ia most csináltam meg az elsőt, és elkezdtem ezt is futtatni-->regcleaner.
De eltünt az egyik next után.
Lehet nem jól csináltam vmit?

Na mindegy:
Csinald meg eztett:
Letoltod a T-Cleanert az asztalra teszed es futatod,ha keri csak megnyomod a bilentyut.
http://sweb.cz/Marinus/T-Cleaner.bat

Utana letoltod a RegCleanert.

http://www.worldstart.com/weekly-download/archives/reg-cleaner4.3.htm

Klik Download Now
A letoltes utan telepited .Megtalalod a regcleaner.exe futatod es mindig klik NEXT utanna klik Options | Languages | Choice Language. bealitod a magyar nyelvett.Klik Open bealitod csak az automatikus igy

Aztan bealitod igy

Ha jol bealitotad a Automatikus akor most elindul a pucolas.
es megjelenek a hibas beirasok.

Es amikor bevegzi Automatikusan kitoroli Masat nebabralj.
Ha ezeket mind megcinalod ird meg hogy mi a hejzet.Vagyis van e Fagyas.OK

ok.De en nem akartam hogy ketszer ted ide ugyanazt,de kenne lennie ijenek:
1:MAIN.TXT
2:EXTRA.TXT-ez kb a deckart mapaban a C:\n van-probald megkeresni es ted ide.Vagy ird a keresobe>Extra.txt es megkene hogy talalja en majd meg mama attanulmanyozom es majd ide irom ,de csak kesob
OK/
UDV.

Deckard's System Scanner v20071014.68
Run by Rendszergazda on 2008-03-09 19:55:51
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 3 Restore Point(s) --
3: 2008-03-09 18:55:58 UTC - RP3 - Deckard's System Scanner Restore Point
2: 2008-03-07 10:48:59 UTC - RP2 - Installed SUPERAntiSpyware Free Edition
1: 2008-03-06 21:16:15 UTC - RP1 - Rendszerellenőrzési pont


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 383 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-03-09 19:58:38
Platform: Windows XP Szervizcsomag 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.20733)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3Trayp.exe
C:\WINDOWS\RTHDCPL.exe
C:\Program Files\ESET\nod32kui.exe
C:\WINDOWS\system32\WTClient.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\ESET\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\drivers\WTSrv.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Rendszergazda\Local Settings\Temporary Internet Files\Content.IE5\FFWK4GEN\dss[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.hu/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://codecs.r8.org/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S637.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: VP-EYE.lnk = C:\VP-EYE\control\vpeyev4.exe
O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options Group: [TABS] Tabbed Browsing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://kamera.terrasoft.hu/activex/AMC.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\ESET\nod32krn.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\system32\drivers\WTSrv.exe


--
End of file - 9069 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R3 PTSimBus (PenTablet Bus Enumerator) - c:\windows\system32\drivers\ptsimbus.sys <Not Verified; PenTablet Driver; PenTablet Bus enumerator>
R3 PTSimHid (PenTablet Simulated HID MiniDriver) - c:\windows\system32\drivers\ptsimhid.sys <Not Verified; PenTablet Driver; PenTablet Hid MiniDriver for Win2000/XP/Vista>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
R3 SoC PC-Camera Service (Conceptronic Funcam) - c:\windows\system32\drivers\pfc027.sys
R3 TClass2k (Tablet Class Driver) - c:\windows\system32\drivers\tclass2k.sys <Not Verified; Tablet Driver; Tablet Class Driver for Win2000/XP/Vista>
R3 UCTblHid (HID Tablet Port Driver) - c:\windows\system32\drivers\uctblhid.sys <Not Verified; Tablet Driver; Tablet HID Driver for Win2000/XP/Vista>

S3 GMSIPCI - e:\install\gmsipci.sys (file missing)
S3 MSICPL - e:\install4\msicpl.sys (file missing)
S3 NTACCESS - e:\ntaccess.sys (file missing)
S3 SetupNTGLM7X - e:\ntglm7x.sys (file missing)
S3 Tablet2k (Serial Tablet Port Driver) - "c:\windows\system32\drivers\tablet2k.sys" (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 WinTabService (WinTab Service) - "c:\windows\system32\drivers\wtsrv.exe" <Not Verified; Tablet Driver; Tablet Driver for Win2000/XP/Vista>

S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-03-07 18:00:47 424 --a------ C:\WINDOWS\Tasks\Norton Security Scan.job


