Megválaszolatlan hozzászólások | Aktív témák Pontos idő: csüt. márc. 28, 2024 9:55



Hozzászólás a témához  [ 40 hozzászólás ] 
Vírus ???? TOP secret vbe file 
Szerző Üzenet
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Vírus ???? TOP secret vbe file
Igen a tobbi programokat siman torold ki,
Virusvedelem, az Free AVAST, Vagy a FREE AVIRA.
Nincsen mitt koszonod.
Udv.


pén. feb. 08, 2013 18:46
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
Kedves Stell!

Úgy látom, hogy minden rendben.
Indul a gép szépen, nem hozott fel semmi problémát.
Újra kipróbáltam a Pen drivet, nem rakta fel a Top Secretet.
A három letöltött programmal mit tegyek? Vegyem le a gépről? ( ezeket gondolom csak simán el kell távolítani nem kell átírni a nevüket)

Ha tényleg ennyi és szerinted jó, akkor már én is nyugodt vagyok.

Köszönöm szépen, hogy segítettél és kitartóan végigvezettél a folyamatokon.

Remélem egyszer akarva akaratlaul is összefutunk valahol és akkor egy pár jópofa sörre a vendégem leszel. :)

Köszönök mindent.


pén. feb. 08, 2013 16:50
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
Rendben megcsinálom és jövök vissza.


pén. feb. 08, 2013 16:24
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Vírus ???? TOP secret vbe file
Ok, a combofix kitisztitota a tobbi virusoktol.
Nevezd att a combo fix ikonjat uninstall
Es futtasd , klik, ok,ok,ok, a combofix letelepitodik a geprol, es ha nincsen mar tobb problem a geppel, akkor ez minden.


pén. feb. 08, 2013 16:22
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\UA000079.DLL
c:\windows\UA000080.DLL
.
.
((((((((((((((((((((((((( Files Created from 2013-01-08 to 2013-02-08 )))))))))))))))))))))))))))))))
.
.
2013-02-08 15:03 . 2013-02-08 15:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-02-08 15:03 . 2013-02-08 15:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-08 13:33 . 2013-01-18 11:15 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D9A4125C-BDFA-4C02-9BFD-4217CB18C978}\mpengine.dll
2013-02-07 18:30 . 2013-02-07 18:38 -------- d-----w- C:\UsbFix
2013-02-07 17:14 . 2013-02-07 17:14 -------- d-----w- C:\rsit
2013-02-07 17:14 . 2013-02-07 17:14 -------- d-----w- c:\program files\trend micro
2013-02-06 17:02 . 2013-02-06 17:02 -------- d-----w- c:\users\Dala Éles\AppData\Local\ESET
2013-02-03 14:33 . 2013-02-03 14:33 -------- d-----w- c:\users\Dala Éles\AppData\Local\Avg2013
2013-02-03 11:35 . 2013-02-03 11:35 -------- d-----w- c:\users\Dala Éles\AppData\Roaming\TuneUp Software
2013-02-03 11:27 . 2013-02-03 14:34 -------- d-----w- c:\programdata\MFAData
2013-02-03 11:27 . 2013-02-03 11:27 -------- d--h--w- c:\programdata\Common Files
2013-02-03 11:27 . 2013-02-03 11:27 -------- d-----w- c:\users\Dala Éles\AppData\Local\MFAData
2013-02-01 20:20 . 2013-02-01 20:58 -------- d-----w- c:\programdata\AVAST Software
2013-01-29 19:00 . 2013-01-29 19:00 -------- d-----w- c:\program files\Common Files\Borland Shared
2013-01-21 15:36 . 2013-01-21 15:36 -------- d-----w- c:\program files (x86)\uTorrent
2013-01-21 15:35 . 2013-02-06 18:23 -------- d-----w- c:\users\Dala Éles\AppData\Roaming\uTorrent
2013-01-19 20:54 . 2013-01-19 20:54 -------- d-----w- c:\program files (x86)\Bonjour
2013-01-19 20:49 . 2013-01-19 20:49 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2013-01-15 21:11 . 2013-01-15 21:11 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-01-09 15:59 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 15:59 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-09 15:59 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 15:59 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-01-09 15:59 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-09 15:59 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-09 15:59 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 15:59 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-09 15:59 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 15:59 . 2012-11-22 04:45 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2013-01-09 15:57 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 14:57 . 2011-07-15 12:58 25640 ----a-w- c:\windows\gdrv.sys
2013-02-08 14:29 . 2012-10-07 17:52 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-02-08 14:29 . 2012-10-07 17:52 462672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-02-08 14:18 . 2012-05-03 18:22 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-08 14:18 . 2011-07-15 13:03 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-17 00:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-15 18:40 . 2012-09-23 14:50 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-01-09 17:00 . 2012-09-23 14:50 462672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-01-09 16:01 . 2011-07-15 13:08 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-29 10:34 . 2012-10-10 20:23 1504696 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-12-29 10:34 . 2012-10-10 20:23 2824656 ----a-w- c:\windows\system32\nvapi64.dll
2012-12-29 10:34 . 2012-10-10 20:23 15052368 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-12-29 10:34 . 2012-01-06 15:53 1813432 ----a-w- c:\windows\system32\nvdispco64.dll
2012-12-29 08:40 . 2011-07-15 13:21 6382008 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-29 08:40 . 2011-07-15 13:21 3455416 ----a-w- c:\windows\system32\nvsvc64.dll
2012-12-29 08:40 . 2012-01-06 15:54 2558392 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-29 08:40 . 2011-07-15 13:21 884152 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-29 08:40 . 2011-07-15 13:21 63928 ----a-w- c:\windows\system32\nvshext.dll
2012-12-29 08:40 . 2011-07-15 13:21 118712 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-29 01:54 . 2012-12-29 01:54 550328 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-12-22 15:58 . 2012-03-01 18:15 560184 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-12-16 17:11 . 2012-12-21 18:03 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 18:03 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 18:03 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 18:03 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-11-30 04:45 . 2013-01-09 15:57 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-12 14:49 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 14:49 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 14:49 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 14:49 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 14:49 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 14:49 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 14:49 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 14:49 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 14:49 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 14:49 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 14:49 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 14:49 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 14:49 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 14:49 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 14:49 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 14:49 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-12 14:49 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 14:49 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 14:49 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 14:49 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 14:49 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 14:49 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2006-05-03 10:06 163328 --sha-w- c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47 31232 --sha-w- c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30 216064 --sha-w- c:\windows\SysWOW64\nbDX.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0F3DC9E0-C459-4a40-BCF8-747BD9322E10}"= "c:\program files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll" [2010-11-24 165776]
.
[HKEY_CLASSES_ROOT\clsid\{0f3dc9e0-c459-4a40-bcf8-747bd9322e10}]
[HKEY_CLASSES_ROOT\AddressBarSearch.SearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E8E0178-00EF-413d-9324-E7B3E31572E3}]
[HKEY_CLASSES_ROOT\AddressBarSearch.SearchHook]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-18 911160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"STCAgent"="c:\program files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe" [2010-11-24 776064]
"ZyngaGamesAgent"="c:\program files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" [2010-11-15 841544]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
c:\users\Dala Éles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 – Képernyőrész kivágása és gyorsindítás.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 245120]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GoGear SA3MXX Device Manager.lnk - c:\program files (x86)\Philips\GoGear SA3MXX Device Manager\main.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2011-09-13 25640]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2011-09-14 30528]
R3 nmwcdcjx64;Nokia USB Port;c:\windows\system32\drivers\nmwcdcjx64.sys [2007-02-22 17408]
R3 nmwcdcmx64;Nokia USB Modem;c:\windows\system32\drivers\nmwcdcmx64.sys [2007-02-22 17408]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\nmwcdcx64.sys [2007-02-22 12288]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\nmwcdx64.sys [2007-02-22 173056]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows aktiválási technológiák szolgáltatás;c:\windows\system32\Wat\WatAdminSvc.exe [2011-07-15 1255736]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
S2 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
S2 SCBackService;Splashtop Connect Service;c:\program files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S2 WCUService_STC_FF;Splashtop Connect Firefox Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [2011-03-24 493384]
S2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-01-26 39808]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-01-26 64256]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-03 14:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-21 444752]
.
[HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-04 11772520]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"="c:\program files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe" [2010-08-23 2552320]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.startlap.hu/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportálás a Microsoft Excel programba - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Kül&dés a OneNote programba - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{f999a48b-1950-4d81-9971-79018f807b4b} - (no file)
Wow6432Node-HKLM-Run-NWEReboot - (no file)
Wow6432Node-HKU-Default-Run-Nokia.PCSync - c:\program files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-02-08 16:06:41
ComboFix-quarantined-files.txt 2013-02-08 15:06
.
Pre-Run: 422 275 158 016 bájt szabad
Post-Run: 421 794 627 584 bájt szabad
.
- - End Of File - - 29FF9C0B0857A9A3A4D4E53226878E9B


pén. feb. 08, 2013 16:17
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Vírus ???? TOP secret vbe file
Tolds le ezt a Friss verziot.
http://www.bleepingcomputer.com/download/combofix/
Ez mar nem fog frissiteni, es futtasd le az Net nelkul, futtatod es mindig, klik, ok,ok, ok, es vard meg a naplojat.magatol majd kinyillik. tedd ide.


pén. feb. 08, 2013 15:29
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
Kedves Stell.

2 problémám lenne ezzel a programmal.

1:
Olvasom ennek a programnak a leírását és azt írja, hogy állandó internet kapcsolat kell.
Sajnos az én netem nem ilyen.
Ha újraindúl a gép nem fog automatikusan fellépni a netre mert a NET hozzáférésem "betárcsázós" fajta.
Tehát míg nem mondom neki, hogy lépjen fel nem fog fellépni.

Windows 7 van nekem.

2:Nincs itthon a telepítő lemezem.

