Problém s Norton AV a internetom

Zpráva

Brandon · #1 Příspěvek od **Brandon** » 16 črc 2010 15:07

Nazdar!

Dnes sa mi stalo, ze Norton AV 2010 sa nechcel aktualizovat .. pisal ze neni aktualna databaza ale ziadne aktualizacie nenasiel http://img249.imageshack.us/i/nortonq.jpg/

Tiez mi nesla vatcsina web stranok. No po restarte uz bolo vsetko OK. Napriek tomu

Logfile of random's system information tool 1.08 (written by random/random)
Run by Brandoo at 2010-07-16 15:44:41
Microsoft Windows 7 Ultimate
System drive C: has 21 GB (14%) free of 154 GB
Total RAM: 2046 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:44:45 PM, on 7/16/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Users\Brandoo\Desktop\IDM\IDMan.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\AIMP2\AIMP2.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\ICQ7.2\ICQ.exe
C:\Program Files\trend micro\Brandoo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Users\Brandoo\Desktop\IDM\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MSIAfterburner] "C:\Program Files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe" /s
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [IDMan] C:\Users\Brandoo\Desktop\IDM\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download all links with IDM - C:\Users\Brandoo\Desktop\IDM\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Users\Brandoo\Desktop\IDM\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Users\Brandoo\Desktop\IDM\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Cacheman Service (CachemanService) - Unknown owner - C:\Program Files (x86)\Cacheman\CachemanServ.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8001 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe" /s "NAV" /m "C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\diMaster.dll" /prefetch:1
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Users\Brandoo\Desktop\IDM\IDMan.exe" /onboot
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe" /c /a /s UserSession
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3848.a0c7820.405932398 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 3848 plugin \\.\pipe\gecko-crash-server-pipe.3848
"C:\Program Files (x86)\AIMP2\AIMP2.exe"
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play /Device:AudioCD
"C:\Program Files (x86)\ICQ7.2\ICQ.exe"
C:\Windows\system32\sppsvc.exe
"C:\Users\Brandoo\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-09 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Users\Brandoo\Desktop\IDM\IDMIECC.dll [2010-06-28 193968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL [2010-05-14 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-09 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-30 10806816]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-11 2345848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"IDMan"=C:\Users\Brandoo\Desktop\IDM\IDMan.exe [2010-05-26 3220912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RAMSaverPro]
C:\Program Files (x86)\WinTools Software\RAM Saver Professional\ramsaverpro.exe [2010-02-02 200224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-27 98304]
"MSIAfterburner"=C:\Program Files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe [2010-06-07 44344]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-07-27 13:34:25 ----RA---- C:\Windows\system32\drivers\SymIMV.sys
2010-07-27 13:33:35 ----D---- C:\Users\Brandoo\AppData\Roaming\Tific
2010-07-16 15:44:41 ----D---- C:\rsit
2010-07-16 15:44:41 ----D---- C:\Program Files\trend micro
2010-07-14 12:46:18 ----A---- C:\Windows\system32\cdd.dll
2010-07-14 09:36:08 ----D---- C:\Program Files (x86)\UnH Solutions
2010-07-02 23:20:37 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2010-07-02 23:20:34 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2010-07-02 23:20:34 ----A---- C:\Windows\SYSWOW64\pbsvc_apb.exe
2010-07-02 23:19:38 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-07-01 19:24:07 ----A---- C:\Windows\SYSWOW64\mkl_vml_p4.dll
2010-07-01 19:24:07 ----A---- C:\Windows\SYSWOW64\mkl_vml_p3.dll
2010-07-01 19:24:07 ----A---- C:\Windows\SYSWOW64\mkl_vml_def.dll
2010-07-01 19:24:07 ----A---- C:\Windows\SYSWOW64\mkl_p4.dll
2010-07-01 19:24:07 ----A---- C:\Windows\SYSWOW64\mkl_p3.dll
2010-07-01 19:24:07 ----A---- C:\Windows\SYSWOW64\mkl_lapack64.dll
2010-07-01 19:24:07 ----A---- C:\Windows\SYSWOW64\mkl_lapack32.dll
2010-07-01 19:24:07 ----A---- C:\Windows\SYSWOW64\mkl_def.dll
2010-07-01 19:24:07 ----A---- C:\Windows\SYSWOW64\libguide40.dll
2010-07-01 19:23:41 ----RA---- C:\Windows\SYSWOW64\tmp714C.tmp
2010-07-01 19:22:20 ----RA---- C:\Windows\SYSWOW64\tmp712B.tmp
2010-06-30 00:27:56 ----D---- C:\Program Files (x86)\Multiupload Batch Uploader
2010-06-29 02:34:13 ----D---- C:\ProgramData\Codemasters
2010-06-27 20:04:51 ----D---- C:\Fraps
2010-06-27 12:23:35 ----A---- C:\Windows\SYSWOW64\MSVCRTD.DLL
2010-06-27 12:23:35 ----A---- C:\Windows\SYSWOW64\MSVCP60D.DLL
2010-06-27 12:23:34 ----A---- C:\Windows\SYSWOW64\VB6STKIT.DLL
2010-06-27 12:23:34 ----A---- C:\Windows\SYSWOW64\VB6FR.DLL
2010-06-27 12:23:34 ----A---- C:\Windows\SYSWOW64\TABCTFR.DLL
2010-06-27 12:23:34 ----A---- C:\Windows\SYSWOW64\MSCMCFR.DLL
