Terminál Fórum https://forum.technokrata.hu/forum/ |
|
BackDoor.Dorkbot vírus https://forum.technokrata.hu/forum/viewtopic.php?f=15&t=40236 |
Oldal: 1 / 1 |
Szerző: | Bede [ kedd márc. 26, 2013 13:51 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
mégegyszer átnyálaztam a témát és most ugynézki sikerül:) |
Szerző: | Bede [ kedd márc. 26, 2013 13:16 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Hello! Elolvastam az eddigieket de nekem nem világos teljesen vagy csak rosszul értelmeztem a dolgokat. A problémám az hogy van egy 1 terás külsővinyóm és bekapot egy vírust. elvileg backdoor. ami rajta voltak mappák parancsikont csinált belőlük és nem lehet megnyitni. de foglalják a lemezterületet. valahogy vissza szeretném hozni az adatokat mer elég fontosak! windows 7 em van. ha szánna rám valaki egy kis időt akkor megköszönném!:) |
Szerző: | Laci_L [ pén. dec. 14, 2012 20:55 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
stell írta: ... nem akarjak azt csinálni amit írok... Igazad van, de ne gurulj be teljesen. Keep on smiling. |
Szerző: | stell [ pén. dec. 14, 2012 16:54 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Mivel hogy, nem csináltad azt amit írtam, evvel a te témadal nem fogok foglalkozni. Meg kérem a bajba kerülőkét hogy ne is írjanak ide , ha nem akarjak azt csinálni amit írok. Feleslegesen használjak a drága időmet. Köszönöm |
Szerző: | stell [ csüt. dec. 13, 2012 16:47 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
En ertetem a kerdest, igen mert hozza kapcsoltad a fertőzőt pendrivt a gepedhez, amit leirtam mindent a te gepeden csinaljad. |
Szerző: | sunn [ csüt. dec. 13, 2012 16:10 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Tudtam, hogy itt megkapom a profi segítséget! Hálás köszönet! Még ezután fogok hozzá és mielőtt nekikezdek azért megemlítem, hogy a "rákerülhettet-e valami a gépemre így is" kérdés alatt a saját gépemet értettem és nem a haverét amit teklepítettem és ami végül a mappáimat karanténba tette. Az én gépem találta viszont a két exe-t a pendrive-on és azokat már ő tette karanténba. Remélem ez nem fog gondot okozni!? Egyébként egy darkbot D vírussal állok szemben pontosan. Ha rákerült valami mégis a saját gépemre akkor mivel tudnék utánajárni a legnagyobb sikerrel? A pendrive adatai is nagyon fontosak de a gépem méginkább! Nem szeretném valami folyamat a háttérben megindulhasson rajta. |
Szerző: | stell [ csüt. dec. 13, 2012 14:58 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Udv Es miert rogton Formazas, es ujra rakas, ez minek?? Idézet: Kérdésem az lenne, hogy rákerülhetett -e valami a gépemre így is? A Valasz igen. Idézet: Valamint, hogy van-e esély az adataimat valahogyan visszanyernem a pendrive-ról? A Valasz igen.De csaj akkor ha mindent megcsinalsz amit ide irok. kapcsod a géphez mindent amit az usb-hasznalsz, ... csinalsz egy fix.bat fajlot es rateszed a pendrivre ,ahol az lathatatlan adatok vannak,es futtatod. Kód: @ECHO OFF ECHO (www.viruskasino.com) REM script created by: www.viruskasino.com attrib -s -h -r -a /s /d rd /s /q recycler PAUSE mikker lefut,akkor benyomsz akar mijen bilentyut. 2:letoltod az USBFIX programot az asztalra es futtatod, http://www.commentcamarche.net/download ... 838-usbfix Nyomod az gombot DELETE, mikkor lefut a naplojat tedd ide C:\USBFix.txt<<<itt lesz majd. video. http://www.youtube.com/watch?v=dtEfuOWFGDY 3:Letöltöd az asztalra az Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... it/dl/133/ Kicsomagolni>.tuttatni>.klik az MBANR>>klik az Next aztan Update<<a frissites utan ujbol klik>>Next Bepipazni mind 3-lehetoseget es klik Scan. Ha talal valamit, elenorizni ha mindenut van e pipa, ,bepipazni az Create Restore point es klik CleanUp a szamitogep restartol>>a naploja majd kinyílik, tedd ide mbar-log.txt. 4:Futtatod a combofixet , a naplojat tedd ide. http://www.bleepingcomputer.com/combofi ... t-combofix Aztan majd meglassuk, hogy mit latok a naplokban. |
Szerző: | sunn [ csüt. dec. 13, 2012 13:38 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Tiszteletem/Sziasztok! Először is örülök, hogy megtaláltam a fórumot és azzal kezdeném rögtön az elején, hogy végigolvastam az összes hozzászólást mégis engedjétek meg, hogy kérdezzek mert nem értek a dologhoz. Történt hogy tegnap haver gépét telepítettem és hiányzó driverért mentem a netre. Beszedtem a darkbotot, pendrive benne volt a gépben természetesen. Újratelepítettem raktam Eset Smart Sec. 5-öst és amikor betettem a pendrive-ot rá is csapott és minden mappát karanténba tett ("törléssel megtisztítva, karanténba helyezve"). A pendrive-on nem látom őket de ott vannak az adatok az tuti, mert tele van mind a 4gb. Saját gépemre rádugva az Eset meg is vizsgálja mindet és ráadásul talált 2 trójait még ezután (exe file-ok)!!! Kérdésem az lenne, hogy rákerülhetett -e valami a gépemre így is? (Ad-aware és Eset full scan nem talált semmit.) Valamint, hogy van-e esély az adataimat valahogyan visszanyernem a pendrive-ról? Xp-t használunk, ezt csak azért említem mert olvastam ez sem mindig mindegy. Előre is köszönöm a segítséget! |
Szerző: | stell [ vas. dec. 02, 2012 9:55 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Igen, énszerintem a win8, helyet rakd a win7,rendszert, es aztan a tobbi rendszert vizsgald att az USBFIX programmal, es az Malwarebytes programmal is, teljes vizsgalat. |
Szerző: | tigerpapo [ szomb. dec. 01, 2012 10:21 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Végül is formáztam a pendrive-ot, nem akarom tovább terjeszteni a férget. A gépen hogy szabaduljak meg a féregtől? Rakjak fel egy másik rendszert? Van egy másik gépem is amin win7 van, kiváncsi lennék rá az a rendszer tiszta-e! A vírusirtó nem jelzet semmit ott. Leellenőrizzem a win7-en valamelyik programmal? |
Szerző: | stell [ pén. nov. 30, 2012 17:27 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Azt mond meg hogy minek neked az Win8, es meg hozza megvan torve, az Win8 ra meg nincsen sok diagnosztikus eszkoz. Nem ez a virus ,nem virus hanem FÉREG. Ez amit az USBFIX kitorolt, ez nem a fajloid voltak, hanem ezt a FEREG hozta letre, azert raktam vissza hogy az USBFIX lassa mirol van szo, a te fajloid ott vannak mindig az G:\meghajton, de elvanak rejtve, ez ez azt jelenti hogy a rendszer mindig fertőzőt, de mivelhogy nincsen anyi diagnosztikus eszkoz, nem tudom hogy mit futtatcsak ezen a Törőt win8, rendszeren, |
Szerző: | tigerpapo [ pén. nov. 30, 2012 15:57 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Háát a pendrive-ról letörölt mindent ami fertőzött volt. Tehát a fájlok nagy része törlődött, javítani nem javította a fertőzött fájlokat, bár biztos már nem lehetett! de azt honnan tudom meg hogy megszabadultam a vírustól? |
Szerző: | stell [ pén. nov. 30, 2012 11:44 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
na es, most mar jo??, mert ide a combofixet nem engedhesuk, mert ez win8, es itt nem megy, es ha menne is, akkor tonkre teheti a rendszert, Futtattad mindenűt ,minden meghajtón???azt a recycler.bat fajlot?? |
Szerző: | tigerpapo [ pén. nov. 30, 2012 10:26 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Úgy néz ki letörölte a fájlokat a pendriveról! |
Szerző: | tigerpapo [ pén. nov. 30, 2012 10:24 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
--------------------------------------- Malwarebytes Anti-Rootkit BETA 1.01.0.1009 (c) Malwarebytes Corporation 2011-2012 OS version: 6.2.9200 Windows 7 x86 Account is Administrative Internet Explorer version: 9.10.9200.16433 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 1.796000 GHz Memory total: 1475792896, free: 744247296 ------------ Kernel report ------------ 11/30/2012 09:54:48 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\halmacpi.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_AuthenticAMD.dll \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\System32\Drivers\WppRecorder.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\system32\drivers\tpm.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\pciide.sys \SystemRoot\System32\drivers\PCIIDEX.SYS \SystemRoot\System32\drivers\pcmcia.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\atapi.sys \SystemRoot\System32\drivers\ataport.SYS \SystemRoot\System32\drivers\EhStorClass.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\DRIVERS\wfplwfs.sys \SystemRoot\system32\DRIVERS\avglogx.sys \SystemRoot\system32\DRIVERS\avgmfx86.sys \SystemRoot\system32\DRIVERS\avgidshx.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\avgrkx86.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\drivers\dtsoftbus01.sys \SystemRoot\System32\drivers\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\BasicRender.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\System32\drivers\BasicDisplay.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\system32\DRIVERS\avgwfpx.sys \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\avgldx86.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\csc.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\System32\Drivers\VD_FileDisk.SYS \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\avgidsshimw8x.sys \SystemRoot\system32\DRIVERS\avgidsdriverx.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\System32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\kdnic.sys \SystemRoot\System32\drivers\umbus.sys \SystemRoot\System32\drivers\amdk8.sys \SystemRoot\system32\DRIVERS\atikmdag.sys \SystemRoot\system32\DRIVERS\bcmwl63.sys \SystemRoot\System32\drivers\vwifibus.sys \SystemRoot\System32\drivers\usbohci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\System32\drivers\parport.sys \SystemRoot\System32\drivers\i8042prt.sys \SystemRoot\System32\drivers\HpqKbFiltr.sys \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\system32\DRIVERS\b57nd60x.sys \SystemRoot\System32\drivers\1394ohci.sys \SystemRoot\System32\drivers\sdbus.sys \SystemRoot\system32\DRIVERS\cpqbttn.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\System32\drivers\CmBatt.sys \SystemRoot\System32\drivers\BATTC.SYS \SystemRoot\System32\drivers\wmiacpi.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\System32\drivers\swenum.sys \SystemRoot\System32\drivers\ks.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\System32\drivers\kbdhid.sys \SystemRoot\system32\drivers\ADIHdAud.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\DRIVERS\VSTAZL3.SYS \SystemRoot\system32\DRIVERS\VSTDPV3.SYS \SystemRoot\system32\DRIVERS\VSTCNXT3.SYS \SystemRoot\system32\drivers\modem.sys \SystemRoot\System32\drivers\hidusb.sys \SystemRoot\System32\drivers\mouhid.sys \SystemRoot\System32\Drivers\dump_dumpata.sys \SystemRoot\System32\Drivers\dump_atapi.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\System32\win32k.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\drivers\parvdm.sys \SystemRoot\system32\drivers\Ndu.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\DRIVERS\ATSwpWDF.sys \SystemRoot\system32\DRIVERS\mslldp.sys \SystemRoot\System32\drivers\condrv.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\mbamswissarmy.sys ----------- End ----------- <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xffffffff846d2918 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\ Lower Device Object: 0xffffffff839d0870 Lower Device Driver Name: \Driver\atapi\ Driver name found: atapi DriverEntry returned 0x0 Function returned 0x0 Downloaded database version: v2012.11.30.05 Downloaded database version: v2012.11.29.01 Initializing... Scan Interrupted Initializing... Done! Scanning directory: C:\Windows\system32\drivers... <<<2>>> Device number: 0, partition: 2 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffffff846d2918, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff846d2598, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffffff846d2918, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ DevicePointer: 0xffffffff84613408, DeviceName: Unknown, DriverName: \Driver\ACPI\ DevicePointer: 0xffffffff839d0870, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\ ------------ End ---------- Upper DeviceData: 0xffffffffa59b1360, 0xffffffff846d2918, 0xffffffff84b70a80 Lower DeviceData: 0xffffffffa1be4cb0, 0xffffffff839d0870, 0xffffffff9e73e718 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: B2EDB2ED Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 716800 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 718848 Numsec = 40894464 Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 41613312 Numsec = 114685952 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 80026361856 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-156281488-156301488)... Physical Sector Size: 512 Drive: 1, DevicePointer: 0xffffffff8583e030, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff8590c828, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffffff8583e030, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ DevicePointer: 0xffffffff858bfc70, DeviceName: \Device\00000052\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: C3072E18 Partition information: Partition 0 type is Other (0xb) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 7864257 Partition file system is FAT32 Partition is not bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 4026531840 bytes Sector size: 512 bytes Done! Performing system, memory and registry scan... Read File: File "C:\ProgramData\AVG2013\Chjw\7e121bf5121bb15f.dat" is sparse (flags = 32768) Done! Scan finished ======================================= |
Szerző: | tigerpapo [ pén. nov. 30, 2012 10:21 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
############################## | UsbFix V 7.100 | [Deletion] User: Tigerpapó (Administrator) # PROXIMUS Updated 11/11/2012 by El Desaparecido Started at 09:35:10 | 30/11/2012 Website: http://sosvirus.org Contact: contact@eldesaparecido.com PC: Hewlett-Packard (HP Compaq nx6325 (EY351EA#ACQ)) (X86-based PC CPU: Mobile AMD Sempron(tm) Processor 3500+ (1796) RAM -> [Total : 1407 | Free : 1058] BIOS: EPP runtime BIOS - Version 1.1 BOOT: Fail-safe with network boot OS: Microsoft Windows 8 Pro (6.2.9200 32-Bit) # WB: Windows Internet Explorer 9.10.9200.16433 SC: Security Center Service [Enabled] WU: Windows Update Service [(!) Disabled] AV: AVG Anti-Virus Free Edition 2013 [Enabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Fixed drive # 19 Gb (449 Mb free - 2%) [] # NTFS D:\ -> Fixed drive # 55 Gb (7 Mb free - 12%) [cuccos] # NTFS E:\ -> CD-ROM F:\ -> CD-ROM G:\ -> Removable drive # 4 Gb (4 Mb free - 96%) [] # FAT32 ################## | Active Processes | C:\Windows\system32\csrss.exe (400) C:\Windows\system32\csrss.exe (444) C:\Windows\system32\wininit.exe (452) C:\Windows\system32\winlogon.exe (496) C:\Windows\system32\services.exe (516) C:\Windows\system32\lsass.exe (528) C:\Windows\system32\svchost.exe (624) C:\Windows\system32\svchost.exe (668) C:\Windows\System32\svchost.exe (728) C:\Windows\system32\dwm.exe (752) C:\Windows\system32\svchost.exe (784) C:\Windows\system32\svchost.exe (820) C:\Windows\system32\svchost.exe (852) C:\Windows\system32\svchost.exe (876) C:\Windows\system32\svchost.exe (1040) C:\Windows\Explorer.EXE (1420) C:\Windows\system32\ctfmon.exe (1448) C:\Windows\system32\DllHost.exe (1648) C:\UsbFix\Go.exe (1892) C:\Windows\system32\wbem\wmiprvse.exe (340) ################## | Stopped processes | Stopped! C:\Windows\Explorer.EXE (1420) Stopped! C:\Windows\system32\ctfmon.exe (1448) Stopped! C:\Windows\system32\DllHost.exe (1648) ################## | Files # Infected Folders | Deleted ! G:\Biztonsági mentés.lnk Deleted ! G:\swtor.lnk Deleted ! G:\progik.lnk Deleted ! G:\láthatatlan színház.lnk Deleted ! G:\papír.lnk Deleted ! G:\képek.lnk Deleted ! G:\kép.lnk Deleted ! G:\Dokumentumok.lnk Deleted ! G:\alapvizsga.lnk Deleted ! C:\$RECYCLE.BIN\S-1-5-21-355688055-3770966632-2808113590-1001 Deleted ! D:\$RECYCLE.BIN\S-1-5-21-355688055-3770966632-2808113590-1001 (!) Temporary files deleted. ################## | Registry | ################## | Mountpoints2 | ################## | Listing | [25/11/2012 - 20:35:42 | D ] C:\$AVG [29/11/2012 - 21:48:54 | D ] C:\$Recycle.Bin [28/11/2012 - 14:58:02 | N | 2899] C:\AdwCleaner[S1].txt [13/11/2012 - 21:45:51 | D ] C:\ATI [26/07/2012 - 07:52:25 | N | 24] C:\autoexec.bat [28/11/2012 - 17:21:41 | D ] C:\Autorun.inf [26/07/2012 - 04:44:30 | RASH | 398156] C:\bootmgr [02/06/2012 - 15:30:55 | N | 1] C:\BOOTNXT [26/07/2012 - 07:52:25 | N | 10] C:\config.sys [26/07/2012 - 07:04:44 | SHD ] C:\Documents and Settings [30/11/2012 - 09:28:38 | ASH | 1180631040] C:\hiberfil.sys [21/11/2012 - 22:12:46 | D ] C:\MRVSZ2000 [14/11/2012 - 09:21:38 | D ] C:\MSOCache [26/07/2012 - 07:29:57 | D ] C:\PerfLogs [29/11/2012 - 16:35:00 | D ] C:\Program Files [29/11/2012 - 16:35:01 | D ] C:\ProgramData [28/11/2012 - 17:13:32 | N | 133] C:\recycler.bat [27/11/2012 - 17:25:06 | D ] C:\rsit [30/11/2012 - 09:28:39 | ASH | 268435456] C:\swapfile.sys [29/11/2012 - 12:13:28 | SHD ] C:\System Volume Information [30/11/2012 - 09:37:27 | D ] C:\UsbFix [30/11/2012 - 09:35:20 | A | 2032] C:\UsbFix.txt [28/11/2012 - 17:21:42 | N | 4703] C:\UsbFix_Upload_Me_PROXIMUS.zip [13/11/2012 - 20:48:08 | D ] C:\Users [29/11/2012 - 16:10:41 | D ] C:\Windows [28/11/2012 - 17:20:16 | D ] D:\$RECYCLE.BIN [26/03/2012 - 19:51:06 | D ] D:\+++HOSANNA+++ [11/01/2012 - 15:21:46 | N | 29379186] D:\02_Williams Star Wars Episode 2 - Across The Stars (Love Theme)_John Williams London Symphony Orchestra.flac [18/11/2011 - 22:30:32 | N | 51536] D:\297427_2095012702351_1456323154_31751744_1918570440_n.jpg [07/11/2012 - 20:35:03 | D ] D:\Adobe Audition 3.0 [28/11/2012 - 17:21:41 | D ] D:\Autorun.inf [26/04/2012 - 15:22:32 | D ] D:\b7f3d35899436f9bc3b0b3ea10d68ed5 [15/11/2011 - 12:45:01 | N | 858206] D:\CA_20091127_Alderaan01_full.jpg [31/05/2012 - 17:03:41 | N | 3782822] D:\ConvertHelperSetup.failed-conv-1.exe [31/05/2012 - 16:58:27 | N | 3782822] D:\ConvertHelperSetup.failed-conv.exe [23/11/2012 - 10:23:01 | D ] D:\dokumentumok [23/10/2011 - 21:04:40 | N | 44461] D:\DSCF0037.JPG [23/10/2011 - 21:04:55 | N | 21686] D:\DSCF0038.JPG [23/10/2011 - 20:56:09 | N | 110139] D:\DSC_0545.JPG [23/10/2011 - 20:55:13 | N | 101421] D:\DSC_0546.JPG [23/10/2011 - 20:54:57 | N | 104785] D:\DSC_0548.JPG [23/10/2011 - 20:52:54 | N | 85856] D:\DSC_0605.JPG [14/09/2012 - 20:02:46 | N | 168257821] D:\DUMP499b.tmp [06/06/2011 - 19:53:40 | N | 177055981] D:\DUMP4c6a.tmp [31/05/2012 - 17:13:24 | N | 13116454] D:\Eur_pa_ezer_ves_t_rt_nelme.mp4 [31/05/2012 - 17:24:59 | N | 134864810] D:\Eur_pa_t_rk_pe_1000-t_l.mp4 [26/01/2012 - 19:50:47 | N | 131585] D:\f378.doc [16/09/2012 - 20:15:16 | D ] D:\filmek [07/11/2007 - 07:00:40 | N | 1110] D:\globdata.ini [15/04/2010 - 22:26:31 | N | 268856] D:\Gáááábor_2010_04_15_@23_23_18.wav [08/05/2012 - 20:59:11 | N | 1187774620] D:\haegemonia.nrg [07/03/2011 - 21:37:20 | N | 586605] D:\hajnali fény.ses [06/03/2012 - 20:28:44 | D ] D:\honlap [07/03/2011 - 21:01:40 | N | 586605] D:\hosanna.ses [28/03/2012 - 19:58:01 | N | 59724] D:\húsvéti kert.jpg [18/05/2011 - 18:12:09 | N | 399703584] D:\Image.bin [18/05/2011 - 18:12:10 | N | 681] D:\Image.cue [07/11/2007 - 08:03:18 | N | 562688] D:\install.exe [07/11/2007 - 08:00:40 | N | 843] D:\install.ini [07/11/2007 - 08:03:18 | N | 76304] D:\install.res.1028.dll [07/11/2007 - 08:03:18 | N | 96272] D:\install.res.1031.dll [07/11/2007 - 08:03:18 | N | 91152] D:\install.res.1033.dll [07/11/2007 - 08:03:18 | N | 97296] D:\install.res.1036.dll [07/11/2007 - 08:03:18 | N | 95248] D:\install.res.1040.dll [07/11/2007 - 08:03:18 | N | 81424] D:\install.res.1041.dll [07/11/2007 - 08:03:18 | N | 79888] D:\install.res.1042.dll [07/11/2007 - 08:03:18 | N | 75792] D:\install.res.2052.dll [07/11/2007 - 08:03:18 | N | 96272] D:\install.res.3082.dll [20/11/2011 - 20:56:53 | N | 407459] D:\jedi consular - sage.jpg [13/11/2012 - 20:21:33 | N | 24064] D:\jegyzettömb.doc [11/11/2012 - 23:12:57 | D ] D:\képek [15/11/2011 - 12:32:42 | N | 48624] D:\lightsaber-duel.jpg [22/11/2012 - 20:45:56 | D ] D:\láthatatlan színház [03/01/2012 - 23:01:50 | D ] D:\msdownld.tmp [12/06/2009 - 21:44:45 | D ] D:\MSOCache [19/11/2012 - 23:15:10 | D ] D:\origami [30/11/2012 - 09:28:38 | ASH | 603979776] D:\pagefile.sys [26/01/2012 - 23:42:53 | N | 1523328] D:\pkrinstall.exe [25/11/2012 - 20:55:26 | D ] D:\progik [16/11/2012 - 00:09:19 | D ] D:\Program Files [23/08/2012 - 12:58:37 | D ] D:\ProgramData [29/10/2009 - 16:43:44 | N | 13644620] D:\Pucsok Pál elöadása.mp3 [28/11/2012 - 17:13:32 | N | 133] D:\recycler.bat [20/11/2011 - 21:26:15 | N | 186553] D:\seer tábla másolata.jpg [20/11/2011 - 21:26:06 | N | 1150659] D:\seer tábla.psd [20/11/2011 - 21:27:40 | N | 20523] D:\seer1 - Wisdom.jpg [22/11/2011 - 22:56:30 | N | 2303832] D:\setup.exe [19/11/2011 - 11:37:49 | N | 6370504] D:\setupscreenhunterfree.exe [29/03/2012 - 20:38:10 | D ] D:\SISSigner [05/06/2008 - 13:42:42 | N | 88016] D:\SouthPark57.jpg [04/10/2011 - 22:05:46 | N | 406603520] D:\srta kamara.nrg [24/10/2011 - 19:47:18 | N | 4228241] D:\Star-Wars---Knights-of-the-Old-Republic-(English)-Cover-2324-92.jpg [24/10/2011 - 19:40:07 | N | 265135] D:\sw kotor.jpg [17/12/2009 - 00:19:28 | N | 0] D:\SW.UNL [15/11/2011 - 12:49:12 | N | 838921] D:\SWTOR címer.jpg [15/11/2011 - 13:35:15 | N | 6937015] D:\swtor delta guild.jpg [15/11/2011 - 12:36:25 | N | 36829] D:\Swtor-guild.jpg [08/11/2011 - 12:29:17 | N | 832879] D:\swtor.jpg [14/06/2010 - 13:45:32 | SHD ] D:\System Volume Information [18/11/2012 - 18:46:44 | D ] D:\Temp [15/11/2011 - 20:26:12 | N | 359455] D:\ts3_language_hu_rc1.exe [30/07/2011 - 16:30:48 | N | 639352] D:\utorrent.exe [19/11/2011 - 23:27:19 | N | 489562] D:\V002.WAV [07/11/2007 - 07:00:40 | N | 5686] D:\vcredist.bmp [07/11/2007 - 08:09:22 | N | 1442522] D:\VC_RED.cab [07/11/2007 - 08:12:28 | N | 232960] D:\VC_RED.MSI [01/10/2012 - 20:00:14 | N | 116003] D:\X-Faktor_2012_-_A_t_bor_2_12-09-30_N_zd_jra_az_RTL_Most-on.mp4 [16/11/2012 - 21:47:14 | D ] D:\zene [19/11/2011 - 23:25:11 | N | 69201] D:\zongora.jpg [23/11/2012 - 01:02:31 | D ] D:\Új mappa [13/11/2012 - 16:03:28 | N | 2392097] G:\Windows 8 Activator.rar [02/11/2012 - 11:03:14 | N | 4953237] G:\02 - The Hospital Room.mp3 [20/11/2012 - 19:37:46 | N | 127488] G:\angol.doc [25/11/2012 - 15:14:52 | N | 91136] G:\alapvizsga dolgozat.doc [30/09/2012 - 15:29:42 | N | 119480320] G:\Ballance.iso [22/09/2012 - 15:08:00 | N | 292184] G:\dxwebsetup0411.exe [24/05/2011 - 12:36:16 | N | 1012224] G:\legációs levél pünkösd G..doc [25/11/2012 - 09:59:28 | N | 22528] G:\Ő felemel.doc [13/11/2012 - 15:57:22 | N | 29299376] G:\SkypeSetupFull.exe [27/11/2012 - 20:10:42 | N | 4096] G:\._.Trashes [27/11/2012 - 20:10:42 | D ] G:\.Trashes [27/11/2012 - 20:10:42 | D ] G:\.fseventsd [27/11/2012 - 20:10:42 | D ] G:\.Spotlight-V100 [28/11/2012 - 17:13:32 | N | 133] G:\recycler.bat [28/11/2012 - 17:21:42 | D ] G:\Autorun.inf ################## | Vaccin | C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) ################## | Upload | Please send the file: C:\UsbFix_Upload_Me_PROXIMUS.zip http://eldesaparecido.com/upload.php Thank you for your contribution. ################## | E.O.F | |
Szerző: | stell [ pén. nov. 30, 2012 8:38 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Igen, mert nem ugy csinalod ahogy irom, az USBFIXEL DELETE kellet , mer a FOUND azt jelenti hogy nem DELETE volt bekapcsolva, hanem csak scan. Idézet: ################## | Files # Infected Folders | Found ! G:\Biztonsági mentés.lnk Found ! G:\swtor.lnk Found ! G:\progik.lnk Found ! G:\láthatatlan színház.lnk Found ! G:\papír.lnk Found ! G:\képek.lnk Found ! G:\kép.lnk Found ! G:\Dokumentumok.lnk Found ! G:\alapvizsga.lnk z MBANR antirootkit programot. http://www.bleepingcomputer.com/downloa ... i-rootkit/ Letolteni, futtatni, frissiteni, scan es az scan utan, CLEANUP, a naplojat tedd ide. |
Szerző: | tigerpapo [ csüt. nov. 29, 2012 21:56 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
A pendrive-on továbbra is ott vannak a vírusok, nem tudom a gépen ott van e még... |
Szerző: | tigerpapo [ csüt. nov. 29, 2012 17:02 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Adatbázis verzió: v2012.11.29.08 Windows 7 x86 NTFS (Csökkentett üzemmód/Hálózat) Internet Explorer 9.10.9200.16433 Tigerpapó :: PROXIMUS [rendszergazda] 2012.11.29. 16:37:11 mbam-log-2012-11-29 (16-42-03).txt Vizsgálat típusa: Gyorsvizsgálat Engedélyezett vizsgálati beállítások: Memória | Indítópult | Rendszerleíró | Rendszerfájlok | Heurisztikus/Extra | Heurisztikus/Shuriken | PUP | PUM Letiltott vizsgálati beállítások: P2P Átvizsgált objektumok: 189880 Eltelt idő: 4 perc, 9 másodperc Fertőzött memóriafolyamatok: 0 (Nem találhatók rosszindulatú elemek) Fertőzött memória modulok: 0 (Nem találhatók rosszindulatú elemek) Fertőzött Rendszerleíró kulcsok: 0 (Nem találhatók rosszindulatú elemek) Fertőzött Rendszerleíró értékek: 0 (Nem találhatók rosszindulatú elemek) Fertőzött Rendszerleíró adatelemek: 0 (Nem találhatók rosszindulatú elemek) Fertőzött mappák: 0 (Nem találhatók rosszindulatú elemek) Fertőzött fájlok: 2 C:\Users\Tigerpapó\Local Settings\Temporary Internet Files\Content.IE5\Z5XU92NR\50a35a26f0dfc[1].exe (Trojan.Agent) -> Nem történt semmi. C:\Users\Tigerpapó\Local Settings\Temporary Internet Files\Content.IE5\Z5XU92NR\agent_setup[1].exe (Affiliate.Downloader) -> Nem történt semmi. (befejezés) |
Szerző: | tigerpapo [ csüt. nov. 29, 2012 16:58 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Oké. Megcsináltam. A Malwarebytes talált két trójait a c-n. Töröltem ############################## | UsbFix V 7.100 | [Research] User: Tigerpapó (Administrator) # PROXIMUS Updated 11/11/2012 by El Desaparecido Started at 16:29:43 | 29/11/2012 Website: http://sosvirus.org Contact: contact@eldesaparecido.com PC: Hewlett-Packard (HP Compaq nx6325 (EY351EA#ACQ)) (X86-based PC CPU: Mobile AMD Sempron(tm) Processor 3500+ (1796) RAM -> [Total : 1407 | Free : 915] BIOS: EPP runtime BIOS - Version 1.1 BOOT: Fail-safe with network boot OS: Microsoft Windows 8 Pro (6.2.9200 32-Bit) # WB: Windows Internet Explorer 9.10.9200.16433 SC: Security Center Service [Enabled] WU: Windows Update Service [(!) Disabled] AV: AVG Anti-Virus Free Edition 2013 [Enabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Fixed drive # 19 Gb (445 Mb free - 2%) [] # NTFS D:\ -> Fixed drive # 55 Gb (7 Mb free - 12%) [cuccos] # NTFS E:\ -> CD-ROM F:\ -> CD-ROM G:\ -> Removable drive # 4 Gb (4 Mb free - 96%) [] # FAT32 ################## | Active Processes | C:\Windows\system32\csrss.exe (400) C:\Windows\system32\csrss.exe (444) C:\Windows\system32\winlogon.exe (472) C:\Windows\system32\wininit.exe (480) C:\Windows\system32\services.exe (516) C:\Windows\system32\lsass.exe (528) C:\Windows\system32\svchost.exe (620) C:\Windows\system32\svchost.exe (672) C:\Windows\system32\dwm.exe (740) C:\Windows\System32\svchost.exe (844) C:\Windows\system32\svchost.exe (880) C:\Windows\system32\svchost.exe (904) C:\Windows\system32\svchost.exe (936) C:\Windows\system32\svchost.exe (960) C:\Windows\system32\svchost.exe (1120) C:\Windows\Explorer.EXE (1384) C:\Windows\system32\ctfmon.exe (1408) C:\Windows\system32\DllHost.exe (1592) C:\Windows\system32\NOTEPAD.EXE (1176) C:\UsbFix\Go.exe (1604) C:\Windows\system32\wbem\wmiprvse.exe (1216) ################## | Files # Infected Folders | Found ! G:\Biztonsági mentés.lnk Found ! G:\swtor.lnk Found ! G:\progik.lnk Found ! G:\láthatatlan színház.lnk Found ! G:\papír.lnk Found ! G:\képek.lnk Found ! G:\kép.lnk Found ! G:\Dokumentumok.lnk Found ! G:\alapvizsga.lnk ################## | Registry | ################## | Mountpoints2 | ################## | Vaccin | C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) ################## | E.O.F | |
Szerző: | stell [ szer. nov. 28, 2012 17:48 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Ahogy lattom Win8, van a gepen, na meglassuk milyen program megy majd. Most csináld meg eztet. Az AVG karantenjabbol, tedd vissza a fajlokat, tehat kapcsold ki az AVG programot, nyisd ki az avg karantenjat es tedd vissza a fajlokat. Restart csokkentet modba a hálózattal, >>az RECYCLER.bat fajlot, amitt csinaltal, másold ra az C:\ D:\ G:\ meghajtóra is. 1:Csökkentet módban futtasd le mindenűt.RECYCLER.bat fajlot 2:Csökkentet módban futtasd le UJBOL AZ USBFIX programot, a naplojat tedd idde. 3:Csökkentet módban futtasd le az MALWAREBYTES programot, a talaltakat torolni, a naplojat tedd idde. http://www.viruskasino.com/2011/03/navo ... bytes.html 4:Restart a Windowsba es ird meg mi van. |
Szerző: | tigerpapo [ szer. nov. 28, 2012 17:39 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
sajnos nem |
Szerző: | stell [ szer. nov. 28, 2012 17:26 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Akkor most mi a helyzet?? latod a fajloidat az pendriven?? |
Szerző: | tigerpapo [ szer. nov. 28, 2012 17:22 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
############################## | UsbFix V 7.100 | [Deletion] User: Tigerpapó (Administrator) # PROXIMUS Updated 11/11/2012 by El Desaparecido Started at 17:18:02 | 28/11/2012 Website: http://sosvirus.org Contact: contact@eldesaparecido.com PC: Hewlett-Packard (HP Compaq nx6325 (EY351EA#ACQ)) (X86-based PC CPU: Mobile AMD Sempron(tm) Processor 3500+ (1800) RAM -> [Total : 1407 | Free : 892] BIOS: EPP runtime BIOS - Version 1.1 BOOT: Normal boot OS: Microsoft Windows 8 Pro (6.2.9200 32-Bit) # WB: Windows Internet Explorer 9.10.9200.16433 SC: Security Center Service [Enabled] WU: Windows Update Service [(!) Disabled] AV: AVG Anti-Virus Free Edition 2013 [(!) Disabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Fixed drive # 19 Gb (889 Mb free - 4%) [] # NTFS D:\ -> Fixed drive # 55 Gb (7 Mb free - 12%) [cuccos] # NTFS E:\ -> CD-ROM F:\ -> CD-ROM G:\ -> Removable drive # 4 Gb (4 Mb free - 96%) [] # FAT32 ################## | Active Processes | C:\Windows\system32\csrss.exe (628) C:\Windows\system32\wininit.exe (712) C:\Windows\system32\csrss.exe (724) C:\Windows\system32\winlogon.exe (780) C:\Windows\system32\services.exe (792) C:\Windows\system32\lsass.exe (800) C:\Windows\system32\svchost.exe (900) C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe (940) C:\Windows\system32\svchost.exe (984) C:\Windows\system32\Ati2evxx.exe (1056) C:\Windows\system32\dwm.exe (1124) C:\Windows\System32\svchost.exe (1152) C:\Windows\system32\svchost.exe (1224) C:\Windows\system32\svchost.exe (1272) C:\Windows\System32\svchost.exe (1332) C:\Windows\system32\svchost.exe (1496) C:\Windows\System32\spoolsv.exe (1692) C:\Windows\system32\svchost.exe (1744) C:\Windows\system32\svchost.exe (1772) C:\Windows\system32\AEADISRV.EXE (1952) C:\Program Files\AVG\AVG2013\avgwdsvc.exe (2008) C:\Windows\system32\Ati2evxx.exe (980) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (1408) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe (888) C:\Windows\system32\msiexec.exe (2488) C:\Windows\system32\taskhostex.exe (2572) C:\Program Files\ASCOMP Software\BackUp Maker\bkmaker.exe (2580) C:\Program Files\AuthenTec TrueSuite\TouchControl.exe (2676) C:\Windows\Explorer.EXE (2832) C:\Windows\system32\wbem\wmiprvse.exe (3436) C:\Windows\system32\wbem\unsecapp.exe (3536) C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe (3604) C:\Windows\system32\svchost.exe (3720) C:\Windows\system32\SearchIndexer.exe (3820) C:\Windows\system32\StikyNot.exe (3836) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\LiveComm.exe (3896) C:\Program Files\TeamViewer\Version8\TeamViewer.exe (3936) C:\Program Files\TeamViewer\Version8\tv_w32.exe (2848) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (804) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (3240) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (3272) C:\Program Files\Analog Devices\Core\smax4pnp.exe (3564) C:\Program Files\AVG\AVG2013\avgui.exe (2552) C:\Program Files\Skype\Phone\Skype.exe (3020) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (3336) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (2792) C:\Program Files\DAEMON Tools Lite\DTLite.exe (4236) C:\Program Files\Optimizer Pro\OptProSmartScan.exe (4284) C:\Program Files\Optimizer Pro\OptProReminder.exe (4296) C:\Windows\System32\RuntimeBroker.exe (4532) C:\Windows\System32\WUDFHost.exe (4280) C:\Windows\system32\wbem\wmiprvse.exe (2228) C:\UsbFix\Go.exe (5236) C:\Program Files\AVG\AVG2013\avgcfgex.exe (1428) ################## | Stopped processes | Stopped! C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe (940) Stopped! C:\Windows\system32\Ati2evxx.exe (1056) Stopped! C:\Windows\System32\spoolsv.exe (1692) Stopped! C:\Windows\system32\AEADISRV.EXE (1952) Stopped! C:\Program Files\AVG\AVG2013\avgwdsvc.exe (2008) Stopped! C:\Windows\system32\Ati2evxx.exe (980) Stopped! C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (1408) Stopped! C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe (888) Stopped! C:\Windows\system32\msiexec.exe (2488) Stopped! C:\Windows\system32\taskhostex.exe (2572) Stopped! C:\Program Files\ASCOMP Software\BackUp Maker\bkmaker.exe (2580) Stopped! C:\Program Files\AuthenTec TrueSuite\TouchControl.exe (2676) Stopped! C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe (3604) Stopped! C:\Windows\system32\SearchIndexer.exe (3820) Stopped! C:\Windows\system32\StikyNot.exe (3836) Stopped! C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\LiveComm.exe (3896) Stopped! C:\Program Files\TeamViewer\Version8\TeamViewer.exe (3936) Stopped! C:\Program Files\TeamViewer\Version8\tv_w32.exe (2848) Stopped! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (804) Stopped! C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (3240) Stopped! C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (3272) Stopped! C:\Program Files\Analog Devices\Core\smax4pnp.exe (3564) Stopped! C:\Program Files\AVG\AVG2013\avgui.exe (2552) Stopped! C:\Program Files\Skype\Phone\Skype.exe (3020) Stopped! C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (3336) Stopped! C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (2792) Stopped! C:\Program Files\DAEMON Tools Lite\DTLite.exe (4236) Stopped! C:\Program Files\Optimizer Pro\OptProSmartScan.exe (4284) Stopped! C:\Program Files\Optimizer Pro\OptProReminder.exe (4296) Stopped! C:\Windows\System32\RuntimeBroker.exe (4532) Stopped! C:\Windows\System32\WUDFHost.exe (4280) Stopped! C:\Program Files\AVG\AVG2013\avgcfgex.exe (1428) ################## | Files # Infected Folders | Deleted ! C:\$RECYCLE.BIN\S-1-5-21-355688055-3770966632-2808113590-1001 Deleted ! D:\$RECYCLE.BIN\S-1-5-21-355688055-3770966632-2808113590-1001 (!) Temporary files deleted. ################## | Registry | ################## | Mountpoints2 | ################## | Listing | [25/11/2012 - 20:35:42 | D ] C:\$AVG [28/11/2012 - 17:20:16 | SHD ] C:\$Recycle.Bin [28/11/2012 - 14:58:02 | N | 2899] C:\AdwCleaner[S1].txt [13/11/2012 - 21:45:51 | D ] C:\ATI [26/07/2012 - 07:52:25 | N | 24] C:\autoexec.bat [28/11/2012 - 15:24:40 | RASHD ] C:\Autorun.inf [26/07/2012 - 04:44:30 | RASH | 398156] C:\bootmgr [02/06/2012 - 15:30:55 | N | 1] C:\BOOTNXT [26/07/2012 - 07:52:25 | N | 10] C:\config.sys [26/07/2012 - 07:04:44 | SHD ] C:\Documents and Settings [28/11/2012 - 16:59:47 | ASH | 1180631040] C:\hiberfil.sys [21/11/2012 - 22:12:46 | D ] C:\MRVSZ2000 [14/11/2012 - 09:21:38 | RHD ] C:\MSOCache [26/07/2012 - 07:29:57 | D ] C:\PerfLogs [28/11/2012 - 16:13:12 | D ] C:\Program Files [28/11/2012 - 15:01:52 | HD ] C:\ProgramData [27/11/2012 - 17:25:06 | D ] C:\rsit [28/11/2012 - 16:59:48 | ASH | 268435456] C:\swapfile.sys [28/11/2012 - 15:23:14 | SHD ] C:\System Volume Information [28/11/2012 - 17:20:18 | D ] C:\UsbFix [28/11/2012 - 17:18:12 | A | 7230] C:\UsbFix.txt [28/11/2012 - 15:24:40 | N | 4945] C:\UsbFix_Upload_Me_PROXIMUS.zip [13/11/2012 - 20:48:08 | D ] C:\Users [28/11/2012 - 15:43:06 | D ] C:\Windows [28/11/2012 - 17:20:16 | SHD ] D:\$RECYCLE.BIN [26/03/2012 - 19:51:06 | D ] D:\+++HOSANNA+++ [11/01/2012 - 15:21:46 | N | 29379186] D:\02_Williams Star Wars Episode 2 - Across The Stars (Love Theme)_John Williams London Symphony Orchestra.flac [18/11/2011 - 22:30:32 | N | 51536] D:\297427_2095012702351_1456323154_31751744_1918570440_n.jpg [07/11/2012 - 20:35:03 | D ] D:\Adobe Audition 3.0 [28/11/2012 - 15:24:40 | RASHD ] D:\Autorun.inf [26/04/2012 - 15:22:32 | D ] D:\b7f3d35899436f9bc3b0b3ea10d68ed5 [15/11/2011 - 12:45:01 | N | 858206] D:\CA_20091127_Alderaan01_full.jpg [31/05/2012 - 17:03:41 | N | 3782822] D:\ConvertHelperSetup.failed-conv-1.exe [31/05/2012 - 16:58:27 | N | 3782822] D:\ConvertHelperSetup.failed-conv.exe [23/11/2012 - 10:23:01 | D ] D:\dokumentumok [23/10/2011 - 21:04:40 | N | 44461] D:\DSCF0037.JPG [23/10/2011 - 21:04:55 | N | 21686] D:\DSCF0038.JPG [23/10/2011 - 20:56:09 | N | 110139] D:\DSC_0545.JPG [23/10/2011 - 20:55:13 | N | 101421] D:\DSC_0546.JPG [23/10/2011 - 20:54:57 | N | 104785] D:\DSC_0548.JPG [23/10/2011 - 20:52:54 | N | 85856] D:\DSC_0605.JPG [14/09/2012 - 20:02:46 | N | 168257821] D:\DUMP499b.tmp [06/06/2011 - 19:53:40 | N | 177055981] D:\DUMP4c6a.tmp [31/05/2012 - 17:13:24 | N | 13116454] D:\Eur_pa_ezer_ves_t_rt_nelme.mp4 [31/05/2012 - 17:24:59 | N | 134864810] D:\Eur_pa_t_rk_pe_1000-t_l.mp4 [26/01/2012 - 19:50:47 | N | 131585] D:\f378.doc [16/09/2012 - 20:15:16 | D ] D:\filmek [07/11/2007 - 07:00:40 | N | 1110] D:\globdata.ini [15/04/2010 - 22:26:31 | N | 268856] D:\Gáááábor_2010_04_15_@23_23_18.wav [08/05/2012 - 20:59:11 | N | 1187774620] D:\haegemonia.nrg [07/03/2011 - 21:37:20 | N | 586605] D:\hajnali fény.ses [06/03/2012 - 20:28:44 | D ] D:\honlap [07/03/2011 - 21:01:40 | N | 586605] D:\hosanna.ses [28/03/2012 - 19:58:01 | N | 59724] D:\húsvéti kert.jpg [18/05/2011 - 18:12:09 | N | 399703584] D:\Image.bin [18/05/2011 - 18:12:10 | N | 681] D:\Image.cue [07/11/2007 - 08:03:18 | N | 562688] D:\install.exe [07/11/2007 - 08:00:40 | N | 843] D:\install.ini [07/11/2007 - 08:03:18 | N | 76304] D:\install.res.1028.dll [07/11/2007 - 08:03:18 | N | 96272] D:\install.res.1031.dll [07/11/2007 - 08:03:18 | N | 91152] D:\install.res.1033.dll [07/11/2007 - 08:03:18 | N | 97296] D:\install.res.1036.dll [07/11/2007 - 08:03:18 | N | 95248] D:\install.res.1040.dll [07/11/2007 - 08:03:18 | N | 81424] D:\install.res.1041.dll [07/11/2007 - 08:03:18 | N | 79888] D:\install.res.1042.dll [07/11/2007 - 08:03:18 | N | 75792] D:\install.res.2052.dll [07/11/2007 - 08:03:18 | N | 96272] D:\install.res.3082.dll [20/11/2011 - 20:56:53 | N | 407459] D:\jedi consular - sage.jpg [13/11/2012 - 20:21:33 | N | 24064] D:\jegyzettömb.doc [11/11/2012 - 23:12:57 | D ] D:\képek [15/11/2011 - 12:32:42 | N | 48624] D:\lightsaber-duel.jpg [22/11/2012 - 20:45:56 | D ] D:\láthatatlan színház [03/01/2012 - 23:01:50 | D ] D:\msdownld.tmp [12/06/2009 - 21:44:45 | RHD ] D:\MSOCache [19/11/2012 - 23:15:10 | D ] D:\origami [28/11/2012 - 16:59:48 | ASH | 603979776] D:\pagefile.sys [26/01/2012 - 23:42:53 | N | 1523328] D:\pkrinstall.exe [25/11/2012 - 20:55:26 | D ] D:\progik [16/11/2012 - 00:09:19 | D ] D:\Program Files [23/08/2012 - 12:58:37 | D ] D:\ProgramData [29/10/2009 - 16:43:44 | N | 13644620] D:\Pucsok Pál elöadása.mp3 [20/11/2011 - 21:26:15 | N | 186553] D:\seer tábla másolata.jpg [20/11/2011 - 21:26:06 | N | 1150659] D:\seer tábla.psd [20/11/2011 - 21:27:40 | N | 20523] D:\seer1 - Wisdom.jpg [22/11/2011 - 22:56:30 | N | 2303832] D:\setup.exe [19/11/2011 - 11:37:49 | N | 6370504] D:\setupscreenhunterfree.exe [29/03/2012 - 20:38:10 | D ] D:\SISSigner [05/06/2008 - 13:42:42 | N | 88016] D:\SouthPark57.jpg [04/10/2011 - 22:05:46 | N | 406603520] D:\srta kamara.nrg [24/10/2011 - 19:47:18 | N | 4228241] D:\Star-Wars---Knights-of-the-Old-Republic-(English)-Cover-2324-92.jpg [24/10/2011 - 19:40:07 | N | 265135] D:\sw kotor.jpg [17/12/2009 - 00:19:28 | N | 0] D:\SW.UNL [15/11/2011 - 12:49:12 | N | 838921] D:\SWTOR címer.jpg [15/11/2011 - 13:35:15 | N | 6937015] D:\swtor delta guild.jpg [15/11/2011 - 12:36:25 | N | 36829] D:\Swtor-guild.jpg [08/11/2011 - 12:29:17 | N | 832879] D:\swtor.jpg [14/06/2010 - 13:45:32 | SHD ] D:\System Volume Information [18/11/2012 - 18:46:44 | D ] D:\Temp [15/11/2011 - 20:26:12 | N | 359455] D:\ts3_language_hu_rc1.exe [30/07/2011 - 16:30:48 | N | 639352] D:\utorrent.exe [19/11/2011 - 23:27:19 | N | 489562] D:\V002.WAV [07/11/2007 - 07:00:40 | N | 5686] D:\vcredist.bmp [07/11/2007 - 08:09:22 | N | 1442522] D:\VC_RED.cab [07/11/2007 - 08:12:28 | N | 232960] D:\VC_RED.MSI [01/10/2012 - 20:00:14 | N | 116003] D:\X-Faktor_2012_-_A_t_bor_2_12-09-30_N_zd_jra_az_RTL_Most-on.mp4 [16/11/2012 - 21:47:14 | D ] D:\zene [19/11/2011 - 23:25:11 | N | 69201] D:\zongora.jpg [23/11/2012 - 01:02:31 | D ] D:\Új mappa [13/11/2012 - 16:03:28 | N | 2392097] G:\Windows 8 Activator.rar [02/11/2012 - 11:03:14 | N | 4953237] G:\02 - The Hospital Room.mp3 [20/11/2012 - 19:37:46 | N | 127488] G:\angol.doc [25/11/2012 - 15:14:52 | N | 91136] G:\alapvizsga dolgozat.doc [30/09/2012 - 15:29:42 | N | 119480320] G:\Ballance.iso [22/09/2012 - 15:08:00 | N | 292184] G:\dxwebsetup0411.exe [24/05/2011 - 12:36:16 | N | 1012224] G:\legációs levél pünkösd G..doc [25/11/2012 - 09:59:28 | N | 22528] G:\Ő felemel.doc [13/11/2012 - 15:57:22 | N | 29299376] G:\SkypeSetupFull.exe [26/11/2012 - 12:02:58 | HD ] G:\RECYCLER [27/11/2012 - 20:10:42 | N | 4096] G:\._.Trashes [27/11/2012 - 20:10:42 | HD ] G:\.Trashes [27/11/2012 - 20:10:42 | D ] G:\.fseventsd [27/11/2012 - 20:10:42 | D ] G:\.Spotlight-V100 [28/11/2012 - 15:24:42 | RASHD ] G:\Autorun.inf [28/11/2012 - 16:21:52 | D ] G:\Biztonsági mentés [28/11/2012 - 17:13:32 | N | 133] G:\recycler.bat ################## | Vaccin | C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) ################## | Upload | Please send the file: C:\UsbFix_Upload_Me_PROXIMUS.zip http://eldesaparecido.com/upload.php Thank you for your contribution. ################## | E.O.F | |
Szerző: | stell [ szer. nov. 28, 2012 16:50 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
igen azzok ha mind .ink>>kel vegzodnek akkor ez virus hagyd ott, akkor most csinald meg eztet. Nyisd ki a Notepad, igy. start, futtatsba ird ne Notepad, es masold be ezt a textet a notepadba. Kód: @ECHO OFF ECHO (www.viruskasino.com) REM script created by: www.viruskasino.com attrib -s -h -r -a /s /d rd /s /q recycler PAUSE mentsd le az G:\ pendrivre mint minden fajlo. a neve legyen recycler.bat aztan jobb klik az recycler.bat fajlora, es futtasd mint rendszergazda, mikkor lefuut nyomj be akarmilyen bilentyut, es utana ujbol futtasd le az USBFIX programot, a naplojat tedd idde. |
Szerző: | tigerpapo [ szer. nov. 28, 2012 16:42 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
vegyes, mindenféle, jpg, doc, pdf, exe és az a lényeg, hogy a mappákra azt írja ki a karanténban megjelenő listában, hogy pl.: képek.lnk |
Szerző: | stell [ szer. nov. 28, 2012 16:00 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Itt arrol van szo, hogy az AVG a legrosszabb virusvedelem, ha karanténba rakta, akkor tudnom kell hogy milyen fajlokrol van szo, mert a Dorkbot nem fertoz meg fajlokat, es mar az USBFIX kiirtotta. |
Szerző: | tigerpapo [ szer. nov. 28, 2012 15:48 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Hát nincsenek újra ott az usb-n a fájljaim, amik megfertőződtek, viszont megtaláltam őket, az avg karanténjában. mit csináljak velük? |
Szerző: | stell [ szer. nov. 28, 2012 15:46 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Idézet: megcsináltam, viszont nincs eredmény az usb-n. Ezt nem értem, milyen eredmény?? |
Szerző: | tigerpapo [ szer. nov. 28, 2012 15:37 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
megcsináltam, viszont nincs eredmény az usb-n. egyébként majdnem mindent letörölt az avg mikor észlelte a vírust a napokban és karanténba tette. most néztem és a karantén üres. |
Szerző: | tigerpapo [ szer. nov. 28, 2012 15:30 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
############################## | UsbFix V 7.100 | [Deletion] User: Tigerpapó (Administrator) # PROXIMUS Updated 11/11/2012 by El Desaparecido Started at 15:12:50 | 28/11/2012 Website: http://sosvirus.org Contact: contact@eldesaparecido.com PC: Hewlett-Packard (HP Compaq nx6325 (EY351EA#ACQ)) (X86-based PC CPU: Mobile AMD Sempron(tm) Processor 3500+ (1800) RAM -> [Total : 1407 | Free : 817] BIOS: EPP runtime BIOS - Version 1.1 BOOT: Normal boot OS: Microsoft Windows 8 Pro (6.2.9200 32-Bit) # WB: Windows Internet Explorer 9.10.9200.16433 SC: Security Center Service [Enabled] WU: Windows Update Service [(!) Disabled] AV: AVG Anti-Virus Free Edition 2013 [(!) Disabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Fixed drive # 19 Gb (4 Mb free - 22%) [] # NTFS D:\ -> Fixed drive # 55 Gb (1 Mb free - 2%) [cuccos] # NTFS E:\ -> CD-ROM F:\ -> CD-ROM G:\ -> Removable drive # 4 Gb (4 Mb free - 96%) [] # FAT32 ################## | Active Processes | C:\Windows\system32\csrss.exe (672) C:\Windows\system32\wininit.exe (756) C:\Windows\system32\csrss.exe (764) C:\Windows\system32\winlogon.exe (808) C:\Windows\system32\services.exe (852) C:\Windows\system32\lsass.exe (860) C:\Windows\system32\svchost.exe (936) C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe (972) C:\Windows\system32\svchost.exe (1016) C:\Windows\system32\Ati2evxx.exe (1100) C:\Windows\system32\dwm.exe (1152) C:\Windows\System32\svchost.exe (1180) C:\Windows\system32\svchost.exe (1240) C:\Windows\system32\svchost.exe (1300) C:\Windows\System32\svchost.exe (1372) C:\Windows\system32\svchost.exe (1548) C:\Windows\System32\spoolsv.exe (1704) C:\Windows\system32\svchost.exe (1796) C:\Windows\system32\svchost.exe (1812) C:\Windows\system32\AEADISRV.EXE (2004) C:\Program Files\AVG\AVG2013\avgidsagent.exe (2020) C:\Program Files\AVG\AVG2013\avgwdsvc.exe (396) C:\Windows\system32\Ati2evxx.exe (668) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (2032) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe (2072) C:\Windows\system32\taskhostex.exe (2544) C:\Program Files\AuthenTec TrueSuite\TouchControl.exe (2552) C:\Windows\Explorer.EXE (2672) C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe (3340) C:\Windows\system32\wbem\wmiprvse.exe (3572) C:\Windows\System32\WUDFHost.exe (3688) C:\Windows\system32\wbem\unsecapp.exe (3780) C:\Program Files\TeamViewer\Version8\TeamViewer.exe (4040) C:\Windows\system32\svchost.exe (2736) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\LiveComm.exe (3428) C:\Windows\system32\SearchIndexer.exe (3308) C:\Program Files\TeamViewer\Version8\tv_w32.exe (1460) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (4400) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (4416) C:\Program Files\Analog Devices\Core\smax4pnp.exe (4440) C:\Program Files\AVG\AVG2013\avgui.exe (4464) C:\Program Files\Skype\Phone\Skype.exe (4476) C:\Program Files\DAEMON Tools Lite\DTLite.exe (4552) C:\Program Files\Optimizer Pro\OptProSmartScan.exe (4568) C:\Program Files\Optimizer Pro\OptProReminder.exe (4616) C:\Windows\System32\StikyNot.exe (4624) C:\Windows\system32\NOTEPAD.EXE (4692) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (4740) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (4784) C:\Windows\System32\RuntimeBroker.exe (4848) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (4884) C:\Windows\system32\wwahost.exe (6032) C:\UsbFix\Go.exe (2908) C:\Windows\system32\wbem\wmiprvse.exe (5400) C:\Windows\system32\taskeng.exe (5336) C:\Windows\system32\SearchProtocolHost.exe (5652) C:\Windows\system32\SearchFilterHost.exe (5716) C:\Program Files\AVG\AVG2013\avgcfgex.exe (3008) C:\Windows\servicing\TrustedInstaller.exe (5248) C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_060a6d2998b13f25\TiWorker.exe (4944) ################## | Stopped processes | Stopped! C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe (972) Stopped! C:\Windows\system32\Ati2evxx.exe (1100) Stopped! C:\Windows\System32\spoolsv.exe (1704) Stopped! C:\Windows\system32\AEADISRV.EXE (2004) Stopped! C:\Program Files\AVG\AVG2013\avgidsagent.exe (2020) Stopped! C:\Program Files\AVG\AVG2013\avgwdsvc.exe (396) Stopped! C:\Windows\system32\Ati2evxx.exe (668) Stopped! C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (2032) Stopped! C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe (2072) Stopped! C:\Windows\system32\taskhostex.exe (2544) Stopped! C:\Program Files\AuthenTec TrueSuite\TouchControl.exe (2552) Stopped! C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe (3340) Stopped! C:\Windows\System32\WUDFHost.exe (3688) Stopped! C:\Program Files\TeamViewer\Version8\TeamViewer.exe (4040) Stopped! C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\LiveComm.exe (3428) Stopped! C:\Windows\system32\SearchIndexer.exe (3308) Stopped! C:\Program Files\TeamViewer\Version8\tv_w32.exe (1460) Stopped! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (4400) Stopped! C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (4416) Stopped! C:\Program Files\Analog Devices\Core\smax4pnp.exe (4440) Stopped! C:\Program Files\AVG\AVG2013\avgui.exe (4464) Stopped! C:\Program Files\Skype\Phone\Skype.exe (4476) Stopped! C:\Program Files\DAEMON Tools Lite\DTLite.exe (4552) Stopped! C:\Program Files\Optimizer Pro\OptProSmartScan.exe (4568) Stopped! C:\Program Files\Optimizer Pro\OptProReminder.exe (4616) Stopped! C:\Windows\System32\StikyNot.exe (4624) Stopped! C:\Windows\system32\NOTEPAD.EXE (4692) Stopped! C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (4740) Stopped! C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (4784) Stopped! C:\Windows\System32\RuntimeBroker.exe (4848) Stopped! C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (4884) Stopped! C:\Windows\system32\wwahost.exe (6032) Stopped! C:\Windows\system32\taskeng.exe (5336) Stopped! C:\Windows\system32\SearchProtocolHost.exe (5652) Stopped! C:\Windows\system32\SearchFilterHost.exe (5716) Stopped! C:\Windows\servicing\TrustedInstaller.exe (5248) Stopped! C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_060a6d2998b13f25\TiWorker.exe (4944) ################## | Files # Infected Folders | Deleted ! C:\Windows\Temp\RegistryOptimizer.exe Deleted ! G:\Recycler\e621ca05.exe Deleted ! C:\$RECYCLE.BIN\S-1-5-18 Deleted ! C:\$RECYCLE.BIN\S-1-5-21-355688055-3770966632-2808113590-1001 Deleted ! D:\$RECYCLE.BIN\S-1-5-20 Deleted ! D:\$RECYCLE.BIN\S-1-5-21-1140162646-222089804-3457987806-1000 Deleted ! D:\$RECYCLE.BIN\S-1-5-21-1410382060-2380230022-1634953292-1000 Deleted ! D:\$RECYCLE.BIN\S-1-5-21-2858471002-2609389179-2029141036-1000 Deleted ! D:\$RECYCLE.BIN\S-1-5-21-2975082389-2792803069-240635912-1000 Deleted ! D:\$RECYCLE.BIN\S-1-5-21-355688055-3770966632-2808113590-1001 Deleted ! D:\$RECYCLE.BIN\S-1-5-21-4237614357-1215398741-138512928-1000 Deleted ! G:\Recycler\desktop.ini (!) Temporary files deleted. ################## | Registry | ################## | Mountpoints2 | ################## | Listing | [25/11/2012 - 20:35:42 | D ] C:\$AVG [28/11/2012 - 15:16:05 | SHD ] C:\$Recycle.Bin [28/11/2012 - 14:58:02 | N | 2899] C:\AdwCleaner[S1].txt [13/11/2012 - 21:45:51 | D ] C:\ATI [26/07/2012 - 07:52:25 | N | 24] C:\autoexec.bat [26/07/2012 - 04:44:30 | RASH | 398156] C:\bootmgr [02/06/2012 - 15:30:55 | N | 1] C:\BOOTNXT [26/07/2012 - 07:52:25 | N | 10] C:\config.sys [26/07/2012 - 07:04:44 | SHD ] C:\Documents and Settings [28/11/2012 - 15:00:36 | ASH | 1180631040] C:\hiberfil.sys [21/11/2012 - 22:12:46 | D ] C:\MRVSZ2000 [14/11/2012 - 09:21:38 | RHD ] C:\MSOCache [28/11/2012 - 15:00:36 | ASH | 603979776] C:\pagefile.sys [26/07/2012 - 07:29:57 | D ] C:\PerfLogs [28/11/2012 - 14:57:57 | D ] C:\Program Files [28/11/2012 - 15:01:52 | HD ] C:\ProgramData [27/11/2012 - 17:25:06 | D ] C:\rsit [28/11/2012 - 15:00:37 | ASH | 268435456] C:\swapfile.sys [28/11/2012 - 15:23:14 | SHD ] C:\System Volume Information [28/11/2012 - 15:23:08 | D ] C:\UsbFix [28/11/2012 - 15:13:01 | A | 8489] C:\UsbFix.txt [13/11/2012 - 20:48:08 | D ] C:\Users [28/11/2012 - 15:01:55 | D ] C:\Windows [28/11/2012 - 15:22:48 | SHD ] D:\$RECYCLE.BIN [26/03/2012 - 19:51:06 | D ] D:\+++HOSANNA+++ [11/01/2012 - 15:21:46 | N | 29379186] D:\02_Williams Star Wars Episode 2 - Across The Stars (Love Theme)_John Williams London Symphony Orchestra.flac [18/11/2011 - 22:30:32 | N | 51536] D:\297427_2095012702351_1456323154_31751744_1918570440_n.jpg [07/11/2012 - 20:35:03 | D ] D:\Adobe Audition 3.0 [26/04/2012 - 15:22:32 | D ] D:\b7f3d35899436f9bc3b0b3ea10d68ed5 [15/11/2011 - 12:45:01 | N | 858206] D:\CA_20091127_Alderaan01_full.jpg [31/05/2012 - 17:03:41 | N | 3782822] D:\ConvertHelperSetup.failed-conv-1.exe [31/05/2012 - 16:58:27 | N | 3782822] D:\ConvertHelperSetup.failed-conv.exe [23/11/2012 - 10:23:01 | D ] D:\dokumentumok [23/10/2011 - 21:04:40 | N | 44461] D:\DSCF0037.JPG [23/10/2011 - 21:04:55 | N | 21686] D:\DSCF0038.JPG [23/10/2011 - 20:56:09 | N | 110139] D:\DSC_0545.JPG [23/10/2011 - 20:55:13 | N | 101421] D:\DSC_0546.JPG [23/10/2011 - 20:54:57 | N | 104785] D:\DSC_0548.JPG [23/10/2011 - 20:52:54 | N | 85856] D:\DSC_0605.JPG [14/09/2012 - 20:02:46 | N | 168257821] D:\DUMP499b.tmp [06/06/2011 - 19:53:40 | N | 177055981] D:\DUMP4c6a.tmp [31/05/2012 - 17:13:24 | N | 13116454] D:\Eur_pa_ezer_ves_t_rt_nelme.mp4 [31/05/2012 - 17:24:59 | N | 134864810] D:\Eur_pa_t_rk_pe_1000-t_l.mp4 [26/01/2012 - 19:50:47 | N | 131585] D:\f378.doc [16/09/2012 - 20:15:16 | D ] D:\filmek [07/11/2007 - 07:00:40 | N | 1110] D:\globdata.ini [15/04/2010 - 22:26:31 | N | 268856] D:\Gáááábor_2010_04_15_@23_23_18.wav [08/05/2012 - 20:59:11 | N | 1187774620] D:\haegemonia.nrg [07/03/2011 - 21:37:20 | N | 586605] D:\hajnali fény.ses [06/03/2012 - 20:28:44 | D ] D:\honlap [07/03/2011 - 21:01:40 | N | 586605] D:\hosanna.ses [28/03/2012 - 19:58:01 | N | 59724] D:\húsvéti kert.jpg [18/05/2011 - 18:12:09 | N | 399703584] D:\Image.bin [18/05/2011 - 18:12:10 | N | 681] D:\Image.cue [07/11/2007 - 08:03:18 | N | 562688] D:\install.exe [07/11/2007 - 08:00:40 | N | 843] D:\install.ini [07/11/2007 - 08:03:18 | N | 76304] D:\install.res.1028.dll [07/11/2007 - 08:03:18 | N | 96272] D:\install.res.1031.dll [07/11/2007 - 08:03:18 | N | 91152] D:\install.res.1033.dll [07/11/2007 - 08:03:18 | N | 97296] D:\install.res.1036.dll [07/11/2007 - 08:03:18 | N | 95248] D:\install.res.1040.dll [07/11/2007 - 08:03:18 | N | 81424] D:\install.res.1041.dll [07/11/2007 - 08:03:18 | N | 79888] D:\install.res.1042.dll [07/11/2007 - 08:03:18 | N | 75792] D:\install.res.2052.dll [07/11/2007 - 08:03:18 | N | 96272] D:\install.res.3082.dll [20/11/2011 - 20:56:53 | N | 407459] D:\jedi consular - sage.jpg [13/11/2012 - 20:21:33 | N | 24064] D:\jegyzettömb.doc [11/11/2012 - 23:12:57 | D ] D:\képek [15/11/2011 - 12:32:42 | N | 48624] D:\lightsaber-duel.jpg [22/11/2012 - 20:45:56 | D ] D:\láthatatlan színház [03/01/2012 - 23:01:50 | D ] D:\msdownld.tmp [12/06/2009 - 21:44:45 | RHD ] D:\MSOCache [19/11/2012 - 23:15:10 | D ] D:\origami [13/11/2012 - 20:12:18 | N | 1475796992] D:\pagefile.sys [26/01/2012 - 23:42:53 | N | 1523328] D:\pkrinstall.exe [25/11/2012 - 20:55:26 | D ] D:\progik [16/11/2012 - 00:09:19 | D ] D:\Program Files [23/08/2012 - 12:58:37 | D ] D:\ProgramData [29/10/2009 - 16:43:44 | N | 13644620] D:\Pucsok Pál elöadása.mp3 [20/11/2011 - 21:26:15 | N | 186553] D:\seer tábla másolata.jpg [20/11/2011 - 21:26:06 | N | 1150659] D:\seer tábla.psd [20/11/2011 - 21:27:40 | N | 20523] D:\seer1 - Wisdom.jpg [22/11/2011 - 22:56:30 | N | 2303832] D:\setup.exe [19/11/2011 - 11:37:49 | N | 6370504] D:\setupscreenhunterfree.exe [29/03/2012 - 20:38:10 | D ] D:\SISSigner [05/06/2008 - 13:42:42 | N | 88016] D:\SouthPark57.jpg [04/10/2011 - 22:05:46 | N | 406603520] D:\srta kamara.nrg [24/10/2011 - 19:47:18 | N | 4228241] D:\Star-Wars---Knights-of-the-Old-Republic-(English)-Cover-2324-92.jpg [24/10/2011 - 19:40:07 | N | 265135] D:\sw kotor.jpg [17/12/2009 - 00:19:28 | N | 0] D:\SW.UNL [15/11/2011 - 12:49:12 | N | 838921] D:\SWTOR címer.jpg [15/11/2011 - 13:35:15 | N | 6937015] D:\swtor delta guild.jpg [15/11/2011 - 12:36:25 | N | 36829] D:\Swtor-guild.jpg [08/11/2011 - 12:29:17 | N | 832879] D:\swtor.jpg [14/06/2010 - 13:45:32 | SHD ] D:\System Volume Information [18/11/2012 - 18:46:44 | D ] D:\Temp [15/11/2011 - 20:26:12 | N | 359455] D:\ts3_language_hu_rc1.exe [30/07/2011 - 16:30:48 | N | 639352] D:\utorrent.exe [19/11/2011 - 23:27:19 | N | 489562] D:\V002.WAV [07/11/2007 - 07:00:40 | N | 5686] D:\vcredist.bmp [07/11/2007 - 08:09:22 | N | 1442522] D:\VC_RED.cab [07/11/2007 - 08:12:28 | N | 232960] D:\VC_RED.MSI [01/10/2012 - 20:00:14 | N | 116003] D:\X-Faktor_2012_-_A_t_bor_2_12-09-30_N_zd_jra_az_RTL_Most-on.mp4 [16/11/2012 - 21:47:14 | D ] D:\zene [19/11/2011 - 23:25:11 | N | 69201] D:\zongora.jpg [23/11/2012 - 01:02:31 | D ] D:\Új mappa [13/11/2012 - 16:03:28 | N | 2392097] G:\Windows 8 Activator.rar [02/11/2012 - 11:03:14 | N | 4953237] G:\02 - The Hospital Room.mp3 [20/11/2012 - 19:37:46 | N | 127488] G:\angol.doc [25/11/2012 - 15:14:52 | N | 91136] G:\alapvizsga dolgozat.doc [30/09/2012 - 15:29:42 | N | 119480320] G:\Ballance.iso [22/09/2012 - 15:08:00 | N | 292184] G:\dxwebsetup0411.exe [24/05/2011 - 12:36:16 | N | 1012224] G:\legációs levél pünkösd G..doc [25/11/2012 - 09:59:28 | N | 22528] G:\Ő felemel.doc [13/11/2012 - 15:57:22 | N | 29299376] G:\SkypeSetupFull.exe [26/11/2012 - 12:02:58 | HD ] G:\RECYCLER [27/11/2012 - 20:10:42 | N | 4096] G:\._.Trashes [27/11/2012 - 20:10:42 | HD ] G:\.Trashes [27/11/2012 - 20:10:42 | D ] G:\.fseventsd [27/11/2012 - 20:10:42 | D ] G:\.Spotlight-V100 ################## | Vaccin | C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) ################## | Upload | Please send the file: C:\UsbFix_Upload_Me_PROXIMUS.zip http://eldesaparecido.com/upload.php Thank you for your contribution. ################## | E.O.F | |
Szerző: | tigerpapo [ szer. nov. 28, 2012 15:06 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
# AdwCleaner v2.009 - Logfile created 11/28/2012 at 14:57:48 # Updated 24/11/2012 by Xplode # Operating system : Windows 8 Pro (32 bits) # User : Tigerpapó - PROXIMUS # Boot Mode : Normal # Running from : C:\Users\Tigerpapó\Desktop\virus\adwcleaner.exe # Option [Delete] ***** [Services] ***** ***** [Files / Folders] ***** Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search Deleted on reboot : C:\ProgramData\Premium File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml Folder Deleted : C:\Program Files\AVG Secure Search Folder Deleted : C:\ProgramData\AVG Secure Search Folder Deleted : C:\ProgramData\InstallMate Folder Deleted : C:\Users\Tigerpapó\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\Tigerpapó\AppData\LocalLow\AVG Secure Search ***** [Registry] ***** Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] ***** [Internet Browsers] ***** -\\ Internet Explorer v9.10.9200.16433 [OK] Registry is clean. -\\ Mozilla Firefox v16.0.2 (hu) Profile name : default File : C:\Users\Tigerpapó\AppData\Roaming\Mozilla\Firefox\Profiles\69qcs08a.default\prefs.js Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search"); Deleted : user_pref("extensions.50a35a26d9cc4.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...] Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={BF2948A0-7584-4F59-AB2A-8654275D50F4}&m[...] ************************* AdwCleaner[S1].txt - [2770 octets] - [28/11/2012 14:57:48] ########## EOF - C:\AdwCleaner[S1].txt - [2830 octets] ########## |
Szerző: | stell [ kedd nov. 27, 2012 18:14 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
ok, 1:Kapcsold az számítógéphez az pendrivet, es mindent amit az USB-hasznalsz. 2:Használod az szlovák blogomból az ADWcleanert, fent a blogban van a Transzlator, fordítsd le magyarra, ha valamit nem érttel kérdez. http://www.viruskasino.com/2012/09/adwcleaner.html Az DELETE gombot nyomod.>.naplojat tedd ide. 3:Használod az USBFIX programot is, a naplókat tedd ide. http://virus-stell.blogspot.sk/2010/04/ ... itasa.html |
Szerző: | tigerpapo [ kedd nov. 27, 2012 18:01 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\Windows\system32\drivers\afd.sys [2012-07-26 438272] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2012-10-22 179936] R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimw8x.sys [2012-08-13 19936] R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-10-02 159712] R1 Avgwfpx;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpx.sys [2012-11-02 173920] R1 BasicDisplay;BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [2012-07-26 42496] R1 BasicRender;BasicRender; C:\Windows\System32\drivers\BasicRender.sys [2012-07-26 24576] R1 Beep;Beep; C:\Windows\system32\drivers\Beep.sys [2012-07-26 6144] R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\Windows\System32\drivers\cdrom.sys [2012-07-26 135680] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2012-09-20 436736] R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\Windows\System32\Drivers\dfsc.sys [2012-07-26 92160] R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2012-07-26 41472] R1 dtsoftbus01;@oem7.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2012-11-15 232512] R1 Msfs;Msfs; C:\Windows\system32\drivers\Msfs.sys [2012-07-26 21504] R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\Windows\System32\drivers\mssmbios.sys [2012-07-26 33008] R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\Windows\system32\DRIVERS\netbios.sys [2012-07-26 36864] R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\Windows\System32\DRIVERS\netbt.sys [2012-07-26 254464] R1 Npfs;Npfs; C:\Windows\system32\drivers\Npfs.sys [2012-07-26 38912] R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\Windows\System32\drivers\npsvctrig.sys [2012-07-26 17920] R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2012-07-26 23552] R1 Null;Null; C:\Windows\system32\drivers\Null.sys [2012-07-26 5120] R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\Windows\system32\DRIVERS\pacer.sys [2012-07-26 131584] R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\Windows\system32\DRIVERS\rdbss.sys [2012-07-26 321536] R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2012-07-26 97792] R1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2006-01-13 15872] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 52224] R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys [2012-09-20 70656] R2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\Windows\system32\DRIVERS\lltdio.sys [2012-07-26 48128] R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2012-07-26 102400] R2 NativeWifiP;@%SystemRoot%\System32\drivers\nwifi.sys,-101; C:\Windows\system32\DRIVERS\nwifi.sys [2012-07-26 355328] R2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\Windows\system32\drivers\Ndu.sys [2012-07-26 84480] R2 Parvdm;Parvdm; C:\Windows\System32\drivers\parvdm.sys [2012-07-26 8704] R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2012-07-26 709632] R2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\Windows\system32\DRIVERS\rspndr.sys [2012-07-26 62976] R2 secdrv;Security Driver; C:\Windows\system32\drivers\secdrv.sys [2012-07-26 20480] R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2012-07-26 36352] R3 1394ohci;@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller; C:\Windows\System32\drivers\1394ohci.sys [2012-07-26 173056] R3 ADIHdAudAddService;@oem5.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2008-04-24 309248] R3 AmdK8;@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver; C:\Windows\System32\drivers\amdk8.sys [2012-07-26 80384] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816] R3 ATSwpWDF;@oem1.inf,%ATSwpWDF.SvcDesc%;AuthenTec TruePrint WBF Driver; C:\Windows\system32\DRIVERS\ATSwpWDF.sys [2012-08-30 969192] R3 b57nd60x;@netb57vx.inf,%SvcDispName%;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2012-07-25 361984] R3 BCM43XX;@netbc63.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 hálózati adapter illesztőprogramja; C:\Windows\system32\DRIVERS\bcmwl63.sys [2012-06-02 4704256] R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2012-07-26 84992] R3 CmBatt;@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver; C:\Windows\System32\drivers\CmBatt.sys [2012-07-26 20480] R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\Windows\System32\drivers\CompositeBus.sys [2012-07-26 30720] R3 condrv;Console Driver; C:\Windows\System32\drivers\condrv.sys [2012-07-26 25600] R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2012-09-20 1229032] R3 fastfat;FAT12/16/32 File System Driver; C:\Windows\system32\drivers\fastfat.sys [2012-07-26 168688] R3 HBtnKey;@oem3.inf,%CPQBTTN.SvcDesc%;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 15544] R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\System32\drivers\HDAudBus.sys [2012-09-20 62464] R3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\Windows\System32\drivers\hidusb.sys [2012-07-26 19456] R3 HpqKbFiltr;@oem4.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\Windows\System32\drivers\HpqKbFiltr.sys [2009-04-29 15872] R3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\Windows\system32\drivers\HTTP.sys [2012-07-26 640000] R3 i8042prt;@keyboard.inf,%i8042prt.SvcDesc%;i8042 Keyboard és PS/2 egérport illesztőprogramja; C:\Windows\System32\drivers\i8042prt.sys [2012-07-26 89600] R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Billentyűzetosztály illesztőprogramja; C:\Windows\System32\drivers\kbdclass.sys [2012-07-26 39664] R3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\Windows\System32\drivers\kbdhid.sys [2012-07-26 23040] R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Microsoft kernelhiba-keresési hálózati miniport (NDIS 6.20); C:\Windows\system32\DRIVERS\kdnic.sys [2012-07-26 15360] R3 Modem;Modem; C:\Windows\system32\drivers\modem.sys [2012-07-26 31744] R3 monitor;@monitor.inf,%Monitor.SVCDESC%;Monitor osztályú funkciók Microsoft-illesztőszolgáltatása; C:\Windows\system32\DRIVERS\monitor.sys [2012-07-26 24064] R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver; C:\Windows\System32\drivers\mouclass.sys [2012-07-26 39152] R3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\Windows\System32\drivers\mouhid.sys [2012-07-26 20992] R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2012-10-11 56832] R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\Windows\system32\DRIVERS\mrxsmb.sys [2012-11-02 308736] R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2012-07-26 244736] R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2012-11-02 168448] R3 MsLldp;@C:\Windows\system32\DRIVERS\mslldp.sys,-200; C:\Windows\system32\DRIVERS\mslldp.sys [2012-07-26 57344] R3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\Windows\system32\DRIVERS\ndistapi.sys [2012-09-20 20480] R3 Ndisuio;@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol; C:\Windows\system32\DRIVERS\ndisuio.sys [2012-07-26 47104] R3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\Windows\system32\DRIVERS\ndiswan.sys [2012-07-26 140288] R3 NDProxy;NDIS Proxy; C:\Windows\system32\drivers\NDProxy.sys [2012-09-20 48640] R3 Ntfs;Ntfs; C:\Windows\system32\drivers\Ntfs.sys [2012-07-26 1614576] R3 Parport;@msports.inf,%Parport.SVCDESC%;Párhuzamos port illesztőprogramja; C:\Windows\System32\drivers\parport.sys [2012-07-26 90624] R3 PptpMiniport;@%systemroot%\system32\rascfg.dll,-32006; C:\Windows\system32\DRIVERS\raspptp.sys [2012-07-26 82944] R3 RasAgileVpn;@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN-miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2012-07-26 53760] R3 Rasl2tp;@%systemroot%\system32\rascfg.dll,-32005; C:\Windows\system32\DRIVERS\rasl2tp.sys [2012-07-26 88064] R3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\Windows\system32\DRIVERS\raspppoe.sys [2012-07-26 66560] R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2012-07-26 74752] R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\Windows\System32\drivers\rdpbus.sys [2012-07-26 16896] R3 sdbus;sdbus; C:\Windows\System32\drivers\sdbus.sys [2012-10-11 158440] R3 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\Windows\System32\DRIVERS\srv.sys [2012-07-26 338432] R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2012-10-12 492544] R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2012-06-02 207360] R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2012-06-02 980992] R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2012-06-02 661504] R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2012-07-26 195072] R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\Windows\System32\drivers\swenum.sys [2012-07-26 13296] R3 SynTP;@oem2.