Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think im infected.What do i do?


  • This topic is locked This topic is locked
23 replies to this topic

#1 Ramon20000510

Ramon20000510

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 14 September 2013 - 11:08 AM

Please i need help my computer was infected but i cleaned it with Malwarebytes ,but i think it still infected what to do?(sorry for my bad english)



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 34,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:13 PM

Posted 14 September 2013 - 04:14 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

Click Go and post the result.

p22002970.gif Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

p22002970.gifDownload Malwarebytes Anti-Rootkit from HERE to your Desktop.
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt


p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#3 Ramon20000510

Ramon20000510
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 15 September 2013 - 02:15 AM

Security Check:
 Results of screen317's Security Check version 0.99.73  
 Windows 7  x86 (UAC is enabled)  
 Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 CCleaner     
 JavaFX 2.1.1    
 Java 7 Update 25  
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Flash Player     11.8.800.168  
 Mozilla Firefox (23.0.1)
 Google Chrome 29.0.1547.62  
 Google Chrome 29.0.1547.66  
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
 
FSS:
Farbar Service Scanner Version: 13-09-2013
Ran by Removed (administrator) on 15-09-2013 at 08:10:23
Running from "D:\"
Microsoft Windows 7 Home Premium   (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
MiniToolBox:
MiniToolBox by Farbar  Version: 13-07-2013
Ran by Removed (administrator) on 15-09-2013 at 08:12:30
Running from "D:\"
Microsoft Windows 7 Home Premium   (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 100 = Vezeték nélküli hálózati kapcsolat (Connected)
Microsoft Virtual WiFi Miniport Adapter = Vezeték nélküli hálózati kapcsolat 3 (Connected)
Hamachi Network Interface = Hamachi (Connected)
Microsoft Virtual WiFi Miniport Adapter = Vezeték nélküli hálózati kapcsolat 2 (Media disconnected)
Atheros AR8152/8158 PCI-E Fast Ethernet Controller = Helyi kapcsolat (Media disconnected)


# ----------------------------------
# IPv4-konfigur ci˘
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=5.0.0.1 publish=Igen
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=25.0.0.1 publish=Igen
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="Vezet‚k n‚lkli h l˘zati kapcsolat 3" address=192.168.16.2


popd
# IPv4-konfigur ci˘ v‚ge



Windows IP konfigur ci˘

   µllom sn‚v. . . . . . . . . . . . : Ram˘n
   Els‹dleges DNS-ut˘tag . . . . . . :
   Csom˘ponttˇpus. . . . . . . . . . : Hibrid
   IP-Łtv laszt s enged‚lyezve . . . : Nem
   WINS-proxy enged‚lyezve . . . . . : Nem

Ethernet-adapter Helyi kapcsolat:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller
   Fizikai cˇm . . . . . . . . . . . : E8-9A-8F-BA-C6-D1
   DHCP enged‚lyezve . . . . . . . . : Igen
   Automatikus konfigur ci˘ enged‚lyezve : Igen

Vezet‚k n‚lkli h l˘zati kapcsolat 3 vezet‚k n‚lkli h l˘zati adapter:

   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Fizikai cˇm . . . . . . . . . . . : 78-92-9C-4D-58-8F
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen
   Kapcsolati szintű IPv6-cˇm  . . . : [removed](Kˇv nt)
   IPv4-cˇm. . . . . . . . . . . . . : [removed](Kˇv nt)
   Alh l˘zati maszk. . . . . . . . . : 255.255.255.0
   Alap‚rtelmezett  tj r˘. . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 410555036
   DHCPv6-gyf‚l DUID azonosˇt˘ja . . . . . . . : 00-01-00-01-17-35-EE-B9-78-92-9C-4D-58-8E
   DNS-kiszolg l˘k . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS a TCP/IP felett . . . . . : Enged‚lyezve

Vezet‚k n‚lkli h l˘zati kapcsolat 2 vezet‚k n‚lkli h l˘zati adapter:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Fizikai cˇm . . . . . . . . . . . : 78-92-9C-4D-58-8F
   DHCP enged‚lyezve . . . . . . . . : Igen
   Automatikus konfigur ci˘ enged‚lyezve : Igen

Vezet‚k n‚lkli h l˘zati kapcsolat vezet‚k n‚lkli h l˘zati adapter:

   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Intel® Centrino® Wireless-N 100
   Fizikai cˇm . . . . . . . . . . . : 78-92-9C-4D-58-8E
   DHCP enged‚lyezve . . . . . . . . : Igen
   Automatikus konfigur ci˘ enged‚lyezve : Igen
   Kapcsolati szintű IPv6-cˇm  . . . : [Removed](Kˇv nt)
   IPv4-cˇm. . . . . . . . . . . . . : [Removed](Kˇv nt)
   Alh l˘zati maszk. . . . . . . . . : 255.255.255.0
   B‚rleti jog kezdete . . . . . . . : 2013. szeptember 15. 7:26:09
   B‚rleti jog v‚ge. . . . . . . . . : 2013. szeptember 15. 9:26:14
   Alap‚rtelmezett  tj r˘. . . . . . : 192.168.1.1
   DHCP-kiszolg l˘ . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 242782876
   DHCPv6-gyf‚l DUID azonosˇt˘ja . . . . . . . : 00-01-00-01-17-35-EE-B9-78-92-9C-4D-58-8E
   DNS-kiszolg l˘k . . . . . . . . . : 192.168.1.1
   NetBIOS a TCP/IP felett . . . . . : Enged‚lyezve

