Prosím o kontrolu logu-ROOTKIT
Napsal: 17 led 2010 13:56
HKLM\SECURITY\Policy\Secrets\SAC* 5.12.2008 4:08 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAI* 5.12.2008 4:08 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\Installer\Products\32418F9EE1126B64A90E8365B85CFCF6\ProductName 1.2.2009 17:33 26 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed 17.1.2010 13:33 80 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\DisplayName 15.2.2009 11:40 26 bytes Data mismatch between Windows API and raw hive data.
HKLM\SYSTEM\ControlSet001\Control\StillImage\Events\STIProxyEvent\{091FBCCE-3AFA-4BC7-A7D7-62C76BECE782}\Desc 7.1.2010 14:21 43 bytes Data mismatch between Windows API and raw hive data.
HKLM\SYSTEM\ControlSet001\Control\StillImage\Events\STIProxyEvent\{091FBCCE-3AFA-4BC7-A7D7-62C76BECE782}\Icon 7.1.2010 14:21 45 bytes Data mismatch between Windows API and raw hive data.
HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg 14.12.2008 12:02 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet003\Control\StillImage\Events\STIProxyEvent\{091FBCCE-3AFA-4BC7-A7D7-62C76BECE782}\Desc 7.1.2010 14:21 43 bytes Data mismatch between Windows API and raw hive data.
HKLM\SYSTEM\ControlSet003\Control\StillImage\Events\STIProxyEvent\{091FBCCE-3AFA-4BC7-A7D7-62C76BECE782}\Icon 7.1.2010 14:21 45 bytes Data mismatch between Windows API and raw hive data.
C:\Documents and Settings\MSI\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2010-01-17 13-35-28.txt 17.1.2010 13:35 40.51 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Application Data\Lavasoft\Ad-Aware\Quarantine\auto-quarantine- 2010-01-17 13-35-41.bckp 17.1.2010 13:35 8.47 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Cookies\msi@ad.yieldmanager[2].txt 17.1.2010 10:49 575 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@adbrite[2].txt 16.1.2010 10:28 495 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@adultfriendfinder[2].txt 16.1.2010 10:26 1.27 KB Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@advertising[2].txt 16.1.2010 19:03 210 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@apmebf[1].txt 15.1.2010 19:59 89 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@calpis.112.2o7[1].txt 15.1.2010 20:33 117 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@cgm.adbureau[2].txt 16.1.2010 19:01 103 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@cz.static.etargetnet[2].txt 17.1.2010 13:05 157 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@doubleclick[1].txt 12.1.2010 20:05 115 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@fastclick[2].txt 15.1.2010 20:40 339 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@hit.gemius[2].txt 16.1.2010 19:57 209 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@please[1].txt 13.1.2010 16:17 122 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@please[2].txt 17.1.2010 11:26 137 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@please[4].txt 16.1.2010 11:26 130 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@sk.static.etargetnet[2].txt 12.1.2010 14:47 160 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@specificclick[2].txt 17.1.2010 11:21 681 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@statcounter[2].txt 16.1.2010 18:25 94 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@statse.webtrendslive[2].txt 13.1.2010 19:29 206 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@tribalfusion[2].txt 16.1.2010 19:02 177 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@www.burstnet[1].txt 16.1.2010 18:58 72 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\075743F8d01 17.1.2010 13:35 108.12 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\10E9678Bd01 17.1.2010 13:37 127.97 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\13F9602Dd01 17.1.2010 13:37 91.91 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\1664C2D3d01 17.1.2010 13:38 26.10 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\1C9E9ABAd01 17.1.2010 13:37 35.49 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\3132F704d01 17.1.2010 13:38 101.08 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\328C99C6d01 17.1.2010 13:37 172.51 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\35DBD8C0d01 17.1.2010 13:37 17.68 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\38765312d01 17.1.2010 13:37 34.75 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\3DEC6777d01 17.1.2010 13:38 18.84 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\4196EA73d01 17.1.2010 13:38 29.36 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\45B83DCCd01 17.1.2010 13:38 41.36 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\4F8B8DE6d01 17.1.2010 13:38 43.37 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\69D98B0Ed01 17.1.2010 13:37 164.89 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\69DA8B0Ed01 17.1.2010 13:37 75.25 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\69DB8B0Ed01 17.1.2010 13:37 99.89 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\69DD8B0Ed01 17.1.2010 13:37 113.86 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\76CCBC25d01 17.1.2010 13:38 177.80 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\7B739F7Bd01 17.1.2010 13:37 23.65 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\B730F681d01 17.1.2010 13:37 19.79 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\C9940ACCd01 17.1.2010 13:39 23.68 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\DEF74006d01 17.1.2010 13:38 37.16 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\urlclassifier3.sqlite-journal 17.1.2010 13:38 13.03 MB Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Local Settings\Temp\175.tmp 17.1.2010 13:34 6.03 MB Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Local Settings\Temp\178.tmp 17.1.2010 13:38 6.03 MB Visible in Windows API, MFT, but not in directory index.
C:\Documents and Settings\MSI\Local Settings\Temp\17B.tmp 17.1.2010 13:40 6.03 MB Visible in directory index, but not Windows API or MFT.
C:\Documents and Settings\MSI\Local Settings\Temp\AAWTMP 17.1.2010 13:35 0 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Local Settings\Temp\AAWTMP\TMP 17.1.2010 13:35 0 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\My Documents\My Pictures\CAW56J4X.:Zone.Identifier 24.12.2008 14:51 26 bytes Hidden from Windows API.
