Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

keybtc@inbox_com infection


  • This topic is locked This topic is locked
5 replies to this topic

#1 Szindbad

Szindbad

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 18 November 2014 - 10:02 AM

Yesterday I got an e-mail with FedEx logo. As I expected some delivery, opened it. There was a zip attachment that I opened. It seemed unrelevant so I deleted the mail.

Afternoon I noticed that lots of my files (but not all) got corrupted: jpg, xls, xlsx, pdf, doc, rtf and rar files were renamed like inst1518_2.rar.keybtc@inbox_com (after the extension the .keybtc@inbox_com was added and the file cannot open even after renaming it to the original name.

 

As I found another post of this type I followed the procedure you listed there and will send the logs in the next post.

 

DDS log:

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 11.0.9600.17420  BrowserJavaVersion: 10.71.2
Run by szpeter at 15:57:11 on 2014-11-18
Microsoft Windows 7 Professional   6.1.7601.1.1250.36.1038.18.3032.1234 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\DTS.exe
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\AtService.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\Programs\ABBYY FineReader 11\NetworkLicenseServer.exe
C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe
C:\Programs\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Programs\Firebird\Firebird_1_5\bin\fbserver.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\FsUsbExService.Exe
C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files\LENOVO\HOTKEY\shtctky.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\TpShocks.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Programs\Corel\Corel PDF Fusion\CorelCreatorClient.exe
C:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\CorelCreatorMessages.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Okidata\ActKey\Network Configuration.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\4Team Corporation\Sync2\Sync2.exe
C:\Programs\Kies\Kies.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\szpeter\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Samsung\Samsung Magician\Samsung Magician.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe
C:\Windows\system32\DllHost.exe
D:\Files\AVG\0e5xrj62.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k HsfXAudioService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://hu.forgeofempires.com/
uDefault_Page_URL = hxxp://lenovo.msn.com
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - c:\program files\evernote\evernote\EvernoteIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart
uRun: [Sync2] "c:\program files\4team corporation\sync2\Sync2.exe" /background
uRun: [KiesPreload] c:\programs\kies\Kies.exe /preload
uRun: [GoogleChromeAutoLaunch_4B750B2D4566D35061844830788D9967] "c:\program files\google\chrome\application\chrome.exe" --no-startup-window
mRun: [TpShocks] TpShocks.exe
mRun: [PWMTRV] rundll32 c:\progra~1\thinkpad\utilit~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
mRun: [SmartAudio] c:\program files\conexant\saii\SAIICpl.exe /t
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [CorelCreatorClient] c:\programs\corel\corel pdf fusion\CorelCreatorClient.exe
mRun: [DivXMediaServer] c:\program files\divx\divx media server\DivXMediaServer.exe
mRun: [3170 Scan2PC] "c:\windows\twain_32\samsung\clx3170\Scan2Pc.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Network Configuration] c:\program files\okidata\actkey\Network Configuration.exe /RunWithOS
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [eSzignoTray] c:\programs\microsec\e-szigno30\EszignoTray.exe
StartupFolder: c:\users\szpeter\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\szpeter\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\szpeter\appdata\roaming\micros~1\windows\startm~1\programs\startup\samsun~2.lnk - c:\windows\system32\schtasks.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\thinkpad\bluetooth software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: DisallowCpl = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: DisableCAD = dword:1
IE: Clip Image - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=4
IE: Clip selection - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=3
IE: Clip this page - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=1
IE: Clip URL - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=0
IE: E&xportálás a Microsoft Excel programba - c:\progra~1\micros~4\office14\EXCEL.EXE/3000
IE: Kép küldése &Bluetooth-eszköznek... - c:\program files\thinkpad\bluetooth software\btsendto_ie_ctx.htm
IE: Kül&dés a OneNote programba - c:\progra~1\micros~4\office14\ONBttnIE.dll/105
IE: New Note - c:\program files\evernote\evernote\\evernoteieres\NewNote.html
IE: Oldal küldése &Bluetooth-eszköznek... - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm
IE: SmarThru4 Capture Selection - c:\program files\smarthru 4\WebCapture.dll2.htm
IE: SmarThru4 Kijelölt szöveg mentése - c:\program files\smarthru 4\WebCapture.dll.htm
IE: SmarThru4 Mentés HTML formátumban - c:\program files\smarthru 4\WebCapture.dll1.htm
IE: SmarThru4 Rögzítés kijelölése - c:\program files\smarthru 4\WebCapture.dll2.htm
IE: SmarThru4 Save as HTML - c:\program files\smarthru 4\WebCapture.dll1.htm
IE: SmarThru4 Save Selected Text - c:\program files\smarthru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files\smarthru 4\WebCapture.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\\evernoteieres\AddNote.html
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm
LSP: c:\program files\speedbit video accelerator\SBLSP.dll
TCP: NameServer = 192.168.81.11 192.168.81.254
TCP: Interfaces\{2B379F3B-7953-4707-BC7D-8061C2E1DACE} : DHCPNameServer = 192.168.0.12
TCP: Interfaces\{684B1505-AB9B-47CD-A429-4C6FA0E9586A} : DHCPNameServer = 192.168.81.11 192.168.81.254
TCP: Interfaces\{877B512A-4050-4778-9BA3-421ABD0CBEAB} : DHCPNameServer = 192.168.44.1
TCP: Interfaces\{96A45C79-D84B-48B4-B138-DA4889AF2C35} : DHCPNameServer = 10.30.0.248 10.30.0.246
TCP: Interfaces\{D5D22B1C-ED2C-4212-B9F8-89691B8B96AC} : DHCPNameServer = 192.168.81.11 192.168.81.254
TCP: Interfaces\{D5D22B1C-ED2C-4212-B9F8-89691B8B96AC}\147425F4B454D49414 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D5D22B1C-ED2C-4212-B9F8-89691B8B96AC}\3334F6D6 : DHCPNameServer = 192.168.2.250
TCP: Interfaces\{D5D22B1C-ED2C-4212-B9F8-89691B8B96AC}\550534D275946494D284144535F4 : DHCPNameServer = 213.46.246.53 213.46.246.54
TCP: Interfaces\{D5D22B1C-ED2C-4212-B9F8-89691B8B96AC}\7584F4D454 : DHCPNameServer = 84.2.46.1 84.2.44.1
TCP: Interfaces\{D5D22B1C-ED2C-4212-B9F8-89691B8B96AC}\7594E464F425D4 : DHCPNameServer = 8.8.8.8 213.46.246.53
TCP: Interfaces\{DA00339B-4CF4-4C73-AE34-924DE6011A63} : DHCPNameServer = 10.40.0.240
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\38.0.2125.111\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 192.168.0.10 venus
Hosts: 192.168.0.5 nsa221
Hosts: 192.168.81.12 winnerbank
Hosts: 192.168.81.168 winnertest
Hosts:         192.168.81.147  polfi-win7
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\szpeter\appdata\roaming\mozilla\firefox\profiles\ehqhurni.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.startup.homepage - hxxp://hu.forgeofempires.com/?ref=dotcom
FF - prefs.js: network.proxy.ftp - 172.31.200.210
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - 172.31.200.210
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - 172.31.200.210
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 172.31.200.210
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 172.31.200.210
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\users\szpeter\appdata\roaming\mozilla\firefox\profiles\151k3x5b.default\extensions\lazarus@interclue.com\platform\winnt_x86-msvc\components\WeaveCrypto.dll
FF - plugin: c:\progra~1\common~1\nero\browse~1\npBrowserPlugin.dll
FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\foxit software\foxit phantompdf\plugins\npFoxitPhantomPDFPlugin.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\verimatrix\viewright web\npViewRight.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\programs\quicktime\plugins\npqtplugin.dll
FF - plugin: c:\programs\quicktime\plugins\npqtplugin2.dll
FF - plugin: c:\programs\quicktime\plugins\npqtplugin3.dll
FF - plugin: c:\programs\quicktime\plugins\npqtplugin4.dll
FF - plugin: c:\programs\quicktime\plugins\npqtplugin5.dll
FF - plugin: c:\programs\tracker software\pdf viewer\npPDFXCviewNPPlugin.dll
FF - plugin: c:\programs\videolan\vlc\npvlc.dll
FF - plugin: c:\users\szpeter\appdata\roaming\mozilla\firefox\profiles\ehqhurni.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_15_0_0_152.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.y2layers.installId - e3c9f7e4-852a-4eb7-b621-28f2bee30048
FF - user.js: extentions.y2layers.defaultEnableAppsList - bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube
.
FF - user.js: extensions.autoDisableScopes - 14
.
============= SERVICES / DRIVERS ===============
.
R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [2012-11-28 25416]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2014-7-17 231800]
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2013-6-20 22784]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2012-11-27 13680]
R1 MpKsle9aceea6;MpKsle9aceea6;c:\programdata\microsoft\microsoft antimalware\definition updates\{57f13546-52de-41b1-b143-d8b2d505f802}\MpKsle9aceea6.sys [2014-11-18 39464]
R2 ABBYY.Licensing.FineReader.Professional.11.0;ABBYY FineReader 11 PE Licensing Service;c:\programs\abbyy finereader 11\NetworkLicenseServer.exe [2011-9-22 819976]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\intel\bluetoothhs\BTHSAmpPalService.exe [2012-7-18 509456]
R2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\AtService.exe [2011-5-31 1824584]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;c:\program files\intel\bluetoothhs\BTHSSecurityMgr.exe [2012-8-23 104240]
R2 cpextender;Check Point SSL Network Extender;c:\program files\checkpoint\ssl network extender\slimsvc.exe [2009-11-2 353672]
R2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [2011-5-31 98304]
R2 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\programs\firebird\firebird_1_5\bin\fbserver.exe -s --> c:\programs\firebird\firebird_1_5\bin\fbserver.exe -s [?]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2013-6-1 233472]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-14 20992]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\lenovo\communications utility\CamMute.exe [2012-11-28 41320]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\lenovo\communications utility\TPKNRSVC.exe [2012-11-28 65896]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\lenovo\virtscrl\lvvsst.exe [2010-7-30 93032]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-8-30 95920]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2014-4-6 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files\real\realplayer\rpds\bin\rpdsvc.exe [2014-5-5 1141848]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files\real\updateservice\RealPlayerUpdateSvc.exe [2014-4-7 23552]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.SYS [2007-8-13 5120]
R2 TeamViewer9;TeamViewer 9;c:\program files\teamviewer\version9\TeamViewer_Service.exe [2014-7-18 5037888]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\lenovo\hotkey\tphkload.exe [2014-6-27 116208]
R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2014-6-27 125488]
R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\speedb~1\videoacceleratorservice.exe -start -scm --> c:\progra~1\speedb~1\VideoAcceleratorService.exe -start -scm [?]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\intel\wifi\bin\ZeroConfigService.exe [2012-8-23 2778416]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed virtuális adapter;c:\windows\system32\drivers\AmpPal.sys [2012-7-18 143360]
R3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2011-5-31 659968]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2012-11-27 45736]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2014-1-11 29472]
R3 CorelCreatorMessages;CorelCreatorMessages;c:\windows\system32\CorelCreatorMessages.exe [2012-4-25 73728]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y6232.sys [2012-11-27 223960]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2013-6-1 37344]
R3 NETwNs32;___ Intel® Wireless WiFi Link 5000 Series adapter illesztőprogram 32 bites Windows 7;c:\windows\system32\drivers\NETwNs32.sys [2012-1-23 7523840]
R3 NisSrv;Microsoft Hálózatfelügyelet;c:\program files\microsoft security client\NisSrv.exe [2014-8-22 288120]
R3 PanGpd;PanGP Virtual Miniport;c:\windows\system32\drivers\pangpd.sys [2013-6-3 32256]
R3 Power Manager DBC Service;Power Manager Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2012-11-28 1668904]
R3 SmbDrvI;SmbDrvI;c:\windows\system32\drivers\Smb_driver_Intel.sys [2013-10-23 38768]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2009-10-9 38336]
R3 VNA;Check Point Virtual Network Adapter;c:\windows\system32\drivers\vna.sys [2009-11-2 129304]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2014-6-27 110128]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S2 UI Assistant Service;UI Assistant Service;c:\programs\telenor internet\AssistantServices.exe [2012-12-21 261456]
S3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [2011-5-31 106496]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed protokoll;c:\windows\system32\drivers\AmpPal.sys [2012-7-18 143360]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2014-10-16 89856]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 DozeSvc;Lenovo Doze Mode Service;c:\program files\thinkpad\utilities\DOZESVC.EXE [2013-1-2 280640]
S3 gmhidlow;HID Mouse Lower Filter;c:\windows\system32\drivers\gmhidlow.sys [2013-1-2 12288]
S3 gmPS2up;PS/2 Mouse Upper Filter;c:\windows\system32\drivers\gmPS2up.sys [2013-1-2 7168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-11-12 102912]
S3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2012-12-21 9216]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\intel\wifi\bin\PanDhcpDns.exe [2012-8-23 242480]
S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
S3 PanGPS;PanGPS;c:\programs\palo alto networks\globalprotect\PanGPS.exe [2013-6-3 1104176]
S3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files\thinkpad\utilities\PWMEWSVC.exe [2012-11-27 1664808]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-12-21 14848]
S3 Rockusb;Driver for Rockusb Device;c:\windows\system32\drivers\rockusb.sys [2014-11-3 46160]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2014-10-16 184192]
S3 StorSvc;Társzolgáltatás;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2014-4-2 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-12-21 27136]
S3 WatAdminSvc;Windows aktiválási technológiák szolgáltatás;c:\windows\system32\wat\WatAdminSvc.exe [2012-11-28 1343400]
S3 WSDScan;WSD képolvasási támogatás UMB-n keresztül;c:\windows\system32\drivers\WSDScan.sys [2009-7-14 20480]
S4 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2013-7-18 762192]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-23 51040]
.
=============== Created Last 30 ================
.
2014-11-18 13:23:47 -------- d-----w- C:\FRST
2014-11-18 08:21:18 39464 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{57f13546-52de-41b1-b143-d8b2d505f802}\MpKsle9aceea6.sys
2014-11-17 15:49:33 -------- d-----w- c:\users\szpeter\appdata\local\MFAData
2014-11-17 15:49:33 -------- d-----w- c:\programdata\MFAData
2014-11-17 11:22:55 923 ----a-w- c:\users\szpeter\FILE1.BIN
2014-11-17 11:22:55 715553 ----a-w- c:\users\szpeter\FILE2.BIN
2014-11-17 11:22:55 715553 ----a-w- c:\users\szpeter\appdata\roaming\FILE2.BIN
2014-11-17 10:47:17 8901368 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{57f13546-52de-41b1-b143-d8b2d505f802}\mpengine.dll
2014-11-17 09:18:07 923 ----a-w- c:\users\szpeter\appdata\roaming\FILE1.BIN
2014-11-17 09:17:57 -------- d-----w- c:\users\szpeter\appdata\roaming\gnupg
2014-11-16 13:49:23 908840 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c2a960bd-0af1-4341-9591-937354195a71}\gapaengine.dll
2014-11-16 13:49:00 8901368 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-11-03 09:51:33 46160 ----a-w- c:\windows\system32\drivers\rockusb.sys
2014-10-20 08:56:42 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
==================== Find3M  ====================
.
2014-11-16 14:18:30 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-16 14:18:30 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-16 14:18:22 17926832 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2014-11-06 03:28:20 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-06 03:28:06 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-06 03:13:43 501248 ----a-w- c:\windows\system32\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- c:\windows\system32\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-06 02:59:36 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2014-11-06 02:59:34 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-06 02:58:38 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-06 02:51:33 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-06 02:42:36 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-06 02:21:49 4298240 ----a-w- c:\windows\system32\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-06 01:52:35 1892864 ----a-w- c:\windows\system32\wininet.dll
2014-11-05 17:50:47 254464 ----a-w- c:\windows\system32\generaltel.dll
2014-11-05 17:50:28 203776 ----a-w- c:\windows\system32\aepdu.dll
2014-11-05 17:47:40 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-10-30 11:24:45 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-10-25 01:32:37 67584 ----a-w- c:\windows\system32\packager.dll
2014-10-18 01:33:18 571904 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-14 01:56:19 136632 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 01:50:50 523776 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 01:50:41 2363904 ----a-w- c:\windows\system32\msi.dll
2014-10-14 01:50:39 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 01:47:30 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-10 00:45:54 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 01:44:42 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 01:44:31 275968 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 01:44:26 475136 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 01:44:26 374784 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- c:\windows\system32\AudioSes.dll
2014-09-25 01:40:50 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-19 09:23:55 172032 ----a-w- c:\windows\system32\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- c:\windows\system32\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- c:\windows\system32\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- c:\windows\system32\msv1_0.dll
2014-09-19 09:23:42 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-09-19 09:23:36 17408 ----a-w- c:\windows\system32\credssp.dll
2014-09-11 15:24:48 558448 ----a-w- c:\windows\system32\shareLite3.dll
2014-09-09 21:47:10 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-05 01:52:41 5703168 ----a-w- c:\windows\system32\mstscax.dll
2014-09-04 05:04:15 372736 ----a-w- c:\windows\system32\rastls.dll
2014-08-29 15:02:02 18248 ----a-w- c:\windows\system32\roboot.exe
2014-08-29 01:44:52 2744320 ----a-w- c:\windows\system32\rdpcorets.dll
2014-08-23 01:46:55 305152 ----a-w- c:\windows\system32\gdi32.dll
2014-08-21 06:26:21 1237504 ----a-w- c:\windows\system32\msxml3.dll
2014-08-21 06:23:10 2048 ----a-w- c:\windows\system32\msxml3r.dll
.
=================== ROOTKIT  ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: Samsung_ rev.EXM0 -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: >>UNKNOWN [0x8241B000]<< >>UNKNOWN [0x8AFC7000]<< >>UNKNOWN [0x8AFB6000]<< >>UNKNOWN [0x8A834000]<< >>UNKNOWN [0x8282E000]<< >>UNKNOWN [0x8AA16000]<< 
_asm { DEC EBP; POP EDX; NOP ; ADD [EBX], AL; ADD [EAX], AL; ADD [EAX+EAX], AL; ADD [EAX], AL;  }
1 ntkrnlpa!IofCallDriver[0x82451BFA] -> \Device\Harddisk0\DR0[0x87521880]
\Driver\Disk[0x87520030] -> IRP_MJ_CREATE -> 0x8AFCB39F
3 [0x8AFCB59E] -> ntkrnlpa!IofCallDriver[0x82451BFA] -> [0x85A38878]
\Driver\ACPI[0x84D94460] -> IRP_MJ_CREATE -> 0x8A83D4CC
5 [0x8A83D3D4] -> ntkrnlpa!IofCallDriver[0x82451BFA] -> \Device\Ide\IAAStorageDevice-0[0x85A7B028]
\Driver\iaStor[0x85A5C030] -> IRP_MJ_CREATE -> 0x8AA3CE36
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [BP+0x0], 0x0;  }
user & kernel MBR OK 
Warning: possible TDL3 rootkit infection !
.
============= FINISH: 15:57:46,65 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 Szindbad