-- Files created between 2008-02-09 and 2008-03-09 -----------------------------

2008-03-07 21:04:55 0 d-a------ C:\WINDOWS\zts2.exe
2008-03-07 21:04:55 0 d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2008-03-07 21:04:55 0 d-a------ C:\WINDOWS\system32\systems.txt
2008-03-07 21:04:55 0 d-a------ C:\WINDOWS\system32\iifgfgf.dll
2008-03-07 21:04:55 0 d-a------ C:\WINDOWS\rundll16.exe
2008-03-07 21:04:55 0 d-a------ C:\WINDOWS\rundl132.dll
2008-03-07 21:04:55 0 d-a------ C:\WINDOWS\logo1_.exe
2008-03-07 11:49:22 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-03-07 11:49:02 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-03-07 11:49:02 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\SUPERAntiSpyware.com
2008-03-07 11:43:05 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-07 08:04:09 0 d-------- C:\WINDOWS\system32\xircom
2008-03-07 08:04:03 0 d-------- C:\Program Files\microsoft frontpage
2008-03-06 21:34:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-03-06 21:33:07 0 d-------- C:\Documents and Settings\Rendszergazda\Recent
2008-03-06 21:31:29 0 d-------- C:\Program Files\Yahoo!
2008-03-06 21:31:19 0 d-------- C:\Program Files\CCleaner
2008-03-06 20:15:26 68096 --a------ C:\WINDOWS\system32\zip.exe
2008-03-06 20:15:26 98816 --a------ C:\WINDOWS\system32\sed.exe
2008-03-06 20:15:26 80412 --a------ C:\WINDOWS\system32\grep.exe
2008-03-06 20:15:26 73728 --a------ C:\WINDOWS\system32\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-03-05 12:03:37 0 d-------- C:\Program Files\Axis Communications
2008-03-02 14:33:01 0 d-------- C:\Program Files\Norton Security Scan
2008-03-01 11:54:43 0 d-------- C:\WINDOWS\system32\appmgmt
2008-03-01 09:26:08 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Apple Computer
2008-03-01 07:20:18 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-03-01 07:09:13 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-01 07:09:08 0 d-------- C:\Program Files\Windows Live
2008-03-01 07:09:02 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-26 19:54:55 0 d-------- C:\Program Files\Disc2Phone
2008-02-26 19:47:30 0 d-------- C:\WINDOWS\system32\URTTemp
2008-02-26 19:45:52 0 d-------- C:\Program Files\QuickTime
2008-02-26 19:45:35 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-26 18:54:16 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Media Player Classic
2008-02-26 18:46:54 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Teleca
2008-02-26 18:46:45 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Sony Ericsson
2008-02-26 18:42:56 0 d-------- C:\Documents and Settings\All Users\Documents
2008-02-26 18:42:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-02-26 18:42:29 0 d-------- C:\Program Files\Common Files\Teleca Shared
2008-02-26 18:42:28 0 d-------- C:\Program Files\Sony Ericsson
2008-02-26 18:42:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Teleca
2008-02-25 20:09:03 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Google
2008-02-25 19:23:03 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\skypePM
2008-02-25 19:23:03 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-02-25 19:21:26 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Skype
2008-02-25 19:21:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2008-02-25 19:20:48 0 d-------- C:\Program Files\Google
2008-02-25 19:20:38 0 d-------- C:\Program Files\Skype
2008-02-25 19:20:38 0 d-------- C:\Program Files\Common Files\Skype
2008-02-25 19:20:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-02-25 19:03:28 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Opera
2008-02-25 19:03:16 0 d-------- C:\Program Files\Opera
2008-02-24 22:10:39 0 d-------- C:\Documents and Settings\All Users\Application Data\UDL
2008-02-24 22:07:39 111932 --a------ C:\WINDOWS\system32\EPPICPrinterDB.dat
2008-02-24 22:07:39 1139 --a------ C:\WINDOWS\system32\EPPICPresetData_PT.dat
2008-02-24 22:07:39 1120 --a------ C:\WINDOWS\system32\EPPICPresetData_IT.dat
2008-02-24 22:07:39 1107 --a------ C:\WINDOWS\system32\EPPICPresetData_GE.dat
2008-02-24 22:07:39 1129 --a------ C:\WINDOWS\system32\EPPICPresetData_FR.dat
2008-02-24 22:07:39 1136 --a------ C:\WINDOWS\system32\EPPICPresetData_ES.dat
2008-02-24 22:07:39 1104 --a------ C:\WINDOWS\system32\EPPICPresetData_EN.dat
2008-02-24 22:07:39 1146 --a------ C:\WINDOWS\system32\EPPICPresetData_DU.dat
2008-02-24 22:07:39 1129 --a------ C:\WINDOWS\system32\EPPICPresetData_CF.dat
2008-02-24 22:07:39 1139 --a------ C:\WINDOWS\system32\EPPICPresetData_BP.dat
2008-02-24 22:07:39 4943 --a------ C:\WINDOWS\system32\EPPICPattern6.dat
2008-02-24 22:07:39 21390 --a------ C:\WINDOWS\system32\EPPICPattern5.dat
2008-02-24 22:07:39 11811 --a------ C:\WINDOWS\system32\EPPICPattern4.dat
2008-02-24 22:07:39 24903 --a------ C:\WINDOWS\system32\EPPICPattern3.dat
2008-02-24 22:07:39 20148 --a------ C:\WINDOWS\system32\EPPICPattern2.dat
2008-02-24 22:07:39 31053 --a------ C:\WINDOWS\system32\EPPICPattern131.dat
2008-02-24 22:07:39 27417 --a------ C:\WINDOWS\system32\EPPICPattern121.dat
2008-02-24 22:07:39 26154 --a------ C:\WINDOWS\system32\EPPICPattern1.dat
2008-02-24 22:07:15 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\InstallShield
2008-02-24 22:06:10 0 d-------- C:\Documents and Settings\All Users\Application Data\EPSON
2008-02-24 22:02:36 0 d-------- C:\Program Files\epson
2008-02-24 21:18:40 0 d-------- C:\Program Files\Citron
2008-02-24 21:16:56 0 d-------- C:\Program Files\Conceptronic
2008-02-24 21:16:56 0 d-------- C:\Program Files\Common Files\PCCamera
2008-02-24 21:13:29 0 d-------- C:\VP-EYE
2008-02-24 15:41:59 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Help
2008-02-24 15:37:43 0 d-------- C:\Program Files\WebEye
2008-02-24 15:35:47 303616 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield&reg; unInstaller>
2008-02-24 15:35:45 0 d-------- C:\Documents and Settings\Rendszergazda\WINDOWS
2008-02-24 15:32:34 0 d-------- C:\WINDOWS\PAC207
2008-02-24 15:30:48 0 d-------- C:\WINDOWS\Downloaded Installations
2008-02-22 05:41:27 0 d-------- C:\Program Files\MSXML 4.0
2008-02-21 06:21:45 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Macromedia
2008-02-21 06:21:45 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Adobe
2008-02-20 20:58:32 0 d-------- C:\Documents and Settings\Rendszergazda\Contacts
2008-02-20 12:45:57 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-02-20 12:37:48 0 d-------- C:\Program Files\PENSUITEPRO
2008-02-20 12:28:05 0 d-------- C:\Program Files\G-PEN SERIES
2008-02-20 12:24:53 545 --a------ C:\WINDOWS\UC.PIF
2008-02-20 12:24:53 545 --a------ C:\WINDOWS\RAR.PIF
2008-02-20 12:24:53 545 --a------ C:\WINDOWS\PKZIP.PIF
2008-02-20 12:24:53 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2008-02-20 12:24:53 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2008-02-20 12:24:53 545 --a------ C:\WINDOWS\LHA.PIF
2008-02-20 12:24:53 545 --a------ C:\WINDOWS\ARJ.PIF
2008-02-20 12:24:52 0 d-------- C:\totalcmd
2008-02-20 12:10:40 0 d-------- C:\Program Files\Microsoft.NET
2008-02-20 12:08:33 0 d-------- C:\Program Files\Microsoft Works
2008-02-20 12:07:29 0 d-------- C:\WINDOWS\SHELLNEW
2008-02-20 11:56:05 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-02-20 11:56:05 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\DAEMON Tools
2008-02-20 11:52:28 0 d-------- C:\Program Files\Common Files\ODBC
2008-02-20 11:52:25 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-02-20 11:52:24 0 dr------- C:\Program Files
2008-02-20 11:52:24 0 d-------- C:\Program Files\Common Files
2008-02-20 11:52:00 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\Default User\SendTo
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\Default User\Sablonok
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\Default User\Recent
2008-02-20 11:52:00 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\Default User\NetHood
2008-02-20 11:52:00 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\Default User\Dokumentumok
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\Default User\Cookies
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\Default User\Asztal
2008-02-20 11:52:00 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\All Users\Sablonok
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-02-20 11:52:00 0 dr------- C:\Documents and Settings\All Users\Dokumentumok
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\All Users\Asztal
2008-02-20 11:51:28 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-02-20 11:51:28 0 d-------- C:\WINDOWS\system32\CatRoot
2008-02-20 11:51:23 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-02-20 11:51:23 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-02-20 11:51:22 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-02-20 11:51:22 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-02-20 11:51:18 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Ahead
2008-02-20 11:51:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2008-02-20 11:51:02 0 d--hs---- C:\System Volume Information
2008-02-20 11:51:02 0 d-------- C:\Documents and Settings
2008-02-20 11:50:41 716272 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-02-20 11:49:13 0 d-------- C:\Program Files\Nero
2008-02-20 11:49:13 0 d-------- C:\Program Files\Common Files\Ahead
2008-02-20 11:49:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-02-20 11:48:55 164352 --a------ C:\WINDOWS\system32\unrar.dll
2008-02-20 11:48:53 217088 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>
2008-02-20 11:48:53 144384 --a------ C:\WINDOWS\system32\Iacenc.dll <Not Verified; Intel Corporation; Indeo&reg; audio software>
2008-02-20 11:48:53 39936 --a------ C:\WINDOWS\system32\huffyuv.dll <Not Verified; Disappearing Inc.; Huffyuv>
2008-02-20 11:48:52 282624 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-02-20 11:48:52 1559040 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-02-20 11:48:52 564224 --a------ C:\WINDOWS\system32\x264vfw.dll
2008-02-20 11:48:52 630784 --a------ C:\WINDOWS\system32\vp7vfw.dll <Not Verified; On2.com; On2_VP70>
2008-02-20 11:48:52 438272 --a------ C:\WINDOWS\system32\vp6vfw.dll <Not Verified; On2.com; On2_VP6>
2008-02-20 11:48:51 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-02-20 11:48:51 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-02-20 11:48:51 682496 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX&reg;>
2008-02-20 11:48:50 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-02-20 11:48:48 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-02-20 11:48:48 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Real
2008-02-20 11:48:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Real
2008-02-20 11:45:44 0 d-------- C:\WINDOWS
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\WinSxS
2008-02-20 11:45:44 0 dr------- C:\WINDOWS\Web
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\twain_32
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\wins
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\wbem
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\usmt
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\spool
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\ShellExt
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\Setup
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\ras
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\PreInstall
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\oobe
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\npp
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\mui
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\inetsrv
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\IME
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\icsxml
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\ias
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\hu-hu
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\export
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\en
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\drivers
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\dhcp
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\config
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\3076
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\2052
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1054
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1042
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1041
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1038
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1037
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1033
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1031
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1028
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1025
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\security
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Resources
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\repair
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Provisioning
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\PeerNet
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\pchealth
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Offline Web Pages
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\NLDRV
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Network Diagnostic
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\mui
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\msapps
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\msagent
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Media
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\java
2008-02-20 11:45:44 0 d--hs---- C:\WINDOWS\Installer
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\inf
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\ime
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Help
2008-02-20 11:45:44 0 dr--s---- C:\WINDOWS\Fonts
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\ehome
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Driver Cache
2008-02-20 11:45:44 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Debug
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Cursors
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Connection Wizard
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Config
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\AppPatch
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\addins
2008-02-20 11:42:57 0 d-------- C:\Program Files\Winamp
2008-02-20 11:42:57 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Winamp
2008-02-20 11:36:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-02-20 11:36:25 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-20 11:34:28 298104 --a------ C:\WINDOWS\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System>
2008-02-20 11:19:45 0 d-------- C:\WINDOWS\system32\Lang
2008-02-20 11:17:50 49152 -r------- C:\WINDOWS\system32\ChCfg.exe
2008-02-20 11:17:37 0 d-------- C:\WINDOWS\system32\RTCOM
2008-02-20 11:16:53 0 d-------- C:\Program Files\Realtek
2008-02-20 11:16:38 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-02-20 11:16:37 520192 -r------- C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>
2008-02-20 11:07:48 0 d-------- C:\Program Files\S3
2008-02-20 11:07:36 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-20 11:06:47 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-02-20 11:06:13 0 d-------- C:\Program Files\VIA
2008-02-20 11:06:07 0 d-------- C:\Program Files\Common Files\InstallShield
2008-02-20 11:04:38 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-02-20 11:03:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-02-20 11:03:44 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Identities
2008-02-20 11:03:35 0 dr------- C:\Documents and Settings\Rendszergazda\Start Menu
2008-02-20 11:03:35 0 d-------- C:\Documents and Settings\Rendszergazda\SendTo
2008-02-20 11:03:35 0 d-------- C:\Documents and Settings\Rendszergazda\Sablonok
2008-02-20 11:03:35 0 d--h----- C:\Documents and Settings\Rendszergazda\PrintHood
2008-02-20 11:03:35 2883584 --ah----- C:\Documents and Settings\Rendszergazda\NTUSER.DAT
2008-02-20 11:03:35 0 d-------- C:\Documents and Settings\Rendszergazda\NetHood
2008-02-20 11:03:35 0 d--h----- C:\Documents and Settings\Rendszergazda\Local Settings
2008-02-20 11:03:35 0 dr------- C:\Documents and Settings\Rendszergazda\Favorites
2008-02-20 11:03:35 0 dr------- C:\Documents and Settings\Rendszergazda\Dokumentumok
2008-02-20 11:03:35 0 d--hs---- C:\Documents and Settings\Rendszergazda\Cookies
2008-02-20 11:03:35 0 d-------- C:\Documents and Settings\Rendszergazda\Asztal
2008-02-20 11:03:35 0 dr-h----- C:\Documents and Settings\Rendszergazda\Application Data
2008-02-20 11:03:25 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-02-20 11:03:15 0 d-------- C:\WINDOWS\Prefetch
2008-02-20 11:03:14 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-02-20 11:03:13 237568 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-02-20 11:03:13 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-02-20 11:03:13 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-02-20 11:03:13 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-02-20 11:03:13 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-02-20 11:03:09 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-02-20 11:03:09 0 d-------- C:\Documents and Settings\NetworkService\Cookies
2008-02-20 11:03:09 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-02-20 11:03:09 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-02-20 11:03:08 237568 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-02-20 11:01:51 237568 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-02-20 11:01:42 0 d-------- C:\WINDOWS\$hf_mig$
2008-02-20 11:01:39 0 d-------- C:\WINDOWS\system32\LogFiles
2008-02-20 11:01:24 0 d-------- C:\WINDOWS\system32\drivers\umdf
2008-02-20 11:01:01 0 d-------- C:\Program Files\Windows Media Connect 2
2008-02-20 11:00:44 0 -rahs---- C:\MSDOS.SYS
2008-02-20 11:00:44 0 -rahs---- C:\IO.SYS
2008-02-20 11:00:44 0 --a------ C:\CONFIG.SYS
2008-02-20 11:00:44 0 -----n--- C:\AUTOEXEC.BAT
2008-02-20 11:00:27 0 d-------- C:\WINDOWS\system32\dllcache
2008-02-20 10:59:31 0 d-------- C:\Documents and Settings\All Users\DRM
2008-02-20 10:59:08 0 d--h----- C:\Program Files\WindowsUpdate
2008-02-20 10:59:05 0 d-------- C:\Program Files\Online Services
2008-02-20 10:58:51 0 d-------- C:\WINDOWS\system32\DirectX
2008-02-20 10:58:24 0 d---s---- C:\WINDOWS\Tasks
2008-02-20 10:58:23 0 d-------- C:\Program Files\Common Files\MSSoap
2008-02-20 10:58:19 0 d-------- C:\WINDOWS\system32\Macromed
2008-02-20 10:58:19 0 d-------- C:\WINDOWS\srchasst
2008-02-20 10:58:12 0 d-------- C:\Program Files\Movie Maker
2008-02-20 10:58:04 0 d-------- C:\WINDOWS\system32\Restore
2008-02-20 10:57:18 21948 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-02-20 10:57:03 0 d-------- C:\WINDOWS\Registration
2008-02-20 10:56:51 0 d-------- C:\Program Files\Messenger
2008-02-20 10:56:48 0 d-------- C:\Program Files\MSN Gaming Zone
2008-02-20 10:56:27 0 d-------- C:\Program Files\Windows NT
2008-02-20 10:56:24 0 d-------- C:\WINDOWS\system32\MsDtc
2008-02-20 10:56:22 0 d-------- C:\WINDOWS\system32\Com