Ethernet-adapter Hamachi:

   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Hamachi Network Interface
   Fizikai cˇm . . . . . . . . . . . : 7A-79-19-8C-C3-96
   DHCP enged‚lyezve . . . . . . . . : Igen
   Automatikus konfigur ci˘ enged‚lyezve : Igen
   IPv6-cˇm. . . . . . . . . . . : [Removed](Kˇv nt)
   Kapcsolati szintű IPv6-cˇm  . . . : [Removed](Kˇv nt)
   IPv4-cˇm. . . . . . . . . . . . . : [Removed](Kˇv nt)
   Alh l˘zati maszk. . . . . . . . . : 255.0.0.0
   B‚rleti jog kezdete . . . . . . . : 2013. szeptember 15. 7:25:52
   B‚rleti jog v‚ge. . . . . . . . . : 2014. szeptember 15. 7:28:05
   Alap‚rtelmezett  tj r˘. . . . . . : 2620:9b::1900:1
                                       25.0.0.1
   DHCP-kiszolg l˘ . . . . . . . . . : 25.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 612006186
   DHCPv6-gyf‚l DUID azonosˇt˘ja . . . . . . . : 00-01-00-01-17-35-EE-B9-78-92-9C-4D-58-8E
   DNS-kiszolg l˘k . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS a TCP/IP felett . . . . . : Enged‚lyezve

AlagŁtadapter isatap.{EF91BB21-D96A-4CCE-8126-39F404B7A4CE}:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft ISATAP adapter
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter Reusable Microsoft 6To4 Adapter:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft 6to4 adapter #2
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter Helyi kapcsolat* 9:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft 6to4 adapter #3
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter Teredo Tunneling Pseudo-Interface:

   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen
   IPv6-cˇm. . . . . . . . . . . : [Removed](Kˇv nt)
   Kapcsolati szintű IPv6-cˇm  . . . :[Removed](Kˇv nt)
   Alap‚rtelmezett  tj r˘. . . . . . :
   NetBIOS a TCP/IP felett . . . . . : Letiltva

AlagŁtadapter Helyi kapcsolat* 11:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft 6to4 adapter #4
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter 6TO4 Adapter:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft 6to4 adapter
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter Helyi kapcsolat* 12:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft 6to4 adapter #5
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter Helyi kapcsolat* 13:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft 6to4 adapter #6
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter Helyi kapcsolat* 14:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft 6to4 adapter #9
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter Helyi kapcsolat* 21:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft 6to4 adapter #13
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter Helyi kapcsolat* 17:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft 6to4 adapter #10
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter Helyi kapcsolat* 15:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft 6to4 adapter #7
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter Helyi kapcsolat* 16:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft 6to4 adapter #8
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter Helyi kapcsolat* 18:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft 6to4 adapter #11
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter Helyi kapcsolat* 20:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft 6to4 adapter #12
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter isatap.{CE3A51E8-C280-4C9F-9F16-B0A9204AEF2D}:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft ISATAP adapter #4
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter Helyi kapcsolat* 22:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft 6to4 adapter #14
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter isatap.{465D3476-8C7B-4F4E-9488-4B515C552340}:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft ISATAP adapter #2
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter Helyi kapcsolat* 23:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft 6to4 adapter #15
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter Helyi kapcsolat* 24:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft 6to4 adapter #16
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter isatap.{0B9D0FFE-3919-4D35-8BA3-96F3BB5EB040}:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft ISATAP adapter #6
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter Helyi kapcsolat* 26:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Microsoft ISATAP adapter #7
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen
Kiszolgáló:  UnKnown
Address:  192.168.1.1

Név:     google.com
Addresses:  2a00:1450:400d:803::1007
      173.194.39.102
      173.194.39.97
      173.194.39.104
      173.194.39.99
      173.194.39.110
      173.194.39.103
      173.194.39.101
      173.194.39.96
      173.194.39.100
      173.194.39.105
      173.194.39.98


google.com [173.194.39.134] pingel‚se - 32 b jtnyi adattal:
V lasz 173.194.39.134: b jt=32 id‹=22 ms TTL=56
V lasz 173.194.39.134: b jt=32 id‹=22 ms TTL=56

173.194.39.134 ping-statisztik ja:
    Csomagok: kld”tt = 2, fogadott = 2, elveszett = 0
                        (0% vesztes‚g),
Oda-vissza Łt ideje k”zelˇt‹legesen, milliszekundumban:
    minimum = 22ms, maximum = 22ms,  tlag = 22ms
Kiszolgáló:  UnKnown
Address:  192.168.1.1

Név:     yahoo.com
Addresses:  98.138.253.109
      206.190.36.45
      98.139.183.24


yahoo.com [98.139.183.24] pingel‚se - 32 b jtnyi adattal:
V lasz 98.139.183.24: b jt=32 id‹=156 ms TTL=51
V lasz 98.139.183.24: b jt=32 id‹=215 ms TTL=51