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-05-13 193056] R3 TPM;@tpm.inf,%TPM%;TPM; C:\Windows\system32\drivers\tpm.sys [2012-09-20 121576] R3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft alagút-miniportadapter illesztőprogramja; C:\Windows\system32\DRIVERS\tunnel.sys [2012-07-26 118784] R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\Windows\System32\drivers\umbus.sys [2012-07-26 39424] R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\Windows\System32\drivers\usbehci.sys [2012-09-20 64232] R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver; C:\Windows\System32\drivers\usbhub.sys [2012-09-20 332520] R3 usbohci;@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\System32\drivers\usbohci.sys [2012-09-20 22016] R3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2012-07-26 18944] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 13824] R3 WmiAcpi;@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI; C:\Windows\System32\drivers\wmiacpi.sys [2012-07-26 11264] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S0 3ware;3ware; C:\Windows\System32\drivers\3ware.sys [2012-07-26 85232] S0 adp94xx;adp94xx; C:\Windows\System32\drivers\adp94xx.sys [2012-07-26 424176] S0 adpahci;adpahci; C:\Windows\System32\drivers\adpahci.sys [2012-07-26 298736] S0 adpu320;adpu320; C:\Windows\System32\drivers\adpu320.sys [2012-07-26 147696] S0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\Windows\System32\drivers\agp440.sys [2012-07-26 55536] S0 amdagp;@machine.inf,%amdagp_svcdesc%;AMD AGP Bus Filter Driver; C:\Windows\System32\drivers\amdagp.sys [2012-07-26 56048] S0 amdsata;amdsata; C:\Windows\System32\drivers\amdsata.sys [2012-07-26 67312] S0 amdsbs;amdsbs; C:\Windows\System32\drivers\amdsbs.sys [2012-07-26 213744] S0 amdxata;amdxata; C:\Windows\System32\drivers\amdxata.sys [2012-07-26 22256] S0 arc;arc; C:\Windows\System32\drivers\arc.sys [2012-07-26 91888] S0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver; C:\Windows\System32\drivers\arcsas.sys [2012-07-26 94448] S0 Avgbootx;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgbootx.sys [2012-10-26 18352] S0 EhStorClass;@%SystemRoot%\system32\drivers\EhStorClass.sys,-100; C:\Windows\System32\drivers\EhStorClass.sys [2012-07-26 70384] S0 EhStorTcgDrv;@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols; C:\Windows\System32\drivers\EhStorTcgDrv.sys [2012-07-26 99056] S0 gagp30kx;@machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\System32\drivers\gagp30kx.sys [2012-07-26 59120] S0 HpSAMD;HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [2012-07-26 56048] S0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys [2012-07-26 24304] S0 iaStorV;@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7; C:\Windows\System32\drivers\iaStorV.sys [2012-07-26 333552] S0 iirsp;iirsp; C:\Windows\System32\drivers\iirsp.sys [2012-07-26 42224] S0 intelide;intelide; C:\Windows\System32\drivers\intelide.sys [2012-07-26 16624] S0 isapnp;isapnp; C:\Windows\System32\drivers\isapnp.sys [2012-07-26 47856] S0 LSI_SAS;LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [2012-07-26 93424] S0 LSI_SAS2;LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [2012-07-26 78576] S0 LSI_SCSI;LSI_SCSI; C:\Windows\System32\drivers\lsi_scsi.sys [2012-07-26 100592] S0 LSI_SSS;LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [2012-07-26 68848] S0 megasas;megasas; C:\Windows\System32\drivers\megasas.sys [2012-07-26 45296] S0 MegaSR;MegaSR; C:\Windows\System32\drivers\MegaSR.sys [2012-07-26 283888] S0 mvumis;mvumis; C:\Windows\System32\drivers\mvumis.sys [2012-07-26 59120] S0 nfrd960;nfrd960; C:\Windows\System32\drivers\nfrd960.sys [2012-07-26 45808] S0 nv_agp;@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter; C:\Windows\System32\drivers\nv_agp.sys [2012-07-26 106736] S0 nvraid;nvraid; C:\Windows\System32\drivers\nvraid.sys [2012-07-26 120048] S0 nvstor;nvstor; C:\Windows\System32\drivers\nvstor.sys [2012-07-26 141552] S0 sbp2port;@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver; C:\Windows\System32\drivers\sbp2port.sys [2012-07-26 89840] S0 sisagp;@machine.inf,%sisagp_svcdesc%;SIS AGP Bus Filter; C:\Windows\System32\drivers\sisagp.sys [2012-07-26 53488] S0 SiSRaid2;SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [2012-07-26 41200] S0 SiSRaid4;SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [2012-07-26 79088] S0 stexstor;stexstor; C:\Windows\System32\drivers\stexstor.sys [2012-07-26 26352] S0 storahci;@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver; C:\Windows\System32\drivers\storahci.sys [2012-07-26 66288] S0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\Windows\system32\DRIVERS\vmstorfl.sys [2012-07-26 42344] S0 storvsc;storvsc; C:\Windows\System32\drivers\storvsc.sys [2012-07-26 32872] S0 uagp35;@machine.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter; C:\Windows\System32\drivers\uagp35.sys [2012-07-26 58096] S0 uliagpkx;@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter; C:\Windows\System32\drivers\uliagpkx.sys [2012-07-26 58608] S0 viaagp;@machine.inf,%agpvia_svcdesc%;VIA AGP Bus Filter; C:\Windows\System32\drivers\viaagp.sys [2012-07-26 55536] S0 viaide;viaide; C:\Windows\System32\drivers\viaide.sys [2012-07-26 18160] S0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\System32\drivers\vmbus.sys [2012-07-26 130024] S0 vsmraid;vsmraid; C:\Windows\System32\drivers\vsmraid.sys [2012-07-26 155376] S0 VSTXRAID;@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage Controller Windows Driver; C:\Windows\System32\drivers\vstxraid.sys [2012-07-26 285424] S0 Wd;@wd.inf,%WdServiceDisplayName%;Microsoft Watchdog Timer Driver; C:\Windows\System32\drivers\wd.sys [2012-07-26 20720] S1 dam;@%SystemRoot%\system32\drivers\dam.sys,-100; C:\Windows\system32\drivers\dam.sys [2012-10-11 50920] S3 acpipagr;@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver; C:\Windows\System32\drivers\acpipagr.sys [2012-07-26 8704] S3 AcpiPmi;@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver; C:\Windows\System32\drivers\acpipmi.sys [2012-07-26 9216] S3 acpitime;@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver; C:\Windows\System32\drivers\acpitime.sys [2012-07-26 8704] S3 AmdPPM;@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver; C:\Windows\System32\drivers\amdppm.sys [2012-07-26 78336] S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2012-07-26 67072] S3 AsyncMac;@%systemroot%\system32\rascfg.dll,-32000; C:\Windows\system32\DRIVERS\asyncmac.sys [2012-07-26 21504] S3 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\Windows\System32\drivers\BthAvrcpTg.sys [2012-09-20 25856] S3 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\Windows\System32\drivers\bthhfenum.sys [2012-07-26 44032] S3 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\Windows\System32\drivers\BthHFHid.sys [2012-09-20 22528] S3 BTHMODEM;@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver; C:\Windows\System32\drivers\bthmodem.sys [2012-07-26 50176] S3 circlass;@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices; C:\Windows\System32\drivers\circlass.sys [2012-07-26 38400] S3 dmvsc;dmvsc; C:\Windows\System32\drivers\dmvsc.sys [2012-07-26 28672] S3 drmkaud;@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [2012-10-11 5120] S3 ErrDev;@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver; C:\Windows\System32\drivers\errdev.sys [2012-07-26 7168] S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2012-07-26 155648] S3 fdc;@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver; C:\Windows\System32\drivers\fdc.sys [2012-07-26 25600] S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2012-07-26 29696] S3 flpydisk;@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver; C:\Windows\System32\drivers\flpydisk.sys [2012-07-26 19968] S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2012-07-26 49392] S3 FxPPM;@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver; C:\Windows\System32\drivers\fxppm.sys [2012-07-26 17920] S3 gencounter;@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter; C:\Windows\System32\drivers\vmgencounter.sys [2012-07-26 9856] S3 GPIOClx0101;Microsoft GPIO Class Extension Driver; C:\Windows\System32\Drivers\msgpioclx.sys [2012-09-20 97000] S3 HdAudAddService;@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA funkció-illesztőprogram High Definition Audio hangszolgáltatáshoz; C:\Windows\system32\drivers\HdAudio.sys [2012-07-26 275456] S3 HidBatt;@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver; C:\Windows\System32\drivers\HidBatt.sys [2012-07-26 20992] S3 HidBth;@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport; C:\Windows\System32\drivers\hidbth.sys [2012-07-26 81920] S3 hidi2c;@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver; C:\Windows\System32\drivers\hidi2c.sys [2012-07-26 29696] S3 HidIr;@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver; C:\Windows\System32\drivers\hidir.sys [2012-07-26 38400] S3 hyperkbd;hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [2012-07-26 10496] S3 HyperVideo;HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [2012-07-26 19456] S3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\Windows\System32\drivers\intelppm.sys [2012-07-26 78848] S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\Windows\system32\DRIVERS\ipfltdrv.sys [2012-07-26 65024] S3 IPMIDRV;IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [2012-07-26 65536] S3 IPNAT;IP Network Address Translator; C:\Windows\System32\drivers\ipnat.sys [2012-07-26 126976] S3 IRENUM;@%SystemRoot%\system32\drivers\irenum.sys,-100; C:\Windows\system32\drivers\irenum.sys [2012-07-26 13312] S3 iScsiPrt;@iscsi.inf,%iScsiPortName%;iScsiPort Driver; C:\Windows\System32\drivers\msiscsi.sys [2012-07-26 237808] S3 MRxDAV;@%systemroot%\system32\webclnt.dll,-104; C:\Windows\system32\drivers\mrxdav.sys [2012-07-26 122368] S3 MsBridge;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2012-07-26 102912] S3 msgpiowin32;@msgpiowin32.inf,%GPIO.SvcDesc%;GPIO Buttons Driver; C:\Windows\System32\drivers\msgpiowin32.sys [2012-09-20 24808] S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2012-07-26 6656] S3 mshidumdf;@%SystemRoot%\system32\drivers\mshidumdf.sys,-100; C:\Windows\System32\drivers\mshidumdf.sys [2012-07-26 7680] S3 MSKSSRV;@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming szolgáltatásproxy; C:\Windows\system32\drivers\MSKSSRV.sys [2012-07-26 8192] S3 MSPCLOCK;@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming óraproxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2012-07-26 6144] S3 MSPQM;@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming minőségkezelő proxy; C:\Windows\system32\drivers\MSPQM.sys [2012-07-26 5888] S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2012-07-26 211696] S3 MSTEE;@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming cél/fogadók közötti konverter; C:\Windows\system32\drivers\MSTEE.sys [2012-07-26 6272] S3 MTConfig;@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver; C:\Windows\System32\drivers\MTConfig.sys [2012-07-26 11264] S3 NdisCap;@%SystemRoot%\System32\drivers\ndiscap.sys,-5000; C:\Windows\system32\DRIVERS\ndiscap.sys [2012-07-26 30720] S3 NdisImPlatform;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [2012-07-26 110592] S3 NDISWANLEGACY;@%systemroot%\system32\rascfg.dll,-32014; C:\Windows\system32\DRIVERS\ndiswan.sys [2012-07-26 140288] S3 Processor;@cpu.inf,%Processor.SvcDesc%;Processor Driver; C:\Windows\System32\drivers\processr.sys [2012-07-26 77312] S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2012-07-26 31744] S3 RasAcd;Remote Access Auto Connection Driver; C:\Windows\System32\DRIVERS\rasacd.sys [2012-07-26 11776] S3 RDPDR;@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100; C:\Windows\System32\drivers\rdpdr.sys [2012-07-26 156160] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-12 23272] S3 RDPWD;RDP Winstation Driver; C:\Windows\system32\drivers\RDPWD.sys [2012-07-26 179200] S3 s3cap;s3cap; C:\Windows\System32\drivers\vms3cap.sys [2012-07-26 6528] S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2012-07-26 32768] S3 sdstor;@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver; C:\Windows\System32\drivers\sdstor.sys [2012-10-11 46824] S3 SerCx;Serial UART Support Library; C:\Windows\system32\drivers\SerCx.sys [2012-07-26 51200] S3 Serenum;@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver; C:\Windows\System32\drivers\serenum.sys [2012-07-26 17920] S3 Serial;@msports.inf,%Serial.SVCDESC%;Serial port driver; C:\Windows\System32\drivers\serial.sys [2012-07-26 86528] S3 sermouse;@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver; C:\Windows\System32\drivers\sermouse.sys [2012-07-26 19968] S3 sfloppy;@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive; C:\Windows\System32\drivers\sfloppy.sys [2012-07-26 13312] S3 SpbCx;Simple Peripheral Bus Support Library; C:\Windows\system32\drivers\SpbCx.sys [2012-07-26 46080] S3 TCPIP6;@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2012-09-20 1817320] S3 terminpt;@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver; C:\Windows\System32\drivers\terminpt.sys [2012-07-26 29936] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-07-26 49152] S3 TsUsbGD;@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device; C:\Windows\System32\drivers\TsUsbGD.sys [2012-07-26 27264] S3 UASPStor;@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver; C:\Windows\System32\drivers\uaspstor.sys [2012-07-26 76016] S3 UCX01000;USB Controller Extension; C:\Windows\System32\drivers\ucx01000.sys [2012-09-20 179944] S3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver; C:\Windows\System32\drivers\umpass.sys [2012-07-26 8704] S3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver; C:\Windows\System32\drivers\usbccgp.sys [2012-07-26 84992] S3 usbcir;@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR); C:\Windows\System32\drivers\usbcir.sys [2012-07-26 87040] S3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\Windows\System32\drivers\UsbHub3.sys [2012-09-20 361192] S3 usbprint;@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class; C:\Windows\System32\drivers\usbprint.sys [2012-07-26 18944] S3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver; C:\Windows\System32\drivers\USBSTOR.SYS [2012-07-26 97008] S3 usbuhci;@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\System32\drivers\usbuhci.sys [2012-09-20 24576] S3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\Windows\System32\drivers\USBXHCI.SYS [2012-09-20 268008] S3 VerifierExt;@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000; C:\Windows\system32\drivers\VerifierExt.sys [2012-07-26 80112] S3 vhdmp;vhdmp; C:\Windows\System32\drivers\vhdmp.sys [2012-07-26 368368] S3 ViaC7;@cpu.inf,%ViaC7.SvcDesc%;VIA C7 Processor Driver; C:\Windows\System32\drivers\viac7.sys [2012-07-26 77824] S3 VMBusHID;VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [2012-07-26 18304] S3 WacomPen;@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver; C:\Windows\System32\drivers\wacompen.sys [2012-07-26 20608] S3 Wanarp;@%systemroot%\system32\rascfg.dll,-32011; C:\Windows\system32\DRIVERS\wanarp.sys [2012-09-20 70656] S3 WdBoot;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390; C:\Windows\system32\drivers\WdBoot.sys [2012-07-26 28072] S3 WdFilter;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330; C:\Windows\system32\drivers\WdFilter.sys [2012-07-26 199920] S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2012-07-26 27376] S3 wpcfltr;Family Safety Filter Driver; C:\Windows\system32\DRIVERS\wpcfltr.sys [2012-07-26 35328] S3 WpdUpFltr;@%systemroot%\System32\drivers\WpdUpFltr.sys,-100; C:\Windows\System32\drivers\WpdUpFltr.sys [2012-07-26 15360] S3 WUDFRd;@hidbthle.inf,%WudfRdDisplayName%;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\Windows\System32\drivers\WUDFRd.sys [2012-07-26 155136] S3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;UMDF-tükröző szolgáltatás LocationProvider számára; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S3 WUDFWpdFs;WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S4 cdfs;CD/DVD File System Reader; C:\Windows\system32\DRIVERS\cdfs.sys [2012-07-26 89088] S4 cnghwassist;@%SystemRoot%\system32\drivers\cnghwassist.sys,-100; C:\Windows\System32\DRIVERS\cnghwassist.sys [2012-09-20 31464] S4 udfs;udfs; C:\Windows\system32\DRIVERS\udfs.sys [2012-07-26 260608] S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\Windows\system32\drivers\ws2ifsl.sys [2012-09-20 16384] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AEADIFilters;@oem5.inf,%AEADISRV.SvcDesc%;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2007-02-06 69632] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184] R2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\Windows\System32\svchost.exe [2012-09-20 23040] R2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392] R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664] R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 DcomLaunch;@combase.dll,-5012; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 23040] R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040] R2 EventSystem;@comres.dll,-2450; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 FPLService;TrueSuiteService; C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe [2012-08-30 265576] R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 23040] R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040] R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 23040] R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 RpcSs;@combase.