2010-06-27 12:23:34 ----A---- C:\Windows\SYSWOW64\Mscc2fr.dll
2010-06-27 12:23:34 ----A---- C:\Windows\SYSWOW64\CMDLGFR.DLL
2010-06-27 12:23:33 ----D---- C:\Program Files (x86)\Free Audio Pack
2010-06-27 12:23:33 ----A---- C:\Windows\SYSWOW64\msvcr70.dll
2010-06-27 12:23:33 ----A---- C:\Windows\SYSWOW64\MFC71.dll
2010-06-27 01:24:17 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2010-06-27 01:24:17 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2010-06-27 01:24:17 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-06-27 01:24:17 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-06-27 01:24:16 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2010-06-27 01:24:16 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-06-27 00:29:12 ----A---- C:\Windows\SYSWOW64\XceedFtp.dll
2010-06-25 22:14:52 ----A---- C:\Windows\IsUninst.exe
2010-06-25 20:12:16 ----D---- C:\Program Files (x86)\Share Rapid Uploader
2010-06-25 17:43:53 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2010-06-25 17:43:53 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2010-06-25 17:43:53 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-06-25 17:43:53 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-06-25 17:43:52 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2010-06-25 17:43:52 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2010-06-25 17:43:52 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2010-06-25 17:43:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2010-06-25 17:43:52 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-06-25 17:43:52 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-06-25 17:43:52 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-06-25 17:43:52 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-06-25 17:43:51 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2010-06-25 17:43:51 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-06-25 17:43:50 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2010-06-25 17:43:50 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2010-06-25 17:43:50 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2010-06-25 17:43:50 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-06-25 17:43:50 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-06-25 17:43:50 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-06-25 17:43:49 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2010-06-25 17:43:49 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2010-06-25 17:43:49 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-06-25 17:43:49 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-06-25 17:43:48 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2010-06-25 17:43:48 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2010-06-25 17:43:48 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-06-25 17:43:48 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-06-25 17:43:47 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2010-06-25 17:43:47 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2010-06-25 17:43:47 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2010-06-25 17:43:47 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-06-25 17:43:47 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-06-25 17:43:47 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-06-25 17:43:47 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-06-25 17:43:46 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2010-06-25 17:43:46 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2010-06-25 17:43:46 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-06-25 17:43:46 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-06-25 17:43:46 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-06-25 17:43:45 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2010-06-25 17:43:45 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-06-25 17:43:43 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2010-06-25 17:43:43 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2010-06-25 17:43:43 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2010-06-25 17:43:43 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2010-06-25 17:43:43 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-06-25 17:43:43 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-06-25 17:43:43 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-06-25 17:43:43 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-06-25 17:43:42 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2010-06-25 17:43:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2010-06-25 17:43:42 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-06-25 17:43:42 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-06-25 17:43:41 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2010-06-25 17:43:41 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-06-25 17:43:40 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2010-06-25 17:43:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2010-06-25 17:43:40 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-06-25 17:43:40 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-06-25 17:43:38 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2010-06-25 17:43:38 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-06-25 17:42:08 ----D---- C:\Windows\SYSWOW64\directx