98.139.183.24 ping-statisztik ja:
    Csomagok: kld”tt = 2, fogadott = 2, elveszett = 0
                        (0% vesztes‚g),
Oda-vissza Łt ideje k”zelˇt‹legesen, milliszekundumban:
    minimum = 156ms, maximum = 215ms,  tlag = 185ms

127.0.0.1 pingel‚se - 32 b jtnyi adattal:
V lasz 127.0.0.1: b jt=32 id‹<10 ezredmp. TTL=128
V lasz 127.0.0.1: b jt=32 id‹<10 ezredmp. TTL=128

127.0.0.1 ping-statisztik ja:
    Csomagok: kld”tt = 2, fogadott = 2, elveszett = 0
                        (0% vesztes‚g),
Oda-vissza Łt ideje k”zelˇt‹legesen, milliszekundumban:
    minimum = 0ms, maximum = 0ms,  tlag = 0ms
===========================================================================
Kapcsolatlista
 29...e8 9a 8f ba c6 d1 ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller
 13...78 92 9c 4d 58 8f ......Microsoft Virtual WiFi Miniport Adapter #2
 12...78 92 9c 4d 58 8f ......Microsoft Virtual WiFi Miniport Adapter
 11...78 92 9c 4d 58 8e ......Intel® Centrino® Wireless-N 100
 36...7a 79 19 8c c3 96 ......Hamachi Network Interface
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP adapter
 17...00 00 00 00 00 00 00 e0 Microsoft 6to4 adapter #2
 18...00 00 00 00 00 00 00 e0 Microsoft 6to4 adapter #3
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 19...00 00 00 00 00 00 00 e0 Microsoft 6to4 adapter #4
 16...00 00 00 00 00 00 00 e0 Microsoft 6to4 adapter
 20...00 00 00 00 00 00 00 e0 Microsoft 6to4 adapter #5
 21...00 00 00 00 00 00 00 e0 Microsoft 6to4 adapter #6
 24...00 00 00 00 00 00 00 e0 Microsoft 6to4 adapter #9
 31...00 00 00 00 00 00 00 e0 Microsoft 6to4 adapter #13
 25...00 00 00 00 00 00 00 e0 Microsoft 6to4 adapter #10
 22...00 00 00 00 00 00 00 e0 Microsoft 6to4 adapter #7
 23...00 00 00 00 00 00 00 e0 Microsoft 6to4 adapter #8
 26...00 00 00 00 00 00 00 e0 Microsoft 6to4 adapter #11
 30...00 00 00 00 00 00 00 e0 Microsoft 6to4 adapter #12
 28...00 00 00 00 00 00 00 e0 Microsoft ISATAP adapter #4
 32...00 00 00 00 00 00 00 e0 Microsoft 6to4 adapter #14
 38...00 00 00 00 00 00 00 e0 Microsoft ISATAP adapter #2
 33...00 00 00 00 00 00 00 e0 Microsoft 6to4 adapter #15
 34...00 00 00 00 00 00 00 e0 Microsoft 6to4 adapter #16
 40...00 00 00 00 00 00 00 e0 Microsoft ISATAP adapter #6
 41...00 00 00 00 00 00 00 e0 Microsoft ISATAP adapter #7
===========================================================================

IPv4 Łtvonalt bla
===========================================================================
Aktˇv Łtvonalak:
H l˘zati c‚l               H l˘zati maszk   µtj r˘        Kapcsolat  Metrika
          0.0.0.0          0.0.0.0         25.0.0.1   25.140.195.150   9256
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.100     25
         25.0.0.0        255.0.0.0   Kapcsolaton belli    25.140.195.150   9256
   25.140.195.150  255.255.255.255   Kapcsolaton belli    25.140.195.150   9256
   25.255.255.255  255.255.255.255   Kapcsolaton belli    25.140.195.150   9256
        127.0.0.0        255.0.0.0   Kapcsolaton belli         127.0.0.1    306
        127.0.0.1  255.255.255.255   Kapcsolaton belli         127.0.0.1    306
  127.255.255.255  255.255.255.255   Kapcsolaton belli         127.0.0.1    306
      192.168.1.0    255.255.255.0   Kapcsolaton belli     192.168.1.100    281
    192.168.1.100  255.255.255.255   Kapcsolaton belli     192.168.1.100    281
    192.168.1.255  255.255.255.255   Kapcsolaton belli     192.168.1.100    281
     192.168.16.0    255.255.255.0   Kapcsolaton belli      192.168.16.2    281
     192.168.16.2  255.255.255.255   Kapcsolaton belli      192.168.16.2    281
   192.168.16.255  255.255.255.255   Kapcsolaton belli      192.168.16.2    281
        224.0.0.0        240.0.0.0   Kapcsolaton belli         127.0.0.1    306
        224.0.0.0        240.0.0.0   Kapcsolaton belli    25.140.195.150   9256
        224.0.0.0        240.0.0.0   Kapcsolaton belli     192.168.1.100    281
        224.0.0.0        240.0.0.0   Kapcsolaton belli      192.168.16.2    281
  255.255.255.255  255.255.255.255   Kapcsolaton belli         127.0.0.1    306
  255.255.255.255  255.255.255.255   Kapcsolaton belli    25.140.195.150   9256
  255.255.255.255  255.255.255.255   Kapcsolaton belli     192.168.1.100    281
  255.255.255.255  255.255.255.255   Kapcsolaton belli      192.168.16.2    281
===========================================================================
µlland˘ Łtvonalak:
     H l˘zati cˇm   H l˘zati maszk      µtj r˘ cˇme  Metrika
          0.0.0.0          0.0.0.0          5.0.0.1  Alap‚rtelmezett
          0.0.0.0          0.0.0.0         25.0.0.1  Alap‚rtelmezett
===========================================================================