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\Windows\system32\lsass.exe [2012-09-20 23040] R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\Windows\System32\svchost.exe [2012-09-20 23040] R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\Windows\System32\spoolsv.exe [2012-07-26 496640] R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2012-11-02 3407784] R2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\Windows\System32\svchost.exe [2012-09-20 23040] R2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 23040] R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-25 711112] R2 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 Wcmsvc;@%SystemRoot%\System32\wcmsvc.dll,-4097; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 winmgmt;@%Systemroot%\system32\wbem\wmisvc.dll,-205; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 WlanSvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 wscsvc;@%SystemRoot%\System32\wscsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040] R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2012-10-11 671232] R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040] R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] R3 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 23040] R3 Browser;@%systemroot%\system32\browser.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040] R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896] R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944] R3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\Windows\system32\msiexec.exe [2012-07-26 62976] R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\Windows\System32\svchost.exe [2012-09-20 23040] R3 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040] R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040] R3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] R3 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040] R3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040] R3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\Windows\system32\svchost.exe [2012-09-20 23040] R3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2012-09-20 23040] R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2012-09-20 23040] R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 23040] R3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040] R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] R3 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 23040] S2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2012-09-20 23040] S2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-10-19 160944] S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2012-07-26 3802624] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2012-11-18 72704] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-14 250808] S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\Windows\System32\alg.exe [2012-07-26 71168] S3 AllUserInstallAgent;@%SystemRoot%\System32\AUInstallAgent.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 COMSysApp;@comres.dll,-947; C:\Windows\system32\dllhost.exe [2012-07-26 8704] S3 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 EapHost;@%systemroot%\system32\eapsvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2012-09-20 23040] S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2012-07-26 529920] S3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2012-07-06 43616] S3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2012-09-20 23040] S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-24 115168] S3 MSDTC;@comres.dll,-2797; C:\Windows\System32\msdtc.exe [2012-07-26 136192] S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\Windows\system32\lsass.exe [2012-09-20 23040] S3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 PrintNotify;@C:\Windows\system32\spool\DRIVERS\W32X86\3\PrintConfig.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\Windows\system32\locator.exe [2012-07-26 9728] S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2012-07-26 13312] S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 StiSvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2012-07-26 82432] S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2012-07-26 35840] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2012-09-20 581120] S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 vmicvss;@%systemroot%\system32\vmicres.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\Windows\system32\vssvc.exe [2012-07-26 1150464] S3 W32Time;@%SystemRoot%\system32\w32time.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2012-07-26 1350144] S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 WebClient;@%systemroot%\system32\webclnt.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 WinDefend;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310; C:\Program Files\Windows Defender\MsMpEng.exe [2012-07-26 13864] S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 wlidsvc;@%SystemRoot%\system32\wlidsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 wmiApSrv;@%Systemroot%\system32\wbem\wmiapsrv.exe,-110; C:\Windows\system32\wbem\WmiApSrv.exe [2012-07-26 142336] S3 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2012-09-20 1025536] S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 WSService;@%SystemRoot%\system32\WSService.dll,-103; C:\Windows\System32\svchost.exe [2012-09-20 23040] S3 wuauserv;@%systemroot%\system32\wuaueng.dll,-105; C:\Windows\system32\svchost.exe [2012-09-20 23040] S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2012-09-20 23040] S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-12 139696] S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040] S4 RemoteRegistry;@regsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040] S4 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040] S4 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\Windows\System32\svchost.exe [2012-09-20 23040] -----------------EOF----------------- |
Szerző: | tigerpapo [ kedd nov. 27, 2012 18:00 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
======List of files/folders created in the last 3 months====== 2012-11-27 17:23:13 ----D---- C:\Program Files\trend micro 2012-11-27 17:23:12 ----D---- C:\rsit 2012-11-25 20:49:33 ----SHD---- C:\Config.Msi 2012-11-25 20:39:53 ----D---- C:\Users\Tigerpapó\AppData\Roaming\AVG2013 2012-11-25 20:38:31 ----D---- C:\Users\Tigerpapó\AppData\Roaming\TuneUp Software 2012-11-25 20:38:23 ----D---- C:\ProgramData\AVG Secure Search 2012-11-25 20:38:08 ----D---- C:\Program Files\Common Files\AVG Secure Search 2012-11-25 20:38:07 ----D---- C:\Program Files\AVG Secure Search 2012-11-25 20:35:42 ----HD---- C:\$AVG 2012-11-25 20:35:41 ----D---- C:\ProgramData\AVG2013 2012-11-25 20:34:57 ----D---- C:\Program Files\AVG 2012-11-25 20:33:08 ----HD---- C:\ProgramData\Common Files 2012-11-25 20:33:08 ----D---- C:\ProgramData\MFAData 2012-11-21 22:12:45 ----D---- C:\MRVSZ2000 2012-11-18 13:20:20 ----D---- C:\Program Files\Common Files\Adobe Systems Shared 2012-11-18 13:17:54 ----D---- C:\Program Files\Common Files\Adobe 2012-11-18 13:17:54 ----D---- C:\Program Files\Adobe 2012-11-16 00:13:27 ----A---- C:\Windows\system32\tsccvid.dll 2012-11-16 00:13:12 ----D---- C:\ProgramData\BibleWorks 2012-11-16 00:13:05 ----A---- C:\Windows\system32\zlib1.dll 2012-11-16 00:13:05 ----A---- C:\Windows\system32\unzip32.dll 2012-11-16 00:13:05 ----A---- C:\Windows\system32\ssce5532.dll 2012-11-16 00:13:05 ----A---- C:\Windows\system32\bwplay.exe 2012-11-16 00:13:04 ----A---- C:\Windows\system32\patchw32.dll 2012-11-16 00:13:04 ----A---- C:\Windows\system32\patchw.dll 2012-11-16 00:13:04 ----A---- C:\Windows\system32\bwntsend.dll 2012-11-16 00:13:04 ----A---- C:\Windows\system32\bwnthook.dll 2012-11-16 00:13:03 ----A---- C:\Windows\system32\bwbits80.dll 2012-11-15 23:30:31 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys 2012-11-15 23:30:20 ----D---- C:\Program Files\DAEMON Tools Lite 2012-11-15 23:29:39 ----D---- C:\Users\Tigerpapó\AppData\Roaming\DAEMON Tools Lite 2012-11-15 23:29:36 ----D---- C:\ProgramData\DAEMON Tools Lite 2012-11-15 23:23:50 ----D---- C:\Users\Tigerpapó\AppData\Roaming\Ashampoo 2012-11-15 23:20:47 ----D---- C:\Program Files\WinRAR 2012-11-15 23:19:35 ----D---- C:\ProgramData\Ashampoo 2012-11-15 23:19:31 ----D---- C:\Program Files\Ashampoo 2012-11-15 21:48:23 ----D---- C:\ProgramData\TrueSuite 2012-11-15 18:56:48 ----D---- C:\Users\Tigerpapó\AppData\Roaming\DropIt 2012-11-15 18:46:07 ----D---- C:\Program Files\Common Files\AuthenTec 2012-11-15 18:46:02 ----D---- C:\Program Files\AuthenTec TrueSuite 2012-11-15 18:45:46 ----D---- C:\ProgramData\Downloaded Installations 2012-11-15 18:29:38 ----D---- C:\Program Files\DropIt 2012-11-15 18:28:25 ----D---- C:\Program Files\MSECache 2012-11-14 18:16:43 ----D---- C:\Users\Tigerpapó\AppData\Roaming\PDF Writer 2012-11-14 18:16:43 ----D---- C:\ProgramData\PDF Writer 2012-11-14 18:09:58 ----D---- C:\Program Files\Common Files\Bullzip 2012-11-14 18:09:58 ----A---- C:\Windows\system32\bzFlRdr.dll 2012-11-14 18:09:58 ----A---- C:\Windows\system32\bzDCT.dll 2012-11-14 18:09:57 ----A---- C:\Windows\system32\bzpdfc.dll 2012-11-14 18:09:54 ----A---- C:\Windows\system32\bzpdf.dll 2012-11-14 18:09:50 ----D---- C:\Program Files\Bullzip 2012-11-14 18:06:20 ----D---- C:\Program Files\Reference Assemblies 2012-11-14 18:06:20 ----D---- C:\Program Files\MSBuild 2012-11-14 18:05:55 ----D---- C:\Windows\system32\XPSViewer 2012-11-14 18:03:21 ----A---- C:\Windows\system32\TsWpfWrp.exe 2012-11-14 18:03:21 ----A---- C:\Windows\system32\PresentationNative_v0300.dll 2012-11-14 18:03:21 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2012-11-14 17:46:40 ----D---- C:\Users\Tigerpapó\AppData\Roaming\TeamViewer 2012-11-14 15:51:37 ----D---- C:\ProgramData\Adobe 2012-11-14 09:46:05 ----D---- C:\Users\Tigerpapó\AppData\Roaming\Optimizer Pro 2012-11-14 09:46:04 ----AD---- C:\ProgramData\TEMP 2012-11-14 09:35:49 ----D---- C:\ProgramData\Premium 2012-11-14 09:34:34 ----D---- C:\Program Files\Optimizer Pro 2012-11-14 09:34:08 ----D---- C:\ProgramData\Download and Sa 2012-11-14 09:33:25 ----D---- C:\ProgramData\InstallMate 2012-11-14 09:28:21 ----A---- C:\Windows\ODBC.INI 2012-11-14 09:28:18 ----A---- C:\Windows\system32\mdimon.dll 2012-11-14 09:26:39 ----D---- C:\Program Files\Common Files\DESIGNER 2012-11-14 09:24:35 ----D---- C:\Windows\PCHEALTH 2012-11-14 09:24:35 ----D---- C:\Program Files\Microsoft Office 2012-11-14 09:21:38 ----RHD---- C:\MSOCache 2012-11-14 08:59:18 ----A---- C:\Windows\system32\FNTCACHE.DAT 2012-11-13 23:14:34 ----D---- C:\Users\Tigerpapó\AppData\Roaming\Mozilla 2012-11-13 23:14:11 ----D---- C:\ProgramData\Mozilla 2012-11-13 23:14:10 ----D---- C:\Program Files\Mozilla Maintenance Service 2012-11-13 23:13:39 ----D---- C:\Program Files\Mozilla Firefox 2012-11-13 23:04:39 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2012-11-13 23:00:29 ----RD---- C:\Windows\BrowserChoice 2012-11-13 22:52:52 ----D---- C:\Program Files\TeamViewer 2012-11-13 22:37:33 ----N---- C:\Windows\system32\MpSigStub.exe 2012-11-13 22:30:10 ----A---- C:\Windows\system32\MRT.exe 2012-11-13 22:21:00 ----D---- C:\Program Files\Analog Devices 2012-11-13 22:05:27 ----A---- C:\Windows\system32\jscript9.dll 2012-11-13 22:05:26 ----A---- C:\Windows\system32\tquery.dll 2012-11-13 22:05:25 ----A---- C:\Windows\explorer.exe 2012-11-13 22:05:23 ----A---- C:\Windows\system32\wininet.dll 2012-11-13 22:05:23 ----A---- C:\Windows\system32\mssrch.dll 2012-11-13 22:05:23 ----A---- C:\Windows\system32\dwmcore.dll 2012-11-13 22:05:22 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll 2012-11-13 22:05:21 ----A---- C:\Windows\system32\StructuredQuery.dll 2012-11-13 22:05:21 ----A---- C:\Windows\system32\MPSSVC.dll 2012-11-13 22:05:20 ----A---- C:\Windows\system32\SHCore.dll 2012-11-13 22:05:19 ----A---- C:\Windows\system32\winresume.exe 2012-11-13 22:05:18 ----A---- C:\Windows\system32\resetengmig.dll 2012-11-13 22:05:18 ----A---- C:\Windows\system32\mfplat.dll 2012-11-13 22:05:18 ----A---- C:\Windows\system32\drivers\netio.sys 2012-11-13 22:05:17 ----A---- C:\Windows\system32\lsasrv.dll 2012-11-13 22:05:16 ----A---- C:\Windows\system32\winload.exe 2012-11-13 22:05:15 ----A---- C:\Windows\system32\Windows.Networking.dll 2012-11-13 22:05:15 ----A---- C:\Windows\system32\uxtheme.dll 2012-11-13 22:05:15 ----A---- C:\Windows\system32\reseteng.dll 2012-11-13 22:05:15 ----A---- C:\Windows\system32\drivers\Classpnp.sys 2012-11-13 22:05:14 ----A---- C:\Windows\system32\SearchProtocolHost.exe 2012-11-13 22:05:14 ----A---- C:\Windows\system32\mfmp4srcsnk.dll 2012-11-13 22:05:14 ----A---- C:\Windows\system32\kerberos.dll 2012-11-13 22:05:13 ----A---- C:\Windows\system32\SearchIndexer.exe 2012-11-13 22:05:13 ----A---- C:\Windows\system32\drivers\dam.sys 2012-11-13 22:05:13 ----A---- C:\Windows\system32\ci.dll 2012-11-13 22:05:12 ----A---- C:\Windows\system32\wlansvc.dll 2012-11-13 22:05:12 ----A---- C:\Windows\system32\usercpl.dll 2012-11-13 22:05:12 ----A---- C:\Windows\system32\drivers\ndis.sys 2012-11-13 22:05:11 ----A---- C:\Windows\system32\drivers\sdbus.sys 2012-11-13 22:05:11 ----A---- C:\Windows\system32\drivers\portcls.sys 2012-11-13 22:05:10 ----A---- C:\Windows\system32\winlogon.exe 2012-11-13 22:05:10 ----A---- C:\Windows\system32\SpaceControl.dll 2012-11-13 22:05:10 ----A---- C:\Windows\system32\ListSvc.dll 2012-11-13 22:05:10 ----A---- C:\Windows\system32\drivers\battc.sys 2012-11-13 22:05:10 ----A---- C:\Windows\system32\dhcpcore6.dll 2012-11-13 22:05:09 ----A---- C:\Windows\system32\wlanmsm.dll 2012-11-13 22:05:09 ----A---- C:\Windows\system32\mssph.dll 2012-11-13 22:05:09 ----A---- C:\Windows\system32\drivers\dumpsd.sys 2012-11-13 22:05:08 ----A---- C:\Windows\system32\Windows.Storage.Compression.dll 2012-11-13 22:05:08 ----A---- C:\Windows\system32\input.dll 2012-11-13 22:05:08 ----A---- C:\Windows\system32\drivers\sdstor.sys 2012-11-13 22:05:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2012-11-13 22:05:08 ----A---- C:\Windows\system32\drivers\cng.sys 2012-11-13 22:05:08 ----A---- C:\Windows\system32\bdesvc.dll 2012-11-13 22:05:07 ----A---- C:\Windows\system32\wlansec.dll 2012-11-13 22:05:07 ----A---- C:\Windows\system32\mswsock.dll 2012-11-13 22:05:07 ----A---- C:\Windows\system32\ie4uinit.exe 2012-11-13 22:05:07 ----A---- C:\Windows\system32\dhcpcsvc6.dll 2012-11-13 22:05:06 ----A---- C:\Windows\system32\mssvp.dll 2012-11-13 22:05:06 ----A---- C:\Windows\system32\iesysprep.dll 2012-11-13 22:05:05 ----A---- C:\Windows\system32\microsoft-windows-pdc.dll 2012-11-13 22:05:05 ----A---- C:\Windows\system32\gdi32.dll 2012-11-13 22:05:04 ----A---- C:\Windows\system32\PCPKsp.dll 2012-11-13 22:05:04 ----A---- C:\Windows\system32\MFCaptureEngine.dll 2012-11-13 22:05:04 ----A---- C:\Windows\system32\FntCache.dll 2012-11-13 22:05:04 ----A---- C:\Windows\system32\dhcpcore.dll 2012-11-13 22:05:03 ----A---- C:\Windows\system32\wlanapi.dll 2012-11-13 22:05:03 ----A---- C:\Windows\system32\FirewallAPI.dll 2012-11-13 22:05:03 ----A---- C:\Windows\system32\DWrite.dll 