-- Find3M Report ---------------------------------------------------------------

2008-02-26 19:50:34 383648 --a------ C:\WINDOWS\system32\perfh00E.dat
2008-02-26 19:50:34 77394 --a------ C:\WINDOWS\system32\perfc00E.dat
2008-02-20 11:52:00 62 --ahs---- C:\Documents and Settings\Rendszergazda\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2006.09.21. 09:36 C:\WINDOWS\system32\VTTimer.exe]
"S3Trayp"="S3trayp.exe" [2007.02.06. 00:30 C:\WINDOWS\system32\S3Trayp.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007.04.12. 10:33 C:\WINDOWS\RTHDCPL.exe]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008.02.20. 11:29]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" []
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007.03.01. 15:57]
"WTClient"="WTClient.exe" [2007.04.11. 17:27 C:\WINDOWS\system32\WTClient.exe]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005.10.26. 16:17]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008.01.11. 22:16]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004.08.17. 12:47]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007.06.27. 19:03]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008.01.17. 17:51]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007.10.18. 11:34]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004.10.13. 09:21]
"EPSON Stylus DX4400 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.exe" [2007.03.01. 07:01]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008.02.25. 19:21]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008.02.29. 16:03]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"nltide_3"=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
"nltide_2"=regsvr32 /s /n /i:U shell32

C:\Documents and Settings\Rendszergazda\Start Menu\Programs\Indˇt˘pult\
VP-EYE.lnk - C:\VP-EYE\control\vpeyev4.exe [2004.01.13. 6:54:30]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsMenu"=0 (0x0)
"NoRecentDocsHistory"=0 (0x0)
"NoSMConfigurePrograms"=0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsMenu"=0 (0x0)
"NoRecentDocsHistory"=0 (0x0)
"NoSMConfigurePrograms"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006.12.20. 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007.04.19. 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll




-- End of Deckard's System Scanner: finished at 2008-03-09 19:59:41 ------------

Deckard's System Scanner v20071014.68
Run by Rendszergazda on 2008-03-09 19:55:51
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 3 Restore Point(s) --
3: 2008-03-09 18:55:58 UTC - RP3 - Deckard's System Scanner Restore Point
2: 2008-03-07 10:48:59 UTC - RP2 - Installed SUPERAntiSpyware Free Edition
1: 2008-03-06 21:16:15 UTC - RP1 - Rendszerellenőrzési pont


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 383 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-03-09 19:58:38
Platform: Windows XP Szervizcsomag 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.20733)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3Trayp.exe
C:\WINDOWS\RTHDCPL.exe
C:\Program Files\ESET\nod32kui.exe
C:\WINDOWS\system32\WTClient.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\ESET\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\drivers\WTSrv.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Rendszergazda\Local Settings\Temporary Internet Files\Content.IE5\FFWK4GEN\dss[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.hu/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://codecs.r8.org/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S637.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: VP-EYE.lnk = C:\VP-EYE\control\vpeyev4.exe
O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options Group: [TABS] Tabbed Browsing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://kamera.terrasoft.hu/activex/AMC.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\ESET\nod32krn.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\system32\drivers\WTSrv.exe


--
End of file - 9069 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R3 PTSimBus (PenTablet Bus Enumerator) - c:\windows\system32\drivers\ptsimbus.sys <Not Verified; PenTablet Driver; PenTablet Bus enumerator>
R3 PTSimHid (PenTablet Simulated HID MiniDriver) - c:\windows\system32\drivers\ptsimhid.sys <Not Verified; PenTablet Driver; PenTablet Hid MiniDriver for Win2000/XP/Vista>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
R3 SoC PC-Camera Service (Conceptronic Funcam) - c:\windows\system32\drivers\pfc027.sys
R3 TClass2k (Tablet Class Driver) - c:\windows\system32\drivers\tclass2k.sys <Not Verified; Tablet Driver; Tablet Class Driver for Win2000/XP/Vista>
R3 UCTblHid (HID Tablet Port Driver) - c:\windows\system32\drivers\uctblhid.sys <Not Verified; Tablet Driver; Tablet HID Driver for Win2000/XP/Vista>

S3 GMSIPCI - e:\install\gmsipci.sys (file missing)
S3 MSICPL - e:\install4\msicpl.sys (file missing)
S3 NTACCESS - e:\ntaccess.sys (file missing)
S3 SetupNTGLM7X - e:\ntglm7x.sys (file missing)
S3 Tablet2k (Serial Tablet Port Driver) - "c:\windows\system32\drivers\tablet2k.sys" (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 WinTabService (WinTab Service) - "c:\windows\system32\drivers\wtsrv.exe" <Not Verified; Tablet Driver; Tablet Driver for Win2000/XP/Vista>

S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-03-07 18:00:47 424 --a------ C:\WINDOWS\Tasks\Norton Security Scan.job


