Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Strašná kopa vírusov...

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Vlasta333
4. Stupeň Varování
Příspěvky: 73
Registrován: 25 kvě 2008 18:07

Strašná kopa vírusov...

#1 Příspěvek od Vlasta333 »

Prosím o dočistenie a nepýtajte sa ma ani ako som zaprasil tento PC ... :?:
RSIT - HJT ... nic neskoncilo svoju pracu.ComboFix som po spusteni z pracovnej plochy zrazu stratil.Musel som stiahúť znova - spustit z nudzoveho.PC sa restartol a dokoncil skenovanie.Tu je log a viem,ze je poriadne este zasvineny.Prosim o dalsie rady.
Ďakujem !

ComboFix 10-02-08.02 - Krylias 08.02.2010 22:07:23.3.4 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.3327.2863 [GMT 1:00]
Running from: c:\documents and settings\Krylias\Desktop\ComboFix.exe
AV: COMODO Antivirus *On-access scanning disabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.
ADS - svchost.exe: deleted 35328 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
c:\docume~1\Krylias\LOCALS~1\Temp\init.exe
c:\documents and settings\Krylias\Application Data\Microsoft\~DFK796ebb.tmp
c:\documents and settings\Krylias\Application Data\Microsoft\1eaadjc.dll
c:\documents and settings\Krylias\Application Data\Microsoft\bass.dll
c:\documents and settings\Krylias\Application Data\Microsoft\kfgresk.dll
c:\documents and settings\Krylias\Application Data\Microsoft\mjcriu.dll
c:\documents and settings\Krylias\Application Data\Microsoft\peaadje.dll
c:\documents and settings\Krylias\Application Data\Microsoft\qwadjb.dll
c:\documents and settings\Krylias\Application Data\Microsoft\rsaadjd.dll
c:\documents and settings\Krylias\Local Settings\temp\init.exe
c:\documents and settings\Krylias\oashdihasidhasuidhiasdhiashdiuasdhasd
C:\lsass.exe
c:\program files\Adobe\acrotray .exe
c:\program files\Internet Explorer\js.mui
c:\program files\Internet Explorer\wmpscfgs.exe
c:\recycler\S-1-5-21-0243936033-3052116371-381863308-1811
c:\recycler\S-1-5-21-1240283750-1518874365-927648591-1245
c:\recycler\S-1-5-21-1362918446-2525656442-491318994-8672
c:\recycler\S-1-5-21-3107540501-4096314710-189190828-1088
c:\recycler\S-1-5-21-4772001906-1010738014-193359545-0425
c:\recycler\S-1-5-21-9365767676-3310523789-870391701-0558
c:\recycler\S-1-5-21-9527775185-7985083491-438596722-5582
c:\windows\ccdrive32.exe
c:\windows\logfile32.txt
c:\windows\system\update.exe
c:\windows\system32\app_dll.dll
c:\windows\system32\ctfmon .exe
c:\windows\system32\gyuu .exe
c:\windows\system32\lowsec
c:\windows\system32\lowsec\local.ds
c:\windows\system32\lowsec\user.ds
c:\windows\system32\mssrv32.exe
c:\windows\system32\regedit .exe
c:\windows\system32\regedit.exe
c:\windows\system32\sdra64.exe
c:\windows\system32\twain_32.dll
D:\AUTORUN.INF

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ICF
-------\Legacy_MSUPDATE
-------\Service_ICF
-------\Service_msupdate


((((((((((((((((((((((((( Files Created from 2010-01-08 to 2010-02-08 )))))))))))))))))))))))))))))))
.

2010-02-08 20:39 . 2010-02-08 20:56 22528 ----a-w- C:\hfhhhml.exe
2010-02-08 20:22 . 2010-02-08 20:57 23552 ----a-w- C:\ecjew.exe
2010-02-08 20:22 . 2010-02-08 20:56 202752 ----a-w- C:\uipcafn.exe
2010-02-08 20:22 . 2010-02-08 20:56 121344 ----a-w- C:\rkfo.exe
2010-02-08 20:22 . 2010-02-08 20:56 132096 ----a-w- C:\brhpxf.exe
2010-02-08 20:22 . 2010-02-08 20:28 23552 ----a-w- C:\ecjew .exe
2010-02-08 20:21 . 2010-02-08 21:07 200704 ----a-w- C:\dxayligu.exe
2010-02-08 20:21 . 2010-02-08 20:21 43520 --sh--r- c:\windows\updated7.exe
2010-02-08 20:21 . 2010-02-08 20:27 43520 ---h--w- c:\windows\system32\gyuu.exe
2010-02-08 20:14 . 2010-02-08 20:14 118284 ----a-w- c:\windows\system32\CwaZD-_CV5.exe
2010-02-08 20:13 . 2010-02-08 21:19 791552 ----a-w- c:\windows\system32\drivers\uzmvr.sys
2010-02-08 20:10 . 2010-02-08 21:07 129536 ----a-w- C:\xkmd.exe
2010-02-08 20:10 . 2010-02-08 21:07 118784 ----a-w- C:\xbxpi.exe
2010-02-08 20:10 . 2010-02-08 21:07 58368 ----a-w- C:\khlo.exe
2010-02-08 20:10 . 2010-02-08 21:07 20480 ----a-w- C:\bkxov.exe
2010-02-08 20:10 . 2010-02-08 20:27 37888 ----a-w- C:\jvgf.exe
2010-02-08 19:26 . 2010-02-08 19:26 866160 ----a-w- c:\documents and settings\Krylias\Application Data\Hide IP NG\hideipng-update.exe
2010-02-08 19:25 . 2010-02-08 19:34 -------- d-----w- c:\documents and settings\Krylias\Application Data\Hide IP NG
2010-02-08 19:13 . 2010-02-08 19:12 196608 ----a-w- c:\windows\system32\HMIPCore.dll
2010-02-08 19:12 . 2009-01-27 00:56 168256 ----a-w- c:\windows\system32\SecureNet.dll
2010-02-08 00:00 . 2010-02-08 00:00 -------- d-----w- c:\documents and settings\All Users\Application Data\SRSLabs
2010-02-07 23:59 . 2010-02-07 23:59 -------- d-----w- c:\program files\SRSLabs
2010-02-07 23:59 . 2010-02-07 23:59 -------- d-----w- c:\program files\Common Files\SRS
2010-02-05 20:24 . 2010-02-05 20:25 -------- d-----w- C:\AUTORUN
2010-02-04 15:51 . 2010-02-08 21:15 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-02-04 08:04 . 2010-02-08 20:25 12815360 ----a-w- C:\MP10Setup.exe
2010-01-24 11:34 . 2010-01-24 11:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo
2010-01-24 11:34 . 2010-02-04 16:17 171552 ----a-w- c:\windows\system32\guard32.dll
2010-01-24 11:34 . 2010-02-04 16:17 134344 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2010-01-24 11:34 . 2010-01-29 07:21 87104 ----a-w- c:\windows\system32\drivers\inspect.sys
2010-01-24 11:34 . 2010-01-29 07:21 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-01-24 11:34 . 2010-01-24 11:34 -------- d-----w- c:\program files\COMODO
2010-01-22 19:33 . 2009-12-23 19:54 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-01-22 19:31 . 2010-01-22 19:38 -------- d-----w- c:\program files\Combined Community Codec Pack
2010-01-21 16:02 . 2010-01-21 16:02 -------- d-----w- c:\program files\CoffeeCup Software
2010-01-21 00:10 . 2010-01-21 00:10 -------- d-----w- c:\program files\Zoner
2010-01-20 00:37 . 2010-01-20 00:37 -------- d-----w- c:\documents and settings\Krylias\Application Data\SteelBytes
2010-01-19 22:03 . 2010-01-19 22:03 -------- d-----w- c:\program files\IObit
2010-01-17 19:20 . 2010-01-17 19:20 -------- d-----w- c:\documents and settings\Krylias\Application Data\Imagenomic
2010-01-17 19:19 . 2010-01-17 19:19 -------- d-----w- c:\program files\Imagenomic
2010-01-13 22:29 . 2010-01-13 22:29 -------- d-----w- c:\documents and settings\Krylias\Application Data\BackTalk
2010-01-13 22:29 . 2004-07-26 03:16 598086 ----a-w- c:\documents and settings\Krylias\Application Data\BackTalk\Helper.exe
2010-01-13 22:28 . 2010-01-13 22:28 -------- d-----w- c:\program files\DVD Shrink Pro
2010-01-11 20:42 . 2008-03-21 12:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-01-11 18:16 . 2010-01-11 18:16 -------- d-----w- c:\program files\Silabs
2010-01-11 18:16 . 2009-10-08 12:41 63488 ----a-w- c:\windows\system32\drivers\silabser.sys
2010-01-11 18:16 . 2009-10-08 12:41 17920 ----a-w- c:\windows\system32\drivers\silabenm.sys
2010-01-11 18:16 . 2009-10-08 12:41 1112288 ----a-w- c:\windows\system32\WdfCoinstaller01007.dll
2010-01-11 18:13 . 2010-01-11 18:13 -------- d-----w- c:\windows\system32\Silabs
2010-01-11 18:13 . 2010-01-11 18:13 -------- d-----w- C:\SiLabs
2010-01-10 23:00 . 2010-01-10 23:29 -------- d-----w- c:\documents and settings\Krylias\Local Settings\Application Data\AskToolbar
2010-01-10 22:57 . 2010-01-10 22:57 -------- d-----w- c:\program files\PFPortChecker
2010-01-10 22:38 . 2010-02-07 16:27 -------- d-----w- c:\documents and settings\Krylias\Application Data\uTorrent
2010-01-10 22:38 . 2010-01-10 22:37 697965 ----a-w- c:\documents and settings\Krylias\Application Data\uTorrent\unins000.exe
2010-01-10 22:38 . 2009-11-30 19:00 289584 ----a-w- c:\documents and settings\Krylias\Application Data\uTorrent\utorrent.exe
2010-01-10 22:38 . 2009-09-12 21:20 245248 ----a-w- c:\documents and settings\Krylias\Application Data\uTorrent\half-open-fix.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-08 21:19 . 2009-10-04 13:54 -------- d-----w- c:\program files\SPAMfighter
2010-02-08 20:57 . 2009-10-07 12:25 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-08 20:28 . 2008-04-14 03:42 14336 ----a-w- c:\windows\system32\svchost.exe
2010-02-08 20:22 . 2009-09-20 00:10 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-02-08 20:12 . 2009-12-08 17:16 -------- d-----w- c:\program files\QuickTime Alternative
2010-02-08 20:12 . 2009-09-18 22:51 -------- d-----w- c:\program files\iTunes
2010-02-08 20:12 . 2009-11-29 13:02 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-02-08 20:12 . 2009-12-25 20:52 -------- d-----w- c:\program files\FirefoxPreloader
2010-02-08 20:11 . 2009-09-18 20:38 -------- d-----w- c:\program files\Rainlendar2
2010-02-08 19:48 . 2009-09-17 22:59 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2010-02-08 19:26 . 2009-09-18 15:43 -------- d-----w- c:\documents and settings\Krylias\Application Data\Skype
2010-02-08 15:03 . 2009-09-18 15:44 -------- d-----w- c:\documents and settings\Krylias\Application Data\skypePM
2010-02-08 12:21 . 2009-10-29 18:15 -------- d-----w- c:\documents and settings\Krylias\Application Data\dvdcss
2010-02-08 00:54 . 2009-10-30 23:19 -------- d-----w- c:\program files\ABBYY FineReader 9.0
2010-02-06 11:24 . 2009-09-20 23:57 -------- d-----w- c:\program files\BitComet
2010-02-04 18:54 . 2009-09-18 18:21 -------- d-----w- c:\documents and settings\Krylias\Application Data\XnView
2010-02-04 16:02 . 2009-09-18 22:50 -------- d-----w- c:\program files\Common Files\Apple
2010-02-04 10:39 . 2009-12-28 16:10 -------- d-----w- c:\program files\e-TRAYz
2010-02-04 10:17 . 2009-09-19 21:04 -------- d-----w- c:\documents and settings\Krylias\Application Data\Audacity
2010-01-28 14:02 . 2009-09-18 01:32 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-01-22 20:12 . 2009-09-26 21:48 -------- d-----w- c:\program files\Replay Media Catcher
2010-01-22 19:49 . 2009-09-26 21:51 237568 ----a-w- c:\windows\system32\rmc_rtspdl.dll
2010-01-22 19:49 . 2009-09-26 21:51 156672 ----a-w- c:\windows\system32\rmc_fixasf.exe
2010-01-22 19:49 . 2009-09-26 21:51 323584 ----a-w- c:\windows\system32\AUDIOGENIE2.DLL
2010-01-21 18:00 . 2009-09-22 01:04 117760 ----a-w- c:\documents and settings\Krylias\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-01-21 15:46 . 2009-09-30 19:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-19 22:32 . 2009-09-20 21:05 -------- d-----w- c:\program files\AV Vcs 6.0 DIAMOND
2010-01-19 04:54 . 2009-09-24 01:50 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\SolidDocuments
2010-01-18 15:17 . 2009-09-17 23:00 100296 ----a-w- c:\documents and settings\Krylias\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-15 16:04 . 2009-09-20 11:06 -------- d-----w- c:\documents and settings\Krylias\Application Data\Thinstall
2010-01-13 22:29 . 2009-09-19 00:37 -------- d-----w- c:\documents and settings\All Users\Application Data\DVD Shrink
2010-01-13 08:59 . 2009-09-18 13:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-01-11 20:42 . 2010-01-11 20:42 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_silabser_01007.Wdf
2010-01-11 20:42 . 2010-01-11 20:42 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-01-11 18:13 . 2009-09-17 23:08 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-11 11:27 . 2009-11-07 16:52 -------- d-----w- c:\program files\MP3MyMP3 3.0
2010-01-06 23:08 . 2009-09-18 01:00 -------- d-----w- c:\program files\Google
2010-01-05 19:36 . 2010-01-05 19:35 -------- d-----w- c:\program files\Dude
2010-01-03 03:12 . 2010-01-03 01:14 -------- d-----w- c:\documents and settings\All Users\Application Data\RegCure
2010-01-02 21:57 . 2010-01-02 21:57 -------- d-----w- c:\program files\Windows Media Connect 2
2010-01-02 14:22 . 2010-01-02 14:18 -------- d-----w- c:\documents and settings\Krylias\Application Data\MiniDm
2010-01-02 13:59 . 2010-01-02 13:59 -------- d-----w- c:\program files\MPC HomeCinema
2010-01-02 13:41 . 2010-01-02 13:40 -------- d-----w- c:\program files\MediaInfo
2010-01-02 12:49 . 2010-01-02 12:49 52224 ----a-w- c:\documents and settings\Krylias\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-01-02 01:07 . 2009-09-18 15:10 -------- d-----w- c:\program files\Common Files\Common Share
2009-12-31 20:01 . 2009-09-21 14:36 -------- d-----w- c:\documents and settings\Krylias\Application Data\SolidDocuments
2009-12-31 18:40 . 2009-12-31 18:38 -------- d-----w- c:\documents and settings\Krylias\Application Data\IEPro
2009-12-31 18:38 . 2009-12-31 18:38 -------- d-----w- c:\program files\IEPro
2009-12-30 08:42 . 2009-12-30 08:42 -------- d-----w- c:\documents and settings\Krylias\Application Data\Nero
2009-12-29 19:16 . 2009-12-04 00:30 -------- d-----w- c:\documents and settings\Krylias\Application Data\Ahead
2009-12-29 19:16 . 2009-12-04 00:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead
2009-12-29 00:49 . 2009-09-19 21:19 -------- d-----w- c:\documents and settings\Krylias\Application Data\Xilisoft Corporation
2009-12-29 00:49 . 2009-09-19 21:19 -------- d-----w- c:\program files\Xilisoft
2009-12-28 21:16 . 2009-12-28 21:16 18432 ----a-w- c:\windows\system32\drivers\nethddim.sys
2009-12-24 01:33 . 2009-12-24 01:32 -------- d-----w- c:\program files\Inpaint
2009-12-21 19:14 . 2008-04-14 03:42 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-18 13:03 . 2009-12-18 13:03 17542 ----a-r- c:\documents and settings\Krylias\Application Data\Microsoft\Installer\{F343FA04-CFC0-487C-A617-A5E8CF4D7B10}\_96E62DE38A7F692104A23B.exe
2009-12-18 13:03 . 2009-12-18 13:03 17542 ----a-r- c:\documents and settings\Krylias\Application Data\Microsoft\Installer\{F343FA04-CFC0-487C-A617-A5E8CF4D7B10}\_640ECEF665E5906E76DC9D.exe
2009-12-18 12:38 . 2009-09-21 20:36 -------- d-----w- c:\program files\CyberLink
2009-12-18 12:36 . 2009-12-17 00:41 36864 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\PostBuild.exe
2009-12-18 10:19 . 2009-12-25 20:42 545280 ----a-w- c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe
2009-12-18 10:19 . 2009-12-25 20:42 344064 ----a-w- c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe
2009-12-18 10:19 . 2009-12-25 20:42 153600 ----a-w- c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
2009-12-18 10:19 . 2009-12-25 20:42 103424 ----a-w- c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\piclens@cooliris.com\libs\pixomatic.dll
2009-12-18 10:19 . 2009-12-25 20:42 57856 ----a-w- c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\piclens@cooliris.com-trash\components\coolirisstub.dll
2009-12-18 10:19 . 2009-12-25 20:42 4726272 ----a-w- c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\piclens@cooliris.com-trash\libs\cooliris190.dll
2009-12-18 10:19 . 2009-12-25 20:42 57856 ----a-w- c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
2009-12-18 10:19 . 2009-12-25 20:42 4726272 ----a-w- c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\piclens@cooliris.com\libs\cooliris190.dll
2009-12-17 15:48 . 2009-12-17 15:48 -------- d-----w- c:\program files\Streamripper
2009-12-17 15:43 . 2009-09-18 21:02 -------- d-----w- c:\documents and settings\Krylias\Application Data\Winamp
2009-12-17 00:52 . 2009-09-21 20:41 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-12-17 00:45 . 2009-09-21 20:45 -------- d-----w- c:\documents and settings\Krylias\Application Data\CyberLink
2009-12-16 13:42 . 2009-12-25 20:42 872960 ----a-w- c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2009-12-16 13:42 . 2009-12-25 20:42 43008 ----a-w- c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2009-12-16 13:42 . 2009-12-25 20:42 340480 ----a-w- c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2009-12-16 13:41 . 2009-12-25 20:42 346624 ----a-w- c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2009-12-12 17:23 . 2009-09-18 01:32 -------- d-----w- c:\documents and settings\Krylias\Application Data\Thunderbird
2009-12-12 15:32 . 2009-12-12 15:30 -------- d-----w- c:\program files\Your Uninstaller
2009-12-12 15:30 . 2009-09-20 01:13 -------- d-----w- c:\documents and settings\Krylias\Application Data\URSoft
2009-12-12 14:15 . 2010-01-02 02:39 178176 ----a-w- c:\windows\system32\unrar.dll
2009-11-27 14:56 . 2009-11-27 14:56 1773568 ----a-w- c:\windows\system32\msgdiplus.dll
2009-11-24 10:53 . 2009-12-25 20:43 57344 ----a-w- c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}\components\nsCatcher.dll
2009-11-21 15:51 . 2008-04-14 03:41 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 15:08 . 2009-11-21 15:08 155136 ----a-w- c:\windows\system32\RemoteControl.dll
2009-11-19 21:32 . 2009-11-19 21:32 25 ----a-w- c:\windows\system32\sysfsaver.dat
.