2012-11-13 22:05:02 ----A---- C:\Windows\system32\SearchFilterHost.exe 2012-11-13 22:05:02 ----A---- C:\Windows\system32\jscript.dll 2012-11-13 22:05:02 ----A---- C:\Windows\system32\AppxSip.dll 2012-11-13 22:05:01 ----A---- C:\Windows\system32\UXInit.dll 2012-11-13 22:05:01 ----A---- C:\Windows\system32\sysreset.exe 2012-11-13 22:05:01 ----A---- C:\Windows\system32\mssphtb.dll 2012-11-13 22:05:01 ----A---- C:\Windows\system32\iernonce.dll 2012-11-13 22:05:01 ----A---- C:\Windows\system32\BdeUISrv.exe 2012-11-13 22:05:00 ----A---- C:\Windows\system32\icfupgd.dll 2012-11-13 22:05:00 ----A---- C:\Windows\system32\dhcpcsvc.dll 2012-11-13 22:04:59 ----A---- C:\Windows\system32\wfdprov.dll 2012-11-13 22:04:59 ----A---- C:\Windows\system32\wfapigp.dll 2012-11-13 22:04:59 ----A---- C:\Windows\system32\mssprxy.dll 2012-11-13 22:04:59 ----A---- C:\Windows\system32\mssitlb.dll 2012-11-13 22:04:59 ----A---- C:\Windows\system32\msscntrs.dll 2012-11-13 22:04:59 ----A---- C:\Windows\system32\jsproxy.dll 2012-11-13 22:04:59 ----A---- C:\Windows\system32\iesetup.dll 2012-11-13 22:04:58 ----A---- C:\Windows\system32\msshooks.dll 2012-11-13 22:04:58 ----A---- C:\Windows\system32\kbdhebl3.dll 2012-11-13 22:04:58 ----A---- C:\Windows\system32\drivers\mpsdrv.sys 2012-11-13 22:04:58 ----A---- C:\Windows\system32\drivers\drmk.sys 2012-11-13 22:04:57 ----A---- C:\Windows\system32\wlanhlp.dll 2012-11-13 22:04:57 ----A---- C:\Windows\system32\drivers\drmkaud.sys 2012-11-13 22:04:07 ----A---- C:\Windows\system32\wuaueng.dll 2012-11-13 22:04:06 ----A---- C:\Windows\system32\wucltux.dll 2012-11-13 22:04:06 ----A---- C:\Windows\system32\wuapi.dll 2012-11-13 22:04:06 ----A---- C:\Windows\system32\ubpm.dll 2012-11-13 22:04:06 ----A---- C:\Windows\system32\drivers\mrxsmb.sys 2012-11-13 22:04:05 ----A---- C:\Windows\system32\wuwebv.dll 2012-11-13 22:04:05 ----A---- C:\Windows\system32\WUSettingsProvider.dll 2012-11-13 22:04:05 ----A---- C:\Windows\system32\wups2.dll 2012-11-13 22:04:05 ----A---- C:\Windows\system32\wups.dll 2012-11-13 22:04:05 ----A---- C:\Windows\system32\wudriver.dll 2012-11-13 22:04:05 ----A---- C:\Windows\system32\wuauclt.exe 2012-11-13 22:04:05 ----A---- C:\Windows\system32\wuapp.exe 2012-11-13 22:04:05 ----A---- C:\Windows\system32\wuaext.dll 2012-11-13 22:04:05 ----A---- C:\Windows\system32\taskhostex.exe 2012-11-13 22:04:05 ----A---- C:\Windows\system32\taskhost.exe 2012-11-13 22:04:05 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys 2012-11-13 22:04:04 ----A---- C:\Windows\system32\wushareduxresources.dll 2012-11-13 22:03:58 ----A---- C:\Windows\system32\mfcore.dll 2012-11-13 22:03:58 ----A---- C:\Windows\system32\AudioSes.dll 2012-11-13 22:03:57 ----A---- C:\Windows\system32\EncDump.dll 2012-11-13 22:03:57 ----A---- C:\Windows\system32\audiosrv.dll 2012-11-13 22:03:57 ----A---- C:\Windows\system32\AUDIOKSE.dll 2012-11-13 22:03:57 ----A---- C:\Windows\system32\AudioEng.dll 2012-11-13 22:03:57 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll 2012-11-13 22:03:57 ----A---- C:\Windows\system32\audiodg.exe 2012-11-13 22:03:52 ----A---- C:\Windows\system32\rdpcorets.dll 2012-11-13 22:03:51 ----A---- C:\Windows\system32\srmstormod.dll 2012-11-13 22:03:51 ----A---- C:\Windows\system32\drivers\srv2.sys 2012-11-13 22:03:51 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys 2012-11-13 22:03:50 ----A---- C:\Windows\system32\srmscan.dll 2012-11-13 22:03:50 ----A---- C:\Windows\system32\srmclient.dll 2012-11-13 22:03:50 ----A---- C:\Windows\system32\dskquota.dll 2012-11-13 22:03:49 ----A---- C:\Windows\system32\srmtrace.dll 2012-11-13 22:03:49 ----A---- C:\Windows\system32\srmshell.dll 2012-11-13 22:03:49 ----A---- C:\Windows\system32\srm_ps.dll 2012-11-13 22:03:49 ----A---- C:\Windows\system32\srm.dll 2012-11-13 22:03:49 ----A---- C:\Windows\system32\rfxvmt.dll 2012-11-13 22:03:49 ----A---- C:\Windows\system32\adrclient.dll 2012-11-13 22:03:48 ----A---- C:\Windows\system32\rdpudd.dll 2012-11-13 22:03:46 ----A---- C:\Windows\system32\twinui.dll 2012-11-13 22:03:44 ----A---- C:\Windows\system32\drivers\pdc.sys 2012-11-13 22:03:44 ----A---- C:\Windows\system32\authui.dll 2012-11-13 22:03:44 ----A---- C:\Windows\system32\actxprxy.dll 2012-11-13 22:03:43 ----A---- C:\Windows\system32\mfnetsrc.dll 2012-11-13 22:03:42 ----A---- C:\Windows\system32\mfnetcore.dll 2012-11-13 22:03:42 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll 2012-11-13 22:03:41 ----A---- C:\Windows\system32\mfasfsrcsnk.dll 2012-11-13 22:03:40 ----A---- C:\Windows\system32\msmpeg2vdec.dll 2012-11-13 22:03:37 ----A---- C:\Windows\system32\mshtml.dll 2012-11-13 22:03:32 ----A---- C:\Windows\system32\ieframe.dll 2012-11-13 22:03:30 ----A---- C:\Windows\system32\iertutil.dll 2012-11-13 22:03:29 ----A---- C:\Windows\system32\urlmon.dll 2012-11-13 22:03:29 ----A---- C:\Windows\system32\ntoskrnl.exe 2012-11-13 22:03:28 ----A---- C:\Windows\system32\msfeeds.dll 2012-11-13 22:03:28 ----A---- C:\Windows\system32\halmacpi.dll 2012-11-13 22:03:28 ----A---- C:\Windows\system32\hal.dll 2012-11-13 22:00:01 ----A---- C:\Windows\system32\synceng.dll 2012-11-13 21:55:27 ----A---- C:\Windows\system32\WSService.dll 2012-11-13 21:55:15 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll 2012-11-13 21:55:01 ----A---- C:\Windows\system32\wmp.dll 2012-11-13 21:54:59 ----A---- C:\Windows\system32\d2d1.dll 2012-11-13 21:54:59 ----A---- C:\Windows\system32\AppXDeploymentServer.dll 2012-11-13 21:54:54 ----A---- C:\Windows\system32\WpcMon.exe 2012-11-13 21:54:49 ----A---- C:\Windows\system32\WinSAT.exe 2012-11-13 21:54:48 ----A---- C:\Windows\system32\vssapi.dll 2012-11-13 21:54:48 ----A---- C:\Windows\system32\d3d10warp.dll 2012-11-13 21:54:47 ----A---- C:\Windows\system32\uDWM.dll 2012-11-13 21:54:47 ----A---- C:\Windows\system32\schannel.dll 2012-11-13 21:54:47 ----A---- C:\Windows\system32\drivers\tcpip.sys 2012-11-13 21:54:45 ----A---- C:\Windows\system32\apphelp.dll 2012-11-13 21:54:44 ----A---- C:\Windows\system32\Windows.Media.Streaming.dll 2012-11-13 21:54:44 ----A---- C:\Windows\system32\MMDevAPI.dll 2012-11-13 21:54:41 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2012-11-13 21:54:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.dll 2012-11-13 21:54:38 ----A---- C:\Windows\system32\WindowsCodecs.dll 2012-11-13 21:54:38 ----A---- C:\Windows\system32\ntdll.dll 2012-11-13 21:54:38 ----A---- C:\Windows\system32\ncsi.dll 2012-11-13 21:54:37 ----A---- C:\Windows\system32\IPHLPAPI.DLL 2012-11-13 21:54:37 ----A---- C:\Windows\system32\drivers\usbport.sys 2012-11-13 21:54:35 ----A---- C:\Windows\system32\rascfg.dll 2012-11-13 21:54:34 ----A---- C:\Windows\system32\wlroamextension.dll 2012-11-13 21:54:34 ----A---- C:\Windows\system32\drivers\cnghwassist.sys 2012-11-13 21:54:33 ----A---- C:\Windows\system32\WinSATAPI.dll 2012-11-13 21:54:33 ----A---- C:\Windows\system32\fveapi.dll 2012-11-13 21:54:33 ----A---- C:\Windows\system32\fhevents.dll 2012-11-13 21:54:31 ----A---- C:\Windows\system32\winmde.dll 2012-11-13 21:54:31 ----A---- C:\Windows\system32\MFMediaEngine.dll 2012-11-13 21:54:31 ----A---- C:\Windows\system32\drivers\acpi.sys 2012-11-13 21:54:31 ----A---- C:\Windows\system32\bcdsrv.dll 2012-11-13 21:54:29 ----A---- C:\Windows\system32\WSShared.dll 2012-11-13 21:54:29 ----A---- C:\Windows\system32\WSClient.dll 2012-11-13 21:54:29 ----A---- C:\Windows\system32\wintrust.dll 2012-11-13 21:54:29 ----A---- C:\Windows\system32\drvstore.dll 2012-11-13 21:54:29 ----A---- C:\Windows\system32\drivers\USBXHCI.SYS 2012-11-13 21:54:29 ----A---- C:\Windows\system32\bisrv.dll 2012-11-13 21:54:28 ----A---- C:\Windows\system32\psmsrv.dll 2012-11-13 21:54:27 ----A---- C:\Windows\system32\WWAHost.exe 2012-11-13 21:54:27 ----A---- C:\Windows\system32\wpnprv.dll 2012-11-13 21:54:27 ----A---- C:\Windows\system32\drivers\usbhub.sys 2012-11-13 21:54:26 ----A---- C:\Windows\system32\WSSync.dll 2012-11-13 21:54:26 ----A---- C:\Windows\system32\vdsutil.dll 2012-11-13 21:54:26 ----A---- C:\Windows\system32\services.exe 2012-11-13 21:54:26 ----A---- C:\Windows\system32\MFPlay.dll 2012-11-13 21:54:25 ----A---- C:\Windows\system32\dnsapi.dll 2012-11-13 21:54:24 ----A---- C:\Windows\system32\RacEngn.dll 2012-11-13 21:54:24 ----A---- C:\Windows\system32\fveapibase.dll 2012-11-13 21:54:24 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS 2012-11-13 21:54:24 ----A---- C:\Windows\system32\drivers\msgpiowin32.sys 2012-11-13 21:54:23 ----A---- C:\Windows\system32\wmpmde.dll 2012-11-13 21:54:23 ----A---- C:\Windows\system32\TpmTasks.dll 2012-11-13 21:54:23 ----A---- C:\Windows\system32\drivers\usbehci.sys 2012-11-13 21:54:22 ----A---- C:\Windows\system32\PackageStateRoaming.dll 2012-11-13 21:54:21 ----A---- C:\Windows\system32\setbcdlocale.dll 2012-11-13 21:54:21 ----A---- C:\Windows\system32\provcore.dll 2012-11-13 21:54:21 ----A---- C:\Windows\system32\drivers\msgpioclx.sys 2012-11-13 21:54:20 ----A---- C:\Windows\system32\twinapi.dll 2012-11-13 21:54:20 ----A---- C:\Windows\system32\propsys.dll 2012-11-13 21:54:20 ----A---- C:\Windows\system32\dwmredir.dll 2012-11-13 21:54:19 ----A---- C:\Windows\system32\mmcss.dll 2012-11-13 21:54:19 ----A---- C:\Windows\system32\drivers\UCX01000.SYS 2012-11-13 21:54:19 ----A---- C:\Windows\system32\drivers\fvevol.sys 2012-11-13 21:54:19 ----A---- C:\Windows\system32\drivers\csc.sys 2012-11-13 21:54:19 ----A---- C:\Windows\system32\avrt.dll 2012-11-13 21:54:18 ----A---- C:\Windows\system32\VAN.dll 2012-11-13 21:54:18 ----A---- C:\Windows\system32\svchost.exe 2012-11-13 21:54:18 ----A---- C:\Windows\system32\microsoft-windows-kernel-power-events.dll 2012-11-13 21:54:18 ----A---- C:\Windows\system32\mfsrcsnk.dll 2012-11-13 21:54:18 ----A---- C:\Windows\system32\drivers\dumpfve.sys 2012-11-13 21:54:18 ----A---- C:\Windows\system32\combase.dll 2012-11-13 21:54:17 ----A---- C:\Windows\system32\UserLanguagesCpl.dll 2012-11-13 21:54:17 ----A---- C:\Windows\system32\HalExtIntcLpioDMA.dll 2012-11-13 21:54:17 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS 2012-11-13 21:54:17 ----A---- C:\Windows\system32\batmeter.dll 2012-11-13 21:54:17 ----A---- C:\Windows\system32\aelupsvc.dll 2012-11-13 21:54:16 ----A---- C:\Windows\system32\HalExtIntcUartDMA.dll 2012-11-13 21:54:16 ----A---- C:\Windows\system32\drivers\usbd.sys 2012-11-13 21:54:16 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2012-11-13 21:54:16 ----A---- C:\Windows\system32\drivers\dxgmms1.sys 2012-11-13 21:54:15 ----A---- C:\Windows\system32\WinTypes.dll 2012-11-13 21:54:15 ----A---- C:\Windows\system32\perfdisk.dll 2012-11-13 21:54:15 ----A---- C:\Windows\system32\drivers\tpm.sys 2012-11-13 21:54:13 ----A---- C:\Windows\system32\wpncore.dll 2012-11-13 21:54:13 ----A---- C:\Windows\system32\wlidcredprov.dll 2012-11-13 21:54:13 ----A---- C:\Windows\system32\Windows.Networking.Connectivity.dll 2012-11-13 21:54:13 ----A---- C:\Windows\system32\mfsvr.dll 2012-11-13 21:54:12 ----A---- C:\Windows\system32\user32.dll 2012-11-13 21:54:12 ----A---- C:\Windows\system32\ProximityService.dll 2012-11-13 21:54:12 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll 2012-11-13 21:54:11 ----A---- C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2012-11-13 21:54:11 ----A---- C:\Windows\system32\vds.exe 2012-11-13 21:54:11 ----A---- C:\Windows\system32\storewuauth.dll 2012-11-13 21:54:11 ----A---- C:\Windows\system32\lsass.exe 2012-11-13 21:54:11 ----A---- C:\Windows\system32\fhengine.dll 2012-11-13 21:54:10 ----A---- C:\Windows\system32\winsrv.dll 2012-11-13 21:54:10 ----A---- C:\Windows\system32\taskeng.exe 2012-11-13 21:54:10 ----A---- C:\Windows\system32\msvproc.dll 2012-11-13 21:54:10 ----A---- C:\Windows\system32\lpksetup.exe 2012-11-13 21:54:09 ----A---- C:\Windows\system32\SettingSyncHost.exe 2012-11-13 21:54:09 ----A---- C:\Windows\system32\nlasvc.dll 2012-11-13 21:54:09 ----A---- C:\Windows\system32\mfreadwrite.dll 2012-11-13 21:54:09 ----A---- C:\Windows\system32\mfh264enc.dll 2012-11-13 21:54:09 ----A---- C:\Windows\system32\fhcfg.dll 2012-11-13 21:54:09 ----A---- C:\Windows\system32\dwm.exe 2012-11-13 21:54:09 ----A---- C:\Windows\system32\dnsrslvr.dll 2012-11-13 21:54:08 ----A---- C:\Windows\system32\drvinst.exe 2012-11-13 21:54:08 ----A---- C:\Windows\system32\DAFWSD.dll 2012-11-13 21:54:07 ----A---- C:\Windows\system32\dxgi.dll 2012-11-13 21:54:06 ----A---- C:\Windows\system32\umpnpmgr.dll 2012-11-13 21:54:06 ----A---- C:\Windows\system32\perfnet.dll 2012-11-13 21:54:05 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2012-11-13 21:54:05 ----A---- C:\Windows\system32\wcncsvc.dll 2012-11-13 21:54:05 ----A---- C:\Windows\system32\fhcat.dll 2012-11-13 21:54:05 ----A---- C:\Windows\system32\d3d11.dll 2012-11-13 21:54:04 ----A---- C:\Windows\system32\webio.dll 2012-11-13 21:54:04 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll 2012-11-13 21:54:04 ----A---- C:\Windows\system32\RpcEpMap.dll 2012-11-13 21:54:04 ----A---- C:\Windows\system32\fhsvc.dll 2012-11-13 21:54:04 ----A---- C:\Windows\system32\DevPropMgr.dll 2012-11-13 21:54:03 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll 2012-11-13 21:54:03 ----A---- C:\Windows\system32\WcnApi.dll 2012-11-13 21:54:03 ----A---- C:\Windows\system32\lpremove.exe 2012-11-13 21:54:03 ----A---- C:\Windows\system32\CscMig.dll 2012-11-13 21:54:02 ----A---- C:\Windows\system32\umpo.dll 2012-11-13 21:54:02 ----A---- C:\Windows\system32\TimeBrokerServer.dll 2012-11-13 21:54:02 ----A---- C:\Windows\system32\sspicli.dll 2012-11-13 21:54:02 ----A---- C:\Windows\system32\rasdiag.dll 2012-11-13 21:54:02 ----A---- C:\Windows\system32\fhshl.dll 2012-11-13 21:54:02 ----A---- C:\Windows\system32\dafWCN.dll 2012-11-13 21:54:01 ----A---- C:\Windows\system32\nlaapi.dll 2012-11-13 21:54:01 ----A---- C:\Windows\system32\fhsrchapi.dll 2012-11-13 21:54:01 ----A---- C:\Windows\system32\fhmanagew.exe 2012-11-13 21:54:01 ----A---- C:\Windows\system32\fhlisten.dll 2012-11-13 21:54:01 ----A---- C:\Windows\system32\fhcleanup.dll 2012-11-13 21:54:01 ----A---- C:\Windows\system32\cryptdlg.dll 2012-11-13 21:54:00 ----A---- C:\Windows\system32\WcnEapAuthProxy.dll 2012-11-13 21:54:00 ----A---- C:\Windows\system32\vsstrace.dll 2012-11-13 21:54:00 ----A---- C:\Windows\system32\sdbinst.exe 2012-11-13 21:54:00 ----A---- C:\Windows\system32\OEMLicense.dll 2012-11-13 21:54:00 ----A---- C:\Windows\system32\fhtask.dll 2012-11-13 21:54:00 ----A---- C:\Windows\system32\fhsrchph.dll 2012-11-13 21:54:00 ----A---- C:\Windows\system32\fdWCN.dll 2012-11-13 21:53:59 ----A---- C:\Windows\system32\WcnEapPeerProxy.dll 2012-11-13 21:53:59 ----A---- C:\Windows\system32\vdsldr.exe 2012-11-13 21:53:59 ----A---- C:\Windows\system32\rasmxs.dll 2012-11-13 21:53:59 ----A---- C:\Windows\system32\fhautoplay.dll 2012-11-13 21:53:58 ----A---- C:\Windows\system32\rasser.dll 2012-11-13 21:53:58 ----A---- C:\Windows\system32\perfproc.dll 2012-11-13 21:53:58 ----A---- C:\Windows\system32\perfos.dll 2012-11-13 21:53:58 ----A---- C:\Windows\system32\perfctrs.dll 2012-11-13 21:53:58 ----A---- C:\Windows\system32\drivers\BthhfHid.sys 2012-11-13 21:53:57 ----A---- C:\Windows\system32\sspisrv.dll 2012-11-13 21:53:57 ----A---- C:\Windows\system32\fhsvcctl.dll 2012-11-13 21:53:57 ----A---- C:\Windows\system32\drivers\BthAvrcpTg.sys 2012-11-13 21:53:56 ----A---- C:\Windows\system32\vds_ps.dll 2012-11-13 21:53:56 ----A---- C:\Windows\system32\MUILanguageCleanup.dll 2012-11-13 21:53:56 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll 2012-11-13 21:53:56 ----A---- C:\Windows\system32\eventcls.dll 2012-11-13 21:53:56 ----A---- C:\Windows\system32\drivers\ws2ifsl.sys 2012-11-13 21:53:55 ----A---- C:\Windows\system32\spwmp.dll 2012-11-13 21:53:55 ----A---- C:\Windows\system32\shimeng.dll 2012-11-13 21:53:55 ----A---- C:\Windows\system32\lpksetupproxyserv.dll 2012-11-13 21:53:55 ----A---- C:\Windows\system32\dxmasf.dll 2012-11-13 21:53:54 ----A---- C:\Windows\system32\drivers\wanarp.sys 2012-11-13 21:53:54 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2012-11-13 21:53:54 ----A---- C:\Windows\system32\drivers\usbohci.sys 2012-11-13 21:53:54 ----A---- C:\Windows\system32\drivers\ndproxy.sys 2012-11-13 21:53:54 ----A---- C:\Windows\system32\drivers\ndistapi.sys 2012-11-13 21:53:54 ----A---- C:\Windows\system32\drivers\hdaudbus.sys 2012-11-13 21:53:54 ----A---- C:\Windows\system32\drivers\BtaMPM.sys 2012-11-13 21:53:54 ----A---- C:\Windows\system32\cdd.dll 2012-11-13 21:53:53 ----A---- C:\Windows\system32\wmploc.DLL 2012-11-13 21:53:06 ----A---- C:\Windows\system32\newdev.exe 2012-11-13 21:53:06 ----A---- C:\Windows\system32\newdev.dll 2012-11-13 21:53:06 ----A---- C:\Windows\system32\ndadmin.exe 2012-11-13 21:53:04 ----A---- C:\Windows\system32\wwansvc.dll 2012-11-13 21:53:04 ----A---- C:\Windows\system32\wwanprotdim.dll 2012-11-13 21:52:53 ----A---- C:\Windows\system32\win32k.sys 2012-11-13 21:52:51 ----A---- C:\Windows\system32\shell32.dll 