Mit tegyek?


pén. feb. 08, 2013 14:58
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
Készítem és már itt is vagyok.


pén. feb. 08, 2013 14:29
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Vírus ???? TOP secret vbe file
Virus irtas, virus irtoval nem er semmit se, a virus irto arra van hogy vedje a gepet az ismert virusoktol,
Ahogy irtam az ADW cleaneral kitoroltuk a csomo rosz es veszejes Toolbarokat, az USBFIX meg kiolte a Fergeket, de meg lehet ott valami, ezert futtasd le a Combofixet, a naplojat tedd idde. Majd holnap megnezem a naplojat.es ha van meg valami akkor kioljuk.
A combofix Utasitasa. TItt van
http://www.geekstogo.com/forum/files/do ... x-by-subs/
http://virus-stell.blogspot.sk/2010/04/combofix.html


csüt. feb. 07, 2013 20:44
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
Féltem, hogy nem törölt ki mindent.
Akkor más vírus már nincs?


csüt. feb. 07, 2013 20:38
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
Tegnap csináltam egy vírusírtást de, nem voltam nyugodt.


csüt. feb. 07, 2013 20:37
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Vírus ???? TOP secret vbe file
Na mi a helyzet, ??en nem latom sehol se ezt a Topsecret filet, amugy a gepeden es a pedriven is FEREG volt, de ki toroltuk,


csüt. feb. 07, 2013 20:34
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
############################## | UsbFix V 7.104 | [Deletion]

User: Dala Éles (Administrator) # DELFINEK
Updated 06/02/2013 by El Desaparecido
Started at 19:35:48 | 07/02/2013

Website: http://sosvirus.org/index.php
Contact: contact@sosvirus.org

PC: Gigabyte Technology Co., Ltd. (HA65M-UD3H-B3) (x64-based PC)
CPU: Intel(R) Core(TM) i5-2310 CPU @ 2.90GHz (3101)
RAM -> [Total : 4079 | Free : 2729]
BIOS: Award Modular BIOS v6.00PG
BOOT: Normal boot

OS: Microsoft Windows 7 Professional (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: ESET NOD32 Antivirus 6.0 [Enabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 454 Gb (395 Mb free - 87%) [rendszer1] # NTFS
D:\ -> Fixed drive # 477 Gb (91 Mb free - 19%) [rendszer2] # NTFS
E:\ -> CD-ROM
F:\ -> Removable drive # 4 Gb (4 Mb free - 100%) [] # FAT32
G:\ -> Removable drive # 971 Mb (971 Mb free - 100%) [] # FAT
H:\ -> Fixed drive # 466 Gb (408 Mb free - 88%) [Laci] # NTFS
I:\ -> Fixed drive # 466 Gb (292 Mb free - 63%) [Laci 2] # NTFS
J:\ -> Removable drive # 7 Gb (7 Mb free - 100%) [EOS_DIGITAL] # FAT32

################## | Active Processes |

C:\Windows\system32\csrss.exe (508)
C:\Windows\system32\wininit.exe (568)
C:\Windows\system32\csrss.exe (592)
C:\Windows\system32\services.exe (636)
C:\Windows\system32\winlogon.exe (660)
C:\Windows\system32\lsass.exe (688)
C:\Windows\system32\lsm.exe (696)
C:\Windows\system32\svchost.exe (800)
C:\Windows\system32\svchost.exe (928)
C:\Windows\System32\svchost.exe (128)
C:\Windows\System32\svchost.exe (328)
C:\Windows\system32\svchost.exe (512)
C:\Windows\system32\svchost.exe (1108)
C:\Windows\system32\svchost.exe (1216)
C:\Windows\system32\svchost.exe (1364)
C:\Windows\system32\Dwm.exe (1712)
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (1420)
C:\Windows\system32\svchost.exe (1392)
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (432)
C:\Windows\system32\svchost.exe (3408)
C:\Windows\system32\wbem\unsecapp.exe (3568)
C:\Windows\sysWOW64\wbem\wmiprvse.exe (3656)
C:\Windows\System32\svchost.exe (4932)
C:\Windows\system32\wbem\wmiprvse.exe (4452)
C:\Windows\System32\svchost.exe (3164)
C:\Windows\System32\WUDFHost.exe (1176)
C:\Windows\System32\rundll32.exe (3992)
C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe (2816)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (1304)
C:\Program Files\Windows Media Player\wmpnetwk.exe (4236)
C:\Windows\system32\SearchIndexer.exe (4552)
C:\Windows\system32\SearchFilterHost.exe (2612)
C:\Windows\system32\SearchProtocolHost.exe (3952)
C:\Windows\system32\wbem\wmiprvse.exe (4896)
C:\Windows\System32\spoolsv.exe (4224)
C:\Windows\Explorer.exe (4576)
C:\totalcmd\TOTALCMD.EXE (2132)
C:\UsbFix\Go.exe (3380)
C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe (3252)

################## | Stopped processes |

Stopped! C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (1420)
Stopped! C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (432)
Stopped! C:\Windows\System32\WUDFHost.exe (1176)
Stopped! C:\Windows\System32\rundll32.exe (3992)
Stopped! C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe (2816)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (1304)
Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (4236)
Stopped! C:\Windows\system32\SearchIndexer.exe (4552)
Stopped! C:\Windows\system32\SearchFilterHost.exe (2612)
Stopped! C:\Windows\system32\SearchProtocolHost.exe (3952)
Stopped! C:\Windows\System32\spoolsv.exe (4224)
Stopped! C:\totalcmd\TOTALCMD.EXE (2132)
Stopped! C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe (3252)

################## | Files # Infected Folders |

Deleted ! C:\$RECYCLE.BIN\S-1-5-21-3815208889-3533261210-2575997103-1000
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-3815208889-3533261210-2575997103-1000
Deleted ! H:\$RECYCLE.BIN\S-1-5-21-3815208889-3533261210-2575997103-1000
Deleted ! H:\Recycler\S-1-5-21-123802223-690894123-961307353-1172
Deleted ! H:\Recycler\S-1-5-21-1708537768-448539723-682003330-1004
Deleted ! H:\Recycler\S-1-5-21-299502267-484763869-725345543-1004
Deleted ! I:\$RECYCLE.BIN\S-1-5-21-3815208889-3533261210-2575997103-1000
Deleted ! I:\Recycler\S-1-5-21-123802223-690894123-961307353-1172
Deleted ! I:\Recycler\S-1-5-21-1708537768-448539723-682003330-1004
Deleted ! I:\Recycler\S-1-5-21-299502267-484763869-725345543-1004

(!) Temporary files deleted.

################## | Registry |


################## | Mountpoints2 |


################## | Listing |

[07/02/2013 - 19:38:57 | SHD ] C:\$Recycle.Bin
[18/09/2011 - 18:32:06 | N | 899205] C:\adorage-protocol.txt
[07/02/2013 - 19:02:13 | N | 9215] C:\AdwCleaner[S1].txt
[14/09/2011 - 18:22:58 | N | 107] C:\AUTOEXEC.BAT
[07/02/2013 - 19:34:18 | RASHD ] C:\Autorun.inf
[14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings
[11/03/2012 - 18:11:51 | D ] C:\downloads
[07/02/2013 - 19:03:38 | ASH | 3208142848] C:\hiberfil.sys
[26/01/2013 - 14:34:59 | N | 5392702] C:\img034.bmp
[26/01/2013 - 14:35:46 | N | 2406946] C:\img035.bmp
[15/07/2011 - 13:49:32 | D ] C:\Intel
[02/02/2013 - 20:15:32 | RHD ] C:\MSOCache
[06/11/2012 - 16:06:55 | D ] C:\My Music
[15/07/2011 - 14:20:11 | D ] C:\NVIDIA
[07/02/2013 - 19:03:42 | ASH | 4277526528] C:\pagefile.sys
[18/09/2011 - 15:04:23 | D ] C:\PerfLogs
[07/02/2013 - 18:14:13 | D ] C:\Program Files
[07/02/2013 - 19:02:09 | D ] C:\Program Files (x86)
[07/02/2013 - 19:02:09 | HD ] C:\ProgramData
[06/02/2013 - 18:58:47 | D ] C:\Programok
[15/07/2011 - 13:46:56 | SHD ] C:\Recovery
[07/02/2013 - 18:14:41 | D ] C:\rsit
[06/02/2013 - 17:19:17 | SHD ] C:\System Volume Information
[07/02/2013 - 18:55:09 | N | 133134] C:\TDSSKiller.2.8.15.0_07.02.2013_18.54.49_log.txt
[15/01/2013 - 22:09:05 | D ] C:\temp
[28/04/2012 - 17:08:46 | D ] C:\tmp
[02/02/2013 - 20:22:12 | D ] C:\totalcmd
[07/02/2013 - 19:38:57 | D ] C:\UsbFix
[07/02/2013 - 19:39:29 | A | 6212] C:\UsbFix [Clean 2] DELFINEK.txt
[08/12/2012 - 19:46:25 | D ] C:\Users
[07/02/2013 - 18:03:33 | D ] C:\Windows
[07/02/2013 - 19:38:57 | SHD ] D:\$RECYCLE.BIN
[01/01/2013 - 22:33:32 | N | 15057] D:\2013 .xlsx
[27/01/2013 - 17:04:25 | D ] D:\50. házassági évforduló
[30/01/2013 - 17:25:03 | N | 3920456] D:\Akácos út.mp3
[08/09/2011 - 13:08:04 | N | 10840] D:\AlbumArtSmall.jpg
[07/02/2013 - 19:34:18 | RASHD ] D:\Autorun.inf
[01/02/2013 - 19:35:12 | N | 3973537] D:\Bubamara.mp3
[05/01/2013 - 19:00:52 | D ] D:\CD zenék mentése
[21/11/2012 - 18:26:11 | N | 19343] D:\Cím.docx
[15/01/2013 - 22:06:21 | D ] D:\Driver
[28/10/2011 - 14:15:46 | D ] D:\DVD szerkesztés
[30/12/2012 - 10:10:02 | D ] D:\Film
[08/09/2011 - 13:08:04 | N | 49109] D:\Folder.jpg
[30/12/2012 - 10:10:05 | D ] D:\Fényképek
[30/12/2012 - 12:09:13 | D ] D:\Fényképek2
[23/01/2013 - 16:55:20 | D ] D:\Fényképek3
[07/02/2013 - 18:30:55 | N | 46665] D:\info.txt
[11/01/2013 - 20:01:17 | D ] D:\Játékok
[05/07/2012 - 14:26:42 | D ] D:\Kocsiba zene
[07/02/2013 - 18:56:28 | N | 75973] D:\Képkivágás.PNG
[07/02/2013 - 19:02:57 | N | 63779] D:\Képkivágás2.PNG
[11/11/2012 - 21:00:00 | D ] D:\Laci munka
[03/02/2013 - 12:30:22 | D ] D:\Letöltések
[07/02/2013 - 18:31:17 | N | 59238] D:\log.txt
[23/08/2012 - 19:59:45 | N | 195624] D:\Mallorca.jpg
[23/08/2012 - 19:58:54 | N | 192771] D:\Mallorca2.jpg
[23/08/2012 - 19:59:19 | N | 159739] D:\Mallorca3.jpg
[07/01/2013 - 18:20:12 | N | 148268414] D:\Nightwish-Wish_I_Had_an_Angel-720p-FLAC-gh0stm4n.mkv
[01/02/2013 - 19:18:25 | D ] D:\Nincs lementve
[15/01/2013 - 21:45:02 | N | 14004] D:\Probléma 2.docx
[10/01/2013 - 22:14:31 | N | 14005] D:\Probléma.docx
[15/12/2012 - 13:33:03 | N | 5826973] D:\Samsung - S5360.pdf
[15/07/2011 - 13:58:33 | SHD ] D:\System Volume Information
[30/01/2013 - 20:35:14 | D ] D:\Tibi
[31/01/2013 - 21:10:22 | D ] D:\vadászat
[25/12/2012 - 14:50:41 | D ] D:\Vegyes
[01/02/2013 - 18:04:36 | D ] D:\xxxxxxxxxx
[30/12/2012 - 10:10:03 | N | 21131] D:\ZbThumbnail.info
[30/01/2013 - 21:20:00 | D ] D:\Zene
[05/01/2013 - 19:07:37 | D ] D:\Zenék
[27/01/2013 - 11:01:25 | N | 19660394] D:\Évike.bmp
[17/03/2012 - 15:16:43 | D ] D:\Évikém
[07/01/2013 - 18:27:54 | D ] D:\Új mappa
[07/01/2013 - 18:30:17 | D ] D:\Új mappa (2)
[19/06/2012 - 10:17:20 | N | 1734499] F:\x960BT_manual_HU.pdf
[07/02/2013 - 19:34:20 | RASHD ] F:\Autorun.inf
[07/02/2013 - 19:34:20 | RASHD ] G:\Autorun.inf
[07/02/2013 - 19:38:57 | SHD ] H:\$RECYCLE.BIN
[18/02/2011 - 19:15:25 | D ] H:\A TITOK
[11/11/2012 - 19:51:08 | D ] H:\cd dvd
[08/09/2011 - 17:35:32 | N | 99779] H:\D A L A V I D E.pptx
[02/12/2010 - 17:56:53 | D ] H:\Esküvő
[30/01/2013 - 21:16:56 | D ] H:\Fotózás
[17/03/2012 - 15:41:07 | D ] H:\Hivatalos dokumentumok
[17/03/2012 - 15:18:20 | D ] H:\iWin
[17/03/2012 - 15:18:20 | D ] H:\JewelQuestHeritage
[11/11/2012 - 19:59:29 | D ] H:\játékok
[30/01/2013 - 21:18:58 | D ] H:\Képek
[17/03/2012 - 15:19:50 | D ] H:\mentes
[17/03/2012 - 15:43:05 | D ] H:\Mentett levelek
[30/01/2013 - 21:53:08 | D ] H:\Nem lehet törölni ÚJ régi gép c
[02/12/2010 - 17:37:37 | D ] H:\Névnapok,Szülinapok
[30/01/2013 - 20:46:24 | D ] H:\Programok
[11/11/2012 - 20:18:11 | D ] H:\Receptek
[07/02/2013 - 19:36:38 | SHD ] H:\RECYCLER
[17/03/2012 - 15:18:27 | D ] H:\savegame
[19/02/2012 - 17:30:40 | SHD ] H:\System Volume Information
[02/12/2010 - 17:42:16 | D ] H:\Törökország dvd
[11/11/2012 - 20:23:50 | D ] H:\Vegyes
[17/03/2012 - 15:45:46 | D ] H:\Versek
[30/01/2013 - 21:19:43 | D ] H:\Zene
[17/03/2012 - 15:41:58 | D ] H:\Érettségi 9-10-11-12
[17/03/2012 - 15:53:17 | D ] H:\Évikém
[07/02/2013 - 19:38:57 | SHD ] I:\$RECYCLE.BIN
[30/01/2013 - 21:48:01 | D ] I:\Filmek
[11/11/2012 - 20:40:13 | D ] I:\Nem lehet törölni ÚJ régi gép c
[07/02/2013 - 19:38:56 | SHD ] I:\RECYCLER
[17/03/2012 - 14:47:10 | D ] I:\Régi gép Nem lehet törölni C meghajtó
[19/02/2012 - 17:30:40 | SHD ] I:\System Volume Information