-- Files created between 2008-02-09 and 2008-03-09 -----------------------------

2008-03-07 21:04:55 0 d-a------ C:\WINDOWS\zts2.exe
2008-03-07 21:04:55 0 d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2008-03-07 21:04:55 0 d-a------ C:\WINDOWS\system32\systems.txt
2008-03-07 21:04:55 0 d-a------ C:\WINDOWS\system32\iifgfgf.dll
2008-03-07 21:04:55 0 d-a------ C:\WINDOWS\rundll16.exe
2008-03-07 21:04:55 0 d-a------ C:\WINDOWS\rundl132.dll
2008-03-07 21:04:55 0 d-a------ C:\WINDOWS\logo1_.exe
2008-03-07 11:49:22 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-03-07 11:49:02 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-03-07 11:49:02 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\SUPERAntiSpyware.com
2008-03-07 11:43:05 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-07 08:04:09 0 d-------- C:\WINDOWS\system32\xircom
2008-03-07 08:04:03 0 d-------- C:\Program Files\microsoft frontpage
2008-03-06 21:34:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-03-06 21:33:07 0 d-------- C:\Documents and Settings\Rendszergazda\Recent
2008-03-06 21:31:29 0 d-------- C:\Program Files\Yahoo!
2008-03-06 21:31:19 0 d-------- C:\Program Files\CCleaner
2008-03-06 20:15:26 68096 --a------ C:\WINDOWS\system32\zip.exe
2008-03-06 20:15:26 98816 --a------ C:\WINDOWS\system32\sed.exe
2008-03-06 20:15:26 80412 --a------ C:\WINDOWS\system32\grep.exe
2008-03-06 20:15:26 73728 --a------ C:\WINDOWS\system32\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-03-05 12:03:37 0 d-------- C:\Program Files\Axis Communications
2008-03-02 14:33:01 0 d-------- C:\Program Files\Norton Security Scan
2008-03-01 11:54:43 0 d-------- C:\WINDOWS\system32\appmgmt
2008-03-01 09:26:08 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Apple Computer
2008-03-01 07:20:18 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-03-01 07:09:13 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-01 07:09:08 0 d-------- C:\Program Files\Windows Live
2008-03-01 07:09:02 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-26 19:54:55 0 d-------- C:\Program Files\Disc2Phone
2008-02-26 19:47:30 0 d-------- C:\WINDOWS\system32\URTTemp
2008-02-26 19:45:52 0 d-------- C:\Program Files\QuickTime
2008-02-26 19:45:35 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-26 18:54:16 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Media Player Classic
2008-02-26 18:46:54 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Teleca
2008-02-26 18:46:45 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Sony Ericsson
2008-02-26 18:42:56 0 d-------- C:\Documents and Settings\All Users\Documents
2008-02-26 18:42:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-02-26 18:42:29 0 d-------- C:\Program Files\Common Files\Teleca Shared
2008-02-26 18:42:28 0 d-------- C:\Program Files\Sony Ericsson
2008-02-26 18:42:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Teleca
2008-02-25 20:09:03 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Google
2008-02-25 19:23:03 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\skypePM
2008-02-25 19:23:03 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-02-25 19:21:26 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Skype
2008-02-25 19:21:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2008-02-25 19:20:48 0 d-------- C:\Program Files\Google
2008-02-25 19:20:38 0 d-------- C:\Program Files\Skype
2008-02-25 19:20:38 0 d-------- C:\Program Files\Common Files\Skype
2008-02-25 19:20:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-02-25 19:03:28 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Opera
2008-02-25 19:03:16 0 d-------- C:\Program Files\Opera
2008-02-24 22:10:39 0 d-------- C:\Documents and Settings\All Users\Application Data\UDL
2008-02-24 22:07:39 111932 --a------ C:\WINDOWS\system32\EPPICPrinterDB.dat
2008-02-24 22:07:39 1139 --a------ C:\WINDOWS\system32\EPPICPresetData_PT.dat
2008-02-24 22:07:39 1120 --a------ C:\WINDOWS\system32\EPPICPresetData_IT.dat
2008-02-24 22:07:39 1107 --a------ C:\WINDOWS\system32\EPPICPresetData_GE.dat
2008-02-24 22:07:39 1129 --a------ C:\WINDOWS\system32\EPPICPresetData_FR.dat
2008-02-24 22:07:39 1136 --a------ C:\WINDOWS\system32\EPPICPresetData_ES.dat
2008-02-24 22:07:39 1104 --a------ C:\WINDOWS\system32\EPPICPresetData_EN.dat
2008-02-24 22:07:39 1146 --a------ C:\WINDOWS\system32\EPPICPresetData_DU.dat
2008-02-24 22:07:39 1129 --a------ C:\WINDOWS\system32\EPPICPresetData_CF.dat
2008-02-24 22:07:39 1139 --a------ C:\WINDOWS\system32\EPPICPresetData_BP.dat
2008-02-24 22:07:39 4943 --a------ C:\WINDOWS\system32\EPPICPattern6.dat
2008-02-24 22:07:39 21390 --a------ C:\WINDOWS\system32\EPPICPattern5.dat
2008-02-24 22:07:39 11811 --a------ C:\WINDOWS\system32\EPPICPattern4.dat
2008-02-24 22:07:39 24903 --a------ C:\WINDOWS\system32\EPPICPattern3.dat
2008-02-24 22:07:39 20148 --a------ C:\WINDOWS\system32\EPPICPattern2.dat
2008-02-24 22:07:39 31053 --a------ C:\WINDOWS\system32\EPPICPattern131.dat
2008-02-24 22:07:39 27417 --a------ C:\WINDOWS\system32\EPPICPattern121.dat
2008-02-24 22:07:39 26154 --a------ C:\WINDOWS\system32\EPPICPattern1.dat
2008-02-24 22:07:15 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\InstallShield
2008-02-24 22:06:10 0 d-------- C:\Documents and Settings\All Users\Application Data\EPSON
2008-02-24 22:02:36 0 d-------- C:\Program Files\epson
2008-02-24 21:18:40 0 d-------- C:\Program Files\Citron
2008-02-24 21:16:56 0 d-------- C:\Program Files\Conceptronic
2008-02-24 21:16:56 0 d-------- C:\Program Files\Common Files\PCCamera
2008-02-24 21:13:29 0 d-------- C:\VP-EYE
2008-02-24 15:41:59 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Help
2008-02-24 15:37:43 0 d-------- C:\Program Files\WebEye
2008-02-24 15:35:47 303616 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield&reg; unInstaller>
2008-02-24 15:35:45 0 d-------- C:\Documents and Settings\Rendszergazda\WINDOWS
2008-02-24 15:32:34 0 d-------- C:\WINDOWS\PAC207
2008-02-24 15:30:48 0 d-------- C:\WINDOWS\Downloaded Installations
2008-02-22 05:41:27 0 d-------- C:\Program Files\MSXML 4.0
2008-02-21 06:21:45 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Macromedia
2008-02-21 06:21:45 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Adobe
2008-02-20 20:58:32 0 d-------- C:\Documents and Settings\Rendszergazda\Contacts
2008-02-20 12:45:57 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-02-20 12:37:48 0 d-------- C:\Program Files\PENSUITEPRO
2008-02-20 12:28:05 0 d-------- C:\Program Files\G-PEN SERIES
2008-02-20 12:24:53 545 --a------ C:\WINDOWS\UC.PIF
2008-02-20 12:24:53 545 --a------ C:\WINDOWS\RAR.PIF
2008-02-20 12:24:53 545 --a------ C:\WINDOWS\PKZIP.PIF
2008-02-20 12:24:53 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2008-02-20 12:24:53 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2008-02-20 12:24:53 545 --a------ C:\WINDOWS\LHA.PIF
2008-02-20 12:24:53 545 --a------ C:\WINDOWS\ARJ.PIF
2008-02-20 12:24:52 0 d-------- C:\totalcmd
2008-02-20 12:10:40 0 d-------- C:\Program Files\Microsoft.NET
2008-02-20 12:08:33 0 d-------- C:\Program Files\Microsoft Works
2008-02-20 12:07:29 0 d-------- C:\WINDOWS\SHELLNEW
2008-02-20 11:56:05 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-02-20 11:56:05 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\DAEMON Tools
2008-02-20 11:52:28 0 d-------- C:\Program Files\Common Files\ODBC
2008-02-20 11:52:25 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-02-20 11:52:24 0 dr------- C:\Program Files
2008-02-20 11:52:24 0 d-------- C:\Program Files\Common Files
2008-02-20 11:52:00 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\Default User\SendTo
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\Default User\Sablonok
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\Default User\Recent
2008-02-20 11:52:00 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\Default User\NetHood
2008-02-20 11:52:00 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\Default User\Dokumentumok
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\Default User\Cookies
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\Default User\Asztal
2008-02-20 11:52:00 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\All Users\Sablonok
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-02-20 11:52:00 0 dr------- C:\Documents and Settings\All Users\Dokumentumok
2008-02-20 11:52:00 0 d-------- C:\Documents and Settings\All Users\Asztal
2008-02-20 11:51:28 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-02-20 11:51:28 0 d-------- C:\WINDOWS\system32\CatRoot
2008-02-20 11:51:23 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-02-20 11:51:23 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-02-20 11:51:22 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-02-20 11:51:22 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-02-20 11:51:18 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Ahead
2008-02-20 11:51:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2008-02-20 11:51:02 0 d--hs---- C:\System Volume Information
2008-02-20 11:51:02 0 d-------- C:\Documents and Settings
2008-02-20 11:50:41 716272 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-02-20 11:49:13 0 d-------- C:\Program Files\Nero
2008-02-20 11:49:13 0 d-------- C:\Program Files\Common Files\Ahead
2008-02-20 11:49:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-02-20 11:48:55 164352 --a------ C:\WINDOWS\system32\unrar.dll
2008-02-20 11:48:53 217088 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>
2008-02-20 11:48:53 144384 --a------ C:\WINDOWS\system32\Iacenc.dll <Not Verified; Intel Corporation; Indeo&reg; audio software>
2008-02-20 11:48:53 39936 --a------ C:\WINDOWS\system32\huffyuv.dll <Not Verified; Disappearing Inc.; Huffyuv>
2008-02-20 11:48:52 282624 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-02-20 11:48:52 1559040 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-02-20 11:48:52 564224 --a------ C:\WINDOWS\system32\x264vfw.dll
2008-02-20 11:48:52 630784 --a------ C:\WINDOWS\system32\vp7vfw.dll <Not Verified; On2.com; On2_VP70>
2008-02-20 11:48:52 438272 --a------ C:\WINDOWS\system32\vp6vfw.dll <Not Verified; On2.com; On2_VP6>
2008-02-20 11:48:51 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-02-20 11:48:51 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-02-20 11:48:51 682496 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX&reg;>
2008-02-20 11:48:50 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-02-20 11:48:48 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-02-20 11:48:48 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Real
2008-02-20 11:48:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Real
2008-02-20 11:45:44 0 d-------- C:\WINDOWS
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\WinSxS
2008-02-20 11:45:44 0 dr------- C:\WINDOWS\Web
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\twain_32
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\wins
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\wbem
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\usmt
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\spool
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\ShellExt
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\Setup
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\ras
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\PreInstall
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\oobe
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\npp
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\mui
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\inetsrv
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\IME
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\icsxml
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\ias
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\hu-hu
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\export
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\en
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\drivers
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\dhcp
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\config
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\3076
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\2052
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1054
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1042
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1041
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1038
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1037
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1033
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1031
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1028
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system32\1025
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\system
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\security
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Resources
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\repair
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Provisioning
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\PeerNet
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\pchealth
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Offline Web Pages
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\NLDRV
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Network Diagnostic
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\mui
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\msapps
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\msagent
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Media
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\java
2008-02-20 11:45:44 0 d--hs---- C:\WINDOWS\Installer
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\inf
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\ime
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Help
2008-02-20 11:45:44 0 dr--s---- C:\WINDOWS\Fonts
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\ehome
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Driver Cache
2008-02-20 11:45:44 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Debug
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Cursors
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Connection Wizard
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\Config
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\AppPatch
2008-02-20 11:45:44 0 d-------- C:\WINDOWS\addins
2008-02-20 11:42:57 0 d-------- C:\Program Files\Winamp
2008-02-20 11:42:57 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Winamp
2008-02-20 11:36:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-02-20 11:36:25 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-20 11:34:28 298104 --a------ C:\WINDOWS\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System>
2008-02-20 11:19:45 0 d-------- C:\WINDOWS\system32\Lang
2008-02-20 11:17:50 49152 -r------- C:\WINDOWS\system32\ChCfg.exe
2008-02-20 11:17:37 0 d-------- C:\WINDOWS\system32\RTCOM
2008-02-20 11:16:53 0 d-------- C:\Program Files\Realtek
2008-02-20 11:16:38 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-02-20 11:16:37 520192 -r------- C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>
2008-02-20 11:07:48 0 d-------- C:\Program Files\S3
2008-02-20 11:07:36 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-20 11:06:47 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-02-20 11:06:13 0 d-------- C:\Program Files\VIA
2008-02-20 11:06:07 0 d-------- C:\Program Files\Common Files\InstallShield
2008-02-20 11:04:38 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-02-20 11:03:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-02-20 11:03:44 0 d-------- C:\Documents and Settings\Rendszergazda\Application Data\Identities
2008-02-20 11:03:35 0 dr------- C:\Documents and Settings\Rendszergazda\Start Menu
2008-02-20 11:03:35 0 d-------- C:\Documents and Settings\Rendszergazda\SendTo
2008-02-20 11:03:35 0 d-------- C:\Documents and Settings\Rendszergazda\Sablonok
2008-02-20 11:03:35 0 d--h----- C:\Documents and Settings\Rendszergazda\PrintHood
2008-02-20 11:03:35 2883584 --ah----- C:\Documents and Settings\Rendszergazda\NTUSER.DAT
2008-02-20 11:03:35 0 d-------- C:\Documents and Settings\Rendszergazda\NetHood
2008-02-20 11:03:35 0 d--h----- C:\Documents and Settings\Rendszergazda\Local Settings
2008-02-20 11:03:35 0 dr------- C:\Documents and Settings\Rendszergazda\Favorites
2008-02-20 11:03:35 0 dr------- C:\Documents and Settings\Rendszergazda\Dokumentumok
2008-02-20 11:03:35 0 d--hs---- C:\Documents and Settings\Rendszergazda\Cookies
2008-02-20 11:03:35 0 d-------- C:\Documents and Settings\Rendszergazda\Asztal
2008-02-20 11:03:35 0 dr-h----- C:\Documents and Settings\Rendszergazda\Application Data
2008-02-20 11:03:25 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-02-20 11:03:15 0 d-------- C:\WINDOWS\Prefetch
2008-02-20 11:03:14 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-02-20 11:03:13 237568 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-02-20 11:03:13 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-02-20 11:03:13 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-02-20 11:03:13 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-02-20 11:03:13 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-02-20 11:03:09 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-02-20 11:03:09 0 d-------- C:\Documents and Settings\NetworkService\Cookies
2008-02-20 11:03:09 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-02-20 11:03:09 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-02-20 11:03:08 237568 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-02-20 11:01:51 237568 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-02-20 11:01:42 0 d-------- C:\WINDOWS\$hf_mig$
2008-02-20 11:01:39 0 d-------- C:\WINDOWS\system32\LogFiles
2008-02-20 11:01:24 0 d-------- C:\WINDOWS\system32\drivers\umdf
2008-02-20 11:01:01 0 d-------- C:\Program Files\Windows Media Connect 2
2008-02-20 11:00:44 0 -rahs---- C:\MSDOS.SYS
2008-02-20 11:00:44 0 -rahs---- C:\IO.SYS
2008-02-20 11:00:44 0 --a------ C:\CONFIG.SYS
2008-02-20 11:00:44 0 -----n--- C:\AUTOEXEC.BAT
2008-02-20 11:00:27 0 d-------- C:\WINDOWS\system32\dllcache
2008-02-20 10:59:31 0 d-------- C:\Documents and Settings\All Users\DRM
2008-02-20 10:59:08 0 d--h----- C:\Program Files\WindowsUpdate
2008-02-20 10:59:05 0 d-------- C:\Program Files\Online Services
2008-02-20 10:58:51 0 d-------- C:\WINDOWS\system32\DirectX
2008-02-20 10:58:24 0 d---s---- C:\WINDOWS\Tasks
2008-02-20 10:58:23 0 d-------- C:\Program Files\Common Files\MSSoap
2008-02-20 10:58:19 0 d-------- C:\WINDOWS\system32\Macromed
2008-02-20 10:58:19 0 d-------- C:\WINDOWS\srchasst
2008-02-20 10:58:12 0 d-------- C:\Program Files\Movie Maker
2008-02-20 10:58:04 0 d-------- C:\WINDOWS\system32\Restore
2008-02-20 10:57:18 21948 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-02-20 10:57:03 0 d-------- C:\WINDOWS\Registration
2008-02-20 10:56:51 0 d-------- C:\Program Files\Messenger
2008-02-20 10:56:48 0 d-------- C:\Program Files\MSN Gaming Zone
2008-02-20 10:56:27 0 d-------- C:\Program Files\Windows NT
2008-02-20 10:56:24 0 d-------- C:\WINDOWS\system32\MsDtc
2008-02-20 10:56:22 0 d-------- C:\WINDOWS\system32\Com