Kód: Vybrat vše

<pre>
c:\program files\ATI Technologies\ATI.ACE\Core-Static\clistart .exe
c:\program files\COMODO\COMODO Internet Security\cfp .exe
c:\program files\FirefoxPreloader\firefoxpreloader .exe
c:\program files\Google\GoogleToolbarNotifier\googletoolbarnotifier .exe
c:\program files\Google\Quick Search Box\googlequicksearchbox .exe
c:\program files\iTunes\ituneshelper .exe
c:\program files\Microsoft ActiveSync\wcescomm .exe
c:\program files\Microsoft Office\Office12\groovemonitor .exe
c:\program files\QuickTime Alternative\qttask .exe
c:\program files\Rainlendar2\rainlendar2 .exe
c:\program files\SPAMfighter\sfagent .exe
</pre>
------- Sigcheck -------

[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . D9F19E78F98834CB411D6AD3C68D181A . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\CeTRAYz_OverlayIcon_Share]
@="{B00DFEC8-C278-40FD-8832-76A9409991F3}"
[HKEY_CLASSES_ROOT\CLSID\{B00DFEC8-C278-40FD-8832-76A9409991F3}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\CeTRAYz_OverlayIcon_ShareSync]
@="{2022959D-8296-427A-9D9F-E59CC016F006}"
[HKEY_CLASSES_ROOT\CLSID\{2022959D-8296-427A-9D9F-E59CC016F006}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\CeTRAYz_OverlayIcon_Sync]
@="{B2483E28-1631-4E80-AA62-29B35EFEC7F0}"
[HKEY_CLASSES_ROOT\CLSID\{B2483E28-1631-4E80-AA62-29B35EFEC7F0}]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Krylias\Start Menu\Programs\Startup\
Kalend r.lnk - c:\windows\MENINY.EXE [2009-9-18 49312]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^Krylias^Start Menu^Programs^Startup^Yahoo! Widgets.lnk]
backup=c:\windows\pss\Yahoo! Widgets.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\365dni]
2007-01-06 16:16 753664 ----a-w- c:\program files\365dníNET\365dniNET.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ai Nap]
2008-05-26 16:34 1423360 ----a-w- c:\program files\ASUS\Ai Suite\AiNap\AiNap.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-04-02 04:00 203928 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
2009-02-27 16:04 278016 ----a-w- c:\program files\IVT Corporation\BlueSoleil\BtTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2009-01-29 22:20 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
2005-10-27 16:00 299008 ------w- c:\program files\Creative\Shared Files\CamTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DudeServer]
2009-12-11 15:49 4100096 ----a-w- c:\program files\Dude\dude.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantBurn]
2007-06-04 16:24 599600 ----a-w- c:\progra~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2009-11-20 13:30 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2009-09-10 12:54 420176 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:42 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-09-18 01:23 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-02-08 20:12 55296 ----a-w- c:\program files\Google\GoogleToolbarNotifier\googletoolbarnotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2009-10-26 07:33 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\IEPro\\MiniDM.exe"=
"c:\\Documents and Settings\\Krylias\\Application Data\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"19390:TCP"= 19390:TCP:BitComet 19390 TCP
"19390:UDP"= 19390:UDP:BitComet 19390 UDP
"12895:TCP"= 12895:TCP:BitComet 12895 TCP
"12895:UDP"= 12895:UDP:BitComet 12895 UDP
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"14376:TCP"= 14376:TCP:BitComet 14376 TCP
"14376:UDP"= 14376:UDP:BitComet 14376 UDP
"21094:TCP"= 21094:TCP:BitComet 21094 TCP(ED2K)
"21094:UDP"= 21094:UDP:BitComet 21094 UDP(ED2K)
"23713:TCP"= 23713:TCP:BitComet 23713 TCP
"23713:UDP"= 23713:UDP:BitComet 23713 UDP
"6890:TCP"= 6890:TCP:BitComet 6890 TCP
"6890:UDP"= 6890:UDP:BitComet 6890 UDP
"12376:TCP"= 12376:TCP:BitComet 12376 TCP
"12376:UDP"= 12376:UDP:BitComet 12376 UDP

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [7.1.2009 22:39 20744]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [20.9.2009 1:38 206256]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.9.2009 1:41 717296]
R1 CLBStor;InstantBurn Storage Helper Driver;c:\windows\system32\drivers\CLBStor.sys [21.9.2009 21:43 16048]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [24.1.2010 12:34 134344]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [24.1.2010 12:34 25160]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [27.2.2009 16:40 143467]
R2 CLBUDF;CyberLink InstantBurn UDF Filesystem;c:\windows\system32\drivers\CLBUDF.sys [21.9.2009 21:43 162096]
R2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [26.11.2008 9:36 323584]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R2 NETHDD;NETHDD Service;c:\program files\e-TRAYz\NETHDD.exe [28.12.2009 22:16 249376]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [20.10.2009 19:19 50704]
R2 sensorsview32;sensorsview32;c:\windows\system32\drivers\sensorsview32.sys [20.9.2009 0:53 14416]
R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [27.8.2009 8:24 189064]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [7.12.2008 11:44 30088]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 13:58 26248]
R3 NETHDDIM;NETHDD NDIS IM Service;c:\windows\system32\drivers\nethddim.sys [28.12.2009 22:16 18432]
S1 SASDIFSV;SASDIFSV;\??\c:\program files\SUPERAntiSpyware\SASDIFSV.SYS --> c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys --> c:\program files\SUPERAntiSpyware\SASKUTIL.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [18.9.2009 0:08 1684736]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [22.9.2009 2:44 19160]
S3 SASENUM;SASENUM;\??\c:\program files\SUPERAntiSpyware\SASENUM.SYS --> c:\program files\SUPERAntiSpyware\SASENUM.SYS [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\i:\ntglm7x.sys --> i:\NTGLM7X.sys [?]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\drivers\silabenm.sys [11.1.2010 19:16 17920]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\drivers\silabser.sys [11.1.2010 19:16 63488]
S3 V0060VID;Creative WebCam Live! Ultra;c:\windows\system32\drivers\V0060Vid.sys [18.9.2009 13:19 196409]
S4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [27.10.2008 18:03 759072]
S4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [22.9.2009 2:44 269648]

--- Other Services/Drivers In Memory ---

*Deregistered* - uphcleanhlp
*Deregistered* - uzmvr

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-11-20 13:28 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-02-08 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-01-19 12:51]

2010-02-01 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2010-01-19 12:51]
.
.
------- Supplementary Scan -------
.
mWindow Title =
uInternet Settings,ProxyServer = socks=
IE: &Save Flash In This Page by Flash Saver - c:\progra~1\FLASHS~1\save.htm
IE: Add to &Teleport - c:\program files\Teleport Pro\teleport.htm
IE: Download ALL with IDA - c:\program files\IDA\idaieall.htm
IE: Download with IDA - c:\program files\IDA\idaie.htm
IE: E&xport to Microsoft Excel
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
TCP: {8E98A099-47E1-473D-A262-E605F64321CE} = 192.168.200.17,213.151.233.220
FF - ProfilePath - c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www3.iamwired.net/websearch.php?src=tops&search=
FF - prefs.js: browser.startup.homepage - hxxp://www3.iamwired.net/
FF - prefs.js: keyword.URL - hxxp://www3.iamwired.net/websearch.php?src=tops&search=
FF - component: c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{4b06c587-17dc-1680-5def-3864f40f0f9b}\components\6-6v_L.dll
FF - plugin: c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\kjzhis9d.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-08 22:19
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spgg.sys >>UNKNOWN [0x8B17F938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba0ecf28
\Driver\ACPI -> ACPI.sys @ 0xb9e67cb8
\Driver\atapi -> atapi.sys @ 0xb9cceb40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\uzmvr]

