS - Version 1.1
BOOT: Fail-safe with network boot

OS: Microsoft Windows 8 Pro (6.2.9200 32-Bit) #
WB: Windows Internet Explorer 9.10.9200.16433

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: AVG Anti-Virus Free Edition 2013 [Enabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 19 Gb (449 Mb free - 2%) [] # NTFS
D:\ -> Fixed drive # 55 Gb (7 Mb free - 12%) [cuccos] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> Removable drive # 4 Gb (4 Mb free - 96%) [] # FAT32

################## | Active Processes |

C:\Windows\system32\csrss.exe (400)
C:\Windows\system32\csrss.exe (444)
C:\Windows\system32\wininit.exe (452)
C:\Windows\system32\winlogon.exe (496)
C:\Windows\system32\services.exe (516)
C:\Windows\system32\lsass.exe (528)
C:\Windows\system32\svchost.exe (624)
C:\Windows\system32\svchost.exe (668)
C:\Windows\System32\svchost.exe (728)
C:\Windows\system32\dwm.exe (752)
C:\Windows\system32\svchost.exe (784)
C:\Windows\system32\svchost.exe (820)
C:\Windows\system32\svchost.exe (852)
C:\Windows\system32\svchost.exe (876)
C:\Windows\system32\svchost.exe (1040)
C:\Windows\Explorer.EXE (1420)
C:\Windows\system32\ctfmon.exe (1448)
C:\Windows\system32\DllHost.exe (1648)
C:\UsbFix\Go.exe (1892)
C:\Windows\system32\wbem\wmiprvse.exe (340)

################## | Stopped processes |

Stopped! C:\Windows\Explorer.EXE (1420)
Stopped! C:\Windows\system32\ctfmon.exe (1448)
Stopped! C:\Windows\system32\DllHost.exe (1648)

################## | Files # Infected Folders |

Deleted ! G:\Biztonsági mentés.lnk
Deleted ! G:\swtor.lnk
Deleted ! G:\progik.lnk
Deleted ! G:\láthatatlan színház.lnk
Deleted ! G:\papír.lnk
Deleted ! G:\képek.lnk
Deleted ! G:\kép.lnk
Deleted ! G:\Dokumentumok.lnk
Deleted ! G:\alapvizsga.lnk
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-355688055-3770966632-2808113590-1001
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-355688055-3770966632-2808113590-1001

(!) Temporary files deleted.

################## | Registry |


################## | Mountpoints2 |


################## | Listing |

[25/11/2012 - 20:35:42 | D ] C:\$AVG
[29/11/2012 - 21:48:54 | D ] C:\$Recycle.Bin
[28/11/2012 - 14:58:02 | N | 2899] C:\AdwCleaner[S1].txt
[13/11/2012 - 21:45:51 | D ] C:\ATI
[26/07/2012 - 07:52:25 | N | 24] C:\autoexec.bat
[28/11/2012 - 17:21:41 | D ] C:\Autorun.inf
[26/07/2012 - 04:44:30 | RASH | 398156] C:\bootmgr
[02/06/2012 - 15:30:55 | N | 1] C:\BOOTNXT
[26/07/2012 - 07:52:25 | N | 10] C:\config.sys
[26/07/2012 - 07:04:44 | SHD ] C:\Documents and Settings
[30/11/2012 - 09:28:38 | ASH | 1180631040] C:\hiberfil.sys
[21/11/2012 - 22:12:46 | D ] C:\MRVSZ2000
[14/11/2012 - 09:21:38 | D ] C:\MSOCache
[26/07/2012 - 07:29:57 | D ] C:\PerfLogs
[29/11/2012 - 16:35:00 | D ] C:\Program Files
[29/11/2012 - 16:35:01 | D ] C:\ProgramData
[28/11/2012 - 17:13:32 | N | 133] C:\recycler.bat
[27/11/2012 - 17:25:06 | D ] C:\rsit
[30/11/2012 - 09:28:39 | ASH | 268435456] C:\swapfile.sys
[29/11/2012 - 12:13:28 | SHD ] C:\System Volume Information
[30/11/2012 - 09:37:27 | D ] C:\UsbFix
[30/11/2012 - 09:35:20 | A | 2032] C:\UsbFix.txt
[28/11/2012 - 17:21:42 | N | 4703] C:\UsbFix_Upload_Me_PROXIMUS.zip
[13/11/2012 - 20:48:08 | D ] C:\Users
[29/11/2012 - 16:10:41 | D ] C:\Windows
[28/11/2012 - 17:20:16 | D ] D:\$RECYCLE.BIN
[26/03/2012 - 19:51:06 | D ] D:\+++HOSANNA+++
[11/01/2012 - 15:21:46 | N | 29379186] D:\02_Williams Star Wars Episode 2 - Across The Stars (Love Theme)_John Williams London Symphony Orchestra.flac
[18/11/2011 - 22:30:32 | N | 51536] D:\297427_2095012702351_1456323154_31751744_1918570440_n.jpg
[07/11/2012 - 20:35:03 | D ] D:\Adobe Audition 3.0
[28/11/2012 - 17:21:41 | D ] D:\Autorun.inf
[26/04/2012 - 15:22:32 | D ] D:\b7f3d35899436f9bc3b0b3ea10d68ed5
[15/11/2011 - 12:45:01 | N | 858206] D:\CA_20091127_Alderaan01_full.jpg
[31/05/2012 - 17:03:41 | N | 3782822] D:\ConvertHelperSetup.failed-conv-1.exe
[31/05/2012 - 16:58:27 | N | 3782822] D:\ConvertHelperSetup.failed-conv.exe
[23/11/2012 - 10:23:01 | D ] D:\dokumentumok
[23/10/2011 - 21:04:40 | N | 44461] D:\DSCF0037.JPG
[23/10/2011 - 21:04:55 | N | 21686] D:\DSCF0038.JPG
[23/10/2011 - 20:56:09 | N | 110139] D:\DSC_0545.JPG
[23/10/2011 - 20:55:13 | N | 101421] D:\DSC_0546.JPG
[23/10/2011 - 20:54:57 | N | 104785] D:\DSC_0548.JPG
[23/10/2011 - 20:52:54 | N | 85856] D:\DSC_0605.JPG
[14/09/2012 - 20:02:46 | N | 168257821] D:\DUMP499b.tmp
[06/06/2011 - 19:53:40 | N | 177055981] D:\DUMP4c6a.tmp
[31/05/2012 - 17:13:24 | N | 13116454] D:\Eur_pa_ezer_ves_t_rt_nelme.mp4
[31/05/2012 - 17:24:59 | N | 134864810] D:\Eur_pa_t_rk_pe_1000-t_l.mp4
[26/01/2012 - 19:50:47 | N | 131585] D:\f378.doc
[16/09/2012 - 20:15:16 | D ] D:\filmek
[07/11/2007 - 07:00:40 | N | 1110] D:\globdata.ini
[15/04/2010 - 22:26:31 | N | 268856] D:\Gáááábor_2010_04_15_@23_23_18.wav
[08/05/2012 - 20:59:11 | N | 1187774620] D:\haegemonia.nrg
[07/03/2011 - 21:37:20 | N | 586605] D:\hajnali fény.ses
[06/03/2012 - 20:28:44 | D ] D:\honlap
[07/03/2011 - 21:01:40 | N | 586605] D:\hosanna.ses
[28/03/2012 - 19:58:01 | N | 59724] D:\húsvéti kert.jpg
[18/05/2011 - 18:12:09 | N | 399703584] D:\Image.bin
[18/05/2011 - 18:12:10 | N | 681] D:\Image.cue
[07/11/2007 - 08:03:18 | N | 562688] D:\install.exe
[07/11/2007 - 08:00:40 | N | 843] D:\install.ini
[07/11/2007 - 08:03:18 | N | 76304] D:\install.res.1028.dll
[07/11/2007 - 08:03:18 | N | 96272] D:\install.res.1031.dll
[07/11/2007 - 08:03:18 | N | 91152] D:\install.res.1033.dll
[07/11/2007 - 08:03:18 | N | 97296] D:\install.res.1036.dll
[07/11/2007 - 08:03:18 | N | 95248] D:\install.res.1040.dll
[07/11/2007 - 08:03:18 | N | 81424] D:\install.res.1041.dll
[07/11/2007 - 08:03:18 | N | 79888] D:\install.res.1042.dll
[07/11/2007 - 08:03:18 | N | 75792] D:\install.res.2052.dll
[07/11/2007 - 08:03:18 | N | 96272] D:\install.res.3082.dll
[20/11/2011 - 20:56:53 | N | 407459] D:\jedi consular - sage.jpg
[13/11/2012 - 20:21:33 | N | 24064] D:\jegyzettömb.doc
[11/11/2012 - 23:12:57 | D ] D:\képek
[15/11/2011 - 12:32:42 | N | 48624] D:\lightsaber-duel.jpg
[22/11/2012 - 20:45:56 | D ] D:\láthatatlan színház
[03/01/2012 - 23:01:50 | D ] D:\msdownld.tmp
[12/06/2009 - 21:44:45 | D ] D:\MSOCache
[19/11/2012 - 23:15:10 | D ] D:\origami
[30/11/2012 - 09:28:38 | ASH | 603979776] D:\pagefile.sys
[26/01/2012 - 23:42:53 | N | 1523328] D:\pkrinstall.exe
[25/11/2012 - 20:55:26 | D ] D:\progik
[16/11/2012 - 00:09:19 | D ] D:\Program Files
[23/08/2012 - 12:58:37 | D ] D:\ProgramData
[29/10/2009 - 16:43:44 | N | 13644620] D:\Pucsok Pál elöadása.mp3
[28/11/2012 - 17:13:32 | N | 133] D:\recycler.bat
[20/11/2011 - 21:26:15 | N | 186553] D:\seer tábla másolata.jpg
[20/11/2011 - 21:26:06 | N | 1150659] D:\seer tábla.psd
[20/11/2011 - 21:27:40 | N | 20523] D:\seer1 - Wisdom.jpg
[22/11/2011 - 22:56:30 | N | 2303832] D:\setup.exe
[19/11/2011 - 11:37:49 | N | 6370504] D:\setupscreenhunterfree.exe
[29/03/2012 - 20:38:10 | D ] D:\SISSigner
[05/06/2008 - 13:42:42 | N | 88016] D:\SouthPark57.jpg
[04/10/2011 - 22:05:46 | N | 406603520] D:\srta kamara.nrg
[24/10/2011 - 19:47:18 | N | 4228241] D:\Star-Wars---Knights-of-the-Old-Republic-(English)-Cover-2324-92.jpg
[24/10/2011 - 19:40:07 | N | 265135] D:\sw kotor.jpg
[17/12/2009 - 00:19:28 | N | 0] D:\SW.UNL
[15/11/2011 - 12:49:12 | N | 838921] D:\SWTOR címer.jpg
[15/11/2011 - 13:35:15 | N | 6937015] D:\swtor delta guild.jpg
[15/11/2011 - 12:36:25 | N | 36829] D:\Swtor-guild.jpg
[08/11/2011 - 12:29:17 | N | 832879] D:\swtor.jpg
[14/06/2010 - 13:45:32 | SHD ] D:\System Volume Information
[18/11/2012 - 18:46:44 | D ] D:\Temp
[15/11/2011 - 20:26:12 | N | 359455] D:\ts3_language_hu_rc1.exe
[30/07/2011 - 16:30:48 | N | 639352] D:\utorrent.exe
[19/11/2011 - 23:27:19 | N | 489562] D:\V002.WAV
[07/11/2007 - 07:00:40 | N | 5686] D:\vcredist.bmp
[07/11/2007 - 08:09:22 | N | 1442522] D:\VC_RED.cab
[07/11/2007 - 08:12:28 | N | 232960] D:\VC_RED.MSI
[01/10/2012 - 20:00:14 | N | 116003] D:\X-Faktor_2012_-_A_t_bor_2_12-09-30_N_zd_jra_az_RTL_Most-on.mp4
[16/11/2012 - 21:47:14 | D ] D:\zene
[19/11/2011 - 23:25:11 | N | 69201] D:\zongora.jpg
[23/11/2012 - 01:02:31 | D ] D:\Új mappa
[13/11/2012 - 16:03:28 | N | 2392097] G:\Windows 8 Activator.rar
[02/11/2012 - 11:03:14 | N | 4953237] G:\02 - The Hospital Room.mp3
[20/11/2012 - 19:37:46 | N | 127488] G:\angol.doc
[25/11/2012 - 15:14:52 | N | 91136] G:\alapvizsga dolgozat.doc
[30/09/2012 - 15:29:42 | N | 119480320] G:\Ballance.iso
[22/09/2012 - 15:08:00 | N | 292184] G:\dxwebsetup0411.exe
[24/05/2011 - 12:36:16 | N | 1012224] G:\legációs levél pünkösd G..doc
[25/11/2012 - 09:59:28 | N | 22528] G:\Ő felemel.doc
[13/11/2012 - 15:57:22 | N | 29299376] G:\SkypeSetupFull.exe
[27/11/2012 - 20:10:42 | N | 4096] G:\._.Trashes
[27/11/2012 - 20:10:42 | D ] G:\.Trashes
[27/11/2012 - 20:10:42 | D ] G:\.fseventsd
[27/11/2012 - 20:10:42 | D ] G:\.Spotlight-V100
[28/11/2012 - 17:13:32 | N | 133] G:\recycler.bat
[28/11/2012 - 17:21:42 | D ] G:\Autorun.inf

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_PROXIMUS.zip
http://eldesaparecido.com/upload.php
Thank you for your contribution.

################## | E.O.F |


pén. nov. 30, 2012 10:21
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: BackDoor.Dorkbot vírus
Igen, mert nem ugy csinalod ahogy irom, az USBFIXEL DELETE kellet , mer a FOUND azt jelenti hogy nem DELETE volt bekapcsolva, hanem csak scan.
Idézet:
################## | Files # Infected Folders |

Found ! G:\Biztonsági mentés.lnk
Found ! G:\swtor.lnk
Found ! G:\progik.lnk
Found ! G:\láthatatlan színház.lnk
Found ! G:\papír.lnk
Found ! G:\képek.lnk
Found ! G:\kép.lnk
Found ! G:\Dokumentumok.lnk
Found ! G:\alapvizsga.lnk


z MBANR antirootkit programot.
http://www.bleepingcomputer.com/downloa ... i-rootkit/
Letolteni, futtatni, frissiteni, scan es az scan utan, CLEANUP, a naplojat tedd ide.


pén. nov. 30, 2012 8:38
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
A pendrive-on továbbra is ott vannak a vírusok, nem tudom a gépen ott van e még... :roll:


csüt. nov. 29, 2012 21:56
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Adatbázis verzió: v2012.11.29.08

Windows 7 x86 NTFS (Csökkentett üzemmód/Hálózat)
Internet Explorer 9.10.9200.16433
Tigerpapó :: PROXIMUS [rendszergazda]

2012.11.29. 16:37:11
mbam-log-2012-11-29 (16-42-03).txt

Vizsgálat típusa: Gyorsvizsgálat
Engedélyezett vizsgálati beállítások: Memória | Indítópult | Rendszerleíró | Rendszerfájlok | Heurisztikus/Extra | Heurisztikus/Shuriken | PUP | PUM
Letiltott vizsgálati beállítások: P2P
Átvizsgált objektumok: 189880
Eltelt idő: 4 perc, 9 másodperc

Fertőzött memóriafolyamatok: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött memória modulok: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró kulcsok: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró értékek: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró adatelemek: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött mappák: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött fájlok: 2
C:\Users\Tigerpapó\Local Settings\Temporary Internet Files\Content.IE5\Z5XU92NR\50a35a26f0dfc[1].exe (Trojan.Agent) -> Nem történt semmi.
C:\Users\Tigerpapó\Local Settings\Temporary Internet Files\Content.IE5\Z5XU92NR\agent_setup[1].exe (Affiliate.Downloader) -> Nem történt semmi.

(befejezés)


csüt. nov. 29, 2012 17:02
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
Oké. Megcsináltam. A Malwarebytes talált két trójait a c-n. Töröltem

############################## | UsbFix V 7.100 | [Research]

User: Tigerpapó (Administrator) # PROXIMUS
Updated 11/11/2012 by El Desaparecido
Started at 16:29:43 | 29/11/2012

Website: http://sosvirus.org
Contact: contact@eldesaparecido.com

PC: Hewlett-Packard (HP Compaq nx6325 (EY351EA#ACQ)) (X86-based PC
CPU: Mobile AMD Sempron(tm) Processor 3500+ (1796)
RAM -> [Total : 1407 | Free : 915]
BIOS: EPP runtime BIOS - Version 1.1
BOOT: Fail-safe with network boot

OS: Microsoft Windows 8 Pro (6.2.9200 32-Bit) #
WB: Windows Internet Explorer 9.10.9200.16433

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: AVG Anti-Virus Free Edition 2013 [Enabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 19 Gb (445 Mb free - 2%) [] # NTFS
D:\ -> Fixed drive # 55 Gb (7 Mb free - 12%) [cuccos] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> Removable drive # 4 Gb (4 Mb free - 96%) [] # FAT32

################## | Active Processes |

C:\Windows\system32\csrss.exe (400)
C:\Windows\system32\csrss.exe (444)
C:\Windows\system32\winlogon.exe (472)
C:\Windows\system32\wininit.exe (480)
C:\Windows\system32\services.exe (516)
C:\Windows\system32\lsass.exe (528)
C:\Windows\system32\svchost.exe (620)
C:\Windows\system32\svchost.exe (672)
C:\Windows\system32\dwm.exe (740)
C:\Windows\System32\svchost.exe (844)
C:\Windows\system32\svchost.exe (880)
C:\Windows\system32\svchost.exe (904)
C:\Windows\system32\svchost.exe (936)
C:\Windows\system32\svchost.exe (960)
C:\Windows\system32\svchost.exe (1120)
C:\Windows\Explorer.EXE (1384)
C:\Windows\system32\ctfmon.exe (1408)
C:\Windows\system32\DllHost.exe (1592)
C:\Windows\system32\NOTEPAD.EXE (1176)
C:\UsbFix\Go.exe (1604)
C:\Windows\system32\wbem\wmiprvse.exe (1216)

################## | Files # Infected Folders |

Found ! G:\Biztonsági mentés.lnk
Found ! G:\swtor.lnk
Found ! G:\progik.lnk
Found ! G:\láthatatlan színház.lnk
Found ! G:\papír.lnk
Found ! G:\képek.lnk
Found ! G:\kép.lnk
Found ! G:\Dokumentumok.lnk
Found ! G:\alapvizsga.lnk

################## | Registry |


################## | Mountpoints2 |



################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F |


csüt. nov. 29, 2012 16:58
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: BackDoor.Dorkbot vírus
Ahogy lattom Win8, van a gepen, na meglassuk milyen program megy majd.