Szindbad
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 18 November 2014 - 10:09 AM

FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-11-2014
Ran by szpeter (administrator) on SZP-R400 on 18-11-2014 14:23:57
Running from D:\Files\AVG
Loaded Profile: szpeter (Available profiles: szpeter & Classic .NET AppPool & DefaultAppPool)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: magyar (Magyarország)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() C:\Windows\System32\DTS.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AuthenTec, Inc.) C:\Windows\System32\AtService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(ABBYY) C:\Programs\ABBYY FineReader 11\NetworkLicenseServer.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe
(Cisco Systems, Inc.) C:\Programs\Cisco Systems\VPN Client\cvpnd.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(The Firebird Project) C:\Programs\Firebird\Firebird_1_5\bin\fbserver.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(SPEEDbit) C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Global Graphics Software Ltd.) C:\Programs\Corel\Corel PDF Fusion\CorelCreatorClient.exe
() C:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Global Graphics Software Ltd) C:\Windows\System32\CorelCreatorMessages.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Oki Data Corporation) C:\Program Files\Okidata\ActKey\Network Configuration.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(4Team Corporation) C:\Program Files\4Team Corporation\Sync2\Sync2.exe
(Samsung) C:\Programs\Kies\Kies.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\szpeter\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Samsung Electronics.) C:\Program Files\Samsung\Samsung Magician\Samsung Magician.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Lenovo Group Limited) C:\Program Files\ThinkPad\Utilities\SCHTASK.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Lenovo) C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
() C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Cardinal Számítástechnikai Kft.) \\winnerbank\c\pcbankar\bin32\electra.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE
(WINFORM Kft.) D:\WinNER\Bin\Winner32.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [338216 2013-06-20] (Lenovo.)
HKLM\...\Run: [PWMTRV] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [CorelCreatorClient] => C:\Programs\Corel\Corel PDF Fusion\CorelCreatorClient.exe [667648 2012-04-25] (Global Graphics Software Ltd.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM\...\Run: [3170 Scan2PC] => C:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe [503808 2009-01-30] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2379504 2013-05-29] (Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Network Configuration] => C:\Program Files\Okidata\ActKey\Network Configuration.exe [725280 2012-08-27] (Oki Data Corporation)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296520 2014-05-05] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-2249936772-1821256715-1983083548-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-2249936772-1821256715-1983083548-1001\...\Run: [Sync2] => C:\Program Files\4Team Corporation\Sync2\Sync2.exe [5603176 2014-09-11] (4Team Corporation)
HKU\S-1-5-21-2249936772-1821256715-1983083548-1001\...\Run: [KiesPreload] => C:\Programs\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-2249936772-1821256715-1983083548-1001\...\Run: [GoogleChromeAutoLaunch_4B750B2D4566D35061844830788D9967] => C:\Program Files\Google\Chrome\Application\chrome.exe [854344 2014-10-22] (Google Inc.)
HKU\S-1-5-21-2249936772-1821256715-1983083548-1001\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-2249936772-1821256715-1983083548-1001\...\MountPoints2: {54b8e310-3914-11e2-a070-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-2249936772-1821256715-1983083548-1001\...\MountPoints2: {d9e08125-4b5b-11e2-8ec4-506313c9ecea} - E:\Windows/Autorun.exe
HKU\S-1-5-21-2249936772-1821256715-1983083548-1001\...\MountPoints2: {fc667698-59cb-11e4-833d-506313c9ecea} - "E:\Install Navigator.exe"
HKU\S-1-5-18\...\Run: [eSzignoTray] => C:\Programs\Microsec\e-Szigno30\EszignoTray.exe [119008 2014-05-29] (MICROSEC Zrt.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\szpeter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\szpeter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\szpeter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-2249936772-1821256715-1983083548-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://hu.forgeofempires.com/
HKU\S-1-5-21-2249936772-1821256715-1983083548-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
HKU\S-1-5-21-2249936772-1821256715-1983083548-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2249936772-1821256715-1983083548-1001 -> DefaultScope {1DF199DD-CC57-48E5-80FC-4664B8E4D70E} URL = 
SearchScopes: HKU\S-1-5-21-2249936772-1821256715-1983083548-1001 -> {1DF199DD-CC57-48E5-80FC-4664B8E4D70E} URL = 
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll [177320] (SPEEDbit)
Winsock: Catalog9 02 C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll [177320] (SPEEDbit)
Winsock: Catalog9 03 C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll [177320] (SPEEDbit)
Winsock: Catalog9 04 C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll [177320] (SPEEDbit)
Winsock: Catalog9 05 C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll [177320] (SPEEDbit)
Winsock: Catalog9 06 C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll [177320] (SPEEDbit)
Winsock: Catalog9 07 C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll [177320] (SPEEDbit)
Winsock: Catalog9 08 C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll [177320] (SPEEDbit)
Winsock: Catalog9 20 C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll [177320] (SPEEDbit)
Tcpip\Parameters: [DhcpNameServer] 192.168.81.11 192.168.81.254
 
