Dobry večer vam všem mam jeden problem jedna se o trojsky kun cely nazov je DownloadTrojan.Agent.Nrl našlo mi ho na web strance http://www.kix.sk pritom som na stranke nikdi v živote nebol vipis je tu
Prepačte ale neviem po česky som slovak a som lebo ma tu človek poslal z fora http://www.cucaj.sk Dakujem
Logfile of random's system information tool 1.06 (written by random/random)
Run by BOSS at 2010-01-06 19:04:52
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 30 GB (61%) free of 50 GB
Total RAM: 2047 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:04:57, on 6.1.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\DAODx.exe
C:\Program Files\InstallShield Installation Information\{3A94E148-9C8B-4FE9-99DD-93072F99BE20}\AMBSPISyncService.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ASUS\TweakIt\TweakIt.exe
C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\V0330Mon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICLE.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\BOSS~2.MAF\LOCALS~1\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\Opera\Opera\temporary_downloads\hijackthis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\Opera\Opera\temporary_downloads\RSIT.exe
C:\Documents and Settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\Opera\Opera\temporary_downloads\BOSS.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [RunDAOD] C:\WINDOWS\DAODx.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ASUS Update Checker] C:\Program Files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe
O4 - HKLM\..\Run: [Cpu Level Up] "C:\Program Files\ASUS\AI Suite\CPU Level UPEx\CpuLevelUp.exe" -r
O4 - HKLM\..\Run: [CTSyncService] "C:\Program Files\InstallShield Installation Information\{3A94E148-9C8B-4FE9-99DD-93072F99BE20}\AMBSPISyncService.exe" /StartRunKey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TweakIt Help] "C:\Program Files\ASUS\TweakIt\TweakIt.exe" -r
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [V0330Mon.exe] C:\WINDOWS\V0330Mon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPSON Stylus Photo RX585 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICLE.EXE /FU "C:\WINDOWS\TEMP\E_S164.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 7283 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Automatic troubleshooting.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RunDAOD"=C:\WINDOWS\DAODx.exe [2009-03-30 32768]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-13 98304]
"ASUS Update Checker"=C:\Program Files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2008-12-11 114688]
"Cpu Level Up"=C:\Program Files\ASUS\AI Suite\CPU Level UPEx\CpuLevelUp.exe [2009-01-22 1168896]
"CTSyncService"=C:\Program Files\InstallShield Installation Information\{3A94E148-9C8B-4FE9-99DD-93072F99BE20}\AMBSPISyncService.exe [2008-04-17 1233196]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
"RemoteControl9"=C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-04-27 87336]
"PDVD9LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [2009-04-27 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-05-07 75048]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2054360]
"TweakIt Help"=C:\Program Files\ASUS\TweakIt\TweakIt.exe [2009-03-13 817152]
"VolPanel"=C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [2008-02-11 221288]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-03-16 1040384]
"V0330Mon.exe"=C:\WINDOWS\V0330Mon.exe [2007-04-30 32768]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"EPSON Stylus Photo RX585 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICLE.EXE [2007-03-30 182272]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\BOSS.MAFIA-70191CD73\Start Menu\Programs\Startup
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-08-14 155648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe"="C:\Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe:*:Enabled:CyberLink PowerDVD 9.0"
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe"="C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\HRY\call of duty 5\CoDWaWmp.exe"="D:\HRY\call of duty 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"D:\HRY\call of duty 5\CoDWaW.exe"="D:\HRY\call of duty 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe"="C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0"
======List of files/folders created in the last 1 months======
2010-01-06 19:04:52 ----D---- C:\rsit
2010-01-06 17:43:15 ----SHD---- C:\WINDOWS\ftpcache
2010-01-06 17:37:09 ----D---- C:\Config.Msi
2010-01-05 21:15:48 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-01-05 21:15:47 ----D---- C:\WINDOWS\system32\LogFiles
2010-01-05 21:15:47 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-01-05 21:15:47 ----A---- C:\WINDOWS\system32\pbsvc.exe
2010-01-04 23:05:29 ----D---- C:\Program Files\GCFScape
2010-01-04 21:01:39 ----A---- C:\WINDOWS\V0330Mon.exe
2010-01-04 21:01:39 ----A---- C:\WINDOWS\V0330Cfg.exe
2010-01-04 21:01:39 ----A---- C:\WINDOWS\system32\V0330Vfw.dll
2010-01-04 21:01:38 ----D---- C:\WINDOWS\CtDrvInstall
2010-01-04 21:01:38 ----A---- C:\WINDOWS\system32\V0330Srv.exe
2010-01-04 21:01:38 ----A---- C:\WINDOWS\system32\V0330Pin.dll
2010-01-04 21:01:38 ----A---- C:\WINDOWS\system32\V0330Hwx.dll
2010-01-04 21:01:38 ----A---- C:\WINDOWS\system32\V0330Cvw.dll
2010-01-04 21:01:38 ----A---- C:\WINDOWS\system32\CtCamMgr.dll
2010-01-04 10:31:23 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-01-04 10:31:22 ----D---- C:\Program Files\Xvid
2010-01-04 10:31:22 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-01-04 10:27:57 ----RA---- C:\WINDOWS\system32\tmp47D.tmp
2010-01-03 16:39:30 ----D---- C:\Live! Cam
2010-01-03 16:25:13 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2010-01-01 14:24:19 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\ICQ
2010-01-01 14:23:57 ----D---- C:\Program Files\ICQ6.5
2009-12-30 18:34:46 ----RHD---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\SecuROM
2009-12-30 18:27:59 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-30 18:27:48 ----D---- C:\WINDOWS\system32\AGEIA
2009-12-30 18:27:47 ----D---- C:\Program Files\AGEIA Technologies
2009-12-30 18:27:36 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-12-29 16:20:11 ----D---- C:\Program Files\Adobe
2009-12-29 14:30:52 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\OpenOffice.org
2009-12-28 19:26:28 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-12-28 18:54:29 ----D---- C:\Program Files\CDCheck
2009-12-28 18:21:29 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\XRay Engine
2009-12-28 16:13:20 ----RA---- C:\WINDOWS\system32\PostProc.dll
2009-12-28 16:13:19 ----D---- C:\Program Files\Analog Devices
2009-12-28 16:05:49 ----N---- C:\WINDOWS\system32\CTSVCCTL.EXE
2009-12-28 16:05:49 ----N---- C:\WINDOWS\system32\CTSVCCDA.EXE
2009-12-28 07:40:49 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-12-28 07:40:24 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-12-28 07:40:23 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2009-12-27 20:56:18 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\skypePM
2009-12-27 20:54:43 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\Skype
2009-12-27 20:53:19 ----RD---- C:\Program Files\Skype
2009-12-27 20:52:58 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype
2009-12-27 19:59:23 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-12-27 19:30:23 ----D---- C:\Program Files\OpenAL
2009-12-27 19:30:22 ----RA---- C:\WINDOWS\system32\tmp793.tmp
2009-12-27 19:30:22 ----RA---- C:\WINDOWS\system32\tmp792.tmp
2009-12-27 13:52:49 ----D---- C:\WINDOWS\system32\XPSViewer
2009-12-27 13:52:47 ----D---- C:\Program Files\MSBuild
2009-12-27 13:52:45 ----D---- C:\WINDOWS\system32\en-US
2009-12-27 13:52:39 ----D---- C:\Program Files\Reference Assemblies
2009-12-27 13:50:44 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-12-27 13:50:44 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-12-27 13:50:43 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-12-27 13:48:26 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-12-27 13:48:21 ----D---- C:\Program Files\MSXML 6.0
2009-12-27 13:17:57 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\InstallShield
2009-12-27 13:15:32 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\UDL
2009-12-27 13:13:19 ----D---- C:\Program Files\EPSON Print CD
2009-12-27 12:41:12 ----A---- C:\WINDOWS\system32\PICSDK2.dll
2009-12-27 12:41:12 ----A---- C:\WINDOWS\system32\PICSDK.ini
2009-12-27 12:41:12 ----A---- C:\WINDOWS\system32\PICSDK.dll
2009-12-27 12:41:12 ----A---- C:\WINDOWS\system32\PICEntry.dll
2009-12-27 12:41:12 ----A---- C:\WINDOWS\system32\EpPicPrt.dll
2009-12-27 12:41:12 ----A---- C:\WINDOWS\system32\EPPicMgr.dll
2009-12-27 12:40:17 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\EPSON
2009-12-27 12:40:14 ----A---- C:\WINDOWS\system32\E_DCINST.DLL
2009-12-27 12:40:12 ----A---- C:\WINDOWS\system32\E_FLBCLE.DLL
2009-12-27 12:40:12 ----A---- C:\WINDOWS\system32\E_FD4BCLE.DLL
2009-12-27 12:36:16 ----D---- C:\Program Files\epson
2009-12-27 12:36:15 ----A---- C:\WINDOWS\system32\escwiad.dll
2009-12-27 12:35:41 ----A---- C:\WINDOWS\CDE RX585DEFGIPS.ini
2009-12-27 11:35:19 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\Uniblue
2009-12-27 11:35:11 ----D---- C:\Program Files\Uniblue
2009-12-27 10:44:41 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\ESET
2009-12-27 10:44:17 ----D---- C:\Program Files\OpenOffice.org 3
2009-12-27 10:43:14 ----D---- C:\Program Files\ESET
2009-12-27 10:43:14 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
2009-12-27 10:41:50 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\CyberLink
2009-12-27 10:39:39 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\CyberLink
2009-12-27 10:39:02 ----D---- C:\Program Files\CyberLink
2009-12-27 10:38:52 ----A---- C:\WINDOWS\system32\msxml3a.dll
2009-12-27 10:38:52 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-12-27 10:38:52 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-12-27 10:38:34 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Temp
2009-12-27 10:30:15 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2009-12-27 10:30:14 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-12-27 10:30:05 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\TuneUp Software
2009-12-27 10:29:56 ----D---- C:\Program Files\TuneUp Utilities 2010
2009-12-27 10:29:38 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TuneUp Software
2009-12-27 10:23:39 ----SHD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-12-27 10:18:39 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\WinRAR
2009-12-27 09:42:36 ----D---- C:\Program Files\Lavalys
2009-12-27 09:41:53 ----D---- C:\Program Files\QuickTime
2009-12-27 09:41:52 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2009-12-27 09:41:40 ----D---- C:\Program Files\Common Files\Apple
2009-12-27 09:41:33 ----D---- C:\Program Files\Apple Software Update
2009-12-27 09:41:33 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2009-12-27 09:38:13 ----D---- C:\Program Files\7-Zip
2009-12-27 09:37:28 ----D---- C:\Program Files\WinRAR
2009-12-26 22:57:15 ----D---- C:\Program Files\DAEMON Tools Toolbar
2009-12-26 22:57:02 ----D---- C:\Program Files\DAEMON Tools Lite
2009-12-26 22:56:56 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\DAEMON Tools Lite
2009-12-26 22:56:53 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\DAEMON Tools Lite
2009-12-26 21:50:37 ----D---- C:\users