Most csináld meg eztet.
Az AVG karantenjabbol, tedd vissza a fajlokat, tehat kapcsold ki az AVG programot, nyisd ki az avg karantenjat es tedd vissza a fajlokat.
Restart csokkentet modba a hálózattal, >>az RECYCLER.bat fajlot, amitt csinaltal, másold ra az C:\ D:\ G:\ meghajtóra is.

1:Csökkentet módban futtasd le mindenűt.RECYCLER.bat fajlot
2:Csökkentet módban futtasd le UJBOL AZ USBFIX programot, a naplojat tedd idde.
3:Csökkentet módban futtasd le az MALWAREBYTES programot, a talaltakat torolni, a naplojat tedd idde.
http://www.viruskasino.com/2011/03/navo ... bytes.html
4:Restart a Windowsba es ird meg mi van.


szer. nov. 28, 2012 17:48
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
sajnos nem :(


szer. nov. 28, 2012 17:39
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: BackDoor.Dorkbot vírus
Akkor most mi a helyzet?? latod a fajloidat az pendriven??


szer. nov. 28, 2012 17:26
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
############################## | UsbFix V 7.100 | [Deletion]

User: Tigerpapó (Administrator) # PROXIMUS
Updated 11/11/2012 by El Desaparecido
Started at 17:18:02 | 28/11/2012

Website: http://sosvirus.org
Contact: contact@eldesaparecido.com

PC: Hewlett-Packard (HP Compaq nx6325 (EY351EA#ACQ)) (X86-based PC
CPU: Mobile AMD Sempron(tm) Processor 3500+ (1800)
RAM -> [Total : 1407 | Free : 892]
BIOS: EPP runtime BIOS - Version 1.1
BOOT: Normal boot

OS: Microsoft Windows 8 Pro (6.2.9200 32-Bit) #
WB: Windows Internet Explorer 9.10.9200.16433

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: AVG Anti-Virus Free Edition 2013 [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 19 Gb (889 Mb free - 4%) [] # NTFS
D:\ -> Fixed drive # 55 Gb (7 Mb free - 12%) [cuccos] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> Removable drive # 4 Gb (4 Mb free - 96%) [] # FAT32

################## | Active Processes |

C:\Windows\system32\csrss.exe (628)
C:\Windows\system32\wininit.exe (712)
C:\Windows\system32\csrss.exe (724)
C:\Windows\system32\winlogon.exe (780)
C:\Windows\system32\services.exe (792)
C:\Windows\system32\lsass.exe (800)
C:\Windows\system32\svchost.exe (900)
C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe (940)
C:\Windows\system32\svchost.exe (984)
C:\Windows\system32\Ati2evxx.exe (1056)
C:\Windows\system32\dwm.exe (1124)
C:\Windows\System32\svchost.exe (1152)
C:\Windows\system32\svchost.exe (1224)
C:\Windows\system32\svchost.exe (1272)
C:\Windows\System32\svchost.exe (1332)
C:\Windows\system32\svchost.exe (1496)
C:\Windows\System32\spoolsv.exe (1692)
C:\Windows\system32\svchost.exe (1744)
C:\Windows\system32\svchost.exe (1772)
C:\Windows\system32\AEADISRV.EXE (1952)
C:\Program Files\AVG\AVG2013\avgwdsvc.exe (2008)
C:\Windows\system32\Ati2evxx.exe (980)
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (1408)
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe (888)
C:\Windows\system32\msiexec.exe (2488)
C:\Windows\system32\taskhostex.exe (2572)
C:\Program Files\ASCOMP Software\BackUp Maker\bkmaker.exe (2580)
C:\Program Files\AuthenTec TrueSuite\TouchControl.exe (2676)
C:\Windows\Explorer.EXE (2832)
C:\Windows\system32\wbem\wmiprvse.exe (3436)
C:\Windows\system32\wbem\unsecapp.exe (3536)
C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe (3604)
C:\Windows\system32\svchost.exe (3720)
C:\Windows\system32\SearchIndexer.exe (3820)
C:\Windows\system32\StikyNot.exe (3836)
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\LiveComm.exe (3896)
C:\Program Files\TeamViewer\Version8\TeamViewer.exe (3936)
C:\Program Files\TeamViewer\Version8\tv_w32.exe (2848)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (804)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (3240)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (3272)
C:\Program Files\Analog Devices\Core\smax4pnp.exe (3564)
C:\Program Files\AVG\AVG2013\avgui.exe (2552)
C:\Program Files\Skype\Phone\Skype.exe (3020)
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (3336)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (2792)
C:\Program Files\DAEMON Tools Lite\DTLite.exe (4236)
C:\Program Files\Optimizer Pro\OptProSmartScan.exe (4284)
C:\Program Files\Optimizer Pro\OptProReminder.exe (4296)
C:\Windows\System32\RuntimeBroker.exe (4532)
C:\Windows\System32\WUDFHost.exe (4280)
C:\Windows\system32\wbem\wmiprvse.exe (2228)
C:\UsbFix\Go.exe (5236)
C:\Program Files\AVG\AVG2013\avgcfgex.exe (1428)

################## | Stopped processes |

Stopped! C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe (940)
Stopped! C:\Windows\system32\Ati2evxx.exe (1056)
Stopped! C:\Windows\System32\spoolsv.exe (1692)
Stopped! C:\Windows\system32\AEADISRV.EXE (1952)
Stopped! C:\Program Files\AVG\AVG2013\avgwdsvc.exe (2008)
Stopped! C:\Windows\system32\Ati2evxx.exe (980)
Stopped! C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (1408)
Stopped! C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe (888)
Stopped! C:\Windows\system32\msiexec.exe (2488)
Stopped! C:\Windows\system32\taskhostex.exe (2572)
Stopped! C:\Program Files\ASCOMP Software\BackUp Maker\bkmaker.exe (2580)
Stopped! C:\Program Files\AuthenTec TrueSuite\TouchControl.exe (2676)
Stopped! C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe (3604)
Stopped! C:\Windows\system32\SearchIndexer.exe (3820)
Stopped! C:\Windows\system32\StikyNot.exe (3836)
Stopped! C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\LiveComm.exe (3896)
Stopped! C:\Program Files\TeamViewer\Version8\TeamViewer.exe (3936)
Stopped! C:\Program Files\TeamViewer\Version8\tv_w32.exe (2848)
Stopped! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (804)
Stopped! C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (3240)
Stopped! C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (3272)
Stopped! C:\Program Files\Analog Devices\Core\smax4pnp.exe (3564)
Stopped! C:\Program Files\AVG\AVG2013\avgui.exe (2552)
Stopped! C:\Program Files\Skype\Phone\Skype.exe (3020)
Stopped! C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (3336)
Stopped! C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (2792)
Stopped! C:\Program Files\DAEMON Tools Lite\DTLite.exe (4236)
Stopped! C:\Program Files\Optimizer Pro\OptProSmartScan.exe (4284)
Stopped! C:\Program Files\Optimizer Pro\OptProReminder.exe (4296)
Stopped! C:\Windows\System32\RuntimeBroker.exe (4532)
Stopped! C:\Windows\System32\WUDFHost.exe (4280)
Stopped! C:\Program Files\AVG\AVG2013\avgcfgex.exe (1428)

################## | Files # Infected Folders |

Deleted ! C:\$RECYCLE.BIN\S-1-5-21-355688055-3770966632-2808113590-1001
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-355688055-3770966632-2808113590-1001

(!) Temporary files deleted.

################## | Registry |


################## | Mountpoints2 |


################## | Listing |

[25/11/2012 - 20:35:42 | D ] C:\$AVG
[28/11/2012 - 17:20:16 | SHD ] C:\$Recycle.Bin
[28/11/2012 - 14:58:02 | N | 2899] C:\AdwCleaner[S1].txt
[13/11/2012 - 21:45:51 | D ] C:\ATI
[26/07/2012 - 07:52:25 | N | 24] C:\autoexec.bat
[28/11/2012 - 15:24:40 | RASHD ] C:\Autorun.inf
[26/07/2012 - 04:44:30 | RASH | 398156] C:\bootmgr
[02/06/2012 - 15:30:55 | N | 1] C:\BOOTNXT
[26/07/2012 - 07:52:25 | N | 10] C:\config.sys
[26/07/2012 - 07:04:44 | SHD ] C:\Documents and Settings
[28/11/2012 - 16:59:47 | ASH | 1180631040] C:\hiberfil.sys
[21/11/2012 - 22:12:46 | D ] C:\MRVSZ2000
[14/11/2012 - 09:21:38 | RHD ] C:\MSOCache
[26/07/2012 - 07:29:57 | D ] C:\PerfLogs
[28/11/2012 - 16:13:12 | D ] C:\Program Files
[28/11/2012 - 15:01:52 | HD ] C:\ProgramData
[27/11/2012 - 17:25:06 | D ] C:\rsit
[28/11/2012 - 16:59:48 | ASH | 268435456] C:\swapfile.sys
[28/11/2012 - 15:23:14 | SHD ] C:\System Volume Information
[28/11/2012 - 17:20:18 | D ] C:\UsbFix
[28/11/2012 - 17:18:12 | A | 7230] C:\UsbFix.txt
[28/11/2012 - 15:24:40 | N | 4945] C:\UsbFix_Upload_Me_PROXIMUS.zip
[13/11/2012 - 20:48:08 | D ] C:\Users
[28/11/2012 - 15:43:06 | D ] C:\Windows
[28/11/2012 - 17:20:16 | SHD ] D:\$RECYCLE.BIN
[26/03/2012 - 19:51:06 | D ] D:\+++HOSANNA+++
[11/01/2012 - 15:21:46 | N | 29379186] D:\02_Williams Star Wars Episode 2 - Across The Stars (Love Theme)_John Williams London Symphony Orchestra.flac
[18/11/2011 - 22:30:32 | N | 51536] D:\297427_2095012702351_1456323154_31751744_1918570440_n.jpg
[07/11/2012 - 20:35:03 | D ] D:\Adobe Audition 3.0
[28/11/2012 - 15:24:40 | RASHD ] D:\Autorun.inf
[26/04/2012 - 15:22:32 | D ] D:\b7f3d35899436f9bc3b0b3ea10d68ed5
[15/11/2011 - 12:45:01 | N | 858206] D:\CA_20091127_Alderaan01_full.jpg
[31/05/2012 - 17:03:41 | N | 3782822] D:\ConvertHelperSetup.failed-conv-1.exe
[31/05/2012 - 16:58:27 | N | 3782822] D:\ConvertHelperSetup.failed-conv.exe
[23/11/2012 - 10:23:01 | D ] D:\dokumentumok
[23/10/2011 - 21:04:40 | N | 44461] D:\DSCF0037.JPG
[23/10/2011 - 21:04:55 | N | 21686] D:\DSCF0038.JPG
[23/10/2011 - 20:56:09 | N | 110139] D:\DSC_0545.JPG
[23/10/2011 - 20:55:13 | N | 101421] D:\DSC_0546.JPG
[23/10/2011 - 20:54:57 | N | 104785] D:\DSC_0548.JPG
[23/10/2011 - 20:52:54 | N | 85856] D:\DSC_0605.JPG
[14/09/2012 - 20:02:46 | N | 168257821] D:\DUMP499b.tmp
[06/06/2011 - 19:53:40 | N | 177055981] D:\DUMP4c6a.tmp
[31/05/2012 - 17:13:24 | N | 13116454] D:\Eur_pa_ezer_ves_t_rt_nelme.mp4
[31/05/2012 - 17:24:59 | N | 134864810] D:\Eur_pa_t_rk_pe_1000-t_l.mp4
[26/01/2012 - 19:50:47 | N | 131585] D:\f378.doc
[16/09/2012 - 20:15:16 | D ] D:\filmek
[07/11/2007 - 07:00:40 | N | 1110] D:\globdata.ini
[15/04/2010 - 22:26:31 | N | 268856] D:\Gáááábor_2010_04_15_@23_23_18.wav
[08/05/2012 - 20:59:11 | N | 1187774620] D:\haegemonia.nrg
[07/03/2011 - 21:37:20 | N | 586605] D:\hajnali fény.ses
[06/03/2012 - 20:28:44 | D ] D:\honlap
[07/03/2011 - 21:01:40 | N | 586605] D:\hosanna.ses
[28/03/2012 - 19:58:01 | N | 59724] D:\húsvéti kert.jpg
[18/05/2011 - 18:12:09 | N | 399703584] D:\Image.bin
[18/05/2011 - 18:12:10 | N | 681] D:\Image.cue
[07/11/2007 - 08:03:18 | N | 562688] D:\install.exe
[07/11/2007 - 08:00:40 | N | 843] D:\install.ini
[07/11/2007 - 08:03:18 | N | 76304] D:\install.res.1028.dll
[07/11/2007 - 08:03:18 | N | 96272] D:\install.res.1031.dll
[07/11/2007 - 08:03:18 | N | 91152] D:\install.res.1033.dll
[07/11/2007 - 08:03:18 | N | 97296] D:\install.res.1036.dll
[07/11/2007 - 08:03:18 | N | 95248] D:\install.res.1040.dll
[07/11/2007 - 08:03:18 | N | 81424] D:\install.res.1041.dll
[07/11/2007 - 08:03:18 | N | 79888] D:\install.res.1042.dll
[07/11/2007 - 08:03:18 | N | 75792] D:\install.res.2052.dll
[07/11/2007 - 08:03:18 | N | 96272] D:\install.res.3082.dll
[20/11/2011 - 20:56:53 | N | 407459] D:\jedi consular - sage.jpg
[13/11/2012 - 20:21:33 | N | 24064] D:\jegyzettömb.doc
[11/11/2012 - 23:12:57 | D ] D:\képek
[15/11/2011 - 12:32:42 | N | 48624] D:\lightsaber-duel.jpg
[22/11/2012 - 20:45:56 | D ] D:\láthatatlan színház
[03/01/2012 - 23:01:50 | D ] D:\msdownld.tmp
[12/06/2009 - 21:44:45 | RHD ] D:\MSOCache
[19/11/2012 - 23:15:10 | D ] D:\origami
[28/11/2012 - 16:59:48 | ASH | 603979776] D:\pagefile.sys
[26/01/2012 - 23:42:53 | N | 1523328] D:\pkrinstall.exe
[25/11/2012 - 20:55:26 | D ] D:\progik
[16/11/2012 - 00:09:19 | D ] D:\Program Files
[23/08/2012 - 12:58:37 | D ] D:\ProgramData
[29/10/2009 - 16:43:44 | N | 13644620] D:\Pucsok Pál elöadása.mp3
[20/11/2011 - 21:26:15 | N | 186553] D:\seer tábla másolata.jpg
[20/11/2011 - 21:26:06 | N | 1150659] D:\seer tábla.psd
[20/11/2011 - 21:27:40 | N | 20523] D:\seer1 - Wisdom.jpg
[22/11/2011 - 22:56:30 | N | 2303832] D:\setup.exe
[19/11/2011 - 11:37:49 | N | 6370504] D:\setupscreenhunterfree.exe
[29/03/2012 - 20:38:10 | D ] D:\SISSigner
[05/06/2008 - 13:42:42 | N | 88016] D:\SouthPark57.jpg
[04/10/2011 - 22:05:46 | N | 406603520] D:\srta kamara.nrg
[24/10/2011 - 19:47:18 | N | 4228241] D:\Star-Wars---Knights-of-the-Old-Republic-(English)-Cover-2324-92.jpg
[24/10/2011 - 19:40:07 | N | 265135] D:\sw kotor.jpg
[17/12/2009 - 00:19:28 | N | 0] D:\SW.UNL
[15/11/2011 - 12:49:12 | N | 838921] D:\SWTOR címer.jpg
[15/11/2011 - 13:35:15 | N | 6937015] D:\swtor delta guild.jpg
[15/11/2011 - 12:36:25 | N | 36829] D:\Swtor-guild.jpg
[08/11/2011 - 12:29:17 | N | 832879] D:\swtor.jpg
[14/06/2010 - 13:45:32 | SHD ] D:\System Volume Information
[18/11/2012 - 18:46:44 | D ] D:\Temp
[15/11/2011 - 20:26:12 | N | 359455] D:\ts3_language_hu_rc1.exe
[30/07/2011 - 16:30:48 | N | 639352] D:\utorrent.exe
[19/11/2011 - 23:27:19 | N | 489562] D:\V002.WAV
[07/11/2007 - 07:00:40 | N | 5686] D:\vcredist.bmp
[07/11/2007 - 08:09:22 | N | 1442522] D:\VC_RED.cab
[07/11/2007 - 08:12:28 | N | 232960] D:\VC_RED.MSI
[01/10/2012 - 20:00:14 | N | 116003] D:\X-Faktor_2012_-_A_t_bor_2_12-09-30_N_zd_jra_az_RTL_Most-on.mp4
[16/11/2012 - 21:47:14 | D ] D:\zene
[19/11/2011 - 23:25:11 | N | 69201] D:\zongora.jpg
[23/11/2012 - 01:02:31 | D ] D:\Új mappa
[13/11/2012 - 16:03:28 | N | 2392097] G:\Windows 8 Activator.rar
[02/11/2012 - 11:03:14 | N | 4953237] G:\02 - The Hospital Room.mp3
[20/11/2012 - 19:37:46 | N | 127488] G:\angol.doc
[25/11/2012 - 15:14:52 | N | 91136] G:\alapvizsga dolgozat.doc
[30/09/2012 - 15:29:42 | N | 119480320] G:\Ballance.iso
[22/09/2012 - 15:08:00 | N | 292184] G:\dxwebsetup0411.exe
[24/05/2011 - 12:36:16 | N | 1012224] G:\legációs levél pünkösd G..doc
[25/11/2012 - 09:59:28 | N | 22528] G:\Ő felemel.doc
[13/11/2012 - 15:57:22 | N | 29299376] G:\SkypeSetupFull.exe
[26/11/2012 - 12:02:58 | HD ] G:\RECYCLER
[27/11/2012 - 20:10:42 | N | 4096] G:\._.Trashes
[27/11/2012 - 20:10:42 | HD ] G:\.Trashes
[27/11/2012 - 20:10:42 | D ] G:\.fseventsd
[27/11/2012 - 20:10:42 | D ] G:\.Spotlight-V100
[28/11/2012 - 15:24:42 | RASHD ] G:\Autorun.inf
[28/11/2012 - 16:21:52 | D ] G:\Biztonsági mentés
[28/11/2012 - 17:13:32 | N | 133] G:\recycler.bat