FireFox:
========
FF ProfilePath: C:\Users\szpeter\AppData\Roaming\Mozilla\Firefox\Profiles\ehqhurni.default
FF DefaultSearchEngine: Ask.com
FF DefaultSearchUrl: 
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://hu.forgeofempires.com/?ref=dotcom
FF NetworkProxy: "backup.ftp", "172.31.200.210"
FF NetworkProxy: "backup.ftp_port", 8080
FF NetworkProxy: "backup.gopher", "172.31.200.210"
FF NetworkProxy: "backup.gopher_port", 8080
FF NetworkProxy: "backup.socks", "172.31.200.210"
FF NetworkProxy: "backup.socks_port", 8080
FF NetworkProxy: "backup.ssl", "172.31.200.210"
FF NetworkProxy: "backup.ssl_port", 8080
FF NetworkProxy: "ftp", "172.31.200.210"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "gopher", "172.31.200.210"
FF NetworkProxy: "gopher_port", 8080
FF NetworkProxy: "http", "172.31.200.210"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "172.31.200.210"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "172.31.200.210"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Programs\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll No File
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @real.com/nppl3260;version=17.0.9.17 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=17.0.9.17 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Programs\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Programs\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Programs\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Programs\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Programs\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Programs\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-2249936772-1821256715-1983083548-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Programs\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2249936772-1821256715-1983083548-1001: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
FF user.js: detected! => C:\Users\szpeter\AppData\Roaming\Mozilla\Firefox\Profiles\ehqhurni.default\user.js
FF Extension: United States English Spellchecker - C:\Users\szpeter\AppData\Roaming\Mozilla\Firefox\Profiles\ehqhurni.default\Extensions\en-US@dictionaries.addons.mozilla.org [2013-05-20]
FF Extension: Hungarian dictionary - C:\Users\szpeter\AppData\Roaming\Mozilla\Firefox\Profiles\ehqhurni.default\Extensions\hu@dictionaries.addons.mozilla.org [2012-11-29]
FF Extension: Garmin Communicator - C:\Users\szpeter\AppData\Roaming\Mozilla\Firefox\Profiles\ehqhurni.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-04-29]
FF Extension: Lazarus: Form Recovery - C:\Users\szpeter\AppData\Roaming\Mozilla\Firefox\Profiles\ehqhurni.default\Extensions\lazarus@interclue.com.xpi [2012-11-29]
FF Extension: 1Click Downloader - C:\Users\szpeter\AppData\Roaming\Mozilla\Firefox\Profiles\ehqhurni.default\Extensions\OneClickDownloader@OneClickDownloader.com.xpi [2012-11-29]
FF Extension: Yontoo - C:\Users\szpeter\AppData\Roaming\Mozilla\Firefox\Profiles\ehqhurni.default\Extensions\plugin@yontoo.com.xpi [2013-04-20]
FF Extension: Browse Images - C:\Users\szpeter\AppData\Roaming\Mozilla\Firefox\Profiles\ehqhurni.default\Extensions\{62b958b4-9962-4fc2-9983-01a9a42d6f2d}.xpi [2012-11-29]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-05-05]
FF HKLM\...\Firefox\Extensions: [{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF StartMenuInternet: FIREFOX.EXE - C:\Programs\Mozilla Firefox\firefox.exe
 
Chrome: 
=======
CHR Profile: C:\Users\szpeter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Dokumentumok) - C:\Users\szpeter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-11]
CHR Extension: (Docs Offline Background Page) - C:\Users\szpeter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-11]
CHR Extension: (YouTube) - C:\Users\szpeter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-11]
CHR Extension: (Google-keresés) - C:\Users\szpeter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-11]
CHR Extension: (IE Tab) - C:\Users\szpeter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2013-02-12]
CHR Extension: (RealPlayer Downloader) - C:\Users\szpeter\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-03-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\szpeter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-06]
CHR Extension: (Google Pénztárca) - C:\Users\szpeter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\szpeter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-11]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-04-06]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Programs\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-09-22] (ABBYY)
S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [106496 2011-05-31] () [File not signed]
R2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [509456 2012-07-18] (Intel Corporation)
R2 BTHSSecurityMgr; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [104240 2012-08-23] (Intel® Corporation)
R3 CorelCreatorMessages; C:\Windows\system32\CorelCreatorMessages.exe [73728 2012-04-25] (Global Graphics Software Ltd) [File not signed]
R2 cpextender; C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe [353672 2009-11-02] (Check Point Software Technologies)
R2 CVPND; C:\Programs\Cisco Systems\VPN Client\cvpnd.exe [1524512 2007-10-26] (Cisco Systems, Inc.)
R2 dtsvc; C:\Windows\system32\DTS.exe [98304 2011-05-31] () [File not signed]
R2 FirebirdServerDefaultInstance; C:\Programs\Firebird\Firebird_1_5\bin\fbserver.exe [1532000 2009-10-06] (The Firebird Project) [File not signed]
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-04-18] (Teruten) [File not signed]
R2 LENOVO.CAMMUTE; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [41320 2011-01-15] (Lenovo Group Limited)
S2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [110128 2014-05-27] (Lenovo Group Limited)
R2 LENOVO.TPKNRSVC; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [65896 2011-01-15] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [242480 2012-08-23] ()
S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
S3 PanGPS; C:\Programs\Palo Alto Networks\GlobalProtect\PanGPS.exe [1104176 2013-06-03] (Palo Alto Networks)
S3 PwmEWSvc; C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE [1664808 2013-08-01] (Lenovo Group Limited)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-04-06] ()
R2 RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-05-05] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-04-07] () [File not signed]
S3 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R2 ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1019904 2009-08-28] (Lenovo Group Limited) [File not signed]
R2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [116208 2014-06-10] (Lenovo Group Limited)
S2 UI Assistant Service; C:\Programs\Telenor Internet\AssistantServices.exe [261456 2011-04-20] ()
R2 VideoAcceleratorService; C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe [281768 2014-05-05] (SPEEDbit)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2778416 2012-08-23] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [143360 2012-07-18] (Windows ® Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [143360 2012-07-18] (Windows ® Win 7 DDK provider)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306300 2007-10-26] (Cisco Systems, Inc.) [File not signed]
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [41984 2007-10-22] (Samsung Electronics Co., Ltd.) [File not signed]
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [127376 2007-01-31] (Deterministic Networks, Inc.)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]
S3 gmhidlow; C:\Windows\System32\DRIVERS\gmhidlow.sys [12288 2009-12-25] () [File not signed]
S3 gmPS2up; C:\Windows\System32\DRIVERS\gmPS2up.sys [7168 2009-12-25] () [File not signed]
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [9216 2011-03-26] (MBB Incorporated)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R1 MpKsle9aceea6; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{57F13546-52DE-41B1-B143-D8B2D505F802}\MpKsle9aceea6.sys [39464 2014-11-18] (Microsoft Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7523840 2012-01-23] (Intel Corporation)
R3 PanGpd; C:\Windows\System32\DRIVERS\pangpd.sys [32256 2013-06-03] (Palo Alto Networks)
S3 Rockusb; C:\Windows\System32\DRIVERS\rockusb.sys [46160 2013-03-12] (Fuzhou Rockchip Electronics Co,Ltd.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [38768 2013-05-29] (Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3486208 2009-06-11] ()
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2007-08-13] (Samsung Electronics) [File not signed]
R3 VNA; C:\Windows\System32\DRIVERS\vna.sys [129304 2009-11-02] (Check Point Software Technologies)
U3 kwtiypob; \??\C:\Users\szpeter\AppData\Local\Temp\kwtiypob.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-18 14:23 - 2014-11-18 14:24 - 00000000 ____D () C:\FRST
2014-11-17 16:49 - 2014-11-18 09:21 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-17 16:49 - 2014-11-17 16:49 - 00000000 ____D () C:\Users\szpeter\AppData\Local\MFAData
2014-11-17 12:22 - 2014-11-17 12:22 - 00715553 _____ () C:\Users\szpeter\FILE2.BIN
2014-11-17 12:22 - 2014-11-17 12:22 - 00715553 _____ () C:\Users\szpeter\AppData\Roaming\FILE2.BIN
2014-11-17 12:22 - 2014-11-17 10:18 - 00000923 _____ () C:\Users\szpeter\FILE1.BIN
2014-11-17 10:18 - 2014-11-17 10:18 - 00000923 _____ () C:\Users\szpeter\AppData\Roaming\FILE1.BIN
2014-11-17 10:17 - 2014-11-17 12:22 - 00000000 ____D () C:\Users\szpeter\AppData\Roaming\gnupg
2014-11-12 07:11 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 07:11 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 07:11 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 07:11 - 2014-11-05 18:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 07:11 - 2014-11-05 18:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 07:11 - 2014-11-05 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 07:11 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 07:11 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 07:11 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 07:11 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 07:11 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 07:11 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 07:11 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 07:11 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 07:11 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 07:11 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 07:11 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 07:11 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 07:11 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 07:11 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 07:11 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 07:11 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 07:11 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 07:11 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 07:11 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 07:11 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 07:11 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 07:11 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 07:11 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 07:11 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 07:10 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 07:10 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 07:10 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 07:10 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 07:10 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 07:10 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 07:10 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 07:10 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 07:10 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 07:10 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 07:10 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 07:10 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 07:10 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 07:10 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 07:10 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 07:10 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 07:10 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 07:10 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 07:10 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 07:10 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 07:10 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 07:10 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 07:10 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 07:10 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 07:10 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 07:10 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 07:10 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-09 19:43 - 2014-11-09 19:43 - 00147936 _____ () C:\Windows\Minidump\110914-23649-01.dmp
2014-11-05 10:30 - 2014-11-05 10:30 - 00000000 ____D () C:\Users\szpeter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-eszközök
2014-11-03 10:51 - 2013-03-12 10:03 - 00046160 _____ (Fuzhou Rockchip Electronics Co,Ltd.) C:\Windows\system32\Drivers\rockusb.sys
2014-11-01 11:59 - 2014-11-01 11:59 - 00000000 ____D () C:\Users\szpeter\Documents\Lottó
2014-11-01 11:05 - 2014-11-01 11:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FortaSRT
2014-11-01 10:19 - 2014-11-01 10:19 - 00000702 _____ () C:\Users\szpeter\Desktop\SRTWiz.lnk
2014-10-22 10:35 - 2014-10-22 10:35 - 00000041 _____ () C:\script.txt
2014-10-22 10:35 - 2014-10-22 10:35 - 00000031 _____ () C:\Windows\script.txt
2014-10-22 10:29 - 2014-10-22 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2014-10-20 09:56 - 2014-10-20 09:56 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-20 09:56 - 2014-10-20 09:56 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-20 09:56 - 2014-10-20 09:56 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-20 09:56 - 2014-10-20 09:56 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-10-20 09:56 - 2014-10-20 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-18 14:18 - 2012-11-29 15:58 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-18 14:15 - 2012-11-28 11:30 - 00000000 ____D () C:\Users\szpeter\Documents\Outlook-fájlok
2014-11-18 13:48 - 2012-11-29 09:39 - 00001016 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-18 13:36 - 2012-11-29 13:32 - 00000000 ___DC () C:\mkb
2014-11-18 10:43 - 2012-11-29 09:51 - 00000000 ___RD () C:\Users\szpeter\Google Drive
2014-11-18 10:43 - 2012-11-29 09:36 - 00000000 ___RD () C:\Users\szpeter\Dropbox
2014-11-18 10:43 - 2012-11-29 05:50 - 00000000 ____D () C:\Users\szpeter\Documents\www
2014-11-18 10:43 - 2012-11-29 05:49 - 00000000 ____D () C:\Users\szpeter\Documents\Work
2014-11-18 10:43 - 2012-11-29 05:49 - 00000000 ____D () C:\Users\szpeter\Documents\Word
2014-11-18 10:43 - 2012-11-29 05:49 - 00000000 ____D () C:\Users\szpeter\Documents\WinLOGIC
2014-11-18 10:43 - 2012-11-29 05:48 - 00000000 ____D () C:\Users\szpeter\Documents\Winform
2014-11-18 10:43 - 2012-11-29 05:48 - 00000000 ____D () C:\Users\szpeter\Documents\RAMIR
2014-11-18 10:43 - 2012-11-29 05:48 - 00000000 ____D () C:\Users\szpeter\Documents\ProFuturo
2014-11-18 10:43 - 2012-11-29 05:47 - 00000000 ____D () C:\Users\szpeter\Documents\Ez+Az
2014-11-18 10:43 - 2012-11-29 05:47 - 00000000 ____D () C:\Users\szpeter\Documents\EXCEL
2014-11-18 10:43 - 2012-11-29 05:47 - 00000000 ____D () C:\Users\szpeter\Documents\Eni
2014-11-18 10:43 - 2012-11-29 05:47 - 00000000 ____D () C:\Users\szpeter\Documents\Burgman
2014-11-18 10:43 - 2012-11-28 22:38 - 00000000 ____D () C:\E-Books
2014-11-18 10:43 - 2012-11-28 08:52 - 00000000 ___DC () C:\totalcmd
2014-11-18 09:55 - 2012-11-28 07:31 - 00000000 ____D () C:\Users\szpeter\AppData\Local\Deployment
2014-11-18 09:52 - 2012-11-27 21:19 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-11-18 09:41 - 2012-11-29 09:39 - 00001012 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-18 09:41 - 2012-11-29 09:34 - 00000000 ____D () C:\Users\szpeter\AppData\Roaming\Dropbox
2014-11-18 09:28 - 2009-07-14 05:34 - 00030688 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-18 09:28 - 2009-07-14 05:34 - 00030688 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-18 09:25 - 2010-11-20 22:01 - 01778728 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-18 09:24 - 2012-11-28 05:35 - 01458667 _____ () C:\Windows\WindowsUpdate.log
2014-11-18 09:21 - 2012-11-29 13:40 - 00000120 _____ () C:\Windows\system32\config\netlogon.ftl
2014-11-18 09:21 - 2010-11-20 22:48 - 00533152 _____ () C:\Windows\PFRO.log
2014-11-18 09:21 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-18 09:21 - 2009-07-14 05:39 - 00174045 _____ () C:\Windows\setupact.log
2014-11-17 18:18 - 2012-11-28 22:47 - 00000000 ___DC () C:\WinNER
2014-11-17 16:51 - 2014-09-30 19:08 - 00000000 ____D () C:\Users\szpeter\AppData\Roaming\TuneUp Software
2014-11-17 12:22 - 2012-11-27 21:18 - 00000000 ____D () C:\Users\szpeter
2014-11-17 10:41 - 2014-02-18 13:24 - 00000000 ____D () C:\Nero
2014-11-17 08:31 - 2012-12-07 10:07 - 00000000 ____D () C:\Users\szpeter\AppData\Roaming\jaws
2014-11-16 15:18 - 2014-05-14 12:18 - 17926832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-11-16 15:18 - 2012-11-29 15:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-16 15:18 - 2012-11-29 15:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-14 17:21 - 2012-11-29 09:34 - 00000000 ____D () C:\Users\szpeter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-14 04:05 - 2012-11-29 05:50 - 00002376 _____ () C:\Users\szpeter\Documents\Default.rdp
2014-11-13 18:59 - 2012-11-29 05:47 - 00000000 ____D () C:\Users\szpeter\Documents\Privát
2014-11-12 13:47 - 2012-11-27 21:19 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-11-12 10:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-11-12 08:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-12 07:46 - 2012-11-27 21:24 - 00103448 _____ () C:\Users\szpeter\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-12 07:45 - 2009-07-14 05:33 - 00370208 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 07:44 - 2014-05-06 06:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 07:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-11-12 07:24 - 2012-11-27 22:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 07:20 - 2013-07-23 15:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 07:14 - 2012-11-28 07:36 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-10 15:08 - 2012-12-07 11:28 - 00001832 _____ () C:\Users\szpeter\AppData\Local\SLC_szpeter.prx
2014-11-09 19:43 - 2013-11-08 00:32 - 363116864 _____ () C:\Windows\MEMORY.DMP
2014-11-09 19:43 - 2013-11-08 00:32 - 00000000 ____D () C:\Windows\Minidump
2014-11-07 15:03 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-11-06 19:11 - 2012-12-11 10:13 - 00017394 _____ () C:\Users\szpeter\abevjava_szpeter.log
2014-11-06 07:00 - 2012-11-29 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-04 20:18 - 2014-04-22 00:17 - 00000000 ____D () C:\Users\szpeter\AppData\Local\IE Tab
2014-11-01 11:22 - 2012-11-29 20:41 - 00000000 ____D () C:\Users\szpeter\AppData\Roaming\vlc
2014-10-30 14:29 - 2009-07-14 05:53 - 00032602 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-30 12:24 - 2012-11-27 21:36 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-22 19:57 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-10-22 11:02 - 2009-07-14 05:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-10-22 11:02 - 2009-07-14 05:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-10-22 10:32 - 2012-11-28 22:47 - 00000000 ___DC () C:\Temp
2014-10-22 10:31 - 2012-12-29 20:23 - 00000000 ____D () C:\Program Files\Samsung
2014-10-22 10:31 - 2012-12-02 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-10-22 10:31 - 2012-11-28 05:36 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-22 10:28 - 2012-12-02 20:24 - 00000000 ____D () C:\ProgramData\Samsung
2014-10-20 09:58 - 2013-10-20 09:56 - 00000000 ____D () C:\ProgramData\Oracle
 