.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-854245398-1035525444-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{56B5E449-B6BE-A830-1AA5-629DD18ED87D}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"fangfmmkloem"=hex:66,61,61,6c,61,6f,6b,67,64,6b,70,70,00,f5
"jangfmmkaofjkddpolbj"=hex:61,61,00,00
"kangfmmkgoodlihhggplob"=hex:61,61,00,00

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="6296A71333B237F51F5F6EFB6DC027000191484C4CCE10C21FEEC7C5C08717E7B12D3A3C086D6360AAA40905789CE3991AA1656A0518E33CEAAD4441A8276C816A01ACF89047FC921EF24DCA9F241001EF0475F2BCAE69C0A5F0C47DF3B3C3C0A75CC09E688EBB0E1A032B1D14E81E7F4884B44D5704F382D936F11C5B1CE9615A8D2EA83E568933959507F01B3C3542BFF25407514B8316E7FC69E2AD97DF81486621375674824B5B6BB65D8AB52FD743A2F852357E51F482CBBDBCCD9E59A2FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB34528EDD5E5BE2F6E6679DB7CE019D40AA5CD73D481993C4E4F117CDEAF400AFF785263E516843D103E208318DD28BB725EBF08785DE37A3650DFC37F60BBBEF9E153C2F3CC350F6AD1208D0ED0F7398F8C72CF14EC53443462F607B07605C15DB0E0F06324FD78B771470973866FABE130D71687F5610B1752AEA36E4B7BBB11C4C2DAF88A727C16C6C5666EFEE051DB9897A59683DE34497B19D88CC77C7987F0C7C9D8D8AA10F4902A39E8D5E8C6B676DD5394F4CDC9203E0CB1872278465DB713545FCDAC0AE7F2115A6FC131B254BCCE780ECF73B79C4331E8CFA778672B80165228C200D1DB378BDE91D8B5208C720E5296FD856199A0C8F92813978E352276CAEE084A89D429B03D6C4EB669873C4DA33752D16D4FA30EE5A13E1191D1A31FE6F9757443635029E5FB87B201D97F8A4A21754F7550AC76199B10C394734D026E8BC0CA83150861F7A3727DA21B562F8005A538D86A5E1DF0853F4C150781EBF245538AF1C08EA64236FFD86F27C8A5B553E53FA195C6FB2E263FEAA69F3927BAFD897CA4A864FA5D886B42827555BA9B3B2A27B0072C57C6A3EAF0386E78CDE9D310A7B51A9BD6C1C12A2D715D9A610AE9DAFDA74DE1EB0E337316DE1C7CEC0023D10598A021F96752143C2D5D7A1925CD7117AF1CC16959793D120783D7F5078CFD29095D445566E31382849D2630759ADFED0B99BAE48520D83640B24290D9CB11BDFD29DE1B096B7C3DB1581E79945E057E4CF604DB8E4D1DA9A9F8C3BCC911B5A99E9088D7F801CCDC61CCC91C7C42719D6FAE03DA9A20593B27E3B8537FBBE222745F54370423A63658DD4A3657DA7EAD5489AA833663B8934B4A94049863C288191FC62857663334855EB46981D809528083A23C18AFEC039940306D4DEAC49B941672E153C5A9213A91806DCD14285A6CDA5229471CE5DEEB1A8D3FCB51A04720B33CDC7B4D6787DFE94D37F50734B3FF1F47D3F009CAA1AE62F0EBB40847AE1690F4D1D0A067F5691CF0325CE0B9C719170742A1D4D160F4FDEF85DBA5EF35599639B6463876A7AE1EACC438A7851550C9AA710B5BB31384EB3C0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1292)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2008)
c:\windows\system32\WININET.dll
c:\progra~1\e-TRAYz\ETRAYZ~2.DLL
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Office\Office12\1051\GrooveIntlResource.dll
c:\program files\Common Files\Ahead\Lib\NeroDigitalExt.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\HPZipm12.exe
c:\program files\UPHClean\uphclean.exe
c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe
c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2010-02-08 22:22:25 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-08 21:22

Pre-Run: 69 860 663 296 bytes free
Post-Run: 20 adresárov, 69 626 302 464 voľných bajtov

- - End Of File - - 9F66510664AA5006FFFA4EF613739A3E
Nahoru
Vlasta333
4. Stupeň Varování
Příspěvky: 73
Registrován: 25 kvě 2008 18:07

Re: Strašná kopa vírusov...

#2 Příspěvek od Vlasta333 »

Jo - nejde mi spustiť ani Comodo Firewall.
Pod C je strasne vela roznych ikon - su to vsetko nejake fake ... Su to o.i. aj tieto:

2010-02-08 21:39:11 ----A---- C:\hfhhhml.exe
2010-02-08 21:22:04 ----A---- C:\uipcafn.exe
2010-02-08 21:22:04 ----A---- C:\rkfo.exe
2010-02-08 21:22:04 ----A---- C:\ecjew.exe
2010-02-08 21:22:04 ----A---- C:\ecjew .exe
2010-02-08 21:22:04 ----A---- C:\brhpxf.exe

Tu je este RSIT :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Krylias at 2010-02-08 22:36:28
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 66 GB (64%) free of 104 GB
Total RAM: 3327 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:36:33, on 8.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\ASUS.SYS\config\DVMExportService.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\e-TRAYz\NETHDD.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Krylias\Desktop\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Krylias\Desktop\PC ochrana\HijackThis\Krylias.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~1\IDA\idaiehlp.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Calc32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Kalendár.lnk = C:\WINDOWS\MENINY.EXE
O8 - Extra context menu item: &Save Flash In This Page by Flash Saver - C:\PROGRA~1\FLASHS~1\save.htm
O8 - Extra context menu item: Add to &Teleport - C:\Program Files\Teleport Pro\teleport.htm
O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm
O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Flash Saver - {09EA1F80-F40A-11D1-B792-444553540001} - C:\PROGRA~1\FLASHS~1\save.htm
O9 - Extra 'Tools' menuitem: Flash Saver - {09EA1F80-F40A-11D1-B792-444553540001} - C:\PROGRA~1\FLASHS~1\save.htm
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files\StreamingStar\HiDownload\hidownload.exe (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3285799375
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E98A099-47E1-473D-A262-E605F64321CE}: NameServer = 192.168.200.17,213.151.233.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NETHDD Service (NETHDD) - UNICON Co., Ltd. - C:\Program Files\e-TRAYz\NETHDD.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe

--
End of file - 10229 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AWC AutoSweep.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2009-09-02 777392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A646672-9C3A-4C28-9A7A-1FB0F63F28B6}]
IE 4.x-6.x BHO for Internet Download Accelerator - C:\PROGRA~1\IDA\idaiehlp.dll [2009-02-13 158720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll [2009-07-16 664888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-18 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-29 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-20 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-18 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-18 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
- []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Calc32"=C:\WINDOWS\system32\regedit.exe [2010-02-08 253952]
"Regedit32"=C:\WINDOWS\system32\regedit.exe [2010-02-08 253952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\365dni]
C:\Program Files\365dníNET\365dniNET.exe [2007-01-06 753664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ai Nap]
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2008-05-26 1423360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-02 203928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [2009-02-27 278016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2009-01-29 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
C:\Program Files\Creative\Shared Files\CamTray.exe [2005-10-27 299008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DudeServer]
C:\Program Files\Dude\dude.exe [2009-12-11 4100096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantBurn]
C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe [2007-06-04 599600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-11-20 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-09-10 420176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-18 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-02-08 55296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2009-10-26 15872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Krylias^Start Menu^Programs^Startup^Yahoo! Widgets.lnk]
C:\PROGRA~1\Yahoo!\Widgets\YAHOOW~1.EXE [2008-03-19 4742184]

C:\Documents and Settings\Krylias\Start Menu\Programs\Startup
Kalendár.lnk - C:\WINDOWS\MENINY.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-08-14 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\Documents and Settings\Krylias\Application Data\uTorrent\utorrent.exe"="C:\Documents and Settings\Krylias\Application Data\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

======List of files/folders created in the last 1 months======

2010-02-08 22:36:28 ----D---- C:\rsit
2010-02-08 22:34:44 ----A---- C:\WINDOWS\system32\regedit.exe
2010-02-08 22:30:44 ----SHD---- C:\RECYCLER
2010-02-08 22:22:28 ----D---- C:\WINDOWS\temp
2010-02-08 22:22:26 ----A---- C:\ComboFix.txt
2010-02-08 22:00:15 ----A---- C:\WINDOWS\zip.exe
2010-02-08 22:00:15 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-02-08 22:00:15 ----A---- C:\WINDOWS\SWSC.exe
2010-02-08 22:00:15 ----A---- C:\WINDOWS\SWREG.exe
2010-02-08 22:00:15 ----A---- C:\WINDOWS\sed.exe
2010-02-08 22:00:15 ----A---- C:\WINDOWS\PEV.exe
2010-02-08 22:00:15 ----A---- C:\WINDOWS\NIRCMD.exe
2010-02-08 22:00:15 ----A---- C:\WINDOWS\grep.exe
2010-02-08 21:59:53 ----D---- C:\WINDOWS\ERDNT
2010-02-08 21:55:36 ----A---- C:\WINDOWS\ntbtlog.txt
2010-02-08 21:39:35 ----AD---- C:\Qoobox
2010-02-08 21:39:11 ----A---- C:\hfhhhml.exe
2010-02-08 21:22:04 ----A---- C:\uipcafn.exe
2010-02-08 21:22:04 ----A---- C:\rkfo.exe
2010-02-08 21:22:04 ----A---- C:\ecjew.exe
2010-02-08 21:22:04 ----A---- C:\ecjew .exe
2010-02-08 21:22:04 ----A---- C:\brhpxf.exe
2010-02-08 21:21:08 ----RSH---- C:\WINDOWS\updated7.exe
2010-02-08 21:21:06 ----H---- C:\WINDOWS\system32\gyuu.exe
2010-02-08 21:14:09 ----A---- C:\WINDOWS\system32\CwaZD-_CV5.exe
2010-02-08 21:10:39 ----A---- C:\xkmd.exe
2010-02-08 21:10:39 ----A---- C:\xbxpi.exe
2010-02-08 21:10:39 ----A---- C:\khlo.exe
2010-02-08 21:10:39 ----A---- C:\jvgf.exe
2010-02-08 21:10:39 ----A---- C:\bkxov.exe
2010-02-08 20:35:07 ----A---- C:\WINDOWS\MyProg.ini
2010-02-08 20:25:25 ----D---- C:\Documents and Settings\Krylias\Application Data\Hide IP NG
2010-02-08 20:13:17 ----A---- C:\WINDOWS\system32\HMIPCore.dll
2010-02-08 20:12:17 ----A---- C:\WINDOWS\system32\SecureNet.dll
2010-02-08 01:00:32 ----D---- C:\Documents and Settings\All Users\Application Data\SRSLabs
2010-02-08 00:59:52 ----D---- C:\Program Files\SRSLabs
2010-02-08 00:59:52 ----D---- C:\Program Files\Common Files\SRS
2010-02-05 21:24:01 ----D---- C:\AUTORUN
2010-02-04 09:04:25 ----A---- C:\MP10Setup.exe
2010-01-24 12:34:45 ----D---- C:\Documents and Settings\All Users\Application Data\Comodo
2010-01-24 12:34:44 ----A---- C:\WINDOWS\system32\guard32.dll
2010-01-24 12:34:42 ----D---- C:\Program Files\COMODO
2010-01-22 20:33:56 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-01-22 20:33:55 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-01-22 20:31:17 ----D---- C:\Program Files\Combined Community Codec Pack
2010-01-21 17:02:01 ----D---- C:\Program Files\CoffeeCup Software
2010-01-21 01:10:41 ----D---- C:\Program Files\Zoner
2010-01-20 13:08:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-20 01:37:04 ----D---- C:\Documents and Settings\Krylias\Application Data\SteelBytes
2010-01-19 23:03:35 ----D---- C:\Program Files\IObit
2010-01-17 20:20:54 ----D---- C:\Documents and Settings\Krylias\Application Data\Imagenomic
2010-01-17 20:19:20 ----D---- C:\Program Files\Imagenomic
2010-01-13 23:29:45 ----D---- C:\Documents and Settings\Krylias\Application Data\BackTalk
2010-01-13 23:28:46 ----D---- C:\Program Files\DVD Shrink Pro
2010-01-13 09:59:02 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 09:58:53 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-11 21:42:11 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2010-01-11 21:42:06 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2010-01-11 19:16:28 ----D---- C:\Program Files\Silabs
2010-01-11 19:16:28 ----A---- C:\WINDOWS\system32\WdfCoinstaller01007.dll
2010-01-11 19:13:54 ----D---- C:\WINDOWS\system32\Silabs
2010-01-11 19:13:52 ----D---- C:\SiLabs
2010-01-10 23:57:25 ----D---- C:\Program Files\PFPortChecker
2010-01-10 23:38:06 ----D---- C:\Documents and Settings\Krylias\Application Data\uTorrent