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_PROXIMUS.zip
http://eldesaparecido.com/upload.php
Thank you for your contribution.

################## | E.O.F |


szer. nov. 28, 2012 17:22
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: BackDoor.Dorkbot vírus
igen azzok ha mind .ink>>kel vegzodnek akkor ez virus hagyd ott, akkor most csinald meg eztet.
Nyisd ki a Notepad, igy.
start, futtatsba ird ne Notepad, es masold be ezt a textet a notepadba.
Kód:
@ECHO OFF
ECHO (www.viruskasino.com)
REM script created by: www.viruskasino.com
attrib -s -h -r -a /s /d
rd /s /q recycler
PAUSE


mentsd le az G:\ pendrivre mint minden fajlo.
a neve legyen recycler.bat
aztan jobb klik az recycler.bat fajlora, es futtasd mint rendszergazda,
mikkor lefuut nyomj be akarmilyen bilentyut,

es utana ujbol futtasd le az USBFIX programot, a naplojat tedd idde.


szer. nov. 28, 2012 16:50
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
vegyes, mindenféle, jpg, doc, pdf, exe
és az a lényeg, hogy a mappákra azt írja ki a karanténban megjelenő listában, hogy pl.: képek.lnk


szer. nov. 28, 2012 16:42
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: BackDoor.Dorkbot vírus
Itt arrol van szo, hogy az AVG a legrosszabb virusvedelem, ha karanténba rakta, akkor tudnom kell hogy milyen fajlokrol van szo, mert a Dorkbot nem fertoz meg fajlokat, es mar az USBFIX kiirtotta.


szer. nov. 28, 2012 16:00
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
Hát nincsenek újra ott az usb-n a fájljaim, amik megfertőződtek, viszont megtaláltam őket, az avg karanténjában. mit csináljak velük?


szer. nov. 28, 2012 15:48
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: BackDoor.Dorkbot vírus
Idézet:
megcsináltam, viszont nincs eredmény az usb-n.

Ezt nem értem, milyen eredmény??


szer. nov. 28, 2012 15:46
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
megcsináltam, viszont nincs eredmény az usb-n. egyébként majdnem mindent letörölt az avg mikor észlelte a vírust a napokban és karanténba tette. most néztem és a karantén üres.


szer. nov. 28, 2012 15:37
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
############################## | UsbFix V 7.100 | [Deletion]

User: Tigerpapó (Administrator) # PROXIMUS
Updated 11/11/2012 by El Desaparecido
Started at 15:12:50 | 28/11/2012

Website: http://sosvirus.org
Contact: contact@eldesaparecido.com

PC: Hewlett-Packard (HP Compaq nx6325 (EY351EA#ACQ)) (X86-based PC
CPU: Mobile AMD Sempron(tm) Processor 3500+ (1800)
RAM -> [Total : 1407 | Free : 817]
BIOS: EPP runtime BIOS - Version 1.1
BOOT: Normal boot

OS: Microsoft Windows 8 Pro (6.2.9200 32-Bit) #
WB: Windows Internet Explorer 9.10.9200.16433

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: AVG Anti-Virus Free Edition 2013 [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 19 Gb (4 Mb free - 22%) [] # NTFS
D:\ -> Fixed drive # 55 Gb (1 Mb free - 2%) [cuccos] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> Removable drive # 4 Gb (4 Mb free - 96%) [] # FAT32

################## | Active Processes |

C:\Windows\system32\csrss.exe (672)
C:\Windows\system32\wininit.exe (756)
C:\Windows\system32\csrss.exe (764)
C:\Windows\system32\winlogon.exe (808)
C:\Windows\system32\services.exe (852)
C:\Windows\system32\lsass.exe (860)
C:\Windows\system32\svchost.exe (936)
C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe (972)
C:\Windows\system32\svchost.exe (1016)
C:\Windows\system32\Ati2evxx.exe (1100)
C:\Windows\system32\dwm.exe (1152)
C:\Windows\System32\svchost.exe (1180)
C:\Windows\system32\svchost.exe (1240)
C:\Windows\system32\svchost.exe (1300)
C:\Windows\System32\svchost.exe (1372)
C:\Windows\system32\svchost.exe (1548)
C:\Windows\System32\spoolsv.exe (1704)
C:\Windows\system32\svchost.exe (1796)
C:\Windows\system32\svchost.exe (1812)
C:\Windows\system32\AEADISRV.EXE (2004)
C:\Program Files\AVG\AVG2013\avgidsagent.exe (2020)
C:\Program Files\AVG\AVG2013\avgwdsvc.exe (396)
C:\Windows\system32\Ati2evxx.exe (668)
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (2032)
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe (2072)
C:\Windows\system32\taskhostex.exe (2544)
C:\Program Files\AuthenTec TrueSuite\TouchControl.exe (2552)
C:\Windows\Explorer.EXE (2672)
C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe (3340)
C:\Windows\system32\wbem\wmiprvse.exe (3572)
C:\Windows\System32\WUDFHost.exe (3688)
C:\Windows\system32\wbem\unsecapp.exe (3780)
C:\Program Files\TeamViewer\Version8\TeamViewer.exe (4040)
C:\Windows\system32\svchost.exe (2736)
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\LiveComm.exe (3428)
C:\Windows\system32\SearchIndexer.exe (3308)
C:\Program Files\TeamViewer\Version8\tv_w32.exe (1460)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (4400)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (4416)
C:\Program Files\Analog Devices\Core\smax4pnp.exe (4440)
C:\Program Files\AVG\AVG2013\avgui.exe (4464)
C:\Program Files\Skype\Phone\Skype.exe (4476)
C:\Program Files\DAEMON Tools Lite\DTLite.exe (4552)
C:\Program Files\Optimizer Pro\OptProSmartScan.exe (4568)
C:\Program Files\Optimizer Pro\OptProReminder.exe (4616)
C:\Windows\System32\StikyNot.exe (4624)
C:\Windows\system32\NOTEPAD.EXE (4692)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (4740)
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (4784)
C:\Windows\System32\RuntimeBroker.exe (4848)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (4884)
C:\Windows\system32\wwahost.exe (6032)
C:\UsbFix\Go.exe (2908)
C:\Windows\system32\wbem\wmiprvse.exe (5400)
C:\Windows\system32\taskeng.exe (5336)
C:\Windows\system32\SearchProtocolHost.exe (5652)
C:\Windows\system32\SearchFilterHost.exe (5716)
C:\Program Files\AVG\AVG2013\avgcfgex.exe (3008)
C:\Windows\servicing\TrustedInstaller.exe (5248)
C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_060a6d2998b13f25\TiWorker.exe (4944)

################## | Stopped processes |

Stopped! C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe (972)
Stopped! C:\Windows\system32\Ati2evxx.exe (1100)
Stopped! C:\Windows\System32\spoolsv.exe (1704)
Stopped! C:\Windows\system32\AEADISRV.EXE (2004)
Stopped! C:\Program Files\AVG\AVG2013\avgidsagent.exe (2020)
Stopped! C:\Program Files\AVG\AVG2013\avgwdsvc.exe (396)
Stopped! C:\Windows\system32\Ati2evxx.exe (668)
Stopped! C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (2032)
Stopped! C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe (2072)
Stopped! C:\Windows\system32\taskhostex.exe (2544)
Stopped! C:\Program Files\AuthenTec TrueSuite\TouchControl.exe (2552)
Stopped! C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe (3340)
Stopped! C:\Windows\System32\WUDFHost.exe (3688)
Stopped! C:\Program Files\TeamViewer\Version8\TeamViewer.exe (4040)
Stopped! C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\LiveComm.exe (3428)
Stopped! C:\Windows\system32\SearchIndexer.exe (3308)
Stopped! C:\Program Files\TeamViewer\Version8\tv_w32.exe (1460)
Stopped! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (4400)
Stopped! C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (4416)
Stopped! C:\Program Files\Analog Devices\Core\smax4pnp.exe (4440)
Stopped! C:\Program Files\AVG\AVG2013\avgui.exe (4464)
Stopped! C:\Program Files\Skype\Phone\Skype.exe (4476)
Stopped! C:\Program Files\DAEMON Tools Lite\DTLite.exe (4552)
Stopped! C:\Program Files\Optimizer Pro\OptProSmartScan.exe (4568)
Stopped! C:\Program Files\Optimizer Pro\OptProReminder.exe (4616)
Stopped! C:\Windows\System32\StikyNot.exe (4624)
Stopped! C:\Windows\system32\NOTEPAD.EXE (4692)
Stopped! C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (4740)
Stopped! C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (4784)
Stopped! C:\Windows\System32\RuntimeBroker.exe (4848)
Stopped! C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (4884)
Stopped! C:\Windows\system32\wwahost.exe (6032)
Stopped! C:\Windows\system32\taskeng.exe (5336)
Stopped! C:\Windows\system32\SearchProtocolHost.exe (5652)
Stopped! C:\Windows\system32\SearchFilterHost.exe (5716)
Stopped! C:\Windows\servicing\TrustedInstaller.exe (5248)
Stopped! C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_060a6d2998b13f25\TiWorker.exe (4944)

################## | Files # Infected Folders |

Deleted ! C:\Windows\Temp\RegistryOptimizer.exe
Deleted ! G:\Recycler\e621ca05.exe
Deleted ! C:\$RECYCLE.BIN\S-1-5-18
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-355688055-3770966632-2808113590-1001
Deleted ! D:\$RECYCLE.BIN\S-1-5-20
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-1140162646-222089804-3457987806-1000
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-1410382060-2380230022-1634953292-1000
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-2858471002-2609389179-2029141036-1000
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-2975082389-2792803069-240635912-1000
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-355688055-3770966632-2808113590-1001
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-4237614357-1215398741-138512928-1000
Deleted ! G:\Recycler\desktop.ini

(!) Temporary files deleted.