Files to move or delete:
====================
C:\Users\szpeter\PanPortalCfg.dat
 
 
Some content of TEMP:
====================
C:\Users\szpeter\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfdjfmc.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-16 23:24
 
==================== End Of Log ============================
 
Addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-11-2014
Ran by szpeter at 2014-11-18 14:24:35
Running from D:\Files\AVG
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4Team Folder Backup for Outlook (HKLM\...\{E08336DF-56D4-4B43-AC62-C26389E878A8}) (Version: 1.11.0048 - 4Team Corporation)
4Team Sync2 (HKLM\...\{98E1A230-F8B2-4868-AAEE-7B7B06A61E1D}) (Version: 2.50.2575 - 4Team Corporation)
ABBYY FineReader 11 (HKLM\...\{F1100000-0008-0000-0001-074957833700}) (Version: 11.0.338 - ABBYY)
ACDSee 17 (HKLM\...\{A47900DC-2011-46C8-8E07-5BDD9D83DE47}) (Version: 17.1.68 - ACD Systems International Inc.)
ACDSee Photo Editor 6 (HKLM\...\ACDSee Photo Editor 6) (Version: 6.0.359 - ACD Systems of America Inc)
ActKey (Version: 1.7.0.0 - Oki Data Corporation) Hidden
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
AdriaROUTE 4.00 NT (HKLM\...\{828A3BA6-B5AB-4B03-AC13-443BE0C64C17}) (Version: 4.00 - Navigo Sistem d.o.o.)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AT&T Service Activation (HKLM\...\{D81486A1-2371-4059-AC70-1AB894AC96E6}) (Version: 1.8.7.0 - AT&T)
Bitvise SSH Client 4.51 (remove only) (HKLM\...\BvSshClient) (Version:  - )
Check Point SSL Network Extender Service (HKLM\...\{bd2dc9de-a525-48b8-8b62-f96efd6d81eb}) (Version: 7.01.0000 - CheckPoint)
Cisco Systems VPN Client 5.0.02.0090 (HKLM\...\{871DF2BE-41D2-4334-AC33-839AF16FC8FE}) (Version: 5.0.2 - Cisco Systems, Inc.)
Conexant 20561 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.92.12.0 - Conexant)
Contents (Version: 15.0.0.258 - Corel Corporation) Hidden
Corel PDF Fusion (HKLM\...\{4FAFC48A-73CD-4ECF-BF89-32825E6360FA}) (Version: 1.11.0000 - Corel Corporation)
Corel PDF Fusion Addins (HKLM\...\{0BAF6B34-BC0F-40DF-B7F7-0793A67E8768}) (Version: 1.11.0 - Corel Corporation)
Corel VideoStudio Pro X5 (HKLM\...\_{1A1BD41E-9854-4957-8959-F9559A8862A7}) (Version: 15.2.0.10 - Corel Corporation)
Create Recovery Media (HKLM\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
Dropbox (HKU\S-1-5-21-2249936772-1821256715-1983083548-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
EMS Data Import for InterBase/Firebird (HKLM\...\{5E0110CA-86F5-40D9-87A4-D3FC85EA6BB8}) (Version: 3.6.0.1 - EMS)
EMS Data Pump for InterBase/Firebird (HKLM\...\{563330FA-CF8A-47C4-B1E5-A47B9FA0B797}) (Version: 3.1.0.8 - EMS)
e-Szignó 3.2.7.6 (HKLM\...\{2A1A30E7-7834-483D-B526-4768C8728AC2}) (Version: 2.7.6 - Microsec)
Evernote v. 5.6.4 (HKLM\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.)
Firebird 1.5.6 (HKLM\...\FBDBServer_1_5_is1) (Version:  - Firebird Project)
Forta v6.833 (HKLM\...\Forta_is1) (Version:  - )
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
GlobalProtect (HKLM\...\{11FE57E7-1D01-4996-B3A8-CE102017D4B3}) (Version: 1.2.4 - Palo Alto Networks)
GoldWave v5.70 (HKLM\...\GoldWave v5.70) (Version: 5.70 - GoldWave Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Drive (HKLM\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HotShots (HKLM\...\HotShots) (Version:  - )
ICA (Version: 15.0.0.258 - Corel Corporation) Hidden
Integrated Camera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.53003.0 - Sonix)
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Intel® Management Engine Interface (HKLM\...\HECI) (Version:  - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 16.1 - Intel)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{90F00673-A276-4A58-B675-B426D39D1E09}) (Version: 15.3.0.0398 - Intel Corporation)
Intel® PROSet/Wireless WiFi szoftver (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation)
InterVideo WinDVD 8 (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0.20.199 - InterVideo Inc.)
InterVideo WinDVD 8 (Version: 8.0.20.199 - InterVideo Inc.) Hidden
IPM_VS_Pro (Version: 15.0 - Corel Corporation) Hidden
ISCOM (Version: 15.0.0.258 - Corel Corporation) Hidden
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java SE Development Kit 7 Update 51 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Fingerprint Software (HKLM\...\{2D440AF4-7330-43F0-A085-35DE1A90E703}) (Version: 3.3.2.50 - AuthenTec, Inc.)
Lenovo Patch Utility (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo Registration (HKLM\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.2 - Lenovo Inc.)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Lenovo Warranty Information (HKLM\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0004.00 - Lenovo)
Lenovo Welcome (HKLM\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Metric Collection SDK (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET-keretrendszer 4.5.1 (magyar) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1038) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office 2010 Otthoni és kisvállalati verzió (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{8AC0BF52-05CB-4284-B46E-0816E2B0BF0B}) (Version: 8.0.50727.26 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband (HKLM\...\{4330AAE7-1893-42F9-BC38-539A1A60530B}) (Version: 3.6.0034 - Lenovo)
Mobile Broadband Connect (HKLM\...\{91B7B957-0F45-4BDC-85BA-08F80D49B9BC}) (Version: 3.5.0011 - Lenovo)
Mozilla Firefox 29.0 (x86 hu) (HKLM\...\Mozilla Firefox 29.0 (x86 hu)) (Version: 29.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-2249936772-1821256715-1983083548-1001\...\MyFreeCodec) (Version:  - )
NaviGuide Hungary 6.7 NT (HKLM\...\{D3F9E8F4-70D6-4F0C-9E4A-2E196A889177}) (Version: 6.70 - Navi-Gate Kft.)
Nero 2014 (HKLM\...\{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}) (Version: 15.0.02200 - Nero AG)
NoteTab 7 (Remove only) (HKLM\...\NoteTab 7_is1) (Version: 7.1 - Fookes Holding Ltd)
OKI ActKey (HKLM\...\InstallShield_{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.7.0.0 - Oki Data Corporation)
OKI Color Swatch Utility (HKLM\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.1.12 - Okidata)
OKI MC5(3)x2/ES5(3)4x2 Scanner (HKLM\...\InstallShield_{14915907-DB64-49DC-BB9D-1935D38CD250}) (Version: 1.0.2.0 - Oki Data Corporation)
OKI Network Extension (HKLM\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.00 - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.1 - Tracker Software Products Ltd)
Power Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.62.10 - Lenovo Group Limited)
Prerequisite installer (Version: 15.0.0005 - Nero AG) Hidden
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealDownloader (Version: 17.0.9 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM\...\RealPlayer 17.0) (Version: 17.0.9 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Rescue and Recovery (HKLM\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.30.0025.00 - Lenovo Group Limited)
RICOH R5U8xx Media Driver ver.3.64.02 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.64.02 - RICOH)
Samsung CLX-3170 Series (HKLM\...\Samsung CLX-3170 Series) (Version:  - Samsung Electronics CO.,LTD)
Samsung Data Migration (HKLM\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.4.0 - Samsung Electronics)
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
ScannerDriver (Version: 1.0.2.0 - Oki Data Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Setup (Version: 15.0.0.258 - Corel Corporation) Hidden
Share (Version: 15.0.0.258 - Corel Corporation) Hidden
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Slovakia Roads v6 (HKLM\...\{229AC843-98B6-4BDE-919A-30587C698D23}) (Version: 6.00 - CONAN s.r.o.)
SmarThru 4 (HKLM\...\{90F1943D-EA4A-4460-B59F-30023F3BA69A}) (Version:  - )
SmarThru PC Fax (HKLM\...\SmarThru PC Fax) (Version:  - )
SmartSound Common Data (HKLM\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (Version: 5.1.6 - SmartSound Software Inc.) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Srt2Sup a4.03 (HKLM\...\{5E6417D0-960A-4C18-9CB8-DD7678BDB8D0}) (Version: 0.4.03 - Gandalf Services)
System Requirements Lab for Intel (HKLM\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
Telenor Internet (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - )
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3100 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.41 - )
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.9 - )
ThinkPad UltraNav Utility (HKLM\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.26 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 1.43 - Lenovo)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.50 - Ghisler Software GmbH)
TV GO  (HKLM\...\{BC0F6ECD-3C4C-41F0-8723-00D5713BFC75}) (Version: 3.5.0.0 - Magyar Telekom Nyrt.)
UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Üzleti Terminál (HKLM\...\Üzleti Terminál) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Verizon Wireless Mobile Broadband Self Activation (HKLM\...\{C64A877E-DF8D-4017-AA82-000A77C6D809}) (Version: 3.1.4 - Smith Micro Software, Inc.)
Video Converter (HKLM\...\Video Converter) (Version: 1 - SweetPacks) <==== ATTENTION
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VNC Viewer 5.0.3 (HKLM\...\RealVNCViewer_is1) (Version: 5.0.3 - RealVNC Ltd)
VobSub v2.23 (Remove Only) (HKLM\...\VobSub) (Version:  - )
VSClassic (Version: 15.0.0.258 - Corel Corporation) Hidden
VSHelp (Version: 15.0.0.258 - Corel Corporation) Hidden
VSPro (Version: 15.0.0.258 - Corel Corporation) Hidden
Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (04/08/2010 6.3.5.430) (HKLM\...\2004BB9EB6CEA02846881BEF1F51C11F7A90C9D6) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\B7541EC5F72AA713F557569278EB6273725F5607) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Intel System  (06/04/2009 1.0.0.0002) (HKLM\...\E7B58217635B8F723D4744A328A4B3237DB35FA9) (Version: 06/04/2009 1.0.0.0002 - Intel)
Windows Driver Package - Lenovo 1.60.0.4 (11/18/2009 1.60.0.4) (HKLM\...\114EB224AD576F278686036AA9E1EFB7847E3935) (Version: 11/18/2009 1.60.0.4 - Lenovo)
Windows Driver Package - Synaptics (SynTP) Mouse  (03/24/2011 15.2.19.0) (HKLM\...\25247A4F7CF60C197BFE96065E287DC132CADA3D) (Version: 03/24/2011 15.2.19.0 - Synaptics)
Windows illesztőprogram-csomag - AuthenTec Inc. (ATSwpWDF) Biometric  (07/02/2010 8.6.0.29) (HKLM\...\05FBE63CF9C9B3424152207E7278CD6DA193C56C) (Version: 07/02/2010 8.6.0.29 - AuthenTec Inc.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR archiváló (HKLM\...\WinRAR archiver) (Version:  - )
XP Codec Pack (HKLM\...\XP Codec Pack) (Version: 2.5.3 - XP Codec Pack team)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2249936772-1821256715-1983083548-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\szpeter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249936772-1821256715-1983083548-1001_Classes\CLSID\{A63703AB-2EAD-7B3F-F76C-85F44CADE39E}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2249936772-1821256715-1983083548-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\szpeter\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249936772-1821256715-1983083548-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\szpeter\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249936772-1821256715-1983083548-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\szpeter\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249936772-1821256715-1983083548-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\szpeter\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249936772-1821256715-1983083548-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\szpeter\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249936772-1821256715-1983083548-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\szpeter\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249936772-1821256715-1983083548-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\szpeter\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249936772-1821256715-1983083548-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\szpeter\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:04 - 2012-12-29 17:47 - 00001028 ____A C:\Windows\system32\Drivers\etc\hosts
        192.168.0.10    venus
        192.168.0.5     nsa221
        192.168.81.12   winnerbank
        192.168.81.168  winnertest
        192.168.81.147  polfi-win7
195.56.189.106  www.burgman.hu
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {00A356DF-E0D2-4C89-90B3-922998F95421} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2249936772-1821256715-1983083548-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {21CC7E8A-B5CE-44A7-AF1F-CEAB9D154DFA} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {2B2CB39A-5744-4CB4-8426-2E1787FCD7A1} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {2C55CD46-6831-4CF1-AA51-F6F2F78F4344} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2249936772-1821256715-1983083548-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {2D826552-9211-42E9-A849-C68608EDC9F6} - System32\Tasks\Real Player online update program => C:\Program Files\Real\RealPlayer\update\realsched.exe [2014-05-05] (RealNetworks, Inc.)
Task: {312F3FEA-D917-433A-9D0A-15E0421AAE86} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {5D4E9B05-3C3F-4116-8648-5C6DD488C559} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {6C2DDDE0-C381-4460-9E6F-DFC11613B196} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2249936772-1821256715-1983083548-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {6E661AFD-9EFF-4C18-B224-14A8E800124E} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {718A7C16-7AB3-40E2-A1F6-761E79F688FA} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2249936772-1821256715-1983083548-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {73291D8D-F73F-49E5-B359-A17BD0E42114} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {7567DD37-E296-4D36-9DAD-604C53C82A33} - System32\Tasks\DivX online update program => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {76BADF10-218F-470C-A510-3F5EA877B351} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {7886D869-82C7-4B0E-952E-15A90593F00E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2249936772-1821256715-1983083548-1001 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2014-04-06] (RealNetworks, Inc.)