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
J:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | http://sosvirus.org |


csüt. feb. 07, 2013 19:41
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Vírus ???? TOP secret vbe file
Igen ez az Microsoft bla,bla,bla,,, na jol van, csinald.


csüt. feb. 07, 2013 19:28
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
Amikor letöltesz valamit és a gépen az aztalnál felugrik, hogy futtatás vagy mentés tábla.
De jó értem csinálom amit írtál.
Bocsi


csüt. feb. 07, 2013 19:27
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Vírus ???? TOP secret vbe file
Csinald amit irtam, semmi kart nem okkoz, azt ki, mi irta ki??


csüt. feb. 07, 2013 19:24
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
Letöltésnél ezt irta ki: Az usbFix csak ritkán letöltött fájl és kárt okozhat a számítógépen

??????????????????????


csüt. feb. 07, 2013 19:20
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Vírus ???? TOP secret vbe file
Igen, ha lehett akkor mindent, es kivarni a naplojat,es ide tenni.


csüt. feb. 07, 2013 19:19
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
Van 2 db pen drive 1 db Sd kártya valamint egy darab 1 terrás külső vinyó. Ha jól értem mindet dugjam be egyszerre?


csüt. feb. 07, 2013 19:16
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Vírus ???? TOP secret vbe file
Ok, renben, Rootkit nincsen,
Kapcsold az Gephez a Pendrivet, vagyis mindent amit az USB-hasznalsz.
Tolds le az USBFIX programot, lefuttatni a naplojat ide tenni.
http://virus-stell.blogspot.sk/2010/04/ ... itasa.html