IPv6 Łtvonalt bla
===========================================================================
Aktˇv Łtvonalak:
 Kapcs. Metrika H l˘zati c‚l      µtj r˘
 36   9020 ::/0                     2620:9b::1900:1
  1    306 ::1/128                  Kapcsolaton belli
 14     58 2001::/32                Kapcsolaton belli
 14    306 2001:0:5ef5:79fd:8fe:2c83:3f57:fe9b/128
                                    Kapcsolaton belli
 36    276 2620:9b::/96             Kapcsolaton belli
 36    276 2620:9b::198c:c396/128   Kapcsolaton belli
 36    276 fe80::/64                Kapcsolaton belli
 11    281 fe80::/64                Kapcsolaton belli
 13    281 fe80::/64                Kapcsolaton belli
 14    306 fe80::/64                Kapcsolaton belli
 14    306 fe80::8fe:2c83:3f57:fe9b/128
                                    Kapcsolaton belli
 11    281 fe80::1534:88e9:8d85:baef/128
                                    Kapcsolaton belli
 13    281 fe80::c019:128:36df:a7bb/128
                                    Kapcsolaton belli
 36    276 fe80::c048:8bfb:f45:7324/128
                                    Kapcsolaton belli
  1    306 ff00::/8                 Kapcsolaton belli
 14    306 ff00::/8                 Kapcsolaton belli
 36    276 ff00::/8                 Kapcsolaton belli
 11    281 ff00::/8                 Kapcsolaton belli
 13    281 ff00::/8                 Kapcsolaton belli
===========================================================================
µlland˘ Łtvonalak:
 Kapcs. Metrika H l˘zati c‚l      µtj r˘
  0 4294967295 2620:9b::/96             Kapcsolaton belli
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 47 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 48 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 49 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 50 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 51 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 52 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 53 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 54 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 55 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 56 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 57 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 58 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 59 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 60 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 61 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 62 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 63 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 64 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 65 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 66 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 67 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 68 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 69 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 70 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 71 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 72 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 73 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 74 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 75 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 76 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 77 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 78 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 79 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 80 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/15/2013 07:25:52 AM) (Source: Winlogon) (User: )
Description: Nem sikerült aktiválni a Windows-licencét. Hiba: 0x80070005.

Error: (09/14/2013 00:22:30 PM) (Source: Winlogon) (User: )
Description: Nem sikerült aktiválni a Windows-licencét. Hiba: 0x80070005.

Error: (09/14/2013 00:17:34 PM) (Source: Winlogon) (User: )
Description: Nem sikerült aktiválni a Windows-licencét. Hiba: 0x80070005.

Error: (09/14/2013 00:12:50 PM) (Source: Winlogon) (User: )
Description: Nem sikerült aktiválni a Windows-licencét. Hiba: 0x80070005.

Error: (09/14/2013 11:06:00 AM) (Source: Application Hang) (User: )
Description: A(z) Sims2EP7.exe program (verzió: 1.13.0.135) kommunikációja a Windows rendszerrel megszakadt, ezért a program leállt. A hibával kapcsolatos további információkért ellenőrizze a probléma előzményeit a Műveletközpont vezérlőpulton.

Folyamatazonosító: 8b0

Kezdés: 01ceb1292d6a8a6c

Befejezés: 322

Alkalmazás elérési útja: D:\Sims2Expansions\freetime\TSBin\Sims2EP7.exe

Jelentés azonosítója:

Error: (09/14/2013 10:41:02 AM) (Source: Winlogon) (User: )
Description: Nem sikerült aktiválni a Windows-licencét. Hiba: 0x80070005.

Error: (09/14/2013 09:59:16 AM) (Source: Winlogon) (User: )
Description: Nem sikerült aktiválni a Windows-licencét. Hiba: 0x80070005.

Error: (09/14/2013 07:43:56 AM) (Source: Winlogon) (User: )
Description: Nem sikerült aktiválni a Windows-licencét. Hiba: 0x80070005.

Error: (09/14/2013 07:36:29 AM) (Source: Winlogon) (User: )
Description: Nem sikerült aktiválni a Windows-licencét. Hiba: 0x80070005.

Error: (09/14/2013 07:23:23 AM) (Source: Winlogon) (User: )
Description: Nem sikerült aktiválni a Windows-licencét. Hiba: 0x80070005.