Neviem čo s tým..prosila by som o radu
HKLM\SECURITY\Policy\Secrets\SAI* 5.12.2008 4:08 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\Installer\Products\32418F9EE1126B64A90E8365B85CFCF6\ProductName 1.2.2009 17:33 26 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed 17.1.2010 13:33 80 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\DisplayName 15.2.2009 11:40 26 bytes Data mismatch between Windows API and raw hive data.
HKLM\SYSTEM\ControlSet001\Control\StillImage\Events\STIProxyEvent\{091FBCCE-3AFA-4BC7-A7D7-62C76BECE782}\Desc 7.1.2010 14:21 43 bytes Data mismatch between Windows API and raw hive data.
HKLM\SYSTEM\ControlSet001\Control\StillImage\Events\STIProxyEvent\{091FBCCE-3AFA-4BC7-A7D7-62C76BECE782}\Icon 7.1.2010 14:21 45 bytes Data mismatch between Windows API and raw hive data.
HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg 14.12.2008 12:02 0 bytes Access is denied.
HKLM\SYSTEM\ControlSet003\Control\StillImage\Events\STIProxyEvent\{091FBCCE-3AFA-4BC7-A7D7-62C76BECE782}\Desc 7.1.2010 14:21 43 bytes Data mismatch between Windows API and raw hive data.
HKLM\SYSTEM\ControlSet003\Control\StillImage\Events\STIProxyEvent\{091FBCCE-3AFA-4BC7-A7D7-62C76BECE782}\Icon 7.1.2010 14:21 45 bytes Data mismatch between Windows API and raw hive data.
C:\Documents and Settings\MSI\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2010-01-17 13-35-28.txt 17.1.2010 13:35 40.51 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Application Data\Lavasoft\Ad-Aware\Quarantine\auto-quarantine- 2010-01-17 13-35-41.bckp 17.1.2010 13:35 8.47 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Cookies\msi@ad.yieldmanager[2].txt 17.1.2010 10:49 575 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@adbrite[2].txt 16.1.2010 10:28 495 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@adultfriendfinder[2].txt 16.1.2010 10:26 1.27 KB Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@advertising[2].txt 16.1.2010 19:03 210 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@apmebf[1].txt 15.1.2010 19:59 89 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@calpis.112.2o7[1].txt 15.1.2010 20:33 117 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@cgm.adbureau[2].txt 16.1.2010 19:01 103 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@cz.static.etargetnet[2].txt 17.1.2010 13:05 157 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@doubleclick[1].txt 12.1.2010 20:05 115 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@fastclick[2].txt 15.1.2010 20:40 339 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@hit.gemius[2].txt 16.1.2010 19:57 209 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@please[1].txt 13.1.2010 16:17 122 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@please[2].txt 17.1.2010 11:26 137 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@please[4].txt 16.1.2010 11:26 130 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@sk.static.etargetnet[2].txt 12.1.2010 14:47 160 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@specificclick[2].txt 17.1.2010 11:21 681 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@statcounter[2].txt 16.1.2010 18:25 94 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@statse.webtrendslive[2].txt 13.1.2010 19:29 206 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@tribalfusion[2].txt 16.1.2010 19:02 177 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Cookies\msi@www.burstnet[1].txt 16.1.2010 18:58 72 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\075743F8d01 17.1.2010 13:35 108.12 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\10E9678Bd01 17.1.2010 13:37 127.97 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\13F9602Dd01 17.1.2010 13:37 91.91 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\1664C2D3d01 17.1.2010 13:38 26.10 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\1C9E9ABAd01 17.1.2010 13:37 35.49 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\3132F704d01 17.1.2010 13:38 101.08 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\328C99C6d01 17.1.2010 13:37 172.51 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\35DBD8C0d01 17.1.2010 13:37 17.68 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\38765312d01 17.1.2010 13:37 34.75 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\3DEC6777d01 17.1.2010 13:38 18.84 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\4196EA73d01 17.1.2010 13:38 29.36 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\45B83DCCd01 17.1.2010 13:38 41.36 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\4F8B8DE6d01 17.1.2010 13:38 43.37 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\69D98B0Ed01 17.1.2010 13:37 164.89 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\69DA8B0Ed01 17.1.2010 13:37 75.25 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\69DB8B0Ed01 17.1.2010 13:37 99.89 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\69DD8B0Ed01 17.1.2010 13:37 113.86 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\76CCBC25d01 17.1.2010 13:38 177.80 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\7B739F7Bd01 17.1.2010 13:37 23.65 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\B730F681d01 17.1.2010 13:37 19.79 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\C9940ACCd01 17.1.2010 13:39 23.68 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\Cache\DEF74006d01 17.1.2010 13:38 37.16 KB Hidden from Windows API.
C:\Documents and Settings\MSI\Local Settings\Application Data\Mozilla\Firefox\Profiles\y9guqzlw.default\urlclassifier3.sqlite-journal 17.1.2010 13:38 13.03 MB Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Local Settings\Temp\175.tmp 17.1.2010 13:34 6.03 MB Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Local Settings\Temp\178.tmp 17.1.2010 13:38 6.03 MB Visible in Windows API, MFT, but not in directory index.
C:\Documents and Settings\MSI\Local Settings\Temp\17B.tmp 17.1.2010 13:40 6.03 MB Visible in directory index, but not Windows API or MFT.
C:\Documents and Settings\MSI\Local Settings\Temp\AAWTMP 17.1.2010 13:35 0 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\Local Settings\Temp\AAWTMP\TMP 17.1.2010 13:35 0 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\MSI\My Documents\My Pictures\CAW56J4X.:Zone.Identifier 24.12.2008 14:51 26 bytes Hidden from Windows API.
Neviem čo s tým..prosila by som o radu