-- Find3M Report ---------------------------------------------------------------

2008-02-26 19:50:34 383648 --a------ C:\WINDOWS\system32\perfh00E.dat
2008-02-26 19:50:34 77394 --a------ C:\WINDOWS\system32\perfc00E.dat
2008-02-20 11:52:00 62 --ahs---- C:\Documents and Settings\Rendszergazda\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2006.09.21. 09:36 C:\WINDOWS\system32\VTTimer.exe]
"S3Trayp"="S3trayp.exe" [2007.02.06. 00:30 C:\WINDOWS\system32\S3Trayp.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007.04.12. 10:33 C:\WINDOWS\RTHDCPL.exe]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008.02.20. 11:29]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" []
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007.03.01. 15:57]
"WTClient"="WTClient.exe" [2007.04.11. 17:27 C:\WINDOWS\system32\WTClient.exe]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005.10.26. 16:17]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008.01.11. 22:16]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004.08.17. 12:47]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007.06.27. 19:03]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008.01.17. 17:51]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007.10.18. 11:34]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004.10.13. 09:21]
"EPSON Stylus DX4400 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.exe" [2007.03.01. 07:01]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008.02.25. 19:21]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008.02.29. 16:03]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"nltide_3"=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
"nltide_2"=regsvr32 /s /n /i:U shell32