System errors:
=============
Error: (09/15/2013 07:29:06 AM) (Source: DCOM) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (09/15/2013 07:27:02 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (09/15/2013 07:26:10 AM) (Source: Service Control Manager) (User: )
Description: A következő boot- vagy rendszerindító illesztőprogram(ok) nem indult(ak) el:
ofvpmj
pvkvlw
raeehd
uotote
vxoqkw
zlnimc

Error: (09/14/2013 00:22:47 PM) (Source: Service Control Manager) (User: )
Description: A következő boot- vagy rendszerindító illesztőprogram(ok) nem indult(ak) el:
ofvpmj
pvkvlw
raeehd
uotote
vxoqkw
zlnimc

Error: (09/14/2013 00:22:29 PM) (Source: BugCheck) (User: )
Description: 0x0000008e (0xc0000005, 0x93e2a5fa, 0xbae03668, 0x00000000)C:\Windows\MEMORY.DMP091413-17924-01

Error: (09/14/2013 00:22:23 PM) (Source: EventLog) (User: )
Description: Az előző rendszerleállítás (?2013.?09.?14. - 12:21:16) váratlan volt.

Error: (09/14/2013 00:17:51 PM) (Source: Service Control Manager) (User: )
Description: A következő boot- vagy rendszerindító illesztőprogram(ok) nem indult(ak) el:
ofvpmj
pvkvlw
raeehd
uotote
vxoqkw
zlnimc

Error: (09/14/2013 00:17:32 PM) (Source: BugCheck) (User: )
Description: 0x0000008e (0xc0000005, 0x9343d5fa, 0x91df0668, 0x00000000)C:\Windows\MEMORY.DMP091413-18361-01

Error: (09/14/2013 00:12:59 PM) (Source: Service Control Manager) (User: )
Description: A következő boot- vagy rendszerindító illesztőprogram(ok) nem indult(ak) el:
ofvpmj
pvkvlw
raeehd
uotote
vxoqkw
zlnimc

Error: (09/14/2013 11:49:45 AM) (Source: DCOM) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}


Microsoft Office Sessions:
=========================
Error: (09/15/2013 07:25:52 AM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000

Error: (09/14/2013 00:22:30 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000

Error: (09/14/2013 00:17:34 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000

Error: (09/14/2013 00:12:50 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000

Error: (09/14/2013 11:06:00 AM) (Source: Application Hang)(User: )
Description: Sims2EP7.exe1.13.0.1358b001ceb1292d6a8a6c322D:\Sims2Expansions\freetime\TSBin\Sims2EP7.exe

Error: (09/14/2013 10:41:02 AM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000

Error: (09/14/2013 09:59:16 AM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000

Error: (09/14/2013 07:43:56 AM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000

Error: (09/14/2013 07:36:29 AM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000

Error: (09/14/2013 07:23:23 AM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000


=========================== Installed Programs ============================

µTorrent (Version: 3.3.0.29625)
7-Zip 9.20 (Version: 9.20.00.0)
Adobe AIR (Version: 3.8.0.1280)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
Adobe Shockwave Player 12.0 (Version: 12.0.3.133)
Advertising Center (Version: 0.0.0.1)
avast! Free Antivirus (Version: 8.0.1497.0)
Bandisoft MPEG-1 Decoder
Bully Scholarship Edition (Version: 1.00.0154)
Castrol Honda Superbikes 2000
CCleaner (Version: 4.05)
DAEMON Tools Lite (Version: 4.45.1.0236)
Dragon Age II (Version: 1.00)
EAX4 Unified Redist (Version: 4.001)
ESET Online Scanner v3
FormatFactory 2.80 (Version: 2.80)
GameRanger
Garrys Mod Final [DiGiTALZONE] 2010 Edition
Garrys Mod Update #1
GeekBuddy (Version: 4.8.66)
Google Chrome (Version: 29.0.1547.66)
Grand Theft Auto
Grand Theft Auto IV (Version: 1.0.0013.131)
Grand Theft Auto: San Andreas hun [Honosítás] (Version: 1.04F)
GTA San Andreas (Version: 1.00.00001)
HitmanPro 3.7 (Version: 3.7.7.205)
Hogs Of War (Version: 1.0)
Intel PROSet Wireless
Intel® Processor Graphics (Version: 8.15.10.2342)
Intel® PROSet/Wireless WiFi szoftver (Version: 14.0.2000)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
JavaFX 2.1.1 (Version: 2.1.1)
K-Lite Codec Pack 8.1.0 (Full) (Version: 8.1.0)
League of Legends (Version: 1.3)
LEGO Racers
LogMeIn Hamachi (Version: 2.1.0.374)
Malwarebytes Anti-Malware 1.75.0.1300 verzió (Version: 1.75.0.1300)
MapleStory
Mat Hoffman's Pro BMX
Medal of Honor Allied Assault
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Minecraft Cracked
Minecraft1.6.2
Mount&Blade Warband
Mozilla Firefox 23.0.1 (x86 hu) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT Redists (Version: 1.0)
MTA:SA v1.3.3 (Version: v1.3.3)
MySims™ (Version: 1.00.0000)
Need For Speed: Underground 2 [Honosítás] (Version: 1.1)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.12.100)
Nero StartSmart OEM (Version: 9.4.10.100)
neroxml (Version: 1.0.0)
Nexon Game Manager
Nokia Connectivity Cable Driver (Version: 7.1.69.0)
NVIDIA PhysX (Version: 9.10.0129)
Oblivion (Version: 1.00.0000)
OpenAL
OpenMG Limited Patch 4.4-06-13-19-01
OpenMG Secure Module 4.4.00 (Version: 4.4.00.11241)
PakkISO 0.4 (Version: PakkISO 0.4 by zorted, installer by BitLooter)
Pando Media Booster (Version: 2.6.0.8)
PC Connectivity Solution (Version: 11.5.29.0)
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
Pokemon Showdown
Rayman Raving Rabbids 2  (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5964)
RGSS-RTP Standard (Version: 1.0.0)
RPG Maker 2000 1.05
RPG MAKER VX Ace RTP (Version: 1.00)
RTP 1.32 Add-On for RM2k
Sandboxie 4.04 (32-bit) (Version: 4.04)
Security Task Manager 1.8g (Version: 1.8g)
Skype Click to Call (Version: 6.3.11079)
Skype™ 6.3 (Version: 6.3.107)
SONIC ADVENTURE DX-Director's Cut
SONIC MEGA COLLECTION PLUS (Version: 1.00.0000)
SonicStage 3.4 (Version: 3.4)
StepMania v5.0 beta 2a (remove only) (Version: )
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.3.13.0)
TeamSpeak 3 Client (Version: 3.0.10)
The Sims 2
The Sims 2 University
The Sims Medieval (Version: 1.0.0)
The Sims™ 2 FreeTime
The Sims™ 2 Seasons
Total Commander (Remove or Repair) (Version: 7.55a)
Unity Web Player (Version: )
Vegas Pro 11.0 (Version: 11.0.682)
Visor
Vizzed Retro Game Room (Version: 2.0.0)
Windows 7 USB/DVD Download Tool (Version: 1.0.30)
Windows illesztőprogram-csomag - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
WinRAR 5.00 beta 8 (32-bit) (Version: 5.00.8)
WinSetupFromUSB
World of Tanks