csüt. feb. 07, 2013 19:14
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
18:55:03.0987 2448 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:55:04.0005 2448 Processor - ok
18:55:04.0035 2448 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:55:04.0038 2448 ProfSvc - ok
18:55:04.0048 2448 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:55:04.0050 2448 ProtectedStorage - ok
18:55:04.0066 2448 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:55:04.0067 2448 Psched - ok
18:55:04.0094 2448 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:55:04.0124 2448 ql2300 - ok
18:55:04.0137 2448 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:55:04.0140 2448 ql40xx - ok
18:55:04.0153 2448 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:55:04.0156 2448 QWAVE - ok
18:55:04.0170 2448 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:55:04.0171 2448 QWAVEdrv - ok
18:55:04.0189 2448 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:55:04.0190 2448 RasAcd - ok
18:55:04.0207 2448 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:55:04.0209 2448 RasAgileVpn - ok
18:55:04.0224 2448 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:55:04.0227 2448 RasAuto - ok
18:55:04.0231 2448 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:55:04.0233 2448 Rasl2tp - ok
18:55:04.0250 2448 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:55:04.0255 2448 RasMan - ok
18:55:04.0263 2448 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:55:04.0265 2448 RasPppoe - ok
18:55:04.0268 2448 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:55:04.0270 2448 RasSstp - ok
18:55:04.0285 2448 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:55:04.0289 2448 rdbss - ok
18:55:04.0297 2448 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:55:04.0321 2448 rdpbus - ok
18:55:04.0330 2448 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:55:04.0331 2448 RDPCDD - ok
18:55:04.0347 2448 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:55:04.0349 2448 RDPDR - ok
18:55:04.0356 2448 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:55:04.0357 2448 RDPENCDD - ok
18:55:04.0360 2448 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:55:04.0361 2448 RDPREFMP - ok
18:55:04.0380 2448 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:55:04.0382 2448 RDPWD - ok
18:55:04.0386 2448 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:55:04.0388 2448 rdyboost - ok
18:55:04.0401 2448 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:55:04.0403 2448 RemoteAccess - ok
18:55:04.0412 2448 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:55:04.0415 2448 RemoteRegistry - ok
18:55:04.0434 2448 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:55:04.0435 2448 RpcEptMapper - ok
18:55:04.0443 2448 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:55:04.0444 2448 RpcLocator - ok
18:55:04.0459 2448 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:55:04.0462 2448 RpcSs - ok
18:55:04.0471 2448 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:55:04.0472 2448 rspndr - ok
18:55:04.0495 2448 [ 712944C0A377E9B8743F95BD83E882D4 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:55:04.0509 2448 RTL8167 - ok
18:55:04.0517 2448 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:55:04.0518 2448 s3cap - ok
18:55:04.0520 2448 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:55:04.0521 2448 SamSs - ok
18:55:04.0523 2448 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:55:04.0534 2448 sbp2port - ok
18:55:04.0548 2448 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:55:04.0551 2448 SCardSvr - ok
18:55:04.0580 2448 [ 8475E746EB72D04F1015E6F091F50E09 ] SCBackService C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
18:55:04.0582 2448 SCBackService - ok
18:55:04.0594 2448 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:55:04.0595 2448 scfilter - ok
18:55:04.0613 2448 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:55:04.0622 2448 Schedule - ok
18:55:04.0641 2448 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:55:04.0642 2448 SCPolicySvc - ok
18:55:04.0652 2448 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:55:04.0656 2448 SDRSVC - ok
18:55:04.0669 2448 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:55:05.0423 2448 secdrv - ok
18:55:05.0438 2448 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:55:05.0440 2448 seclogon - ok
18:55:05.0446 2448 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:55:05.0449 2448 SENS - ok
18:55:05.0459 2448 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:55:05.0461 2448 SensrSvc - ok
18:55:05.0474 2448 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:55:05.0489 2448 Serenum - ok
18:55:05.0510 2448 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:55:05.0554 2448 Serial - ok
18:55:05.0567 2448 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:55:05.0577 2448 sermouse - ok
18:55:05.0594 2448 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:55:05.0597 2448 SessionEnv - ok
18:55:05.0610 2448 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:55:05.0620 2448 sffdisk - ok
18:55:05.0621 2448 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:55:05.0631 2448 sffp_mmc - ok
18:55:05.0640 2448 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:55:05.0641 2448 sffp_sd - ok
18:55:05.0649 2448 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:55:05.0659 2448 sfloppy - ok
18:55:05.0677 2448 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:55:05.0680 2448 SharedAccess - ok
18:55:05.0700 2448 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:55:05.0705 2448 ShellHWDetection - ok
18:55:05.0726 2448 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:55:05.0756 2448 SiSRaid2 - ok
18:55:05.0766 2448 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:55:05.0776 2448 SiSRaid4 - ok
18:55:05.0832 2448 [ 101556F6216E97F1258D87C38203695F ] Smart TimeLock C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
18:55:05.0833 2448 Smart TimeLock - ok
18:55:05.0862 2448 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:55:05.0864 2448 Smb - ok
18:55:05.0877 2448 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:55:05.0880 2448 SNMPTRAP - ok
18:55:05.0899 2448 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:55:05.0900 2448 spldr - ok
18:55:05.0928 2448 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:55:05.0933 2448 Spooler - ok
18:55:05.0987 2448 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:55:06.0006 2448 sppsvc - ok
18:55:06.0017 2448 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:55:06.0019 2448 sppuinotify - ok
18:55:06.0050 2448 [ A15860E920B02C9A7CE8F3A6C2FF1E3A ] sptd C:\Windows\System32\Drivers\sptd.sys
18:55:06.0115 2448 sptd - ok
18:55:06.0137 2448 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:55:06.0142 2448 srv - ok
18:55:06.0151 2448 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:55:06.0155 2448 srv2 - ok
18:55:06.0163 2448 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:55:06.0165 2448 srvnet - ok
18:55:06.0189 2448 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:55:06.0191 2448 SSDPSRV - ok
18:55:06.0197 2448 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:55:06.0199 2448 SstpSvc - ok
18:55:06.0260 2448 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:55:06.0263 2448 Stereo Service - ok
18:55:06.0270 2448 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:55:06.0273 2448 stexstor - ok
18:55:06.0311 2448 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:55:06.0318 2448 stisvc - ok
18:55:06.0330 2448 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:55:06.0332 2448 storflt - ok
18:55:06.0341 2448 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
18:55:06.0344 2448 StorSvc - ok
18:55:06.0351 2448 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:55:06.0365 2448 storvsc - ok
18:55:06.0367 2448 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:55:06.0380 2448 swenum - ok
18:55:06.0405 2448 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:55:06.0411 2448 swprv - ok
18:55:06.0442 2448 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:55:06.0467 2448 SysMain - ok
18:55:06.0480 2448 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:55:06.0482 2448 TabletInputService - ok
18:55:06.0492 2448 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:55:06.0496 2448 TapiSrv - ok
18:55:06.0508 2448 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:55:06.0510 2448 TBS - ok
18:55:06.0561 2448 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:55:06.0591 2448 Tcpip - ok
18:55:06.0618 2448 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:55:06.0628 2448 TCPIP6 - ok
18:55:06.0648 2448 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:55:06.0649 2448 tcpipreg - ok
18:55:06.0659 2448 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:55:06.0660 2448 TDPIPE - ok
18:55:06.0679 2448 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:55:06.0679 2448 TDTCP - ok
18:55:06.0690 2448 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:55:06.0692 2448 tdx - ok
18:55:06.0700 2448 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:55:06.0717 2448 TermDD - ok
18:55:06.0733 2448 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:55:06.0742 2448 TermService - ok
18:55:06.0752 2448 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:55:06.0754 2448 Themes - ok
18:55:06.0765 2448 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:55:06.0766 2448 THREADORDER - ok
18:55:06.0778 2448 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:55:06.0780 2448 TrkWks - ok
18:55:06.0827 2448 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:55:06.0829 2448 TrustedInstaller - ok
18:55:06.0839 2448 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:55:06.0841 2448 tssecsrv - ok
18:55:06.0854 2448 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:55:06.0856 2448 TsUsbFlt - ok
18:55:06.0867 2448 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:55:06.0870 2448 TsUsbGD - ok
18:55:06.0887 2448 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:55:06.0889 2448 tunnel - ok
18:55:06.0903 2448 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:55:06.0920 2448 uagp35 - ok
18:55:06.0934 2448 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:55:06.0937 2448 udfs - ok
18:55:06.0950 2448 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:55:06.0952 2448 UI0Detect - ok
18:55:06.0969 2448 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:55:06.0980 2448 uliagpkx - ok
18:55:06.0982 2448 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:55:06.0991 2448 umbus - ok
18:55:07.0003 2448 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
18:55:07.0012 2448 UmPass - ok
18:55:07.0022 2448 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
18:55:07.0025 2448 UmRdpService - ok
18:55:07.0081 2448 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:55:07.0101 2448 UNS - ok
18:55:07.0111 2448 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:55:07.0114 2448 upnphost - ok
18:55:07.0134 2448 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:55:07.0144 2448 usbccgp - ok
18:55:07.0163 2448 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:55:07.0166 2448 usbcir - ok
18:55:07.0168 2448 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:55:07.0178 2448 usbehci - ok
18:55:07.0188 2448 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:55:07.0200 2448 usbhub - ok
18:55:07.0215 2448 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:55:07.0225 2448 usbohci - ok
18:55:07.0247 2448 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:55:07.0261 2448 usbprint - ok
18:55:07.0285 2448 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:55:07.0289 2448 usbscan - ok
18:55:07.0297 2448 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:55:07.0330 2448 USBSTOR - ok
18:55:07.0342 2448 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:55:07.0343 2448 usbuhci - ok
18:55:07.0345 2448 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:55:07.0347 2448 UxSms - ok
18:55:07.0357 2448 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:55:07.0358 2448 VaultSvc - ok
18:55:07.0368 2448 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:55:07.0385 2448 vdrvroot - ok
18:55:07.0407 2448 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:55:07.0412 2448 vds - ok
18:55:07.0423 2448 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:55:07.0425 2448 vga - ok
18:55:07.0436 2448 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:55:07.0437 2448 VgaSave - ok
18:55:07.0449 2448 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:55:07.0462 2448 vhdmp - ok
18:55:07.0474 2448 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:55:07.0484 2448 viaide - ok
18:55:07.0499 2448 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:55:07.0541 2448 vmbus - ok
18:55:07.0553 2448 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:55:07.0563 2448 VMBusHID - ok
18:55:07.0573 2448 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:55:07.0590 2448 volmgr - ok
18:55:07.0603 2448 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:55:07.0606 2448 volmgrx - ok
18:55:07.0625 2448 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:55:07.0627 2448 volsnap - ok
18:55:07.0641 2448 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:55:07.0667 2448 vsmraid - ok
18:55:07.0696 2448 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:55:07.0718 2448 VSS - ok
18:55:07.0727 2448 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:55:07.0728 2448 vwifibus - ok
18:55:07.0742 2448 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:55:07.0747 2448 W32Time - ok
18:55:07.0750 2448 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:55:07.0751 2448 WacomPen - ok
18:55:07.0770 2448 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:55:07.0771 2448 WANARP - ok
18:55:07.0773 2448 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:55:07.0774 2448 Wanarpv6 - ok
18:55:07.0816 2448 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:55:07.0856 2448 WatAdminSvc - ok
18:55:07.0885 2448 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:55:07.0910 2448 wbengine - ok
18:55:07.0919 2448 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:55:07.0923 2448 WbioSrvc - ok
18:55:07.0938 2448 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:55:07.0942 2448 wcncsvc - ok
18:55:07.0944 2448 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:55:07.0946 2448 WcsPlugInService - ok
18:55:07.0971 2448 [ E47E66538692B1CFD6CC8021546FCC83 ] WCUService_STC_FF C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
18:55:07.0973 2448 WCUService_STC_FF - ok
18:55:08.0000 2448 [ 147C60622CB53E901EFD8BB6D44A4C46 ] WCUService_STC_IE C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
18:55:08.0002 2448 WCUService_STC_IE - ok
18:55:08.0010 2448 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:55:08.0012 2448 Wd - ok
18:55:08.0039 2448 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:55:08.0046 2448 Wdf01000 - ok
18:55:08.0058 2448 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:55:08.0060 2448 WdiServiceHost - ok
18:55:08.0062 2448 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:55:08.0063 2448 WdiSystemHost - ok
18:55:08.0071 2448 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:55:08.0075 2448 WebClient - ok
18:55:08.0098 2448 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:55:08.0101 2448 Wecsvc - ok
18:55:08.0113 2448 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:55:08.0115 2448 wercplsupport - ok
18:55:08.0132 2448 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:55:08.0134 2448 WerSvc - ok
18:55:08.0144 2448 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:55:08.0145 2448 WfpLwf - ok
18:55:08.0159 2448 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:55:08.0160 2448 WIMMount - ok
18:55:08.0173 2448 WinDefend - ok
18:55:08.0175 2448 WinHttpAutoProxySvc - ok
18:55:08.0227 2448 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:55:08.0230 2448 Winmgmt - ok
18:55:08.0275 2448 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:55:08.0308 2448 WinRM - ok
18:55:08.0334 2448 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:55:08.0346 2448 WinUsb - ok
18:55:08.0367 2448 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:55:08.0376 2448 Wlansvc - ok
18:55:08.0388 2448 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:55:08.0400 2448 WmiAcpi - ok
18:55:08.0416 2448 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:55:08.0418 2448 wmiApSrv - ok
18:55:08.0428 2448 WMPNetworkSvc - ok
18:55:08.0443 2448 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:55:08.0445 2448 WPCSvc - ok
18:55:08.0459 2448 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:55:08.0463 2448 WPDBusEnum - ok
18:55:08.0469 2448 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:55:08.0470 2448 ws2ifsl - ok
18:55:08.0484 2448 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:55:08.0487 2448 wscsvc - ok
18:55:08.0490 2448 WSearch - ok
18:55:08.0615 2448 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:55:08.0656 2448 wuauserv - ok
18:55:08.0735 2448 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:55:08.0737 2448 WudfPf - ok
18:55:08.0756 2448 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:55:08.0759 2448 WUDFRd - ok
18:55:08.0776 2448 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:55:08.0779 2448 wudfsvc - ok
18:55:08.0801 2448 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:55:08.0805 2448 WwanSvc - ok
18:55:08.0833 2448 ================ Scan global ===============================
18:55:08.0853 2448 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:55:08.0874 2448 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
18:55:08.0882 2448 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
18:55:08.0898 2448 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:55:08.0911 2448 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:55:08.0914 2448 [Global] - ok
18:55:08.0915 2448 ================ Scan MBR ==================================
18:55:08.0932 2448 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:55:09.0094 2448 \Device\Harddisk0\DR0 - ok
18:55:09.0095 2448 ================ Scan VBR ==================================
18:55:09.0096 2448 [ 8E150FB743DA4511A8EFCCF393492118 ] \Device\Harddisk0\DR0\Partition1
18:55:09.0098 2448 \Device\Harddisk0\DR0\Partition1 - ok
18:55:09.0102 2448 [ 1B32CBC223A0F9A805D2DD620370DCBC ] \Device\Harddisk0\DR0\Partition2
18:55:09.0103 2448 \Device\Harddisk0\DR0\Partition2 - ok
18:55:09.0117 2448 [ 2790E2F8A0E254198C305DDD4098CF33 ] \Device\Harddisk0\DR0\Partition3
18:55:09.0119 2448 \Device\Harddisk0\DR0\Partition3 - ok
18:55:09.0119 2448 ============================================================
18:55:09.0119 2448 Scan finished
18:55:09.0119 2448 ============================================================
18:55:09.0125 2968 Detected object count: 0
18:55:09.0125 2968 Actual detected object count: 0