======List of files/folders modified in the last 1 months======

2010-02-08 22:34:44 ----D---- C:\WINDOWS\system32
2010-02-08 22:23:42 ----D---- C:\Program Files\Mozilla Firefox
2010-02-08 22:22:29 ----D---- C:\WINDOWS\system32\drivers
2010-02-08 22:22:28 ----AD---- C:\WINDOWS
2010-02-08 22:21:39 ----SD---- C:\WINDOWS\Tasks
2010-02-08 22:21:24 ----A---- C:\ntservicelogOutlook.txt
2010-02-08 22:21:15 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-08 22:20:02 ----D---- C:\WINDOWS\Prefetch
2010-02-08 22:19:25 ----A---- C:\WINDOWS\system.ini
2010-02-08 22:19:23 ----D---- C:\Program Files\SPAMfighter
2010-02-08 22:19:21 ----A---- C:\WINDOWS\win.ini
2010-02-08 22:19:04 ----A---- C:\WINDOWS\system32\bscs.ini
2010-02-08 22:17:45 ----D---- C:\WINDOWS\system32\config
2010-02-08 22:16:17 ----D---- C:\WINDOWS\system
2010-02-08 22:16:12 ----D---- C:\Program Files\Internet Explorer
2010-02-08 22:16:09 ----D---- C:\Program Files\Adobe
2010-02-08 22:16:04 ----SD---- C:\Documents and Settings\Krylias\Application Data\Microsoft
2010-02-08 22:11:50 ----D---- C:\WINDOWS\AppPatch
2010-02-08 22:11:46 ----D---- C:\Program Files\Common Files
2010-02-08 21:36:34 ----D---- C:\Program Files
2010-02-08 21:28:09 ----N---- C:\WINDOWS\system32\svchost.exe
2010-02-08 21:22:08 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-02-08 21:21:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-08 21:12:31 ----D---- C:\Program Files\QuickTime Alternative
2010-02-08 21:12:29 ----D---- C:\Program Files\iTunes
2010-02-08 21:12:22 ----D---- C:\Program Files\Microsoft ActiveSync
2010-02-08 21:12:16 ----D---- C:\Program Files\FirefoxPreloader
2010-02-08 21:11:46 ----D---- C:\Program Files\Rainlendar2
2010-02-08 20:26:38 ----D---- C:\Documents and Settings\Krylias\Application Data\Skype
2010-02-08 16:03:00 ----D---- C:\Documents and Settings\Krylias\Application Data\skypePM
2010-02-08 13:21:07 ----D---- C:\Documents and Settings\Krylias\Application Data\dvdcss
2010-02-08 01:54:05 ----D---- C:\Program Files\ABBYY FineReader 9.0
2010-02-08 00:59:53 ----SHD---- C:\WINDOWS\Installer
2010-02-08 00:59:53 ----D---- C:\Config.Msi
2010-02-08 00:20:51 ----A---- C:\WINDOWS\NeroDigital.ini
2010-02-06 12:24:12 ----D---- C:\Program Files\BitComet
2010-02-04 19:54:08 ----D---- C:\Documents and Settings\Krylias\Application Data\XnView
2010-02-04 17:02:59 ----D---- C:\Program Files\Common Files\Apple
2010-02-04 11:39:42 ----D---- C:\Program Files\e-TRAYz
2010-02-04 11:17:33 ----D---- C:\Documents and Settings\Krylias\Application Data\Audacity
2010-01-29 15:31:20 ----A---- C:\WINDOWS\pdf2word.INI
2010-01-29 08:19:11 ----ASH---- C:\boot.ini
2010-01-28 15:02:12 ----D---- C:\Program Files\Mozilla Thunderbird
2010-01-25 18:09:56 ----A---- C:\WINDOWS\cfplogvw.INI
2010-01-22 21:12:31 ----D---- C:\Program Files\Replay Media Catcher
2010-01-22 20:49:43 ----A---- C:\WINDOWS\system32\rmc_rtspdl.dll
2010-01-22 20:49:43 ----A---- C:\WINDOWS\system32\rmc_fixasf.exe
2010-01-22 20:49:42 ----A---- C:\WINDOWS\system32\AUDIOGENIE2.DLL
2010-01-22 11:41:45 ----HD---- C:\WINDOWS\inf
2010-01-22 11:41:34 ----D---- C:\WINDOWS\ie8updates
2010-01-22 11:41:24 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-21 16:46:51 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-01-20 21:19:44 ----D---- C:\hidownload
2010-01-20 12:35:10 ----SHD---- C:\System Volume Information
2010-01-20 12:35:10 ----D---- C:\WINDOWS\system32\Restore
2010-01-19 23:32:53 ----D---- C:\Program Files\AV Vcs 6.0 DIAMOND
2010-01-18 13:23:23 ----RSD---- C:\WINDOWS\Fonts
2010-01-17 20:19:40 ----D---- C:\Documents and Settings\Krylias\Application Data\Adobe
2010-01-15 17:04:52 ----D---- C:\Documents and Settings\Krylias\Application Data\Thinstall
2010-01-14 03:01:01 ----D---- C:\WINDOWS\Debug
2010-01-13 23:29:45 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2010-01-13 09:59:44 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-01-11 21:43:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-11 21:42:06 ----D---- C:\WINDOWS\system32\CatRoot
2010-01-11 21:38:44 ----A---- C:\WINDOWS\system32\LOCALSERVICE.INI
2010-01-11 19:13:52 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-11 12:27:40 ----D---- C:\Program Files\MP3MyMP3 3.0
2010-01-09 13:01:07 ----D---- C:\WINDOWS\system32\LogFiles

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 CLBStor;InstantBurn Storage Helper Driver; C:\WINDOWS\system32\drivers\CLBStor.sys [2007-06-04 16048]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2010-02-04 134344]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2010-01-29 25160]
R1 EIO_XP;EIO_XP; \??\C:\WINDOWS\system32\drivers\EIO_XP.sys []
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 CLBUDF;CyberLink InstantBurn UDF Filesystem; C:\WINDOWS\system32\drivers\CLBUDF.sys [2007-06-04 162096]
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-10-20 50704]
R2 sensorsview32;sensorsview32; \??\C:\WINDOWS\system32\drivers\sensorsview32.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-08-14 4485632]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-07-30 93696]
R3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2008-12-07 30088]
R3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-09-11 5911552]
R3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-23 38400]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NETHDDIM;NETHDD NDIS IM Service; C:\WINDOWS\system32\DRIVERS\nethddim.sys [2009-12-28 18432]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBCCID;Realtek Smartcard Reader Driver; C:\WINDOWS\system32\DRIVERS\Rts5161ccid.sys [2008-01-09 40960]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2009-01-08 31880]
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
S3 adwmfcwl;adwmfcwl; C:\WINDOWS\system32\drivers\adwmfcwl.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2008-11-25 33800]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2008-12-07 14088]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2009-01-03 39304]
S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-01-13 12500]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys []
S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\BVRPMPR5.SYS []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
S3 mbr;mbr; \??\C:\DOCUME~1\Krylias\LOCALS~1\Temp\mbr.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSICPL;MSICPL; \??\I:\install4\MSICPL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NTACCESS;NTACCESS; \??\I:\NTACCESS.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-02-28 5888]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\I:\NTGLM7X.sys []
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\WINDOWS\system32\DRIVERS\silabenm.sys [2009-10-08 17920]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\WINDOWS\system32\DRIVERS\silabser.sys [2009-10-08 63488]
S3 slabbus;CP2101 USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\slabbus.sys []
S3 slabser;CP210x USB to UART Bridge Controller Drivers; C:\WINDOWS\system32\DRIVERS\slabser.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 V0060VID;Creative WebCam Live! Ultra; C:\WINDOWS\system32\DRIVERS\V0060Vid.sys [2005-02-02 196409]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2008-01-21 14856]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2009-02-27 850432]
R2 BsMobileCS;BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2009-02-27 143467]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-29 723632]
R2 DvmMDES;DeviceVM Meta Data Export Service; C:\ASUS.SYS\config\DVMExportService.exe [2008-11-26 323584]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [2004-12-13 65536]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-11-20 73728]
R2 NETHDD;NETHDD Service; C:\Program Files\e-TRAYz\NETHDD.exe [2009-12-28 249376]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 SPAMfighter Update Service;SPAMfighter Update Service; C:\Program Files\SPAMfighter\sfus.exe [2009-08-27 189064]
R2 UPHClean;User Profile Hive Cleanup; C:\Program Files\UPHClean\uphclean.exe [2005-04-27 241725]
R3 BsHelpCS;BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2009-02-27 98407]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [2004-12-13 1527893]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-08-13 655360]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-08-14 602112]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-09-19 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-18 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-01-22 545576]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2010-02-08 14336]
S4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2008-10-27 759072]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-18 153376]
S4 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-09-10 269648]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S4 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Strašná kopa vírusov...

#3 Příspěvek od motji »

Dobrý večer :)
:arcisit: :arcisit: kde jste k tomu proboha přišel :arcisit: (já vím že se nemám ptát, ale tohle je tedy nadělení :arcisit: )

:arrow: Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

:arrow: Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.

:arrow: Pak poprosím o nový log ze Rsitu a všechno to smažeme :James008:
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Vlasta333
4. Stupeň Varování
Příspěvky: 73
Registrován: 25 kvě 2008 18:07

Re: Strašná kopa vírusov...

#4 Příspěvek od Vlasta333 »

Už to sťahujem - porobím všetky logy - len ma tu nenechávajte v tejto hávedi prosím :D
Práve spúšťam AVP-Tool.
Kde som prišiel k nim ? Blbec.Vypol som CIS - Comodo Internet Security a spustil dva hnusné cracky...
Ach jo - ponaučený do budúcna...
Srdečná VĎAKA a bozkávam Hanú :wub:
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Strašná kopa vírusov...

#5 Příspěvek od motji »

No tak to byla ale fakt blbost :roll: , doufám že jste se poučil a cracky už stahovat a spouštět nebudete :roll: .
AVPtool je na několik hodin :roll: , ale nebojte, i zítra tu budu :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Vlasta333
4. Stupeň Varování
Příspěvky: 73
Registrován: 25 kvě 2008 18:07

Re: Strašná kopa vírusov...

#6 Příspěvek od Vlasta333 »