========================= Devices: ================================

Name: WebCam
Description: USB videóeszköz
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 2669.86 MB
Available physical RAM: 1502.56 MB
Total Pagefile: 5338 MB
Available Pagefile: 3932.4 MB
Total Virtual: 2047.88 MB
Available Virtual: 1935.96 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:63.7 GB) (Free:27.83 GB) NTFS
2 Drive d: () (Fixed) (Total:234.38 GB) (Free:153.43 GB) NTFS

========================= Users: ========================================

\\RAMŕN felhaszn l˘i fi˘kjai

ASPNET                   Removed                  Rendszergazda            
Vend‚g                   
A parancs sikeresen v‚grehajtva.


**** End of log ****
Malwarebytes Anti-Malware (sorry but this hungarian):
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Adatbázis verzió: v2013.09.14.11

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Removed:: Removed [rendszergazda]

2013.09.15. 8:14:56
mbam-log-2013-09-15 (08-14-56).txt

Vizsgálat típusa: Gyorsvizsgálat
Engedélyezett vizsgálati beállítások: Memória | Indítópult | Rendszerleíró | Rendszerfájlok | Heurisztikus/Extra | Heurisztikus/Shuriken | PUP | PUM
Letiltott vizsgálati beállítások: P2P
Átvizsgált objektumok: 214200
Eltelt idő: 10 perc, 20 másodperc

Fertőzött memóriafolyamatok: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött memória modulok: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró kulcsok: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró értékek: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró adatelemek: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött mappák: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött fájlok: 0
(Nem találhatók rosszindulatú elemek)

(befejezés)
Malwarebytes Anti-Rootkit:
Malwarebytes Anti-Rootkit BETA 1.07.0.1005
www.malwarebytes.org

Database version: v2013.09.14.11

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Removed :: Removed [administrator]

2013.09.15. 8:28:13
mbar-log-2013-09-15 (08-28-13).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 220454
Time elapsed: 33 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 
system-log:
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1005

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7600 Windows 7 x86

Account is Administrative

Internet Explorer version: 8.0.7600.16385

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.496000 GHz
Memory total: 2799550464, free: 1313898496

Downloaded database version: v2013.09.05.07
Downloaded database version: v2013.08.06.01
=======================================
Initializing...
------------ Kernel report ------------
     09/05/2013 20:07:57
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\ACPI.sys
\SystemRoot\system32\DRIVERS\WMILIB.SYS
\SystemRoot\system32\DRIVERS\msisadrv.sys
\SystemRoot\system32\DRIVERS\pci.sys
\SystemRoot\system32\DRIVERS\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\DRIVERS\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\DRIVERS\atapi.sys
\SystemRoot\system32\DRIVERS\ataport.SYS
\SystemRoot\system32\DRIVERS\msahci.sys
\SystemRoot\system32\DRIVERS\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\system32\DRIVERS\CFRMD.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\aswrdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\hssdrv6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECI.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C60x86.sys
\SystemRoot\system32\DRIVERS\NETwNs32.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\hamachi.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\drivers\WudfPf.sys
\??\C:\Program Files\Sandboxie\SbieDrv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\shell32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\urlmon.dll
\Windows\System32\ws2_32.dll
\Windows\System32\kernel32.dll
\Windows\System32\usp10.dll
\Windows\System32\oleaut32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\gdi32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\imm32.dll
\Windows\System32\msctf.dll
\Windows\System32\iertutil.dll
\Windows\System32\normaliz.dll
\Windows\System32\wininet.dll
\Windows\System32\Wldap32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\ole32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\difxapi.dll
\Windows\System32\setupapi.dll
\Windows\System32\sechost.dll
\Windows\System32\advapi32.dll
\Windows\System32\nsi.dll
\Windows\System32\psapi.dll
\Windows\System32\lpk.dll
\Windows\System32\msvcrt.dll
\Windows\System32\user32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\wintrust.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff888bba00
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff866b0028
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff888bba00, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff888bb6e8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff888bba00, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff866b0028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 5F088D0D