Task: {79729A24-BB8C-4662-8D93-CEC82FAD6F86} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2249936772-1821256715-1983083548-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2014-04-06] (RealNetworks, Inc.)
Task: {7E31519B-4665-411C-BD19-58D119CD914B} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {81E292B7-5C24-410C-BF05-3E06BB70705E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {84CDBE1B-78BF-4E72-9AD4-E5E743370CF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-29] (Google Inc.)
Task: {850E4386-008F-4C09-9E6D-A202CFC4FFAA} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {91CF2EA4-15DB-4EFA-B3E5-737F8D082CDD} - System32\Tasks\MCP => C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28] ()
Task: {99213D24-5B83-4154-AF34-7616EE43150C} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2249936772-1821256715-1983083548-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2014-04-06] (RealNetworks, Inc.)
Task: {A15A9613-C16E-4ECF-B1B4-EDF4E9D9F31B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {ABEDDB39-5C35-4962-83D0-E5CA3B13F678} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {ADD5162A-CD91-4F43-AA18-2D52FD4D49C8} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {AE936F5D-5B89-4DA8-92D9-1F102A6BBCF5} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {AF059E20-63D5-412F-8786-8858E3DCDA02} - System32\Tasks\SamsungMagician => C:\Program Files\Samsung\Samsung Magician\Samsung Magician.exe [2014-05-19] (Samsung Electronics.)
Task: {C2B2F7CE-1707-45EB-B09A-3A6C8DAD7975} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-16] (Adobe Systems Incorporated)
Task: {D0FE5393-8DCF-4E90-B4C4-7FF185F0C5B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-29] (Google Inc.)
Task: {D84DF424-46D6-4836-B1B0-88DD056F1AD1} - System32\Tasks\4Team updater => C:\Program Files\4Team Corporation\4Team-Updater\4Team-Updater.exe [2014-06-10] ()
Task: {D87C8656-095C-466F-9FA6-1F9682A5F224} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {DE1EAA0C-31F4-4500-B7B3-D41369664F86} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {DE3BDAC8-02F2-46B6-91C9-AA28384F8D32} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {EA93E7E2-1FC2-4E6A-B823-270FADD4CC21} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files\Common Files\lenovo\SUP\sup_wermonitor_shim.exe [2014-09-01] ()
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-05-31 06:26 - 2011-05-31 06:26 - 00098304 _____ () C:\Windows\system32\DTS.exe
2012-04-25 10:46 - 2012-04-25 10:46 - 00126976 _____ () C:\Windows\System32\corelcreatorpm.dll
2012-12-04 06:14 - 2007-12-27 16:38 - 00094208 _____ () C:\Windows\System32\SamFaxPort.dll
2012-12-04 06:10 - 2007-08-14 02:01 - 00022723 _____ () C:\Windows\System32\sst1cl3.dll
2007-10-26 14:28 - 2007-10-26 14:28 - 00197408 _____ () C:\Windows\system32\vpnapi.dll
2014-04-06 22:00 - 2014-04-06 22:00 - 00039568 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-05-05 19:39 - 2014-05-05 19:39 - 00859224 _____ () c:\program files\real\realplayer\RPDS\Plugins\cldplin.dll
2014-04-07 02:06 - 2014-04-07 02:06 - 00023552 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
2012-11-28 05:38 - 2013-08-01 05:02 - 00094720 ____N () C:\Program Files\ThinkPad\Utilities\US\PWMRT32V.DLL
2012-12-29 20:28 - 2009-01-30 12:41 - 00503808 _____ () C:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe
2012-12-29 20:28 - 2008-06-26 03:45 - 00155648 _____ () C:\Windows\twain_32\Samsung\CLX3170\IMFilter.dll
2012-12-29 20:28 - 2008-06-26 03:46 - 01384520 _____ () C:\Windows\twain_32\Samsung\CLX3170\ssole.dll
2012-12-29 20:28 - 2008-06-26 03:45 - 00367104 _____ () C:\Windows\twain_32\Samsung\CLX3170\NetModule.dll
2014-07-16 15:22 - 2014-07-16 15:22 - 02056864 _____ () C:\Program Files\4Team Corporation\Sync2\cpprest110_xp_2_1.dll
2014-09-11 16:03 - 2014-09-11 16:03 - 00145920 _____ () C:\Program Files\4Team Corporation\Sync2\win8status_wrapper.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-09-11 16:03 - 2014-09-11 16:03 - 00128000 _____ () C:\Program Files\4Team Corporation\Sync2\google_tasks.dll
2014-10-16 14:37 - 2014-10-16 14:37 - 00186368 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\6f89b5b53fe8ec7cdda041b8a8fd99f4\Kies.Common.DeviceServiceLib.Interface.ni.dll
2014-10-16 14:38 - 2014-10-16 14:38 - 14993920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\04fbc79d0fd8ef7beb4df41de59f7580\Kies.Theme.ni.dll
2014-10-16 14:37 - 2014-10-16 14:37 - 01865728 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\595f727940c4532edbacd5cb1943335e\Kies.UI.ni.dll
2014-10-16 14:37 - 2014-10-16 14:37 - 00081920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\e8b2465977dafc28af412e4ae0caf712\Kies.MVVM.ni.dll
2014-10-16 12:37 - 2014-10-16 12:37 - 00236032 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\6815ff93472d008087880a6462931188\ASF_cSharpAPI.ni.dll
2014-10-29 22:43 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-29 22:43 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-29 22:43 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-29 22:43 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-11-18 09:41 - 2014-11-18 09:41 - 00043008 _____ () c:\users\szpeter\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfdjfmc.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\szpeter\AppData\Roaming\Dropbox\bin\libcef.dll
2014-10-22 10:29 - 2014-05-06 10:24 - 00013824 _____ () C:\Program Files\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2014-10-22 10:29 - 2014-05-19 19:20 - 00103424 _____ () C:\Program Files\Samsung\Samsung Magician\PAL.dll
2014-10-22 10:29 - 2014-05-19 19:20 - 00039424 _____ () C:\Program Files\Samsung\Samsung Magician\SATA.dll
2014-10-22 10:29 - 2014-05-19 19:19 - 00038400 _____ () C:\Program Files\Samsung\Samsung Magician\SAT.dll
2014-10-22 10:29 - 2014-05-19 19:20 - 00031232 _____ () C:\Program Files\Samsung\Samsung Magician\SMINI.dll
2014-10-22 10:29 - 2014-05-19 19:19 - 00029696 _____ () C:\Program Files\Samsung\Samsung Magician\SAS.dll
2014-11-18 09:41 - 2014-11-18 09:41 - 00098816 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\win32api.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00110080 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\pywintypes27.dll
2014-11-18 09:41 - 2014-11-18 09:41 - 00364544 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\pythoncom27.dll
2014-11-18 09:41 - 2014-11-18 09:41 - 00045568 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\_socket.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 01160704 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\_ssl.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00320512 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\win32com.shell.shell.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00713216 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\_hashlib.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 01175040 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\wx._core_.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00805888 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\wx._gdi_.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00811008 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\wx._windows_.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 01062400 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\wx._controls_.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00735232 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\wx._misc_.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00128512 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\_elementtree.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00127488 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\pyexpat.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00557056 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\pysqlite2._sqlite.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00087552 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\_ctypes.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00119808 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\win32file.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00108544 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\win32security.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00007168 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\hashobjs_ext.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00167936 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\win32gui.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00018432 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\win32event.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00038912 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\win32inet.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00011264 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\win32crypt.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00070656 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\wx._html2.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00027136 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\_multiprocessing.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00035840 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\win32process.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00686080 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\unicodedata.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00122368 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\wx._wizard.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00024064 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\win32pipe.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00025600 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\win32pdh.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00525640 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\windows._lib_cacheinvalidation.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00010240 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\select.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00017408 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\win32profile.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00022528 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\win32ts.pyd
2014-11-18 09:41 - 2014-11-18 09:41 - 00078336 _____ () C:\Users\szpeter\AppData\Local\Temp\_MEI49202\wx._animate.pyd
2013-02-14 14:46 - 2013-02-14 14:46 - 01044048 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2012-11-28 08:52 - 2014-02-19 07:50 - 00123536 ____C () C:\totalcmd\wcmzip32.dll
2012-11-29 11:28 - 2006-08-19 12:00 - 00125440 ____C () C:\Programs\WinRAR\rarext.dll
2012-11-28 08:52 - 2014-02-19 07:50 - 00218200 ____C () C:\totalcmd\UNRAR.DLL
2014-10-29 22:43 - 2014-10-22 05:05 - 14902600 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
2009-05-28 07:09 - 2009-05-28 07:09 - 00049976 _____ () C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\Windows\pss\Digital Line Detect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OKI LPR Utility.lnk => C:\Windows\pss\OKI LPR Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk => C:\Windows\pss\VPN Client.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^szpeter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupfolder: C:^Users^szpeter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 – Képernyőrész kivágása és gyorsindítás.lnk => C:\Windows\pss\OneNote 2010 – Képernyőrész kivágása és gyorsindítás.lnk.Startup
MSCONFIG\startupreg: ACSW17EN => "C:\Program Files\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe"
MSCONFIG\startupreg: AcWin7Hlpr => C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Bonus.SSR.FR11 => "C:\Programs\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: eSzignoTray => C:\Programs\Microsec\e-Szigno30\EszignoTray.exe                                                                                                                                                                                                                          
MSCONFIG\startupreg: FingerPrintSoftware => "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s
MSCONFIG\startupreg: FingerPrintSoftwareSplashScreen => "C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe" \s
MSCONFIG\startupreg: FPAppVisual => "C:\Program Files\Lenovo Fingerprint Software\FPApp.exe" \s
MSCONFIG\startupreg: GlobalProtect => "C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPA.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Programs\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Programs\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Programs\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Lenovo Registration => C:\Program Files\Lenovo Registration\LenovoReg.exe /boot
MSCONFIG\startupreg: LENOVO.TPKNRRES => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
MSCONFIG\startupreg: NBAgent => "C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: PHEW06EN => "C:\Program Files\ACD Systems\ACDSee Photo Editor 6\acdIDInTouch2.exe"
MSCONFIG\startupreg: PolkastLibrary => C:\Programs\Polkast\PolkastLibrary.exe "auto"
MSCONFIG\startupreg: QuickTime Task => "C:\Programs\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: UIExec => "C:\Programs\Telenor Internet\UIExec.exe"
 