Fuuuu - kašlem na to :?:
Je to hrôza ... Budem formátovať HDD ale aspoň pokým sa na to dám tak aspoň čosi spraviť aby sa mi tá pliaga nerozširovala.
RSIT sa spustiť nedá ( píše :arrow: Variable used without being declared ) a ani Gmer nespraví kompletný log.Zamrzne pri nejakej položke.
Tu je ten Kasper :
Autoscan: completed 15 minutes ago (events: 993, objects: 956252, time: 02:58:26)
8.2.2010 23:04:09 Task started
8.2.2010 23:05:07 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\mshta.exe
8.2.2010 23:05:07 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\mshta.exe Postponed
8.2.2010 23:05:09 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\notepad.exe
8.2.2010 23:05:09 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\notepad.exe Postponed
8.2.2010 23:05:14 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\regedit.exe
8.2.2010 23:05:14 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\regedit.exe Postponed
8.2.2010 23:05:33 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\7-Zip\7zFM.exe
8.2.2010 23:05:33 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\7-Zip\7zFM.exe Postponed
8.2.2010 23:06:24 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\accwiz.exe
8.2.2010 23:06:24 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\accwiz.exe Postponed
8.2.2010 23:06:34 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Windows Media Player\wmplayer.exe
8.2.2010 23:06:34 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Windows Media Player\wmplayer.exe Postponed
8.2.2010 23:08:42 Detected: Trojan.Win32.Sasfis.zpx C:\WINDOWS\system32\regedit.exe
8.2.2010 23:08:42 Untreated: Trojan.Win32.Sasfis.zpx C:\WINDOWS\system32\regedit.exe Postponed
8.2.2010 23:08:47 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Total Video Converter\tvp.exe
8.2.2010 23:08:47 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Total Video Converter\tvp.exe Postponed
8.2.2010 23:09:52 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\ati2sgag.exe
8.2.2010 23:09:52 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\ati2sgag.exe Postponed
8.2.2010 23:11:20 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\inf\unregmp2.exe
8.2.2010 23:11:20 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\inf\unregmp2.exe Postponed
8.2.2010 23:11:31 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\logon.scr
8.2.2010 23:11:31 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\logon.scr Postponed
8.2.2010 23:11:55 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\ABBYY FineReader 9.0\FineReader.exe
8.2.2010 23:11:55 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\ABBYY FineReader 9.0\FineReader.exe Postponed
8.2.2010 23:11:58 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqApkil.exe
8.2.2010 23:11:58 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqApkil.exe Postponed
8.2.2010 23:11:59 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqisc01.exe
8.2.2010 23:11:59 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqisc01.exe Postponed
8.2.2010 23:11:59 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqise01.exe
8.2.2010 23:11:59 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqise01.exe Postponed
8.2.2010 23:11:59 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqpanos.exe
8.2.2010 23:11:59 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqpanos.exe Postponed
8.2.2010 23:11:59 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe
8.2.2010 23:11:59 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe Postponed
8.2.2010 23:11:59 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\HPQPSXP.exe
8.2.2010 23:11:59 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\HPQPSXP.exe Postponed
8.2.2010 23:11:59 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqqpawp.exe
8.2.2010 23:11:59 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqqpawp.exe Postponed
8.2.2010 23:12:00 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqUnSet.exe
8.2.2010 23:12:00 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqUnSet.exe Postponed
8.2.2010 23:12:00 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqvpswp.exe
8.2.2010 23:12:00 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqvpswp.exe Postponed
8.2.2010 23:12:00 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqXfer.exe
8.2.2010 23:12:00 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqXfer.exe Postponed
8.2.2010 23:12:00 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe
8.2.2010 23:12:00 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe Postponed
8.2.2010 23:12:01 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn2.exe
8.2.2010 23:12:01 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn2.exe Postponed
8.2.2010 23:12:06 Detected: HEUR:Trojan-Downloader.Win32.Generic D:\Pouzity software 18.9.2oo9\2x Adobe portable\Portable ImageReady + CS2\Portable Photoshop CS2 a ImageReady\Photoshop\ImageReady.exe
8.2.2010 23:12:06 Untreated: HEUR:Trojan-Downloader.Win32.Generic D:\Pouzity software 18.9.2oo9\2x Adobe portable\Portable ImageReady + CS2\Portable Photoshop CS2 a ImageReady\Photoshop\ImageReady.exe Postponed
8.2.2010 23:12:09 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\MKVtoolnix\mmg.exe
8.2.2010 23:12:09 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\MKVtoolnix\mmg.exe Postponed
8.2.2010 23:12:09 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\GIF Movie Gear\movgear.exe
8.2.2010 23:12:09 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\GIF Movie Gear\movgear.exe Postponed
8.2.2010 23:12:12 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Womble Multimedia\MPEG Video Wizard DVD\MpegVideoWizard.exe
8.2.2010 23:12:12 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Womble Multimedia\MPEG Video Wizard DVD\MpegVideoWizard.exe Postponed
8.2.2010 23:12:17 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Palm\Palm Reader\Palm Reader.exe
8.2.2010 23:12:17 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Palm\Palm Reader\Palm Reader.exe Postponed
8.2.2010 23:12:19 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\PFPortChecker\PFPortChecker.exe
8.2.2010 23:12:19 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\PFPortChecker\PFPortChecker.exe Postponed
8.2.2010 23:12:20 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Windows NT\Pinball\PINBALL.EXE
8.2.2010 23:12:20 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Windows NT\Pinball\PINBALL.EXE Postponed
8.2.2010 23:12:20 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\CyberLink\Hi-Def Suite\PowerStarter.exe
8.2.2010 23:12:20 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\CyberLink\Hi-Def Suite\PowerStarter.exe Postponed
8.2.2010 23:12:24 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Unlocker\Unlocker.exe
8.2.2010 23:12:24 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Unlocker\Unlocker.exe Postponed
8.2.2010 23:12:24 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\ASUS\ASUSUpdate\Update.exe
8.2.2010 23:12:24 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\ASUS\ASUSUpdate\Update.exe Postponed
8.2.2010 23:12:24 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Microsoft ActiveSync\wcescomm.exe
8.2.2010 23:12:24 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Microsoft ActiveSync\wcescomm.exe Postponed
8.2.2010 23:12:25 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\WinRAR\WinRAR.exe
8.2.2010 23:12:25 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\WinRAR\WinRAR.exe Postponed
8.2.2010 23:12:31 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\logonui.exe
8.2.2010 23:12:31 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\logonui.exe Postponed
8.2.2010 23:12:36 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\cmd.exe
8.2.2010 23:12:36 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\cmd.exe Postponed
8.2.2010 23:13:12 Detected: not-a-virus:AdWare.Win32.EZula.ll C:\Program Files\Mozilla Firefox\extensions\{4b06c587-17dc-1680-5def-3864f40f0f9b}\components\6-6v_L.dll
8.2.2010 23:13:12 Untreated: not-a-virus:AdWare.Win32.EZula.ll C:\Program Files\Mozilla Firefox\extensions\{4b06c587-17dc-1680-5def-3864f40f0f9b}\components\6-6v_L.dll Postponed
8.2.2010 23:13:12 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\wbem\wmiprvse.exe
8.2.2010 23:13:12 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\wbem\wmiprvse.exe Postponed
8.2.2010 23:13:25 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\mshta.exe
8.2.2010 23:13:25 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\mshta.exe Postponed
8.2.2010 23:13:25 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\notepad.exe
8.2.2010 23:13:25 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\notepad.exe Postponed
8.2.2010 23:13:25 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\regedit.exe
8.2.2010 23:13:25 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\regedit.exe Postponed
8.2.2010 23:13:25 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\7-Zip\7zFM.exe
8.2.2010 23:13:25 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\7-Zip\7zFM.exe Postponed
8.2.2010 23:13:26 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\accwiz.exe
8.2.2010 23:13:26 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\accwiz.exe Postponed
8.2.2010 23:13:26 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Windows Media Player\wmplayer.exe
8.2.2010 23:13:26 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Windows Media Player\wmplayer.exe Postponed
8.2.2010 23:13:27 Detected: Trojan.Win32.Sasfis.zpx C:\WINDOWS\system32\regedit.exe
8.2.2010 23:13:27 Untreated: Trojan.Win32.Sasfis.zpx C:\WINDOWS\system32\regedit.exe Postponed
8.2.2010 23:13:28 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Total Video Converter\tvp.exe
8.2.2010 23:13:28 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Total Video Converter\tvp.exe Postponed
8.2.2010 23:13:29 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\ati2sgag.exe
8.2.2010 23:13:29 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\ati2sgag.exe Postponed
8.2.2010 23:13:32 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\inf\unregmp2.exe
8.2.2010 23:13:32 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\inf\unregmp2.exe Postponed
8.2.2010 23:13:33 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\logon.scr
8.2.2010 23:13:33 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\logon.scr Postponed
8.2.2010 23:13:47 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\ABBYY FineReader 9.0\FineReader.exe
8.2.2010 23:13:47 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\ABBYY FineReader 9.0\FineReader.exe Postponed
8.2.2010 23:13:48 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqApkil.exe
8.2.2010 23:13:48 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqApkil.exe Postponed
8.2.2010 23:13:48 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqise01.exe
8.2.2010 23:13:48 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqisc01.exe
8.2.2010 23:13:48 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqise01.exe Postponed
8.2.2010 23:13:48 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqisc01.exe Postponed
8.2.2010 23:13:48 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqpanos.exe
8.2.2010 23:13:48 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqpanos.exe Postponed
8.2.2010 23:13:48 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe
8.2.2010 23:13:48 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe Postponed
8.2.2010 23:13:48 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqqpawp.exe
8.2.2010 23:13:48 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqqpawp.exe Postponed
8.2.2010 23:13:48 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\HPQPSXP.exe
8.2.2010 23:13:48 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\HPQPSXP.exe Postponed
8.2.2010 23:13:48 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqUnSet.exe
8.2.2010 23:13:48 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqUnSet.exe Postponed
8.2.2010 23:13:48 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqvpswp.exe
8.2.2010 23:13:48 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqvpswp.exe Postponed
8.2.2010 23:13:48 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqXfer.exe
8.2.2010 23:13:48 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqXfer.exe Postponed
8.2.2010 23:13:49 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn2.exe
8.2.2010 23:13:49 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn2.exe Postponed
8.2.2010 23:13:49 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe
8.2.2010 23:13:49 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe Postponed
8.2.2010 23:13:52 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\GIF Movie Gear\movgear.exe
8.2.2010 23:13:52 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\GIF Movie Gear\movgear.exe Postponed
8.2.2010 23:13:52 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\MKVtoolnix\mmg.exe
8.2.2010 23:13:52 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\MKVtoolnix\mmg.exe Postponed
8.2.2010 23:13:52 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Womble Multimedia\MPEG Video Wizard DVD\MpegVideoWizard.exe
8.2.2010 23:13:52 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Womble Multimedia\MPEG Video Wizard DVD\MpegVideoWizard.exe Postponed
8.2.2010 23:13:56 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Palm\Palm Reader\Palm Reader.exe
8.2.2010 23:13:56 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Palm\Palm Reader\Palm Reader.exe Postponed
8.2.2010 23:13:56 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\PFPortChecker\PFPortChecker.exe