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 133596477
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 133596540  Numsec = 491524740

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 320072933376 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-625122448-625142448)...
Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_63_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1005

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7600 Windows 7 x86

Account is Administrative

Internet Explorer version: 8.0.7600.16385

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.496000 GHz
Memory total: 2799550464, free: 1136611328

=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1005

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7600 Windows 7 x86

Account is Administrative

Internet Explorer version: 8.0.7600.16385

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.496000 GHz
Memory total: 2799550464, free: 1129472000

Downloaded database version: v2013.09.11.05
=======================================
Initializing...
------------ Kernel report ------------
     09/11/2013 17:15:16
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\ACPI.sys
\SystemRoot\system32\DRIVERS\WMILIB.SYS
\SystemRoot\system32\DRIVERS\msisadrv.sys
\SystemRoot\system32\DRIVERS\pci.sys
\SystemRoot\system32\DRIVERS\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\DRIVERS\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\DRIVERS\atapi.sys
\SystemRoot\system32\DRIVERS\ataport.SYS
\SystemRoot\system32\DRIVERS\msahci.sys
\SystemRoot\system32\DRIVERS\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\system32\DRIVERS\CFRMD.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\aswrdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\hssdrv6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECI.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C60x86.sys
\SystemRoot\system32\DRIVERS\NETwNs32.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\hamachi.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\drivers\WudfPf.sys
\??\C:\Program Files\Sandboxie\SbieDrv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\??\C:\Users\Removed\AppData\Local\Temp\aswMBR.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\ole32.dll
\Windows\System32\lpk.dll
\Windows\System32\msctf.dll
\Windows\System32\clbcatq.dll
\Windows\System32\advapi32.dll
\Windows\System32\urlmon.dll
\Windows\System32\comdlg32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\normaliz.dll
\Windows\System32\usp10.dll
\Windows\System32\Wldap32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\setupapi.dll
\Windows\System32\user32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\wininet.dll
\Windows\System32\nsi.dll
\Windows\System32\gdi32.dll
\Windows\System32\sechost.dll
\Windows\System32\difxapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\imm32.dll
\Windows\System32\iertutil.dll
\Windows\System32\shell32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\psapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\kernel32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\comctl32.dll
\Windows\System32\devobj.dll
\Windows\System32\crypt32.dll
\Windows\System32\wintrust.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff888bba70
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff86616028
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff888bba70, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff888bb758, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff888bba70, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86616028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 5F088D0D

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 133596477
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 133596540  Numsec = 491524740

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 320072933376 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-625122448-625142448)...
Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_63_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1005

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7600 Windows 7 x86

Account is Administrative

Internet Explorer version: 8.0.7600.16385

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.496000 GHz
Memory total: 2799550464, free: 1297256448

Downloaded database version: v2013.09.14.11
Downloaded database version: v2013.08.06.01
Initializing...
======================
------------ Kernel report ------------
     09/15/2013 08:28:07
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\ACPI.sys
\SystemRoot\system32\DRIVERS\WMILIB.SYS
\SystemRoot\system32\DRIVERS\msisadrv.sys
\SystemRoot\system32\DRIVERS\pci.sys
\SystemRoot\system32\DRIVERS\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\DRIVERS\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\DRIVERS\atapi.sys
\SystemRoot\system32\DRIVERS\ataport.SYS
\SystemRoot\system32\DRIVERS\msahci.sys
\SystemRoot\system32\DRIVERS\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\system32\DRIVERS\CFRMD.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\aswrdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\hssdrv6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECI.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C60x86.sys
\SystemRoot\system32\DRIVERS\NETwNs32.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\hamachi.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\drivers\WudfPf.sys
\??\C:\Program Files\Sandboxie\SbieDrv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\lpk.dll
\Windows\System32\nsi.dll
\Windows\System32\clbcatq.dll
\Windows\System32\msctf.dll
\Windows\System32\msvcrt.dll
\Windows\System32\gdi32.dll
\Windows\System32\difxapi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\setupapi.dll
\Windows\System32\imm32.dll
\Windows\System32\urlmon.dll
\Windows\System32\usp10.dll
\Windows\System32\psapi.dll
\Windows\System32\iertutil.dll
\Windows\System32\shell32.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff888bc7c8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff86616028
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff888bc7c8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff888bc408, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff888bc7c8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86616028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 5F088D0D

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 133596477
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 133596540  Numsec = 491524740

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 320072933376 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-625122448-625142448)...
Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_63_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished
 
Rkill:
Rkill 2.6.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/15/2013 09:05:50 AM in x86 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * C:\Windows\System32\user32.dll : 811 520 : 05/04/2012 09:56 PM : 7bd7f45ff37fa0669cd32ca0ef46e22c [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll : 811 520 : 07/14/2009 03:16 AM : 34b7e222e81fafa885f0c5f2cfa56861 [Pos Repl]

Checking HOSTS File:

 * No issues found.