csüt. feb. 07, 2013 19:09
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
18:54:49.0783 4512 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:54:49.0978 4512 ============================================================
18:54:49.0978 4512 Current date / time: 2013/02/07 18:54:49.0978
18:54:49.0978 4512 SystemInfo:
18:54:49.0978 4512
18:54:49.0978 4512 OS Version: 6.1.7601 ServicePack: 1.0
18:54:49.0978 4512 Product type: Workstation
18:54:49.0978 4512 ComputerName: DELFINEK
18:54:49.0978 4512 UserName: Dala Éles
18:54:49.0978 4512 Windows directory: C:\Windows
18:54:49.0978 4512 System windows directory: C:\Windows
18:54:49.0978 4512 Running under WOW64
18:54:49.0978 4512 Processor architecture: Intel x64
18:54:49.0978 4512 Number of processors: 4
18:54:49.0978 4512 Page size: 0x1000
18:54:49.0978 4512 Boot type: Normal boot
18:54:49.0978 4512 ============================================================
18:54:50.0907 4512 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
18:54:50.0910 4512 ============================================================
18:54:50.0910 4512 \Device\Harddisk0\DR0:
18:54:50.0910 4512 MBR partitions:
18:54:50.0910 4512 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:54:50.0910 4512 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38C01800
18:54:50.0910 4512 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38C34000, BlocksNum 0x3BAD1800
18:54:50.0910 4512 ============================================================
18:54:50.0936 4512 C: <-> \Device\Harddisk0\DR0\Partition2
18:54:50.0971 4512 D: <-> \Device\Harddisk0\DR0\Partition3
18:54:50.0971 4512 ============================================================
18:54:50.0971 4512 Initialize success
18:54:50.0971 4512 ============================================================
18:54:56.0037 2448 ============================================================
18:54:56.0037 2448 Scan started
18:54:56.0037 2448 Mode: Manual;
18:54:56.0037 2448 ============================================================
18:54:57.0178 2448 ================ Scan system memory ========================
18:54:57.0178 2448 System memory - ok
18:54:57.0178 2448 ================ Scan services =============================
18:54:57.0289 2448 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:54:57.0331 2448 1394ohci - ok
18:54:57.0343 2448 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:54:57.0345 2448 ACPI - ok
18:54:57.0358 2448 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:54:57.0367 2448 AcpiPmi - ok
18:54:57.0452 2448 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:54:57.0452 2448 AdobeARMservice - ok
18:54:57.0555 2448 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:54:57.0557 2448 AdobeFlashPlayerUpdateSvc - ok
18:54:57.0573 2448 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:54:57.0617 2448 adp94xx - ok
18:54:57.0631 2448 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:54:57.0657 2448 adpahci - ok
18:54:57.0665 2448 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:54:57.0669 2448 adpu320 - ok
18:54:57.0691 2448 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:54:57.0692 2448 AeLookupSvc - ok
18:54:57.0716 2448 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:54:57.0722 2448 AFD - ok
18:54:57.0735 2448 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:54:57.0754 2448 agp440 - ok
18:54:57.0762 2448 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:54:57.0764 2448 ALG - ok
18:54:57.0767 2448 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:54:57.0777 2448 aliide - ok
18:54:57.0779 2448 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:54:57.0789 2448 amdide - ok
18:54:57.0791 2448 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:54:57.0801 2448 AmdK8 - ok
18:54:57.0804 2448 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:54:57.0814 2448 AmdPPM - ok
18:54:57.0838 2448 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:54:57.0858 2448 amdsata - ok
18:54:57.0861 2448 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:54:57.0874 2448 amdsbs - ok
18:54:57.0883 2448 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:54:57.0892 2448 amdxata - ok
18:54:57.0894 2448 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:54:57.0895 2448 AppID - ok
18:54:57.0909 2448 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:54:57.0910 2448 AppIDSvc - ok
18:54:57.0924 2448 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:54:57.0925 2448 Appinfo - ok
18:54:57.0930 2448 [ 6BE11AD81D4527D299F0CB5F3731AABC ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
18:54:57.0931 2448 AppleCharger - ok
18:54:57.0940 2448 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
18:54:57.0942 2448 AppleChargerSrv - ok
18:54:57.0958 2448 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
18:54:57.0960 2448 AppMgmt - ok
18:54:57.0963 2448 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:54:57.0973 2448 arc - ok
18:54:57.0983 2448 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:54:57.0986 2448 arcsas - ok
18:54:57.0998 2448 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:54:57.0999 2448 AsyncMac - ok
18:54:58.0008 2448 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:54:58.0008 2448 atapi - ok
18:54:58.0027 2448 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:54:58.0032 2448 AudioEndpointBuilder - ok
18:54:58.0039 2448 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:54:58.0042 2448 AudioSrv - ok
18:54:58.0048 2448 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:54:58.0050 2448 AxInstSV - ok
18:54:58.0062 2448 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:54:58.0069 2448 b06bdrv - ok
18:54:58.0086 2448 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:54:58.0100 2448 b57nd60a - ok
18:54:58.0108 2448 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:54:58.0109 2448 BDESVC - ok
18:54:58.0127 2448 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:54:58.0127 2448 Beep - ok
18:54:58.0147 2448 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:54:58.0152 2448 BFE - ok
18:54:58.0191 2448 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:54:58.0202 2448 BITS - ok
18:54:58.0214 2448 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:54:58.0232 2448 blbdrive - ok
18:54:58.0257 2448 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
18:54:58.0259 2448 Bonjour Service - ok
18:54:58.0285 2448 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:54:58.0287 2448 bowser - ok
18:54:58.0290 2448 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:54:58.0292 2448 BrFiltLo - ok
18:54:58.0300 2448 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:54:58.0302 2448 BrFiltUp - ok
18:54:58.0321 2448 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:54:58.0334 2448 Browser - ok
18:54:58.0382 2448 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:54:58.0489 2448 Brserid - ok
18:54:58.0502 2448 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:54:58.0520 2448 BrSerWdm - ok
18:54:58.0523 2448 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:54:58.0532 2448 BrUsbMdm - ok
18:54:58.0535 2448 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:54:58.0536 2448 BrUsbSer - ok
18:54:58.0539 2448 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:54:58.0549 2448 BTHMODEM - ok
18:54:58.0563 2448 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:54:58.0564 2448 bthserv - ok
18:54:58.0591 2448 [ 1778EBA872274C1226D869CD9486847E ] Capture Device Service C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
18:54:58.0593 2448 Capture Device Service - ok
18:54:58.0602 2448 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:54:58.0604 2448 cdfs - ok
18:54:58.0623 2448 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:54:58.0642 2448 cdrom - ok
18:54:58.0650 2448 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:54:58.0651 2448 CertPropSvc - ok
18:54:58.0654 2448 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:54:58.0657 2448 circlass - ok
18:54:58.0671 2448 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:54:58.0676 2448 CLFS - ok
18:54:58.0724 2448 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:54:58.0725 2448 clr_optimization_v2.0.50727_32 - ok
18:54:58.0758 2448 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:54:58.0760 2448 clr_optimization_v2.0.50727_64 - ok
18:54:58.0799 2448 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:54:58.0801 2448 clr_optimization_v4.0.30319_32 - ok
18:54:58.0817 2448 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:54:58.0819 2448 clr_optimization_v4.0.30319_64 - ok
18:54:58.0823 2448 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:54:58.0838 2448 CmBatt - ok
18:54:58.0845 2448 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:54:58.0860 2448 cmdide - ok
18:54:58.0891 2448 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:54:58.0896 2448 CNG - ok
18:54:58.0899 2448 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:54:58.0901 2448 Compbatt - ok
18:54:58.0911 2448 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:54:58.0913 2448 CompositeBus - ok
18:54:58.0915 2448 COMSysApp - ok
18:54:58.0918 2448 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:54:58.0921 2448 crcdisk - ok
18:54:58.0942 2448 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:54:58.0943 2448 CryptSvc - ok
18:54:58.0964 2448 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
18:54:58.0969 2448 CSC - ok
18:54:58.0987 2448 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
18:54:58.0993 2448 CscService - ok
18:54:59.0018 2448 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:54:59.0024 2448 DcomLaunch - ok
18:54:59.0034 2448 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:54:59.0037 2448 defragsvc - ok
18:54:59.0069 2448 [ FDC0C5ADDE1CDE6EDB0BEF78F0699AF3 ] DES2 Service C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
18:54:59.0070 2448 DES2 Service - ok
18:54:59.0091 2448 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:54:59.0093 2448 DfsC - ok
18:54:59.0114 2448 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:54:59.0118 2448 Dhcp - ok
18:54:59.0126 2448 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:54:59.0127 2448 discache - ok
18:54:59.0140 2448 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:54:59.0155 2448 Disk - ok
18:54:59.0159 2448 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
18:54:59.0164 2448 dmvsc - ok
18:54:59.0176 2448 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:54:59.0178 2448 Dnscache - ok
18:54:59.0187 2448 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:54:59.0191 2448 dot3svc - ok
18:54:59.0202 2448 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:54:59.0205 2448 DPS - ok
18:54:59.0222 2448 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:54:59.0233 2448 drmkaud - ok
18:54:59.0255 2448 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:54:59.0261 2448 DXGKrnl - ok
18:54:59.0285 2448 [ 4337B4BF0F65B12A67D15CE868125B8F ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
18:54:59.0286 2448 eamonm - ok
18:54:59.0300 2448 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:54:59.0303 2448 EapHost - ok
18:54:59.0361 2448 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:54:59.0439 2448 ebdrv - ok
18:54:59.0465 2448 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:54:59.0466 2448 EFS - ok
18:54:59.0482 2448 [ EAD87F4C50ACFC045C56E035C7BF01F9 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
18:54:59.0483 2448 ehdrv - ok
18:54:59.0538 2448 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:54:59.0546 2448 ehRecvr - ok
18:54:59.0554 2448 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:54:59.0556 2448 ehSched - ok
18:54:59.0698 2448 [ E95AB781773870BD68ABE1AE1B57A8AC ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
18:54:59.0708 2448 ekrn - ok
18:54:59.0734 2448 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:54:59.0747 2448 elxstor - ok
18:54:59.0757 2448 [ 41A98830691AB0319357AEA95394F46A ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
18:54:59.0758 2448 epfwwfpr - ok
18:54:59.0768 2448 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:54:59.0782 2448 ErrDev - ok
18:54:59.0820 2448 [ 84486624268E078255BC7AA47F0960BC ] etdrv C:\Windows\etdrv.sys
18:54:59.0821 2448 etdrv - ok
18:54:59.0842 2448 [ 6C17A702399B0205AB7836C2B45CD806 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
18:54:59.0859 2448 EtronHub3 - ok
18:54:59.0877 2448 [ B5348A55CC9541FFA930E30BB0CC8EF6 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
18:54:59.0879 2448 EtronXHCI - ok
18:54:59.0894 2448 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:54:59.0897 2448 EventSystem - ok
18:54:59.0910 2448 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:54:59.0912 2448 exfat - ok
18:54:59.0920 2448 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:54:59.0922 2448 fastfat - ok
18:54:59.0940 2448 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:54:59.0947 2448 Fax - ok
18:54:59.0950 2448 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:54:59.0968 2448 fdc - ok
18:54:59.0977 2448 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:54:59.0979 2448 fdPHost - ok
18:54:59.0989 2448 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:54:59.0990 2448 FDResPub - ok
18:54:59.0999 2448 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:55:00.0000 2448 FileInfo - ok
18:55:00.0007 2448 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:55:00.0008 2448 Filetrace - ok
18:55:00.0052 2448 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:55:00.0055 2448 FLEXnet Licensing Service - ok
18:55:00.0057 2448 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:55:00.0059 2448 flpydisk - ok
18:55:00.0067 2448 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:55:00.0070 2448 FltMgr - ok
18:55:00.0101 2448 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:55:00.0110 2448 FontCache - ok
18:55:00.0146 2448 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:55:00.0148 2448 FontCache3.0.0.0 - ok
18:55:00.0160 2448 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:55:00.0162 2448 FsDepends - ok
18:55:00.0178 2448 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:55:00.0179 2448 Fs_Rec - ok
18:55:00.0197 2448 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:55:00.0200 2448 fvevol - ok
18:55:00.0209 2448 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:55:00.0244 2448 gagp30kx - ok
18:55:00.0261 2448 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
18:55:00.0261 2448 gdrv - ok
18:55:00.0280 2448 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:55:00.0286 2448 gpsvc - ok
18:55:00.0303 2448 [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64 C:\Windows\GVTDrv64.sys
18:55:00.0303 2448 GVTDrv64 - ok
18:55:00.0306 2448 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:55:00.0307 2448 hcw85cir - ok
18:55:00.0335 2448 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:55:00.0341 2448 HdAudAddService - ok
18:55:00.0354 2448 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:55:00.0356 2448 HDAudBus - ok
18:55:00.0359 2448 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:55:00.0385 2448 HidBatt - ok
18:55:00.0398 2448 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:55:00.0409 2448 HidBth - ok
18:55:00.0411 2448 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:55:00.0429 2448 HidIr - ok
18:55:00.0442 2448 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:55:00.0443 2448 hidserv - ok
18:55:00.0462 2448 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:55:00.0462 2448 HidUsb - ok
18:55:00.0485 2448 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:55:00.0487 2448 hkmsvc - ok
18:55:00.0497 2448 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:55:00.0501 2448 HomeGroupListener - ok
18:55:00.0526 2448 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:55:00.0529 2448 HomeGroupProvider - ok
18:55:00.0543 2448 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:55:00.0546 2448 HpSAMD - ok
18:55:00.0572 2448 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:55:00.0579 2448 HTTP - ok
18:55:00.0584 2448 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:55:00.0584 2448 hwpolicy - ok
18:55:00.0591 2448 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:55:00.0601 2448 i8042prt - ok
18:55:00.0635 2448 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:55:00.0651 2448 iaStorV - ok
18:55:00.0699 2448 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:55:00.0700 2448 IDriverT - ok
18:55:00.0757 2448 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:55:00.0767 2448 idsvc - ok
18:55:00.0783 2448 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:55:00.0786 2448 iirsp - ok
18:55:00.0817 2448 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:55:00.0826 2448 IKEEXT - ok
18:55:00.0877 2448 [ 03076F51AF9F78A272CCCDE03E9340CE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:55:00.0933 2448 IntcAzAudAddService - ok
18:55:00.0946 2448 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:55:00.0947 2448 intelide - ok
18:55:00.0962 2448 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:55:00.0962 2448 intelppm - ok
18:55:00.0969 2448 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:55:00.0971 2448 IPBusEnum - ok
18:55:00.0982 2448 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:55:00.0984 2448 IpFilterDriver - ok
18:55:01.0016 2448 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:55:01.0023 2448 iphlpsvc - ok
18:55:01.0032 2448 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:55:01.0036 2448 IPMIDRV - ok
18:55:01.0043 2448 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:55:01.0044 2448 IPNAT - ok
18:55:01.0059 2448 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:55:01.0060 2448 IRENUM - ok
18:55:01.0063 2448 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:55:01.0075 2448 isapnp - ok
18:55:01.0090 2448 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:55:01.0107 2448 iScsiPrt - ok
18:55:01.0125 2448 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:55:01.0126 2448 kbdclass - ok
18:55:01.0133 2448 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:55:01.0135 2448 kbdhid - ok
18:55:01.0140 2448 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:55:01.0141 2448 KeyIso - ok
18:55:01.0158 2448 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:55:01.0159 2448 KSecDD - ok
18:55:01.0172 2448 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:55:01.0173 2448 KSecPkg - ok
18:55:01.0182 2448 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:55:01.0183 2448 ksthunk - ok
18:55:01.0196 2448 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:55:01.0200 2448 KtmRm - ok
18:55:01.0220 2448 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:55:01.0222 2448 LanmanServer - ok
18:55:01.0233 2448 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:55:01.0236 2448 LanmanWorkstation - ok
18:55:01.0250 2448 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:55:01.0251 2448 lltdio - ok
18:55:01.0261 2448 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:55:01.0265 2448 lltdsvc - ok
18:55:01.0267 2448 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:55:01.0268 2448 lmhosts - ok
18:55:01.0296 2448 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:55:01.0298 2448 LMS - ok
18:55:01.0307 2448 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:55:01.0318 2448 LSI_FC - ok
18:55:01.0328 2448 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:55:01.0339 2448 LSI_SAS - ok
18:55:01.0344 2448 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:55:01.0355 2448 LSI_SAS2 - ok
18:55:01.0364 2448 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:55:01.0375 2448 LSI_SCSI - ok
18:55:01.0398 2448 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:55:01.0400 2448 luafv - ok
18:55:01.0437 2448 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
18:55:01.0440 2448 MarvinBus - ok
18:55:01.0451 2448 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:55:01.0453 2448 Mcx2Svc - ok
18:55:01.0465 2448 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:55:01.0497 2448 megasas - ok
18:55:01.0524 2448 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:55:01.0558 2448 MegaSR - ok
18:55:01.0562 2448 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:55:01.0562 2448 MEIx64 - ok
18:55:01.0597 2448 Microsoft SharePoint Workspace Audit Service - ok
18:55:01.0615 2448 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:55:01.0617 2448 MMCSS - ok
18:55:01.0629 2448 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:55:01.0630 2448 Modem - ok
18:55:01.0642 2448 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:55:01.0643 2448 monitor - ok
18:55:01.0651 2448 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:55:01.0653 2448 mouclass - ok
18:55:01.0661 2448 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:55:01.0664 2448 mouhid - ok
18:55:01.0675 2448 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:55:01.0676 2448 mountmgr - ok
18:55:01.0692 2448 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:55:01.0700 2448 mpio - ok
18:55:01.0714 2448 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:55:01.0716 2448 mpsdrv - ok
18:55:01.0733 2448 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:55:01.0741 2448 MpsSvc - ok
18:55:01.0755 2448 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:55:01.0757 2448 MRxDAV - ok
18:55:01.0777 2448 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:55:01.0779 2448 mrxsmb - ok
18:55:01.0801 2448 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:55:01.0805 2448 mrxsmb10 - ok
18:55:01.0814 2448 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:55:01.0816 2448 mrxsmb20 - ok
18:55:01.0825 2448 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:55:01.0841 2448 msahci - ok
18:55:01.0864 2448 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:55:01.0889 2448 msdsm - ok
18:55:01.0902 2448 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:55:01.0905 2448 MSDTC - ok
18:55:01.0916 2448 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:55:01.0917 2448 Msfs - ok
18:55:01.0923 2448 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:55:01.0924 2448 mshidkmdf - ok
18:55:01.0931 2448 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:55:01.0943 2448 msisadrv - ok
18:55:01.0957 2448 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:55:01.0960 2448 MSiSCSI - ok
18:55:01.0962 2448 msiserver - ok
18:55:01.0984 2448 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:55:01.0985 2448 MSKSSRV - ok
18:55:02.0001 2448 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:55:02.0002 2448 MSPCLOCK - ok
18:55:02.0007 2448 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:55:02.0008 2448 MSPQM - ok
18:55:02.0024 2448 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:55:02.0029 2448 MsRPC - ok
18:55:02.0034 2448 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:55:02.0034 2448 mssmbios - ok
18:55:02.0038 2448 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:55:02.0039 2448 MSTEE - ok
18:55:02.0047 2448 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:55:02.0049 2448 MTConfig - ok
18:55:02.0058 2448 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:55:02.0059 2448 Mup - ok
18:55:02.0076 2448 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:55:02.0080 2448 napagent - ok
18:55:02.0101 2448 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:55:02.0105 2448 NativeWifiP - ok
18:55:02.0137 2448 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:55:02.0143 2448 NDIS - ok
18:55:02.0156 2448 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:55:02.0157 2448 NdisCap - ok
18:55:02.0164 2448 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:55:02.0165 2448 NdisTapi - ok
18:55:02.0184 2448 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:55:02.0185 2448 Ndisuio - ok
18:55:02.0196 2448 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:55:02.0198 2448 NdisWan - ok
18:55:02.0207 2448 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:55:02.0208 2448 NDProxy - ok
18:55:02.0211 2448 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:55:02.0212 2448 NetBIOS - ok
18:55:02.0224 2448 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:55:02.0226 2448 NetBT - ok
18:55:02.0232 2448 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:55:02.0233 2448 Netlogon - ok
18:55:02.0255 2448 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:55:02.0258 2448 Netman - ok
18:55:02.0272 2448 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:55:02.0276 2448 netprofm - ok
18:55:02.0296 2448 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:55:02.0297 2448 NetTcpPortSharing - ok
18:55:02.0313 2448 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:55:02.0331 2448 nfrd960 - ok
18:55:02.0343 2448 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:55:02.0346 2448 NlaSvc - ok
18:55:02.0383 2448 [ 8508C6A0DD33923D9EDB4E2E10B55415 ] nmwcdcjx64 C:\Windows\system32\drivers\nmwcdcjx64.sys
18:55:02.0392 2448 nmwcdcjx64 - ok
18:55:02.0405 2448 [ 8508C6A0DD33923D9EDB4E2E10B55415 ] nmwcdcmx64 C:\Windows\system32\drivers\nmwcdcmx64.sys
18:55:02.0414 2448 nmwcdcmx64 - ok
18:55:02.0434 2448 [ 6E19F5A7828C8CF994A703FBC7B18ADD ] nmwcdcx64 C:\Windows\system32\drivers\nmwcdcx64.sys
18:55:02.0443 2448 nmwcdcx64 - ok
18:55:02.0466 2448 [ 20DD4EC118EFA584499FC95AC3E27F0B ] nmwcdx64 C:\Windows\system32\drivers\nmwcdx64.sys
18:55:02.0470 2448 nmwcdx64 - ok
18:55:02.0483 2448 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:55:02.0485 2448 Npfs - ok
18:55:02.0488 2448 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:55:02.0490 2448 nsi - ok
18:55:02.0493 2448 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:55:02.0494 2448 nsiproxy - ok
18:55:02.0546 2448 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:55:02.0571 2448 Ntfs - ok
18:55:02.0584 2448 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:55:02.0585 2448 Null - ok
18:55:02.0614 2448 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
18:55:02.0619 2448 NVHDA - ok
18:55:02.0767 2448 [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:55:02.0892 2448 nvlddmkm - ok
18:55:02.0921 2448 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:55:02.0933 2448 nvraid - ok
18:55:02.0947 2448 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:55:02.0973 2448 nvstor - ok
18:55:03.0005 2448 [ A83AC04D672567CAF8BE7A4D73C0B850 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:55:03.0009 2448 nvsvc - ok
18:55:03.0048 2448 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:55:03.0053 2448 nvUpdatusService - ok
18:55:03.0070 2448 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:55:03.0081 2448 nv_agp - ok
18:55:03.0093 2448 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:55:03.0104 2448 ohci1394 - ok
18:55:03.0135 2448 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:55:03.0137 2448 ose64 - ok
18:55:03.0244 2448 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:55:03.0318 2448 osppsvc - ok
18:55:03.0363 2448 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:55:03.0368 2448 p2pimsvc - ok
18:55:03.0394 2448 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:55:03.0400 2448 p2psvc - ok
18:55:03.0467 2448 [ 1011C779C9FCD01AFA96490C86A50421 ] PanService C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
18:55:03.0471 2448 PanService - ok
18:55:03.0484 2448 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
18:55:03.0531 2448 Parport - ok
18:55:03.0553 2448 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:55:03.0554 2448 partmgr - ok
18:55:03.0565 2448 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:55:03.0568 2448 PcaSvc - ok
18:55:03.0576 2448 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:55:03.0609 2448 pci - ok
18:55:03.0620 2448 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:55:03.0629 2448 pciide - ok
18:55:03.0693 2448 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI C:\Windows\SysWOW64\drivers\pclepci.sys
18:55:03.0694 2448 PCLEPCI - ok
18:55:03.0707 2448 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:55:03.0733 2448 pcmcia - ok
18:55:03.0742 2448 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:55:03.0743 2448 pcw - ok
18:55:03.0758 2448 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:55:03.0764 2448 PEAUTH - ok
18:55:03.0789 2448 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:55:03.0800 2448 PeerDistSvc - ok
18:55:03.0818 2448 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:55:03.0819 2448 PerfHost - ok
18:55:03.0849 2448 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:55:03.0861 2448 pla - ok
18:55:03.0882 2448 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:55:03.0886 2448 PlugPlay - ok
18:55:03.0897 2448 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:55:03.0899 2448 PNRPAutoReg - ok
18:55:03.0903 2448 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:55:03.0905 2448 PNRPsvc - ok
18:55:03.0929 2448 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:55:03.0933 2448 PolicyAgent - ok
18:55:03.0950 2448 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:55:03.0952 2448 Power - ok
18:55:03.0973 2448 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:55:03.0974 2448 PptpMiniport - ok