C:\Documents and Settings\Rendszergazda\Start Menu\Programs\Indˇt˘pult\
VP-EYE.lnk - C:\VP-EYE\control\vpeyev4.exe [2004.01.13. 6:54:30]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsMenu"=0 (0x0)
"NoRecentDocsHistory"=0 (0x0)
"NoSMConfigurePrograms"=0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsMenu"=0 (0x0)
"NoRecentDocsHistory"=0 (0x0)
"NoSMConfigurePrograms"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006.12.20. 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007.04.19. 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll




-- End of Deckard's System Scanner: finished at 2008-03-09 19:59:41 ------------

hát igen, és most a microworld futtatása alatt is fagyott.
Akkor csinálom is amit irtál:)

Ok ezek csak bejedzesek nem virusok.

Szia:
Na mostan csinald meg eztett.
Letoltod ezt a programot az asztalra teszed es futatod.A vegen add ketdarab.Txt.Eztett ide teszed.Main.txt es extra.txt.Mert gondolom meg mindig fagy a gep.
http://www.techsupportforum.com/sectools/Deckard/dss.exe
Ok

szia Stell !
Most újra próbáltam lefutattni ezt a vírus keresőt, de megint ugyanúgy jártam mint multkor. Egy idő után leállt az egész gép, pedig nem csináltam semmi mást rajta.
De most annyi eszem volt, hogy készítettem róla Print Screent

Gondolom téged, ez a része érdekel,ahol ez van írva-->

virus log information

Object "kazaa Spyware/Adware" found in File System! Action Taken : No Action Taken.
Object "trojan-downloader.bat.ftp.ab. Troyan-Downloader" found in File System! Action Tacen: No Action Taken.
Object "trojan-downloader.bat.ftp.ab. Troyan-Downloader" found in File System! Action Tacen: No Action Taken.
Object "savenow Adware " Found in File System! Action Taken: No Action Taken.
Entry "HKCR/ComPlusMetaData.MsCorHost" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED (itt nem láttam tovább kiírást)
Entry "HKCR/ComPlusMetaData.MsCorHost.2" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79e (És innen sem láttam tovább sajnos)
nem tudom ez kell-e még
Result
Total Critical Objects 4
Total Errors 24
ennyit tudtam leírni.
Remélem hasznos

köszi eddigi segítséget is
Üdv Zsó

Szia:)
jaaaaa:) akkor értem, csak lassan koppant le:)
azt a "bogarast" ma lefuttattam, és talált 7et, amit törölt is.De a "kézben mozgó férgesirtót" nem találtam

Szia:

Ha nemtalalod akorr enged ujra,de kozben necsinalj masatt ha ugyis a gep bebugosodik akorr majjd ird ide.

Ez csak vicnek volt szanva.

Szia:)
és mit fog írni? a vírus írójára gondolsz?
most azt nem tudom, hogy újra le kell töltenem ezt amit tegnap csináltam, vagy gépen van?

Szia kedves Stell mester,a napokban átnáztem a régi lemezeimet,program gyüjteményeimet.Az egyik lemezen találtam egy nagyon jó,kiváló Windows média playert.Mplayer-1.0rc1-gui program elönnye,hogy csak 5.1Mbayte helyet foglal,de a hozzátartozó Coderrel széppen és kivállóan lejátsza az ősszes Transport stream felvételt is,AC3-as.kodolást és 5.1-es hangot is felismeri. Nekem ez azért lényeges,mert a digitális beltériegységem a hdd-re vagy pendriver-re,ebben a formátumban készit felvétteleket. A müholdas Echosmart forumon közkincsé szeretném tenni,de sajna odda sem lehet közvetlen feltölteni.Ezeket majd elmentem,és megprobálom, hállás köszönettel, üdv:Topi-51

Szia Topi-51.
Szinten kellemes napot.Hat igen a Magyar szerverek egy kicsit lassuak itt van egypar probald ki:
http://www.yousendit.com/
http://www.megaupload.com/
http://www.bigupload.com/
http://rapidshare.de/
UDV

Szia Stell mester,szép és kellemes napot, neked és mindenkinek! A napokban nem volt idöm firkálni,csak néha leselkedtem az oldalon. A gépemre új modemet telepitettem, mert a Sony Ericsson mobilomnak a lassuságát meguntam.Ez a Vodkafonos HDSPA modem gyorsabb,de most valamilyen okmiatt, nem érek el néhány eddig használt linket,pld.a http://data.hu/index.php< >adat,megosztás,fel és letöltés< Érdeklödöm hogy nem tudsz e valami másik tárhelyet, ahonnan a feltöltött adataimat az ismeröseimnek,elérhetövé tehetem? Tisztelettel és köszönettel,üdv:Topi-51

Szia:
Nembaj akorr csinald meg amikorr lesz idod,ha nemfogod tudni mert a gep bebugosodik akorr majd ird ide.Csak az a baj hogy van itt egy gyerek es meri az idott Es ha sokaig fogjuk a virusokat irtanni majd fogja irni

nem tudom ez gondot jelent-e, de míg ment a víruskereső, egyszer csak elkezdett monitor vibrálni és egész gép leállt. Előtte még annyit láttam, hogy ennyi volt kiírva a lenti részbe ahol számokat láttam.

total critical objekts: 4
total errors: 24

Most indítottam újra gépet, hogy ezt betudjam írni míg el nem felejtem
de sajnos a holnapi nap nem tudok lenni.
közbejött valami

köszi mégegyszer:)
igyekszem majd másolni

jó éjszakát neked és jó pihenést

Ok majd Holnap megnezem,kb hogy nemfogod tudni kikopirozni az also ablakboll,akorr majd rakd fell a kepfeltotore.Ok
Szia.Ma mar vegzek.

köszönöm:)
megpróbálom jól csinálni

Hm de annak nemszabad ugyse lefagynia.Ok.Futasd le az MWAV-progitt.Ez a teszt ojan 4-oraig megy de mindent megtalal,majd este csinald es mehetsz aludni.
Tehat letoltod>bealitotod<ide teszem hogy hogyan>es futatodd.Majd a vegen Lesz eredmeny
Kett ablakban engemett az ALSO ABLAK ERDEKELL es nem ojan ami igy kezdodik hogy OBJEKT...hanem VIRUS>>> INFEKTED>>>Tehat ojat teszel majd ide ami masal kezdodik mint ...OBJEKT>vagy BEJEDZES az also ablakbol.
ftp://ftp.microworldsystems.com/download/tools/mwav.exe
Bealitod igy

Aztan klik SCAN" nem scan and clean

és ma egésznap wördben dolgoztam, azzal nem volt gond, meg nyomtatni is tudtam:)

http://kepfeltoltes.hu/view/080307/ez_v ... es.hu_.jpg
http://kepfeltoltes.hu/view/080307/k_p0 ... es.hu_.jpg
http://kepfeltoltes.hu/view/080307/wind ... es.hu_.jpg

ez is az?

már csökkent
ma csak egyszer fagyott le gépem, msn-en voltam és barátnőmmel beszélgettem akkor. de ritkábban lassul le gép mint eddig

Ezek semik csak cookiek,es mostan mivan ird ide hogy meg van e problema.

A képet a Képfeltöltés.hu tárolja. http://www.kepfeltoltes.hu

ez lenne az?

ok majd ted ide a keped cimet.

elkezdtem feltölteni:)

Ide Felteheted,
http://www.kepfeltoltes.hu/index.php
ted oda es en majd megnezem

rendben akkor este beszéljük meg mert még nem tettem fel szerverre képet:) mindig csak gépemről szoktam feltölteni mindenhova
köszi:) jó munkát

Most nincsen idom de majd este megbeszeljuk a dolgot.Ugy gondolom,hogy fellkell tenned valami szervere es aztan az [img]ide%20teszed.[/img]

próbáltam de nem tudom ide bemásolni, hogy kell képet betenni?
jpgbe raktam

Szia:
Es holl a printscreen

Szia:)
megcsináltam de azt amit kértél, hogy másoljam be nem találtam.
Viszont print screennel lefotóztam asztal:) úgyhogy kép van róla mit talált.
Ha jól láttam akkor két rendszergazda fájl volt.
Töröltem ahogy írtad, most indítom majd újra gépet

Es majd restart es ted ide uj HIJACK.logot,es majd holnap fojtatjuk. Oke.