2010-06-25 00:10:24 ----D---- C:\Users\Brandoo\AppData\Roaming\skypePM
2010-06-25 00:09:26 ----D---- C:\Users\Brandoo\AppData\Roaming\Skype
2010-06-25 00:09:03 ----RD---- C:\Program Files (x86)\Skype
2010-06-25 00:08:56 ----D---- C:\ProgramData\Skype
2010-06-24 23:12:45 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2010-06-24 23:12:45 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2010-06-24 23:12:45 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2010-06-24 23:12:45 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2010-06-24 23:12:45 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2010-06-24 23:12:45 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-24 23:12:45 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-24 23:12:45 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-24 23:12:45 ----A---- C:\Windows\system32\mscoree.dll
2010-06-24 23:12:45 ----A---- C:\Windows\system32\dfshim.dll
2010-06-24 11:12:15 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2010-06-24 11:12:15 ----A---- C:\Windows\system32\ntdll.dll
2010-06-24 11:12:12 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2010-06-24 11:12:12 ----A---- C:\Windows\system32\CPFilters.dll
2010-06-24 00:50:36 ----D---- C:\Users\Brandoo\AppData\Roaming\IDM
2010-06-24 00:50:31 ----D---- C:\Users\Brandoo\AppData\Roaming\DMCache
2010-06-23 17:39:21 ----D---- C:\Windows\Sun
2010-06-22 23:26:22 ----D---- C:\Program Files (x86)\CCleaner
2010-06-22 23:01:33 ----A---- C:\Windows\SYSWOW64\autoscan.dll
2010-06-21 23:13:52 ----D---- C:\ProgramData\ATI
2010-06-21 23:12:34 ----D---- C:\Program Files\Common Files\ATI Technologies
2010-06-21 23:12:33 ----D---- C:\Program Files (x86)\ATI
2010-06-21 23:11:24 ----D---- C:\Program Files\ATI
2010-06-21 23:11:12 ----D---- C:\Program Files\ATI Technologies
2010-06-20 23:28:27 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2010-06-20 23:25:34 ----D---- C:\ProgramData\Lavasoft
2010-06-19 20:49:31 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2010-06-19 20:49:31 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2010-06-19 20:49:15 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2010-06-19 18:23:20 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2010-06-19 18:23:20 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2010-06-19 18:23:20 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2010-06-19 18:23:20 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-06-19 18:23:20 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-06-19 18:23:20 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-06-19 18:23:19 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2010-06-19 18:23:19 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2010-06-19 18:23:19 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2010-06-19 18:23:19 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-06-19 18:23:19 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-06-19 18:23:19 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-06-19 18:23:18 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2010-06-19 18:23:18 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-06-19 18:21:45 ----D---- C:\Windows\SYSWOW64\xlive
2010-06-19 16:04:05 ----D---- C:\Windows\Minidump
2010-06-19 11:10:17 ----D---- C:\ProgramData\Futuremark
2010-06-19 11:02:13 ----D---- C:\Program Files (x86)\WinTools Software
2010-06-19 10:50:43 ----D---- C:\Program Files (x86)\OpenAL
2010-06-19 10:50:43 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2010-06-19 10:50:43 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2010-06-19 10:50:43 ----A---- C:\Windows\system32\wrap_oal.dll
2010-06-19 10:50:43 ----A---- C:\Windows\system32\OpenAL32.dll
2010-06-19 10:50:17 ----D---- C:\Program Files (x86)\Unigine
2010-06-19 10:44:35 ----D---- C:\Program Files (x86)\Cacheman
2010-06-19 10:40:13 ----RA---- C:\Windows\system32\drivers\Entech64.sys
2010-06-19 10:40:13 ----D---- C:\Windows\SYSWOW64\Futuremark
2010-06-19 10:39:28 ----D---- C:\Program Files (x86)\Futuremark
2010-06-19 10:38:50 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2010-06-19 10:38:50 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2010-06-19 10:38:50 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-06-19 10:38:50 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-06-19 10:38:49 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2010-06-19 10:38:49 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2010-06-19 10:38:49 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2010-06-19 10:38:49 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2010-06-19 10:38:49 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-06-19 10:38:49 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-06-19 10:38:49 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-06-19 10:38:49 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-06-19 10:38:48 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2010-06-19 10:38:48 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-06-19 10:38:47 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2010-06-19 10:38:47 