2009-12-26 19:57:50 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2009-12-26 19:57:50 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2009-12-26 19:57:50 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2009-12-26 19:57:49 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2009-12-26 19:57:49 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2009-12-26 19:57:49 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2009-12-26 19:57:49 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2009-12-26 19:57:48 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-12-26 19:57:48 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-12-26 19:57:48 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-12-26 19:57:48 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-12-26 19:57:48 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-12-26 19:57:47 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-12-26 19:57:47 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-12-26 19:57:47 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-12-26 19:57:47 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-12-26 19:57:47 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-12-26 19:57:46 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-12-26 19:57:46 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-12-26 19:57:46 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-12-26 19:57:46 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-12-26 19:57:46 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-12-26 19:57:46 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-12-26 19:57:45 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-12-26 19:57:45 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-12-26 19:57:45 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-12-26 19:57:45 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-12-26 19:57:44 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-12-26 19:57:44 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-12-26 19:57:44 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-12-26 19:57:44 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-12-26 19:57:44 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-12-26 19:57:44 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-12-26 19:57:43 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-12-26 19:57:43 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-12-26 19:57:43 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-12-26 19:57:43 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-12-26 19:57:42 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-12-26 19:57:42 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-12-26 19:57:42 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-12-26 19:57:42 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-12-26 19:57:41 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-12-26 19:57:41 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-12-26 19:57:41 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-12-26 19:57:41 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-12-26 19:57:40 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-12-26 19:57:40 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-12-26 19:57:40 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-12-26 19:57:40 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-12-26 19:57:40 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-12-26 19:57:39 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-12-26 19:57:39 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-12-26 19:57:39 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-12-26 19:57:39 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-12-26 19:57:38 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-12-26 19:57:37 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-12-26 19:57:37 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-12-26 19:57:36 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-12-26 19:57:36 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-12-26 19:57:35 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-12-26 19:57:35 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-12-26 19:57:35 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-12-26 19:57:35 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-12-26 19:57:35 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-12-26 19:57:35 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-12-26 19:57:34 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-12-26 19:57:34 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-12-26 19:57:34 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-12-26 19:57:34 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-12-26 19:57:29 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-12-26 19:57:29 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-12-26 19:57:29 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-12-26 19:57:29 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-12-26 19:57:28 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-12-26 19:57:28 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-12-26 19:57:28 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-12-26 19:57:28 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-12-26 19:57:28 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-12-26 19:57:26 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-12-26 18:42:02 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\Creative
2009-12-26 18:38:08 ----N---- C:\WINDOWS\Ctregrun.exe
2009-12-26 17:36:45 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\Macromedia
2009-12-26 17:36:45 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\Adobe
2009-12-26 16:58:17 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Creative Labs
2009-12-26 16:40:14 ----N---- C:\WINDOWS\Updreg.EXE
2009-12-26 16:40:09 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2009-12-26 16:40:09 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2009-12-26 16:40:05 ----RA---- C:\WINDOWS\system32\CTSBAMB.INI
2009-12-26 16:40:05 ----A---- C:\WINDOWS\INRES.DLL
2009-12-26 16:40:04 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Creative
2009-12-26 16:38:12 ----N---- C:\WINDOWS\system32\AMBSPISyncService.exe
2009-12-26 16:36:22 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-12-26 16:23:22 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-26 15:55:22 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
2009-12-26 15:55:20 ----D---- C:\Program Files\WinZip
2009-12-26 15:50:52 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
2009-12-26 15:40:11 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\Opera
2009-12-26 15:40:03 ----D---- C:\Program Files\Opera
2009-12-26 15:33:44 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-12-26 15:30:39 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2009-12-26 15:29:03 ----A---- C:\WINDOWS\Language_trs.ini
2009-12-26 15:29:00 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-12-26 15:28:26 ----D---- C:\Program Files\Creative
2009-12-26 15:00:10 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\ATI
2009-12-26 15:00:09 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\ATI
2009-12-26 14:52:50 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-12-26 14:52:48 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2009-12-26 14:52:43 ----RA---- C:\WINDOWS\system32\ATIDEMGX.dll
2009-12-26 14:52:20 ----D---- C:\Program Files\ATI Technologies
2009-12-26 13:59:18 ----A---- C:\WINDOWS\system32\WMErrSKY.dll
2009-12-26 13:58:54 ----D---- C:\temp
2009-12-26 13:57:52 ----A---- C:\WINDOWS\system32\h323log.txt
2009-12-26 13:54:33 ----ASH---- C:\Documents and Settings\All Users.WINDOWS\Application Data\desktop.ini
2009-12-26 13:54:30 ----RA---- C:\WINDOWS\SET2B.tmp
2009-12-26 13:54:27 ----RA---- C:\WINDOWS\SET1F.tmp
2009-12-26 13:54:26 ----RA---- C:\WINDOWS\SET1C.tmp
2009-12-26 13:54:03 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
2009-12-26 13:53:38 ----D---- C:\WINDOWS\Minidump
2009-12-26 13:52:30 ----A---- C:\WINDOWS\system32\usbui.dll
2009-12-26 13:51:21 ----A---- C:\WINDOWS\imsins.BAK
2009-12-26 13:51:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-26 13:51:17 ----A---- C:\WINDOWS\ODBCINST.INI
2009-12-26 13:51:13 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-12-26 13:51:13 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-12-26 13:51:13 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-12-26 13:51:11 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-12-26 13:51:11 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-12-26 13:51:10 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-12-26 13:51:10 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-12-26 13:51:10 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-12-26 13:51:10 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-12-26 13:51:10 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-12-26 13:51:10 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-12-26 13:51:10 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-12-26 13:51:10 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-12-26 13:51:10 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-12-26 13:51:10 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-12-26 13:51:08 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-12-26 13:51:08 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-12-26 13:51:08 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-12-26 13:51:08 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-12-26 13:51:08 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-12-26 13:51:08 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-12-26 13:51:08 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-12-26 13:51:06 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-12-26 13:51:06 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-12-26 13:51:06 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-12-26 13:51:06 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-12-26 13:51:06 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-12-26 13:51:03 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-12-26 13:51:03 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-12-26 13:51:03 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-12-26 13:51:03 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-12-26 13:51:03 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-12-26 13:51:03 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-12-26 13:51:03 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-12-26 13:51:03 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-12-26 13:51:03 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-12-26 13:51:03 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-12-26 13:51:03 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-12-26 13:51:03 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-12-26 13:51:03 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-12-26 13:51:01 ----A---- C:\WINDOWS\system32\irclass.dll
2009-12-26 13:51:00 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-12-26 13:51:00 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-12-26 13:51:00 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-12-26 13:51:00 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-12-26 13:50:57 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-12-26 13:50:57 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-12-26 13:50:57 ----A---- C:\WINDOWS\system32\batt.dll
2009-12-26 13:50:56 ----A---- C:\WINDOWS\system32\storprop.dll
2009-12-26 13:50:56 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-12-26 13:50:45 ----RA---- C:\WINDOWS\SET8.tmp
2009-12-26 13:50:42 ----RA---- C:\WINDOWS\SET4.tmp
2009-12-26 13:50:41 ----RA---- C:\WINDOWS\SET3.tmp
2009-12-26 13:50:07 ----A---- C:\WINDOWS\setuplog.txt
2009-12-26 13:35:33 ----RA---- C:\WINDOWS\system32\AsIO.dll
2009-12-26 13:35:21 ----D---- C:\Program Files\ASUS
2009-12-26 13:32:27 ----RA---- C:\WINDOWS\system32\RtNicProp32.dll
2009-12-26 13:32:13 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\InstallShield
2009-12-26 13:29:30 ----A---- C:\WINDOWS\Ascd_log.ini