2012-11-13 21:52:48 ----A---- C:\Windows\system32\ReAgentc.exe 2012-11-13 21:52:48 ----A---- C:\Windows\system32\ReAgent.dll 2012-11-13 21:47:12 ----D---- C:\Program Files\ATI Technologies 2012-11-13 21:47:09 ----D---- C:\Program Files\ATI 2012-11-13 21:45:51 ----D---- C:\ATI 2012-11-13 21:33:50 ----A---- C:\Windows\system32\SLCHook.dll 2012-11-13 21:29:15 ----A---- C:\Windows\system32\drivers\HpqKbFiltr.sys 2012-11-13 21:29:14 ----A---- C:\Windows\system32\drivers\wdfcoinstaller01005.dll 2012-11-13 21:29:07 ----RA---- C:\Windows\system32\BttnCmn.dll 2012-11-13 21:29:06 ----A---- C:\Windows\system32\BttnCmns.dll 2012-11-13 21:29:05 ----D---- C:\Program Files\Hewlett-Packard 2012-11-13 21:29:03 ----HD---- C:\Program Files\InstallShield Installation Information 2012-11-13 21:28:35 ----D---- C:\Windows\QLB 2012-11-13 21:28:28 ----D---- C:\Users\Tigerpapó\AppData\Roaming\HEXelon 2012-11-13 21:28:28 ----A---- C:\Windows\system32\drivers\vd_filedisk.sys 2012-11-13 21:25:39 ----D---- C:\Program Files\TC UP 2012-11-13 21:19:06 ----D---- C:\Users\Tigerpapó\AppData\Roaming\Skype 2012-11-13 21:18:58 ----D---- C:\Program Files\Common Files\Skype 2012-11-13 21:18:51 ----RD---- C:\Program Files\Skype 2012-11-13 21:17:50 ----D---- C:\ProgramData\Skype 2012-11-13 21:16:11 ----D---- C:\Program Files\Synaptics 2012-11-13 21:12:52 ----D---- C:\Program Files\AuthenTec 2012-11-13 20:58:50 ----D---- C:\Users\Tigerpapó\AppData\Roaming\Macromedia 2012-11-13 20:57:31 ----A---- C:\Windows\system32\netcfg-917171.txt 2012-11-13 20:55:33 ----A---- C:\Windows\system32\netcfg-798843.txt 2012-11-13 20:54:15 ----A---- C:\Windows\system32\PerfStringBackup.INI 2012-11-13 20:52:37 ----D---- C:\Users\Tigerpapó\AppData\Roaming\Adobe 2012-11-13 20:48:46 ----D---- C:\ProgramData\PRICache 2012-11-13 20:48:25 ----SD---- C:\Users\Tigerpapó\AppData\Roaming\Microsoft 2012-11-13 20:47:49 ----D---- C:\Windows\CSC 2012-11-13 20:45:28 ----D---- C:\Windows\SoftwareDistribution 2012-11-13 20:44:19 ----A---- C:\Windows\system32\netcfg-127140.txt 2012-11-13 20:42:46 ----SHD---- C:\ProgramData\Sablonok 2012-11-13 20:42:46 ----SHD---- C:\ProgramData\Dokumentumok 2012-11-13 20:42:46 ----SHD---- C:\ProgramData\Asztal 2012-11-13 20:42:20 ----ASH---- C:\hiberfil.sys 2012-11-13 20:40:45 ----A---- C:\Windows\system32\netcfg-150609.txt 2012-11-13 20:40:44 ----A---- C:\Windows\system32\netcfg-149812.txt 2012-11-13 20:40:40 ----A---- C:\Windows\system32\netcfg-145296.txt 2012-11-13 20:40:34 ----A---- C:\Windows\system32\netcfg-139531.txt 2012-11-13 20:40:32 ----A---- C:\Windows\system32\netcfg-138140.txt 2012-11-13 20:40:32 ----A---- C:\Windows\system32\netcfg-137687.txt 2012-11-13 20:40:31 ----A---- C:\Windows\system32\netcfg-137203.txt 2012-11-13 20:40:31 ----A---- C:\Windows\system32\netcfg-136609.txt 2012-11-13 20:40:31 ----A---- C:\Windows\system32\netcfg-136281.txt 2012-11-13 20:40:30 ----A---- C:\Windows\system32\netcfg-135875.txt 2012-11-13 20:40:30 ----A---- C:\Windows\system32\netcfg-135453.txt 2012-11-13 20:40:28 ----A---- C:\Windows\system32\netcfg-133890.txt 2012-11-13 20:40:26 ----A---- C:\Windows\system32\netcfg-132031.txt 2012-11-13 20:39:20 ----D---- C:\Windows\Prefetch 2012-11-13 20:38:29 ----ASH---- C:\swapfile.sys 2012-11-13 20:38:29 ----ASH---- C:\pagefile.sys 2012-11-13 20:38:26 ----SHD---- C:\System Volume Information 2012-11-13 20:37:15 ----D---- C:\Windows\Panther 2012-11-02 00:07:02 ----A---- C:\Windows\system32\drivers\avgwfpx.sys 2012-10-26 04:17:44 ----A---- C:\Windows\system32\drivers\avgbootx.sys 2012-10-22 13:02:46 ----A---- C:\Windows\system32\drivers\avgidsdriverx.sys 2012-10-15 03:48:52 ----A---- C:\Windows\system32\drivers\avgidshx.sys 2012-10-05 03:32:50 ----A---- C:\Windows\system32\drivers\avgmfx86.sys 2012-10-02 03:30:38 ----A---- C:\Windows\system32\drivers\avgldx86.sys 2012-09-21 03:46:00 ----A---- C:\Windows\system32\drivers\avglogx.sys 2012-09-14 03:05:20 ----A---- C:\Windows\system32\drivers\avgrkx86.sys 2012-08-30 08:52:28 ----A---- C:\Windows\system32\WdfCoinstaller01009.dll 2012-08-30 08:52:28 ----A---- C:\Windows\system32\drivers\ATSwpWDF.sys ======List of files/folders modified in the last 3 months====== 2012-11-27 17:23:13 ----RD---- C:\Program Files 2012-11-27 17:02:50 ----D---- C:\Windows\system32\sru 2012-11-27 09:10:54 ----D---- C:\Windows\Temp 2012-11-26 22:26:56 ----D---- C:\Windows\Microsoft.NET 2012-11-25 20:50:21 ----SHD---- C:\Windows\Installer 2012-11-25 20:48:27 ----HD---- C:\Windows\ELAMBKUP 2012-11-25 20:48:27 ----D---- C:\Windows\system32\Drivers 2012-11-25 20:48:07 ----D---- C:\Windows\system32\config 2012-11-25 20:38:23 ----HD---- C:\ProgramData 2012-11-25 20:38:08 ----D---- C:\Program Files\Common Files 2012-11-25 20:34:34 ----RD---- C:\Windows\System32 2012-11-25 20:34:34 ----D---- C:\Program Files\Common Files\microsoft shared 2012-11-23 10:20:01 ----D---- C:\Windows\AUInstallAgent 2012-11-23 10:17:59 ----HD---- C:\Program Files\WindowsApps 2012-11-23 01:04:04 ----D---- C:\Windows\inf 2012-11-20 09:44:43 ----D---- C:\Windows\Logs 2012-11-16 21:02:20 ----D---- C:\Windows\system32\LogFiles 2012-11-16 11:40:00 ----D---- C:\Windows\rescache 2012-11-16 11:32:09 ----RSD---- C:\Windows\assembly 2012-11-16 00:13:20 ----RSD---- C:\Windows\Fonts 2012-11-15 23:30:34 ----D---- C:\Windows\system32\DriverStore 2012-11-15 23:30:34 ----D---- C:\Windows\system32\catroot 2012-11-15 22:55:36 ----D---- C:\Windows\debug 2012-11-15 21:37:33 ----D---- C:\Windows\WinSxS 2012-11-15 21:34:04 ----D---- C:\Windows 2012-11-15 21:27:24 ----SD---- C:\ProgramData\Microsoft 2012-11-15 20:25:55 ----SHD---- C:\$Recycle.Bin 2012-11-15 19:16:10 ----D---- C:\Windows\CbsTemp 2012-11-15 18:39:46 ----D---- C:\Windows\system32\WinBioDatabase 2012-11-14 18:05:55 ----D---- C:\Windows\system32\MUI 2012-11-14 18:05:55 ----D---- C:\Windows\system32\hu-HU 2012-11-14 15:53:42 ----D---- C:\Windows\Tasks 2012-11-14 15:53:42 ----D---- C:\Windows\system32\Tasks 2012-11-14 09:27:53 ----A---- C:\Windows\win.ini 2012-11-14 09:27:14 ----D---- C:\Windows\ShellNew 2012-11-14 09:26:21 ----D---- C:\Program Files\Common Files\System 2012-11-14 09:24:35 ----D---- C:\Program Files\Microsoft.NET 2012-11-14 09:21:51 ----D---- C:\Windows\System 2012-11-13 23:05:49 ----D---- C:\Windows\system32\wdi 2012-11-13 23:00:48 ----D---- C:\Windows\WinStore 2012-11-13 23:00:47 ----RD---- C:\Windows\ToastData 2012-11-13 23:00:45 ----D---- C:\Windows\system32\wbem 2012-11-13 23:00:43 ----D---- C:\Program Files\Internet Explorer 2012-11-13 23:00:40 ----D---- C:\Windows\PolicyDefinitions 2012-11-13 23:00:39 ----D---- C:\Windows\system32\migration 2012-11-13 23:00:39 ----D---- C:\Windows\system32\en-US 2012-11-13 23:00:39 ----D---- C:\Windows\system32\Boot 2012-11-13 23:00:35 ----D---- C:\Windows\apppatch 2012-11-13 22:59:53 ----RD---- C:\Windows\ImmersiveControlPanel 2012-11-13 22:59:50 ----D---- C:\Windows\system32\oobe 2012-11-13 22:59:21 ----D---- C:\Program Files\Windows Media Player 2012-11-13 22:35:45 ----D---- C:\Windows\system32\catroot2 2012-11-13 22:35:18 ----D---- C:\Windows\system32\drivers\UMDF 2012-11-13 21:28:46 ----D---- C:\Windows\system32\restore 2012-11-13 21:12:52 ----D---- C:\Windows\system32\WinBioPlugIns 2012-11-13 20:53:44 ----D---- C:\Windows\system32\CodeIntegrity 2012-11-13 20:48:08 ----RD---- C:\Users 2012-11-13 20:42:53 ----D---- C:\Windows\system32\Recovery 2012-11-13 20:42:46 ----D---- C:\Program Files\Windows NT 2012-10-01 20:30:05 ----A---- C:\Windows\system32\slwga.dll 2012-09-19 12:43:57 ----A---- C:\Windows\system32\slmgr.vbs ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\Windows\System32\drivers\ACPI.sys [2012-09-20 338152] R0 acpiex;Microsoft ACPIEx Driver; C:\Windows\System32\Drivers\acpiex.sys [2012-07-26 58608] R0 atapi;@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel; C:\Windows\System32\drivers\atapi.sys [2012-07-26 22768] R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-10-15 55776] R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2012-09-21 177376] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2012-10-05 93536] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-09-14 35552] R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\Windows\System32\drivers\CLFS.sys [2012-07-26 256240] R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys [2012-10-11 493136] R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\Windows\System32\drivers\disk.sys [2012-07-26 84208] R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\Windows\System32\drivers\fileinfo.sys [2012-07-26 59632] R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\Windows\system32\drivers\fltmgr.sys [2012-07-26 293104] R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys [2012-09-20 407272] R0 KSecDD;KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [2012-09-20 81128] R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [2012-10-11 155880] R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\Windows\System32\drivers\mountmgr.sys [2012-07-26 78064] R0 msisadrv;msisadrv; C:\Windows\System32\drivers\msisadrv.sys [2012-07-26 15088] R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\Windows\System32\Drivers\mup.sys [2012-07-26 57584] R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\Windows\system32\drivers\ndis.sys [2012-10-11 829672] R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\Windows\System32\drivers\partmgr.sys [2012-07-26 74992] R0 pci;@machine.inf,%pci_svcdesc%;PCI Bus Driver; C:\Windows\System32\drivers\pci.sys [2012-07-26 191216] R0 pciide;pciide; C:\Windows\System32\drivers\pciide.sys [2012-07-26 13552] R0 pcmcia;pcmcia; C:\Windows\System32\drivers\pcmcia.sys [2012-07-26 194288] R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys [2012-07-26 43760] R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\Windows\system32\drivers\pdc.sys [2012-10-18 58088] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2012-07-26 173296] R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\Windows\System32\drivers\spaceport.sys [2012-07-26 238320] R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\Windows\System32\drivers\tcpip.sys [2012-09-20 1817320] R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\Windows\System32\drivers\vdrvroot.sys [2012-07-26 32496] R0 volmgr;@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver; C:\Windows\System32\drivers\volmgr.sys [2012-07-26 66288] R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\Windows\System32\drivers\volmgrx.sys [2012-07-26 313072] R0 volsnap;@volume.inf,%VolumeClassName%;Storage volumes; C:\Windows\System32\drivers\volsnap.sys [2012-07-26 282352] R0 Wdf01000;@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000; C:\Windows\system32\drivers\Wdf01000.sys [2012-07-26 526952] R0 WFPLWFS;@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000; C:\Windows\system32\DRIVERS\wfplwfs.sys [2012-07-26 38640] |
Szerző: | tigerpapo [ kedd nov. 27, 2012 17:51 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Köszönöm a segítséget! Logfile of random's system information tool 1.09 (written by random/random) Run by Tigerpapó at 2012-11-27 17:23:12 Microsoft Windows 8 Pro System drive C: has 4 GB (22%) free of 20 GB Total RAM: 1407 MB (41% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:24:58, on 2012.11.27. Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16442) Boot mode: Normal Running processes: C:\Windows\system32\taskhostex.exe C:\Windows\Explorer.EXE C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\LiveComm.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe C:\Program Files\TeamViewer\Version8\TeamViewer.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Optimizer Pro\OptProReminder.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Windows\System32\StikyNot.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Windows\system32\wwahost.exe C:\Program Files\TC UP\TOTALCMD.EXE C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\AuthenTec TrueSuite\TouchControl.exe C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe C:\Users\Tigerpapó\Desktop\RSIT.exe C:\Program Files\trend micro\Tigerpapó.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Download and Sa - {6A992045-F89F-D05D-90AC-98DFBAD6915C} - C:\ProgramData\Download and Sa\50a35a26d9da0.ocx O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{6D004E0B-3D07-4B30-AF89-88866A615897}: NameServer = 192.168.111.1 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @oem5.inf,%AEADISRV.SvcDesc%;Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: @%SystemRoot%\System32\AUInstallAgent.dll,-101 (AllUserInstallAgent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: TrueSuiteService (FPLService) - AuthenTec, Inc - C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @C:\Windows\system32\spool\DRIVERS\W32X86\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-101 (vmicheartbeat) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-201 (vmickvpexchange) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-601 (vmicrdv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-301 (vmicshutdown) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-401 (vmictimesync) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-501 (vmicvss) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%SystemRoot%\system32\WSService.dll,-103 (WSService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 23040 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\OptimizerProUpdaterTask{0FA739D6-3C36-41B5-8E37-0F526C2CA50C}.job =========Mozilla firefox========= ProfilePath - C:\Users\Tigerpapó\AppData\Roaming\Mozilla\Firefox\Profiles\69qcs08a.default prefs.js - "browser.startup.homepage" - "https://www.facebook.com/?ref=tn_tnmn" prefs.js - "keyword.URL" - "http://isearch.avg.com/search?cid={BF2948A0-7584-4F59-AB2A-8654275D50F4}&mid=276e5e5a694d47d08c1bd15ee23db7bc-a95ce77744607960daeec6bcc56ec65e12eb2db0&lang=hu&ds=AVG&pr=fr&d=2012-11-25 20:38:12&v=13.2.0.4&sap=ku&q=" "avg@toolbar"=C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.5.502.110 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] "Description"= "Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll C:\Program Files\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files\Mozilla Firefox\searchplugins\ avg-secure-search.xml creativecommons.xml eBay-hu.xml google.xml sztaki-en-hu.xml vatera.xml wikipedia-hu.xml C:\Users\Tigerpapó\AppData\Roaming\Mozilla\Firefox\Profiles\69qcs08a.default\extensions\ 50a35a26d9c1a@50a35a26d9c52.com {b9db16a4-6edc-47ec-a1f4-b86292ed211d} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A992045-F89F-D05D-90AC-98DFBAD6915C}] Download and Sa Class - C:\ProgramData\Download and Sa\50a35a26d9da0.ocx [2012-11-14 129024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] AVG Security Toolbar - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-11-26 1796552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-11-26 1796552] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-13 774233] "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800] "SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-02-21 1183744] "AVG_UI"=C:\Program Files\AVG\AVG2013\avgui.exe [2012-11-06 3143800] "vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-11-26 997320] "ROC_roc_ssl_v12"=C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe [2012-11-25 1020512] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-11-09 17877168] "Optimizer Pro"=C:\Program Files\Optimizer Pro\OptProLauncher.exe [2012-10-21 81952] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912] "RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2012-07-26 335360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "PromptOnSecureDesktop"=0 "ConsentPromptBehaviorAdmin"=0 "EnableCursorSuppression"=1 "EnableUIADesktopToggle"=0 "ConsentPromptBehaviorUser"=3 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.yuy2"=msyuv.dll "vidc.i420"=iyuv_32.dll "vidc.cvid"=iccvid.dll "vidc.yvyu"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "vidc.uyvy"=msyuv.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "vidc.tscc"=tsccvid.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* |
Szerző: | stell [ kedd nov. 27, 2012 8:56 ] |
Hozzászólás témája: | Re: BackDoor.Dorkbot vírus |
Udv. Tedd ide az RSIT naplojat, http://virus-stell.blogspot.sk/2010/04/rsit.html |
Szerző: | tigerpapo [ hétf. nov. 26, 2012 20:45 ] |
Hozzászólás témája: | BackDoor.Dorkbot vírus |
Hali! Történt egy kis probléma! Valahonnan összeszedtem a pendrive-omon egy BackDoor.Dorkbot nevezetű vírust és az AVG automatikusan jelezte a problémát. Fontos lenne valahogy megmentenem a fájlokat, amelyeket .ink kiterjesztésben lát az AVG. Tud valaki segítséget ehhez a váratlan és elég nagy problémához? előre is köszönöm! |
Oldal: 1 / 1 | Időzóna: UTC + 1 óra |
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |