Free Malware Removal Forum

by **clarissa** » October 18th, 2009, 4:27 am

Hello! I have scanned my computer with MBAM and after fixing problems with HijackThis too.

The logfile:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:57:29, on 2009.10.18.
Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Mixer.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\PhotoJoy\bin\PjApp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Letöltések\HiJackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Adobe PDF Reader hivatkozássúgó - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live bejelentkezési segítség - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [PhotoJoy] C:\Program Files\PhotoJoy\bin\PhotoJoy.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Az összes letöltése Free Download Managerrel - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Kijelölés letöltése Free Download Managerrel - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Letöltés Free Download Managerrel - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Video letöltése a Free Download Manager-rel - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.hu/s/v/50.14/uploader2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2385059187
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2460091857
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/1 ... oader4.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B2F2B81-9F58-4831-BFC1-6569EEBB4791}: NameServer = 212.40.96.171 212.40.96.170
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google frissítési szolgáltatás (gupdate1c9de3a2d80f890) (gupdate1c9de3a2d80f890) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpdj - HP - C:\DOCUME~1\ARADII~1\LOCALS~1\Temp\hpdj.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

--
End of file - 10494 bytes

and I do not know what to do with this.

Please help me!

Thanks

clarissa

by **Dakeyras** » October 22nd, 2009, 10:13 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.

Hi clarissa and welcome to Malware Removal.

I'm Dakeyras and I am going to try to assist you with your problem. Please take note of the below:

I will start working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for this issue on this machine!.
The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
If you don't know, stop and ask! Don't keep going on.
Please reply to this thread. Do not start a new topic.
Refrain from running self fixes as this will hinder the malware removal process.
It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

Next:

Can you confirm for myself please that this is a Hungarian version of XP and your ISP(Internet Service provider) is Externet?

Next:

I would like to view the last Malwarebytes' Anti-Malware Log if available please. It can be found here(if present):

Launch/Start the application
Click on the Logs radio tab.
Post the contents of mbam-log-yyyy-mm-dd (tt-tt-tt).txt

Note: yyyy-mm-dd (tt-tt-tt) denote the date/time the log was created.

Next:

Please re-open HiJackThis and select Do a system scan only. Check the boxes next to all the entries listed below (if present):

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

Now click on Fix Checked. Close HiJackThis.

Next:

Click Start >> Run and type cleanmgr in the box and press OK.

Ensure the boxes for Temporary Files, Temporary Internet Files and Recycle Bin are checked.
You can choose to check other boxes if you wish but they are not required.
Click on OK then Yes.
Now Reboot(restart) your computer.

Scan with RSIT:

Please download Random's System Information Tool by random/random from here and save it to your desktop.

Make sure that RSIT.exe is on the your Desktop before running the application!

Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open:
- log.txt will be opened maximized.
- info.txt will be opened minimized.
Please post the contents of both log.txt and info.txt.

Note: Both logs can also be located within this folder rsit at the root of your installed Hard-Drive. EG: C:\rsit

When completed the above, please post back the following in the order asked for:

How is you computer performing now, any further symptoms and or problems encountered?
Answer to my Language/ISP queries.
Malwarebytes' Anti-Malware Log.
Both RSIT logs. <-- Post them individually please, IE: one Log per post/reply.

by **clarissa** » October 23rd, 2009, 10:45 am

Hi Dakeyras

Thank you very much for your answer. I have done everything you suggested. My pc now works well.
Yes, this is a Hungarian version of XP and my ISP is Externet.

Mbam's logfile:

Malwarebytes' Anti-Malware 1.41
Adatbázis verzió: 2775
Windows 5.1.2600 Szervizcsomag 3 (Safe Mode)

2009.10.18. 9:44:17
mbam-log-2009-10-18 (09-44-17).txt

Vizsgálat típusa: Gyorsvizsgálat
Átvizsgált objektumok: 104079
Eltelt idő: 8 minute(s), 19 second(s)

Fertőzött memóriafolyamatok: 0
Fertőzött memória modulok: 0
Fertőzött rendszerleíró kulcsok: 26
Fertőzött rendszerleíró értékek: 4
Fertőzött rednszerleíró elemek: 3
Fertőzött mappák: 0
Fertőzött fájlok: 5

Fertőzött memóriafolyamatok:
(Nem észleltem rosszindulatú elemeket)

Fertőzött memória modulok:
(Nem észleltem rosszindulatú elemeket)

Fertőzött rendszerleíró kulcsok:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Fertőzött rendszerleíró értékek:
HKEY_CURRENT_USER\Control Panel\don't load\scui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\don't load\wscui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Regedit32 (Trojan.Agent) -> Quarantined and deleted successfully.

Fertőzött rednszerleíró elemek:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Fertőzött mappák:
(Nem észleltem rosszindulatú elemeket)

Fertőzött fájlok:
C:\Documents and Settings\Aradi Istvánné\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Aradi Istvánné\Start Menu\Programs\Indítópult\ikowin32.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Aradi Istvánné\Local Settings\Temp\BN35.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\wpv561255137485.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Aradi Istvánné\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.

by **clarissa** » October 23rd, 2009, 10:50 am

Rsit info file:

info.txt logfile of random's system information tool 1.06 2009-10-23 15:25:06

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3D Shadow by Lokas Software-->C:\WINDOWS\AWuninstall.exe Software\Lokas Ltd\3D Shadow
ACDSee 10 Photo Manager-->MsiExec.exe /I{F8B98EB6-FC06-45BF-87D4-9784E0408611}
Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}
Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE}
Adobe Color NA Extra Settings-->MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\6ba4f64693cf3ffde4382ffeebd542f\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{E66F3AFD-643B-4001-A3B3-35616CCFECEA}
Adobe Reader 8 - Hungarian-->MsiExec.exe /I{AC76BA86-7AD7-1038-7B44-A81200000003}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{6850DD2F-1DDC-4438-95DC-03CFBC0405FB}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Alien Skin Xenofex 2.0-->C:\PROGRA~1\PHOTOF~2\Plugins\XENOFE~1\UNWISE.EXE C:\PROGRA~1\PHOTOF~2\Plugins\XENOFE~1\INSTALL.LOG
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ashampoo StartUp Tuner 2.00-->"C:\Program Files\Ashampoo\Ashampoo StartUp Tuner 2\unins000.exe"
AV Bros. Page Curl Pro 2.2 (Remove Only)-->C:\Program Files\PhotoFiltre Studio X\Plugins\AV Bros Page Curl Pro 2.2\AVUninstall.exe
AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
C-Media WDM Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
Corel Paint Shop Pro Photo X2-->MsiExec.exe /X{64E72FB1-2343-4977-B4A8-262CD53D0BD3}
Cracklock 3.9.44-->"C:\Program Files\Cracklock\unins000.exe"
DCE Tools 1.0-->"C:\Program Files\DCETools\unins000.exe"
Defraggler (remove only)-->"C:\Program Files\Defraggler\uninst.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
ffdshow [rev 2301] [2008-11-05]-->"C:\Program Files\ffdshow\unins000.exe"
FileMenu Tools-->"C:\Program Files\LopeSoft\FileMenu Tools\unins000.exe"
Free Download Manager 3.0-->"C:\Program Files\Free Download Manager\unins000.exe"
Frissítés Windows XP rendszerhez (KB943729)-->"C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.27\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HammerHead Rhythm Station-->C:\Program Files\HammerHead\Uninstall.exe
Harry's Filters 3.01-->"C:\Program Files\Adobe\Adobe Photoshop CS3\Plug-Ins\HarrysFilters3\unins000.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\Aradi Istvánné\Dokumentumok\Downloads\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
hp deskjet 3600 series-->rundll32 hpzcon08.dll,VendorJettison hp deskjet 3600 series
hp deskjet 3600-->msiexec /x{7CA32143-2DAC-4F5F-9BAA-2AB3707EF192}
HP fényképalbumlemez-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
HP Photo and Imaging 2.0 - Deskjet Series-->MsiExec.exe /I{E0828692-FD9D-459F-9312-C645C3CA6650}
HP Photo and Imaging 2.1 - Scanjet 36X0 Series-->MsiExec.exe /I{49CE65E4-9EE2-4F29-8768-58DD1E45D09C}
hp print screen utility-->C:\Program Files\Hewlett-Packard\hp print screen utility\UnInstall\prnunins.exe
ID_DCRaw Image Decoder Plug-In-->MsiExec.exe /X{DA1876DD-323E-4D78-8F9F-8F4FDE25C010}
Image Resizer Powertoy for Windows XP-->MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
Jasc Animation Shop 3-->MsiExec.exe /I{7C4196CA-CA41-4F34-9C08-7724E7705D52}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
MassTube 4.50-->"C:\Program Files\MassTube\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Hungarian Language Pack-->MsiExec.exe /X{8FC113D5-64A6-40EE-9A39-DAB4650457A8}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - HUN-->MsiExec.exe /I{B35E52B3-BFC7-3680-9D0A-19C8512638DB}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - HUN-->MsiExec.exe /I{D5B60174-B7A9-3D80-94C7-F9BADEAD9C67}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - hun-->MsiExec.exe /I{5380C741-5656-387C-9FB0-3E45D07F864A}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Base intelligens kártyás titkosításszolgáltatást nyújtó csomag-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft DirectX Transform optional components-->RUNDLL32.EXE ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\DXTXTRA.INF,UNINSTALL.NT,12
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040E-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Media Content-->MsiExec.exe /I{9030040E-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
minode.hu MindenNAP 2.0-->"c:\program files\minode\MindenNAP 2.0\Uninstal.exe"
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Multimedia Launcher-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Nyelvi csomag a Microsoft .NET-keretrendszer 3.5 1. szervizcsomagjához – HUN-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - hun\setup.exe
PCI Audio Applications-->C:\Program Files\PCI Audio Applications\Bin\Uninstall.exe
PCI Audio Driver-->cmuninst.exe
PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}
PhotoJoy-->MsiExec.exe /X{15482D1C-117B-4201-8D39-985A91ED8433}
PhotoJoy-->Msiexec.exe /x{15482D1C-117B-4201-8D39-985A91ED8433} /qf /L*V "%temp%\PjUninstallLog.log"
PhotoScape-->"C:\Program Files\PhotoScape\uninstall.exe"
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
pluginCreativity textArt-->C:\PROGRA~1\PHOTOF~2\Plugins\textArt\UNWISE.EXE C:\PROGRA~1\PHOTOF~2\Plugins\textArt\textArt.log
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Simple Webpage Capture-->"C:\WINDOWS\Simple Webpage Capture\uninstall.exe" "/U:C:\Program Files\Simple Webpage Capture\Uninstall\uninstall.xml"
Super Internet TV v8.0 (Free Edition)-->"C:\Program Files\Super Internet TV\unins000.exe"
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Szótár program eltávolítása-->"C:\Program Files\Jómagam\Szótár\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Vertus Fluid Mask 3 3.0.8-->"C:\Program Files\Vertus Fluid Mask 3\Uninstall.exe"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Internet Explorer 7 biztonsági frissítés - KB938127-v2-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Windows Internet Explorer 7 biztonsági frissítés - KB956390-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Windows Internet Explorer 7 biztonsági frissítés - KB958215-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Windows Internet Explorer 7 biztonsági frissítés - KB960714-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Windows Internet Explorer 7 biztonsági frissítés - KB961260-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Internet Explorer 8 biztonsági frissítés - KB969897-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Windows Internet Explorer 8 biztonsági frissítés - KB971961-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Windows Internet Explorer 8 biztonsági frissítés - KB972260-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Windows Internet Explorer 8 biztonsági frissítés - KB974455-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Windows Internet Explorer 8 frissítés - KB968220-->"C:\WINDOWS\ie8updates\KB968220-IE8\spuninst\spuninst.exe"
Windows Internet Explorer 8 frissítés - KB972636-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live bejelentkezési segéd-->MsiExec.exe /I{733EB793-0840-4D69-97AA-6934FC79DB16}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{6E07FF7A-878C-486C-BB85-516F61A8E2C7}
Windows Live feltöltőeszköz-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Messenger-->MsiExec.exe /X{D2C2B2A0-F37E-43CC-9E94-FC52F6D20C43}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11 Biztonsági frissítés (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Windows Media Player 11 Biztonsági frissítés (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Windows Media Player 11 Fontos frissítés (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Windows Media Player 11 Gyorsjavítás (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Biztonsági frissítés (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Windows Media Player Biztonsági frissítés (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Windows Media Player Biztonsági frissítés (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Windows Media Player Biztonsági frissítés (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB923561-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB923789-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Windows XP biztonsági frissítés - KB938464-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB938464-v2-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB946648-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB950762-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB950974-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB951066-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB951376-v2-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB951698-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB951748-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB952004-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB952954-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB954211-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB954459-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB954600-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB955069-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB956391-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB956572-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB956744-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB956802-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB956803-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB956841-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB956844-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB957097-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB958215-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB958644-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB958687-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB958690-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB958869-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB959426-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB960225-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB960714-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB960715-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB960803-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB960859-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB961371-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB961373-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB961501-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB968537-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB969059-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB969898-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB970238-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB971486-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB971557-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB971633-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB971657-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB973346-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB973354-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB973507-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB973525-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB973869-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB974112-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB974571-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB975025-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB975467-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Windows XP Biztonsági frissítés (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Windows XP frissítés - KB951978-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Windows XP frissítés - KB955839-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Windows XP frissítés - KB961503-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Windows XP frissítés - KB967715-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Windows XP frissítés - KB968389-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Windows XP frissítés - KB973815-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Windows XP gyorsjavítás - KB952287-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Windows XP gyorsjavítás - KB961118-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Windows XP gyorsjavítás - KB970653-v3-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Xero Pulsar 1.01-->"C:\Program Files\Adobe\Adobe Photoshop CS3\Plug-Ins\Xero Graphics\unins000.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
Zune Desktop Theme-->MsiExec.exe /X{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}

=====HijackThis Backups=====

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-10-23]
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-10-23]
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) [2009-10-23]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank [2009-10-23]
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k [2009-10-23]
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-10-23]

======Security center information======

AV: AVG Anti-Virus Free

======System event log======

Computer Name: OVODA-0E828F90E
Event Code: 7036
Message: A(z) WMI teljesítményadapter szolgáltatás állapota: "fut".

Record Number: 18312
Source Name: Service Control Manager
Time Written: 20090927094114.000000+120
Event Type: információ
User:

Computer Name: OVODA-0E828F90E
Event Code: 7035
Message: A(z) WMI teljesítményadapter szolgáltatásnak sikeresen el lett küldve a(z) indítás vezérlő.

Record Number: 18311
Source Name: Service Control Manager
Time Written: 20090927094114.000000+120
Event Type: információ
User: NT AUTHORITY\SYSTEM

Computer Name: OVODA-0E828F90E
Event Code: 7036
Message: A(z) Számítógép-tallózó szolgáltatás állapota: "leállítva".

Record Number: 18310
Source Name: Service Control Manager
Time Written: 20090927094049.000000+120
Event Type: információ
User:

Computer Name: OVODA-0E828F90E
Event Code: 7036
Message: A(z) Távelérési csatlakozáskezelő szolgáltatás állapota: "fut".

Record Number: 18309
Source Name: Service Control Manager
Time Written: 20090927094048.000000+120
Event Type: információ
User:

Computer Name: OVODA-0E828F90E
Event Code: 1007
Message: A számítógép automatikusan konfigurálta a(z) 00119521B0DD hálózati című hálózati
kártya IP-címét. A használt IP-cím: 169.254.208.209.

Record Number: 18308
Source Name: Dhcp
Time Written: 20090927094047.000000+120
Event Type: figyelmeztetés
User:

=====Application event log=====

Computer Name: OVODA-0E828F90E
Event Code: 1
Message:
Record Number: 9426
Source Name: Bonjour Service
Time Written: 20090828112212.000000+120
Event Type: információ
User:

Computer Name: OVODA-0E828F90E
Event Code: 20
Message:
Record Number: 9425
Source Name: Google Update
Time Written: 20090827162114.000000+120
Event Type: hiba
User: NT AUTHORITY\SYSTEM

Computer Name: OVODA-0E828F90E
Event Code: 0
Message:
Record Number: 9424
Source Name: gupdate1c9de3a2d80f890
Time Written: 20090827153657.000000+120
Event Type: információ
User:

Computer Name: OVODA-0E828F90E
Event Code: 1003
Message: A Windows Search szolgáltatás elindult.

Record Number: 9423
Source Name: Windows Search Service
Time Written: 20090827153650.000000+120
Event Type: információ
User:

Computer Name: OVODA-0E828F90E
Event Code: 302
Message: Windows (460) Windows: Az adatbázismotor sikeresen befejezte a helyreállítás lépéseit.

Record Number: 9422
Source Name: ESENT
Time Written: 20090827153644.000000+120
Event Type: információ
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\Common Files\DivX Shared\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 1 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=0102
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

by **clarissa** » October 23rd, 2009, 10:55 am

Rsit logfile:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Aradi Istvánné at 2009-10-23 15:24:30
Microsoft Windows XP Professional Szervizcsomag 3
System drive C: has 13 GB (34%) free of 38 GB
Total RAM: 767 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:25:01, on 2009.10.23.
Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Mixer.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PhotoJoy\bin\PjApp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Aradi Istvánné\Asztal\RSIT.exe
C:\Documents and Settings\Aradi Istvánné\Dokumentumok\Downloads\Aradi Istvánné.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
O2 - BHO: Adobe PDF Reader hivatkozássúgó - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live bejelentkezési segítség - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [PhotoJoy] C:\Program Files\PhotoJoy\bin\PhotoJoy.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Az összes letöltése Free Download Managerrel - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Kijelölés letöltése Free Download Managerrel - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Letöltés Free Download Managerrel - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Video letöltése a Free Download Manager-rel - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.hu/s/v/50.14/uploader2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2385059187
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2460091857
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/1 ... oader4.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B2F2B81-9F58-4831-BFC1-6569EEBB4791}: NameServer = 212.40.96.171 212.40.96.170
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google frissítési szolgáltatás (gupdate1c9de3a2d80f890) (gupdate1c9de3a2d80f890) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpdj - HP - C:\DOCUME~1\ARADII~1\LOCALS~1\Temp\hpdj.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

--
End of file - 10012 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader hivatkozássúgó - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-08-17 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live bejelentkezési segítség - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-12-26 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-12-26 86016]
"C-Media Mixer"=Mixer.exe /startup []
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-10-16 2025752]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2005-07-08 1397760]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-10-18 781656]
"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [2002-12-17 49152]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe [2003-03-11 172032]
"DeviceDiscovery"=C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2002-12-02 40960]
"Share-to-Web Namespace Daemon"=C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-17 69632]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runcleanupscript []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-10-11 1961984]
"PhotoJoy"=C:\Program Files\PhotoJoy\bin\PhotoJoy.exe [2009-04-26 918840]

C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-08-17 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Free Download Manager\fdm.exe"="C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Letöltések\Need For Speed Underground\Speed.exe"="C:\Letöltések\Need For Speed Underground\Speed.exe:*:Enabled:Speed"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\aMSN\bin\wish.exe"="C:\Program Files\aMSN\bin\wish.exe:*:Enabled:Wish Application"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\PhotoJoy\Bin\PjImp.exe"="C:\Program Files\PhotoJoy\Bin\PjImp.exe:*:Disabled:PhotoJoy"
"C:\Program Files\PhotoJoy\Bin\PhotoJoy.exe"="C:\Program Files\PhotoJoy\Bin\PhotoJoy.exe:*:Enabled:PhotoJoy"
"C:\Program Files\PhotoJoy\Bin\PjApp.exe"="C:\Program Files\PhotoJoy\Bin\PjApp.exe:*:Enabled:PhotoJoy"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{319bedb4-2432-11de-9731-00119521b0dd}]
shell\AutoRun\command - F:\setup_vmc_lite.exe /checkApplicationPresence

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b42e453a-fab6-11dd-a364-00119521b0dd}]
shell\AutoRun\command - F:\setup_vmc_lite.exe /checkApplicationPresence

======List of files/folders created in the last 1 months======

2009-10-23 15:24:30 ----D---- C:\rsit
2009-10-23 10:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\VertusTech
2009-10-23 10:14:18 ----D---- C:\Program Files\Vertus Fluid Mask 3
2009-10-19 09:04:42 ----D---- C:\Program Files\Sophos
2009-10-18 10:42:03 ----HDC---- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-10-18 09:31:34 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\Malwarebytes
2009-10-18 09:31:25 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-18 09:25:21 ----D---- C:\WINDOWS\CSC
2009-10-18 09:25:06 ----A---- C:\WINDOWS\ntbtlog.txt
2009-10-17 17:25:25 ----D---- C:\Program Files\UberIcon
2009-10-15 21:03:33 ----D---- C:\aa4106262acf51524470c6
2009-10-15 21:01:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-15 21:01:07 ----A---- C:\WINDOWS\system32\MRT.INI
2009-10-15 20:55:05 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-15 20:54:08 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-15 20:54:00 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-15 20:53:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-15 20:53:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-15 20:49:21 ----SHD---- C:\Config.Msi
2009-10-15 20:48:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-15 20:48:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-15 20:46:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-15 16:15:57 ----A---- C:\WINDOWS\zykitumoc.vbs
2009-10-15 16:15:57 ----A---- C:\WINDOWS\qyvupefoqi.dll
2009-10-14 21:13:45 ----D---- C:\Documents and Settings\All Users\Application Data\PhotoJoy
2009-10-14 21:13:44 ----D---- C:\Program Files\PhotoJoy
2009-10-09 09:29:50 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\DeviceDoctorSoftware
2009-10-03 22:39:18 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-09-30 19:55:17 ----A---- C:\WINDOWS\3DShadow.INI
2009-09-30 19:48:04 ----N---- C:\WINDOWS\AWuninstall.exe
2009-09-27 20:39:44 ----D---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-27 19:45:23 ----D---- C:\Program Files\Common Files\Apple
2009-09-27 19:44:20 ----D---- C:\Program Files\QuickTime
2009-09-27 19:44:18 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-09-27 19:43:13 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\Apple Computer
2009-09-27 19:25:00 ----D---- C:\Program Files\Apple Software Update
2009-09-27 19:24:59 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-09-26 15:01:45 ----D---- C:\Documents and Settings\All Users\Application Data\Digital Anarchy
2009-09-25 18:41:26 ----A---- C:\WINDOWS\system32\divx_xx16.dll
2009-09-25 18:41:26 ----A---- C:\WINDOWS\system32\divx_xx11.dll
2009-09-25 18:41:26 ----A---- C:\WINDOWS\system32\divx_xx0c.dll
2009-09-25 18:41:26 ----A---- C:\WINDOWS\system32\divx_xx0a.dll
2009-09-25 18:41:26 ----A---- C:\WINDOWS\system32\divx_xx07.dll
2009-09-25 18:41:26 ----A---- C:\WINDOWS\system32\DivX.dll

======List of files/folders modified in the last 1 months======

2009-10-23 15:23:59 ----D---- C:\WINDOWS\Prefetch
2009-10-23 15:06:46 ----SD---- C:\WINDOWS\Tasks
2009-10-23 15:06:00 ----D---- C:\WINDOWS\Temp
2009-10-23 15:01:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-23 15:00:19 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\uTorrent
2009-10-23 14:40:54 ----D---- C:\Letöltések
2009-10-23 13:11:05 ----A---- C:\WINDOWS\system32\prsgrc.dll
2009-10-23 10:14:57 ----D---- C:\WINDOWS\system32
2009-10-23 10:14:57 ----A---- C:\WINDOWS\system32\fbv48px.dll
2009-10-23 10:14:53 ----A---- C:\WINDOWS\system32\grcauth2.dll
2009-10-23 10:14:53 ----A---- C:\WINDOWS\system32\grcauth1.dll
2009-10-23 10:14:50 ----A---- C:\WINDOWS\system32\ssprs.dll
2009-10-23 10:14:50 ----A---- C:\WINDOWS\system32\clauth2.dll
2009-10-23 10:14:50 ----A---- C:\WINDOWS\system32\clauth1.dll
2009-10-23 10:14:18 ----RD---- C:\Program Files
2009-10-23 00:48:28 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\Free Download Manager
2009-10-22 20:49:54 ----A---- C:\WINDOWS\NeroDigital.ini
2009-10-19 20:42:50 ----D---- C:\WINDOWS\system32\drivers
2009-10-19 20:15:27 ----HD---- C:\WINDOWS\inf
2009-10-19 19:58:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-19 19:48:27 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-19 01:18:30 ----D---- C:\Program Files\Common Files\InstallShield
2009-10-19 01:17:39 ----D---- C:\NVIDIA
2009-10-18 22:40:28 ----SHD---- C:\WINDOWS\Installer
2009-10-18 22:38:23 ----D---- C:\WINDOWS\system32\Restore
2009-10-18 13:37:02 ----HD---- C:\$AVG8.VAULT$
2009-10-18 10:51:37 ----D---- C:\WINDOWS
2009-10-18 10:44:24 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-10-17 21:39:10 ----D---- C:\Program Files\DivX
2009-10-17 21:38:38 ----D---- C:\Program Files\Common Files\DivX Shared
2009-10-17 21:38:30 ----D---- C:\WINDOWS\WinSxS
2009-10-17 16:22:16 ----D---- C:\WINDOWS\Help
2009-10-16 15:08:17 ----RSD---- C:\WINDOWS\assembly
2009-10-16 15:00:15 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-15 21:34:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-15 21:03:29 ----A---- C:\WINDOWS\imsins.BAK
2009-10-15 21:03:15 ----D---- C:\Program Files\Internet Explorer
2009-10-15 21:02:44 ----HD---- C:\WINDOWS\$hf_mig$
2009-10-15 20:27:49 ----SHD---- C:\System Volume Information
2009-10-15 15:42:10 ----D---- C:\WINDOWS\system32\CatRoot
2009-10-11 00:03:14 ----A---- C:\WINDOWS\nvrbm.ini
2009-10-10 11:21:32 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\BSplayer
2009-10-05 20:36:06 ----D---- C:\Program Files\PhotoFiltre Studio X
2009-10-05 08:39:27 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\MassTube
2009-10-02 20:01:57 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-27 20:38:42 ----D---- C:\Program Files\Bonjour
2009-09-27 19:45:23 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2009-01-31 82380]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-17 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-17 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-05-07 108552]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2005-07-08 28672]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-11-18 377358]
R3 DFE528TX;D-Link DFE-528TX PCI Adapter; C:\WINDOWS\system32\DRIVERS\DLKRTL.SYS [2002-06-24 45568]
R3 HCF_MSFT;HCF_MSFT; C:\WINDOWS\system32\DRIVERS\HCF_MSFT.sys [2001-10-26 908256]
R3 HidUsb;Microsoft HID osztályú illesztőprogram; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Egér HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-12-26 6301344]
R3 usbhub;USB2-engedélyezett hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB univerzális állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584]
S1 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys []
S3 ac97intc;Intel(r) 82801 hangillesztő telepítési szolgáltatása (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-10-10 101120]
S3 mbr;mbr; \??\C:\DOCUME~1\ARADII~1\LOCALS~1\Temp\mbr.sys []
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\1E.tmp []
S3 rtl8139;Realtek RTL8139(A/B/C) alapú PCI gyors Ethernet-adapter NT illesztőprogramja; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 usbccgp;Microsoft USB általános szülő-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER osztály; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-képolvasó illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB háttértár illesztőprogramja; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-08-17 908056]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-17 297752]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-08 871424]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-10-18 1170768]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-12-18 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-12-26 163908]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S2 gupdate1c9de3a2d80f890;Google frissítési szolgáltatás (gupdate1c9de3a2d80f890); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-26 133104]
S2 hpdj;hpdj; C:\DOCUME~1\ARADII~1\LOCALS~1\Temp\hpdj.exe [2003-03-11 266240]
S3 aspnet_state;ASP.NET-állapotszolgáltatás; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-25 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-03 182768]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;A Windows Media Player hálózatmegosztási szolgáltatása; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-10 919040]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp portmegosztási szolgáltatás; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

by **Dakeyras** » October 23rd, 2009, 2:21 pm

Hi.

Thank you very much for your answer.

You're welcome!

I have done everything you suggested. My pc now works well. Yes, this is a Hungarian version of XP and my ISP is Externet.

OK and thank you for the confirmation.

CKScanner:

Please download CKScanner from here to your Desktop.

Make sure that CKScanner.exe is on the your Desktop before running the application!

Double-click on CKScanner.exe and click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved
Double-click on the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply.

Next:

Please download Lop S&D and save it to your desktop.

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of Lop S&D.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Double-click Lop S&D.exe
Choose the language by typing of the corresponding letter and press Enter
Click OK at the informative window
Type 1, to choose Option 1 (Search) then press Enter
Wait until the end of the scan
A report will be generated, post the contents of it in your next reply.

Note: Copy of the report can be found at this location: %systemdrive%\lopR.txt, in most cases C:\lopR.txt.

When completed the above, please post back the following in the order asked for:

How is you computer performing now, any further symptoms and or problems encountered?
CKFiles.txt
lopR.txt.
A new RSIT Log.

Note: Post all requested logs separately if it makes it easier to do so.

by **clarissa** » October 24th, 2009, 3:48 pm

Hello!

Here is CKScanner's logfile:

CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\all users\start menu\programs\cracklock\cracklock manager.lnk
c:\documents and settings\all users\start menu\programs\cracklock\cracklock website.url
c:\documents and settings\all users\start menu\programs\cracklock\documentation.lnk
c:\documents and settings\all users\start menu\programs\cracklock\uninstall cracklock.lnk
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\help\cracks.html
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\crumbling
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\gouges
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\hairline
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\long and wide
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\pock marked
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\shattered
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\short and rough
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\smooth and shallow
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\spidery
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\shatter\big cracks
c:\letöltések\telepítők\cracklock.3.9.44.exe
c:\letöltések\telepítők\plugin\fluid mask 3.08 by kupuj\english\english crack\fluidmask3.exe
c:\program files\cracklock\install-message.rtf
c:\program files\cracklock\issproc.dll
c:\program files\cracklock\issproclanguage.ini
c:\program files\cracklock\unins000.dat
c:\program files\cracklock\unins000.exe
c:\program files\cracklock\bin\clinject.exe
c:\program files\cracklock\bin\clkern.dll
c:\program files\cracklock\bin\clmngr.exe
c:\program files\cracklock\bin\clshex.dll
c:\program files\cracklock\bin\mcl.exe
c:\program files\cracklock\examples\csharpclock.exe
c:\program files\cracklock\examples\vbclock.exe
c:\program files\cracklock\examples\vcclock.exe
c:\program files\cracklock\help\cracklock-ar.chm
c:\program files\cracklock\help\cracklock-en.chm
c:\program files\cracklock\help\cracklock-fr.chm
c:\program files\cracklock\help\cracklock-sp.chm
c:\program files\cracklock\languages\clresus.dll
c:\program files\cracklock\languages\clres_ar.dll
c:\program files\cracklock\languages\clres_chs.dll
c:\program files\cracklock\languages\clres_de.dll
c:\program files\cracklock\languages\clres_es.dll
c:\program files\cracklock\languages\clres_fr.dll
c:\program files\cracklock\languages\clres_hr.dll
c:\program files\cracklock\languages\clres_hu.dll
c:\program files\cracklock\languages\clres_ko.dll
c:\program files\cracklock\languages\clres_pt.dll
c:\program files\photofiltre studio x\plugins\xenofex 2\help\cracks.html
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\crumbling
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\gouges
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\hairline
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\long and wide
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\pock marked
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\shattered
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\short and rough
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\smooth and shallow
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\spidery
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\shatter\big cracks
scanner sequence 3.ZZ.11
----- EOF -----

by **clarissa** » October 24th, 2009, 4:24 pm

Hi

This is LopR.txt:

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Szervizcsomag 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 1.60GHz )
BIOS : Award Modular BIOS v6.00PG
USER : Aradi Istvánné ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.5 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:13 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 2009.10.24.|22:03 )

--------------------\\ Listing folders in APPLIC~1

[2009.09.27.|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.10.18.|10:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009.01.24.|12:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[2009.01.25.|15:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2009.09.27.|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2009.09.27.|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2009.06.24.|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVG Security Toolbar
[2009.02.01.|04:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[2009.01.24.|23:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[2009.01.21.|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[2009.09.26.|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Digital Anarchy
[2009.01.25.|15:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[2009.08.29.|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreeDownloadManager.ORG
[2009.02.15.|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[2009.01.24.|16:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JGLSz˘t r
[2009.01.23.|00:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[2009.03.06.|11:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[2009.10.18.|09:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2009.01.20.|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2009.02.27.|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2009.03.02.|06:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
[2009.08.01.|09:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[2009.10.14.|21:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PhotoJoy
[2009.06.27.|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Redfield
[2009.10.03.|23:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2009.10.23.|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VertusTech
[2009.02.15.|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Vodafone
[2009.01.19.|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[0|f jl] C:\DOCUME~1\ALLUSE~1\APPLIC~1\b jt
[30|k”nyvt r] C:\DOCUME~1\ALLUSE~1\APPLIC~1\b jt szabad

[2009.01.24.|12:55] C:\DOCUME~1\ARADII~1\APPLIC~1\ACD Systems
[2009.08.01.|00:12] C:\DOCUME~1\ARADII~1\APPLIC~1\Adobe
[2009.01.25.|16:04] C:\DOCUME~1\ARADII~1\APPLIC~1\Ahead
[2009.06.27.|15:29] C:\DOCUME~1\ARADII~1\APPLIC~1\Alien Skin
[2009.09.27.|21:34] C:\DOCUME~1\ARADII~1\APPLIC~1\Apple Computer
[2009.01.19.|18:25] C:\DOCUME~1\ARADII~1\APPLIC~1\AVGTOOLBAR
[2009.10.10.|11:21] C:\DOCUME~1\ARADII~1\APPLIC~1\BSplayer
[2009.05.01.|15:20] C:\DOCUME~1\ARADII~1\APPLIC~1\BSplayer Pro
[2009.01.24.|23:16] C:\DOCUME~1\ARADII~1\APPLIC~1\Corel
[2009.01.21.|19:26] C:\DOCUME~1\ARADII~1\APPLIC~1\CyberLink
[2009.10.09.|09:29] C:\DOCUME~1\ARADII~1\APPLIC~1\DeviceDoctorSoftware
[2009.06.29.|23:46] C:\DOCUME~1\ARADII~1\APPLIC~1\DivX
[2009.10.23.|22:54] C:\DOCUME~1\ARADII~1\APPLIC~1\Free Download Manager
[2009.07.03.|09:54] C:\DOCUME~1\ARADII~1\APPLIC~1\Google
[2009.06.01.|09:47] C:\DOCUME~1\ARADII~1\APPLIC~1\Help
[2009.01.31.|12:59] C:\DOCUME~1\ARADII~1\APPLIC~1\Hewlett-Packard
[2009.06.14.|17:49] C:\DOCUME~1\ARADII~1\APPLIC~1\Identities
[2009.02.04.|23:17] C:\DOCUME~1\ARADII~1\APPLIC~1\Jasc
[2009.01.19.|17:32] C:\DOCUME~1\ARADII~1\APPLIC~1\Macromedia
[2009.03.06.|11:07] C:\DOCUME~1\ARADII~1\APPLIC~1\MAGIX
[2009.10.18.|09:31] C:\DOCUME~1\ARADII~1\APPLIC~1\Malwarebytes
[2009.01.21.|18:39] C:\DOCUME~1\ARADII~1\APPLIC~1\Media Player Classic
[2009.07.03.|08:26] C:\DOCUME~1\ARADII~1\APPLIC~1\Microsoft
[2009.06.14.|17:49] C:\DOCUME~1\ARADII~1\APPLIC~1\PhotoFiltre Studio X
[2009.05.22.|08:52] C:\DOCUME~1\ARADII~1\APPLIC~1\Samsung
[2009.01.31.|12:32] C:\DOCUME~1\ARADII~1\APPLIC~1\Share-to-Web felt”lt‚si mappa
[2009.01.21.|16:34] C:\DOCUME~1\ARADII~1\APPLIC~1\Sun
[2009.10.24.|22:03] C:\DOCUME~1\ARADII~1\APPLIC~1\uTorrent
[2009.02.15.|14:15] C:\DOCUME~1\ARADII~1\APPLIC~1\Vodafone
[2009.01.20.|18:37] C:\DOCUME~1\ARADII~1\APPLIC~1\Windows Desktop Search
[2009.01.24.|11:00] C:\DOCUME~1\ARADII~1\APPLIC~1\Windows Search
[2009.01.21.|20:18] C:\DOCUME~1\ARADII~1\APPLIC~1\WinRAR
[2009.10.23.|23:18] C:\DOCUME~1\ARADII~1\APPLIC~1\Xilisoft
[0|f jl] C:\DOCUME~1\ARADII~1\APPLIC~1\b jt
[35|k”nyvt r] C:\DOCUME~1\ARADII~1\APPLIC~1\b jt szabad

[2009.01.19.|17:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[0|f jl] C:\DOCUME~1\DEFAUL~1\APPLIC~1\b jt
[3|k”nyvt r] C:\DOCUME~1\DEFAUL~1\APPLIC~1\b jt szabad

[2009.02.02.|23:56] C:\DOCUME~1\Kriszti\APPLIC~1\ACD Systems
[2009.05.10.|13:37] C:\DOCUME~1\Kriszti\APPLIC~1\Adobe
[2009.03.09.|23:44] C:\DOCUME~1\Kriszti\APPLIC~1\AVGTOOLBAR
[2009.07.05.|06:56] C:\DOCUME~1\Kriszti\APPLIC~1\Google
[2009.01.19.|20:41] C:\DOCUME~1\Kriszti\APPLIC~1\Identities
[2009.01.20.|15:06] C:\DOCUME~1\Kriszti\APPLIC~1\Macromedia
[2009.03.08.|06:05] C:\DOCUME~1\Kriszti\APPLIC~1\MAGIX
[2009.05.04.|07:06] C:\DOCUME~1\Kriszti\APPLIC~1\Microsoft
[2009.01.21.|22:04] C:\DOCUME~1\Kriszti\APPLIC~1\Samsung
[2009.02.27.|18:01] C:\DOCUME~1\Kriszti\APPLIC~1\SecuROM
[2009.01.31.|17:57] C:\DOCUME~1\Kriszti\APPLIC~1\Share-to-Web felt”lt‚si mappa
[2009.03.31.|22:41] C:\DOCUME~1\Kriszti\APPLIC~1\Sun
[2009.02.16.|08:02] C:\DOCUME~1\Kriszti\APPLIC~1\Vodafone
[2009.01.20.|19:59] C:\DOCUME~1\Kriszti\APPLIC~1\Windows Desktop Search
[2009.02.18.|00:00] C:\DOCUME~1\Kriszti\APPLIC~1\Windows Search
[2009.02.10.|19:11] C:\DOCUME~1\Kriszti\APPLIC~1\WinRAR
[0|f jl] C:\DOCUME~1\Kriszti\APPLIC~1\b jt
[18|k”nyvt r] C:\DOCUME~1\Kriszti\APPLIC~1\b jt szabad

[2009.06.24.|20:10] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVGTOOLBAR
[2009.01.20.|19:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2009.02.15.|14:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Vodafone
[0|f jl] C:\DOCUME~1\LOCALS~1\APPLIC~1\b jt
[5|k”nyvt r] C:\DOCUME~1\LOCALS~1\APPLIC~1\b jt szabad

[2009.01.19.|18:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[0|f jl] C:\DOCUME~1\NETWOR~1\APPLIC~1\b jt
[3|k”nyvt r] C:\DOCUME~1\NETWOR~1\APPLIC~1\b jt szabad

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[2009.10.24. 21:21][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009.10.24. 17:46][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009.10.24. 21:55][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009.10.24. 17:46][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2004.08.18. 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Program Files

[2009.01.24.|12:54] C:\Program Files\ACD Systems
[2009.01.28.|11:17] C:\Program Files\Adobe
[2009.01.21.|18:55] C:\Program Files\Ahead
[2009.09.27.|19:25] C:\Program Files\Apple Software Update
[2009.07.27.|21:21] C:\Program Files\Ashampoo
[2009.01.19.|18:16] C:\Program Files\AVG
[2009.09.27.|20:38] C:\Program Files\Bonjour
[2009.01.19.|17:46] C:\Program Files\C-Media
[2009.09.27.|19:45] C:\Program Files\Common Files
[2009.01.19.|17:13] C:\Program Files\ComPlus Applications
[2009.01.24.|23:08] C:\Program Files\Corel
[2009.06.14.|18:33] C:\Program Files\Cracklock
[2009.06.26.|21:43] C:\Program Files\DCETools
[2009.02.07.|15:04] C:\Program Files\Defraggler
[2009.10.17.|21:39] C:\Program Files\DivX
[2009.01.22.|22:02] C:\Program Files\ffdshow
[2009.08.29.|16:06] C:\Program Files\Free Download Manager
[2009.01.22.|22:23] C:\Program Files\Gabest
[2009.08.04.|08:31] C:\Program Files\Google
[2009.07.26.|10:32] C:\Program Files\HammerHead
[2009.01.31.|12:31] C:\Program Files\Hewlett-Packard
[2009.05.22.|08:52] C:\Program Files\InstallShield Installation Information
[2009.10.15.|21:03] C:\Program Files\Internet Explorer
[2009.02.04.|23:15] C:\Program Files\Jasc Software Inc
[2009.08.30.|00:04] C:\Program Files\Java
[2009.01.24.|12:00] C:\Program Files\J˘magam
[2009.01.23.|00:28] C:\Program Files\Lavasoft
[2009.09.12.|18:16] C:\Program Files\LopeSoft
[2009.01.20.|00:25] C:\Program Files\Messenger
[2009.07.11.|21:54] C:\Program Files\Messenger Plus! Live
[2009.01.20.|12:19] C:\Program Files\Microsoft
[2009.01.19.|17:19] C:\Program Files\microsoft frontpage
[2009.01.20.|15:42] C:\Program Files\Microsoft Office
[2009.09.09.|18:19] C:\Program Files\Microsoft Silverlight
[2009.01.19.|19:05] C:\Program Files\Microsoft Visual Studio
[2009.01.23.|20:14] C:\Program Files\Microsoft Works
[2009.01.19.|19:07] C:\Program Files\Microsoft.NET
[2009.01.24.|18:35] C:\Program Files\minode
[2009.01.20.|00:16] C:\Program Files\Movie Maker
[2009.03.22.|11:10] C:\Program Files\MSBuild
[2009.01.19.|17:12] C:\Program Files\MSN Gaming Zone
[2009.01.22.|16:32] C:\Program Files\MSXML 4.0
[2009.01.20.|00:10] C:\Program Files\NetMeeting
[2009.01.19.|17:16] C:\Program Files\Online Services
[2009.08.17.|00:55] C:\Program Files\Outlook Express
[2009.01.19.|17:47] C:\Program Files\PCI Audio Applications
[2009.10.05.|20:36] C:\Program Files\PhotoFiltre Studio X
[2009.10.14.|21:13] C:\Program Files\PhotoJoy
[2009.01.23.|23:11] C:\Program Files\PhotoScape
[2009.01.22.|18:26] C:\Program Files\Plus!
[2009.09.27.|19:44] C:\Program Files\QuickTime
[2009.03.22.|11:10] C:\Program Files\Reference Assemblies
[2009.03.23.|23:32] C:\Program Files\Simple Webpage Capture
[2009.10.19.|20:43] C:\Program Files\Sophos
[2009.09.20.|20:45] C:\Program Files\Super Internet TV
[2009.10.23.|18:22] C:\Program Files\SystemRequirementsLab
[2009.01.19.|17:27] C:\Program Files\Uninstall Information
[2009.01.23.|22:26] C:\Program Files\uTorrent
[2009.10.23.|10:14] C:\Program Files\Vertus Fluid Mask 3
[2009.05.01.|15:20] C:\Program Files\Webteh
[2009.06.10.|16:53] C:\Program Files\Windows Desktop Search
[2009.01.20.|12:19] C:\Program Files\Windows Live
[2009.01.20.|12:19] C:\Program Files\Windows Live SkyDrive
[2009.01.20.|18:23] C:\Program Files\Windows Media Connect 2
[2009.01.20.|18:23] C:\Program Files\Windows Media Player
[2009.01.20.|00:10] C:\Program Files\Windows NT
[2009.01.19.|17:16] C:\Program Files\WindowsUpdate
[2009.02.18.|23:39] C:\Program Files\WinRAR
[2009.01.19.|17:19] C:\Program Files\xerox
[0|f jl] C:\Program Files\b jt
[71|k”nyvt r] C:\Program Files\b jt szabad

--------------------\\ Listing Folders in C:\Program Files\Common Files

[2009.01.24.|13:05] C:\Program Files\Common Files\ACD Systems
[2009.01.25.|15:31] C:\Program Files\Common Files\Adobe
[2009.01.21.|18:54] C:\Program Files\Common Files\Ahead
[2009.09.28.|22:28] C:\Program Files\Common Files\Apple
[2009.01.24.|23:10] C:\Program Files\Common Files\Corel
[2009.01.19.|19:05] C:\Program Files\Common Files\DESIGNER
[2009.02.14.|22:22] C:\Program Files\Common Files\DirectX
[2009.10.17.|21:38] C:\Program Files\Common Files\DivX Shared
[2009.01.31.|12:31] C:\Program Files\Common Files\Hewlett-Packard
[2009.10.19.|01:18] C:\Program Files\Common Files\InstallShield
[2009.01.21.|18:59] C:\Program Files\Common Files\LightScribe
[2009.01.25.|15:13] C:\Program Files\Common Files\Macrovision Shared
[2009.02.17.|13:39] C:\Program Files\Common Files\Microsoft Shared
[2009.01.19.|17:15] C:\Program Files\Common Files\MSSoap
[2009.01.19.|18:03] C:\Program Files\Common Files\ODBC
[2009.01.19.|17:15] C:\Program Files\Common Files\Services
[2009.01.19.|18:03] C:\Program Files\Common Files\SpeechEngines
[2009.01.20.|00:10] C:\Program Files\Common Files\System
[2009.01.20.|12:16] C:\Program Files\Common Files\Windows Live
[0|f jl] C:\Program Files\Common Files\b jt
[21|k”nyvt r] C:\Program Files\Common Files\b jt szabad

--------------------\\ Process

( 54 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

C:\DOCUME~1\ARADII~1\Cookies\aradi_istvánné@bigpoint[2].txt
C:\DOCUME~1\ARADII~1\Cookies\aradi_istvánné@hu.seafight.bigpoint[1].txt
C:\DOCUME~1\ARADII~1\Cookies\aradi_istvánné@hu.seafight.bigpoint[1].txt
C:\DOCUME~1\ARADII~1\Cookies\aradi_istvánné@888[1].txt

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN

--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-24 22:05:32
Windows 5.1.2600 Szervizcsomag 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\ARADII~1\Application Data\Alien Skin\Xenofex 2\Cracks
C:\DOCUME~1\ARADII~1\Application Data\uTorrent\ACDSee 7 (PowerPack) inc KeyGen + Updated Build.rar.torrent
C:\DOCUME~1\ARADII~1\Application Data\uTorrent\Cracklock 3.8.8.torrent
C:\DOCUME~1\ARADII~1\Application Data\uTorrent\EA Games Keygen.torrent
C:\DOCUME~1\ARADII~1\Local Settings\Application Data\Cracklock.settings
C:\DOCUME~1\ALLUSE~1\Start Menu\Programs\Cracklock
C:\DOCUME~1\ALLUSE~1\Start Menu\Programs\Cracklock\Cracklock Manager.lnk
C:\DOCUME~1\ALLUSE~1\Start Menu\Programs\Cracklock\Cracklock website.url
C:\DOCUME~1\ALLUSE~1\Start Menu\Programs\Cracklock\Documentation.lnk
C:\DOCUME~1\ALLUSE~1\Start Menu\Programs\Cracklock\Uninstall Cracklock.lnk

[F:351][D:19]-> C:\DOCUME~1\ARADII~1\LOCALS~1\Temp
[F:3079][D:0]-> C:\DOCUME~1\ARADII~1\Cookies
[F:2914][D:9]-> C:\DOCUME~1\ARADII~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 2009.10.24.|22:09 - Option : [1]

--------------------\\ Scan completed at 22:09:26

by **clarissa** » October 24th, 2009, 4:56 pm

Hi

Thank you for your answer.
My computer works well.

Here is the new Rsit logfile:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Aradi Istvánné at 2009-10-24 22:32:08
Microsoft Windows XP Professional Szervizcsomag 3
System drive C: has 14 GB (37%) free of 38 GB
Total RAM: 767 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:32:35, on 2009.10.24.
Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\Mixer.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\PhotoJoy\bin\PjApp.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Aradi Istvánné\Asztal\RSIT.exe
C:\Program Files\trend micro\Aradi Istvánné.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://kapu.hu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
O2 - BHO: Adobe PDF Reader hivatkozássúgó - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live bejelentkezési segítség - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [PhotoJoy] C:\Program Files\PhotoJoy\bin\PhotoJoy.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Az összes letöltése Free Download Managerrel - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Kijelölés letöltése Free Download Managerrel - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Letöltés Free Download Managerrel - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Video letöltése a Free Download Manager-rel - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.hu/s/v/50.14/uploader2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2385059187
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2460091857
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/1 ... oader4.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B2F2B81-9F58-4831-BFC1-6569EEBB4791}: NameServer = 212.40.96.171 212.40.96.170
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google frissítési szolgáltatás (gupdate1c9de3a2d80f890) (gupdate1c9de3a2d80f890) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpdj - HP - C:\DOCUME~1\ARADII~1\LOCALS~1\Temp\hpdj.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

--
End of file - 10250 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader hivatkozássúgó - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-08-17 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live bejelentkezési segítség - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-12-26 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-12-26 86016]
"C-Media Mixer"=Mixer.exe /startup []
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-10-16 2025752]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2005-07-08 1397760]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-10-18 781656]
"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [2002-12-17 49152]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe [2003-03-11 172032]
"DeviceDiscovery"=C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2002-12-02 40960]
"Share-to-Web Namespace Daemon"=C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-17 69632]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runcleanupscript []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-10-11 1961984]
"PhotoJoy"=C:\Program Files\PhotoJoy\bin\PhotoJoy.exe [2009-04-26 918840]

C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-08-17 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Free Download Manager\fdm.exe"="C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Letöltések\Need For Speed Underground\Speed.exe"="C:\Letöltések\Need For Speed Underground\Speed.exe:*:Enabled:Speed"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\aMSN\bin\wish.exe"="C:\Program Files\aMSN\bin\wish.exe:*:Enabled:Wish Application"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\PhotoJoy\Bin\PjImp.exe"="C:\Program Files\PhotoJoy\Bin\PjImp.exe:*:Disabled:PhotoJoy"
"C:\Program Files\PhotoJoy\Bin\PhotoJoy.exe"="C:\Program Files\PhotoJoy\Bin\PhotoJoy.exe:*:Enabled:PhotoJoy"
"C:\Program Files\PhotoJoy\Bin\PjApp.exe"="C:\Program Files\PhotoJoy\Bin\PjApp.exe:*:Enabled:PhotoJoy"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{319bedb4-2432-11de-9731-00119521b0dd}]
shell\AutoRun\command - F:\setup_vmc_lite.exe /checkApplicationPresence

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b42e453a-fab6-11dd-a364-00119521b0dd}]
shell\AutoRun\command - F:\setup_vmc_lite.exe /checkApplicationPresence

======List of files/folders created in the last 1 months======

2009-10-24 22:32:09 ----D---- C:\Program Files\trend micro
2009-10-24 22:03:35 ----A---- C:\lopR.txt
2009-10-24 22:02:44 ----D---- C:\Lop SD
2009-10-23 22:54:58 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\Xilisoft
2009-10-23 15:24:30 ----D---- C:\rsit
2009-10-23 10:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\VertusTech
2009-10-23 10:14:18 ----D---- C:\Program Files\Vertus Fluid Mask 3
2009-10-19 09:04:42 ----D---- C:\Program Files\Sophos
2009-10-18 10:42:03 ----HDC---- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-10-18 09:31:34 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\Malwarebytes
2009-10-18 09:31:25 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-18 09:25:21 ----D---- C:\WINDOWS\CSC
2009-10-18 09:25:06 ----A---- C:\WINDOWS\ntbtlog.txt
2009-10-15 21:03:33 ----D---- C:\aa4106262acf51524470c6
2009-10-15 21:01:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-15 21:01:07 ----A---- C:\WINDOWS\system32\MRT.INI
2009-10-15 20:55:05 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-15 20:54:08 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-15 20:54:00 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-15 20:53:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-15 20:53:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-15 20:49:21 ----SHD---- C:\Config.Msi
2009-10-15 20:48:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-15 20:48:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-15 20:46:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-15 16:15:57 ----A---- C:\WINDOWS\zykitumoc.vbs
2009-10-15 16:15:57 ----A---- C:\WINDOWS\qyvupefoqi.dll
2009-10-14 21:13:45 ----D---- C:\Documents and Settings\All Users\Application Data\PhotoJoy
2009-10-14 21:13:44 ----D---- C:\Program Files\PhotoJoy
2009-10-09 09:29:50 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\DeviceDoctorSoftware
2009-10-03 22:39:18 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-09-30 19:55:17 ----A---- C:\WINDOWS\3DShadow.INI
2009-09-30 19:48:04 ----N---- C:\WINDOWS\AWuninstall.exe
2009-09-27 20:39:44 ----D---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-27 19:45:23 ----D---- C:\Program Files\Common Files\Apple
2009-09-27 19:44:20 ----D---- C:\Program Files\QuickTime
2009-09-27 19:44:18 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-09-27 19:43:13 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\Apple Computer
2009-09-27 19:25:00 ----D---- C:\Program Files\Apple Software Update
2009-09-27 19:24:59 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-09-26 15:01:45 ----D---- C:\Documents and Settings\All Users\Application Data\Digital Anarchy
2009-09-25 18:41:26 ----A---- C:\WINDOWS\system32\divx_xx16.dll
2009-09-25 18:41:26 ----A---- C:\WINDOWS\system32\divx_xx11.dll
2009-09-25 18:41:26 ----A---- C:\WINDOWS\system32\divx_xx0c.dll
2009-09-25 18:41:26 ----A---- C:\WINDOWS\system32\divx_xx0a.dll
2009-09-25 18:41:26 ----A---- C:\WINDOWS\system32\divx_xx07.dll
2009-09-25 18:41:26 ----A---- C:\WINDOWS\system32\DivX.dll

======List of files/folders modified in the last 1 months======

2009-10-24 22:32:19 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\uTorrent
2009-10-24 22:32:09 ----RD---- C:\Program Files
2009-10-24 22:32:09 ----D---- C:\WINDOWS\Prefetch
2009-10-24 22:14:06 ----D---- C:\WINDOWS\Temp
2009-10-24 22:13:27 ----SD---- C:\WINDOWS\Tasks
2009-10-24 21:21:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-24 21:00:45 ----D---- C:\Letöltések
2009-10-24 10:50:47 ----SHD---- C:\WINDOWS\Installer
2009-10-24 10:50:46 ----D---- C:\WINDOWS\WinSxS
2009-10-24 07:35:52 ----D---- C:\WINDOWS
2009-10-24 00:21:49 ----A---- C:\WINDOWS\system32\prsgrc.dll
2009-10-23 22:54:35 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\Free Download Manager
2009-10-23 20:57:29 ----D---- C:\WINDOWS\system32
2009-10-23 18:22:06 ----D---- C:\Program Files\SystemRequirementsLab
2009-10-23 18:22:01 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-10-23 17:19:31 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-23 10:14:57 ----A---- C:\WINDOWS\system32\fbv48px.dll
2009-10-23 10:14:53 ----A---- C:\WINDOWS\system32\grcauth2.dll
2009-10-23 10:14:53 ----A---- C:\WINDOWS\system32\grcauth1.dll
2009-10-23 10:14:50 ----A---- C:\WINDOWS\system32\ssprs.dll
2009-10-23 10:14:50 ----A---- C:\WINDOWS\system32\clauth2.dll
2009-10-23 10:14:50 ----A---- C:\WINDOWS\system32\clauth1.dll
2009-10-22 20:49:54 ----A---- C:\WINDOWS\NeroDigital.ini
2009-10-19 20:42:50 ----D---- C:\WINDOWS\system32\drivers
2009-10-19 20:15:27 ----HD---- C:\WINDOWS\inf
2009-10-19 19:58:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-19 01:18:30 ----D---- C:\Program Files\Common Files\InstallShield
2009-10-19 01:17:39 ----D---- C:\NVIDIA
2009-10-18 22:38:23 ----D---- C:\WINDOWS\system32\Restore
2009-10-18 13:37:02 ----HD---- C:\$AVG8.VAULT$
2009-10-18 10:44:24 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-10-17 21:39:10 ----D---- C:\Program Files\DivX
2009-10-17 21:38:38 ----D---- C:\Program Files\Common Files\DivX Shared
2009-10-17 16:22:16 ----D---- C:\WINDOWS\Help
2009-10-16 15:08:17 ----RSD---- C:\WINDOWS\assembly
2009-10-16 15:00:15 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-15 21:34:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-15 21:03:29 ----A---- C:\WINDOWS\imsins.BAK
2009-10-15 21:03:15 ----D---- C:\Program Files\Internet Explorer
2009-10-15 21:02:44 ----HD---- C:\WINDOWS\$hf_mig$
2009-10-15 20:27:49 ----SHD---- C:\System Volume Information
2009-10-15 15:42:10 ----D---- C:\WINDOWS\system32\CatRoot
2009-10-11 00:03:14 ----A---- C:\WINDOWS\nvrbm.ini
2009-10-10 11:21:32 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\BSplayer
2009-10-05 20:36:06 ----D---- C:\Program Files\PhotoFiltre Studio X
2009-10-02 20:01:57 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-27 20:38:42 ----D---- C:\Program Files\Bonjour
2009-09-27 19:45:23 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2009-01-31 82380]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-17 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-17 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-05-07 108552]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2005-07-08 28672]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-11-18 377358]
R3 DFE528TX;D-Link DFE-528TX PCI Adapter; C:\WINDOWS\system32\DRIVERS\DLKRTL.SYS [2002-06-24 45568]
R3 HCF_MSFT;HCF_MSFT; C:\WINDOWS\system32\DRIVERS\HCF_MSFT.sys [2001-10-26 908256]
R3 HidUsb;Microsoft HID osztályú illesztőprogram; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Egér HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-12-26 6301344]
R3 usbhub;USB2-engedélyezett hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB univerzális állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584]
S1 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys []
S3 ac97intc;Intel(r) 82801 hangillesztő telepítési szolgáltatása (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-10-10 101120]
S3 mbr;mbr; \??\C:\DOCUME~1\ARADII~1\LOCALS~1\Temp\mbr.sys []
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\1E.tmp []
S3 rtl8139;Realtek RTL8139(A/B/C) alapú PCI gyors Ethernet-adapter NT illesztőprogramja; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 usbccgp;Microsoft USB általános szülő-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER osztály; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-képolvasó illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB háttértár illesztőprogramja; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-08-17 908056]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-17 297752]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-08 871424]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-10-18 1170768]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-12-18 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-12-26 163908]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 gupdate1c9de3a2d80f890;Google frissítési szolgáltatás (gupdate1c9de3a2d80f890); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-26 133104]
S2 hpdj;hpdj; C:\DOCUME~1\ARADII~1\LOCALS~1\Temp\hpdj.exe [2003-03-11 266240]
S3 aspnet_state;ASP.NET-állapotszolgáltatás; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-25 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-03 182768]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;A Windows Media Player hálózatmegosztási szolgáltatása; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-10 919040]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp portmegosztási szolgáltatás; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

by **Dakeyras** » October 24th, 2009, 6:35 pm

Hi. clarissa .

Thank you for your answer.
My computer works well.

You are welcome.............however you have numerous illegal software applications on your computer. Please read this portion of the forum rules(you should have as I pointed out in my initial reply):

Any time the helper detects that you may have illegal software on your machine, that helper may stop assisting you immediately until you can demonstrate that you have rectified the situation. We will not support fixing machines with pirated or otherwise illegal software.

Source.

c:\documents and settings\all users\start menu\programs\cracklock\cracklock manager.lnk
c:\documents and settings\all users\start menu\programs\cracklock\cracklock website.url
c:\documents and settings\all users\start menu\programs\cracklock\documentation.lnk
c:\documents and settings\all users\start menu\programs\cracklock\uninstall cracklock.lnk
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\help\cracks.html
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\crumbling
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\gouges
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\hairline
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\long and wide
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\pock marked
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\shattered
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\short and rough
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\smooth and shallow
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\cracks\spidery
c:\letöltések\photofiltre studio mentés\plugins\xenofex 2\settings\shatter\big cracks
c:\letöltések\telepítok\cracklock.3.9.44.exe
c:\letöltések\telepítok\plugin\fluid mask 3.08 by kupuj\english\english crack\fluidmask3.exe
c:\program files\cracklock\install-message.rtf
c:\program files\cracklock\issproc.dll
c:\program files\cracklock\issproclanguage.ini
c:\program files\cracklock\unins000.dat
c:\program files\cracklock\unins000.exe
c:\program files\cracklock\bin\clinject.exe
c:\program files\cracklock\bin\clkern.dll
c:\program files\cracklock\bin\clmngr.exe
c:\program files\cracklock\bin\clshex.dll
c:\program files\cracklock\bin\mcl.exe
c:\program files\cracklock\examples\csharpclock.exe
c:\program files\cracklock\examples\vbclock.exe
c:\program files\cracklock\examples\vcclock.exe
c:\program files\cracklock\help\cracklock-ar.chm
c:\program files\cracklock\help\cracklock-en.chm
c:\program files\cracklock\help\cracklock-fr.chm
c:\program files\cracklock\help\cracklock-sp.chm
c:\program files\cracklock\languages\clresus.dll
c:\program files\cracklock\languages\clres_ar.dll
c:\program files\cracklock\languages\clres_chs.dll
c:\program files\cracklock\languages\clres_de.dll
c:\program files\cracklock\languages\clres_es.dll
c:\program files\cracklock\languages\clres_fr.dll
c:\program files\cracklock\languages\clres_hr.dll
c:\program files\cracklock\languages\clres_hu.dll
c:\program files\cracklock\languages\clres_ko.dll
c:\program files\cracklock\languages\clres_pt.dll
c:\program files\photofiltre studio x\plugins\xenofex 2\help\cracks.html
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\crumbling
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\gouges
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\hairline
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\long and wide
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\pock marked
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\shattered
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\short and rough
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\smooth and shallow
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\cracks\spidery
c:\program files\photofiltre studio x\plugins\xenofex 2\settings\shatter\big cracks
scanner sequence 3.ZZC:\DOCUME~1\ARADII~1\Application Data\Alien Skin\Xenofex 2\Cracks
C:\DOCUME~1\ARADII~1\Application Data\uTorrent\ACDSee 7 (PowerPack) inc KeyGen + Updated Build.rar.torrent
C:\DOCUME~1\ARADII~1\Application Data\uTorrent\Cracklock 3.8.8.torrent
C:\DOCUME~1\ARADII~1\Application Data\uTorrent\EA Games Keygen.torrent
C:\DOCUME~1\ARADII~1\Local Settings\Application Data\Cracklock.settings
C:\DOCUME~1\ALLUSE~1\Start Menu\Programs\Cracklock
C:\DOCUME~1\ALLUSE~1\Start Menu\Programs\Cracklock\Cracklock Manager.lnk
C:\DOCUME~1\ALLUSE~1\Start Menu\Programs\Cracklock\Cracklock website.url
C:\DOCUME~1\ALLUSE~1\Start Menu\Programs\Cracklock\Documentation.lnk
C:\DOCUME~1\ALLUSE~1\Start Menu\Programs\Cracklock\Uninstall Cracklock.lnk

Remove all now please or I may consider withdrawing my assistance.

Scan with Rooter:

Please download Rooter to your desktop.

Double click on Rooter.exe to start the application.
Now click on the Scan button.
When the scan is completed a text file called Rooter.txt will appear on your desktop, post the contents in your next reply.
Now click on Close button to exit Rooter.

Note: The logfile can also be located within this folder Rooter$ at the root of your installed Hard-Drive. EG: C:\Rooter$

by **clarissa** » October 26th, 2009, 4:53 pm

Hi!

All of the disputed things are deleted:(

Now, can we go on, please?

Here is Rooter's logfile:

Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP . (5.1.2600) Szervizcsomag 3
[32_bits] - x86 Family 15 Model 1 Stepping 2, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[SharedAccess] RUNNING (state:4)
Windows Firewall -> Enabled
.
Internet Explorer 8.0.6001.18702
.
A:\ [Removable]
C:\ [Fixed-NTFS] .. ( Total:37 Go - Free:13 Go )
D:\ [CD_Rom]
E:\ [CD_Rom]
.
Scan : 21:36.34
Path : C:\Documents and Settings\Aradi Istvánné\Asztal\Rooter.exe
User : Aradi Istvánné ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (552)
______ \??\C:\WINDOWS\system32\csrss.exe (616)
______ \??\C:\WINDOWS\system32\winlogon.exe (640)
______ C:\WINDOWS\system32\services.exe (684)
______ C:\WINDOWS\system32\lsass.exe (696)
______ C:\WINDOWS\system32\svchost.exe (852)
______ C:\WINDOWS\system32\svchost.exe (908)
______ C:\WINDOWS\System32\svchost.exe (992)
______ C:\Program Files\Ahead\InCD\InCDsrv.exe (1016)
______ C:\WINDOWS\system32\svchost.exe (1164)
______ C:\WINDOWS\system32\svchost.exe (1200)
______ C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (1332)
______ C:\WINDOWS\Explorer.EXE (1552)
______ C:\WINDOWS\system32\spoolsv.exe (1624)
______ C:\WINDOWS\system32\svchost.exe (1704)
______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (1804)
______ C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (1856)
______ C:\Program Files\Bonjour\mDNSResponder.exe (1924)
______ C:\Program Files\Java\jre6\bin\jqs.exe (280)
______ C:\Program Files\Common Files\LightScribe\LSSrvc.exe (512)
______ C:\PROGRA~1\AVG\AVG8\avgrsx.exe (860)
______ C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (868)
______ C:\PROGRA~1\AVG\AVG8\avgnsx.exe (952)
______ C:\WINDOWS\system32\nvsvc32.exe (1148)
______ C:\WINDOWS\system32\PSIService.exe (1408)
______ C:\WINDOWS\system32\svchost.exe (244)
______ C:\PROGRA~1\AVG\AVG8\avgemc.exe (2000)
______ C:\WINDOWS\system32\RUNDLL32.EXE (364)
______ C:\WINDOWS\Mixer.exe (476)
______ C:\PROGRA~1\AVG\AVG8\avgtray.exe (116)
______ C:\Program Files\Ahead\InCD\InCD.exe (1404)
______ C:\WINDOWS\system32\SearchIndexer.exe (2140)
______ C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (2188)
______ C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe (2240)
______ C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe (2260)
______ C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (2280)
______ C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (2300)
______ C:\Program Files\Java\jre6\bin\jusched.exe (2320)
______ C:\WINDOWS\system32\ctfmon.exe (2492)
______ C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe (2508)
______ C:\Program Files\AVG\AVG8\avgcsrvx.exe (2720)
______ C:\Program Files\Windows Desktop Search\WindowsSearch.exe (2756)
______ C:\Program Files\PhotoJoy\bin\PjApp.exe (3164)
______ C:\WINDOWS\system32\wbem\unsecapp.exe (3644)
______ C:\WINDOWS\system32\wbem\wmiapsrv.exe (1904)
______ C:\WINDOWS\system32\wbem\wmiprvse.exe (1360)
______ C:\WINDOWS\System32\alg.exe (2132)
______ C:\Program Files\Google\Chrome\Application\chrome.exe (2816)
______ C:\Program Files\Google\Chrome\Application\chrome.exe (1068)
______ C:\Program Files\Google\Chrome\Application\chrome.exe (2156)
______ C:\Program Files\Google\Chrome\Application\chrome.exe (3880)
______ C:\Documents and Settings\Aradi Istvánné\Asztal\Rooter.exe (4068)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:32256 | Length:40007729664)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\SA.DAT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 21:37.57
.
C:\Rooter$\Rooter_1.txt - (26/10/2009 | 21:37.57)

Thanks

by **Dakeyras** » October 26th, 2009, 6:17 pm

Hi.

All of the disputed things are deleted:(

Now, can we go on, please?

By all means I will do so. :thumbup:

If I may bring your attention to the below:

P2P (peer to peer) file sharing programmes must be removed.

Now please remove/uninstall:-

uTorrent <-- The uninstaller should be located within this folder:-

C:\Program Files\uTorrent

Any problems with the above merely inform myself in your next reply thank you.

I also advise you uninstall Ad-Aware as this application is currently active in system memory and is taking up valuable system resources. Plus it does not provide particularly effective protection as it once used too in my humble opinion.

Also remove Adobe Acrobat and Reader 8.1.2 as out of date versions pose a security risk.

New Adobe Reader Installation:

Go here and click on AdbeRdr920_en_US.exe to download the latest version of Adobe Acrobat Reader.
Save this file to your desktop and run it to install the latest version of Adobe Reader.

Next:

Using Windows Explorer (to get there right-click your Start button and go to "Explore"), please delete this folder (if present):

C:\rsit

TFC(Temp File Cleaner):

Please download TFC to your desktop,
Save any unsaved work. TFC will close all open application windows.
Double-click TFC.exe to run the program.
Click the Start button in the bottom left of TFC
If prompted, click "Yes" to reboot.

Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.

Malwarebytes Anti-Malware:

Launch the application, Check for Updates >> Perform a Quick Scan
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. please copy and paste the log into your next reply.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Next:

Please make sure that RSIT.exe is still on the Desktop.(if not inform myself straight away please)

Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open:
- log.txt will be opened maximized.
- info.txt will be opened minimized.
Please post the contents of both log.txt and info.txt.

Note: Both logs can also be located within this folder rsit at the root of your installed Hard-Drive. EG: C:\rsit

When completed the above, please post back the following in the order asked for:

How is you computer performing now, any further symptoms and or problems encountered?
Malwarebytes Anti-Malware Log.
A new set of RSIT logs. <-- Post them individually please, IE: one Log per post/reply.

by **clarissa** » October 28th, 2009, 5:15 am

Hello!

My computer seems to be clear and it works well always yet

. And what is more, it became faster. Thanks.

uTorrent and AdAware (I liked it

) are deleted.
Adobe Reader is updated.

Here is MalwareByte's logfile:

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Szervizcsomag 3

2009.10.28. 10:07:08
mbam-log-2009-10-28 (10-07-08).txt

Scan type: Quick Scan
Objects scanned: 99578
Time elapsed: 11 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

by **clarissa** » October 28th, 2009, 5:22 am

The new Rsit info file:

info.txt logfile of random's system information tool 1.06 2009-10-28 10:20:40

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3D Shadow by Lokas Software-->C:\WINDOWS\AWuninstall.exe Software\Lokas Ltd\3D Shadow
ACDSee 10 Photo Manager-->MsiExec.exe /I{F8B98EB6-FC06-45BF-87D4-9784E0408611}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}
Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE}
Adobe Color NA Extra Settings-->MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\6ba4f64693cf3ffde4382ffeebd542f\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{E66F3AFD-643B-4001-A3B3-35616CCFECEA}
Adobe Reader 9.2 - Hungarian-->MsiExec.exe /I{AC76BA86-7AD7-1038-7B44-A92000000001}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{6850DD2F-1DDC-4438-95DC-03CFBC0405FB}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Alien Skin Xenofex 2.0-->C:\PROGRA~1\PHOTOF~2\Plugins\XENOFE~1\UNWISE.EXE C:\PROGRA~1\PHOTOF~2\Plugins\XENOFE~1\INSTALL.LOG
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ashampoo StartUp Tuner 2.00-->"C:\Program Files\Ashampoo\Ashampoo StartUp Tuner 2\unins000.exe"
AV Bros. Page Curl Pro 2.2 (Remove Only)-->C:\Program Files\PhotoFiltre Studio X\Plugins\AV Bros Page Curl Pro 2.2\AVUninstall.exe
AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
C-Media WDM Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
Corel Paint Shop Pro Photo X2-->MsiExec.exe /X{64E72FB1-2343-4977-B4A8-262CD53D0BD3}
DCE Tools 1.0-->"C:\Program Files\DCETools\unins000.exe"
Defraggler (remove only)-->"C:\Program Files\Defraggler\uninst.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
ffdshow [rev 2301] [2008-11-05]-->"C:\Program Files\ffdshow\unins000.exe"
FileMenu Tools-->"C:\Program Files\LopeSoft\FileMenu Tools\unins000.exe"
Free Download Manager 3.0-->"C:\Program Files\Free Download Manager\unins000.exe"
Free FLV Converter V 6.7.3-->"C:\Program Files\Free FLV Converter\unins000.exe"
Frissítés Windows XP rendszerhez (KB943729)-->"C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.27\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HammerHead Rhythm Station-->C:\Program Files\HammerHead\Uninstall.exe
Harry's Filters 3.01-->"C:\Program Files\Adobe\Adobe Photoshop CS3\Plug-Ins\HarrysFilters3\unins000.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\Aradi Istvánné\Dokumentumok\Downloads\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
hp deskjet 3600 series-->rundll32 hpzcon08.dll,VendorJettison hp deskjet 3600 series
hp deskjet 3600-->msiexec /x{7CA32143-2DAC-4F5F-9BAA-2AB3707EF192}
HP fényképalbumlemez-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
HP Photo and Imaging 2.0 - Deskjet Series-->MsiExec.exe /I{E0828692-FD9D-459F-9312-C645C3CA6650}
HP Photo and Imaging 2.1 - Scanjet 36X0 Series-->MsiExec.exe /I{49CE65E4-9EE2-4F29-8768-58DD1E45D09C}
hp print screen utility-->C:\Program Files\Hewlett-Packard\hp print screen utility\UnInstall\prnunins.exe
ID_DCRaw Image Decoder Plug-In-->MsiExec.exe /X{DA1876DD-323E-4D78-8F9F-8F4FDE25C010}
Image Resizer Powertoy for Windows XP-->MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
Jasc Animation Shop 3-->MsiExec.exe /I{7C4196CA-CA41-4F34-9C08-7724E7705D52}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Hungarian Language Pack-->MsiExec.exe /X{8FC113D5-64A6-40EE-9A39-DAB4650457A8}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - HUN-->MsiExec.exe /I{B35E52B3-BFC7-3680-9D0A-19C8512638DB}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - HUN-->MsiExec.exe /I{D5B60174-B7A9-3D80-94C7-F9BADEAD9C67}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - hun-->MsiExec.exe /I{5380C741-5656-387C-9FB0-3E45D07F864A}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Base intelligens kártyás titkosításszolgáltatást nyújtó csomag-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft DirectX Transform optional components-->RUNDLL32.EXE ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\DXTXTRA.INF,UNINSTALL.NT,12
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040E-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Media Content-->MsiExec.exe /I{9030040E-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
minode.hu MindenNAP 2.0-->"c:\program files\minode\MindenNAP 2.0\Uninstal.exe"
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Multimedia Launcher-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Nyelvi csomag a Microsoft .NET-keretrendszer 3.5 1. szervizcsomagjához – HUN-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - hun\setup.exe
PCI Audio Applications-->C:\Program Files\PCI Audio Applications\Bin\Uninstall.exe
PCI Audio Driver-->cmuninst.exe
PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}
PhotoJoy-->MsiExec.exe /X{15482D1C-117B-4201-8D39-985A91ED8433}
PhotoJoy-->Msiexec.exe /x{15482D1C-117B-4201-8D39-985A91ED8433} /qf /L*V "%temp%\PjUninstallLog.log"
PhotoScape-->"C:\Program Files\PhotoScape\uninstall.exe"
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
pluginCreativity textArt-->C:\PROGRA~1\PHOTOF~2\Plugins\textArt\UNWISE.EXE C:\PROGRA~1\PHOTOF~2\Plugins\textArt\textArt.log
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Simple Webpage Capture-->"C:\WINDOWS\Simple Webpage Capture\uninstall.exe" "/U:C:\Program Files\Simple Webpage Capture\Uninstall\uninstall.xml"
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Super Internet TV v8.0 (Free Edition)-->"C:\Program Files\Super Internet TV\unins000.exe"
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Szótár program eltávolítása-->"C:\Program Files\Jómagam\Szótár\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Vertus Fluid Mask 3 3.0.8-->"C:\Program Files\Vertus Fluid Mask 3\Uninstall.exe"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Internet Explorer 7 biztonsági frissítés - KB938127-v2-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Windows Internet Explorer 7 biztonsági frissítés - KB956390-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Windows Internet Explorer 7 biztonsági frissítés - KB958215-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Windows Internet Explorer 7 biztonsági frissítés - KB960714-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Windows Internet Explorer 7 biztonsági frissítés - KB961260-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Internet Explorer 8 biztonsági frissítés - KB969897-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Windows Internet Explorer 8 biztonsági frissítés - KB971961-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Windows Internet Explorer 8 biztonsági frissítés - KB972260-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Windows Internet Explorer 8 biztonsági frissítés - KB974455-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Windows Internet Explorer 8 frissítés - KB968220-->"C:\WINDOWS\ie8updates\KB968220-IE8\spuninst\spuninst.exe"
Windows Internet Explorer 8 frissítés - KB972636-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live bejelentkezési segéd-->MsiExec.exe /I{733EB793-0840-4D69-97AA-6934FC79DB16}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{6E07FF7A-878C-486C-BB85-516F61A8E2C7}
Windows Live feltöltőeszköz-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Messenger-->MsiExec.exe /X{D2C2B2A0-F37E-43CC-9E94-FC52F6D20C43}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11 Biztonsági frissítés (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Windows Media Player 11 Biztonsági frissítés (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Windows Media Player 11 Fontos frissítés (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Windows Media Player 11 Gyorsjavítás (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Biztonsági frissítés (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Windows Media Player Biztonsági frissítés (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Windows Media Player Biztonsági frissítés (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Windows Media Player Biztonsági frissítés (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB923561-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB923789-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Windows XP biztonsági frissítés - KB938464-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB938464-v2-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB946648-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB950762-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB950974-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB951066-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB951376-v2-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB951698-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB951748-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB952004-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB952954-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB954211-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB954459-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB954600-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB955069-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB956391-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB956572-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB956744-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB956802-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB956803-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB956841-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB956844-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB957097-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB958215-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB958644-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB958687-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB958690-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB958869-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB959426-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB960225-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB960714-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB960715-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB960803-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB960859-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB961371-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB961373-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB961501-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB968537-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB969059-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB969898-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB970238-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB971486-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB971557-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB971633-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB971657-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB973346-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB973354-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB973507-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB973525-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB973869-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB974112-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB974571-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB975025-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Windows XP biztonsági frissítés - KB975467-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Windows XP Biztonsági frissítés (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Windows XP frissítés - KB951978-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Windows XP frissítés - KB955839-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Windows XP frissítés - KB961503-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Windows XP frissítés - KB967715-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Windows XP frissítés - KB968389-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Windows XP frissítés - KB973815-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Windows XP gyorsjavítás - KB952287-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Windows XP gyorsjavítás - KB961118-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Windows XP gyorsjavítás - KB970653-v3-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Xero Pulsar 1.01-->"C:\Program Files\Adobe\Adobe Photoshop CS3\Plug-Ins\Xero Graphics\unins000.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
Zune Desktop Theme-->MsiExec.exe /X{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}

======Security center information======

AV: AVG Anti-Virus Free

======System event log======

Computer Name: OVODA-0E828F90E
Event Code: 7035
Message: A(z) WMI teljesítményadapter szolgáltatásnak sikeresen el lett küldve a(z) indítás vezérlő.

Record Number: 18656
Source Name: Service Control Manager
Time Written: 20091003083820.000000+120
Event Type: információ
User: NT AUTHORITY\SYSTEM

Computer Name: OVODA-0E828F90E
Event Code: 7036
Message: A(z) Számítógép-tallózó szolgáltatás állapota: "leállítva".

Record Number: 18655
Source Name: Service Control Manager
Time Written: 20091003083802.000000+120
Event Type: információ
User:

Computer Name: OVODA-0E828F90E
Event Code: 7036
Message: A(z) Távelérési csatlakozáskezelő szolgáltatás állapota: "fut".

Record Number: 18654
Source Name: Service Control Manager
Time Written: 20091003083800.000000+120
Event Type: információ
User:

Computer Name: OVODA-0E828F90E
Event Code: 7035
Message: A(z) Távelérési csatlakozáskezelő szolgáltatásnak sikeresen el lett küldve a(z) indítás vezérlő.

Record Number: 18653
Source Name: Service Control Manager
Time Written: 20091003083749.000000+120
Event Type: információ
User: NT AUTHORITY\SYSTEM

Computer Name: OVODA-0E828F90E
Event Code: 7036
Message: A(z) Tárcsázó szolgáltatás állapota: "fut".

Record Number: 18652
Source Name: Service Control Manager
Time Written: 20091003083749.000000+120
Event Type: információ
User:

=====Application event log=====

Computer Name: OVODA-0E828F90E
Event Code: 100
Message: SearchIndexer (2304) A(z) 5.01.2600.5512 adatbázismotor elindult.

Record Number: 9525
Source Name: ESENT
Time Written: 20090830112929.000000+120
Event Type: információ
User:

Computer Name: OVODA-0E828F90E
Event Code: 1800
Message: A Windows Biztonsági központ szolgáltatása elindult.

Record Number: 9524
Source Name: SecurityCenter
Time Written: 20090830112921.000000+120
Event Type: információ
User:

Computer Name: OVODA-0E828F90E
Event Code: 0
Message:
Record Number: 9523
Source Name: gupdate1c9de3a2d80f890
Time Written: 20090830112854.000000+120
Event Type: információ
User:

Computer Name: OVODA-0E828F90E
Event Code: 4
Message: The LightScribe Service started successfully.