2009-12-26 13:28:28 ----RA---- C:\WINDOWS\DAODx.exe
2009-12-26 13:28:20 ----A---- C:\WINDOWS\Ascd_tmp.ini
2009-12-26 13:06:59 ----D---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\Identities
2009-12-26 13:06:53 ----ASH---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\desktop.ini
2009-12-26 13:06:52 ----SD---- C:\Documents and Settings\BOSS.MAFIA-70191CD73\Application Data\Microsoft
2009-12-26 13:06:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-26 13:02:37 ----A---- C:\WINDOWS\control.ini
2009-12-26 13:02:27 ----A---- C:\WINDOWS\OEWABLog.txt
2009-12-26 13:02:22 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-12-26 13:01:44 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-12-26 13:01:39 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-12-26 13:00:52 ----A---- C:\WINDOWS\system32\atrace.dll
2009-12-26 13:00:49 ----A---- C:\WINDOWS\system32\desktop.ini
2009-12-26 13:00:49 ----A---- C:\WINDOWS\desktop.ini
2009-12-26 13:00:41 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-12-26 13:00:40 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-12-26 13:00:40 ----A---- C:\WINDOWS\system32\acctres.dll
2009-12-26 13:00:34 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-12-26 13:00:34 ----A---- C:\WINDOWS\system32\wups.dll
2009-12-26 13:00:34 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-12-26 13:00:34 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-12-26 13:00:34 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-12-26 13:00:34 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-12-26 13:00:34 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-12-26 13:00:34 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-12-26 13:00:33 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-12-26 13:00:33 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-12-26 13:00:33 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-12-26 13:00:33 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-12-26 13:00:33 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-12-26 13:00:28 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-12-26 13:00:28 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-12-26 13:00:28 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-12-26 13:00:28 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-12-26 13:00:23 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-12-26 13:00:23 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-12-26 13:00:22 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-12-26 13:00:22 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-12-26 13:00:22 ----A---- C:\WINDOWS\system32\srclient.dll
2009-12-26 13:00:21 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-12-26 13:00:21 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-12-26 13:00:21 ----A---- C:\WINDOWS\system32\msconf.dll
2009-12-26 13:00:21 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-12-26 13:00:21 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-12-26 13:00:21 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-12-26 13:00:21 ----A---- C:\WINDOWS\system32\ils.dll
2009-12-26 13:00:20 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-12-26 13:00:20 ----A---- C:\WINDOWS\system32\inetres.dll
2009-12-26 13:00:20 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-12-26 13:00:19 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-12-26 13:00:19 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-12-26 13:00:19 ----A---- C:\WINDOWS\system32\mstask.dll
2009-12-26 13:00:18 ----A---- C:\WINDOWS\system32\isign32.dll
2009-12-26 13:00:18 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-12-26 13:00:18 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-12-26 13:00:18 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-12-26 12:59:52 ----A---- C:\WINDOWS\vbaddin.ini
2009-12-26 12:59:52 ----A---- C:\WINDOWS\vb.ini
2009-12-26 12:59:35 ----A---- C:\WINDOWS\system32\write.exe
2009-12-26 12:59:28 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-12-26 12:59:27 ----A---- C:\WINDOWS\system32\winchat.exe
2009-12-26 12:59:27 ----A---- C:\WINDOWS\system32\hticons.dll
2009-12-26 12:59:27 ----A---- C:\WINDOWS\system32\avwav.dll
2009-12-26 12:59:27 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-12-26 12:59:27 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-12-26 12:59:19 ----A---- C:\WINDOWS\system32\getuname.dll
2009-12-26 12:59:18 ----A---- C:\WINDOWS\system32\sol.exe
2009-12-26 12:59:18 ----A---- C:\WINDOWS\system32\charmap.exe
2009-12-26 12:59:18 ----A---- C:\WINDOWS\system32\calc.exe
2009-12-26 12:59:17 ----A---- C:\WINDOWS\system32\winmine.exe
2009-12-26 12:59:17 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-12-26 12:59:17 ----A---- C:\WINDOWS\system32\freecell.exe
2009-12-26 12:59:16 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-12-26 12:59:16 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-12-26 12:59:16 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-12-26 12:59:16 ----A---- C:\WINDOWS\system32\tskill.exe
2009-12-26 12:59:16 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-12-26 12:59:16 ----A---- C:\WINDOWS\system32\tscon.exe
2009-12-26 12:59:16 ----A---- C:\WINDOWS\system32\shadow.exe
2009-12-26 12:59:16 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-12-26 12:59:16 ----A---- C:\WINDOWS\system32\reset.exe
2009-12-26 12:59:16 ----A---- C:\WINDOWS\system32\regini.exe
2009-12-26 12:59:16 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-12-26 12:59:16 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-12-26 12:59:15 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-12-26 12:59:15 ----A---- C:\WINDOWS\system32\msg.exe
2009-12-26 12:59:15 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-12-26 12:59:15 ----A---- C:\WINDOWS\system32\logoff.exe
2009-12-26 12:59:15 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-12-26 12:59:14 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-12-26 12:59:14 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-12-26 12:59:14 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-12-26 12:59:14 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-12-26 12:59:13 ----A---- C:\WINDOWS\system32\stclient.dll
2009-12-26 12:59:13 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-12-26 12:59:13 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-12-26 12:59:13 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-12-26 12:59:07 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-12-26 12:59:07 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-12-26 12:59:07 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-12-26 12:59:07 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-12-26 12:59:06 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-12-26 12:59:06 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-12-26 12:59:06 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-12-26 12:59:05 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-12-26 12:59:05 ----A---- C:\WINDOWS\system32\spider.exe
2009-12-26 12:59:04 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-12-26 12:59:04 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-12-26 12:59:04 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-12-26 12:59:04 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-12-26 12:59:04 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-12-26 12:59:04 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-12-26 12:59:04 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-12-26 12:59:04 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-12-26 12:59:03 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-12-26 12:59:03 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-12-26 12:59:03 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-12-26 12:59:03 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-12-26 12:59:03 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-12-26 12:59:03 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-12-26 12:59:03 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-12-26 12:59:02 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-12-26 12:59:02 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-12-26 12:59:02 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-12-26 12:59:02 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-12-26 12:59:02 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-12-26 12:59:01 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-12-26 12:59:01 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-12-26 12:59:00 ----A---- C:\WINDOWS\system32\colbact.dll
2009-12-26 12:59:00 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-12-26 12:59:00 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-12-26 12:59:00 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-12-26 12:59:00 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-12-26 12:58:59 ----A---- C:\WINDOWS\system32\comuid.dll
2009-12-26 12:58:59 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-12-26 12:58:58 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-12-26 12:58:51 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-12-26 12:58:51 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-12-26 12:58:51 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-12-26 12:58:51 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-12-25 21:47:54 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-12-25 21:47:07 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-12-25 20:13:00 ----D---- C:\Program Files\Messenger
2009-12-25 18:07:29 ----D---- C:\Program Files\Common Files\Skype
2009-12-25 17:53:45 ----D---- C:\WINDOWS\system32\Futuremark
2009-12-25 17:22:50 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-25 17:22:44 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-12-25 17:22:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-25 16:48:06 ----D---- C:\WINDOWS\system32\Data
2009-12-25 16:20:03 ----D---- C:\Program Files\Common Files\Creative
2009-12-25 16:20:01 ----HD---- C:\Program Files\Creative Installation Information
2009-12-25 16:17:35 ----D---- C:\Program Files\Common Files\Creative Labs Shared
2009-12-25 16:15:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-12-25 16:15:51 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-12-25 16:15:39 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-12-25 16:15:20 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-12-25 16:15:12 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-12-25 16:15:06 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-12-25 16:15:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-12-25 16:14:52 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-12-25 16:14:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-25 16:14:37 ----RD---- C:\WINDOWS\AsDmiHtm