csüt. feb. 07, 2013 19:09
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Vírus ???? TOP secret vbe file
na meg az TDSSKILLER NAPLOJAT IS MASOLD IDE
C:\mappa) >>> "TDSSKiller. _log.txt".


csüt. feb. 07, 2013 19:08
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
# AdwCleaner v2.111 - Logfile created 02/07/2013 at 19:02:01
# Updated 05/02/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Dala Éles - DELFINEK
# Boot Mode : Normal
# Running from : C:\Users\Dala Éles\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\MyAshampoo
Folder Deleted : C:\Program Files (x86)\SpecialSavings
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\Users\Dala Éles\AppData\Local\Conduit
Folder Deleted : C:\Users\Dala Éles\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Dala Éles\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Dala Éles\AppData\LocalLow\MyAshampoo
Folder Deleted : C:\Users\Dala Éles\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Dala Éles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpecialSavings

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\MyAshampoo
Key Deleted : HKCU\Software\AppDataLow\Software\SpecialSavings
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3E72B4FD-246D-4569-9BB5-9E29D32F7796}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5FA9B1D9-B063-49BE-B59D-3D90CCAC894D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\Somoto Toolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKCU\Software\SMTTB2009
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2475029
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6A303A-668D-488B-AF8E-2C11DF7BE038}
Key Deleted : HKLM\Software\MyAshampoo
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1F6A303A-668D-488B-AF8E-2C11DF7BE038}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3E72B4FD-246D-4569-9BB5-9E29D32F7796}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5FA9B1D9-B063-49BE-B59D-3D90CCAC894D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6440C1B8-8568-41CD-BD09-7FCCCAFD53B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB31D765-94CB-4B40-980A-E8FCC47FA175}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MyAshampoo Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpecialSavings
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/solidyoutube/{31A5F9BD-7ED5-43C3-A675-C373FF50FB04} --> hxxp://www.google.com

*************************

AdwCleaner[S1].txt - [9116 octets] - [07/02/2013 19:02:01]

########## EOF - C:\AdwCleaner[S1].txt - [9176 octets] ##########


csüt. feb. 07, 2013 19:05
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Vírus ???? TOP secret vbe file
Itt van
C:\mappa) >>> "TDSSKiller. _log.txt".


csüt. feb. 07, 2013 18:59
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
Lefutattam az első programot a képét hogyan rakjam ide?


csüt. feb. 07, 2013 18:57
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Vírus ???? TOP secret vbe file
Nem, ez egyelorre eleg nekem.
1:Futtasd az TDSSKILLER
http://www.viruskasino.com/2010/12/odst ... kitov.html
Letolteni az asztalra, futtatni es klik Start Scan
He kerdez klik, Continue.