Record Number: 9522
Source Name: LightScribeService
Time Written: 20090830112828.000000+120
Event Type: információ
User:

Computer Name: OVODA-0E828F90E
Event Code: 0
Message:
Record Number: 9521
Source Name: gupdate1c9de3a2d80f890
Time Written: 20090830112820.000000+120
Event Type: információ
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\Common Files\DivX Shared\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 1 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=0102
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

by **clarissa** » October 28th, 2009, 5:25 am

Rsit logfile:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Aradi Istvánné at 2009-10-28 10:20:10
Microsoft Windows XP Professional Szervizcsomag 3
System drive C: has 16 GB (42%) free of 38 GB
Total RAM: 767 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:20:33, on 2009.10.28.
Platform: Windows XP Szervizcsomag 3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\Mixer.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\PhotoJoy\bin\PjApp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Jómagam\Szótár\Szotar8.exe
C:\Documents and Settings\Aradi Istvánné\Asztal\RSIT.exe
C:\Program Files\trend micro\Aradi Istvánné.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://kapu.hu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live bejelentkezési segítség - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [PhotoJoy] C:\Program Files\PhotoJoy\bin\PhotoJoy.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HELYI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HÁLÓZATI SZOLGÁLTATÁS')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Az összes letöltése Free Download Managerrel - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Kijelölés letöltése Free Download Managerrel - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Letöltés Free Download Managerrel - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Video letöltése a Free Download Manager-rel - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.hu/s/v/50.14/uploader2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2385059187
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2460091857
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/1 ... oader4.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B2F2B81-9F58-4831-BFC1-6569EEBB4791}: NameServer = 212.40.96.171 212.40.96.170
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google frissítési szolgáltatás (gupdate1c9de3a2d80f890) (gupdate1c9de3a2d80f890) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\ARADII~1\LOCALS~1\Temp\hpdj.exe (file missing)
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

--
End of file - 10189 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-08-17 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live bejelentkezési segítség - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-12-26 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-12-26 86016]
"C-Media Mixer"=Mixer.exe /startup []
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-10-16 2025752]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2005-07-08 1397760]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [2002-12-17 49152]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe [2003-03-11 172032]
"DeviceDiscovery"=C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2002-12-02 40960]
"Share-to-Web Namespace Daemon"=C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-17 69632]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-10-11 1961984]
"PhotoJoy"=C:\Program Files\PhotoJoy\bin\PhotoJoy.exe [2009-04-26 918840]

C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-08-17 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskmgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Free Download Manager\fdm.exe"="C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager"
"C:\Letöltések\Need For Speed Underground\Speed.exe"="C:\Letöltések\Need For Speed Underground\Speed.exe:*:Enabled:Speed"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\aMSN\bin\wish.exe"="C:\Program Files\aMSN\bin\wish.exe:*:Enabled:Wish Application"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\PhotoJoy\Bin\PjImp.exe"="C:\Program Files\PhotoJoy\Bin\PjImp.exe:*:Disabled:PhotoJoy"
"C:\Program Files\PhotoJoy\Bin\PhotoJoy.exe"="C:\Program Files\PhotoJoy\Bin\PhotoJoy.exe:*:Enabled:PhotoJoy"
"C:\Program Files\PhotoJoy\Bin\PjApp.exe"="C:\Program Files\PhotoJoy\Bin\PjApp.exe:*:Enabled:PhotoJoy"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{319bedb4-2432-11de-9731-00119521b0dd}]
shell\AutoRun\command - F:\setup_vmc_lite.exe /checkApplicationPresence

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b42e453a-fab6-11dd-a364-00119521b0dd}]
shell\AutoRun\command - F:\setup_vmc_lite.exe /checkApplicationPresence

======List of files/folders created in the last 1 months======

2009-10-28 10:20:10 ----D---- C:\rsit
2009-10-27 22:53:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-26 21:37:57 ----D---- C:\Rooter$
2009-10-25 17:11:29 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2009-10-25 17:11:27 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2009-10-25 17:11:27 ----A---- C:\WINDOWS\system32\PCCLPFR.DLL
2009-10-25 17:11:26 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2009-10-25 17:11:25 ----D---- C:\Program Files\Free FLV Converter
2009-10-25 17:11:25 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\FreeFLVConverter
2009-10-25 17:11:25 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2009-10-24 21:32:09 ----D---- C:\Program Files\trend micro
2009-10-24 21:03:35 ----A---- C:\lopR.txt
2009-10-24 21:02:44 ----D---- C:\Lop SD
2009-10-23 21:54:58 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\Xilisoft
2009-10-23 09:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\VertusTech
2009-10-23 09:14:18 ----D---- C:\Program Files\Vertus Fluid Mask 3
2009-10-18 08:31:34 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\Malwarebytes
2009-10-18 08:31:25 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-18 08:25:21 ----D---- C:\WINDOWS\CSC
2009-10-18 08:25:06 ----A---- C:\WINDOWS\ntbtlog.txt
2009-10-15 20:03:33 ----D---- C:\aa4106262acf51524470c6
2009-10-15 20:01:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-15 20:01:07 ----A---- C:\WINDOWS\system32\MRT.INI
2009-10-15 19:55:05 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-15 19:54:08 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-15 19:54:00 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-15 19:53:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-15 19:53:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-15 19:49:21 ----SHD---- C:\Config.Msi
2009-10-15 19:48:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-15 19:48:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-15 19:46:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-15 15:15:57 ----A---- C:\WINDOWS\zykitumoc.vbs
2009-10-15 15:15:57 ----A---- C:\WINDOWS\qyvupefoqi.dll
2009-10-14 20:13:45 ----D---- C:\Documents and Settings\All Users\Application Data\PhotoJoy
2009-10-14 20:13:44 ----D---- C:\Program Files\PhotoJoy
2009-10-09 08:29:50 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\DeviceDoctorSoftware
2009-10-03 21:39:18 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-09-30 18:55:17 ----A---- C:\WINDOWS\3DShadow.INI
2009-09-30 18:48:04 ----N---- C:\WINDOWS\AWuninstall.exe

======List of files/folders modified in the last 1 months======

2009-10-28 09:54:12 ----D---- C:\WINDOWS\Prefetch
2009-10-28 07:36:23 ----D---- C:\WINDOWS\Temp
2009-10-28 07:21:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-27 23:05:35 ----D---- C:\WINDOWS\system32
2009-10-27 23:05:35 ----D---- C:\WINDOWS
2009-10-27 23:02:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-27 22:55:31 ----D---- C:\WINDOWS\system32\drivers
2009-10-27 22:53:59 ----RD---- C:\Program Files
2009-10-27 22:28:34 ----SHD---- C:\WINDOWS\Installer
2009-10-27 22:28:11 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-10-27 22:28:06 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-10-27 22:28:02 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-27 22:24:46 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\uTorrent
2009-10-27 21:56:16 ----D---- C:\Letöltések
2009-10-27 21:53:40 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-27 21:52:52 ----D---- C:\Program Files\Common Files\Adobe
2009-10-27 21:51:18 ----D---- C:\Program Files\Adobe
2009-10-27 21:41:58 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\Free Download Manager
2009-10-27 21:21:22 ----A---- C:\WINDOWS\NeroDigital.ini
2009-10-27 09:39:52 ----SD---- C:\WINDOWS\Tasks
2009-10-26 11:08:00 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\Macromedia
2009-10-26 11:07:56 ----D---- C:\WINDOWS\system32\Macromed
2009-10-25 22:47:18 ----A---- C:\WINDOWS\system32\prsgrc.dll
2009-10-24 09:50:46 ----D---- C:\WINDOWS\WinSxS
2009-10-23 17:22:06 ----D---- C:\Program Files\SystemRequirementsLab
2009-10-23 17:22:01 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-10-23 09:14:57 ----A---- C:\WINDOWS\system32\fbv48px.dll
2009-10-23 09:14:53 ----A---- C:\WINDOWS\system32\grcauth2.dll
2009-10-23 09:14:53 ----A---- C:\WINDOWS\system32\grcauth1.dll
2009-10-23 09:14:50 ----A---- C:\WINDOWS\system32\ssprs.dll
2009-10-23 09:14:50 ----A---- C:\WINDOWS\system32\clauth2.dll
2009-10-23 09:14:50 ----A---- C:\WINDOWS\system32\clauth1.dll
2009-10-19 19:15:27 ----HD---- C:\WINDOWS\inf
2009-10-19 18:58:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-19 00:18:30 ----D---- C:\Program Files\Common Files\InstallShield
2009-10-19 00:17:39 ----D---- C:\NVIDIA
2009-10-18 21:38:23 ----D---- C:\WINDOWS\system32\Restore
2009-10-18 12:37:02 ----HD---- C:\$AVG8.VAULT$
2009-10-17 20:39:10 ----D---- C:\Program Files\DivX
2009-10-17 20:38:38 ----D---- C:\Program Files\Common Files\DivX Shared
2009-10-17 15:22:16 ----D---- C:\WINDOWS\Help
2009-10-16 14:08:17 ----RSD---- C:\WINDOWS\assembly
2009-10-16 14:00:15 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-15 20:03:29 ----A---- C:\WINDOWS\imsins.BAK
2009-10-15 20:03:15 ----D---- C:\Program Files\Internet Explorer
2009-10-15 20:02:44 ----HD---- C:\WINDOWS\$hf_mig$
2009-10-15 19:27:49 ----SHD---- C:\System Volume Information
2009-10-15 14:42:10 ----D---- C:\WINDOWS\system32\CatRoot
2009-10-10 23:03:14 ----A---- C:\WINDOWS\nvrbm.ini
2009-10-10 10:21:32 ----D---- C:\Documents and Settings\Aradi Istvánné\Application Data\BSplayer
2009-10-05 19:36:06 ----D---- C:\Program Files\PhotoFiltre Studio X
2009-10-02 19:01:57 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2009-01-31 82380]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-17 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-17 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-05-07 108552]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2005-07-08 28672]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-11-18 377358]
R3 DFE528TX;D-Link DFE-528TX PCI Adapter; C:\WINDOWS\system32\DRIVERS\DLKRTL.SYS [2002-06-24 45568]
R3 HCF_MSFT;HCF_MSFT; C:\WINDOWS\system32\DRIVERS\HCF_MSFT.sys [2001-10-26 908256]
R3 HidUsb;Microsoft HID osztályú illesztőprogram; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Egér HID-illesztőprogram; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-12-26 6301344]
R3 usbhub;USB2-engedélyezett hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB univerzális állomásvezérlő miniport illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584]
S1 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys []
S3 ac97intc;Intel(r) 82801 hangillesztő telepítési szolgáltatása (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-10-10 101120]
S3 mbr;mbr; \??\C:\DOCUME~1\ARADII~1\LOCALS~1\Temp\mbr.sys []
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\1E.tmp []
S3 rtl8139;Realtek RTL8139(A/B/C) alapú PCI gyors Ethernet-adapter NT illesztőprogramja; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 usbccgp;Microsoft USB általános szülő-illesztőprogram; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER osztály; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-képolvasó illesztőprogramja; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB háttértár illesztőprogramja; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-08-17 908056]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-17 297752]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-08 871424]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-12-18 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-12-26 163908]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 gupdate1c9de3a2d80f890;Google frissítési szolgáltatás (gupdate1c9de3a2d80f890); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-26 133104]
S2 hpdj;hpdj; C:\DOCUME~1\ARADII~1\LOCALS~1\Temp\hpdj.exe -servicerunning=true -uninstall=hp deskjet 3600 series -product= []
S3 aspnet_state;ASP.NET-állapotszolgáltatás; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-25 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-03 182768]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;A Windows Media Player hálózatmegosztási szolgáltatása; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-10 919040]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp portmegosztási szolgáltatás; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Free Malware Removal Forum

Trojan Horse Agent2 VGC infection

Trojan Horse Agent2 VGC infection

Re: Trojan Horse Agent2 VGC infection

Re: Trojan Horse Agent2 VGC infection

Re: Trojan Horse Agent2 VGC infection

Re: Trojan Horse Agent2 VGC infection

Re: Trojan Horse Agent2 VGC infection

Re: Trojan Horse Agent2 VGC infection

Re: Trojan Horse Agent2 VGC infection

Re: Trojan Horse Agent2 VGC infection

Re: Trojan Horse Agent2 VGC infection

Re: Trojan Horse Agent2 VGC infection

Re: Trojan Horse Agent2 VGC infection

Re: Trojan Horse Agent2 VGC infection

Re: Trojan Horse Agent2 VGC infection

Re: Trojan Horse Agent2 VGC infection

Who is online