################## | Registry |


################## | Mountpoints2 |


################## | Listing |

[25/11/2012 - 20:35:42 | D ] C:\$AVG
[28/11/2012 - 15:16:05 | SHD ] C:\$Recycle.Bin
[28/11/2012 - 14:58:02 | N | 2899] C:\AdwCleaner[S1].txt
[13/11/2012 - 21:45:51 | D ] C:\ATI
[26/07/2012 - 07:52:25 | N | 24] C:\autoexec.bat
[26/07/2012 - 04:44:30 | RASH | 398156] C:\bootmgr
[02/06/2012 - 15:30:55 | N | 1] C:\BOOTNXT
[26/07/2012 - 07:52:25 | N | 10] C:\config.sys
[26/07/2012 - 07:04:44 | SHD ] C:\Documents and Settings
[28/11/2012 - 15:00:36 | ASH | 1180631040] C:\hiberfil.sys
[21/11/2012 - 22:12:46 | D ] C:\MRVSZ2000
[14/11/2012 - 09:21:38 | RHD ] C:\MSOCache
[28/11/2012 - 15:00:36 | ASH | 603979776] C:\pagefile.sys
[26/07/2012 - 07:29:57 | D ] C:\PerfLogs
[28/11/2012 - 14:57:57 | D ] C:\Program Files
[28/11/2012 - 15:01:52 | HD ] C:\ProgramData
[27/11/2012 - 17:25:06 | D ] C:\rsit
[28/11/2012 - 15:00:37 | ASH | 268435456] C:\swapfile.sys
[28/11/2012 - 15:23:14 | SHD ] C:\System Volume Information
[28/11/2012 - 15:23:08 | D ] C:\UsbFix
[28/11/2012 - 15:13:01 | A | 8489] C:\UsbFix.txt
[13/11/2012 - 20:48:08 | D ] C:\Users
[28/11/2012 - 15:01:55 | D ] C:\Windows
[28/11/2012 - 15:22:48 | SHD ] D:\$RECYCLE.BIN
[26/03/2012 - 19:51:06 | D ] D:\+++HOSANNA+++
[11/01/2012 - 15:21:46 | N | 29379186] D:\02_Williams Star Wars Episode 2 - Across The Stars (Love Theme)_John Williams London Symphony Orchestra.flac
[18/11/2011 - 22:30:32 | N | 51536] D:\297427_2095012702351_1456323154_31751744_1918570440_n.jpg
[07/11/2012 - 20:35:03 | D ] D:\Adobe Audition 3.0
[26/04/2012 - 15:22:32 | D ] D:\b7f3d35899436f9bc3b0b3ea10d68ed5
[15/11/2011 - 12:45:01 | N | 858206] D:\CA_20091127_Alderaan01_full.jpg
[31/05/2012 - 17:03:41 | N | 3782822] D:\ConvertHelperSetup.failed-conv-1.exe
[31/05/2012 - 16:58:27 | N | 3782822] D:\ConvertHelperSetup.failed-conv.exe
[23/11/2012 - 10:23:01 | D ] D:\dokumentumok
[23/10/2011 - 21:04:40 | N | 44461] D:\DSCF0037.JPG
[23/10/2011 - 21:04:55 | N | 21686] D:\DSCF0038.JPG
[23/10/2011 - 20:56:09 | N | 110139] D:\DSC_0545.JPG
[23/10/2011 - 20:55:13 | N | 101421] D:\DSC_0546.JPG
[23/10/2011 - 20:54:57 | N | 104785] D:\DSC_0548.JPG
[23/10/2011 - 20:52:54 | N | 85856] D:\DSC_0605.JPG
[14/09/2012 - 20:02:46 | N | 168257821] D:\DUMP499b.tmp
[06/06/2011 - 19:53:40 | N | 177055981] D:\DUMP4c6a.tmp
[31/05/2012 - 17:13:24 | N | 13116454] D:\Eur_pa_ezer_ves_t_rt_nelme.mp4
[31/05/2012 - 17:24:59 | N | 134864810] D:\Eur_pa_t_rk_pe_1000-t_l.mp4
[26/01/2012 - 19:50:47 | N | 131585] D:\f378.doc
[16/09/2012 - 20:15:16 | D ] D:\filmek
[07/11/2007 - 07:00:40 | N | 1110] D:\globdata.ini
[15/04/2010 - 22:26:31 | N | 268856] D:\Gáááábor_2010_04_15_@23_23_18.wav
[08/05/2012 - 20:59:11 | N | 1187774620] D:\haegemonia.nrg
[07/03/2011 - 21:37:20 | N | 586605] D:\hajnali fény.ses
[06/03/2012 - 20:28:44 | D ] D:\honlap
[07/03/2011 - 21:01:40 | N | 586605] D:\hosanna.ses
[28/03/2012 - 19:58:01 | N | 59724] D:\húsvéti kert.jpg
[18/05/2011 - 18:12:09 | N | 399703584] D:\Image.bin
[18/05/2011 - 18:12:10 | N | 681] D:\Image.cue
[07/11/2007 - 08:03:18 | N | 562688] D:\install.exe
[07/11/2007 - 08:00:40 | N | 843] D:\install.ini
[07/11/2007 - 08:03:18 | N | 76304] D:\install.res.1028.dll
[07/11/2007 - 08:03:18 | N | 96272] D:\install.res.1031.dll
[07/11/2007 - 08:03:18 | N | 91152] D:\install.res.1033.dll
[07/11/2007 - 08:03:18 | N | 97296] D:\install.res.1036.dll
[07/11/2007 - 08:03:18 | N | 95248] D:\install.res.1040.dll
[07/11/2007 - 08:03:18 | N | 81424] D:\install.res.1041.dll
[07/11/2007 - 08:03:18 | N | 79888] D:\install.res.1042.dll
[07/11/2007 - 08:03:18 | N | 75792] D:\install.res.2052.dll
[07/11/2007 - 08:03:18 | N | 96272] D:\install.res.3082.dll
[20/11/2011 - 20:56:53 | N | 407459] D:\jedi consular - sage.jpg
[13/11/2012 - 20:21:33 | N | 24064] D:\jegyzettömb.doc
[11/11/2012 - 23:12:57 | D ] D:\képek
[15/11/2011 - 12:32:42 | N | 48624] D:\lightsaber-duel.jpg
[22/11/2012 - 20:45:56 | D ] D:\láthatatlan színház
[03/01/2012 - 23:01:50 | D ] D:\msdownld.tmp
[12/06/2009 - 21:44:45 | RHD ] D:\MSOCache
[19/11/2012 - 23:15:10 | D ] D:\origami
[13/11/2012 - 20:12:18 | N | 1475796992] D:\pagefile.sys
[26/01/2012 - 23:42:53 | N | 1523328] D:\pkrinstall.exe
[25/11/2012 - 20:55:26 | D ] D:\progik
[16/11/2012 - 00:09:19 | D ] D:\Program Files
[23/08/2012 - 12:58:37 | D ] D:\ProgramData
[29/10/2009 - 16:43:44 | N | 13644620] D:\Pucsok Pál elöadása.mp3
[20/11/2011 - 21:26:15 | N | 186553] D:\seer tábla másolata.jpg
[20/11/2011 - 21:26:06 | N | 1150659] D:\seer tábla.psd
[20/11/2011 - 21:27:40 | N | 20523] D:\seer1 - Wisdom.jpg
[22/11/2011 - 22:56:30 | N | 2303832] D:\setup.exe
[19/11/2011 - 11:37:49 | N | 6370504] D:\setupscreenhunterfree.exe
[29/03/2012 - 20:38:10 | D ] D:\SISSigner
[05/06/2008 - 13:42:42 | N | 88016] D:\SouthPark57.jpg
[04/10/2011 - 22:05:46 | N | 406603520] D:\srta kamara.nrg
[24/10/2011 - 19:47:18 | N | 4228241] D:\Star-Wars---Knights-of-the-Old-Republic-(English)-Cover-2324-92.jpg
[24/10/2011 - 19:40:07 | N | 265135] D:\sw kotor.jpg
[17/12/2009 - 00:19:28 | N | 0] D:\SW.UNL
[15/11/2011 - 12:49:12 | N | 838921] D:\SWTOR címer.jpg
[15/11/2011 - 13:35:15 | N | 6937015] D:\swtor delta guild.jpg
[15/11/2011 - 12:36:25 | N | 36829] D:\Swtor-guild.jpg
[08/11/2011 - 12:29:17 | N | 832879] D:\swtor.jpg
[14/06/2010 - 13:45:32 | SHD ] D:\System Volume Information
[18/11/2012 - 18:46:44 | D ] D:\Temp
[15/11/2011 - 20:26:12 | N | 359455] D:\ts3_language_hu_rc1.exe
[30/07/2011 - 16:30:48 | N | 639352] D:\utorrent.exe
[19/11/2011 - 23:27:19 | N | 489562] D:\V002.WAV
[07/11/2007 - 07:00:40 | N | 5686] D:\vcredist.bmp
[07/11/2007 - 08:09:22 | N | 1442522] D:\VC_RED.cab
[07/11/2007 - 08:12:28 | N | 232960] D:\VC_RED.MSI
[01/10/2012 - 20:00:14 | N | 116003] D:\X-Faktor_2012_-_A_t_bor_2_12-09-30_N_zd_jra_az_RTL_Most-on.mp4
[16/11/2012 - 21:47:14 | D ] D:\zene
[19/11/2011 - 23:25:11 | N | 69201] D:\zongora.jpg
[23/11/2012 - 01:02:31 | D ] D:\Új mappa
[13/11/2012 - 16:03:28 | N | 2392097] G:\Windows 8 Activator.rar
[02/11/2012 - 11:03:14 | N | 4953237] G:\02 - The Hospital Room.mp3
[20/11/2012 - 19:37:46 | N | 127488] G:\angol.doc
[25/11/2012 - 15:14:52 | N | 91136] G:\alapvizsga dolgozat.doc
[30/09/2012 - 15:29:42 | N | 119480320] G:\Ballance.iso
[22/09/2012 - 15:08:00 | N | 292184] G:\dxwebsetup0411.exe
[24/05/2011 - 12:36:16 | N | 1012224] G:\legációs levél pünkösd G..doc
[25/11/2012 - 09:59:28 | N | 22528] G:\Ő felemel.doc
[13/11/2012 - 15:57:22 | N | 29299376] G:\SkypeSetupFull.exe
[26/11/2012 - 12:02:58 | HD ] G:\RECYCLER
[27/11/2012 - 20:10:42 | N | 4096] G:\._.Trashes
[27/11/2012 - 20:10:42 | HD ] G:\.Trashes
[27/11/2012 - 20:10:42 | D ] G:\.fseventsd
[27/11/2012 - 20:10:42 | D ] G:\.Spotlight-V100

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_PROXIMUS.zip
http://eldesaparecido.com/upload.php
Thank you for your contribution.

################## | E.O.F |


szer. nov. 28, 2012 15:30
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
# AdwCleaner v2.009 - Logfile created 11/28/2012 at 14:57:48
# Updated 24/11/2012 by Xplode
# Operating system : Windows 8 Pro (32 bits)
# User : Tigerpapó - PROXIMUS
# Boot Mode : Normal
# Running from : C:\Users\Tigerpapó\Desktop\virus\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
Deleted on reboot : C:\ProgramData\Premium
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\Users\Tigerpapó\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Tigerpapó\AppData\LocalLow\AVG Secure Search

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.10.9200.16433

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (hu)

Profile name : default
File : C:\Users\Tigerpapó\AppData\Roaming\Mozilla\Firefox\Profiles\69qcs08a.default\prefs.js

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("extensions.50a35a26d9cc4.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...]
Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={BF2948A0-7584-4F59-AB2A-8654275D50F4}&m[...]

*************************

AdwCleaner[S1].txt - [2770 octets] - [28/11/2012 14:57:48]

########## EOF - C:\AdwCleaner[S1].txt - [2830 octets] ##########


szer. nov. 28, 2012 15:06
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: BackDoor.Dorkbot vírus
ok,
1:Kapcsold az számítógéphez az pendrivet, es mindent amit az USB-hasznalsz.
2:Használod az szlovák blogomból az ADWcleanert, fent a blogban van a Transzlator, fordítsd le magyarra, ha valamit nem érttel kérdez.
http://www.viruskasino.com/2012/09/adwcleaner.html
Az DELETE gombot nyomod.>.naplojat tedd ide.

3:Használod az USBFIX programot is, a naplókat tedd ide.
http://virus-stell.blogspot.sk/2010/04/ ... itasa.html