Akorr most lefutatod ezt a programott,amitt talal mindent toroljj,A logjat maj ted ide ha fogod tudni.ide irom a bealitasat>Letoltod es ez ingyenes hagy is meg:

http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
Az instalalas utan az> Ora melet a kepernyon>megjelenik ez a bogar:


Job klik a bogarra>a menuben kivalasztod>Scan for spyware,adware,malware.

.Es evell elindul a kontrola
klik Scan Your Computer

A baloldalon bepipazni a merevlemezeket es kbepontozni Perform Complete Scan


ha talal valamit akorr klik >dalsi>Tovab>es akorr az egesz szemetett kitorolje.
A logott ha megtalalod ted ide Itt kenne lennie.>Statistic/Logs:

most már tényleg nem értek semmit itt.
semmit nem találok igy ahogy leírtad, bár az igaz, hogy a történethez tartozik az, hogy februárban rakattam újra a gépem.
Lehet azért??
de már nem tudom mit tehetnék

mindjárt csinálom
mikor először ki irta hogy más használja rendszert akkor kihúztam internetről, és úgy futattam végig a víruskeresőt, akkor is azt irta ki hogy nem lehetett megnyitni fájlokat, de ma már tudtam egy word-öt nyitni és olvasni

ok:
Start>klik>sajat gep>a tetejen Full>klik >Eszkozok>Lehetosegek>megjelenites>es itt talald meg es pontozd Att >megjelenitenni a rejtett szysztem mapakatt fajlokatt>klik gomb hasznalni.Ok
Bezarsz mindent.
Es most a C+\meghajton kinyitod a Windows mapat es ittlesz.
Ha igy se talalod akorr meg ird le hogy mivan a gepell gyorsult??

tegnap nem működöt nyomtatóm, a word-öt nem nyitotta meg és kép exportálásnál minden kis kép jpg be átírása percekbe tellett.
aztán egész gép lefagyott

Utana elmegy a Virustotalra es leteszteled ezekett:

http://www.virustotal.com/hu/
Klik Prochazet megtalalod a lemezenes egyenkett elkuldodd megvarod az eredmenyt es kuldod a masikatt,az eredmeny az aljan lesz,


ezeket egyiket sem találom igy
nem értem miért már minden m,appába néztem c meghajtón

Nembaj,biztosan rejtett.A Hijack progivall lefixelted ammit irtam,es hol a tobbi eredmeny a Virus totalroll.
Es Ird le pontosabban hogy mi lassu a gepen.

és úgy nézki ezt a hijack-et is bezártammost:(

Cleanert megcsináltam, de ezt a windows/PreAnnt nem találom

Mostan megcsinalod eztett;Klik a hijack progiban a Do a system scan only a kiss ablakocskakban bepipazod ezekett amitt ide teszek es az aljan ra klikelsz Fix checked NETEVEDJ

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://codecs.r8.org/
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

Aztan letoltod a CCleanert es kipucolod a gepett.




Utana elmegy a Virustotalra es leteszteled ezekett:

http://www.virustotal.com/hu/
Klik Prochazet megtalalod a lemezenes egyenkett elkuldodd megvarod az eredmenyt es kuldod a masikatt,az eredmeny az aljan lesz,

Ha eztett mindett megcsinalod restart es uj HIJACK.LOGOt ide teszed.

köszi szépen:) várok

Mostan varj ccc 1-orat meg megfejtem ok.

ComboFix 08-03-05.3 - Rendszergazda 2008-03-06 20:16:23.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1038.18.108 [GMT 1:00]
Running from: C:\Documents and Settings\Rendszergazda\Local Settings\Temporary Internet Files\Content.IE5\KR33GA0Y\ComboFix[1].exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-02-06 to 2008-03-06 )))))))))))))))))))))))))))))))
.

2008-03-05 12:03 . 2008-03-05 12:03 <DIR> d-------- C:\Program Files\Axis Communications
2008-03-02 15:23 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-03-02 15:23 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-03-02 15:23 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-03-02 14:33 . 2008-03-02 18:00 <DIR> d-------- C:\Program Files\Norton Security Scan
2008-03-01 14:50 . 2006-11-07 09:42 97,056 -ra------ C:\WINDOWS\system32\drivers\w200mdm.sys
2008-03-01 14:50 . 2006-11-07 09:42 9,328 -ra------ C:\WINDOWS\system32\drivers\w200mdfl.sys
2008-03-01 14:50 . 2006-11-07 09:42 6,208 -ra------ C:\WINDOWS\system32\drivers\w200cmnt.sys
2008-03-01 14:50 . 2006-11-07 09:42 6,208 -ra------ C:\WINDOWS\system32\drivers\w200cm.sys
2008-03-01 09:26 . 2008-03-01 09:26 <DIR> d-------- C:\Documents and Settings\Rendszergazda\Application Data\Apple Computer
2008-03-01 07:22 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-03-01 07:20 . 2008-03-01 07:20 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-03-01 07:09 . 2008-03-01 11:55 <DIR> d-------- C:\Program Files\Windows Live
2008-03-01 07:09 . 2008-03-01 07:09 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-01 07:09 . 2008-03-01 07:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-26 19:54 . 2008-02-26 19:54 <DIR> d-------- C:\Program Files\Disc2Phone
2008-02-26 19:47 . 2008-02-26 19:48 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2008-02-26 19:45 . 2008-02-26 19:46 <DIR> d-------- C:\Program Files\QuickTime
2008-02-26 19:45 . 2008-02-26 19:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-26 18:54 . 2008-02-26 18:54 <DIR> d-------- C:\Documents and Settings\Rendszergazda\Application Data\Media Player Classic
2008-02-26 18:49 . 2006-11-07 09:42 61,504 -ra------ C:\WINDOWS\system32\drivers\w200bus.sys
2008-02-26 18:49 . 2006-11-07 09:42 5,840 -ra------ C:\WINDOWS\system32\drivers\w200whnt.sys
2008-02-26 18:49 . 2006-11-07 09:42 5,840 -ra------ C:\WINDOWS\system32\drivers\w200wh.sys
2008-02-26 18:46 . 2008-02-26 18:48 <DIR> d-------- C:\Documents and Settings\Rendszergazda\Application Data\Teleca
2008-02-26 18:46 . 2008-02-26 18:46 <DIR> d-------- C:\Documents and Settings\Rendszergazda\Application Data\Sony Ericsson
2008-02-26 18:42 . 2008-02-26 18:42 <DIR> d-------- C:\Program Files\Sony Ericsson
2008-02-26 18:42 . 2008-02-26 18:42 <DIR> d-------- C:\Program Files\Common Files\Teleca Shared
2008-02-26 18:42 . 2008-02-26 18:42 <DIR> d-------- C:\Documents and Settings\All Users\Documents
2008-02-26 18:42 . 2008-02-26 18:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Teleca
2008-02-26 18:42 . 2008-02-26 18:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-02-26 18:40 . 2008-03-02 20:55 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-26 18:40 . 2008-03-01 09:25 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-25 19:23 . 2008-03-05 10:43 <DIR> d-------- C:\Documents and Settings\Rendszergazda\Application Data\skypePM
2008-02-25 19:23 . 2008-02-25 19:23 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-02-25 19:21 . 2008-03-05 11:49 <DIR> d-------- C:\Documents and Settings\Rendszergazda\Application Data\Skype
2008-02-25 19:20 . 2008-02-25 19:20 <DIR> d-------- C:\Program Files\Skype
2008-02-25 19:20 . 2008-02-25 19:21 <DIR> d-------- C:\Program Files\Google
2008-02-25 19:20 . 2008-02-25 19:20 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-02-25 19:20 . 2008-02-25 19:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-02-25 19:03 . 2008-02-25 19:03 <DIR> d-------- C:\Program Files\Opera
2008-02-25 17:04 . 2008-02-25 17:04 56 --a------ C:\WINDOWS\PreAnntt.INI
2008-02-24 22:10 . 2008-02-24 22:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\UDL
2008-02-24 22:07 . 2008-02-24 22:07 <DIR> d-------- C:\Documents and Settings\Rendszergazda\Application Data\InstallShield
2008-02-24 22:06 . 2008-02-24 22:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\EPSON
2008-02-24 22:06 . 2006-12-08 03:04 76,800 --a------ C:\WINDOWS\system32\E_FLBCAE.DLL
2008-02-24 22:06 . 2006-04-19 03:00 62,976 --a------ C:\WINDOWS\system32\E_FD4BCAE.DLL
2008-02-24 22:06 . 2004-09-10 21:12 49,152 --a------ C:\WINDOWS\system32\E_DCINST.DLL
2008-02-24 22:06 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-02-24 22:05 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-02-24 22:05 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-02-24 22:02 . 2008-02-24 22:11 <DIR> d-------- C:\Program Files\epson
2008-02-24 22:02 . 2006-12-28 00:00 208,896 --a------ C:\WINDOWS\system32\esint7e.dll
2008-02-24 22:02 . 2006-12-28 00:00 66,560 --a------ C:\WINDOWS\system32\eswia7e.dll
2008-02-24 22:02 . 2006-03-10 00:00 3,584 --a------ C:\WINDOWS\system32\eswiaml.dll
2008-02-24 21:18 . 2008-02-24 21:18 <DIR> d-------- C:\Program Files\Citron
2008-02-24 21:16 . 2008-02-24 21:16 <DIR> d-------- C:\Program Files\Conceptronic
2008-02-24 21:16 . 2008-02-24 21:16 <DIR> d-------- C:\Program Files\Common Files\PCCamera
2008-02-24 21:15 . 2008-02-24 22:00 392 --a------ C:\WINDOWS\WebEye.ini
2008-02-24 21:13 . 2008-02-24 21:14 <DIR> d-------- C:\VP-EYE
2008-02-24 15:37 . 2008-02-24 21:15 <DIR> d-------- C:\Program Files\WebEye
2008-02-24 15:35 . 2008-02-24 15:35 <DIR> d-------- C:\Documents and Settings\Rendszergazda\WINDOWS
2008-02-24 15:35 . 1997-11-19 15:49 303,616 --a------ C:\WINDOWS\IsUninst.exe
2008-02-24 15:34 . 2008-02-24 21:14 32,345 --a------ C:\WINDOWS\unvpeye.ini
2008-02-24 15:32 . 2008-02-24 21:51 <DIR> d-------- C:\WINDOWS\PAC207
2008-02-24 15:30 . 2008-02-26 18:42 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-02-22 05:41 . 2008-02-22 05:41 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-02-21 16:00 . 2007-04-02 07:37 546,304 --------- C:\WINDOWS\system32\dllcache\hhctrl.ocx
2008-02-20 20:58 . 2008-02-21 06:15 <DIR> d-------- C:\Documents and Settings\Rendszergazda\Contacts
2008-02-20 13:41 . 2008-02-20 13:41 268 --ah----- C:\sqmdata01.sqm
2008-02-20 13:41 . 2008-02-20 13:41 244 --ah----- C:\sqmnoopt01.sqm
2008-02-20 12:56 . 2008-02-20 12:56 268 --ah----- C:\sqmdata00.sqm
2008-02-20 12:56 . 2008-02-20 12:56 244 --ah----- C:\sqmnoopt00.sqm
2008-02-20 12:45 . 2008-03-01 07:15 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-02-20 12:37 . 2008-03-04 09:49 <DIR> d-------- C:\Program Files\PENSUITEPRO
2008-02-20 12:28 . 2008-02-20 12:28 <DIR> d-------- C:\Program Files\G-PEN SERIES
2008-02-20 12:26 . 2001-10-26 19:01 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-02-20 12:26 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-02-20 12:24 . 2008-02-20 12:46 <DIR> d-------- C:\totalcmd
2008-02-20 12:24 . 2007-09-05 07:02 545 --a------ C:\WINDOWS\UC.PIF
2008-02-20 12:24 . 2007-09-05 07:02 545 --a------ C:\WINDOWS\RAR.PIF
2008-02-20 12:24 . 2007-09-05 07:02 545 --a------ C:\WINDOWS\PKZIP.PIF
2008-02-20 12:24 . 2007-09-05 07:02 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2008-02-20 12:24 . 2007-09-05 07:02 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2008-02-20 12:24 . 2007-09-05 07:02 545 --a------ C:\WINDOWS\LHA.PIF
2008-02-20 12:24 . 2007-09-05 07:02 545 --a------ C:\WINDOWS\ARJ.PIF
2008-02-20 12:24 . 2008-02-20 12:46 373 --a------ C:\WINDOWS\wincmd.ini
2008-02-20 12:14 . 2003-06-19 01:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-02-20 12:14 . 2008-02-20 12:14 388 --a------ C:\WINDOWS\ODBC.INI
2008-02-20 12:10 . 2008-02-20 12:10 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-02-20 12:08 . 2008-02-20 12:08 <DIR> d-------- C:\Program Files\Microsoft Works
2008-02-20 12:07 . 2008-02-20 12:10 <DIR> d-------- C:\WINDOWS\SHELLNEW