========================= Accounts: ==========================
 
Rendszergazda (S-1-5-21-2249936772-1821256715-1983083548-500 - Administrator - Disabled)
szpeter (S-1-5-21-2249936772-1821256715-1983083548-1001 - Administrator - Enabled) => C:\Users\szpeter
Vendég (S-1-5-21-2249936772-1821256715-1983083548-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth perifériaeszköz
Description: Bluetooth perifériaeszköz
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth perifériaeszköz
Description: Bluetooth perifériaeszköz
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth perifériaeszköz
Description: Bluetooth perifériaeszköz
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Ericsson F3507g Mobile Broadband Minicard Composite Device
Description: Ericsson F3507g Mobile Broadband Minicard Composite Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth perifériaeszköz
Description: Bluetooth perifériaeszköz
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/18/2014 11:11:39 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Nem sikerült a visszaállítási pont létrehozása (Folyamat = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Leírás = Ütemezett ellenőrzési pont; Hiba = 0x80070422).
 
Error: (11/18/2014 09:55:44 AM) (Source: VSTO 4.0) (EventID: 4096) (User: )
Description: Customization URI: file:///C:/Program Files/Common Files/Microsoft Shared/VSTA/Pipeline.v10.0/PipelineSegments.store
Exception: Kivétel keletkezett a jegyzék beolvasásakor a(z) file:///C:/Program%20Files/Common%20Files/Microsoft%20Shared/VSTA/Pipeline.v10.0/PipelineSegments.store forrásból. A jegyzék érvénytelen, vagy nem nyitható meg a fájl.
 
 
************** Exception Text **************
System.Deployment.Application.InvalidDeploymentException: Kivétel keletkezett a jegyzék beolvasásakor a(z) file:///C:/Program%20Files/Common%20Files/Microsoft%20Shared/VSTA/Pipeline.v10.0/PipelineSegments.store forrásból. A jegyzék érvénytelen, vagy nem nyitható meg a fájl. ---> System.Xml.XmlException: A(z) „” (hexadecimális érték: 0x01) érvénytelen karakter. Sor: 1, pozíció: 1.
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(Exception e)
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(String res, String[] args)
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(Int32 pos, String res, String[] args)
   a következő helyen: System.Xml.XmlTextReaderImpl.ThrowInvalidChar(Int32 pos, Char invChar)
   a következő helyen: System.Xml.XmlTextReaderImpl.ParseRootLevelWhitespace()
   a következő helyen: System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   a következő helyen: System.Xml.XmlTextReaderImpl.Read()
   a következő helyen: System.Xml.XmlTextReader.Read()
   a következő helyen: System.Deployment.Application.ManifestValidatingReader.XmlFilteredReader.Read()
   a következő helyen: System.Xml.XmlCharCheckingReader.Read()
   a következő helyen: System.Xml.XsdValidatingReader.Read()
   a következő helyen: System.Deployment.Application.ManifestReader.FromDocument(String localPath, ManifestType manifestType, Uri sourceUri)
   --- Vége a belső kivételek veremkivonatának ---
   a következő helyen: Microsoft.VisualStudio.Tools.Applications.Deployment.ClickOnceAddInDeploymentManager.GetManifests(TimeSpan timeout)
   a következő helyen: Microsoft.VisualStudio.Tools.Applications.Deployment.ClickOnceAddInDeploymentManager.InstallAddIn()
 
 
************** Loaded Assemblies **************
mscorlib
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Office.Runtime.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Office.Runtime.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.dll
----------------------------------------
System
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System/2.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
System.Core
    Assembly Version: 3.5.0.0
    Win32 Version: 3.5.30729.5420 built by: Win7SP1
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Core/3.5.0.0__b77a5c561934e089/System.Core.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.dll
----------------------------------------
System.AddIn
    Assembly Version: 3.5.0.0
    Win32 Version: 3.5.30729.5446 built by: Win7SP1GDR
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.AddIn/3.5.0.0__b77a5c561934e089/System.AddIn.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0
    Assembly Version: 9.0.0.0
    Win32 Version: 9.0.30729.7079
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0/9.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll
----------------------------------------
System.AddIn.Contract
    Assembly Version: 2.0.0.0
    Win32 Version: 3.5.30729.5420 built by: Win7SP1
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.AddIn.Contract/2.0.0.0__b03f5f7f11d50a3a/System.AddIn.Contract.dll
----------------------------------------
Microsoft.Office.Tools.Common.v9.0
    Assembly Version: 9.0.0.0
    Win32 Version: 9.0.30729.7079
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.Office.Tools.Common.v9.0/9.0.0.0__b03f5f7f11d50a3a/Microsoft.Office.Tools.Common.v9.0.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll
----------------------------------------
System.Windows.Forms
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Windows.Forms/2.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System.Drawing
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Drawing/2.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
System.Deployment
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5488 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Deployment/2.0.0.0__b03f5f7f11d50a3a/System.Deployment.dll
----------------------------------------
System.Configuration
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Configuration/2.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
----------------------------------------
System.Xml
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Xml/2.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
mscorlib.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
----------------------------------------
System.XML.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5420 (Win7SP1.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Xml.resources/2.0.0.0_hu_b77a5c561934e089/System.Xml.resources.dll
----------------------------------------
System.Deployment.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5420 (Win7SP1.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Deployment.resources/2.0.0.0_hu_b03f5f7f11d50a3a/System.Deployment.resources.dll
----------------------------------------
 
Error: (11/18/2014 09:52:16 AM) (Source: VSTO 4.0) (EventID: 4096) (User: )
Description: Customization URI: file:///C:/Program Files/Common Files/Microsoft Shared/VSTA/Pipeline.v10.0/PipelineSegments.store
Exception: Kivétel keletkezett a jegyzék beolvasásakor a(z) file:///C:/Program%20Files/Common%20Files/Microsoft%20Shared/VSTA/Pipeline.v10.0/PipelineSegments.store forrásból. A jegyzék érvénytelen, vagy nem nyitható meg a fájl.
 
 
************** Exception Text **************
System.Deployment.Application.InvalidDeploymentException: Kivétel keletkezett a jegyzék beolvasásakor a(z) file:///C:/Program%20Files/Common%20Files/Microsoft%20Shared/VSTA/Pipeline.v10.0/PipelineSegments.store forrásból. A jegyzék érvénytelen, vagy nem nyitható meg a fájl. ---> System.Xml.XmlException: A(z) „” (hexadecimális érték: 0x01) érvénytelen karakter. Sor: 1, pozíció: 1.
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(Exception e)
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(String res, String[] args)
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(Int32 pos, String res, String[] args)
   a következő helyen: System.Xml.XmlTextReaderImpl.ThrowInvalidChar(Int32 pos, Char invChar)
   a következő helyen: System.Xml.XmlTextReaderImpl.ParseRootLevelWhitespace()
   a következő helyen: System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   a következő helyen: System.Xml.XmlTextReaderImpl.Read()
   a következő helyen: System.Xml.XmlTextReader.Read()
   a következő helyen: System.Deployment.Application.ManifestValidatingReader.XmlFilteredReader.Read()
   a következő helyen: System.Xml.XmlCharCheckingReader.Read()
   a következő helyen: System.Xml.XsdValidatingReader.Read()
   a következő helyen: System.Deployment.Application.ManifestReader.FromDocument(String localPath, ManifestType manifestType, Uri sourceUri)
   --- Vége a belső kivételek veremkivonatának ---
   a következő helyen: Microsoft.VisualStudio.Tools.Applications.Deployment.ClickOnceAddInDeploymentManager.GetManifests(TimeSpan timeout)
   a következő helyen: Microsoft.VisualStudio.Tools.Applications.Deployment.ClickOnceAddInDeploymentManager.InstallAddIn()
 
 
************** Loaded Assemblies **************
mscorlib
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Office.Runtime.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Office.Runtime.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.dll
----------------------------------------
System
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System/2.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
System.Core
    Assembly Version: 3.5.0.0
    Win32 Version: 3.5.30729.5420 built by: Win7SP1
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Core/3.5.0.0__b77a5c561934e089/System.Core.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.dll
----------------------------------------
System.AddIn
    Assembly Version: 3.5.0.0
    Win32 Version: 3.5.30729.5446 built by: Win7SP1GDR
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.AddIn/3.5.0.0__b77a5c561934e089/System.AddIn.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0
    Assembly Version: 9.0.0.0
    Win32 Version: 9.0.30729.7079
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0/9.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll
----------------------------------------
System.AddIn.Contract
    Assembly Version: 2.0.0.0
    Win32 Version: 3.5.30729.5420 built by: Win7SP1
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.AddIn.Contract/2.0.0.0__b03f5f7f11d50a3a/System.AddIn.Contract.dll
----------------------------------------
Microsoft.Office.Tools.Common.v9.0
    Assembly Version: 9.0.0.0
    Win32 Version: 9.0.30729.7079
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.Office.Tools.Common.v9.0/9.0.0.0__b03f5f7f11d50a3a/Microsoft.Office.Tools.Common.v9.0.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll
----------------------------------------
System.Windows.Forms
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Windows.Forms/2.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System.Drawing
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Drawing/2.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
System.Deployment
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5488 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Deployment/2.0.0.0__b03f5f7f11d50a3a/System.Deployment.dll
----------------------------------------
System.Configuration
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Configuration/2.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
----------------------------------------
System.Xml
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Xml/2.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
mscorlib.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
----------------------------------------
System.XML.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5420 (Win7SP1.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Xml.resources/2.0.0.0_hu_b77a5c561934e089/System.Xml.resources.dll
----------------------------------------
System.Deployment.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5420 (Win7SP1.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Deployment.resources/2.0.0.0_hu_b03f5f7f11d50a3a/System.Deployment.resources.dll
----------------------------------------
 
Error: (11/18/2014 09:21:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: A hibát okozó alkalmazás neve: AssistantServices.exe, verzió: 0.0.0.0, időbélyeg: 0x4dae4c53
A hibát okozó modul neve: AssistantServices.exe, verzió: 0.0.0.0, időbélyeg: 0x4dae4c53
Kivételkód: 0xc0000417
Hiba pozíciója: 0x000147ce
A hibát okozó folyamat azonosítója: 0xdfc
A hibát okozó alkalmazás indításának időpontja: 0xAssistantServices.exe0
A hibát okozó alkalmazás elérési útja: AssistantServices.exe1
A hibát okozó modul elérési útja: AssistantServices.exe2
Jelentés azonosítója: AssistantServices.exe3
 
Error: (11/18/2014 09:21:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/18/2014 08:00:20 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Nem sikerült a visszaállítási pont létrehozása (Folyamat = C:\Windows\system32\msiexec.exe /V; Leírás = Eltávolítva AVG 2015; Hiba = 0x80070422).
 