kedd nov. 27, 2012 18:14
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\Windows\system32\drivers\afd.sys [2012-07-26 438272]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2012-10-22 179936]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimw8x.sys [2012-08-13 19936]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-10-02 159712]
R1 Avgwfpx;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpx.sys [2012-11-02 173920]
R1 BasicDisplay;BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [2012-07-26 42496]
R1 BasicRender;BasicRender; C:\Windows\System32\drivers\BasicRender.sys [2012-07-26 24576]
R1 Beep;Beep; C:\Windows\system32\drivers\Beep.sys [2012-07-26 6144]
R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\Windows\System32\drivers\cdrom.sys [2012-07-26 135680]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2012-09-20 436736]
R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\Windows\System32\Drivers\dfsc.sys [2012-07-26 92160]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2012-07-26 41472]
R1 dtsoftbus01;@oem7.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2012-11-15 232512]
R1 Msfs;Msfs; C:\Windows\system32\drivers\Msfs.sys [2012-07-26 21504]
R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\Windows\System32\drivers\mssmbios.sys [2012-07-26 33008]
R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\Windows\system32\DRIVERS\netbios.sys [2012-07-26 36864]
R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\Windows\System32\DRIVERS\netbt.sys [2012-07-26 254464]
R1 Npfs;Npfs; C:\Windows\system32\drivers\Npfs.sys [2012-07-26 38912]
R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\Windows\System32\drivers\npsvctrig.sys [2012-07-26 17920]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2012-07-26 23552]
R1 Null;Null; C:\Windows\system32\drivers\Null.sys [2012-07-26 5120]
R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\Windows\system32\DRIVERS\pacer.sys [2012-07-26 131584]
R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\Windows\system32\DRIVERS\rdbss.sys [2012-07-26 321536]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2012-07-26 97792]
R1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 52224]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys [2012-09-20 70656]
R2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\Windows\system32\DRIVERS\lltdio.sys [2012-07-26 48128]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2012-07-26 102400]
R2 NativeWifiP;@%SystemRoot%\System32\drivers\nwifi.sys,-101; C:\Windows\system32\DRIVERS\nwifi.sys [2012-07-26 355328]
R2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\Windows\system32\drivers\Ndu.sys [2012-07-26 84480]
R2 Parvdm;Parvdm; C:\Windows\System32\drivers\parvdm.sys [2012-07-26 8704]
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2012-07-26 709632]
R2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\Windows\system32\DRIVERS\rspndr.sys [2012-07-26 62976]
R2 secdrv;Security Driver; C:\Windows\system32\drivers\secdrv.sys [2012-07-26 20480]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2012-07-26 36352]
R3 1394ohci;@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller; C:\Windows\System32\drivers\1394ohci.sys [2012-07-26 173056]
R3 ADIHdAudAddService;@oem5.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2008-04-24 309248]
R3 AmdK8;@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver; C:\Windows\System32\drivers\amdk8.sys [2012-07-26 80384]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 ATSwpWDF;@oem1.inf,%ATSwpWDF.SvcDesc%;AuthenTec TruePrint WBF Driver; C:\Windows\system32\DRIVERS\ATSwpWDF.sys [2012-08-30 969192]
R3 b57nd60x;@netb57vx.inf,%SvcDispName%;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2012-07-25 361984]
R3 BCM43XX;@netbc63.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 hálózati adapter illesztőprogramja; C:\Windows\system32\DRIVERS\bcmwl63.sys [2012-06-02 4704256]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2012-07-26 84992]
R3 CmBatt;@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver; C:\Windows\System32\drivers\CmBatt.sys [2012-07-26 20480]
R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\Windows\System32\drivers\CompositeBus.sys [2012-07-26 30720]
R3 condrv;Console Driver; C:\Windows\System32\drivers\condrv.sys [2012-07-26 25600]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2012-09-20 1229032]
R3 fastfat;FAT12/16/32 File System Driver; C:\Windows\system32\drivers\fastfat.sys [2012-07-26 168688]
R3 HBtnKey;@oem3.inf,%CPQBTTN.SvcDesc%;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 15544]
R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\System32\drivers\HDAudBus.sys [2012-09-20 62464]
R3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\Windows\System32\drivers\hidusb.sys [2012-07-26 19456]
R3 HpqKbFiltr;@oem4.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\Windows\System32\drivers\HpqKbFiltr.sys [2009-04-29 15872]
R3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\Windows\system32\drivers\HTTP.sys [2012-07-26 640000]
R3 i8042prt;@keyboard.inf,%i8042prt.SvcDesc%;i8042 Keyboard és PS/2 egérport illesztőprogramja; C:\Windows\System32\drivers\i8042prt.sys [2012-07-26 89600]
R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Billentyűzetosztály illesztőprogramja; C:\Windows\System32\drivers\kbdclass.sys [2012-07-26 39664]
R3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\Windows\System32\drivers\kbdhid.sys [2012-07-26 23040]
R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Microsoft kernelhiba-keresési hálózati miniport (NDIS 6.20); C:\Windows\system32\DRIVERS\kdnic.sys [2012-07-26 15360]
R3 Modem;Modem; C:\Windows\system32\drivers\modem.sys [2012-07-26 31744]
R3 monitor;@monitor.inf,%Monitor.SVCDESC%;Monitor osztályú funkciók Microsoft-illesztőszolgáltatása; C:\Windows\system32\DRIVERS\monitor.sys [2012-07-26 24064]
R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver; C:\Windows\System32\drivers\mouclass.sys [2012-07-26 39152]
R3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\Windows\System32\drivers\mouhid.sys [2012-07-26 20992]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2012-10-11 56832]
R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\Windows\system32\DRIVERS\mrxsmb.sys [2012-11-02 308736]
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2012-07-26 244736]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2012-11-02 168448]
R3 MsLldp;@C:\Windows\system32\DRIVERS\mslldp.sys,-200; C:\Windows\system32\DRIVERS\mslldp.sys [2012-07-26 57344]
R3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\Windows\system32\DRIVERS\ndistapi.sys [2012-09-20 20480]
R3 Ndisuio;@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol; C:\Windows\system32\DRIVERS\ndisuio.sys [2012-07-26 47104]
R3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\Windows\system32\DRIVERS\ndiswan.sys [2012-07-26 140288]
R3 NDProxy;NDIS Proxy; C:\Windows\system32\drivers\NDProxy.sys [2012-09-20 48640]
R3 Ntfs;Ntfs; C:\Windows\system32\drivers\Ntfs.sys [2012-07-26 1614576]
R3 Parport;@msports.inf,%Parport.SVCDESC%;Párhuzamos port illesztőprogramja; C:\Windows\System32\drivers\parport.sys [2012-07-26 90624]
R3 PptpMiniport;@%systemroot%\system32\rascfg.dll,-32006; C:\Windows\system32\DRIVERS\raspptp.sys [2012-07-26 82944]
R3 RasAgileVpn;@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN-miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2012-07-26 53760]
R3 Rasl2tp;@%systemroot%\system32\rascfg.dll,-32005; C:\Windows\system32\DRIVERS\rasl2tp.sys [2012-07-26 88064]
R3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\Windows\system32\DRIVERS\raspppoe.sys [2012-07-26 66560]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2012-07-26 74752]
R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\Windows\System32\drivers\rdpbus.sys [2012-07-26 16896]
R3 sdbus;sdbus; C:\Windows\System32\drivers\sdbus.sys [2012-10-11 158440]
R3 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\Windows\System32\DRIVERS\srv.sys [2012-07-26 338432]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2012-10-12 492544]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2012-06-02 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2012-06-02 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2012-06-02 661504]
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2012-07-26 195072]
R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\Windows\System32\drivers\swenum.sys [2012-07-26 13296]
R3 SynTP;@oem2.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-05-13 193056]
R3 TPM;@tpm.inf,%TPM%;TPM; C:\Windows\system32\drivers\tpm.sys [2012-09-20 121576]
R3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft alagút-miniportadapter illesztőprogramja; C:\Windows\system32\DRIVERS\tunnel.sys [2012-07-26 118784]
R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\Windows\System32\drivers\umbus.sys [2012-07-26 39424]
R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\Windows\System32\drivers\usbehci.sys [2012-09-20 64232]
R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver; C:\Windows\System32\drivers\usbhub.sys [2012-09-20 332520]
R3 usbohci;@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\System32\drivers\usbohci.sys [2012-09-20 22016]
R3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2012-07-26 18944]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 13824]
R3 WmiAcpi;@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI; C:\Windows\System32\drivers\wmiacpi.sys [2012-07-26 11264]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S0 3ware;3ware; C:\Windows\System32\drivers\3ware.sys [2012-07-26 85232]
S0 adp94xx;adp94xx; C:\Windows\System32\drivers\adp94xx.sys [2012-07-26 424176]
S0 adpahci;adpahci; C:\Windows\System32\drivers\adpahci.sys [2012-07-26 298736]
S0 adpu320;adpu320; C:\Windows\System32\drivers\adpu320.sys [2012-07-26 147696]
S0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\Windows\System32\drivers\agp440.sys [2012-07-26 55536]
S0 amdagp;@machine.inf,%amdagp_svcdesc%;AMD AGP Bus Filter Driver; C:\Windows\System32\drivers\amdagp.sys [2012-07-26 56048]
S0 amdsata;amdsata; C:\Windows\System32\drivers\amdsata.sys [2012-07-26 67312]
S0 amdsbs;amdsbs; C:\Windows\System32\drivers\amdsbs.sys [2012-07-26 213744]
S0 amdxata;amdxata; C:\Windows\System32\drivers\amdxata.sys [2012-07-26 22256]
S0 arc;arc; C:\Windows\System32\drivers\arc.sys [2012-07-26 91888]
S0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver; C:\Windows\System32\drivers\arcsas.sys [2012-07-26 94448]
S0 Avgbootx;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgbootx.sys [2012-10-26 18352]
S0 EhStorClass;@%SystemRoot%\system32\drivers\EhStorClass.sys,-100; C:\Windows\System32\drivers\EhStorClass.sys [2012-07-26 70384]
S0 EhStorTcgDrv;@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols; C:\Windows\System32\drivers\EhStorTcgDrv.sys [2012-07-26 99056]
S0 gagp30kx;@machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\System32\drivers\gagp30kx.sys [2012-07-26 59120]
S0 HpSAMD;HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [2012-07-26 56048]
S0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys [2012-07-26 24304]
S0 iaStorV;@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7; C:\Windows\System32\drivers\iaStorV.sys [2012-07-26 333552]
S0 iirsp;iirsp; C:\Windows\System32\drivers\iirsp.sys [2012-07-26 42224]
S0 intelide;intelide; C:\Windows\System32\drivers\intelide.sys [2012-07-26 16624]
S0 isapnp;isapnp; C:\Windows\System32\drivers\isapnp.sys [2012-07-26 47856]
S0 LSI_SAS;LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [2012-07-26 93424]
S0 LSI_SAS2;LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [2012-07-26 78576]
S0 LSI_SCSI;LSI_SCSI; C:\Windows\System32\drivers\lsi_scsi.sys [2012-07-26 100592]
S0 LSI_SSS;LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [2012-07-26 68848]
S0 megasas;megasas; C:\Windows\System32\drivers\megasas.sys [2012-07-26 45296]
S0 MegaSR;MegaSR; C:\Windows\System32\drivers\MegaSR.sys [2012-07-26 283888]
S0 mvumis;mvumis; C:\Windows\System32\drivers\mvumis.sys [2012-07-26 59120]
S0 nfrd960;nfrd960; C:\Windows\System32\drivers\nfrd960.sys [2012-07-26 45808]
S0 nv_agp;@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter; C:\Windows\System32\drivers\nv_agp.sys [2012-07-26 106736]
S0 nvraid;nvraid; C:\Windows\System32\drivers\nvraid.sys [2012-07-26 120048]
S0 nvstor;nvstor; C:\Windows\System32\drivers\nvstor.sys [2012-07-26 141552]
S0 sbp2port;@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver; C:\Windows\System32\drivers\sbp2port.sys [2012-07-26 89840]
S0 sisagp;@machine.inf,%sisagp_svcdesc%;SIS AGP Bus Filter; C:\Windows\System32\drivers\sisagp.sys [2012-07-26 53488]
S0 SiSRaid2;SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [2012-07-26 41200]
S0 SiSRaid4;SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [2012-07-26 79088]
S0 stexstor;stexstor; C:\Windows\System32\drivers\stexstor.sys [2012-07-26 26352]
S0 storahci;@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver; C:\Windows\System32\drivers\storahci.sys [2012-07-26 66288]
S0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\Windows\system32\DRIVERS\vmstorfl.sys [2012-07-26 42344]
S0 storvsc;storvsc; C:\Windows\System32\drivers\storvsc.sys [2012-07-26 32872]
S0 uagp35;@machine.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter; C:\Windows\System32\drivers\uagp35.sys [2012-07-26 58096]
S0 uliagpkx;@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter; C:\Windows\System32\drivers\uliagpkx.sys [2012-07-26 58608]
S0 viaagp;@machine.inf,%agpvia_svcdesc%;VIA AGP Bus Filter; C:\Windows\System32\drivers\viaagp.sys [2012-07-26 55536]
S0 viaide;viaide; C:\Windows\System32\drivers\viaide.sys [2012-07-26 18160]
S0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\System32\drivers\vmbus.sys [2012-07-26 130024]
S0 vsmraid;vsmraid; C:\Windows\System32\drivers\vsmraid.sys [2012-07-26 155376]
S0 VSTXRAID;@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage Controller Windows Driver; C:\Windows\System32\drivers\vstxraid.sys [2012-07-26 285424]
S0 Wd;@wd.inf,%WdServiceDisplayName%;Microsoft Watchdog Timer Driver; C:\Windows\System32\drivers\wd.sys [2012-07-26 20720]
S1 dam;@%SystemRoot%\system32\drivers\dam.sys,-100; C:\Windows\system32\drivers\dam.sys [2012-10-11 50920]
S3 acpipagr;@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver; C:\Windows\System32\drivers\acpipagr.sys [2012-07-26 8704]
S3 AcpiPmi;@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver; C:\Windows\System32\drivers\acpipmi.sys [2012-07-26 9216]
S3 acpitime;@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver; C:\Windows\System32\drivers\acpitime.sys [2012-07-26 8704]
S3 AmdPPM;@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver; C:\Windows\System32\drivers\amdppm.sys [2012-07-26 78336]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2012-07-26 67072]
S3 AsyncMac;@%systemroot%\system32\rascfg.dll,-32000; C:\Windows\system32\DRIVERS\asyncmac.sys [2012-07-26 21504]
S3 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\Windows\System32\drivers\BthAvrcpTg.sys [2012-09-20 25856]
S3 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\Windows\System32\drivers\bthhfenum.sys [2012-07-26 44032]
S3 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\Windows\System32\drivers\BthHFHid.sys [2012-09-20 22528]
S3 BTHMODEM;@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver; C:\Windows\System32\drivers\bthmodem.sys [2012-07-26 50176]
S3 circlass;@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices; C:\Windows\System32\drivers\circlass.sys [2012-07-26 38400]
S3 dmvsc;dmvsc; C:\Windows\System32\drivers\dmvsc.sys [2012-07-26 28672]
S3 drmkaud;@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [2012-10-11 5120]
S3 ErrDev;@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver; C:\Windows\System32\drivers\errdev.sys [2012-07-26 7168]
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2012-07-26 155648]
S3 fdc;@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver; C:\Windows\System32\drivers\fdc.sys [2012-07-26 25600]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2012-07-26 29696]
S3 flpydisk;@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver; C:\Windows\System32\drivers\flpydisk.sys [2012-07-26 19968]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2012-07-26 49392]
S3 FxPPM;@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver; C:\Windows\System32\drivers\fxppm.sys [2012-07-26 17920]
S3 gencounter;@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter; C:\Windows\System32\drivers\vmgencounter.sys [2012-07-26 9856]
S3 GPIOClx0101;Microsoft GPIO Class Extension Driver; C:\Windows\System32\Drivers\msgpioclx.sys [2012-09-20 97000]
S3 HdAudAddService;@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA funkció-illesztőprogram High Definition Audio hangszolgáltatáshoz; C:\Windows\system32\drivers\HdAudio.sys [2012-07-26 275456]
S3 HidBatt;@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver; C:\Windows\System32\drivers\HidBatt.sys [2012-07-26 20992]
S3 HidBth;@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport; C:\Windows\System32\drivers\hidbth.sys [2012-07-26 81920]
S3 hidi2c;@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver; C:\Windows\System32\drivers\hidi2c.sys [2012-07-26 29696]
S3 HidIr;@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver; C:\Windows\System32\drivers\hidir.sys [2012-07-26 38400]
S3 hyperkbd;hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [2012-07-26 10496]
S3 HyperVideo;HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [2012-07-26 19456]
S3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\Windows\System32\drivers\intelppm.sys [2012-07-26 78848]
S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\Windows\system32\DRIVERS\ipfltdrv.sys [2012-07-26 65024]
S3 IPMIDRV;IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [2012-07-26 65536]
S3 IPNAT;IP Network Address Translator; C:\Windows\System32\drivers\ipnat.sys [2012-07-26 126976]
S3 IRENUM;@%SystemRoot%\system32\drivers\irenum.sys,-100; C:\Windows\system32\drivers\irenum.sys [2012-07-26 13312]
S3 iScsiPrt;@iscsi.inf,%iScsiPortName%;iScsiPort Driver; C:\Windows\System32\drivers\msiscsi.sys [2012-07-26 237808]
S3 MRxDAV;@%systemroot%\system32\webclnt.dll,-104; C:\Windows\system32\drivers\mrxdav.sys [2012-07-26 122368]
S3 MsBridge;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2012-07-26 102912]
S3 msgpiowin32;@msgpiowin32.inf,%GPIO.SvcDesc%;GPIO Buttons Driver; C:\Windows\System32\drivers\msgpiowin32.sys [2012-09-20 24808]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2012-07-26 6656]
S3 mshidumdf;@%SystemRoot%\system32\drivers\mshidumdf.sys,-100; C:\Windows\System32\drivers\mshidumdf.sys [2012-07-26 7680]
S3 MSKSSRV;@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming szolgáltatásproxy; C:\Windows\system32\drivers\MSKSSRV.sys [2012-07-26 8192]
S3 MSPCLOCK;@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming óraproxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2012-07-26 6144]
S3 MSPQM;@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming minőségkezelő proxy; C:\Windows\system32\drivers\MSPQM.sys [2012-07-26 5888]
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2012-07-26 211696]
S3 MSTEE;@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming cél/fogadók közötti konverter; C:\Windows\system32\drivers\MSTEE.sys [2012-07-26 6272]
S3 MTConfig;@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver; C:\Windows\System32\drivers\MTConfig.sys [2012-07-26 11264]
S3 NdisCap;@%SystemRoot%\System32\drivers\ndiscap.sys,-5000; C:\Windows\system32\DRIVERS\ndiscap.sys [2012-07-26 30720]
S3 NdisImPlatform;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [2012-07-26 110592]
S3 NDISWANLEGACY;@%systemroot%\system32\rascfg.dll,-32014; C:\Windows\system32\DRIVERS\ndiswan.sys [2012-07-26 140288]
S3 Processor;@cpu.inf,%Processor.SvcDesc%;Processor Driver; C:\Windows\System32\drivers\processr.sys [2012-07-26 77312]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2012-07-26 31744]
S3 RasAcd;Remote Access Auto Connection Driver; C:\Windows\System32\DRIVERS\rasacd.sys [2012-07-26 11776]
S3 RDPDR;@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100; C:\Windows\System32\drivers\rdpdr.sys [2012-07-26 156160]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-12 23272]
S3 RDPWD;RDP Winstation Driver; C:\Windows\system32\drivers\RDPWD.sys [2012-07-26 179200]
S3 s3cap;s3cap; C:\Windows\System32\drivers\vms3cap.sys [2012-07-26 6528]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2012-07-26 32768]
S3 sdstor;@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver; C:\Windows\System32\drivers\sdstor.sys [2012-10-11 46824]
S3 SerCx;Serial UART Support Library; C:\Windows\system32\drivers\SerCx.sys [2012-07-26 51200]
S3 Serenum;@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver; C:\Windows\System32\drivers\serenum.sys [2012-07-26 17920]
S3 Serial;@msports.inf,%Serial.SVCDESC%;Serial port driver; C:\Windows\System32\drivers\serial.sys [2012-07-26 86528]
S3 sermouse;@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver; C:\Windows\System32\drivers\sermouse.sys [2012-07-26 19968]
S3 sfloppy;@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive; C:\Windows\System32\drivers\sfloppy.sys [2012-07-26 13312]
S3 SpbCx;Simple Peripheral Bus Support Library; C:\Windows\system32\drivers\SpbCx.sys [2012-07-26 46080]
S3 TCPIP6;@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2012-09-20 1817320]
S3 terminpt;@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver; C:\Windows\System32\drivers\terminpt.sys [2012-07-26 29936]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-07-26 49152]
S3 TsUsbGD;@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device; C:\Windows\System32\drivers\TsUsbGD.sys [2012-07-26 27264]
S3 UASPStor;@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver; C:\Windows\System32\drivers\uaspstor.sys [2012-07-26 76016]
S3 UCX01000;USB Controller Extension; C:\Windows\System32\drivers\ucx01000.sys [2012-09-20 179944]
S3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver; C:\Windows\System32\drivers\umpass.sys [2012-07-26 8704]
S3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver; C:\Windows\System32\drivers\usbccgp.sys [2012-07-26 84992]
S3 usbcir;@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR); C:\Windows\System32\drivers\usbcir.sys [2012-07-26 87040]
S3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\Windows\System32\drivers\UsbHub3.sys [2012-09-20 361192]
S3 usbprint;@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class; C:\Windows\System32\drivers\usbprint.sys [2012-07-26 18944]
S3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver; C:\Windows\System32\drivers\USBSTOR.SYS [2012-07-26 97008]
S3 usbuhci;@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\System32\drivers\usbuhci.sys [2012-09-20 24576]
S3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\Windows\System32\drivers\USBXHCI.SYS [2012-09-20 268008]
S3 VerifierExt;@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000; C:\Windows\system32\drivers\VerifierExt.sys [2012-07-26 80112]
S3 vhdmp;vhdmp; C:\Windows\System32\drivers\vhdmp.sys [2012-07-26 368368]
S3 ViaC7;@cpu.inf,%ViaC7.SvcDesc%;VIA C7 Processor Driver; C:\Windows\System32\drivers\viac7.sys [2012-07-26 77824]
S3 VMBusHID;VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [2012-07-26 18304]
S3 WacomPen;@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver; C:\Windows\System32\drivers\wacompen.sys [2012-07-26 20608]
S3 Wanarp;@%systemroot%\system32\rascfg.dll,-32011; C:\Windows\system32\DRIVERS\wanarp.sys [2012-09-20 70656]
S3 WdBoot;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390; C:\Windows\system32\drivers\WdBoot.sys [2012-07-26 28072]
S3 WdFilter;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330; C:\Windows\system32\drivers\WdFilter.sys [2012-07-26 199920]
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2012-07-26 27376]
S3 wpcfltr;Family Safety Filter Driver; C:\Windows\system32\DRIVERS\wpcfltr.sys [2012-07-26 35328]
S3 WpdUpFltr;@%systemroot%\System32\drivers\WpdUpFltr.sys,-100; C:\Windows\System32\drivers\WpdUpFltr.sys [2012-07-26 15360]
S3 WUDFRd;@hidbthle.inf,%WudfRdDisplayName%;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\Windows\System32\drivers\WUDFRd.sys [2012-07-26 155136]
S3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;UMDF-tükröző szolgáltatás LocationProvider számára; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 WUDFWpdFs;WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 cdfs;CD/DVD File System Reader; C:\Windows\system32\DRIVERS\cdfs.sys [2012-07-26 89088]
S4 cnghwassist;@%SystemRoot%\system32\drivers\cnghwassist.sys,-100; C:\Windows\System32\DRIVERS\cnghwassist.sys [2012-09-20 31464]
S4 udfs;udfs; C:\Windows\system32\DRIVERS\udfs.sys [2012-07-26 260608]
S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\Windows\system32\drivers\ws2ifsl.sys [2012-09-20 16384]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AEADIFilters;@oem5.inf,%AEADISRV.SvcDesc%;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2007-02-06 69632]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 DcomLaunch;@combase.dll,-5012; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 EventSystem;@comres.dll,-2450; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 FPLService;TrueSuiteService; C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe [2012-08-30 265576]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 RpcSs;@combase.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\Windows\system32\lsass.exe [2012-09-20 23040]
R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\Windows\System32\spoolsv.exe [2012-07-26 496640]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2012-11-02 3407784]
R2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-25 711112]
R2 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 Wcmsvc;@%SystemRoot%\System32\wcmsvc.dll,-4097; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 winmgmt;@%Systemroot%\system32\wbem\wmisvc.dll,-205; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 WlanSvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 wscsvc;@%SystemRoot%\System32\wscsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2012-10-11 671232]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R3 Browser;@%systemroot%\system32\browser.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
R3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\Windows\system32\msiexec.exe [2012-07-26 62976]
R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R3 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2012-09-20 23040]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-10-19 160944]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2012-07-26 3802624]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2012-11-18 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-14 250808]
S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\Windows\System32\alg.exe [2012-07-26 71168]
S3 AllUserInstallAgent;@%SystemRoot%\System32\AUInstallAgent.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 COMSysApp;@comres.dll,-947; C:\Windows\system32\dllhost.exe [2012-07-26 8704]
S3 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 EapHost;@%systemroot%\system32\eapsvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2012-09-20 23040]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2012-07-26 529920]
S3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2012-07-06 43616]
S3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2012-09-20 23040]
S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-24 115168]
S3 MSDTC;@comres.dll,-2797; C:\Windows\System32\msdtc.exe [2012-07-26 136192]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\Windows\system32\lsass.exe [2012-09-20 23040]
S3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 PrintNotify;@C:\Windows\system32\spool\DRIVERS\W32X86\3\PrintConfig.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\Windows\system32\locator.exe [2012-07-26 9728]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2012-07-26 13312]
S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 StiSvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2012-07-26 82432]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2012-07-26 35840]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2012-09-20 581120]
S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 vmicvss;@%systemroot%\system32\vmicres.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\Windows\system32\vssvc.exe [2012-07-26 1150464]
S3 W32Time;@%SystemRoot%\system32\w32time.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2012-07-26 1350144]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 WebClient;@%systemroot%\system32\webclnt.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 WinDefend;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310; C:\Program Files\Windows Defender\MsMpEng.exe [2012-07-26 13864]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 wlidsvc;@%SystemRoot%\system32\wlidsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 wmiApSrv;@%Systemroot%\system32\wbem\wmiapsrv.exe,-110; C:\Windows\system32\wbem\WmiApSrv.exe [2012-07-26 142336]
S3 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2012-09-20 1025536]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 WSService;@%SystemRoot%\system32\WSService.dll,-103; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 wuauserv;@%systemroot%\system32\wuaueng.dll,-105; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-12 139696]
S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S4 RemoteRegistry;@regsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S4 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S4 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\Windows\System32\svchost.exe [2012-09-20 23040]

-----------------EOF-----------------


kedd nov. 27, 2012 18:01
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
======List of files/folders created in the last 3 months======