2009-12-25 16:14:31 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-12-25 16:14:25 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-12-25 16:14:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-12-25 16:14:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-12-25 16:13:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-12-25 16:06:20 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-12-25 16:06:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-12-25 16:05:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-12-25 16:05:49 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-12-25 16:05:45 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-12-25 16:05:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-12-25 16:05:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-12-25 16:05:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-12-25 16:05:26 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-12-25 16:05:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2009-12-25 16:05:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-12-25 16:04:58 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2009-12-25 16:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-12-25 16:04:46 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-12-25 16:04:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-12-25 16:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-12-25 16:04:08 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-12-25 16:04:02 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-12-25 16:03:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-12-25 16:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-12-25 16:03:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-25 16:03:36 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-12-25 16:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-12-25 16:03:20 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-25 16:03:09 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-12-25 16:03:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-12-25 16:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-12-25 16:02:47 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-12-25 16:02:28 ----D---- C:\WINDOWS\ServicePackFiles
2009-12-25 16:02:26 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2009-12-25 16:02:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-12-25 16:02:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-12-25 16:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2009-12-25 16:00:05 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-12-25 15:59:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-12-25 15:54:49 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-12-25 15:54:43 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-12-25 15:54:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-12-25 15:54:32 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-12-25 15:54:21 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-12-25 10:02:32 ----D---- C:\Program Files\Common Files\CyberLink
2009-12-25 09:37:58 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-12-25 09:37:41 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-12-24 23:59:54 ----D---- C:\WINDOWS\system32\PreInstall
2009-12-24 23:59:52 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-12-24 23:45:46 ----SHD---- C:\RECYCLER
2009-12-24 23:09:03 ----D---- C:\WINDOWS\system32\appmgmt
2009-12-24 22:31:36 ----D---- C:\Program Files\Common Files\Nero
2009-12-24 22:30:53 ----D---- C:\WINDOWS\RegisteredPackages
2009-12-24 22:12:32 ----D---- C:\Program Files\Common Files\Adobe
2009-12-24 22:11:14 ----D---- C:\WINDOWS\Logs
2009-12-24 21:38:59 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-12-24 18:34:27 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-24 09:57:01 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-12-24 09:45:43 ----D---- C:\Program Files\Common Files\ATI Technologies
2009-12-24 09:44:24 ----RSD---- C:\WINDOWS\assembly
2009-12-24 09:44:08 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-24 09:43:39 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-12-24 09:24:42 ----SHD---- C:\WINDOWS\Installer
2009-12-24 09:24:42 ----D---- C:\Program Files\Common Files\ODBC
2009-12-24 09:24:38 ----RD---- C:\Program Files
2009-12-24 09:24:38 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-12-24 09:24:38 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-12-24 09:24:38 ----D---- C:\Program Files\Common Files
2009-12-24 09:24:01 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-24 09:24:01 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-24 09:23:32 ----D---- C:\Documents and Settings
2009-12-24 09:22:46 ----ASH---- C:\boot.ini
2009-12-24 09:20:07 ----SHD---- C:\System Volume Information
2009-12-24 09:19:07 ----D---- C:\WINDOWS\OPTIONS
2009-12-24 09:16:21 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-24 09:16:21 ----RSD---- C:\WINDOWS\Fonts
2009-12-24 09:16:21 ----RD---- C:\WINDOWS\Web
2009-12-24 09:16:21 ----HD---- C:\WINDOWS\inf
2009-12-24 09:16:21 ----D---- C:\WINDOWS\WinSxS
2009-12-24 09:16:21 ----D---- C:\WINDOWS\twain_32
2009-12-24 09:16:21 ----D---- C:\WINDOWS\Temp
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\wins
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\wbem
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\usmt
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\spool
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\ShellExt
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\Setup
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\ras
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\oobe
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\npp
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\mui
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\inetsrv
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\IME
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\icsxml
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\ias
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\export
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\drivers
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\dhcp
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\config
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\3com_dmi
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\3076
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\2052
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\1054
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\1042
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\1041
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\1037
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\1033
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\1031
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\1028
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32\1025
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system32
2009-12-24 09:16:21 ----D---- C:\WINDOWS\system
2009-12-24 09:16:21 ----D---- C:\WINDOWS\security
2009-12-24 09:16:21 ----D---- C:\WINDOWS\Resources
2009-12-24 09:16:21 ----D---- C:\WINDOWS\repair
2009-12-24 09:16:21 ----D---- C:\WINDOWS\Provisioning
2009-12-24 09:16:21 ----D---- C:\WINDOWS\pchealth
2009-12-24 09:16:21 ----D---- C:\WINDOWS\PeerNet
2009-12-24 09:16:21 ----D---- C:\WINDOWS\mui
2009-12-24 09:16:21 ----D---- C:\WINDOWS\msapps
2009-12-24 09:16:21 ----D---- C:\WINDOWS\msagent
2009-12-24 09:16:21 ----D---- C:\WINDOWS\Media
2009-12-24 09:16:21 ----D---- C:\WINDOWS\java
2009-12-24 09:16:21 ----D---- C:\WINDOWS\ime
2009-12-24 09:16:21 ----D---- C:\WINDOWS\Help
2009-12-24 09:16:21 ----D---- C:\WINDOWS\ehome
2009-12-24 09:16:21 ----D---- C:\WINDOWS\Driver Cache
2009-12-24 09:16:21 ----D---- C:\WINDOWS\Debug
2009-12-24 09:16:21 ----D---- C:\WINDOWS\Cursors
2009-12-24 09:16:21 ----D---- C:\WINDOWS\Connection Wizard
2009-12-24 09:16:21 ----D---- C:\WINDOWS\Config
2009-12-24 09:16:21 ----D---- C:\WINDOWS\AppPatch
2009-12-24 09:16:21 ----D---- C:\WINDOWS\addins
2009-12-24 09:16:21 ----D---- C:\WINDOWS
2009-12-24 09:14:28 ----D---- C:\WINDOWS\AsusInstAll
2009-12-24 09:14:15 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-24 09:14:10 ----D---- C:\Program Files\Common Files\InstallShield
2009-12-24 09:07:46 ----D---- C:\WINDOWS\system32\1051
2009-12-24 08:55:34 ----HD---- C:\Program Files\Uninstall Information
2009-12-24 08:54:38 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-24 08:54:37 ----D---- C:\WINDOWS\Prefetch
2009-12-24 08:54:36 ----SD---- C:\WINDOWS\system32\Microsoft
2009-12-24 08:51:58 ----D---- C:\WINDOWS\system32\xircom
2009-12-24 08:51:58 ----D---- C:\Program Files\xerox
2009-12-24 08:51:58 ----D---- C:\Program Files\microsoft frontpage
2009-12-24 08:51:50 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-24 08:51:41 ----A---- C:\AUTOEXEC.BAT
2009-12-24 08:51:00 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-24 08:51:00 ----RD---- C:\WINDOWS\Offline Web Pages
2009-12-24 08:50:53 ----HD---- C:\Program Files\WindowsUpdate
2009-12-24 08:50:36 ----D---- C:\WINDOWS\system32\DirectX
2009-12-24 08:50:00 ----D---- C:\Program Files\Common Files\Services
2009-12-24 08:49:57 ----SD---- C:\WINDOWS\Tasks
2009-12-24 08:49:56 ----D---- C:\Program Files\Common Files\MSSoap
2009-12-24 08:49:52 ----D---- C:\WINDOWS\srchasst
2009-12-24 08:49:51 ----D---- C:\WINDOWS\system32\Macromed
2009-12-24 08:49:42 ----D---- C:\Program Files\Movie Maker
2009-12-24 08:49:32 ----D---- C:\WINDOWS\system32\Restore
2009-12-24 08:49:27 ----D---- C:\Program Files\NetMeeting
2009-12-24 08:49:24 ----D---- C:\Program Files\Outlook Express
2009-12-24 08:49:16 ----D---- C:\Program Files\Common Files\System
2009-12-24 08:49:15 ----D---- C:\Program Files\Internet Explorer
2009-12-24 08:48:57 ----D---- C:\Program Files\ComPlus Applications
2009-12-24 08:48:52 ----D---- C:\WINDOWS\Registration
2009-12-24 08:48:47 ----D---- C:\Program Files\Windows Media Player
2009-12-24 08:48:47 ----D---- C:\Program Files\Online Services
2009-12-24 08:48:38 ----D---- C:\Program Files\MSN Gaming Zone
2009-12-24 08:47:53 ----D---- C:\Program Files\MSN
2009-12-24 08:47:51 ----D---- C:\Program Files\Windows NT
2009-12-24 08:47:47 ----D---- C:\WINDOWS\system32\MsDtc
2009-12-24 08:47:45 ----D---- C:\WINDOWS\system32\Com
======List of files/folders modified in the last 1 months======
2009-12-26 14:02:19 ----A---- C:\WINDOWS\system.ini
2009-12-26 13:02:37 ----A---- C:\WINDOWS\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-11-16 55768]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/12/27 10:39:38]; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-11-16 135048]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-03-24 331264]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 AmbFilt;AmbFilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-02-14 1683712]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-08-14 4485632]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-06-19 33096]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-23 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-08-07 111360]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 V0330VID;WebCam Vista/Live! Cam Chat; C:\WINDOWS\system32\DRIVERS\V0330Vid.sys [2007-08-08 157696]
S3 aty7v50k;aty7v50k; C:\WINDOWS\system32\drivers\aty7v50k.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-08-14 602112]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-03-13 417792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-01-05 66872]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2009-04-27 271760]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-18 1044808]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2009-12-25 79360]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-08-13 593920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2009-12-27 435016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
tak tu je ten log
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
trojsky kun
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: trojsky kun
Nacházíte se na Česko-Slovenském fóru. Že neumíte česky, nevadí, pokud byste něčemu nerozuměl, přeložím vám to. Dejte log z ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: trojsky kun
Dobre rano všem tak tu je ten log z combofixa
ComboFix 10-01-04.01 - BOSS 07.01.2010 10:28:48.1.4 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.421.1033.18.2047.1674 [GMT 1:00]
Running from: c:\documents and settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\Opera\Opera\temporary_downloads\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\ICQ6.5\ICQLRun.exe
c:\recycler\S-1-5-21-746137067-1606980848-725345543-1003
c:\recycler\S-1-5-21-796845957-746137067-839522115-1003
c:\recycler\S-1-5-21-823518204-527237240-839522115-1003
c:\windows\system32\Data
.
((((((((((((((((((((((((( Files Created from 2009-12-07 to 2010-01-07 )))))))))))))))))))))))))))))))
.