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-05 20:44 --------- d-----w C:\Program Files\ESET
2008-02-26 18:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-24 21:12 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-20 10:56 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-02-20 10:56 --------- d-----w C:\Documents and Settings\Rendszergazda\Application Data\DAEMON Tools
2008-02-20 10:51 --------- d-----w C:\Documents and Settings\Rendszergazda\Application Data\Ahead
2008-02-20 10:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
2008-02-20 10:50 716,272 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-02-20 10:50 --------- d-----w C:\Program Files\Common Files\Ahead
2008-02-20 10:49 --------- d-----w C:\Program Files\Nero
2008-02-20 10:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-02-20 10:48 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-02-20 10:43 --------- d-----w C:\Program Files\Winamp
2008-02-20 10:43 --------- d-----w C:\Documents and Settings\Rendszergazda\Application Data\Winamp
2008-02-20 10:36 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-20 10:29 512,096 ----a-w C:\WINDOWS\system32\drivers\amon.sys
2008-02-20 10:29 298,104 ----a-w C:\WINDOWS\system32\imon.dll
2008-02-20 10:29 15,424 ----a-w C:\WINDOWS\system32\drivers\nod32drv.sys
2008-02-20 10:16 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-02-20 10:16 --------- d-----w C:\Program Files\Realtek
2008-02-20 10:09 --------- d-----w C:\Program Files\S3
2008-02-20 10:06 --------- d-----w C:\Program Files\VIA
2008-02-20 10:01 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-01-11 05:55 44,544 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-12-24 12:49 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll
2007-12-19 22:42 347,136 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-12-18 09:51 179,584 ------w C:\WINDOWS\system32\dllcache\mrxdav.sys
2007-12-06 08:34 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-12-06 08:34 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-12-06 08:34 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-06 05:00 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 12:47 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-01-17 17:51 486856]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 09:21 1694208]
"EPSON Stylus DX4400 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.exe" [2007-03-01 07:01 180736]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-02-25 19:21 171448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2006-09-21 09:36 53248 C:\WINDOWS\system32\VTTimer.exe]
"S3Trayp"="S3trayp.exe" [2007-02-06 00:30 176128 C:\WINDOWS\system32\S3Trayp.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 10:33 16132608 C:\WINDOWS\RTHDCPL.exe]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-02-20 11:29 949376]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [ ]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"WTClient"="WTClient.exe" [2007-04-11 17:27 40960 C:\WINDOWS\system32\WTClient.exe]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17 159744]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-02-26 19:46 155648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 12:47 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2007-12-07 02:43 124928 C:\WINDOWS\system32\advpack.dll]
"nltide_2"="regsvr32 /s /n /i:U shell32" []

C:\Documents and Settings\Rendszergazda\Start Menu\Programs\Indˇt˘pult\
VP-EYE.lnk - C:\VP-EYE\control\vpeyev4.exe [2004-01-13 06:54:30 1273856]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\WebEye\\WebEye.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-17 13:22]
R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-10-18 10:39]
R3 PTSimBus;PenTablet Bus Enumerator;C:\WINDOWS\system32\DRIVERS\PTSimBus.sys [2007-06-07 18:16]
R3 PTSimHid;PenTablet Simulated HID MiniDriver;C:\WINDOWS\system32\DRIVERS\PTSimHid.sys [2007-04-23 16:28]
R3 S3GIGP;S3GIGP;C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2007-03-05 02:54]
S3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys []
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 09:42]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 09:42]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 09:42]

.
Contents of the 'Scheduled Tasks' folder
"2008-03-02 17:00:14 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-06 20:18:07
Windows 5.1.2600 Szervizcsomag 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\Program Files\Eset\pr_imon.dll
.
Completion time: 2008-03-06 20:18:54
.
2008-03-02 09:23:36 --- E O F ---

itt találom ezt?
a combofix programot?

Nemlatok veszejes dolgokatt de......
Mostan letoltod a Combofix programott,az asztalra teszed,mindent bezarsz bongeszokett,programokatt mindent.Es futtatod,a scen ojan 10-percig tart,aztan a gep restartolhat ,nebabralj semmit,neklikelj sehova,ha kerdez beleegyezel csak nezed es varjall,a vegen add combofix.txt -eztett ide teszed.
http://download.bleepingcomputer.com/sUBs/ComboFix.exe