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2010-06-19 10:38:47 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-06-19 10:38:47 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-06-19 10:38:46 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2010-06-19 10:38:46 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2010-06-19 10:38:46 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-06-19 10:38:46 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-06-19 10:38:45 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2010-06-19 10:38:45 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2010-06-19 10:38:45 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2010-06-19 10:38:45 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-06-19 10:38:45 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-06-19 10:38:45 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-06-19 10:38:44 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2010-06-19 10:38:44 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2010-06-19 10:38:44 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2010-06-19 10:38:44 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2010-06-19 10:38:44 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2010-06-19 10:38:44 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-06-19 10:38:44 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-06-19 10:38:44 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-06-19 10:38:44 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-06-19 10:38:44 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-06-19 10:38:43 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2010-06-19 10:38:43 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-06-19 10:38:42 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2010-06-19 10:38:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2010-06-19 10:38:42 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-06-19 10:38:42 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-06-19 10:38:41 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2010-06-19 10:38:41 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2010-06-19 10:38:41 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-06-19 10:38:41 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-06-19 10:38:40 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2010-06-19 10:38:40 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2010-06-19 10:38:40 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-06-19 10:38:40 ----A---- C:\Windows\system32\d3dx10.dll
2010-06-19 10:38:39 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2010-06-19 10:38:39 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-06-19 10:38:38 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2010-06-19 10:38:38 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2010-06-19 10:38:38 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2010-06-19 10:38:38 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-06-19 10:38:38 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-06-19 10:38:38 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-06-19 10:38:37 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2010-06-19 10:38:37 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2010-06-19 10:38:37 ----A---- C:\Windows\system32\xinput1_2.dll
2010-06-19 10:38:37 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-06-19 10:38:36 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2010-06-19 10:38:36 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2010-06-19 10:38:36 ----A---- C:\Windows\system32\xinput1_1.dll
2010-06-19 10:38:36 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-06-19 10:38:34 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2010-06-19 10:38:34 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-06-19 10:38:30 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-06-19 10:38:28 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2010-06-19 10:38:28 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2010-06-19 10:38:28 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2010-06-19 10:38:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-06-19 10:38:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-06-19 10:38:28 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-06-19 10:38:27 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-06-19 10:38:26 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2010-06-19 10:38:26 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2010-06-19 10:38:26 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-06-19 10:38:26 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-06-19 10:38:25 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2010-06-19 10:38:25 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2010-06-19 10:38:25 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-06-19 10:38:25 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-06-19 10:37:25 ----D---- C:\Users\Brandoo\AppData\Roaming\InstallShield
2010-06-17 16:12:21 ----D---- C:\Program Files (x86)\ATI Technologies
2010-06-17 13:24:16 ----D---- C:\Program Files\CrystalDiskMark
2010-06-17 13:24:02 ----D---- C:\Program Files (x86)\HD Tune