8.2.2010 23:13:56 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\PFPortChecker\PFPortChecker.exe Postponed
8.2.2010 23:13:57 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\CyberLink\Hi-Def Suite\PowerStarter.exe
8.2.2010 23:13:57 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\CyberLink\Hi-Def Suite\PowerStarter.exe Postponed
8.2.2010 23:13:57 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Windows NT\Pinball\PINBALL.EXE
8.2.2010 23:13:57 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Windows NT\Pinball\PINBALL.EXE Postponed
8.2.2010 23:13:59 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Unlocker\Unlocker.exe
8.2.2010 23:13:59 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Unlocker\Unlocker.exe Postponed
8.2.2010 23:13:59 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Microsoft ActiveSync\wcescomm.exe
8.2.2010 23:13:59 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Microsoft ActiveSync\wcescomm.exe Postponed
8.2.2010 23:13:59 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\ASUS\ASUSUpdate\Update.exe
8.2.2010 23:13:59 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\ASUS\ASUSUpdate\Update.exe Postponed
8.2.2010 23:14:00 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\WinRAR\WinRAR.exe
8.2.2010 23:14:00 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\WinRAR\WinRAR.exe Postponed
8.2.2010 23:14:01 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\logonui.exe
8.2.2010 23:14:01 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\logonui.exe Postponed
8.2.2010 23:14:02 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\cmd.exe
8.2.2010 23:14:02 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\cmd.exe Postponed
8.2.2010 23:14:02 Detected: HEUR:Trojan-Downloader.Win32.Generic D:\Pouzity software 18.9.2oo9\2x Adobe portable\Portable ImageReady + CS2\Portable Photoshop CS2 a ImageReady\Photoshop\ImageReady.exe
8.2.2010 23:14:02 Untreated: HEUR:Trojan-Downloader.Win32.Generic D:\Pouzity software 18.9.2oo9\2x Adobe portable\Portable ImageReady + CS2\Portable Photoshop CS2 a ImageReady\Photoshop\ImageReady.exe Postponed
8.2.2010 23:14:12 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\bkxov.exe
8.2.2010 23:14:12 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\bkxov.exe Postponed
8.2.2010 23:14:12 Detected: Trojan.Win32.Vilsel.shg C:\ecjew .exe
8.2.2010 23:14:12 Untreated: Trojan.Win32.Vilsel.shg C:\ecjew .exe Postponed
8.2.2010 23:14:12 Detected: Trojan.Win32.Vilsel.shg C:\ecjew.exe
8.2.2010 23:14:12 Untreated: Trojan.Win32.Vilsel.shg C:\ecjew.exe Postponed
8.2.2010 23:14:12 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\brhpxf.exe
8.2.2010 23:14:12 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\brhpxf.exe Postponed
8.2.2010 23:14:12 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\hfhhhml.exe
8.2.2010 23:14:12 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\hfhhhml.exe Postponed
8.2.2010 23:14:13 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\khlo.exe
8.2.2010 23:14:13 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\khlo.exe Postponed
8.2.2010 23:14:13 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\rkfo.exe
8.2.2010 23:14:13 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\rkfo.exe Postponed
8.2.2010 23:14:13 Detected: Trojan-Downloader.Win32.Genome.agvx C:\uipcafn.exe
8.2.2010 23:14:13 Untreated: Trojan-Downloader.Win32.Genome.agvx C:\uipcafn.exe Postponed
8.2.2010 23:14:14 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\xbxpi.exe
8.2.2010 23:14:14 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\xbxpi.exe Postponed
8.2.2010 23:14:14 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\xkmd.exe
8.2.2010 23:14:14 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\xkmd.exe Postponed
8.2.2010 23:14:27 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\MP10Setup.exe
8.2.2010 23:14:27 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\MP10Setup.exe Postponed
8.2.2010 23:14:57 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
8.2.2010 23:14:57 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe Postponed
8.2.2010 23:16:55 Detected: P2P-Worm.Win32.Polip.a C:\Documents and Settings\Krylias\Desktop\setup_9.0.0.722_08.02.2010_23-25.exe
8.2.2010 23:16:55 Untreated: P2P-Worm.Win32.Polip.a C:\Documents and Settings\Krylias\Desktop\setup_9.0.0.722_08.02.2010_23-25.exe Postponed
8.2.2010 23:18:16 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Krylias\Desktop\PC ochrana\T-Cleaner.exe
8.2.2010 23:18:16 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Krylias\Desktop\PC ochrana\T-Cleaner.exe Postponed
8.2.2010 23:18:17 Detected: not-a-virus:AdWare.Win32.EZula.la C:\Documents and Settings\Krylias\Desktop\PC ochrana\HijackThis\backups\backup-20100208-215153-924.dll
8.2.2010 23:18:17 Untreated: not-a-virus:AdWare.Win32.EZula.la C:\Documents and Settings\Krylias\Desktop\PC ochrana\HijackThis\backups\backup-20100208-215153-924.dll Postponed
8.2.2010 23:18:17 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Krylias\Desktop\PC ochrana\HijackThis\backups\backup-20100208-215153-480-kav7.0.1.325fr.exe
8.2.2010 23:18:17 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Krylias\Desktop\PC ochrana\HijackThis\backups\backup-20100208-215153-480-kav7.0.1.325fr.exe Postponed
8.2.2010 23:20:04 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\7-Zip\7zFM.exe
8.2.2010 23:20:04 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\7-Zip\7zFM.exe Postponed
8.2.2010 23:20:06 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\ABBYY FineReader 9.0\FineReader.exe
8.2.2010 23:20:06 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\ABBYY FineReader 9.0\FineReader.exe Postponed
8.2.2010 23:20:38 Detected: HEUR:Trojan.Win32.Generic C:\Program Files\Adobe\99939453.old/data0000
8.2.2010 23:20:38 Untreated: HEUR:Trojan.Win32.Generic C:\Program Files\Adobe\99939453.old/data0000 Postponed
8.2.2010 23:20:38 Detected: Packed.Win32.Krap.x C:\Program Files\Adobe\99939453.old/data0001
8.2.2010 23:22:09 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\ASUS\ASUSUpdate\Update.exe
8.2.2010 23:22:09 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\ASUS\ASUSUpdate\Update.exe Postponed
8.2.2010 23:22:11 Detected: Packed.Win32.Krap.x C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\clistart.exe
8.2.2010 23:22:11 Untreated: Packed.Win32.Krap.x C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\clistart.exe Postponed
8.2.2010 23:22:38 Detected: Trojan.Win32.Vilsel.rif C:\Program Files\AVS4YOU\AVSVideoConverter6\AVSVideoConverter.exe
8.2.2010 23:22:38 Untreated: Trojan.Win32.Vilsel.rif C:\Program Files\AVS4YOU\AVSVideoConverter6\AVSVideoConverter.exe Postponed
8.2.2010 23:25:55 Detected: Packed.Win32.Krap.x C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
8.2.2010 23:25:55 Untreated: Packed.Win32.Krap.x C:\Program Files\COMODO\COMODO Internet Security\cfp.exe Postponed
8.2.2010 23:25:57 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\COMODO\COMODO Internet Security\LPSSetup.exe
8.2.2010 23:25:57 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\COMODO\COMODO Internet Security\LPSSetup.exe Postponed
8.2.2010 23:25:59 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\CyberLink\Hi-Def Suite\PowerStarter.exe
8.2.2010 23:25:59 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\CyberLink\Hi-Def Suite\PowerStarter.exe Postponed
8.2.2010 23:26:39 Detected: Packed.Win32.Krap.x C:\Program Files\FirefoxPreloader\firefoxpreloader.exe
8.2.2010 23:26:39 Untreated: Packed.Win32.Krap.x C:\Program Files\FirefoxPreloader\firefoxpreloader.exe Postponed
8.2.2010 23:26:41 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\GIF Movie Gear\movgear.exe
8.2.2010 23:26:41 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\GIF Movie Gear\movgear.exe Postponed
8.2.2010 23:26:44 Detected: Packed.Win32.Krap.x C:\Program Files\Google\GoogleToolbarNotifier\googletoolbarnotifier.exe
8.2.2010 23:26:44 Untreated: Packed.Win32.Krap.x C:\Program Files\Google\GoogleToolbarNotifier\googletoolbarnotifier.exe Postponed
8.2.2010 23:26:45 Detected: Packed.Win32.Krap.x C:\Program Files\Google\Quick Search Box\googlequicksearchbox.exe
8.2.2010 23:26:45 Untreated: Packed.Win32.Krap.x C:\Program Files\Google\Quick Search Box\googlequicksearchbox.exe Postponed
8.2.2010 23:26:48 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqise01.exe
8.2.2010 23:26:48 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqisc01.exe
8.2.2010 23:26:48 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqise01.exe Postponed
8.2.2010 23:26:48 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqisc01.exe Postponed
8.2.2010 23:26:48 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqpanos.exe
8.2.2010 23:26:48 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqpanos.exe Postponed
8.2.2010 23:26:48 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqqpawp.exe
8.2.2010 23:26:48 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqqpawp.exe Postponed
8.2.2010 23:26:48 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\HPQPSXP.exe
8.2.2010 23:26:48 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\HPQPSXP.exe Postponed
8.2.2010 23:26:49 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqvpswp.exe
8.2.2010 23:26:49 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqvpswp.exe Postponed
8.2.2010 23:26:58 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqApkil.exe
8.2.2010 23:26:58 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqApkil.exe Postponed
8.2.2010 23:26:58 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqUnSet.exe
8.2.2010 23:26:58 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe
8.2.2010 23:26:58 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqUnSet.exe Postponed
8.2.2010 23:26:58 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe Postponed
8.2.2010 23:26:59 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqXfer.exe
8.2.2010 23:26:59 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqXfer.exe Postponed
8.2.2010 23:27:06 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn2.exe
8.2.2010 23:27:06 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn2.exe Postponed
8.2.2010 23:27:07 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe
8.2.2010 23:27:07 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe Postponed
8.2.2010 23:27:11 Detected: Packed.Win32.Krap.x C:\Program Files\iTunes\ituneshelper.exe
8.2.2010 23:27:11 Untreated: Packed.Win32.Krap.x C:\Program Files\iTunes\ituneshelper.exe Postponed
8.2.2010 23:27:37 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Microsoft ActiveSync\wcescomm.exe
8.2.2010 23:27:37 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Microsoft ActiveSync\wcescomm.exe Postponed
8.2.2010 23:27:53 Detected: Packed.Win32.Krap.x C:\Program Files\Microsoft Office\Office12\groovemonitor.exe
8.2.2010 23:27:53 Untreated: Packed.Win32.Krap.x C:\Program Files\Microsoft Office\Office12\groovemonitor.exe Postponed
8.2.2010 23:28:13 Detected: not-a-virus:AdWare.Win32.EZula.ll C:\Program Files\Mozilla Firefox\extensions\{4b06c587-17dc-1680-5def-3864f40f0f9b}\components\6-6v_L.dll
8.2.2010 23:28:13 Untreated: not-a-virus:AdWare.Win32.EZula.ll C:\Program Files\Mozilla Firefox\extensions\{4b06c587-17dc-1680-5def-3864f40f0f9b}\components\6-6v_L.dll Postponed
8.2.2010 23:28:14 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\MKVtoolnix\mmg.exe
8.2.2010 23:28:14 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\MKVtoolnix\mmg.exe Postponed
8.2.2010 23:28:36 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Palm\Palm Reader\Palm Reader.exe
8.2.2010 23:28:36 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Palm\Palm Reader\Palm Reader.exe Postponed
8.2.2010 23:28:39 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\PFPortChecker\PFPortChecker.exe
8.2.2010 23:28:39 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\PFPortChecker\PFPortChecker.exe Postponed
8.2.2010 23:28:49 Detected: Packed.Win32.Krap.x C:\Program Files\QuickTime Alternative\qttask.exe
8.2.2010 23:28:49 Untreated: Packed.Win32.Krap.x C:\Program Files\QuickTime Alternative\qttask.exe Postponed
8.2.2010 23:29:02 Detected: Packed.Win32.Krap.x C:\Program Files\Rainlendar2\rainlendar2.exe
8.2.2010 23:29:02 Untreated: Packed.Win32.Krap.x C:\Program Files\Rainlendar2\rainlendar2.exe Postponed
8.2.2010 23:30:05 Detected: Packed.Win32.Krap.x C:\Program Files\SPAMfighter\sfagent.exe
8.2.2010 23:30:05 Untreated: Packed.Win32.Krap.x C:\Program Files\SPAMfighter\sfagent.exe Postponed
8.2.2010 23:31:04 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Total Video Converter\tvp.exe
8.2.2010 23:31:04 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Total Video Converter\tvp.exe Postponed
8.2.2010 23:31:06 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Unlocker\Unlocker.exe
8.2.2010 23:31:06 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Unlocker\Unlocker.exe Postponed
8.2.2010 23:32:06 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Windows Media Player\wmplayer.exe
8.2.2010 23:32:06 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Windows Media Player\wmplayer.exe Postponed
8.2.2010 23:32:07 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Windows NT\Pinball\PINBALL.EXE
8.2.2010 23:32:07 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Windows NT\Pinball\PINBALL.EXE Postponed
8.2.2010 23:32:08 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\WinRAR\WinRAR.exe
8.2.2010 23:32:08 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\WinRAR\WinRAR.exe Postponed