Error: (11/18/2014 08:00:19 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Nem sikerült a visszaállítási pont létrehozása (Folyamat = C:\Windows\system32\msiexec.exe /V; Leírás = Removed AVG 2015; Hiba = 0x80070422).
 
Error: (11/18/2014 07:56:41 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Nem sikerült a visszaállítási pont létrehozása (Folyamat = C:\Windows\system32\msiexec.exe /V; Leírás = Eltávolítva AVG 2015; Hiba = 0x80070422).
 
Error: (11/18/2014 07:55:14 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Nem sikerült a visszaállítási pont létrehozása (Folyamat = C:\Windows\system32\msiexec.exe /V; Leírás = Removed AVG 2015; Hiba = 0x80070422).
 
Error: (11/18/2014 07:34:36 AM) (Source: VSTO 4.0) (EventID: 4096) (User: )
Description: Customization URI: file:///C:/Program Files/Common Files/Microsoft Shared/VSTA/Pipeline.v10.0/PipelineSegments.store
Exception: Kivétel keletkezett a jegyzék beolvasásakor a(z) file:///C:/Program%20Files/Common%20Files/Microsoft%20Shared/VSTA/Pipeline.v10.0/PipelineSegments.store forrásból. A jegyzék érvénytelen, vagy nem nyitható meg a fájl.
 
 
************** Exception Text **************
System.Deployment.Application.InvalidDeploymentException: Kivétel keletkezett a jegyzék beolvasásakor a(z) file:///C:/Program%20Files/Common%20Files/Microsoft%20Shared/VSTA/Pipeline.v10.0/PipelineSegments.store forrásból. A jegyzék érvénytelen, vagy nem nyitható meg a fájl. ---> System.Xml.XmlException: A(z) „” (hexadecimális érték: 0x01) érvénytelen karakter. Sor: 1, pozíció: 1.
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(Exception e)
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(String res, String[] args)
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(Int32 pos, String res, String[] args)
   a következő helyen: System.Xml.XmlTextReaderImpl.ThrowInvalidChar(Int32 pos, Char invChar)
   a következő helyen: System.Xml.XmlTextReaderImpl.ParseRootLevelWhitespace()
   a következő helyen: System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   a következő helyen: System.Xml.XmlTextReaderImpl.Read()
   a következő helyen: System.Xml.XmlTextReader.Read()
   a következő helyen: System.Deployment.Application.ManifestValidatingReader.XmlFilteredReader.Read()
   a következő helyen: System.Xml.XmlCharCheckingReader.Read()
   a következő helyen: System.Xml.XsdValidatingReader.Read()
   a következő helyen: System.Deployment.Application.ManifestReader.FromDocument(String localPath, ManifestType manifestType, Uri sourceUri)
   --- Vége a belső kivételek veremkivonatának ---
   a következő helyen: Microsoft.VisualStudio.Tools.Applications.Deployment.ClickOnceAddInDeploymentManager.GetManifests(TimeSpan timeout)
   a következő helyen: Microsoft.VisualStudio.Tools.Applications.Deployment.ClickOnceAddInDeploymentManager.InstallAddIn()
 
 
************** Loaded Assemblies **************
mscorlib
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Office.Runtime.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Office.Runtime.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.dll
----------------------------------------
System
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System/2.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
System.Core
    Assembly Version: 3.5.0.0
    Win32 Version: 3.5.30729.5420 built by: Win7SP1
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Core/3.5.0.0__b77a5c561934e089/System.Core.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.dll
----------------------------------------
System.AddIn
    Assembly Version: 3.5.0.0
    Win32 Version: 3.5.30729.5446 built by: Win7SP1GDR
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.AddIn/3.5.0.0__b77a5c561934e089/System.AddIn.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0
    Assembly Version: 9.0.0.0
    Win32 Version: 9.0.30729.7079
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0/9.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll
----------------------------------------
System.AddIn.Contract
    Assembly Version: 2.0.0.0
    Win32 Version: 3.5.30729.5420 built by: Win7SP1
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.AddIn.Contract/2.0.0.0__b03f5f7f11d50a3a/System.AddIn.Contract.dll
----------------------------------------
Microsoft.Office.Tools.Common.v9.0
    Assembly Version: 9.0.0.0
    Win32 Version: 9.0.30729.7079
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.Office.Tools.Common.v9.0/9.0.0.0__b03f5f7f11d50a3a/Microsoft.Office.Tools.Common.v9.0.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll
----------------------------------------
System.Windows.Forms
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Windows.Forms/2.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System.Drawing
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Drawing/2.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
System.Deployment
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5488 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Deployment/2.0.0.0__b03f5f7f11d50a3a/System.Deployment.dll
----------------------------------------
System.Configuration
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Configuration/2.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
----------------------------------------
System.Xml
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Xml/2.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
mscorlib.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
----------------------------------------
System.XML.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5420 (Win7SP1.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Xml.resources/2.0.0.0_hu_b77a5c561934e089/System.Xml.resources.dll
----------------------------------------
System.Deployment.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5420 (Win7SP1.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Deployment.resources/2.0.0.0_hu_b03f5f7f11d50a3a/System.Deployment.resources.dll
----------------------------------------
 
 
System errors:
=============
Error: (11/18/2014 09:21:36 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: A következő boot- vagy rendszerindító illesztőprogram(ok) nem indult(ak) el: 
cdrom
 
Error: (11/18/2014 09:21:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: A szolgáltatás (UI Assistant Service) a következő hiba következtében leállt: 
%%1053
 
Error: (11/18/2014 09:21:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Letelt egy időkorlát (30000 ms) a(z) UI Assistant Service szolgáltatás kapcsolódására való várakozás közben.
 
Error: (11/18/2014 09:21:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: A szolgáltatás (DgiVecp) a következő hiba következtében leállt: 
%%20
 
Error: (11/18/2014 09:21:02 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: A(z) \\?\Volume{9f6c5cd8-59d3-11e4-8977-806e6f6e6963} kötet alapértelmezett tranzakciós erőforrás-kezelője hibát talált indulás közben, és nem tudott elindulni. Az adatok tartalmazzák a hibakódot.
 
Error: (11/18/2014 08:17:47 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: A szolgáltatás (Data Transfer Service) a következő érvénytelen állapotot jelentette: 0.
 
Error: (11/18/2014 07:19:38 AM) (Source: TermService) (EventID: 1067) (User: )
Description: A terminálkiszolgáló nem tudja regisztrálni a 'TERMSRV' egyszerű szolgáltatásnevet kiszolgálóhitelesítéshez. A következő hiba történt: A megadott tartomány vagy nem létezik, vagy nem lehet csatlakozni hozzá.
.
 
Error: (11/17/2014 08:50:00 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: A csoportházirend feldolgozása sikertelen, mert nem áll fenn hálózati kapcsolat egy tartományvezérlővel. Ez az állapot átmeneti is lehet. Amint a gép kapcsolatot teremt a tartományvezérlővel, és sikerül feldolgozni a csoportházirendet, a sikerre vonatkozó üzenet fog generálódni. Ha több órán át nem látható sikerességi üzenet, forduljon a rendszergazdához.
 
Error: (11/17/2014 07:17:06 PM) (Source: TermService) (EventID: 1067) (User: )
Description: A terminálkiszolgáló nem tudja regisztrálni a 'TERMSRV' egyszerű szolgáltatásnevet kiszolgálóhitelesítéshez. A következő hiba történt: A megadott tartomány vagy nem létezik, vagy nem lehet csatlakozni hozzá.
.
 
Error: (11/17/2014 07:14:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: A következő boot- vagy rendszerindító illesztőprogram(ok) nem indult(ak) el: 
cdrom
 
 
Microsoft Office Sessions:
=========================
Error: (11/18/2014 11:11:39 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationÜtemezett ellenőrzési pont0x80070422
 
Error: (11/18/2014 09:55:44 AM) (Source: VSTO 4.0) (EventID: 4096) (User: )
Description: Customization URI: file:///C:/Program Files/Common Files/Microsoft Shared/VSTA/Pipeline.v10.0/PipelineSegments.store
Exception: Kivétel keletkezett a jegyzék beolvasásakor a(z) file:///C:/Program%20Files/Common%20Files/Microsoft%20Shared/VSTA/Pipeline.v10.0/PipelineSegments.store forrásból. A jegyzék érvénytelen, vagy nem nyitható meg a fájl.
 
 
************** Exception Text **************
System.Deployment.Application.InvalidDeploymentException: Kivétel keletkezett a jegyzék beolvasásakor a(z) file:///C:/Program%20Files/Common%20Files/Microsoft%20Shared/VSTA/Pipeline.v10.0/PipelineSegments.store forrásból. A jegyzék érvénytelen, vagy nem nyitható meg a fájl. ---> System.Xml.XmlException: A(z) „” (hexadecimális érték: 0x01) érvénytelen karakter. Sor: 1, pozíció: 1.
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(Exception e)
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(String res, String[] args)
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(Int32 pos, String res, String[] args)
   a következő helyen: System.Xml.XmlTextReaderImpl.ThrowInvalidChar(Int32 pos, Char invChar)
   a következő helyen: System.Xml.XmlTextReaderImpl.ParseRootLevelWhitespace()
   a következő helyen: System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   a következő helyen: System.Xml.XmlTextReaderImpl.Read()
   a következő helyen: System.Xml.XmlTextReader.Read()
   a következő helyen: System.Deployment.Application.ManifestValidatingReader.XmlFilteredReader.Read()
   a következő helyen: System.Xml.XmlCharCheckingReader.Read()
   a következő helyen: System.Xml.XsdValidatingReader.Read()
   a következő helyen: System.Deployment.Application.ManifestReader.FromDocument(String localPath, ManifestType manifestType, Uri sourceUri)
   --- Vége a belső kivételek veremkivonatának ---
   a következő helyen: Microsoft.VisualStudio.Tools.Applications.Deployment.ClickOnceAddInDeploymentManager.GetManifests(TimeSpan timeout)
   a következő helyen: Microsoft.VisualStudio.Tools.Applications.Deployment.ClickOnceAddInDeploymentManager.InstallAddIn()
 
 
************** Loaded Assemblies **************
mscorlib
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Office.Runtime.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Office.Runtime.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.dll
----------------------------------------
System
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System/2.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
System.Core
    Assembly Version: 3.5.0.0
    Win32 Version: 3.5.30729.5420 built by: Win7SP1
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Core/3.5.0.0__b77a5c561934e089/System.Core.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.dll
----------------------------------------
System.AddIn
    Assembly Version: 3.5.0.0
    Win32 Version: 3.5.30729.5446 built by: Win7SP1GDR
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.AddIn/3.5.0.0__b77a5c561934e089/System.AddIn.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0
    Assembly Version: 9.0.0.0
    Win32 Version: 9.0.30729.7079
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0/9.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll
----------------------------------------
System.AddIn.Contract
    Assembly Version: 2.0.0.0
    Win32 Version: 3.5.30729.5420 built by: Win7SP1
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.AddIn.Contract/2.0.0.0__b03f5f7f11d50a3a/System.AddIn.Contract.dll
----------------------------------------
Microsoft.Office.Tools.Common.v9.0
    Assembly Version: 9.0.0.0
    Win32 Version: 9.0.30729.7079
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.Office.Tools.Common.v9.0/9.0.0.0__b03f5f7f11d50a3a/Microsoft.Office.Tools.Common.v9.0.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll
----------------------------------------
System.Windows.Forms
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Windows.Forms/2.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System.Drawing
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Drawing/2.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
System.Deployment
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5488 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Deployment/2.0.0.0__b03f5f7f11d50a3a/System.Deployment.dll
----------------------------------------
System.Configuration
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Configuration/2.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
----------------------------------------
System.Xml
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Xml/2.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
mscorlib.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
----------------------------------------
System.XML.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5420 (Win7SP1.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Xml.resources/2.0.0.0_hu_b77a5c561934e089/System.Xml.resources.dll
----------------------------------------
System.Deployment.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5420 (Win7SP1.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Deployment.resources/2.0.0.0_hu_b03f5f7f11d50a3a/System.Deployment.resources.dll
----------------------------------------
 
Error: (11/18/2014 09:52:16 AM) (Source: VSTO 4.0) (EventID: 4096) (User: )
Description: Customization URI: file:///C:/Program Files/Common Files/Microsoft Shared/VSTA/Pipeline.v10.0/PipelineSegments.store
Exception: Kivétel keletkezett a jegyzék beolvasásakor a(z) file:///C:/Program%20Files/Common%20Files/Microsoft%20Shared/VSTA/Pipeline.v10.0/PipelineSegments.store forrásból. A jegyzék érvénytelen, vagy nem nyitható meg a fájl.
 