2012-11-27 17:23:13 ----D---- C:\Program Files\trend micro
2012-11-27 17:23:12 ----D---- C:\rsit
2012-11-25 20:49:33 ----SHD---- C:\Config.Msi
2012-11-25 20:39:53 ----D---- C:\Users\Tigerpapó\AppData\Roaming\AVG2013
2012-11-25 20:38:31 ----D---- C:\Users\Tigerpapó\AppData\Roaming\TuneUp Software
2012-11-25 20:38:23 ----D---- C:\ProgramData\AVG Secure Search
2012-11-25 20:38:08 ----D---- C:\Program Files\Common Files\AVG Secure Search
2012-11-25 20:38:07 ----D---- C:\Program Files\AVG Secure Search
2012-11-25 20:35:42 ----HD---- C:\$AVG
2012-11-25 20:35:41 ----D---- C:\ProgramData\AVG2013
2012-11-25 20:34:57 ----D---- C:\Program Files\AVG
2012-11-25 20:33:08 ----HD---- C:\ProgramData\Common Files
2012-11-25 20:33:08 ----D---- C:\ProgramData\MFAData
2012-11-21 22:12:45 ----D---- C:\MRVSZ2000
2012-11-18 13:20:20 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2012-11-18 13:17:54 ----D---- C:\Program Files\Common Files\Adobe
2012-11-18 13:17:54 ----D---- C:\Program Files\Adobe
2012-11-16 00:13:27 ----A---- C:\Windows\system32\tsccvid.dll
2012-11-16 00:13:12 ----D---- C:\ProgramData\BibleWorks
2012-11-16 00:13:05 ----A---- C:\Windows\system32\zlib1.dll
2012-11-16 00:13:05 ----A---- C:\Windows\system32\unzip32.dll
2012-11-16 00:13:05 ----A---- C:\Windows\system32\ssce5532.dll
2012-11-16 00:13:05 ----A---- C:\Windows\system32\bwplay.exe
2012-11-16 00:13:04 ----A---- C:\Windows\system32\patchw32.dll
2012-11-16 00:13:04 ----A---- C:\Windows\system32\patchw.dll
2012-11-16 00:13:04 ----A---- C:\Windows\system32\bwntsend.dll
2012-11-16 00:13:04 ----A---- C:\Windows\system32\bwnthook.dll
2012-11-16 00:13:03 ----A---- C:\Windows\system32\bwbits80.dll
2012-11-15 23:30:31 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2012-11-15 23:30:20 ----D---- C:\Program Files\DAEMON Tools Lite
2012-11-15 23:29:39 ----D---- C:\Users\Tigerpapó\AppData\Roaming\DAEMON Tools Lite
2012-11-15 23:29:36 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-11-15 23:23:50 ----D---- C:\Users\Tigerpapó\AppData\Roaming\Ashampoo
2012-11-15 23:20:47 ----D---- C:\Program Files\WinRAR
2012-11-15 23:19:35 ----D---- C:\ProgramData\Ashampoo
2012-11-15 23:19:31 ----D---- C:\Program Files\Ashampoo
2012-11-15 21:48:23 ----D---- C:\ProgramData\TrueSuite
2012-11-15 18:56:48 ----D---- C:\Users\Tigerpapó\AppData\Roaming\DropIt
2012-11-15 18:46:07 ----D---- C:\Program Files\Common Files\AuthenTec
2012-11-15 18:46:02 ----D---- C:\Program Files\AuthenTec TrueSuite
2012-11-15 18:45:46 ----D---- C:\ProgramData\Downloaded Installations
2012-11-15 18:29:38 ----D---- C:\Program Files\DropIt
2012-11-15 18:28:25 ----D---- C:\Program Files\MSECache
2012-11-14 18:16:43 ----D---- C:\Users\Tigerpapó\AppData\Roaming\PDF Writer
2012-11-14 18:16:43 ----D---- C:\ProgramData\PDF Writer
2012-11-14 18:09:58 ----D---- C:\Program Files\Common Files\Bullzip
2012-11-14 18:09:58 ----A---- C:\Windows\system32\bzFlRdr.dll
2012-11-14 18:09:58 ----A---- C:\Windows\system32\bzDCT.dll
2012-11-14 18:09:57 ----A---- C:\Windows\system32\bzpdfc.dll
2012-11-14 18:09:54 ----A---- C:\Windows\system32\bzpdf.dll
2012-11-14 18:09:50 ----D---- C:\Program Files\Bullzip
2012-11-14 18:06:20 ----D---- C:\Program Files\Reference Assemblies
2012-11-14 18:06:20 ----D---- C:\Program Files\MSBuild
2012-11-14 18:05:55 ----D---- C:\Windows\system32\XPSViewer
2012-11-14 18:03:21 ----A---- C:\Windows\system32\TsWpfWrp.exe
2012-11-14 18:03:21 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2012-11-14 18:03:21 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2012-11-14 17:46:40 ----D---- C:\Users\Tigerpapó\AppData\Roaming\TeamViewer
2012-11-14 15:51:37 ----D---- C:\ProgramData\Adobe
2012-11-14 09:46:05 ----D---- C:\Users\Tigerpapó\AppData\Roaming\Optimizer Pro
2012-11-14 09:46:04 ----AD---- C:\ProgramData\TEMP
2012-11-14 09:35:49 ----D---- C:\ProgramData\Premium
2012-11-14 09:34:34 ----D---- C:\Program Files\Optimizer Pro
2012-11-14 09:34:08 ----D---- C:\ProgramData\Download and Sa
2012-11-14 09:33:25 ----D---- C:\ProgramData\InstallMate
2012-11-14 09:28:21 ----A---- C:\Windows\ODBC.INI
2012-11-14 09:28:18 ----A---- C:\Windows\system32\mdimon.dll
2012-11-14 09:26:39 ----D---- C:\Program Files\Common Files\DESIGNER
2012-11-14 09:24:35 ----D---- C:\Windows\PCHEALTH
2012-11-14 09:24:35 ----D---- C:\Program Files\Microsoft Office
2012-11-14 09:21:38 ----RHD---- C:\MSOCache
2012-11-14 08:59:18 ----A---- C:\Windows\system32\FNTCACHE.DAT
2012-11-13 23:14:34 ----D---- C:\Users\Tigerpapó\AppData\Roaming\Mozilla
2012-11-13 23:14:11 ----D---- C:\ProgramData\Mozilla
2012-11-13 23:14:10 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-11-13 23:13:39 ----D---- C:\Program Files\Mozilla Firefox
2012-11-13 23:04:39 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-11-13 23:00:29 ----RD---- C:\Windows\BrowserChoice
2012-11-13 22:52:52 ----D---- C:\Program Files\TeamViewer
2012-11-13 22:37:33 ----N---- C:\Windows\system32\MpSigStub.exe
2012-11-13 22:30:10 ----A---- C:\Windows\system32\MRT.exe
2012-11-13 22:21:00 ----D---- C:\Program Files\Analog Devices
2012-11-13 22:05:27 ----A---- C:\Windows\system32\jscript9.dll
2012-11-13 22:05:26 ----A---- C:\Windows\system32\tquery.dll
2012-11-13 22:05:25 ----A---- C:\Windows\explorer.exe
2012-11-13 22:05:23 ----A---- C:\Windows\system32\wininet.dll
2012-11-13 22:05:23 ----A---- C:\Windows\system32\mssrch.dll
2012-11-13 22:05:23 ----A---- C:\Windows\system32\dwmcore.dll
2012-11-13 22:05:22 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2012-11-13 22:05:21 ----A---- C:\Windows\system32\StructuredQuery.dll
2012-11-13 22:05:21 ----A---- C:\Windows\system32\MPSSVC.dll
2012-11-13 22:05:20 ----A---- C:\Windows\system32\SHCore.dll
2012-11-13 22:05:19 ----A---- C:\Windows\system32\winresume.exe
2012-11-13 22:05:18 ----A---- C:\Windows\system32\resetengmig.dll
2012-11-13 22:05:18 ----A---- C:\Windows\system32\mfplat.dll
2012-11-13 22:05:18 ----A---- C:\Windows\system32\drivers\netio.sys
2012-11-13 22:05:17 ----A---- C:\Windows\system32\lsasrv.dll
2012-11-13 22:05:16 ----A---- C:\Windows\system32\winload.exe
2012-11-13 22:05:15 ----A---- C:\Windows\system32\Windows.Networking.dll
2012-11-13 22:05:15 ----A---- C:\Windows\system32\uxtheme.dll
2012-11-13 22:05:15 ----A---- C:\Windows\system32\reseteng.dll
2012-11-13 22:05:15 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2012-11-13 22:05:14 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2012-11-13 22:05:14 ----A---- C:\Windows\system32\mfmp4srcsnk.dll
2012-11-13 22:05:14 ----A---- C:\Windows\system32\kerberos.dll
2012-11-13 22:05:13 ----A---- C:\Windows\system32\SearchIndexer.exe
2012-11-13 22:05:13 ----A---- C:\Windows\system32\drivers\dam.sys
2012-11-13 22:05:13 ----A---- C:\Windows\system32\ci.dll
2012-11-13 22:05:12 ----A---- C:\Windows\system32\wlansvc.dll
2012-11-13 22:05:12 ----A---- C:\Windows\system32\usercpl.dll
2012-11-13 22:05:12 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-11-13 22:05:11 ----A---- C:\Windows\system32\drivers\sdbus.sys
2012-11-13 22:05:11 ----A---- C:\Windows\system32\drivers\portcls.sys
2012-11-13 22:05:10 ----A---- C:\Windows\system32\winlogon.exe
2012-11-13 22:05:10 ----A---- C:\Windows\system32\SpaceControl.dll
2012-11-13 22:05:10 ----A---- C:\Windows\system32\ListSvc.dll
2012-11-13 22:05:10 ----A---- C:\Windows\system32\drivers\battc.sys
2012-11-13 22:05:10 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-13 22:05:09 ----A---- C:\Windows\system32\wlanmsm.dll
2012-11-13 22:05:09 ----A---- C:\Windows\system32\mssph.dll
2012-11-13 22:05:09 ----A---- C:\Windows\system32\drivers\dumpsd.sys
2012-11-13 22:05:08 ----A---- C:\Windows\system32\Windows.Storage.Compression.dll
2012-11-13 22:05:08 ----A---- C:\Windows\system32\input.dll
2012-11-13 22:05:08 ----A---- C:\Windows\system32\drivers\sdstor.sys
2012-11-13 22:05:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-11-13 22:05:08 ----A---- C:\Windows\system32\drivers\cng.sys
2012-11-13 22:05:08 ----A---- C:\Windows\system32\bdesvc.dll
2012-11-13 22:05:07 ----A---- C:\Windows\system32\wlansec.dll
2012-11-13 22:05:07 ----A---- C:\Windows\system32\mswsock.dll
2012-11-13 22:05:07 ----A---- C:\Windows\system32\ie4uinit.exe
2012-11-13 22:05:07 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-13 22:05:06 ----A---- C:\Windows\system32\mssvp.dll
2012-11-13 22:05:06 ----A---- C:\Windows\system32\iesysprep.dll
2012-11-13 22:05:05 ----A---- C:\Windows\system32\microsoft-windows-pdc.dll
2012-11-13 22:05:05 ----A---- C:\Windows\system32\gdi32.dll
2012-11-13 22:05:04 ----A---- C:\Windows\system32\PCPKsp.dll
2012-11-13 22:05:04 ----A---- C:\Windows\system32\MFCaptureEngine.dll
2012-11-13 22:05:04 ----A---- C:\Windows\system32\FntCache.dll
2012-11-13 22:05:04 ----A---- C:\Windows\system32\dhcpcore.dll
2012-11-13 22:05:03 ----A---- C:\Windows\system32\wlanapi.dll
2012-11-13 22:05:03 ----A---- C:\Windows\system32\FirewallAPI.dll
2012-11-13 22:05:03 ----A---- C:\Windows\system32\DWrite.dll
2012-11-13 22:05:02 ----A---- C:\Windows\system32\SearchFilterHost.exe
2012-11-13 22:05:02 ----A---- C:\Windows\system32\jscript.dll
2012-11-13 22:05:02 ----A---- C:\Windows\system32\AppxSip.dll
2012-11-13 22:05:01 ----A---- C:\Windows\system32\UXInit.dll
2012-11-13 22:05:01 ----A---- C:\Windows\system32\sysreset.exe
2012-11-13 22:05:01 ----A---- C:\Windows\system32\mssphtb.dll
2012-11-13 22:05:01 ----A---- C:\Windows\system32\iernonce.dll
2012-11-13 22:05:01 ----A---- C:\Windows\system32\BdeUISrv.exe
2012-11-13 22:05:00 ----A---- C:\Windows\system32\icfupgd.dll
2012-11-13 22:05:00 ----A---- C:\Windows\system32\dhcpcsvc.dll
2012-11-13 22:04:59 ----A---- C:\Windows\system32\wfdprov.dll
2012-11-13 22:04:59 ----A---- C:\Windows\system32\wfapigp.dll
2012-11-13 22:04:59 ----A---- C:\Windows\system32\mssprxy.dll
2012-11-13 22:04:59 ----A---- C:\Windows\system32\mssitlb.dll
2012-11-13 22:04:59 ----A---- C:\Windows\system32\msscntrs.dll
2012-11-13 22:04:59 ----A---- C:\Windows\system32\jsproxy.dll
2012-11-13 22:04:59 ----A---- C:\Windows\system32\iesetup.dll
2012-11-13 22:04:58 ----A---- C:\Windows\system32\msshooks.dll
2012-11-13 22:04:58 ----A---- C:\Windows\system32\kbdhebl3.dll
2012-11-13 22:04:58 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2012-11-13 22:04:58 ----A---- C:\Windows\system32\drivers\drmk.sys
2012-11-13 22:04:57 ----A---- C:\Windows\system32\wlanhlp.dll
2012-11-13 22:04:57 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2012-11-13 22:04:07 ----A---- C:\Windows\system32\wuaueng.dll
2012-11-13 22:04:06 ----A---- C:\Windows\system32\wucltux.dll
2012-11-13 22:04:06 ----A---- C:\Windows\system32\wuapi.dll
2012-11-13 22:04:06 ----A---- C:\Windows\system32\ubpm.dll
2012-11-13 22:04:06 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2012-11-13 22:04:05 ----A---- C:\Windows\system32\wuwebv.dll
2012-11-13 22:04:05 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2012-11-13 22:04:05 ----A---- C:\Windows\system32\wups2.dll
2012-11-13 22:04:05 ----A---- C:\Windows\system32\wups.dll
2012-11-13 22:04:05 ----A---- C:\Windows\system32\wudriver.dll
2012-11-13 22:04:05 ----A---- C:\Windows\system32\wuauclt.exe
2012-11-13 22:04:05 ----A---- C:\Windows\system32\wuapp.exe
2012-11-13 22:04:05 ----A---- C:\Windows\system32\wuaext.dll
2012-11-13 22:04:05 ----A---- C:\Windows\system32\taskhostex.exe
2012-11-13 22:04:05 ----A---- C:\Windows\system32\taskhost.exe
2012-11-13 22:04:05 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2012-11-13 22:04:04 ----A---- C:\Windows\system32\wushareduxresources.dll
2012-11-13 22:03:58 ----A---- C:\Windows\system32\mfcore.dll
2012-11-13 22:03:58 ----A---- C:\Windows\system32\AudioSes.dll
2012-11-13 22:03:57 ----A---- C:\Windows\system32\EncDump.dll
2012-11-13 22:03:57 ----A---- C:\Windows\system32\audiosrv.dll
2012-11-13 22:03:57 ----A---- C:\Windows\system32\AUDIOKSE.dll
2012-11-13 22:03:57 ----A---- C:\Windows\system32\AudioEng.dll
2012-11-13 22:03:57 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2012-11-13 22:03:57 ----A---- C:\Windows\system32\audiodg.exe
2012-11-13 22:03:52 ----A---- C:\Windows\system32\rdpcorets.dll
2012-11-13 22:03:51 ----A---- C:\Windows\system32\srmstormod.dll
2012-11-13 22:03:51 ----A---- C:\Windows\system32\drivers\srv2.sys
2012-11-13 22:03:51 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2012-11-13 22:03:50 ----A---- C:\Windows\system32\srmscan.dll
2012-11-13 22:03:50 ----A---- C:\Windows\system32\srmclient.dll
2012-11-13 22:03:50 ----A---- C:\Windows\system32\dskquota.dll
2012-11-13 22:03:49 ----A---- C:\Windows\system32\srmtrace.dll
2012-11-13 22:03:49 ----A---- C:\Windows\system32\srmshell.dll
2012-11-13 22:03:49 ----A---- C:\Windows\system32\srm_ps.dll
2012-11-13 22:03:49 ----A---- C:\Windows\system32\srm.dll
2012-11-13 22:03:49 ----A---- C:\Windows\system32\rfxvmt.dll
2012-11-13 22:03:49 ----A---- C:\Windows\system32\adrclient.dll
2012-11-13 22:03:48 ----A---- C:\Windows\system32\rdpudd.dll
2012-11-13 22:03:46 ----A---- C:\Windows\system32\twinui.dll
2012-11-13 22:03:44 ----A---- C:\Windows\system32\drivers\pdc.sys
2012-11-13 22:03:44 ----A---- C:\Windows\system32\authui.dll
2012-11-13 22:03:44 ----A---- C:\Windows\system32\actxprxy.dll
2012-11-13 22:03:43 ----A---- C:\Windows\system32\mfnetsrc.dll
2012-11-13 22:03:42 ----A---- C:\Windows\system32\mfnetcore.dll
2012-11-13 22:03:42 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll
2012-11-13 22:03:41 ----A---- C:\Windows\system32\mfasfsrcsnk.dll
2012-11-13 22:03:40 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2012-11-13 22:03:37 ----A---- C:\Windows\system32\mshtml.dll
2012-11-13 22:03:32 ----A---- C:\Windows\system32\ieframe.dll
2012-11-13 22:03:30 ----A---- C:\Windows\system32\iertutil.dll
2012-11-13 22:03:29 ----A---- C:\Windows\system32\urlmon.dll
2012-11-13 22:03:29 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-11-13 22:03:28 ----A---- C:\Windows\system32\msfeeds.dll
2012-11-13 22:03:28 ----A---- C:\Windows\system32\halmacpi.dll
2012-11-13 22:03:28 ----A---- C:\Windows\system32\hal.dll
2012-11-13 22:00:01 ----A---- C:\Windows\system32\synceng.dll
2012-11-13 21:55:27 ----A---- C:\Windows\system32\WSService.dll
2012-11-13 21:55:15 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2012-11-13 21:55:01 ----A---- C:\Windows\system32\wmp.dll
2012-11-13 21:54:59 ----A---- C:\Windows\system32\d2d1.dll
2012-11-13 21:54:59 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2012-11-13 21:54:54 ----A---- C:\Windows\system32\WpcMon.exe
2012-11-13 21:54:49 ----A---- C:\Windows\system32\WinSAT.exe
2012-11-13 21:54:48 ----A---- C:\Windows\system32\vssapi.dll
2012-11-13 21:54:48 ----A---- C:\Windows\system32\d3d10warp.dll
2012-11-13 21:54:47 ----A---- C:\Windows\system32\uDWM.dll
2012-11-13 21:54:47 ----A---- C:\Windows\system32\schannel.dll
2012-11-13 21:54:47 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-13 21:54:45 ----A---- C:\Windows\system32\apphelp.dll
2012-11-13 21:54:44 ----A---- C:\Windows\system32\Windows.Media.Streaming.dll