Program finished at: 09/15/2013 09:06:54 AM
Execution time: 0 hours(s), 1 minute(s), and 4 seconds(s)


Edited by Orange Blossom, 22 September 2013 - 02:50 PM.
Removed personal info. ~ OB


#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 34,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:13 PM

Posted 15 September 2013 - 10:38 AM

Looks clean so far.

 

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


=============================================================================

p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


=======================================

p22002970.gif Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#5 Ramon20000510

Ramon20000510
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 16 September 2013 - 12:35 PM

AdwCleaner:

d# AdwCleaner v3.004 - Report created 16/09/2013 at 19:18:20
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Home Premium  (32 bits)
# Username : Removed - Removed
# Running from : D:\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16968


-\\ Mozilla Firefox v23.0.1 (hu)

[ File : C:\Users\Removed\AppData\Roaming\Mozilla\Firefox\Profiles\30r5hucx.default\prefs.js ]


[ File : C:\Users\Removed\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Removed\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1163 octets] - [21/08/2013 16:52:59]
AdwCleaner[R1].txt - [1223 octets] - [21/08/2013 22:28:12]
AdwCleaner[R2].txt - [1135 octets] - [28/08/2013 14:16:32]
AdwCleaner[R3].txt - [1245 octets] - [31/08/2013 12:26:32]
AdwCleaner[R4].txt - [1306 octets] - [11/09/2013 16:54:54]
AdwCleaner[R5].txt - [1366 octets] - [16/09/2013 19:17:32]
AdwCleaner[S0].txt - [1292 octets] - [21/08/2013 22:29:57]
AdwCleaner[S1].txt - [1201 octets] - [28/08/2013 14:17:27]
AdwCleaner[S2].txt - [1287 octets] - [16/09/2013 19:18:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1347 octets] ##########

Junk Removal Tool:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Windows 7 Home Premium x86
Ran by Removed on 2013.09.16. at 19:25:40,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Removed\AppData\Roaming\mozilla\firefox\profiles\30r5hucx.default\minidumps [63 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2013.09.16. at 19:29:02,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

ESET don't find anything.


Edited by Orange Blossom, 20 September 2013 - 01:00 PM.
Removed personal information. ~ OB


#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 34,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:13 PM

Posted 16 September 2013 - 06:27 PM

How is computer doing?

 

1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.

Note 3: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it.

  • Run JavaRa.exe (Vista and 7 users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Do NOT post JavaRa log.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#7 Ramon20000510

Ramon20000510
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 17 September 2013 - 09:44 AM

Its fine.

I updated Java (no toolbars installed) ,but the Java Quick Starter is grayed out.



#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 34,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:13 PM

Posted 17 September 2013 - 01:41 PM

Leave it alone.

 

Your computer is clean p3879546.jpg

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll remove all old restore points and create fresh, clean restore point.

Turn system restore off.
Restart computer.
Turn system restore back on.

If you don't know how to do it...
Windows XP: http://support.microsoft.com/kb/310405
Vista and Windows 7: http://www.howtogeek.com/howto/windows-vista/disable-system-restore-in-windows-vista/
Windows 8: http://www.bleepingcomputer.com/tutorials/windows-8-system-restore-guide/#disable

2. Make sure Windows Updates are current.

3. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

12. Except for MBAM and TFC, which are keepers you can simply delete all other tools we used as they don't install.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#9 Ramon20000510

Ramon20000510
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 17 September 2013 - 02:22 PM

Thanks for help!



#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 34,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:13 PM

Posted 17 September 2013 - 04:23 PM

You're very welcome p22002759.gif


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#11 Ramon20000510

Ramon20000510
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 19 September 2013 - 11:52 AM

I am a little nervous because in the log my computer name and ipv4 is displayed.



#12 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 33,306 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:02:13 AM

Posted 19 September 2013 - 03:21 PM

I have edited out the ipv4 number. If you'll send me a PM with the computer name, I'll edit that out as well.

Orange Blossom :cherry:

Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SuperAntiSpyware, SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript


#13 Ramon20000510

Ramon20000510
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 10 October 2013 - 01:14 PM

Hello i have a problem today HitmanPro flags webappstore.sqlite-shm as suspicius should i worry about or its just a bug? Thanks for help!



#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 34,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:13 PM

Posted 10 October 2013 - 05:10 PM

It's a legit Firefox file.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#15 Ramon20000510

Ramon20000510
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 15 October 2013 - 01:56 PM

Hello sorry for writing again but when i runned Malwarebytes its flagged 1 file but its crashed because im not cleaned my temp files.After that i runned Malwarebytes again but its dont find the flagged file again.Its a bug or i have a virus problem?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users