Ez az szlovak blogom, hat ha valamit nem ertesz kerdez.

2:Tedd ide az ADWcleaner naplojat is, letolteni Fuutatni,klik DELETE a naplojat tedd ide.
http://www.viruskasino.com/2012/09/adwcleaner.html
Aztan meglatom mit talalnak ezzek.


csüt. feb. 07, 2013 18:45
Profil Privát üzenet küldése Honlap
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
Feljött még egy jegyzettömb, az is kell?


csüt. feb. 07, 2013 18:28
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GoGear SA3MXX Device Manager.lnk - C:\Program Files (x86)\Philips\GoGear SA3MXX Device Manager\main.exe

C:\Users\Dala Éles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2010 – Képernyőrész kivágása és gyorsindítás.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-02-07 18:14:13 ----D---- C:\rsit
2013-02-07 18:14:13 ----D---- C:\Program Files\trend micro
2013-02-06 17:20:24 ----D---- C:\ProgramData\ESET
2013-02-06 17:20:23 ----D---- C:\Program Files\ESET
2013-02-03 12:35:09 ----D---- C:\Users\Dala Éles\AppData\Roaming\TuneUp Software
2013-02-03 12:27:46 ----HD---- C:\ProgramData\Common Files
2013-02-03 12:27:46 ----D---- C:\ProgramData\MFAData
2013-02-01 21:20:14 ----D---- C:\ProgramData\AVAST Software
2013-01-29 20:00:11 ----D---- C:\Program Files\Common Files\Borland Shared
2013-01-21 16:36:43 ----D---- C:\Program Files (x86)\uTorrent
2013-01-21 16:35:20 ----D---- C:\Users\Dala Éles\AppData\Roaming\uTorrent
2013-01-19 21:54:52 ----D---- C:\Program Files (x86)\Bonjour
2013-01-15 22:11:06 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-01-15 22:07:59 ----A---- C:\Windows\system32\nvhdap64.dll
2013-01-15 22:07:59 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2013-01-15 22:07:59 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2013-01-15 22:07:58 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-01-15 22:07:58 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-01-15 22:07:58 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-01-15 22:07:58 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-01-15 22:07:58 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-01-15 22:07:58 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-01-15 22:07:58 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-01-15 22:07:58 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-01-15 22:07:58 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-01-15 22:07:58 ----A---- C:\Windows\system32\nvopencl.dll
2013-01-15 22:07:58 ----A---- C:\Windows\system32\nvoglv64.dll
2013-01-15 22:07:58 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-01-15 22:07:58 ----A---- C:\Windows\system32\nvcuvid.dll
2013-01-15 22:07:58 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-01-15 22:07:58 ----A---- C:\Windows\system32\nvcuda.dll
2013-01-15 22:07:58 ----A---- C:\Windows\system32\nvcompiler.dll
2013-01-15 22:07:58 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-01-09 16:59:26 ----A---- C:\Windows\system32\win32spl.dll
2013-01-09 16:59:25 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-01-09 16:59:13 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-09 16:59:13 ----A---- C:\Windows\system32\msxml6.dll
2013-01-09 16:59:13 ----A---- C:\Windows\system32\msxml3.dll
2013-01-09 16:59:12 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-09 16:59:11 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-09 16:59:11 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-09 16:59:10 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-01-09 16:59:10 ----A---- C:\Windows\system32\usp10.dll
2013-01-09 16:58:42 ----A---- C:\Windows\system32\Wpc.dll
2013-01-09 16:58:41 ----A---- C:\Windows\system32\gameux.dll
2013-01-09 16:58:40 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-01-09 16:58:40 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-01-09 16:57:43 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-09 16:57:42 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-01-09 16:57:42 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-09 16:57:42 ----A---- C:\Windows\system32\wow64win.dll
2013-01-09 16:57:42 ----A---- C:\Windows\system32\wow64cpu.dll
2013-01-09 16:57:42 ----A---- C:\Windows\system32\wow64.dll
2013-01-09 16:57:42 ----A---- C:\Windows\system32\winsrv.dll
2013-01-09 16:57:42 ----A---- C:\Windows\system32\kernel32.dll
2013-01-09 16:57:42 ----A---- C:\Windows\system32\conhost.exe
2013-01-09 16:57:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 16:57:41 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 16:57:41 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-01-09 16:57:41 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-01-09 16:57:41 ----A---- C:\Windows\system32\ntvdm64.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 16:57:40 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 16:57:40 ----A---- C:\Windows\SYSWOW64\user.exe
2013-01-09 16:57:40 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-01-09 16:57:40 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-01-09 16:57:30 ----A---- C:\Windows\system32\taskhost.exe
2013-01-09 16:57:29 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2013-02-07 18:14:14 ----D---- C:\Windows\Temp
2013-02-07 18:14:13 ----RD---- C:\Program Files
2013-02-07 18:09:25 ----D---- C:\Windows\System32
2013-02-07 18:09:25 ----D---- C:\Windows\inf
2013-02-07 18:09:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-07 18:06:02 ----A---- C:\Windows\SYSWOW64\log.txt
2013-02-07 18:05:53 ----D---- C:\Windows\system32\config
2013-02-07 18:03:33 ----AD---- C:\Windows
2013-02-07 18:03:32 ----D---- C:\ProgramData\NVIDIA
2013-02-06 22:22:36 ----D---- C:\Windows\system32\catroot2
2013-02-06 20:52:46 ----D---- C:\Windows\tracing
2013-02-06 19:32:31 ----D---- C:\Windows\system32\Tasks
2013-02-06 19:23:09 ----D---- C:\Users\Dala Éles\AppData\Roaming\Winamp
2013-02-06 19:23:08 ----D---- C:\Windows\Minidump
2013-02-06 19:15:55 ----RD---- C:\Program Files (x86)
2013-02-06 18:59:39 ----D---- C:\Program Files (x86)\The KMPlayer
2013-02-06 18:58:47 ----D---- C:\Programok
2013-02-06 18:55:57 ----D---- C:\Windows\Prefetch
2013-02-06 18:54:56 ----D---- C:\Windows\SysWOW64
2013-02-06 17:27:00 ----D---- C:\ProgramData\IBUpdaterService
2013-02-06 17:24:11 ----D---- C:\Windows\winsxs
2013-02-06 17:22:14 ----SHD---- C:\Windows\Installer
2013-02-06 17:21:39 ----D---- C:\Windows\system32\DriverStore
2013-02-06 17:21:39 ----D---- C:\Windows\system32\drivers
2013-02-06 17:21:39 ----D---- C:\Windows\system32\catroot
2013-02-06 17:20:24 ----HD---- C:\ProgramData
2013-02-06 17:19:17 ----SHD---- C:\System Volume Information
2013-02-06 17:09:55 ----D---- C:\ProgramData\Symantec
2013-02-06 17:09:55 ----D---- C:\Program Files\Common Files
2013-02-06 17:09:38 ----D---- C:\Windows\SYSWOW64\drivers
2013-02-02 20:23:46 ----D---- C:\Windows\Tasks
2013-02-02 20:23:46 ----D---- C:\Windows\system32\wfp
2013-02-02 20:23:42 ----D---- C:\Windows\system32\wbem
2013-02-02 20:22:48 ----D---- C:\Windows\system32\CodeIntegrity
2013-02-02 20:22:47 ----D---- C:\Windows\Cursors
2013-02-02 20:22:47 ----D---- C:\Windows\AppCompat
2013-02-02 20:22:46 ----D---- C:\Users\Dala Éles\AppData\Roaming\XMedia Recode
2013-02-02 20:22:45 ----D---- C:\Users\Dala Éles\AppData\Roaming\IrfanView
2013-02-02 20:22:45 ----D---- C:\Users\Dala Éles\AppData\Roaming\gtk-2.0
2013-02-02 20:22:45 ----D---- C:\Users\Dala Éles\AppData\Roaming\GHISLER
2013-02-02 20:22:45 ----D---- C:\Users\Dala Éles\AppData\Roaming\FairStars CD Ripper
2013-02-02 20:22:45 ----D---- C:\Users\Dala Éles\AppData\Roaming\Audacity
2013-02-02 20:22:12 ----D---- C:\totalcmd
2013-02-02 20:22:06 ----D---- C:\ProgramData\Ulead Systems
2013-02-02 20:22:06 ----D---- C:\ProgramData\Pinnacle
2013-02-02 20:22:06 ----D---- C:\ProgramData\FLEXnet
2013-02-02 20:22:06 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-02-02 20:22:05 ----SHD---- C:\$Recycle.Bin
2013-02-02 20:21:48 ----D---- C:\Windows\registration
2013-02-02 20:21:01 ----D---- C:\Users\Dala Éles\AppData\Roaming\DAEMON Tools Lite
2013-02-02 20:21:00 ----D---- C:\Users\Dala Éles\AppData\Roaming\Adobe
2013-02-02 20:15:46 ----D---- C:\Program Files (x86)\Common Files
2013-02-02 20:15:32 ----RHD---- C:\MSOCache
2013-02-01 22:20:57 ----D---- C:\Windows\Panther
2013-02-01 22:20:57 ----D---- C:\Windows\Logs
2013-02-01 22:20:57 ----D---- C:\Windows\debug
2013-02-01 22:20:57 ----D---- C:\Users\Dala Éles\AppData\Roaming\Vso
2013-02-01 22:20:57 ----D---- C:\Users\Dala Éles\AppData\Roaming\Media Player Classic
2013-01-19 21:55:28 ----D---- C:\Program Files (x86)\Adobe
2013-01-19 21:55:15 ----D---- C:\ProgramData\Adobe
2013-01-17 01:28:58 ----N---- C:\Windows\system32\MpSigStub.exe
2013-01-15 22:11:06 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-01-15 22:09:05 ----D---- C:\temp
2013-01-10 21:26:26 ----SD---- C:\ProgramData\Microsoft
2013-01-09 21:18:51 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-01-09 20:19:52 ----D---- C:\Windows\rescache
2013-01-09 18:39:43 ----D---- C:\Windows\Microsoft.NET
2013-01-09 18:39:42 ----RSD---- C:\Windows\assembly
2013-01-09 17:11:23 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-01-09 17:11:22 ----D---- C:\Windows\system32\hu-HU
2013-01-09 17:11:18 ----D---- C:\Windows\AppPatch
2013-01-09 17:06:33 ----D---- C:\ProgramData\Microsoft Help
2013-01-09 17:01:48 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-12-22 560184]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-10-08 211344]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-10-08 149592]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-10-08 138744]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-01-26 39808]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-01-26 64256]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-02-07 25640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-04 2697448]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2011-09-13 25640]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2011-09-14 30528]
S3 nmwcdcjx64;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcjx64.sys [2007-02-22 17408]
S3 nmwcdcmx64;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcmx64.sys [2007-02-22 17408]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdcx64.sys [2007-02-22 12288]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcdx64.sys [2007-02-22 173056]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB képolvasó-illesztőprogram; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 Capture Device Service;Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DES2 Service;DES2 Service for Energy Saving.; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-11-26 1329304]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-12-29 884152]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-29 1260472]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
R2 SCBackService;Splashtop Connect Service; C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
R2 Smart TimeLock;Smart TimeLock Service; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
R2 WCUService_STC_FF;Splashtop Connect Firefox Software Updater Service; C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [2011-03-24 493384]
R2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service; C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 PCLEPCI;PCLEPCI; C:\Windows\SysWOW64\drivers\pclepci.sys [2005-02-09 14165]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-01-19 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-15 1255736]