2012-11-13 21:54:44 ----A---- C:\Windows\system32\MMDevAPI.dll
2012-11-13 21:54:41 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2012-11-13 21:54:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.dll
2012-11-13 21:54:38 ----A---- C:\Windows\system32\WindowsCodecs.dll
2012-11-13 21:54:38 ----A---- C:\Windows\system32\ntdll.dll
2012-11-13 21:54:38 ----A---- C:\Windows\system32\ncsi.dll
2012-11-13 21:54:37 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2012-11-13 21:54:37 ----A---- C:\Windows\system32\drivers\usbport.sys
2012-11-13 21:54:35 ----A---- C:\Windows\system32\rascfg.dll
2012-11-13 21:54:34 ----A---- C:\Windows\system32\wlroamextension.dll
2012-11-13 21:54:34 ----A---- C:\Windows\system32\drivers\cnghwassist.sys
2012-11-13 21:54:33 ----A---- C:\Windows\system32\WinSATAPI.dll
2012-11-13 21:54:33 ----A---- C:\Windows\system32\fveapi.dll
2012-11-13 21:54:33 ----A---- C:\Windows\system32\fhevents.dll
2012-11-13 21:54:31 ----A---- C:\Windows\system32\winmde.dll
2012-11-13 21:54:31 ----A---- C:\Windows\system32\MFMediaEngine.dll
2012-11-13 21:54:31 ----A---- C:\Windows\system32\drivers\acpi.sys
2012-11-13 21:54:31 ----A---- C:\Windows\system32\bcdsrv.dll
2012-11-13 21:54:29 ----A---- C:\Windows\system32\WSShared.dll
2012-11-13 21:54:29 ----A---- C:\Windows\system32\WSClient.dll
2012-11-13 21:54:29 ----A---- C:\Windows\system32\wintrust.dll
2012-11-13 21:54:29 ----A---- C:\Windows\system32\drvstore.dll
2012-11-13 21:54:29 ----A---- C:\Windows\system32\drivers\USBXHCI.SYS
2012-11-13 21:54:29 ----A---- C:\Windows\system32\bisrv.dll
2012-11-13 21:54:28 ----A---- C:\Windows\system32\psmsrv.dll
2012-11-13 21:54:27 ----A---- C:\Windows\system32\WWAHost.exe
2012-11-13 21:54:27 ----A---- C:\Windows\system32\wpnprv.dll
2012-11-13 21:54:27 ----A---- C:\Windows\system32\drivers\usbhub.sys
2012-11-13 21:54:26 ----A---- C:\Windows\system32\WSSync.dll
2012-11-13 21:54:26 ----A---- C:\Windows\system32\vdsutil.dll
2012-11-13 21:54:26 ----A---- C:\Windows\system32\services.exe
2012-11-13 21:54:26 ----A---- C:\Windows\system32\MFPlay.dll
2012-11-13 21:54:25 ----A---- C:\Windows\system32\dnsapi.dll
2012-11-13 21:54:24 ----A---- C:\Windows\system32\RacEngn.dll
2012-11-13 21:54:24 ----A---- C:\Windows\system32\fveapibase.dll
2012-11-13 21:54:24 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2012-11-13 21:54:24 ----A---- C:\Windows\system32\drivers\msgpiowin32.sys
2012-11-13 21:54:23 ----A---- C:\Windows\system32\wmpmde.dll
2012-11-13 21:54:23 ----A---- C:\Windows\system32\TpmTasks.dll
2012-11-13 21:54:23 ----A---- C:\Windows\system32\drivers\usbehci.sys
2012-11-13 21:54:22 ----A---- C:\Windows\system32\PackageStateRoaming.dll
2012-11-13 21:54:21 ----A---- C:\Windows\system32\setbcdlocale.dll
2012-11-13 21:54:21 ----A---- C:\Windows\system32\provcore.dll
2012-11-13 21:54:21 ----A---- C:\Windows\system32\drivers\msgpioclx.sys
2012-11-13 21:54:20 ----A---- C:\Windows\system32\twinapi.dll
2012-11-13 21:54:20 ----A---- C:\Windows\system32\propsys.dll
2012-11-13 21:54:20 ----A---- C:\Windows\system32\dwmredir.dll
2012-11-13 21:54:19 ----A---- C:\Windows\system32\mmcss.dll
2012-11-13 21:54:19 ----A---- C:\Windows\system32\drivers\UCX01000.SYS
2012-11-13 21:54:19 ----A---- C:\Windows\system32\drivers\fvevol.sys
2012-11-13 21:54:19 ----A---- C:\Windows\system32\drivers\csc.sys
2012-11-13 21:54:19 ----A---- C:\Windows\system32\avrt.dll
2012-11-13 21:54:18 ----A---- C:\Windows\system32\VAN.dll
2012-11-13 21:54:18 ----A---- C:\Windows\system32\svchost.exe
2012-11-13 21:54:18 ----A---- C:\Windows\system32\microsoft-windows-kernel-power-events.dll
2012-11-13 21:54:18 ----A---- C:\Windows\system32\mfsrcsnk.dll
2012-11-13 21:54:18 ----A---- C:\Windows\system32\drivers\dumpfve.sys
2012-11-13 21:54:18 ----A---- C:\Windows\system32\combase.dll
2012-11-13 21:54:17 ----A---- C:\Windows\system32\UserLanguagesCpl.dll
2012-11-13 21:54:17 ----A---- C:\Windows\system32\HalExtIntcLpioDMA.dll
2012-11-13 21:54:17 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-11-13 21:54:17 ----A---- C:\Windows\system32\batmeter.dll
2012-11-13 21:54:17 ----A---- C:\Windows\system32\aelupsvc.dll
2012-11-13 21:54:16 ----A---- C:\Windows\system32\HalExtIntcUartDMA.dll
2012-11-13 21:54:16 ----A---- C:\Windows\system32\drivers\usbd.sys
2012-11-13 21:54:16 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-11-13 21:54:16 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2012-11-13 21:54:15 ----A---- C:\Windows\system32\WinTypes.dll
2012-11-13 21:54:15 ----A---- C:\Windows\system32\perfdisk.dll
2012-11-13 21:54:15 ----A---- C:\Windows\system32\drivers\tpm.sys
2012-11-13 21:54:13 ----A---- C:\Windows\system32\wpncore.dll
2012-11-13 21:54:13 ----A---- C:\Windows\system32\wlidcredprov.dll
2012-11-13 21:54:13 ----A---- C:\Windows\system32\Windows.Networking.Connectivity.dll
2012-11-13 21:54:13 ----A---- C:\Windows\system32\mfsvr.dll
2012-11-13 21:54:12 ----A---- C:\Windows\system32\user32.dll
2012-11-13 21:54:12 ----A---- C:\Windows\system32\ProximityService.dll
2012-11-13 21:54:12 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2012-11-13 21:54:11 ----A---- C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2012-11-13 21:54:11 ----A---- C:\Windows\system32\vds.exe
2012-11-13 21:54:11 ----A---- C:\Windows\system32\storewuauth.dll
2012-11-13 21:54:11 ----A---- C:\Windows\system32\lsass.exe
2012-11-13 21:54:11 ----A---- C:\Windows\system32\fhengine.dll
2012-11-13 21:54:10 ----A---- C:\Windows\system32\winsrv.dll
2012-11-13 21:54:10 ----A---- C:\Windows\system32\taskeng.exe
2012-11-13 21:54:10 ----A---- C:\Windows\system32\msvproc.dll
2012-11-13 21:54:10 ----A---- C:\Windows\system32\lpksetup.exe
2012-11-13 21:54:09 ----A---- C:\Windows\system32\SettingSyncHost.exe
2012-11-13 21:54:09 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-13 21:54:09 ----A---- C:\Windows\system32\mfreadwrite.dll
2012-11-13 21:54:09 ----A---- C:\Windows\system32\mfh264enc.dll
2012-11-13 21:54:09 ----A---- C:\Windows\system32\fhcfg.dll
2012-11-13 21:54:09 ----A---- C:\Windows\system32\dwm.exe
2012-11-13 21:54:09 ----A---- C:\Windows\system32\dnsrslvr.dll
2012-11-13 21:54:08 ----A---- C:\Windows\system32\drvinst.exe
2012-11-13 21:54:08 ----A---- C:\Windows\system32\DAFWSD.dll
2012-11-13 21:54:07 ----A---- C:\Windows\system32\dxgi.dll
2012-11-13 21:54:06 ----A---- C:\Windows\system32\umpnpmgr.dll
2012-11-13 21:54:06 ----A---- C:\Windows\system32\perfnet.dll
2012-11-13 21:54:05 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-13 21:54:05 ----A---- C:\Windows\system32\wcncsvc.dll
2012-11-13 21:54:05 ----A---- C:\Windows\system32\fhcat.dll
2012-11-13 21:54:05 ----A---- C:\Windows\system32\d3d11.dll
2012-11-13 21:54:04 ----A---- C:\Windows\system32\webio.dll
2012-11-13 21:54:04 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2012-11-13 21:54:04 ----A---- C:\Windows\system32\RpcEpMap.dll
2012-11-13 21:54:04 ----A---- C:\Windows\system32\fhsvc.dll
2012-11-13 21:54:04 ----A---- C:\Windows\system32\DevPropMgr.dll
2012-11-13 21:54:03 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2012-11-13 21:54:03 ----A---- C:\Windows\system32\WcnApi.dll
2012-11-13 21:54:03 ----A---- C:\Windows\system32\lpremove.exe
2012-11-13 21:54:03 ----A---- C:\Windows\system32\CscMig.dll
2012-11-13 21:54:02 ----A---- C:\Windows\system32\umpo.dll
2012-11-13 21:54:02 ----A---- C:\Windows\system32\TimeBrokerServer.dll
2012-11-13 21:54:02 ----A---- C:\Windows\system32\sspicli.dll
2012-11-13 21:54:02 ----A---- C:\Windows\system32\rasdiag.dll
2012-11-13 21:54:02 ----A---- C:\Windows\system32\fhshl.dll
2012-11-13 21:54:02 ----A---- C:\Windows\system32\dafWCN.dll
2012-11-13 21:54:01 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-13 21:54:01 ----A---- C:\Windows\system32\fhsrchapi.dll
2012-11-13 21:54:01 ----A---- C:\Windows\system32\fhmanagew.exe
2012-11-13 21:54:01 ----A---- C:\Windows\system32\fhlisten.dll
2012-11-13 21:54:01 ----A---- C:\Windows\system32\fhcleanup.dll
2012-11-13 21:54:01 ----A---- C:\Windows\system32\cryptdlg.dll
2012-11-13 21:54:00 ----A---- C:\Windows\system32\WcnEapAuthProxy.dll
2012-11-13 21:54:00 ----A---- C:\Windows\system32\vsstrace.dll
2012-11-13 21:54:00 ----A---- C:\Windows\system32\sdbinst.exe
2012-11-13 21:54:00 ----A---- C:\Windows\system32\OEMLicense.dll
2012-11-13 21:54:00 ----A---- C:\Windows\system32\fhtask.dll
2012-11-13 21:54:00 ----A---- C:\Windows\system32\fhsrchph.dll
2012-11-13 21:54:00 ----A---- C:\Windows\system32\fdWCN.dll
2012-11-13 21:53:59 ----A---- C:\Windows\system32\WcnEapPeerProxy.dll
2012-11-13 21:53:59 ----A---- C:\Windows\system32\vdsldr.exe
2012-11-13 21:53:59 ----A---- C:\Windows\system32\rasmxs.dll
2012-11-13 21:53:59 ----A---- C:\Windows\system32\fhautoplay.dll
2012-11-13 21:53:58 ----A---- C:\Windows\system32\rasser.dll
2012-11-13 21:53:58 ----A---- C:\Windows\system32\perfproc.dll
2012-11-13 21:53:58 ----A---- C:\Windows\system32\perfos.dll
2012-11-13 21:53:58 ----A---- C:\Windows\system32\perfctrs.dll
2012-11-13 21:53:58 ----A---- C:\Windows\system32\drivers\BthhfHid.sys
2012-11-13 21:53:57 ----A---- C:\Windows\system32\sspisrv.dll
2012-11-13 21:53:57 ----A---- C:\Windows\system32\fhsvcctl.dll
2012-11-13 21:53:57 ----A---- C:\Windows\system32\drivers\BthAvrcpTg.sys
2012-11-13 21:53:56 ----A---- C:\Windows\system32\vds_ps.dll
2012-11-13 21:53:56 ----A---- C:\Windows\system32\MUILanguageCleanup.dll
2012-11-13 21:53:56 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
2012-11-13 21:53:56 ----A---- C:\Windows\system32\eventcls.dll
2012-11-13 21:53:56 ----A---- C:\Windows\system32\drivers\ws2ifsl.sys
2012-11-13 21:53:55 ----A---- C:\Windows\system32\spwmp.dll
2012-11-13 21:53:55 ----A---- C:\Windows\system32\shimeng.dll
2012-11-13 21:53:55 ----A---- C:\Windows\system32\lpksetupproxyserv.dll
2012-11-13 21:53:55 ----A---- C:\Windows\system32\dxmasf.dll
2012-11-13 21:53:54 ----A---- C:\Windows\system32\drivers\wanarp.sys
2012-11-13 21:53:54 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2012-11-13 21:53:54 ----A---- C:\Windows\system32\drivers\usbohci.sys
2012-11-13 21:53:54 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2012-11-13 21:53:54 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2012-11-13 21:53:54 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2012-11-13 21:53:54 ----A---- C:\Windows\system32\drivers\BtaMPM.sys
2012-11-13 21:53:54 ----A---- C:\Windows\system32\cdd.dll
2012-11-13 21:53:53 ----A---- C:\Windows\system32\wmploc.DLL
2012-11-13 21:53:06 ----A---- C:\Windows\system32\newdev.exe
2012-11-13 21:53:06 ----A---- C:\Windows\system32\newdev.dll
2012-11-13 21:53:06 ----A---- C:\Windows\system32\ndadmin.exe
2012-11-13 21:53:04 ----A---- C:\Windows\system32\wwansvc.dll
2012-11-13 21:53:04 ----A---- C:\Windows\system32\wwanprotdim.dll
2012-11-13 21:52:53 ----A---- C:\Windows\system32\win32k.sys
2012-11-13 21:52:51 ----A---- C:\Windows\system32\shell32.dll
2012-11-13 21:52:48 ----A---- C:\Windows\system32\ReAgentc.exe
2012-11-13 21:52:48 ----A---- C:\Windows\system32\ReAgent.dll
2012-11-13 21:47:12 ----D---- C:\Program Files\ATI Technologies
2012-11-13 21:47:09 ----D---- C:\Program Files\ATI
2012-11-13 21:45:51 ----D---- C:\ATI
2012-11-13 21:33:50 ----A---- C:\Windows\system32\SLCHook.dll
2012-11-13 21:29:15 ----A---- C:\Windows\system32\drivers\HpqKbFiltr.sys
2012-11-13 21:29:14 ----A---- C:\Windows\system32\drivers\wdfcoinstaller01005.dll
2012-11-13 21:29:07 ----RA---- C:\Windows\system32\BttnCmn.dll
2012-11-13 21:29:06 ----A---- C:\Windows\system32\BttnCmns.dll
2012-11-13 21:29:05 ----D---- C:\Program Files\Hewlett-Packard
2012-11-13 21:29:03 ----HD---- C:\Program Files\InstallShield Installation Information
2012-11-13 21:28:35 ----D---- C:\Windows\QLB
2012-11-13 21:28:28 ----D---- C:\Users\Tigerpapó\AppData\Roaming\HEXelon
2012-11-13 21:28:28 ----A---- C:\Windows\system32\drivers\vd_filedisk.sys
2012-11-13 21:25:39 ----D---- C:\Program Files\TC UP
2012-11-13 21:19:06 ----D---- C:\Users\Tigerpapó\AppData\Roaming\Skype
2012-11-13 21:18:58 ----D---- C:\Program Files\Common Files\Skype
2012-11-13 21:18:51 ----RD---- C:\Program Files\Skype
2012-11-13 21:17:50 ----D---- C:\ProgramData\Skype
2012-11-13 21:16:11 ----D---- C:\Program Files\Synaptics
2012-11-13 21:12:52 ----D---- C:\Program Files\AuthenTec
2012-11-13 20:58:50 ----D---- C:\Users\Tigerpapó\AppData\Roaming\Macromedia
2012-11-13 20:57:31 ----A---- C:\Windows\system32\netcfg-917171.txt
2012-11-13 20:55:33 ----A---- C:\Windows\system32\netcfg-798843.txt
2012-11-13 20:54:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-13 20:52:37 ----D---- C:\Users\Tigerpapó\AppData\Roaming\Adobe
2012-11-13 20:48:46 ----D---- C:\ProgramData\PRICache
2012-11-13 20:48:25 ----SD---- C:\Users\Tigerpapó\AppData\Roaming\Microsoft
2012-11-13 20:47:49 ----D---- C:\Windows\CSC
2012-11-13 20:45:28 ----D---- C:\Windows\SoftwareDistribution
2012-11-13 20:44:19 ----A---- C:\Windows\system32\netcfg-127140.txt
2012-11-13 20:42:46 ----SHD---- C:\ProgramData\Sablonok
2012-11-13 20:42:46 ----SHD---- C:\ProgramData\Dokumentumok
2012-11-13 20:42:46 ----SHD---- C:\ProgramData\Asztal
2012-11-13 20:42:20 ----ASH---- C:\hiberfil.sys
2012-11-13 20:40:45 ----A---- C:\Windows\system32\netcfg-150609.txt
2012-11-13 20:40:44 ----A---- C:\Windows\system32\netcfg-149812.txt
2012-11-13 20:40:40 ----A---- C:\Windows\system32\netcfg-145296.txt
2012-11-13 20:40:34 ----A---- C:\Windows\system32\netcfg-139531.txt
2012-11-13 20:40:32 ----A---- C:\Windows\system32\netcfg-138140.txt
2012-11-13 20:40:32 ----A---- C:\Windows\system32\netcfg-137687.txt
2012-11-13 20:40:31 ----A---- C:\Windows\system32\netcfg-137203.txt
2012-11-13 20:40:31 ----A---- C:\Windows\system32\netcfg-136609.txt
2012-11-13 20:40:31 ----A---- C:\Windows\system32\netcfg-136281.txt
2012-11-13 20:40:30 ----A---- C:\Windows\system32\netcfg-135875.txt
2012-11-13 20:40:30 ----A---- C:\Windows\system32\netcfg-135453.txt
2012-11-13 20:40:28 ----A---- C:\Windows\system32\netcfg-133890.txt
2012-11-13 20:40:26 ----A---- C:\Windows\system32\netcfg-132031.txt
2012-11-13 20:39:20 ----D---- C:\Windows\Prefetch
2012-11-13 20:38:29 ----ASH---- C:\swapfile.sys
2012-11-13 20:38:29 ----ASH---- C:\pagefile.sys
2012-11-13 20:38:26 ----SHD---- C:\System Volume Information
2012-11-13 20:37:15 ----D---- C:\Windows\Panther
2012-11-02 00:07:02 ----A---- C:\Windows\system32\drivers\avgwfpx.sys
2012-10-26 04:17:44 ----A---- C:\Windows\system32\drivers\avgbootx.sys
2012-10-22 13:02:46 ----A---- C:\Windows\system32\drivers\avgidsdriverx.sys
2012-10-15 03:48:52 ----A---- C:\Windows\system32\drivers\avgidshx.sys
2012-10-05 03:32:50 ----A---- C:\Windows\system32\drivers\avgmfx86.sys
2012-10-02 03:30:38 ----A---- C:\Windows\system32\drivers\avgldx86.sys
2012-09-21 03:46:00 ----A---- C:\Windows\system32\drivers\avglogx.sys
2012-09-14 03:05:20 ----A---- C:\Windows\system32\drivers\avgrkx86.sys
2012-08-30 08:52:28 ----A---- C:\Windows\system32\WdfCoinstaller01009.dll
2012-08-30 08:52:28 ----A---- C:\Windows\system32\drivers\ATSwpWDF.sys