8.2.2010 23:32:08 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Womble Multimedia\MPEG Video Wizard DVD\MpegVideoWizard.exe
8.2.2010 23:32:08 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Womble Multimedia\MPEG Video Wizard DVD\MpegVideoWizard.exe Postponed
8.2.2010 23:35:58 Detected: Trojan.Win32.Vilsel.shg C:\Qoobox\Quarantine\C\lsass.exe.vir
8.2.2010 23:35:58 Untreated: Trojan.Win32.Vilsel.shg C:\Qoobox\Quarantine\C\lsass.exe.vir Postponed
8.2.2010 23:35:58 Detected: Trojan-Downloader.Win32.Genome.afca C:\Qoobox\Quarantine\C\DOCUME~1\Krylias\LOCALS~1\temp\init.exe.vir
8.2.2010 23:35:58 Untreated: Trojan-Downloader.Win32.Genome.afca C:\Qoobox\Quarantine\C\DOCUME~1\Krylias\LOCALS~1\temp\init.exe.vir Postponed
8.2.2010 23:35:58 Detected: Packed.Win32.Krap.x C:\Qoobox\Quarantine\C\Program Files\Internet Explorer\js.mui.vir
8.2.2010 23:35:58 Untreated: Packed.Win32.Krap.x C:\Qoobox\Quarantine\C\Program Files\Internet Explorer\js.mui.vir Postponed
8.2.2010 23:35:59 Detected: P2P-Worm.Win32.Polip.a C:\Qoobox\Quarantine\C\Program Files\Adobe\acrotray .exe.vir
8.2.2010 23:35:59 Untreated: P2P-Worm.Win32.Polip.a C:\Qoobox\Quarantine\C\Program Files\Adobe\acrotray .exe.vir Postponed
8.2.2010 23:35:59 Detected: P2P-Worm.Win32.Polip.a C:\Qoobox\Quarantine\C\Program Files\Internet Explorer\wmpscfgs.exe.vir
8.2.2010 23:35:59 Untreated: P2P-Worm.Win32.Polip.a C:\Qoobox\Quarantine\C\Program Files\Internet Explorer\wmpscfgs.exe.vir Postponed
8.2.2010 23:35:59 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Qoobox\Quarantine\C\WINDOWS\ccdrive32.exe.vir
8.2.2010 23:35:59 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Qoobox\Quarantine\C\WINDOWS\ccdrive32.exe.vir Postponed
8.2.2010 23:35:59 Detected: Trojan.Win32.Vilsel.sfj C:\Qoobox\Quarantine\C\WINDOWS\system32\app_dll.dll.vir
8.2.2010 23:35:59 Untreated: Trojan.Win32.Vilsel.sfj C:\Qoobox\Quarantine\C\WINDOWS\system32\app_dll.dll.vir Postponed
8.2.2010 23:35:59 Detected: Trojan.Win32.Sasfis.ttz C:\Qoobox\Quarantine\C\WINDOWS\system32\regedit .exe.vir
8.2.2010 23:35:59 Untreated: Trojan.Win32.Sasfis.ttz C:\Qoobox\Quarantine\C\WINDOWS\system32\regedit .exe.vir Postponed
8.2.2010 23:35:59 Detected: Trojan-Downloader.Win32.Genome.agvx C:\Qoobox\Quarantine\C\WINDOWS\system32\regedit.exe.vir
8.2.2010 23:35:59 Untreated: Trojan-Downloader.Win32.Genome.agvx C:\Qoobox\Quarantine\C\WINDOWS\system32\regedit.exe.vir Postponed
8.2.2010 23:38:10 Detected: Virus.Win32.Parite.b C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011149.exe
8.2.2010 23:38:10 Untreated: Virus.Win32.Parite.b C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011149.exe Postponed
8.2.2010 23:38:10 Detected: Virus.Win32.Parite.b C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011148.exe
8.2.2010 23:38:10 Untreated: Virus.Win32.Parite.b C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011148.exe Postponed
8.2.2010 23:38:14 Detected: Trojan.Win32.VB.msz C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011161.EXE/data0000.cab/dll.exe
8.2.2010 23:38:14 Untreated: Trojan.Win32.VB.msz C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011161.EXE/data0000.cab/dll.exe Postponed
8.2.2010 23:43:51 Detected: Trojan-Dropper.Win32.Clons.dor C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP22\A0015822.exe
8.2.2010 23:43:51 Untreated: Trojan-Dropper.Win32.Clons.dor C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP22\A0015822.exe Postponed
8.2.2010 23:44:06 Detected: Trojan-Dropper.Win32.Clons.dor C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP22\A0015940.exe
8.2.2010 23:44:06 Untreated: Trojan-Dropper.Win32.Clons.dor C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP22\A0015940.exe Postponed
8.2.2010 23:44:15 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016109.exe
8.2.2010 23:44:15 Untreated: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016109.exe Postponed
8.2.2010 23:44:16 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016111.exe
8.2.2010 23:44:16 Untreated: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016111.exe Postponed
8.2.2010 23:44:16 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016112.exe
8.2.2010 23:44:16 Untreated: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016112.exe Postponed
8.2.2010 23:44:16 Detected: Backdoor.Win32.IRCBot.nma C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016113.exe
8.2.2010 23:44:16 Untreated: Backdoor.Win32.IRCBot.nma C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016113.exe Postponed
8.2.2010 23:44:19 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016116.exe
8.2.2010 23:44:19 Untreated: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016116.exe Postponed
8.2.2010 23:44:20 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016117.exe
8.2.2010 23:44:20 Untreated: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016117.exe Postponed
8.2.2010 23:44:20 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016118.exe
8.2.2010 23:44:20 Untreated: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016118.exe Postponed
8.2.2010 23:44:20 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016119.exe
8.2.2010 23:44:20 Untreated: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016119.exe Postponed
8.2.2010 23:44:31 Detected: Backdoor.Win32.IRCBot.nma C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016136.exe
8.2.2010 23:44:31 Untreated: Backdoor.Win32.IRCBot.nma C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016136.exe Postponed
8.2.2010 23:44:35 Detected: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016151.exe
8.2.2010 23:44:35 Untreated: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016151.exe Postponed
8.2.2010 23:44:36 Detected: Trojan-Downloader.NSIS.Agent.cn C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016082.exe/data0003/data0001
8.2.2010 23:44:36 Untreated: Trojan-Downloader.NSIS.Agent.cn C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016082.exe/data0003/data0001 Postponed
8.2.2010 23:44:38 Detected: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016194.exe
8.2.2010 23:44:38 Untreated: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016194.exe Postponed
8.2.2010 23:44:38 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016196.exe
8.2.2010 23:44:38 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016196.exe Postponed
8.2.2010 23:44:38 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016197.exe
8.2.2010 23:44:38 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016197.exe Postponed
8.2.2010 23:44:38 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016198.exe
8.2.2010 23:44:38 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016198.exe Postponed
8.2.2010 23:44:38 Detected: Trojan.Win32.Sasfis.zpx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016200.exe
8.2.2010 23:44:38 Untreated: Trojan.Win32.Sasfis.zpx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016200.exe Postponed
8.2.2010 23:44:38 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016201.exe
8.2.2010 23:44:38 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016201.exe Postponed
8.2.2010 23:44:38 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016202.exe
8.2.2010 23:44:38 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016202.exe Postponed
8.2.2010 23:44:38 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016203.exe
8.2.2010 23:44:38 Untreated: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016203.exe Postponed
8.2.2010 23:44:38 Detected: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016204.exe
8.2.2010 23:44:38 Untreated: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016204.exe Postponed
8.2.2010 23:44:38 Detected: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016207.exe
8.2.2010 23:44:38 Untreated: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016207.exe Postponed
8.2.2010 23:44:38 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016206.exe
8.2.2010 23:44:38 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016206.exe Postponed
8.2.2010 23:44:38 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016209.exe
8.2.2010 23:44:38 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016209.exe Postponed
8.2.2010 23:44:38 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016210.exe
8.2.2010 23:44:38 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016210.exe Postponed
8.2.2010 23:44:39 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016211.exe
8.2.2010 23:44:39 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016211.exe Postponed
8.2.2010 23:44:39 Detected: Trojan.Win32.Sasfis.zpx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016212.exe
8.2.2010 23:44:39 Untreated: Trojan.Win32.Sasfis.zpx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016212.exe Postponed
8.2.2010 23:44:39 Detected: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016241.exe
8.2.2010 23:44:39 Untreated: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016241.exe Postponed
8.2.2010 23:44:39 Detected: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016243.exe
8.2.2010 23:44:39 Untreated: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016243.exe Postponed
8.2.2010 23:44:39 Detected: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016244.exe
8.2.2010 23:44:39 Untreated: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016244.exe Postponed
8.2.2010 23:44:39 Detected: Trojan.Win32.Sasfis.zpx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016246.exe
8.2.2010 23:44:39 Untreated: Trojan.Win32.Sasfis.zpx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016246.exe Postponed
8.2.2010 23:44:40 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016247.exe
8.2.2010 23:44:40 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016247.exe Postponed
8.2.2010 23:44:40 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016248.exe
8.2.2010 23:44:40 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016248.exe Postponed
8.2.2010 23:44:40 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016250.exe
8.2.2010 23:44:40 Untreated: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016250.exe Postponed
8.2.2010 23:44:40 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016254.exe
8.2.2010 23:44:40 Untreated: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016254.exe Postponed
8.2.2010 23:44:40 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016255.exe
8.2.2010 23:44:40 Untreated: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016255.exe Postponed
8.2.2010 23:45:28 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016262.exe
8.2.2010 23:45:28 Untreated: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016262.exe Postponed
8.2.2010 23:45:29 Detected: not-a-virus:AdWare.Win32.EZula.la C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016269.dll
8.2.2010 23:45:29 Untreated: not-a-virus:AdWare.Win32.EZula.la C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016269.dll Postponed
8.2.2010 23:45:29 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016270.exe
8.2.2010 23:45:29 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016270.exe Postponed
8.2.2010 23:45:30 Detected: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016279.exe
8.2.2010 23:45:30 Untreated: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016279.exe Postponed
8.2.2010 23:45:31 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016282.exe
8.2.2010 23:45:31 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016282.exe Postponed
8.2.2010 23:45:32 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016284.exe
8.2.2010 23:45:32 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016284.exe Postponed
8.2.2010 23:45:33 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016285.exe
8.2.2010 23:45:33 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016285.exe Postponed
8.2.2010 23:45:34 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016286.exe
8.2.2010 23:45:34 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016286.exe Postponed
8.2.2010 23:45:35 Detected: Trojan-Downloader.Win32.Genome.agvx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016287.exe
8.2.2010 23:45:35 Untreated: Trojan-Downloader.Win32.Genome.agvx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016287.exe Postponed
8.2.2010 23:45:36 Detected: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016288.exe
8.2.2010 23:45:36 Untreated: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016288.exe Postponed
8.2.2010 23:45:36 Detected: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016289.exe
8.2.2010 23:45:36 Untreated: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016289.exe Postponed
8.2.2010 23:45:36 Detected: Trojan-Downloader.Win32.Genome.agvx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016290.exe
8.2.2010 23:45:36 Untreated: Trojan-Downloader.Win32.Genome.agvx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016290.exe Postponed
8.2.2010 23:45:43 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016311.exe
8.2.2010 23:45:43 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016311.exe Postponed
8.2.2010 23:45:43 Detected: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016312.exe
8.2.2010 23:45:43 Untreated: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016312.exe Postponed
8.2.2010 23:45:51 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016330.exe
8.2.2010 23:45:51 Untreated: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016330.exe Postponed
8.2.2010 23:45:51 Detected: Trojan.Win32.Sasfis.ttz C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016331.exe
Nahoru
Vlasta333
4. Stupeň Varování
Příspěvky: 73
Registrován: 25 kvě 2008 18:07