======List of files/folders modified in the last 1 months======

2010-07-27 13:34:25 ----D---- C:\Windows\system32\drivers
2010-07-27 13:34:25 ----D---- C:\Windows\inf
2010-07-27 13:34:24 ----D---- C:\Windows\system32\catroot
2010-07-27 13:34:23 ----D---- C:\Windows\system32\DriverStore
2010-07-27 09:28:25 ----D---- C:\Users\Brandoo\AppData\Roaming\dvdcss
2010-07-16 15:44:45 ----D---- C:\Windows\Prefetch
2010-07-16 15:44:41 ----RD---- C:\Program Files
2010-07-16 15:42:15 ----D---- C:\Users\Brandoo\AppData\Roaming\AIMP
2010-07-16 15:39:47 ----D---- C:\Windows\system32\config
2010-07-16 15:29:50 ----D---- C:\Users\Brandoo\AppData\Roaming\ICQ
2010-07-16 15:29:26 ----D---- C:\Windows\Temp
2010-07-16 15:27:40 ----D---- C:\Windows\system32\NDF
2010-07-16 15:26:53 ----SHD---- C:\System Volume Information
2010-07-16 14:13:36 ----D---- C:\Program Files (x86)\MSI Afterburner
2010-07-15 17:14:34 ----D---- C:\Windows\system32\catroot2
2010-07-14 13:16:56 ----D---- C:\Windows\winsxs
2010-07-14 13:16:36 ----D---- C:\Windows
2010-07-14 13:15:39 ----D---- C:\Windows\System32
2010-07-14 12:55:28 ----SHD---- C:\Windows\Installer
2010-07-14 12:54:56 ----RD---- C:\Program Files (x86)
2010-07-14 12:54:56 ----D---- C:\Windows\SysWOW64
2010-07-14 12:52:44 ----D---- C:\ProgramData\Microsoft Help
2010-07-14 12:52:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-07-14 12:50:43 ----D---- C:\Windows\debug
2010-07-04 23:44:01 ----D---- C:\Games
2010-07-04 16:36:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-04 12:14:39 ----SD---- C:\Users\Brandoo\AppData\Roaming\Microsoft
2010-07-02 23:20:34 ----D---- C:\Windows\system32\LogFiles
2010-07-02 22:18:43 ----A---- C:\Windows\system32\MRT.exe
2010-07-01 19:31:45 ----D---- C:\Windows\LiveKernelReports
2010-07-01 19:23:12 ----RSD---- C:\Windows\assembly
2010-06-30 13:07:41 ----D---- C:\Users\Brandoo\AppData\Roaming\uTorrent
2010-06-29 11:11:25 ----D---- C:\Windows\system32\wdi
2010-06-29 02:34:13 ----HD---- C:\ProgramData
2010-06-28 16:08:38 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-06-27 14:46:13 ----D---- C:\Program Files (x86)\JDownloader
2010-06-27 01:55:32 ----D---- C:\Users\Brandoo\AppData\Roaming\Media Player Classic
2010-06-27 01:24:24 ----D---- C:\Windows\Logs
2010-06-25 20:30:33 ----D---- C:\Windows\system
2010-06-25 11:15:47 ----D---- C:\Windows\Microsoft.NET
2010-06-25 00:09:22 ----D---- C:\Windows\system32\Tasks
2010-06-25 00:09:04 ----D---- C:\Program Files (x86)\Common Files
2010-06-24 23:17:11 ----D---- C:\Windows\AppPatch
2010-06-24 23:13:54 ----D---- C:\Windows\SYSWOW64\en-US
2010-06-24 23:13:54 ----D---- C:\Windows\system32\en-US
2010-06-24 23:13:48 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-06-21 23:12:34 ----D---- C:\Program Files\Common Files
2010-06-21 21:14:15 ----DC---- C:\Windows\system32\DRVSTORE
2010-06-21 21:14:02 ----D---- C:\Windows\system32\appmgmt
2010-06-19 11:21:49 ----D---- C:\Program Files\CPUID
2010-06-19 10:47:02 ----A---- C:\Windows\system.ini
2010-06-18 13:13:48 ----D---- C:\Program Files (x86)\UltraISO
2010-06-17 16:02:53 ----SHD---- C:\$Recycle.Bin
2010-06-17 13:17:57 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-04 16440]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NAVx64\1107000.00C\SYMDS64.SYS [2009-08-30 433200]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NAVx64\1107000.00C\SYMEFA64.SYS [2010-04-22 221232]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100709.001\BHDrvx64.sys [2010-05-22 942640]
R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\NAVx64\1107000.00C\ccHPx64.sys [2010-02-26 615040]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2010-06-09 475696]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100715.001\IDSvia64.sys [2010-05-28 463408]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2009-02-10 115600]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NAVx64\1107000.00C\SRTSPX64.SYS [2010-04-22 32304]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2010-05-06 53808]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NAVx64\1107000.00C\Ironx64.SYS [2010-04-29 150064]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NAVx64\1107000.00C\SYMTDIV.SYS [2010-05-06 451120]
R2 cpuz133;cpuz133; \??\C:\Windows\system32\drivers\cpuz133_x64.sys [2010-05-11 20968]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 6856192]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-27 264192]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-06-09 132656]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-30 2359200]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100715.053\ENG64.SYS [2010-07-14 117808]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100715.053\EX64.SYS [2010-07-14 1791536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NAVx64\1107000.00C\SRTSP64.SYS [2010-04-22 505392]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2010-06-09 173104]
S3 cpuz130;cpuz130; \??\C:\Users\Brandoo\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:\Windows\system32\DRIVERS\E1G6032E.sys [2009-06-10 145792]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 33856]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2009-12-21 51712]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 24064]
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\Windows\system32\DRIVERS\s116bus.sys [2007-04-03 108296]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s116mdfl.sys [2007-04-03 19720]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s116mdm.sys [2007-04-03 144648]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 5504]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2009-12-21 51712]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-27 203264]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NAV;Norton AntiVirus; C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe [2010-02-26 126392]
R2 NMSAccess;NMSAccess; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-07-02 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2010-07-02 189248]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 CachemanService;Cacheman Service; C:\Program Files (x86)\Cacheman\CachemanServ.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2008-12-22 104944]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 16 črc 2010 18:10