======List of files/folders modified in the last 3 months======

2012-11-27 17:23:13 ----RD---- C:\Program Files
2012-11-27 17:02:50 ----D---- C:\Windows\system32\sru
2012-11-27 09:10:54 ----D---- C:\Windows\Temp
2012-11-26 22:26:56 ----D---- C:\Windows\Microsoft.NET
2012-11-25 20:50:21 ----SHD---- C:\Windows\Installer
2012-11-25 20:48:27 ----HD---- C:\Windows\ELAMBKUP
2012-11-25 20:48:27 ----D---- C:\Windows\system32\Drivers
2012-11-25 20:48:07 ----D---- C:\Windows\system32\config
2012-11-25 20:38:23 ----HD---- C:\ProgramData
2012-11-25 20:38:08 ----D---- C:\Program Files\Common Files
2012-11-25 20:34:34 ----RD---- C:\Windows\System32
2012-11-25 20:34:34 ----D---- C:\Program Files\Common Files\microsoft shared
2012-11-23 10:20:01 ----D---- C:\Windows\AUInstallAgent
2012-11-23 10:17:59 ----HD---- C:\Program Files\WindowsApps
2012-11-23 01:04:04 ----D---- C:\Windows\inf
2012-11-20 09:44:43 ----D---- C:\Windows\Logs
2012-11-16 21:02:20 ----D---- C:\Windows\system32\LogFiles
2012-11-16 11:40:00 ----D---- C:\Windows\rescache
2012-11-16 11:32:09 ----RSD---- C:\Windows\assembly
2012-11-16 00:13:20 ----RSD---- C:\Windows\Fonts
2012-11-15 23:30:34 ----D---- C:\Windows\system32\DriverStore
2012-11-15 23:30:34 ----D---- C:\Windows\system32\catroot
2012-11-15 22:55:36 ----D---- C:\Windows\debug
2012-11-15 21:37:33 ----D---- C:\Windows\WinSxS
2012-11-15 21:34:04 ----D---- C:\Windows
2012-11-15 21:27:24 ----SD---- C:\ProgramData\Microsoft
2012-11-15 20:25:55 ----SHD---- C:\$Recycle.Bin
2012-11-15 19:16:10 ----D---- C:\Windows\CbsTemp
2012-11-15 18:39:46 ----D---- C:\Windows\system32\WinBioDatabase
2012-11-14 18:05:55 ----D---- C:\Windows\system32\MUI
2012-11-14 18:05:55 ----D---- C:\Windows\system32\hu-HU
2012-11-14 15:53:42 ----D---- C:\Windows\Tasks
2012-11-14 15:53:42 ----D---- C:\Windows\system32\Tasks
2012-11-14 09:27:53 ----A---- C:\Windows\win.ini
2012-11-14 09:27:14 ----D---- C:\Windows\ShellNew
2012-11-14 09:26:21 ----D---- C:\Program Files\Common Files\System
2012-11-14 09:24:35 ----D---- C:\Program Files\Microsoft.NET
2012-11-14 09:21:51 ----D---- C:\Windows\System
2012-11-13 23:05:49 ----D---- C:\Windows\system32\wdi
2012-11-13 23:00:48 ----D---- C:\Windows\WinStore
2012-11-13 23:00:47 ----RD---- C:\Windows\ToastData
2012-11-13 23:00:45 ----D---- C:\Windows\system32\wbem
2012-11-13 23:00:43 ----D---- C:\Program Files\Internet Explorer
2012-11-13 23:00:40 ----D---- C:\Windows\PolicyDefinitions
2012-11-13 23:00:39 ----D---- C:\Windows\system32\migration
2012-11-13 23:00:39 ----D---- C:\Windows\system32\en-US
2012-11-13 23:00:39 ----D---- C:\Windows\system32\Boot
2012-11-13 23:00:35 ----D---- C:\Windows\apppatch
2012-11-13 22:59:53 ----RD---- C:\Windows\ImmersiveControlPanel
2012-11-13 22:59:50 ----D---- C:\Windows\system32\oobe
2012-11-13 22:59:21 ----D---- C:\Program Files\Windows Media Player
2012-11-13 22:35:45 ----D---- C:\Windows\system32\catroot2
2012-11-13 22:35:18 ----D---- C:\Windows\system32\drivers\UMDF
2012-11-13 21:28:46 ----D---- C:\Windows\system32\restore
2012-11-13 21:12:52 ----D---- C:\Windows\system32\WinBioPlugIns
2012-11-13 20:53:44 ----D---- C:\Windows\system32\CodeIntegrity
2012-11-13 20:48:08 ----RD---- C:\Users
2012-11-13 20:42:53 ----D---- C:\Windows\system32\Recovery
2012-11-13 20:42:46 ----D---- C:\Program Files\Windows NT
2012-10-01 20:30:05 ----A---- C:\Windows\system32\slwga.dll
2012-09-19 12:43:57 ----A---- C:\Windows\system32\slmgr.vbs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\Windows\System32\drivers\ACPI.sys [2012-09-20 338152]
R0 acpiex;Microsoft ACPIEx Driver; C:\Windows\System32\Drivers\acpiex.sys [2012-07-26 58608]
R0 atapi;@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel; C:\Windows\System32\drivers\atapi.sys [2012-07-26 22768]
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-10-15 55776]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2012-09-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2012-10-05 93536]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-09-14 35552]
R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\Windows\System32\drivers\CLFS.sys [2012-07-26 256240]
R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys [2012-10-11 493136]
R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\Windows\System32\drivers\disk.sys [2012-07-26 84208]
R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\Windows\System32\drivers\fileinfo.sys [2012-07-26 59632]
R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\Windows\system32\drivers\fltmgr.sys [2012-07-26 293104]
R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys [2012-09-20 407272]
R0 KSecDD;KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [2012-09-20 81128]
R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [2012-10-11 155880]
R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\Windows\System32\drivers\mountmgr.sys [2012-07-26 78064]
R0 msisadrv;msisadrv; C:\Windows\System32\drivers\msisadrv.sys [2012-07-26 15088]
R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\Windows\System32\Drivers\mup.sys [2012-07-26 57584]
R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\Windows\system32\drivers\ndis.sys [2012-10-11 829672]
R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\Windows\System32\drivers\partmgr.sys [2012-07-26 74992]
R0 pci;@machine.inf,%pci_svcdesc%;PCI Bus Driver; C:\Windows\System32\drivers\pci.sys [2012-07-26 191216]
R0 pciide;pciide; C:\Windows\System32\drivers\pciide.sys [2012-07-26 13552]
R0 pcmcia;pcmcia; C:\Windows\System32\drivers\pcmcia.sys [2012-07-26 194288]
R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys [2012-07-26 43760]
R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\Windows\system32\drivers\pdc.sys [2012-10-18 58088]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2012-07-26 173296]
R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\Windows\System32\drivers\spaceport.sys [2012-07-26 238320]
R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\Windows\System32\drivers\tcpip.sys [2012-09-20 1817320]
R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\Windows\System32\drivers\vdrvroot.sys [2012-07-26 32496]
R0 volmgr;@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver; C:\Windows\System32\drivers\volmgr.sys [2012-07-26 66288]
R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\Windows\System32\drivers\volmgrx.sys [2012-07-26 313072]
R0 volsnap;@volume.inf,%VolumeClassName%;Storage volumes; C:\Windows\System32\drivers\volsnap.sys [2012-07-26 282352]
R0 Wdf01000;@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000; C:\Windows\system32\drivers\Wdf01000.sys [2012-07-26 526952]
R0 WFPLWFS;@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000; C:\Windows\system32\DRIVERS\wfplwfs.sys [2012-07-26 38640]


kedd nov. 27, 2012 18:00
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás Re: BackDoor.Dorkbot vírus
Köszönöm a segítséget!

Logfile of random's system information tool 1.09 (written by random/random)
Run by Tigerpapó at 2012-11-27 17:23:12
Microsoft Windows 8 Pro
System drive C: has 4 GB (22%) free of 20 GB
Total RAM: 1407 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:24:58, on 2012.11.27.
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16442)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Optimizer Pro\OptProReminder.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Windows\system32\wwahost.exe
C:\Program Files\TC UP\TOTALCMD.EXE
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\AuthenTec TrueSuite\TouchControl.exe
C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Users\Tigerpapó\Desktop\RSIT.exe
C:\Program Files\trend micro\Tigerpapó.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Download and Sa - {6A992045-F89F-D05D-90AC-98DFBAD6915C} - C:\ProgramData\Download and Sa\50a35a26d9da0.ocx
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{6D004E0B-3D07-4B30-AF89-88866A615897}: NameServer = 192.168.111.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @oem5.inf,%AEADISRV.SvcDesc%;Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%SystemRoot%\System32\AUInstallAgent.dll,-101 (AllUserInstallAgent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: TrueSuiteService (FPLService) - AuthenTec, Inc - C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Windows\system32\spool\DRIVERS\W32X86\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vmicres.dll,-101 (vmicheartbeat) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vmicres.dll,-201 (vmickvpexchange) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vmicres.dll,-601 (vmicrdv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vmicres.dll,-301 (vmicshutdown) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vmicres.dll,-401 (vmictimesync) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vmicres.dll,-501 (vmicvss) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%SystemRoot%\system32\WSService.dll,-103 (WSService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 23040 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\OptimizerProUpdaterTask{0FA739D6-3C36-41B5-8E37-0F526C2CA50C}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Tigerpapó\AppData\Roaming\Mozilla\Firefox\Profiles\69qcs08a.default

prefs.js - "browser.startup.homepage" - "https://www.facebook.com/?ref=tn_tnmn"
prefs.js - "keyword.URL" - "http://isearch.avg.com/search?cid={BF2948A0-7584-4F59-AB2A-8654275D50F4}&mid=276e5e5a694d47d08c1bd15ee23db7bc-a95ce77744607960daeec6bcc56ec65e12eb2db0&lang=hu&ds=AVG&pr=fr&d=2012-11-25 20:38:12&v=13.2.0.4&sap=ku&q="

"avg@toolbar"=C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.110 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
creativecommons.xml
eBay-hu.xml
google.xml
sztaki-en-hu.xml
vatera.xml
wikipedia-hu.xml

C:\Users\Tigerpapó\AppData\Roaming\Mozilla\Firefox\Profiles\69qcs08a.default\extensions\
50a35a26d9c1a@50a35a26d9c52.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A992045-F89F-D05D-90AC-98DFBAD6915C}]
Download and Sa Class - C:\ProgramData\Download and Sa\50a35a26d9da0.ocx [2012-11-14 129024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-11-26 1796552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-11-26 1796552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-13 774233]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-02-21 1183744]
"AVG_UI"=C:\Program Files\AVG\AVG2013\avgui.exe [2012-11-06 3143800]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-11-26 997320]
"ROC_roc_ssl_v12"=C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe [2012-11-25 1020512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-11-09 17877168]
"Optimizer Pro"=C:\Program Files\Optimizer Pro\OptProLauncher.exe [2012-10-21 81952]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2012-07-26 335360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"ConsentPromptBehaviorUser"=3
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=tsccvid.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*


kedd nov. 27, 2012 17:51
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: BackDoor.Dorkbot vírus
Udv.
Tedd ide az RSIT naplojat,
http://virus-stell.blogspot.sk/2010/04/rsit.html


kedd nov. 27, 2012 8:56
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: szomb. jan. 21, 2012 19:59
Hozzászólások: 35
Hozzászólás BackDoor.Dorkbot vírus
Hali!

Történt egy kis probléma! Valahonnan összeszedtem a pendrive-omon egy BackDoor.Dorkbot nevezetű vírust és az AVG automatikusan jelezte a problémát. Fontos lenne valahogy megmentenem a fájlokat, amelyeket .ink kiterjesztésben lát az AVG. Tud valaki segítséget ehhez a váratlan és elég nagy problémához?

előre is köszönöm!


hétf. nov. 26, 2012 20:45
Profil Privát üzenet küldése
Hozzászólások megjelenítése:  Rendezés  
Hozzászólás a témához   [ 38 hozzászólás ] 

Ki van itt

Jelenlévő fórumozók: nincs regisztrált felhasználó valamint 5 vendég


Nem nyithatsz témákat ebben a fórumban.
Nem válaszolhatsz egy témára ebben a fórumban.
Nem szerkesztheted a hozzászólásaidat ebben a fórumban.
Nem törölheted a hozzászólásaidat ebben a fórumban.

Keresés:
Ugrás:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by ST Software for PTF.
Magyar fordítás © Magyar phpBB Közösség