2010-01-06 18:04 . 2010-01-06 18:05 -------- d-----w- C:\rsit
2010-01-06 16:43 . 2010-01-06 16:43 -------- d-sh--w- c:\windows\ftpcache
2010-01-05 20:19 . 2010-01-05 20:19 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\Activision
2010-01-05 20:16 . 2010-01-05 20:19 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-01-05 20:16 . 2010-01-05 20:16 22328 ----a-w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\PnkBstrK.sys
2010-01-05 20:15 . 2010-01-05 20:19 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-01-05 20:15 . 2010-01-05 20:15 682280 ----a-w- c:\windows\system32\pbsvc.exe
2010-01-05 20:15 . 2010-01-05 20:15 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-01-05 20:15 . 2010-01-05 20:15 -------- d-----w- c:\windows\system32\LogFiles
2010-01-04 22:05 . 2010-01-06 16:41 -------- d-----w- c:\program files\GCFScape
2010-01-04 22:01 . 2010-01-04 22:01 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY.001\Local Settings\Application Data\ESET
2010-01-04 20:01 . 2007-04-30 00:03 32768 ----a-w- c:\windows\V0330Mon.exe
2010-01-04 20:01 . 2007-04-24 00:10 20480 ----a-w- c:\windows\V0330Cfg.exe
2010-01-04 20:01 . 2006-11-10 00:00 126976 ----a-w- c:\windows\system32\V0330Vfw.dll
2010-01-04 20:01 . 2010-01-04 20:01 -------- d-----w- c:\windows\CtDrvInstall
2010-01-04 20:01 . 2007-08-08 12:48 157696 ----a-w- c:\windows\system32\drivers\V0330Vid.sys
2010-01-04 20:01 . 2007-04-30 00:10 266240 ----a-w- c:\windows\system32\V0330Cvw.dll
2010-01-04 20:01 . 2007-04-26 00:10 32768 ----a-w- c:\windows\system32\V0330Hwx.dll
2010-01-04 20:01 . 2007-04-25 00:10 20480 ----a-w- c:\windows\system32\V0330Srv.exe
2010-01-04 20:01 . 2007-04-24 00:10 36864 ----a-w- c:\windows\system32\V0330Pin.dll
2010-01-04 20:01 . 2006-12-13 09:35 4516 ----a-w- c:\windows\system32\drivers\V0330STB.SYS
2010-01-04 20:01 . 2005-07-07 00:07 36864 ----a-w- c:\windows\system32\CtCamMgr.dll
2010-01-04 16:13 . 2010-01-04 16:13 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\ESET
2010-01-04 09:31 . 2006-11-01 13:52 765952 ----a-w- c:\windows\system32\xvidcore.dll
2010-01-04 09:31 . 2010-01-04 09:31 -------- d-----w- c:\program files\Xvid
2010-01-04 09:31 . 2006-11-01 13:54 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2010-01-03 15:39 . 2010-01-03 15:39 -------- d-----w- C:\Live! Cam
2010-01-03 15:35 . 2004-08-03 22:10 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys
2010-01-03 15:35 . 2004-08-03 22:10 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2010-01-03 15:25 . 2004-08-03 22:10 15360 -c--a-w- c:\windows\system32\dllcache\streamip.sys
2010-01-03 15:25 . 2004-08-03 22:10 15360 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2010-01-03 15:25 . 2004-08-03 22:10 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2010-01-03 15:25 . 2004-08-03 22:10 19328 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2010-01-03 15:25 . 2004-08-03 22:10 85376 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys
2010-01-03 15:25 . 2004-08-03 22:10 85376 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2010-01-03 15:25 . 2004-08-03 22:10 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2010-01-03 15:25 . 2004-08-03 22:10 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2010-01-03 15:25 . 2004-08-03 23:56 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-01-03 15:25 . 2004-08-03 23:56 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-01-03 11:44 . 2010-01-03 11:44 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\Deployment
2010-01-01 13:24 . 2010-01-01 13:25 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\ICQ
2010-01-01 13:23 . 2010-01-07 09:34 -------- d-----w- c:\program files\ICQ6.5
2009-12-31 23:58 . 2009-12-31 23:58 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\Identities
2009-12-31 11:15 . 2009-12-31 11:15 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY.001\Application Data\TuneUp Software
2009-12-30 17:34 . 2009-12-30 17:34 -------- d--h--r- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\SecuROM
2009-12-30 17:27 . 2009-12-30 17:27 -------- dc----w- c:\windows\system32\DRVSTORE
2009-12-30 17:27 . 2009-12-30 17:27 -------- d-----w- c:\windows\system32\AGEIA
2009-12-30 17:27 . 2009-12-30 17:27 -------- d-----w- c:\program files\AGEIA Technologies
2009-12-30 17:27 . 2010-01-04 09:28 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-29 13:31 . 2010-01-04 22:46 1 ----a-w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-12-29 13:30 . 2009-12-29 13:30 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\OpenOffice.org
2009-12-28 18:36 . 2009-12-28 18:36 10134 ----a-r- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
2009-12-28 18:26 . 2009-12-30 17:34 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-12-28 17:54 . 2009-12-28 17:54 -------- d-----w- c:\program files\CDCheck
2009-12-28 17:21 . 2009-12-28 17:21 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\XRay Engine
2009-12-28 15:13 . 2007-10-17 06:37 28672 ----a-r- c:\windows\system32\PostProc.dll
2009-12-28 15:13 . 2009-12-28 15:13 -------- d-----w- c:\program files\Analog Devices
2009-12-28 15:13 . 2007-07-13 01:26 94976 ----a-r- c:\windows\system32\drivers\aeaudio.sys
2009-12-28 15:13 . 2008-03-24 01:08 331264 ----a-r- c:\windows\system32\drivers\ADIHdAud.sys
2009-12-28 15:13 . 2008-02-14 02:04 1683712 ----a-r- c:\windows\system32\drivers\Ambfilt.sys
2009-12-28 15:05 . 1999-12-12 17:01 44032 ------w- c:\windows\system32\CTSVCCDA.EXE
2009-12-28 15:05 . 1999-11-17 17:00 25088 ------w- c:\windows\system32\CTSVCCTL.EXE
2009-12-28 15:05 . 2008-04-14 16:03 20639178 ------w- c:\documents and settings\All Users.WINDOWS\Application Data\Creative\MediaSource U\AddOnPack.exe
2009-12-27 19:56 . 2009-12-27 19:56 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-12-27 19:56 . 2010-01-06 10:37 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\skypePM
2009-12-27 19:54 . 2010-01-06 10:50 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\Skype
2009-12-27 19:53 . 2009-12-27 19:53 -------- d-----r- c:\program files\Skype
2009-12-27 19:52 . 2009-12-27 19:53 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Skype
2009-12-27 18:30 . 2009-12-27 18:30 -------- d-----w- c:\program files\OpenAL
2009-12-27 15:02 . 2008-01-04 12:34 11832 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys
2009-12-27 15:02 . 2008-01-04 12:34 10216 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys
2009-12-27 12:52 . 2009-12-27 12:52 -------- d-----w- c:\windows\system32\XPSViewer
2009-12-27 12:52 . 2009-12-27 12:52 -------- d-----w- c:\program files\MSBuild
2009-12-27 12:52 . 2009-12-27 12:52 -------- d-----w- c:\program files\Reference Assemblies
2009-12-27 12:52 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-12-27 12:50 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-12-27 12:50 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-12-27 12:50 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-12-27 12:50 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-12-27 12:50 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-12-27 12:50 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2009-12-27 12:50 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-12-27 12:50 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-12-27 12:48 . 2009-12-27 12:48 -------- d-----w- c:\program files\MSXML 6.0
2009-12-27 12:17 . 2009-12-27 12:17 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\InstallShield
2009-12-27 12:15 . 2009-12-27 12:15 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\UDL
2009-12-27 12:13 . 2009-12-27 12:13 -------- d-----w- c:\program files\EPSON Print CD
2009-12-27 11:40 . 2007-01-11 04:02 113664 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
2009-12-27 11:40 . 2009-12-27 11:40 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\EPSON
2009-12-27 11:40 . 2004-09-10 20:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-12-27 11:40 . 2006-12-08 02:04 76800 ----a-w- c:\windows\system32\E_FLBCLE.DLL
2009-12-27 11:40 . 2006-04-19 02:00 62976 ----a-w- c:\windows\system32\E_FD4BCLE.DLL
2009-12-27 11:40 . 2004-08-03 22:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-12-27 11:40 . 2004-08-03 22:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-12-27 11:39 . 2004-08-03 21:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-12-27 11:39 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-12-27 11:39 . 2004-08-03 22:08 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-12-27 11:39 . 2004-08-03 22:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-12-27 11:36 . 2009-12-27 12:13 -------- d-----w- c:\program files\epson
2009-12-27 11:36 . 2007-07-12 23:00 71680 ----a-w- c:\windows\system32\escwiad.dll
2009-12-27 10:35 . 2009-12-27 10:35 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\Uniblue
2009-12-27 10:35 . 2009-12-27 10:35 -------- d-----w- c:\program files\Uniblue
2009-12-27 10:27 . 2008-06-13 13:10 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-12-27 10:27 . 2008-06-13 13:10 272128 ------w- c:\windows\system32\drivers\bthport.sys
2009-12-27 10:21 . 2009-12-27 10:25 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\Cyberlink
2009-12-27 09:44 . 2009-12-27 09:44 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\ESET
2009-12-27 09:44 . 2009-12-27 09:44 -------- d-----w- c:\program files\OpenOffice.org 3
2009-12-27 09:43 . 2010-01-06 11:45 -------- d-----w- c:\program files\ESET
2009-12-27 09:43 . 2009-12-27 09:43 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\ESET
2009-12-27 09:41 . 2009-12-27 10:25 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\CyberLink
2009-12-27 09:39 . 2009-12-27 10:21 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\CyberLink
2009-12-27 09:39 . 2009-12-27 09:39 -------- d-----w- c:\program files\CyberLink
2009-12-27 09:38 . 2009-12-27 09:38 505128 ----a-w- c:\windows\system32\msvcp71.dll
2009-12-27 09:38 . 2009-12-27 09:38 353576 ----a-w- c:\windows\system32\msvcr71.dll
2009-12-27 09:38 . 2009-12-27 09:38 29480 ----a-w- c:\windows\system32\msxml3a.dll
2009-12-27 09:38 . 2009-12-27 09:38 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Temp
2009-12-27 09:38 . 2009-12-27 09:38 53319 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2009-12-27 09:30 . 2009-12-17 23:14 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2009-12-27 09:30 . 2009-12-17 23:08 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2009-12-27 09:30 . 2009-12-27 09:30 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\TuneUp Software
2009-12-27 09:29 . 2009-12-27 09:40 -------- d-----w- c:\program files\TuneUp Utilities 2010
2009-12-27 09:29 . 2009-12-27 09:29 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\TuneUp Software
2009-12-27 09:23 . 2009-12-27 09:23 -------- d-sh--w- c:\documents and settings\All Users.WINDOWS\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-12-27 08:42 . 2009-12-27 08:42 -------- d-----w- c:\program files\Lavalys
2009-12-27 08:41 . 2009-12-27 08:42 -------- d-----w- c:\program files\QuickTime
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-05 20:15 . 2009-12-24 08:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-26 13:00 . 2009-12-26 12:02 5194 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-12-26 13:00 . 2009-12-26 12:02 166455 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-26 13:00 . 2009-12-26 12:02 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-12-26 12:00 . 2009-12-26 12:00 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-25 09:41 . 2009-12-24 08:28 16504 ----a-w- c:\documents and settings\MR\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-25 08:50 . 2009-12-24 08:14 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-24 08:54 . 2009-12-24 08:54 -------- d-----w- c:\documents and settings\MR\Application Data\ATI
2009-12-24 08:45 . 2009-12-24 08:45 -------- d-----w- c:\program files\Common Files\ATI Technologies
2009-12-24 07:51 . 2009-12-24 07:51 -------- d-----w- c:\program files\microsoft frontpage
2009-11-16 08:06 . 2009-11-16 08:06 55768 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2009-11-16 08:06 . 2009-11-16 08:06 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-11-16 08:03 . 2009-11-16 08:03 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-11-16 07:56 . 2009-11-16 07:56 116520 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-10-29 05:48 . 2004-08-04 00:56 662016 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 06:00 . 2004-08-04 00:56 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 06:00 . 2004-08-04 00:56 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 14:58 . 2004-08-03 23:00 263552 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:53 . 2004-08-04 00:56 266752 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:54 . 2004-08-04 00:56 69632 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:54 . 2004-08-04 00:56 112128 ----a-w- c:\windows\system32\rastls.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RunDAOD"="c:\windows\DAODx.exe" [2009-03-30 32768]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-13 98304]
"ASUS Update Checker"="c:\program files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe" [2008-12-11 114688]
"Cpu Level Up"="c:\program files\ASUS\AI Suite\CPU Level UPEx\CpuLevelUp.exe" [2009-01-22 1168896]
"CTSyncService"="c:\program files\InstallShield Installation Information\{3A94E148-9C8B-4FE9-99DD-93072F99BE20}\AMBSPISyncService.exe" [2008-04-17 1233196]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-04-27 87336]
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 50472]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2009-05-07 75048]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"TweakIt Help"="c:\program files\ASUS\TweakIt\TweakIt.exe" [2009-03-13 817152]
"VolPanel"="c:\program files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" [2008-02-11 221288]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-03-16 1040384]
"V0330Mon.exe"="c:\windows\V0330Mon.exe" [2007-04-30 32768]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
c:\documents and settings\BOSS\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]
c:\documents and settings\BOSS.MAFIA-70191CD73\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]
c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2008-2-12 394856]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD Cinema\\PowerDVDCinema.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD9.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\HRY\\call of duty 5\\CoDWaWmp.exe"=
"d:\\HRY\\call of duty 5\\CoDWaW.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/12/27 10:39];c:\program files\CyberLink\PowerDVD9\000.fcl [7.5.2009 21:05 87536]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [18.12.2009 0:12 1044808]
R3 AmbFilt;AmbFilt;c:\windows\system32\drivers\Ambfilt.sys [28.12.2009 16:13 1683712]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
R3 V0330VID;WebCam Vista/Live! Cam Chat;c:\windows\system32\drivers\V0330Vid.sys [4.1.2010 21:01 157696]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26.12.2009 22:57 691696]
S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [25.12.2009 16:17 79360]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
2009-12-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-01-07 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-12-17 23:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
.
- - - - ORPHANS REMOVED - - - -
AddRemove-Vietcong 2 - d:\hry\vietcong 2\Vietcong2\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-07 10:35
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
RunDAOD = c:\windows\DAODx.exe???????????????????????????????????????????????????????????????????????????????????????????????????????????.
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-1960408961-764733703-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:64,67,33,e1,43,d9,15,73,94,45,e2,fa,fd,37,b5,8b,78,2e,94,17,83,
ec,c5,6b,67,ad,a6,32,0b,a0,ee,11,cc,05,25,13,3a,4b,12,ff,c4,03,5b,f0,ac,f2,\
"rkeysecu"=hex:50,eb,34,3c,f1,1b,ae,ef,ae,9b,4a,0b,cb,2f,08,9d
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1000)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-01-07 10:38:07
ComboFix-quarantined-files.txt 2010-01-07 09:37
Pre-Run: 31 913 795 584 bytes free
Post-Run: 10 adresárov, 35 487 371 264 voľných bajtov
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /tutag=t80qwe /kernel=tukernel.exe
ComboFix 10-01-04.01 - BOSS 07.01.2010 10:28:48.1.4 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.421.1033.18.2047.1674 [GMT 1:00]
Running from: c:\documents and settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\Opera\Opera\temporary_downloads\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\ICQ6.5\ICQLRun.exe
c:\recycler\S-1-5-21-746137067-1606980848-725345543-1003
c:\recycler\S-1-5-21-796845957-746137067-839522115-1003
c:\recycler\S-1-5-21-823518204-527237240-839522115-1003
c:\windows\system32\Data
.
((((((((((((((((((((((((( Files Created from 2009-12-07 to 2010-01-07 )))))))))))))))))))))))))))))))
.
2010-01-06 18:04 . 2010-01-06 18:05 -------- d-----w- C:\rsit
2010-01-06 16:43 . 2010-01-06 16:43 -------- d-sh--w- c:\windows\ftpcache
2010-01-05 20:19 . 2010-01-05 20:19 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\Activision
2010-01-05 20:16 . 2010-01-05 20:19 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-01-05 20:16 . 2010-01-05 20:16 22328 ----a-w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\PnkBstrK.sys
2010-01-05 20:15 . 2010-01-05 20:19 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-01-05 20:15 . 2010-01-05 20:15 682280 ----a-w- c:\windows\system32\pbsvc.exe
2010-01-05 20:15 . 2010-01-05 20:15 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-01-05 20:15 . 2010-01-05 20:15 -------- d-----w- c:\windows\system32\LogFiles
2010-01-04 22:05 . 2010-01-06 16:41 -------- d-----w- c:\program files\GCFScape
2010-01-04 22:01 . 2010-01-04 22:01 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY.001\Local Settings\Application Data\ESET
2010-01-04 20:01 . 2007-04-30 00:03 32768 ----a-w- c:\windows\V0330Mon.exe
2010-01-04 20:01 . 2007-04-24 00:10 20480 ----a-w- c:\windows\V0330Cfg.exe
2010-01-04 20:01 . 2006-11-10 00:00 126976 ----a-w- c:\windows\system32\V0330Vfw.dll
2010-01-04 20:01 . 2010-01-04 20:01 -------- d-----w- c:\windows\CtDrvInstall
2010-01-04 20:01 . 2007-08-08 12:48 157696 ----a-w- c:\windows\system32\drivers\V0330Vid.sys
2010-01-04 20:01 . 2007-04-30 00:10 266240 ----a-w- c:\windows\system32\V0330Cvw.dll
2010-01-04 20:01 . 2007-04-26 00:10 32768 ----a-w- c:\windows\system32\V0330Hwx.dll
2010-01-04 20:01 . 2007-04-25 00:10 20480 ----a-w- c:\windows\system32\V0330Srv.exe
2010-01-04 20:01 . 2007-04-24 00:10 36864 ----a-w- c:\windows\system32\V0330Pin.dll
2010-01-04 20:01 . 2006-12-13 09:35 4516 ----a-w- c:\windows\system32\drivers\V0330STB.SYS
2010-01-04 20:01 . 2005-07-07 00:07 36864 ----a-w- c:\windows\system32\CtCamMgr.dll
2010-01-04 16:13 . 2010-01-04 16:13 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\ESET
2010-01-04 09:31 . 2006-11-01 13:52 765952 ----a-w- c:\windows\system32\xvidcore.dll
2010-01-04 09:31 . 2010-01-04 09:31 -------- d-----w- c:\program files\Xvid
2010-01-04 09:31 . 2006-11-01 13:54 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2010-01-03 15:39 . 2010-01-03 15:39 -------- d-----w- C:\Live! Cam
2010-01-03 15:35 . 2004-08-03 22:10 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys
2010-01-03 15:35 . 2004-08-03 22:10 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2010-01-03 15:25 . 2004-08-03 22:10 15360 -c--a-w- c:\windows\system32\dllcache\streamip.sys
2010-01-03 15:25 . 2004-08-03 22:10 15360 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2010-01-03 15:25 . 2004-08-03 22:10 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2010-01-03 15:25 . 2004-08-03 22:10 19328 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2010-01-03 15:25 . 2004-08-03 22:10 85376 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys
2010-01-03 15:25 . 2004-08-03 22:10 85376 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2010-01-03 15:25 . 2004-08-03 22:10 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2010-01-03 15:25 . 2004-08-03 22:10 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2010-01-03 15:25 . 2004-08-03 23:56 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-01-03 15:25 . 2004-08-03 23:56 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-01-03 11:44 . 2010-01-03 11:44 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\Deployment
2010-01-01 13:24 . 2010-01-01 13:25 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\ICQ
2010-01-01 13:23 . 2010-01-07 09:34 -------- d-----w- c:\program files\ICQ6.5
2009-12-31 23:58 . 2009-12-31 23:58 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\Identities
2009-12-31 11:15 . 2009-12-31 11:15 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY.001\Application Data\TuneUp Software
2009-12-30 17:34 . 2009-12-30 17:34 -------- d--h--r- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\SecuROM
2009-12-30 17:27 . 2009-12-30 17:27 -------- dc----w- c:\windows\system32\DRVSTORE
2009-12-30 17:27 . 2009-12-30 17:27 -------- d-----w- c:\windows\system32\AGEIA
2009-12-30 17:27 . 2009-12-30 17:27 -------- d-----w- c:\program files\AGEIA Technologies
2009-12-30 17:27 . 2010-01-04 09:28 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-29 13:31 . 2010-01-04 22:46 1 ----a-w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-12-29 13:30 . 2009-12-29 13:30 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\OpenOffice.org
2009-12-28 18:36 . 2009-12-28 18:36 10134 ----a-r- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
2009-12-28 18:26 . 2009-12-30 17:34 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-12-28 17:54 . 2009-12-28 17:54 -------- d-----w- c:\program files\CDCheck
2009-12-28 17:21 . 2009-12-28 17:21 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\XRay Engine
2009-12-28 15:13 . 2007-10-17 06:37 28672 ----a-r- c:\windows\system32\PostProc.dll
2009-12-28 15:13 . 2009-12-28 15:13 -------- d-----w- c:\program files\Analog Devices
2009-12-28 15:13 . 2007-07-13 01:26 94976 ----a-r- c:\windows\system32\drivers\aeaudio.sys
2009-12-28 15:13 . 2008-03-24 01:08 331264 ----a-r- c:\windows\system32\drivers\ADIHdAud.sys
2009-12-28 15:13 . 2008-02-14 02:04 1683712 ----a-r- c:\windows\system32\drivers\Ambfilt.sys
2009-12-28 15:05 . 1999-12-12 17:01 44032 ------w- c:\windows\system32\CTSVCCDA.EXE
2009-12-28 15:05 . 1999-11-17 17:00 25088 ------w- c:\windows\system32\CTSVCCTL.EXE
2009-12-28 15:05 . 2008-04-14 16:03 20639178 ------w- c:\documents and settings\All Users.WINDOWS\Application Data\Creative\MediaSource U\AddOnPack.exe
2009-12-27 19:56 . 2009-12-27 19:56 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-12-27 19:56 . 2010-01-06 10:37 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\skypePM
2009-12-27 19:54 . 2010-01-06 10:50 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\Skype
2009-12-27 19:53 . 2009-12-27 19:53 -------- d-----r- c:\program files\Skype
2009-12-27 19:52 . 2009-12-27 19:53 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Skype
2009-12-27 18:30 . 2009-12-27 18:30 -------- d-----w- c:\program files\OpenAL
2009-12-27 15:02 . 2008-01-04 12:34 11832 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys
2009-12-27 15:02 . 2008-01-04 12:34 10216 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys
2009-12-27 12:52 . 2009-12-27 12:52 -------- d-----w- c:\windows\system32\XPSViewer
2009-12-27 12:52 . 2009-12-27 12:52 -------- d-----w- c:\program files\MSBuild
2009-12-27 12:52 . 2009-12-27 12:52 -------- d-----w- c:\program files\Reference Assemblies
2009-12-27 12:52 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-12-27 12:50 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-12-27 12:50 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-12-27 12:50 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-12-27 12:50 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-12-27 12:50 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-12-27 12:50 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2009-12-27 12:50 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-12-27 12:50 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-12-27 12:48 . 2009-12-27 12:48 -------- d-----w- c:\program files\MSXML 6.0
2009-12-27 12:17 . 2009-12-27 12:17 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\InstallShield
2009-12-27 12:15 . 2009-12-27 12:15 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\UDL
2009-12-27 12:13 . 2009-12-27 12:13 -------- d-----w- c:\program files\EPSON Print CD
2009-12-27 11:40 . 2007-01-11 04:02 113664 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
2009-12-27 11:40 . 2009-12-27 11:40 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\EPSON
2009-12-27 11:40 . 2004-09-10 20:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-12-27 11:40 . 2006-12-08 02:04 76800 ----a-w- c:\windows\system32\E_FLBCLE.DLL
2009-12-27 11:40 . 2006-04-19 02:00 62976 ----a-w- c:\windows\system32\E_FD4BCLE.DLL
2009-12-27 11:40 . 2004-08-03 22:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-12-27 11:40 . 2004-08-03 22:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-12-27 11:39 . 2004-08-03 21:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-12-27 11:39 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-12-27 11:39 . 2004-08-03 22:08 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-12-27 11:39 . 2004-08-03 22:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-12-27 11:36 . 2009-12-27 12:13 -------- d-----w- c:\program files\epson
2009-12-27 11:36 . 2007-07-12 23:00 71680 ----a-w- c:\windows\system32\escwiad.dll
2009-12-27 10:35 . 2009-12-27 10:35 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\Uniblue
2009-12-27 10:35 . 2009-12-27 10:35 -------- d-----w- c:\program files\Uniblue
2009-12-27 10:27 . 2008-06-13 13:10 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-12-27 10:27 . 2008-06-13 13:10 272128 ------w- c:\windows\system32\drivers\bthport.sys
2009-12-27 10:21 . 2009-12-27 10:25 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\Cyberlink
2009-12-27 09:44 . 2009-12-27 09:44 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\ESET
2009-12-27 09:44 . 2009-12-27 09:44 -------- d-----w- c:\program files\OpenOffice.org 3
2009-12-27 09:43 . 2010-01-06 11:45 -------- d-----w- c:\program files\ESET
2009-12-27 09:43 . 2009-12-27 09:43 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\ESET
2009-12-27 09:41 . 2009-12-27 10:25 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\CyberLink
2009-12-27 09:39 . 2009-12-27 10:21 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\CyberLink
2009-12-27 09:39 . 2009-12-27 09:39 -------- d-----w- c:\program files\CyberLink
2009-12-27 09:38 . 2009-12-27 09:38 505128 ----a-w- c:\windows\system32\msvcp71.dll
2009-12-27 09:38 . 2009-12-27 09:38 353576 ----a-w- c:\windows\system32\msvcr71.dll
2009-12-27 09:38 . 2009-12-27 09:38 29480 ----a-w- c:\windows\system32\msxml3a.dll
2009-12-27 09:38 . 2009-12-27 09:38 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Temp
2009-12-27 09:38 . 2009-12-27 09:38 53319 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2009-12-27 09:30 . 2009-12-17 23:14 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2009-12-27 09:30 . 2009-12-17 23:08 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2009-12-27 09:30 . 2009-12-27 09:30 -------- d-----w- c:\documents and settings\BOSS.MAFIA-70191CD73\Application Data\TuneUp Software
2009-12-27 09:29 . 2009-12-27 09:40 -------- d-----w- c:\program files\TuneUp Utilities 2010
2009-12-27 09:29 . 2009-12-27 09:29 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\TuneUp Software
2009-12-27 09:23 . 2009-12-27 09:23 -------- d-sh--w- c:\documents and settings\All Users.WINDOWS\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-12-27 08:42 . 2009-12-27 08:42 -------- d-----w- c:\program files\Lavalys
2009-12-27 08:41 . 2009-12-27 08:42 -------- d-----w- c:\program files\QuickTime
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-05 20:15 . 2009-12-24 08:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-26 13:00 . 2009-12-26 12:02 5194 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-12-26 13:00 . 2009-12-26 12:02 166455 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-26 13:00 . 2009-12-26 12:02 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-12-26 12:00 . 2009-12-26 12:00 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-25 09:41 . 2009-12-24 08:28 16504 ----a-w- c:\documents and settings\MR\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-25 08:50 . 2009-12-24 08:14 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-24 08:54 . 2009-12-24 08:54 -------- d-----w- c:\documents and settings\MR\Application Data\ATI
2009-12-24 08:45 . 2009-12-24 08:45 -------- d-----w- c:\program files\Common Files\ATI Technologies
2009-12-24 07:51 . 2009-12-24 07:51 -------- d-----w- c:\program files\microsoft frontpage
2009-11-16 08:06 . 2009-11-16 08:06 55768 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2009-11-16 08:06 . 2009-11-16 08:06 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-11-16 08:03 . 2009-11-16 08:03 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-11-16 07:56 . 2009-11-16 07:56 116520 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-10-29 05:48 . 2004-08-04 00:56 662016 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 06:00 . 2004-08-04 00:56 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 06:00 . 2004-08-04 00:56 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 14:58 . 2004-08-03 23:00 263552 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:53 . 2004-08-04 00:56 266752 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:54 . 2004-08-04 00:56 69632 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:54 . 2004-08-04 00:56 112128 ----a-w- c:\windows\system32\rastls.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RunDAOD"="c:\windows\DAODx.exe" [2009-03-30 32768]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-13 98304]
"ASUS Update Checker"="c:\program files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe" [2008-12-11 114688]
"Cpu Level Up"="c:\program files\ASUS\AI Suite\CPU Level UPEx\CpuLevelUp.exe" [2009-01-22 1168896]
"CTSyncService"="c:\program files\InstallShield Installation Information\{3A94E148-9C8B-4FE9-99DD-93072F99BE20}\AMBSPISyncService.exe" [2008-04-17 1233196]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-04-27 87336]
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 50472]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2009-05-07 75048]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"TweakIt Help"="c:\program files\ASUS\TweakIt\TweakIt.exe" [2009-03-13 817152]
"VolPanel"="c:\program files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" [2008-02-11 221288]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-03-16 1040384]
"V0330Mon.exe"="c:\windows\V0330Mon.exe" [2007-04-30 32768]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
c:\documents and settings\BOSS\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]
c:\documents and settings\BOSS.MAFIA-70191CD73\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]
c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2008-2-12 394856]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD Cinema\\PowerDVDCinema.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD9.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\HRY\\call of duty 5\\CoDWaWmp.exe"=
"d:\\HRY\\call of duty 5\\CoDWaW.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/12/27 10:39];c:\program files\CyberLink\PowerDVD9\000.fcl [7.5.2009 21:05 87536]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [18.12.2009 0:12 1044808]
R3 AmbFilt;AmbFilt;c:\windows\system32\drivers\Ambfilt.sys [28.12.2009 16:13 1683712]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
R3 V0330VID;WebCam Vista/Live! Cam Chat;c:\windows\system32\drivers\V0330Vid.sys [4.1.2010 21:01 157696]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26.12.2009 22:57 691696]
S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [25.12.2009 16:17 79360]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
2009-12-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-01-07 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-12-17 23:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
.
- - - - ORPHANS REMOVED - - - -
AddRemove-Vietcong 2 - d:\hry\vietcong 2\Vietcong2\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-07 10:35
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
RunDAOD = c:\windows\DAODx.exe???????????????????????????????????????????????????????????????????????????????????????????????????????????.
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-1960408961-764733703-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:64,67,33,e1,43,d9,15,73,94,45,e2,fa,fd,37,b5,8b,78,2e,94,17,83,
ec,c5,6b,67,ad,a6,32,0b,a0,ee,11,cc,05,25,13,3a,4b,12,ff,c4,03,5b,f0,ac,f2,\
"rkeysecu"=hex:50,eb,34,3c,f1,1b,ae,ef,ae,9b,4a,0b,cb,2f,08,9d
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1000)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-01-07 10:38:07
ComboFix-quarantined-files.txt 2010-01-07 09:37
Pre-Run: 31 913 795 584 bytes free
Post-Run: 10 adresárov, 35 487 371 264 voľných bajtov
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /tutag=t80qwe /kernel=tukernel.exe
Re: trojsky kun
zablokoval som tie viry v advanced windows care a neako to nepomaha
Re: trojsky kun
viete mi niekto s tim pomoct?
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: trojsky kun
Několik položek CF smazal.
1. Tento soubor: C:\WINDOWS\system32\tmp793.tmp otestujte online na www.virustotal.com .
2. Smažte cache prohlížeče.
1. Tento soubor: C:\WINDOWS\system32\tmp793.tmp otestujte online na www.virustotal.com .
2. Smažte cache prohlížeče.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: trojsky kun
Otestoval som to čo mam robit dalej?
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: trojsky kun
A jaký je výsledek?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: trojsky kun
Vysledok žiadny začalo kontrolovat potom napisalo že Současný stav: Dokončeno
Výsledek: 0/41 (0.00%) prosim o pomoc
Výsledek: 0/41 (0.00%) prosim o pomoc
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: trojsky kun
OK. Soubor je čistý. Kde byly nalezeny viry, o nichž jste mi psal v SZ?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: trojsky kun
virusi mi zachitilo eset smart security 4 a potom mi 30 krat viškočilo okienko bol zachiteni virus DownloadTrojan.Agent.NRL uložilo iba 6 virusov toho typu + neaky simple xqz wallhack to je asi cheat na counter-strike ten som vimazal stahol mi ho bratranec do pc a potom ešte jeden tam bol a bolo to z system volume information kontroloval som všetko len ten virus trojsky kon mi neako opera spustila neviem ako surfoval som na nete a mi to viskočilo mimochodom dnes mi napisalo že treba poslat určite subory na analizu poslal som ich bola to stranka dam ju tu ale dufam že žiadna lamka neklikne nato jeto http://www.kix.sk,kontroloval som pc v anti-malvare no nič nenašlo ale dal som iba rychli sken/color]Dakujem
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: trojsky kun
Potřebuji znát cestu k těm souborům.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: trojsky kun
C:\Documents and Settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\Opera\Opera\cache\opr018WF tu jet to jenom že ten subor tam neni eset zachytilo a potom som sa šiel pozrieť žiadny subor tam nebol skušal som to pomocou hladania aj inak neni to tam a počul som že ten virus je silny že mi akosi napadol windows a že jedina šanca reinstall windows ale že cez neaky system recovery program stiahol som ho a boli tam neake virusi označil som ich a dal opravit ale ono ich iba blocklo a nie odstranilo fakt už neviem.Dakujem
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: trojsky kun
Obsah té složky můžete kompletně smazat. Vyčistěte PC CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: trojsky kun
7.1.2010 10:28:48 Rezidentná ochrana súbor C:\DOCUME~1\BOSS~2.MAF\LOCALS~1\Temp\Av-test.txt Eicar testovací súbor vyliečený zmazaním - uložený do karantény MAFIA-70191CD73\BOSS Táto skutočnosť bola zistená na novom súbore, ktorý bol vytvorený aplikáciou: C:\ComboFix\CF27504.cfxxe.
6.1.2010 20:07:33 HTTP filter súbor http://www.kix.sk/infusions/ainfo_panel ... bs.pack.js JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:32 HTTP filter súbor http://www.kix.sk/includes/jquery.js JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:32 HTTP filter súbor http://www.kix.sk/includes/jquery.js JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:31 HTTP filter súbor http://www.kix.sk/includes/jquery.js JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:30 HTTP filter súbor http://www.kix.sk/includes/jscript.js JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:30 HTTP filter súbor http://www.kix.sk/includes/jscript.js JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:30 HTTP filter súbor http://www.kix.sk/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:29 HTTP filter súbor http://www.kix.sk/includes/jscript.js JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:29 HTTP filter súbor http://www.kix.sk/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:28 HTTP filter súbor http://www.kix.sk/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:01:16 Rezidentná ochrana súbor C:\Documents and Settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\Opera\Opera\cache\opr018WF JS/TrojanDownloader.Agent.NRL trójsky kôň vyliečený zmazaním - uložený do karantény MAFIA-70191CD73\BOSS Táto skutočnosť bola zistená na súbore, ktorý bol modifikovaný aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:48 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:48 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:48 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:48 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:47 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:47 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:47 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:47 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:46 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:46 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:46 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:46 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:46 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:46 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:45 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:45 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:45 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:45 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:45 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:44 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:44 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:44 HTTP filter súbor http://www.kix.sk/uploadfiles/banner 81x31 2.gif JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 0:40:50 Rezidentná ochrana súbor C:\System Volume Information\_restore{636579E7-319A-4EC2-A23B-3739C5B83242}\RP82\A0046473.exe pravdepodobne variant infiltrácie Win32/Agent trójsky kôň vyliečený zmazaním - uložený do karantény NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o prístup k súboru aplikáciou: C:\WINDOWS\system32\svchost.exe.
4.1.2010 23:01:49 HTTP filter súbor http://www.mpcdownloads.com/forums/downloads.php Win32/PSW.Steam.F trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
4.1.2010 17:13:05 Rezidentná ochrana súbor C:\Documents and Settings\BOSS.MAFIA-70191CD73\Desktop\Simple XQZ Wallhack (Test version 8) by Laurynas.exe pravdepodobne variant infiltrácie Win32/Agent trójsky kôň vyliečený zmazaním - uložený do karantény MAFIA-70191CD73\BOSS Táto skutočnosť bola zistená pri pokuse o spustenie súboru aplikáciou: C:\WINDOWS\explorer.exe. tu su tie nazvi atd.
6.1.2010 20:07:33 HTTP filter súbor http://www.kix.sk/infusions/ainfo_panel ... bs.pack.js JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:32 HTTP filter súbor http://www.kix.sk/includes/jquery.js JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:32 HTTP filter súbor http://www.kix.sk/includes/jquery.js JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:31 HTTP filter súbor http://www.kix.sk/includes/jquery.js JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:30 HTTP filter súbor http://www.kix.sk/includes/jscript.js JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:30 HTTP filter súbor http://www.kix.sk/includes/jscript.js JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:30 HTTP filter súbor http://www.kix.sk/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:29 HTTP filter súbor http://www.kix.sk/includes/jscript.js JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:29 HTTP filter súbor http://www.kix.sk/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
6.1.2010 20:07:28 HTTP filter súbor http://www.kix.sk/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:01:16 Rezidentná ochrana súbor C:\Documents and Settings\BOSS.MAFIA-70191CD73\Local Settings\Application Data\Opera\Opera\cache\opr018WF JS/TrojanDownloader.Agent.NRL trójsky kôň vyliečený zmazaním - uložený do karantény MAFIA-70191CD73\BOSS Táto skutočnosť bola zistená na súbore, ktorý bol modifikovaný aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:48 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:48 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:48 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:48 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:47 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:47 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:47 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:47 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:46 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:46 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:46 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:46 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:46 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:46 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:45 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:45 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:45 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:45 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:45 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:44 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:44 HTTP filter súbor http://www.kix.sk/uploadfiles/news.php JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 12:00:44 HTTP filter súbor http://www.kix.sk/uploadfiles/banner 81x31 2.gif JS/TrojanDownloader.Agent.NRL trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
5.1.2010 0:40:50 Rezidentná ochrana súbor C:\System Volume Information\_restore{636579E7-319A-4EC2-A23B-3739C5B83242}\RP82\A0046473.exe pravdepodobne variant infiltrácie Win32/Agent trójsky kôň vyliečený zmazaním - uložený do karantény NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o prístup k súboru aplikáciou: C:\WINDOWS\system32\svchost.exe.
4.1.2010 23:01:49 HTTP filter súbor http://www.mpcdownloads.com/forums/downloads.php Win32/PSW.Steam.F trójsky kôň prerušené spojenie - uložený do karantény MAFIA-70191CD73\BOSS Infiltrácia bola zachytená pri prístupe na web aplikáciou: C:\Program Files\Opera\opera.exe.
4.1.2010 17:13:05 Rezidentná ochrana súbor C:\Documents and Settings\BOSS.MAFIA-70191CD73\Desktop\Simple XQZ Wallhack (Test version 8) by Laurynas.exe pravdepodobne variant infiltrácie Win32/Agent trójsky kôň vyliečený zmazaním - uložený do karantény MAFIA-70191CD73\BOSS Táto skutočnosť bola zistená pri pokuse o spustenie súboru aplikáciou: C:\WINDOWS\explorer.exe. tu su tie nazvi atd.
Přispějete na provoz fóra?