1. Zkuste NAV přeinstalovat.
2. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte. Předpokládám, že vaše kopie NAV je legální.

Brandon · #3 Příspěvek od **Brandon** » 16 črc 2010 21:24

Nie, mam legálny. Myslíte, že by som si tam dopísal Zbývá vám 96 dní k odběru ?

Preinštalovať asi nieje nutné lebo po reštarte už bolo všetko OK

tu je výsledok skenu

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4320

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

7/16/2010 8:42:46 PM
mbam-log-2010-07-16 (20-42-46).txt

Scan type: Full scan (C:\|D:\|F:\|)
Objects scanned: 296830
Time elapsed: 40 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Tak mam čistý PC. A da sa týmto spôsobom odhaliť aj keylogger ? lebo dávnejšie mi ukradli STEAM ale nikde som prihlasovacie údaje nepísal len pri prihlasovaní.

- Tiež by som sa chcel poradiť o ďalšom antivíruse. Tento mi končí asi za 3 mesiace a rozmýšľam nad Kaspersky Internet Security pre 5 počítačov. Nedávno Kaspersky otvoril popočku alebo otvorí v Bratislave a pre domácich budú zľavy. Tiež ma Kaspersky zachránil pred formatom HDD, celý system32 som mal zavírený a Eset antivirus to nevedel vyliecit, Kaspersky to opravil bez poškodenia a to niekoľko krát. Asi začiatkom jesene alebo na jeseň má byť nová verzia asi 2011, tak potom by som sa rozhodol.

Je podľa Vás Kaspersky IS dobrý ? mne sa veľmi páči

Presne tento http://www.vircentrum.sk/?3,Sk_kaspersk ... -2010-5-pc, cena bude myslím podobná možno aj rovnaká. Je to dobrá cena podla Vás ?