 
************** Exception Text **************
System.Deployment.Application.InvalidDeploymentException: Kivétel keletkezett a jegyzék beolvasásakor a(z) file:///C:/Program%20Files/Common%20Files/Microsoft%20Shared/VSTA/Pipeline.v10.0/PipelineSegments.store forrásból. A jegyzék érvénytelen, vagy nem nyitható meg a fájl. ---> System.Xml.XmlException: A(z) „” (hexadecimális érték: 0x01) érvénytelen karakter. Sor: 1, pozíció: 1.
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(Exception e)
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(String res, String[] args)
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(Int32 pos, String res, String[] args)
   a következő helyen: System.Xml.XmlTextReaderImpl.ThrowInvalidChar(Int32 pos, Char invChar)
   a következő helyen: System.Xml.XmlTextReaderImpl.ParseRootLevelWhitespace()
   a következő helyen: System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   a következő helyen: System.Xml.XmlTextReaderImpl.Read()
   a következő helyen: System.Xml.XmlTextReader.Read()
   a következő helyen: System.Deployment.Application.ManifestValidatingReader.XmlFilteredReader.Read()
   a következő helyen: System.Xml.XmlCharCheckingReader.Read()
   a következő helyen: System.Xml.XsdValidatingReader.Read()
   a következő helyen: System.Deployment.Application.ManifestReader.FromDocument(String localPath, ManifestType manifestType, Uri sourceUri)
   --- Vége a belső kivételek veremkivonatának ---
   a következő helyen: Microsoft.VisualStudio.Tools.Applications.Deployment.ClickOnceAddInDeploymentManager.GetManifests(TimeSpan timeout)
   a következő helyen: Microsoft.VisualStudio.Tools.Applications.Deployment.ClickOnceAddInDeploymentManager.InstallAddIn()
 
 
************** Loaded Assemblies **************
mscorlib
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Office.Runtime.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Office.Runtime.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.dll
----------------------------------------
System
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System/2.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
System.Core
    Assembly Version: 3.5.0.0
    Win32 Version: 3.5.30729.5420 built by: Win7SP1
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Core/3.5.0.0__b77a5c561934e089/System.Core.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.dll
----------------------------------------
System.AddIn
    Assembly Version: 3.5.0.0
    Win32 Version: 3.5.30729.5446 built by: Win7SP1GDR
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.AddIn/3.5.0.0__b77a5c561934e089/System.AddIn.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0
    Assembly Version: 9.0.0.0
    Win32 Version: 9.0.30729.7079
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0/9.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll
----------------------------------------
System.AddIn.Contract
    Assembly Version: 2.0.0.0
    Win32 Version: 3.5.30729.5420 built by: Win7SP1
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.AddIn.Contract/2.0.0.0__b03f5f7f11d50a3a/System.AddIn.Contract.dll
----------------------------------------
Microsoft.Office.Tools.Common.v9.0
    Assembly Version: 9.0.0.0
    Win32 Version: 9.0.30729.7079
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.Office.Tools.Common.v9.0/9.0.0.0__b03f5f7f11d50a3a/Microsoft.Office.Tools.Common.v9.0.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll
----------------------------------------
System.Windows.Forms
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Windows.Forms/2.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System.Drawing
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Drawing/2.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
System.Deployment
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5488 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Deployment/2.0.0.0__b03f5f7f11d50a3a/System.Deployment.dll
----------------------------------------
System.Configuration
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Configuration/2.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
----------------------------------------
System.Xml
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Xml/2.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
mscorlib.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
----------------------------------------
System.XML.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5420 (Win7SP1.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Xml.resources/2.0.0.0_hu_b77a5c561934e089/System.Xml.resources.dll
----------------------------------------
System.Deployment.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5420 (Win7SP1.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Deployment.resources/2.0.0.0_hu_b03f5f7f11d50a3a/System.Deployment.resources.dll
----------------------------------------
 
Error: (11/18/2014 09:21:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AssistantServices.exe0.0.0.04dae4c53AssistantServices.exe0.0.0.04dae4c53c0000417000147cedfc01d00308a072e6b2C:\Programs\Telenor Internet\AssistantServices.exeC:\Programs\Telenor Internet\AssistantServices.exee75403e2-6efb-11e4-8fc7-a40d66688b25
 
Error: (11/18/2014 09:21:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/18/2014 08:00:20 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VEltávolítva AVG 20150x80070422
 
Error: (11/18/2014 08:00:19 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved AVG 20150x80070422
 
Error: (11/18/2014 07:56:41 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VEltávolítva AVG 20150x80070422
 
Error: (11/18/2014 07:55:14 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved AVG 20150x80070422
 
Error: (11/18/2014 07:34:36 AM) (Source: VSTO 4.0) (EventID: 4096) (User: )
Description: Customization URI: file:///C:/Program Files/Common Files/Microsoft Shared/VSTA/Pipeline.v10.0/PipelineSegments.store
Exception: Kivétel keletkezett a jegyzék beolvasásakor a(z) file:///C:/Program%20Files/Common%20Files/Microsoft%20Shared/VSTA/Pipeline.v10.0/PipelineSegments.store forrásból. A jegyzék érvénytelen, vagy nem nyitható meg a fájl.
 
 
************** Exception Text **************
System.Deployment.Application.InvalidDeploymentException: Kivétel keletkezett a jegyzék beolvasásakor a(z) file:///C:/Program%20Files/Common%20Files/Microsoft%20Shared/VSTA/Pipeline.v10.0/PipelineSegments.store forrásból. A jegyzék érvénytelen, vagy nem nyitható meg a fájl. ---> System.Xml.XmlException: A(z) „” (hexadecimális érték: 0x01) érvénytelen karakter. Sor: 1, pozíció: 1.
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(Exception e)
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(String res, String[] args)
   a következő helyen: System.Xml.XmlTextReaderImpl.Throw(Int32 pos, String res, String[] args)
   a következő helyen: System.Xml.XmlTextReaderImpl.ThrowInvalidChar(Int32 pos, Char invChar)
   a következő helyen: System.Xml.XmlTextReaderImpl.ParseRootLevelWhitespace()
   a következő helyen: System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   a következő helyen: System.Xml.XmlTextReaderImpl.Read()
   a következő helyen: System.Xml.XmlTextReader.Read()
   a következő helyen: System.Deployment.Application.ManifestValidatingReader.XmlFilteredReader.Read()
   a következő helyen: System.Xml.XmlCharCheckingReader.Read()
   a következő helyen: System.Xml.XsdValidatingReader.Read()
   a következő helyen: System.Deployment.Application.ManifestReader.FromDocument(String localPath, ManifestType manifestType, Uri sourceUri)
   --- Vége a belső kivételek veremkivonatának ---
   a következő helyen: Microsoft.VisualStudio.Tools.Applications.Deployment.ClickOnceAddInDeploymentManager.GetManifests(TimeSpan timeout)
   a következő helyen: Microsoft.VisualStudio.Tools.Applications.Deployment.ClickOnceAddInDeploymentManager.InstallAddIn()
 
 
************** Loaded Assemblies **************
mscorlib
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Office.Runtime.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Office.Runtime.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.dll
----------------------------------------
System
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System/2.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
System.Core
    Assembly Version: 3.5.0.0
    Win32 Version: 3.5.30729.5420 built by: Win7SP1
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Core/3.5.0.0__b77a5c561934e089/System.Core.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.dll
----------------------------------------
System.AddIn
    Assembly Version: 3.5.0.0
    Win32 Version: 3.5.30729.5446 built by: Win7SP1GDR
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.AddIn/3.5.0.0__b77a5c561934e089/System.AddIn.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0
    Assembly Version: 9.0.0.0
    Win32 Version: 9.0.30729.7079
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0/9.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll
----------------------------------------
System.AddIn.Contract
    Assembly Version: 2.0.0.0
    Win32 Version: 3.5.30729.5420 built by: Win7SP1
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.AddIn.Contract/2.0.0.0__b03f5f7f11d50a3a/System.AddIn.Contract.dll
----------------------------------------
Microsoft.Office.Tools.Common.v9.0
    Assembly Version: 9.0.0.0
    Win32 Version: 9.0.30729.7079
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.Office.Tools.Common.v9.0/9.0.0.0__b03f5f7f11d50a3a/Microsoft.Office.Tools.Common.v9.0.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.50903.0
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0/10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll
----------------------------------------
System.Windows.Forms
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Windows.Forms/2.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System.Drawing
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Drawing/2.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
System.Deployment
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5488 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Deployment/2.0.0.0__b03f5f7f11d50a3a/System.Deployment.dll
----------------------------------------
System.Configuration
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5483 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Configuration/2.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
----------------------------------------
System.Xml
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Xml/2.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
mscorlib.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5485 (Win7SP1GDR.050727-5400)
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
----------------------------------------
System.XML.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5420 (Win7SP1.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Xml.resources/2.0.0.0_hu_b77a5c561934e089/System.Xml.resources.dll
----------------------------------------
System.Deployment.resources
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.5420 (Win7SP1.050727-5400)
    CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Deployment.resources/2.0.0.0_hu_b03f5f7f11d50a3a/System.Deployment.resources.dll
----------------------------------------
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU T6670 @ 2.20GHz
Percentage of memory in use: 57%
Total physical RAM: 3032.03 MB
Available physical RAM: 1290.4 MB
Total Pagefile: 6062.35 MB
Available Pagefile: 3325.48 MB
Total Virtual: 2047.88 MB
Available Virtual: 1876.46 MB
 
==================== Drives ================================
 
Drive c: (Windows7) (Fixed) (Total:238.37 GB) (Free:132.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (WinNER) (Fixed) (Total:906.12 GB) (Free:557.37 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 643EDBBF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: C56E6118)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42)
 
==================== End Of Log ============================


#3 Szindbad

Szindbad
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 18 November 2014 - 10:16 AM

ark.txt

 

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-11-18 14:53:22
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Samsung_ rev.EXM0 238,47GB
Running: 0e5xrj62.exe; Driver: C:\Users\szpeter\AppData\Local\Temp\kwtiypob.sys
 
 
---- Devices - GMER 2.1 ----
 
Device  \Driver\kbdclass \Device\KeyboardClass0                                                          Tppwr32v.sys
Device  \Driver\kbdclass \Device\KeyboardClass1                                                          Tppwr32v.sys
Device  \Driver\BTHUSB \Device\00000090                                                                  bthport.sys
Device  \Driver\BTHUSB \Device\00000092                                                                  bthport.sys
 
---- Registry - GMER 2.1 ----
 
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\506313c9ecea                      
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\506313c9ecea@bc20a401f98d         0x65 0x47 0x67 0x88 ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\889ffaf444f6                      
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\506313c9ecea (not active ControlSet)  
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\506313c9ecea@bc20a401f98d             0x65 0x47 0x67 0x88 ...
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\889ffaf444f6 (not active ControlSet)  
Reg     HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update@NextSqmReportTime       2014-11-18 13:40:31
Reg     HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active               
Reg     HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active@97884C45      1257
 
---- EOF - GMER 2.1 ----
 
TDSS Killer log attached
 
 

Attached Files



#4 Szindbad

Szindbad
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 18 November 2014 - 10:20 AM

Please help me if possible, it would be great if some of the corrupted files could be recovered and I am afraid of being still infected, though Security Essentials and AVG didn't show any result

 

Best regards

 

Peter



#5 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,620 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:13 PM

Posted 23 November 2014 - 10:05 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/556646 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#6 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,620 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:13 PM

Posted 28 November 2014 - 10:10 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users