-----------------EOF-----------------


csüt. feb. 07, 2013 18:27
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
Logfile of random's system information tool 1.09 (written by random/random)
Run by Dala Éles at 2013-02-07 18:14:13
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 404 GB (87%) free of 465 GB
Total RAM: 4079 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:14:40, on 2013.02.07.
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
C:\Program Files\trend micro\Dala Éles.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startlap.hu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/solidyoutube/{31A5F9BD-7ED5-43C3-A675-C373FF50FB04}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Splashtop Connect SearchHook - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
R3 - URLSearchHook: (no name) - {f999a48b-1950-4d81-9971-79018f807b4b} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Splashtop Connect VisualBookmark - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: SpecialSavings - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll
O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDE.EXE /FU "C:\Windows\TEMP\E_SFEE7.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-21-3815208889-3533261210-2575997103-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3815208889-3533261210-2575997103-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Startup: OneNote 2010 – Képernyőrész kivágása és gyorsindítás.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: GoGear SA3MXX Device Manager.lnk = C:\Program Files (x86)\Philips\GoGear SA3MXX Device Manager\main.exe
O8 - Extra context menu item: E&xportálás a Microsoft Excel programba - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Kül&dés a OneNote programba - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Küldés a OneNote programba - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Kül&dés a OneNote programba - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote – hi&vatkozott feljegyzések - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote – hi&vatkozott feljegyzések - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: SpecialSavings - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0CDA99FD-D994-45C8-A7AE-2E56D8B2F8B9}: NameServer = 193.110.57.4 193.110.56.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{0CDA99FD-D994-45C8-A7AE-2E56D8B2F8B9}: NameServer = 193.110.57.4 193.110.56.8
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\SysWOW64\drivers\pclepci.sys
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Splashtop Connect Service (SCBackService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Splashtop Connect Firefox Software Updater Service (WCUService_STC_FF) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
O23 - Service: Splashtop Connect IE Software Updater Service (WCUService_STC_IE) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 26377 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe"
"C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe"
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
RPMDaemon.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:4028 CREDAT:203009
"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe" -Embedding
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe -Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Dala Éles\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
GBHO.BHO - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-16 347424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-16 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}]
Splashtop Connect VisualBookmark - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll [2010-11-24 345968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-11-29 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}]
SpecialSavings - C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll [2011-12-18 221184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
MyAshampoo Toolbar - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll [2010-11-29 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1d09c093-f71e-43c3-b948-19316cbd695e} - Smart Recovery 2 - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - MyAshampoo Toolbar - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll [2010-11-29 3908192]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-11-29 3908192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-01-04 11772520]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-11-26 6325936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"=C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2010-08-23 2552320]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-17 221184]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2012-01-18 911160]
"EPSON Stylus DX7400 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDE.EXE [2007-04-12 213504]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"STCAgent"=C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe [2010-11-24 776064]
"ZyngaGamesAgent"=C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [2010-11-15 841544]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"NWEReboot"= []


csüt. feb. 07, 2013 18:26
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
Köszönöm szépen mindenkinek a gyors és jótanácsokat.

Kedves Stell készítem és felrakom ide.


csüt. feb. 07, 2013 18:09
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: szer. márc. 24, 2004 13:43
Hozzászólások: 11865
Tartózkodási hely: Budapest, Solymár
Hozzászólás Re: Vírus ???? TOP secret vbe file
Laszlo75 írta:
... Szerinted ezzel sikerült kiirtani ...

Nem, vagy inkább nem biztos. A partíciók első szektorainak (0-62) a fertőzöttsége a fájlok törlésével nem szűnik meg, ehhez egyéb programok kellenek (vagy a kézzel való editálás, de ez nagyon veszélyes lehet az adatokra). Kétségtelenül a legegyszerűbb az újra particionálás, de evvel minden adatod elvész (a vírusokkal együtt), ha nem mented. De a mentett adatokat külön kell tárolni (mert lehet hogy azok is fertőzöttek), és átvizsgálás után óvatosan visszamásolni.

Látom stell bejelentkezett. Ő nagyon érti a dolgokat, hallgass rá. Pontosan csináld amit ír, szépen sorjában. Ne kapkodj, önállóskodj. Jó lesz a géped.


csüt. feb. 07, 2013 16:32
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. jún. 24, 2007 10:18
Hozzászólások: 6679
Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,
Hozzászólás Re: Vírus ???? TOP secret vbe file
Udb
Tedd ide az RSIT naplojat.
Igy
http://virus-stell.blogspot.sk/2010/04/rsit.html


csüt. feb. 07, 2013 8:35
Profil Privát üzenet küldése Honlap
a fórum lelke
Avatar

Csatlakozott: vas. szept. 12, 2004 18:08
Hozzászólások: 6037
Tartózkodási hely: Usa
Hozzászólás Re: Vírus ???? TOP secret vbe file
Minden lehet..csak' vakarni kell'.akarom mondani..akarni kell! :)
Én, a leggyorsabb és abszolúte bolondbiztos megoldást írtam le mint rendszergazda..
Biztos van rá körmönfontabb adatmegőrző megoldás is...de kit érdekel egy 200 klienses szervernél a személyes nyomor,mikor a többieknek dolgozni kell..(200km-10000km távolságban!)-elfutok hozzá víusírtani? :hm:

Otthon,lehet pepecselni a személyes adatok védelmével,de pl.ilyeneket nem kell alapból benyalni mint ez is, vagy mint a 3 napos befizetéses bankkártyavírus,stb :wink:


szer. feb. 06, 2013 23:35
Profil Privát üzenet küldése ICQ YIM Honlap
a fórum lelke
Avatar

Csatlakozott: szer. márc. 24, 2004 13:43
Hozzászólások: 6663
Hozzászólás Re: Vírus ???? TOP secret vbe file
Nem kell mindig és mindjárt törölni. Valószínűleg jó lesz, de nem árt más vírusirtóval is megnézni. Csak össze ne akadjon, egyszerre csak egy legyen telepítve.
Live CD megoldások is szóba jöhetnek.


szer. feb. 06, 2013 22:25
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
Kedves Laci!

Köszönöm szépen de, ha nem haragszol lenne még hozzád egy kérdésem.
Mivel nem vagyok egy nagy PC zseni az utóbbi 4 órában is ezzel foglalkoztam. Letöltöttem a NOD 6-os próbaverziót és átfuttattam a gépen.
16 db vírust meg is talált. Ezek között volt az a mm.vbe file is amit az első üzenetben írtam.
Így talált rá 2-szer is: "mm.vbe VBS/Agent.NCO féreg" , valamint egy rakás kéretlen alkalmazást is.
Ezeket mind karanténba vágta. Aztán pedig csináltam egy ccleaner-t.
Ezek után pedig a pendrive-ra és az sd kártyára már nem teszi fel a TOP secret nevű vbe filet.

Szerinted ezzel sikerült kiirtani vagy még ezek után is a törlést ajánlod.

Várom megtisztelő válaszod.


szer. feb. 06, 2013 21:36
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: szer. márc. 24, 2004 13:43
Hozzászólások: 11865
Tartózkodási hely: Budapest, Solymár
Hozzászólás Re: Vírus ???? TOP secret vbe file
Laszlo75 írta:
Teljes törlés nélkül nem lehet megoldani?

A particionálás sajnos törléssel jár. De csak így lehet létrehozni új fájlrendszert, ami már nem fertőzött.
Vannak más megoldások is (Hexeditor), de ahhoz már nagyon kell ismerni a mélyebb összefüggéseket. :shock:


szer. feb. 06, 2013 20:19
Profil Privát üzenet küldése
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Re: Vírus ???? TOP secret vbe file
Teljes törlés nélkül nem lehet megoldani?


szer. feb. 06, 2013 16:49
Profil Privát üzenet küldése
a fórum lelke
Avatar

Csatlakozott: vas. szept. 12, 2004 18:08
Hozzászólások: 6037
Tartózkodási hely: Usa
Hozzászólás Re: Vírus ???? TOP secret vbe file
'NOTE: VBE files can contain viruses, so do not open a VBE file if it is an unknown email attachment.'

Ergo:először a hordozható meghajtóidat(pen,SD,ext.hard) 'Más rendszer alatt' nem csak formázod hanem újrapaticiomálod,utána formázod ua lemezzel(live-CD) vírusirtasz a számitógépeden..lehet hogy ez nem lesz sikeres,akkor azt is újaparticionálod,majd formázod és újratelepíted a rendszert..garantáltan nem lesz Top-secret.vbe kiterjesztésed,hacsak nem magad titkosítod...,de az már más téma.


kedd feb. 05, 2013 22:31
Profil Privát üzenet küldése ICQ YIM Honlap
ezüst tag

Csatlakozott: vas. feb. 03, 2013 14:10
Hozzászólások: 22
Hozzászólás Vírus ???? TOP secret vbe file
Sziasztok!

Új belépőként elsőnek is üdvözölni szeretnélek benneteket. :)

A segítségeteket szeretném kérni.
A problémám a következő:
Ha a számítógépembe belerakom a pendrive-t vagy az SD kártyámat, mindig rátesz egy TOP secret nevű vbe filet. Hiába formattálom le újra és újra mindig visszateszi az eszközökre.
Próbáltam utána olvasni de, nem találtam a neten semmi hasznosat sem.
Egy fórumotokban viszont találtam egy ehez hasonló problémát, amiben még egy mm. vbe file-ról is szó van, amit a gépemen a Windows/system mappában meg is találtam.

Mi lehet a baj? Ez vírus?
Próbáltam 4 fajta vírusirtót de, egy sem jelezte, hogy vírus lenne a gépen.

Segítségeteket előre is köszönöm.


kedd feb. 05, 2013 19:33
Profil Privát üzenet küldése
Hozzászólások megjelenítése:  Rendezés  
Hozzászólás a témához   [ 40 hozzászólás ] 

Ki van itt

Jelenlévő fórumozók: nincs regisztrált felhasználó valamint 7 vendég


Nem nyithatsz témákat ebben a fórumban.
Nem válaszolhatsz egy témára ebben a fórumban.
Nem szerkesztheted a hozzászólásaidat ebben a fórumban.
Nem törölheted a hozzászólásaidat ebben a fórumban.

Keresés:
Ugrás:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by ST Software for PTF.
Magyar fordítás © Magyar phpBB Közösség