#4 Příspěvek od **Rudy** » 16 črc 2010 22:16

MBAM většinu keyloggerů objeví. Takže lze předpokládat, že tam žádný nebude. KIS vám mohu rozhodně doporučit, patří ke světvé špičce. Na legalitu jsem se ptal proto, že podobné věci by mohl dělat i nelegální sw. PC máte čisté.

Brandon · #5 Příspěvek od **Brandon** » 17 črc 2010 21:50

Diky moc

Aký máte názor na tieto výsledky testov firewallov ? http://www.itnews.sk/spravy/bezpecnost/ ... a-matouska

Je vôbec dáky schopný firewall, ktorý sa sám rozhoduje podľa nastavenia ? viem že je výborný Comodo, ale ma proste nebavý furt dačo povoľovať

#6 Příspěvek od **Rudy** » 17 črc 2010 22:27

Asi takto: Ten test dost dobře nemohu posoudit bez toho, že bych si ho sám ověřil. Osobní zkušenost s tímto produktem nemám.
K druhé otázce: Prakticky každý firewall lze nastavit do nějakého defaultního nastavení, v němž si pak zcedla minimálně, nebo vůbec neříká o nějaká poovolení. Otázka je, zda má takový fw nějaký smysl. Síla firewallu tkví právě v tom, že komunikaci kontroluje a ve svých, uživatelem nastavených pravidlech má uložena pouze bezpečná a ověřená spojení. U těch ostatních se ptát prostě musí a jej jen na uživateli a jeho zkušenostech, zda dané spojení povolí, či nikoliv. Tím je právě naplněn jeho smysl a opodstatněnost v systému.
Jinak nemáte zač!

Brandon · #7 Příspěvek od **Brandon** » 17 črc 2010 22:57

Rudy píše:Síla firewallu tkví právě v tom, že komunikaci kontroluje a ve svých, uživatelem nastavených pravidlech má uložena pouze bezpečná a ověřená spojení. U těch ostatních se ptát prostě musí a jej jen na uživateli a jeho zkušenostech, zda dané spojení povolí, či nikoliv. Tím je právě naplněn jeho smysl a opodstatněnost v systému.

S tým súhlasím, ale je veľa užívateľov, ktorý absolutne nevedia čo povoľujú. Ja síce niesom začiaťočník no ani skúsený no niečo viem si domyslieť o aký program, proces sa jedná no nie vždy.

Je vôbec potrebné ku Norton AV 2010 dávať aj firewall (Comodo), keď mám firewall v OS Windows 7 ?
A druhá otázka: Je lepšie mať komplexný balík napr. Kaspersky Internet Security 2010 alebo Kaspersky Antivirus 2010 + Comodo firewall ?

#8 Příspěvek od **Rudy** » 18 črc 2010 10:46

1.

S tým súhlasím......

To je pravda, pak je lepší provozovat PC buď úplně bez fw (u uživatelů, o nichž se ví, že nechodí do temných zákoutí internetu), nebo použít bezpečnostní balík typu NIS, KIS.

2. Tím částečně odpovídám i na vaší 2. otázku. Bezpečnostní balíky jsou pro méně zkušené usery lepší, než kombinace AV+FW. Ještě dodám, že fw řešení u WinVista, nebo Win7 je podstatně lepší, než systémový firewall WinXP, nedosahuje však kvalit většiny firewallů třetích výrobců. Ze zkušeností vím, že nejméně "otravný" je NortonInternetSecurity. Také je pravda, že pokud máte nastavena správně pravidla, po nějaké době se firewall ptá uživatele jen minimálně.

VIRY.CZ

Problém s Norton AV a internetom

Problém s Norton AV a internetom

Re: Problém s Norton AV a internetom

Re: Problém s Norton AV a internetom

Re: Problém s Norton AV a internetom

Re: Problém s Norton AV a internetom

Re: Problém s Norton AV a internetom

Re: Problém s Norton AV a internetom

Re: Problém s Norton AV a internetom