Re: Strašná kopa vírusov...

#7 Příspěvek od Vlasta333 »

8.2.2010 23:45:51 Untreated: Trojan.Win32.Sasfis.ttz C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016331.exe Postponed
8.2.2010 23:45:51 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016332.exe
8.2.2010 23:45:51 Untreated: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016332.exe Postponed
8.2.2010 23:45:52 Detected: Backdoor.Win32.IRCBot.nma C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016333.exe
8.2.2010 23:45:52 Untreated: Backdoor.Win32.IRCBot.nma C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016333.exe Postponed
8.2.2010 23:46:01 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016338.exe
8.2.2010 23:46:01 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016338.exe Postponed
8.2.2010 23:46:03 Detected: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016353.exe
8.2.2010 23:46:03 Untreated: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016353.exe Postponed
8.2.2010 23:46:03 Detected: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016354.exe
8.2.2010 23:46:03 Untreated: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016354.exe Postponed
8.2.2010 23:46:03 Detected: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016355.exe
8.2.2010 23:46:03 Untreated: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016355.exe Postponed
8.2.2010 23:46:03 Detected: Trojan.Win32.Vilsel.sfj C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016357.dll
8.2.2010 23:46:03 Untreated: Trojan.Win32.Vilsel.sfj C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016357.dll Postponed
8.2.2010 23:46:06 Detected: Trojan.Win32.Sasfis.ttz C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016360.exe
8.2.2010 23:46:06 Untreated: Trojan.Win32.Sasfis.ttz C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016360.exe Postponed
8.2.2010 23:46:06 Detected: Trojan-Downloader.Win32.Genome.agvx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016361.exe
8.2.2010 23:46:06 Untreated: Trojan-Downloader.Win32.Genome.agvx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016361.exe Postponed
8.2.2010 23:46:23 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017373.exe
8.2.2010 23:46:23 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017373.exe Postponed
8.2.2010 23:46:26 Detected: Trojan.Win32.Sasfis.zpx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017388.exe
8.2.2010 23:46:26 Untreated: Trojan.Win32.Sasfis.zpx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017388.exe Postponed
8.2.2010 23:46:26 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017389.exe
8.2.2010 23:46:26 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017389.exe Postponed
8.2.2010 23:46:27 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017390.exe
8.2.2010 23:46:27 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017390.exe Postponed
8.2.2010 23:46:27 Detected: Trojan-Downloader.Win32.Genome.agvx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017391.exe
8.2.2010 23:46:27 Untreated: Trojan-Downloader.Win32.Genome.agvx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017391.exe Postponed
8.2.2010 23:46:28 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017393.exe
8.2.2010 23:46:28 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017393.exe Postponed
8.2.2010 23:46:28 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017392.exe
8.2.2010 23:46:28 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017392.exe Postponed
8.2.2010 23:46:29 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017394.exe
8.2.2010 23:46:29 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017394.exe Postponed
8.2.2010 23:46:29 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017415.exe
8.2.2010 23:46:29 Untreated: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017415.exe Postponed
8.2.2010 23:46:29 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017416.exe
8.2.2010 23:46:29 Untreated: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017416.exe Postponed
8.2.2010 23:46:29 Detected: Trojan-Downloader.Win32.Genome.abqm C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017418.exe
8.2.2010 23:46:29 Untreated: Trojan-Downloader.Win32.Genome.abqm C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017418.exe Postponed
8.2.2010 23:46:30 Detected: Trojan-Dropper.Win32.Clons.dor C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017421.exe
8.2.2010 23:46:30 Untreated: Trojan-Dropper.Win32.Clons.dor C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017421.exe Postponed
8.2.2010 23:46:30 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017419.exe
8.2.2010 23:46:30 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017419.exe Postponed
8.2.2010 23:46:30 Detected: Trojan-Downloader.Win32.FraudLoad.feh C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017426.exe
8.2.2010 23:46:30 Untreated: Trojan-Downloader.Win32.FraudLoad.feh C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017426.exe Postponed
8.2.2010 23:53:16 Detected: Trojan-PSW.Win32.Dybalom.lq C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(2)\RP52\A0008474.exe/data0002
8.2.2010 23:53:16 Untreated: Trojan-PSW.Win32.Dybalom.lq C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(2)\RP52\A0008474.exe/data0002 Postponed
8.2.2010 23:53:28 Detected: Trojan-PSW.Win32.Dybalom.lq C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(2)\RP52\A0008477.exe/data0002
8.2.2010 23:53:28 Untreated: Trojan-PSW.Win32.Dybalom.lq C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(2)\RP52\A0008477.exe/data0002 Postponed
8.2.2010 23:57:24 Detected: Virus.Win32.Induc.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(2)\RP53\A0009916.exe
8.2.2010 23:57:24 Untreated: Virus.Win32.Induc.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(2)\RP53\A0009916.exe Postponed
8.2.2010 23:57:24 Detected: Virus.Win32.Induc.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(2)\RP53\A0009920.exe
8.2.2010 23:57:24 Untreated: Virus.Win32.Induc.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(2)\RP53\A0009920.exe Postponed
8.2.2010 23:58:24 Detected: Trojan-Downloader.Win32.Adload.lrt C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(3)\RP5\A0027423.CS
8.2.2010 23:58:24 Untreated: Trojan-Downloader.Win32.Adload.lrt C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(3)\RP5\A0027423.CS Postponed
8.2.2010 23:58:25 Detected: Trojan-Downloader.Win32.Adload.ibw C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(3)\RP5\A0027424.exe/data0000
8.2.2010 23:58:25 Untreated: Trojan-Downloader.Win32.Adload.ibw C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(3)\RP5\A0027424.exe/data0000 Postponed
8.2.2010 23:59:21 Detected: Trojan-PSW.Win32.Dybalom.aq C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(4)\RP12\A0028092.exe
8.2.2010 23:59:21 Untreated: Trojan-PSW.Win32.Dybalom.aq C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(4)\RP12\A0028092.exe Postponed
8.2.2010 23:59:52 Detected: Virus.Win32.Induc.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(5)\RP102\A0058141.exe/PE_Patch/MewBundle/MEW
8.2.2010 23:59:52 Untreated: Virus.Win32.Induc.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(5)\RP102\A0058141.exe/PE_Patch/MewBundle/MEW Postponed
9.2.2010 0:00:17 Detected: HackTool.Win32.PassDic.y C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(5)\RP117\A0058741.exe/data0011
9.2.2010 0:00:17 Untreated: HackTool.Win32.PassDic.y C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(5)\RP117\A0058741.exe/data0011 Postponed
9.2.2010 0:02:37 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\regedit.exe
9.2.2010 0:02:37 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\regedit.exe Postponed
9.2.2010 0:02:38 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\WINDOWS\updated7.exe
9.2.2010 0:02:38 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\WINDOWS\updated7.exe Postponed
9.2.2010 0:04:07 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\inf\unregmp2.exe
9.2.2010 0:04:07 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\inf\unregmp2.exe Postponed
9.2.2010 0:05:57 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\accwiz.exe
9.2.2010 0:05:57 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\accwiz.exe Postponed
9.2.2010 0:05:58 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\ati2sgag.exe
9.2.2010 0:05:58 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\ati2sgag.exe Postponed
9.2.2010 0:06:01 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\cmd.exe
9.2.2010 0:06:01 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\cmd.exe Postponed
9.2.2010 0:06:08 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\mshta.exe
9.2.2010 0:06:08 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\mshta.exe Postponed
9.2.2010 0:06:09 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\logon.scr
9.2.2010 0:06:09 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\logon.scr Postponed
9.2.2010 0:06:10 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\logonui.exe
9.2.2010 0:06:10 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\logonui.exe Postponed
9.2.2010 0:06:11 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\notepad.exe
9.2.2010 0:06:11 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\notepad.exe Postponed
9.2.2010 0:06:12 Detected: Trojan.Win32.Sasfis.zpx C:\WINDOWS\system32\regedit.exe
9.2.2010 0:06:12 Untreated: Trojan.Win32.Sasfis.zpx C:\WINDOWS\system32\regedit.exe Postponed
9.2.2010 0:06:56 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\wbem\wmiprvse.exe
9.2.2010 0:06:56 Untreated: P2P-Worm.Win32.Polip.a C:\WINDOWS\system32\wbem\wmiprvse.exe Postponed
9.2.2010 0:12:17 Detected: Virus.Win32.Induc.b D:\All My Movies 5.5 Build 1284\amm_setup.exe/data0000
9.2.2010 0:12:17 Untreated: Virus.Win32.Induc.b D:\All My Movies 5.5 Build 1284\amm_setup.exe/data0000 Postponed
9.2.2010 1:21:45 Detected: Trojan-Dropper.Win32.Agent.aypg D:\Power Data Recovery PRO 4.6.5 Full\4.6.5 Full.rar/Power Data Recovery PRO 4.6.5 Full/Power Data Recovery Pro v4.6.5.EXE/#
9.2.2010 1:21:45 Untreated: Trojan-Dropper.Win32.Agent.aypg D:\Power Data Recovery PRO 4.6.5 Full\4.6.5 Full.rar/Power Data Recovery PRO 4.6.5 Full/Power Data Recovery Pro v4.6.5.EXE/# Postponed
9.2.2010 1:21:48 Detected: Trojan-Dropper.Win32.Agent.aypg D:\Power Data Recovery PRO 4.6.5 Full\Power Data Recovery Pro v4.6.5.EXE/#
9.2.2010 1:21:48 Untreated: Trojan-Dropper.Win32.Agent.aypg D:\Power Data Recovery PRO 4.6.5 Full\Power Data Recovery Pro v4.6.5.EXE/# Postponed
9.2.2010 1:22:18 Detected: Packed.Win32.PePatch.dk D:\Software + záloha vo FF - 5.2.2oo9\ABBYY Screenshot Reader\ABBYY Screenshot Reader 9.0.0.1003\CRACK\FineObj.dll
9.2.2010 1:22:18 Untreated: Packed.Win32.PePatch.dk D:\Software + záloha vo FF - 5.2.2oo9\ABBYY Screenshot Reader\ABBYY Screenshot Reader 9.0.0.1003\CRACK\FineObj.dll Postponed
9.2.2010 1:23:19 Detected: Backdoor.Win32.IRCBot.leu D:\Software - 3.8.2oo9\2x Driver Updater Pro\Driver Updater Pro v.2.3.2.0\Driver Updater Pro v.2.3.2.0.rar/Driver_Updater_Pro_v2.3.2.0/Driver Updater Pro v2.3.2.0/Driver Updater Pro v2.3.2.0 Full.exe
9.2.2010 1:23:19 Untreated: Backdoor.Win32.IRCBot.leu D:\Software - 3.8.2oo9\2x Driver Updater Pro\Driver Updater Pro v.2.3.2.0\Driver Updater Pro v.2.3.2.0.rar/Driver_Updater_Pro_v2.3.2.0/Driver Updater Pro v2.3.2.0/Driver Updater Pro v2.3.2.0 Full.exe Postponed
9.2.2010 1:23:20 Detected: Backdoor.Win32.IRCBot.leu D:\Software - 3.8.2oo9\2x Driver Updater Pro\Driver Updater Pro v.2.3.2.0\Driver Updater Pro v2.3.2.0\Driver Updater Pro v2.3.2.0 Full.exe
9.2.2010 1:23:20 Untreated: Backdoor.Win32.IRCBot.leu D:\Software - 3.8.2oo9\2x Driver Updater Pro\Driver Updater Pro v.2.3.2.0\Driver Updater Pro v2.3.2.0\Driver Updater Pro v2.3.2.0 Full.exe Postponed
9.2.2010 1:23:25 Detected: Trojan.Win32.Tdss.rjj D:\Software - 3.8.2oo9\2x Watermark\Watermark Master 2.2.10\WatermarkMaster_Install.EXE/data0000.cab/303365~1.EXE
9.2.2010 1:23:25 Untreated: Trojan.Win32.Tdss.rjj D:\Software - 3.8.2oo9\2x Watermark\Watermark Master 2.2.10\WatermarkMaster_Install.EXE/data0000.cab/303365~1.EXE Postponed
9.2.2010 1:23:30 Detected: Virus.Win32.Induc.a D:\Software - 3.8.2oo9\AMS Software Photo Effects Studio 2.0\Photo Effects Studio 2.0\setup.exe/data0000
9.2.2010 1:23:30 Untreated: Virus.Win32.Induc.a D:\Software - 3.8.2oo9\AMS Software Photo Effects Studio 2.0\Photo Effects Studio 2.0\setup.exe/data0000 Postponed
9.2.2010 1:25:16 Detected: Backdoor.Win32.Bredolab.bvh D:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011128.exe/data0002
9.2.2010 1:25:16 Untreated: Backdoor.Win32.Bredolab.bvh D:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011128.exe/data0002 Postponed
9.2.2010 1:26:10 Detected: HEUR:Trojan-Downloader.Win32.Generic D:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016224.exe
9.2.2010 1:26:10 Untreated: HEUR:Trojan-Downloader.Win32.Generic D:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016224.exe Postponed
9.2.2010 1:26:32 Detected: HEUR:Trojan-Downloader.Win32.Generic D:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016258.exe
9.2.2010 1:26:32 Untreated: HEUR:Trojan-Downloader.Win32.Generic D:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016258.exe Postponed
9.2.2010 1:26:49 Detected: HEUR:Trojan-Downloader.Win32.Generic D:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016297.exe
9.2.2010 1:26:49 Untreated: HEUR:Trojan-Downloader.Win32.Generic D:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016297.exe Postponed
9.2.2010 1:27:18 Detected: HEUR:Trojan-Downloader.Win32.Generic D:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017319.exe
9.2.2010 1:27:18 Untreated: HEUR:Trojan-Downloader.Win32.Generic D:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017319.exe Postponed
9.2.2010 1:28:05 Detected: Trojan-Downloader.NSIS.Agent.cv D:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(3)\RP23\A0031625.exe/data0003/data0001
9.2.2010 1:28:05 Untreated: Trojan-Downloader.NSIS.Agent.cv D:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(3)\RP23\A0031625.exe/data0003/data0001 Postponed
9.2.2010 1:29:34 Detected: Backdoor.Win32.Bredolab.bvh D:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011128.exe/data0003/data0002
9.2.2010 1:32:34 Detected: Trojan.Win32.Swisyn.rgy D:\Windows 7\7Loader By Orbit30 & Hazar v1.2.exe
9.2.2010 1:32:34 Untreated: Trojan.Win32.Swisyn.rgy D:\Windows 7\7Loader By Orbit30 & Hazar v1.2.exe Postponed
9.2.2010 1:33:28 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
9.2.2010 1:34:33 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Krylias\Desktop\PC ochrana\HijackThis\backups\backup-20100208-215153-480-kav7.0.1.325fr.exe
9.2.2010 1:34:56 Detected: not-a-virus:AdWare.Win32.EZula.la C:\Documents and Settings\Krylias\Desktop\PC ochrana\HijackThis\backups\backup-20100208-215153-924.dll
9.2.2010 1:35:11 Deleted: not-a-virus:AdWare.Win32.EZula.la C:\Documents and Settings\Krylias\Desktop\PC ochrana\HijackThis\backups\backup-20100208-215153-924.dll
9.2.2010 1:35:11 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Krylias\Desktop\PC ochrana\T-Cleaner.exe
9.2.2010 1:35:29 Untreated: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Krylias\Desktop\PC ochrana\T-Cleaner.exe Skipped by user
9.2.2010 1:35:33 Detected: P2P-Worm.Win32.Polip.a C:\Documents and Settings\Krylias\Desktop\setup_9.0.0.722_08.02.2010_23-25.exe
9.2.2010 1:35:43 Disinfected: P2P-Worm.Win32.Polip.a C:\Documents and Settings\Krylias\Desktop\setup_9.0.0.722_08.02.2010_23-25.exe
9.2.2010 1:36:05 Disinfected: P2P-Worm.Win32.Polip.a C:\Documents and Settings\Krylias\Desktop\setup_9.0.0.722_08.02.2010_23-25.exe
9.2.2010 1:36:09 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\MP10Setup.exe
9.2.2010 1:36:58 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\7-Zip\7zFM.exe
9.2.2010 1:37:04 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\7-Zip\7zFM.exe Skipped by user
9.2.2010 1:37:04 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\ABBYY FineReader 9.0\FineReader.exe
9.2.2010 1:37:07 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\ABBYY FineReader 9.0\FineReader.exe Skipped by user
9.2.2010 1:37:07 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\ASUS\ASUSUpdate\Update.exe
9.2.2010 1:37:09 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\ASUS\ASUSUpdate\Update.exe Skipped by user
9.2.2010 1:37:09 Detected: Packed.Win32.Krap.x C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\clistart.exe
9.2.2010 1:37:11 Untreated: Packed.Win32.Krap.x C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\clistart.exe Skipped by user
9.2.2010 1:37:14 Detected: Trojan.Win32.Vilsel.rif C:\Program Files\AVS4YOU\AVSVideoConverter6\AVSVideoConverter.exe
9.2.2010 1:37:18 Untreated: Trojan.Win32.Vilsel.rif C:\Program Files\AVS4YOU\AVSVideoConverter6\AVSVideoConverter.exe Skipped by user
9.2.2010 1:37:18 Detected: HEUR:Trojan.Win32.Generic C:\Program Files\Adobe\99939453.old/data0000
9.2.2010 1:37:28 Detected: Packed.Win32.Krap.x C:\Program Files\Adobe\99939453.old/data0001
9.2.2010 1:37:28 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\COMODO\COMODO Internet Security\LPSSetup.exe
9.2.2010 1:37:34 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\COMODO\COMODO Internet Security\LPSSetup.exe
9.2.2010 1:37:35 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\COMODO\COMODO Internet Security\LPSSetup.exe
9.2.2010 1:37:35 Detected: Packed.Win32.Krap.x C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
9.2.2010 1:37:47 Deleted: Packed.Win32.Krap.x C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
9.2.2010 1:37:47 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\CyberLink\Hi-Def Suite\PowerStarter.exe
9.2.2010 1:38:04 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\CyberLink\Hi-Def Suite\PowerStarter.exe Skipped by user
9.2.2010 1:38:04 Detected: Packed.Win32.Krap.x C:\Program Files\FirefoxPreloader\firefoxpreloader.exe
9.2.2010 1:38:58 Deleted: Packed.Win32.Krap.x C:\Program Files\FirefoxPreloader\firefoxpreloader.exe
9.2.2010 1:38:58 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\GIF Movie Gear\movgear.exe
9.2.2010 1:39:02 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\GIF Movie Gear\movgear.exe Skipped by user
9.2.2010 1:39:02 Detected: Packed.Win32.Krap.x C:\Program Files\Google\GoogleToolbarNotifier\googletoolbarnotifier.exe
9.2.2010 1:39:05 Untreated: Packed.Win32.Krap.x C:\Program Files\Google\GoogleToolbarNotifier\googletoolbarnotifier.exe Skipped by user
9.2.2010 1:39:05 Detected: Packed.Win32.Krap.x C:\Program Files\Google\Quick Search Box\googlequicksearchbox.exe
9.2.2010 1:39:07 Untreated: Packed.Win32.Krap.x C:\Program Files\Google\Quick Search Box\googlequicksearchbox.exe Skipped by user
9.2.2010 1:39:08 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqApkil.exe
9.2.2010 1:39:14 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqApkil.exe
9.2.2010 1:39:14 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqApkil.exe
9.2.2010 1:39:14 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe
9.2.2010 1:39:18 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe
9.2.2010 1:39:18 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe
9.2.2010 1:39:18 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqUnSet.exe
9.2.2010 1:39:21 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqUnSet.exe
9.2.2010 1:39:21 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqUnSet.exe
9.2.2010 1:39:21 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqXfer.exe
9.2.2010 1:39:23 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqXfer.exe
9.2.2010 1:39:23 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\Unload\HpqXfer.exe
9.2.2010 1:39:23 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\HPQPSXP.exe
9.2.2010 1:39:25 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\HPQPSXP.exe
9.2.2010 1:39:25 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\HPQPSXP.exe
9.2.2010 1:39:26 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqisc01.exe
9.2.2010 1:39:28 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqisc01.exe
9.2.2010 1:39:28 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqisc01.exe
9.2.2010 1:39:28 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqise01.exe
9.2.2010 1:39:29 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqise01.exe
9.2.2010 1:39:29 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqise01.exe
9.2.2010 1:39:29 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqpanos.exe
9.2.2010 1:39:30 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqpanos.exe
9.2.2010 1:39:30 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqpanos.exe
9.2.2010 1:39:31 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqqpawp.exe
Naposledy upravil(a) Vlasta333 dne 09 úno 2010 03:28, celkem upraveno 1 x.
Nahoru
Vlasta333
4. Stupeň Varování
Příspěvky: 73
Registrován: 25 kvě 2008 18:07

Re: Strašná kopa vírusov...

#8 Příspěvek od Vlasta333 »

9.2.2010 1:39:32 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqqpawp.exe
9.2.2010 1:39:32 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqqpawp.exe
9.2.2010 1:39:32 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqvpswp.exe
9.2.2010 1:39:34 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqvpswp.exe
9.2.2010 1:39:34 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\HP\Digital Imaging\bin\hpqvpswp.exe
9.2.2010 1:39:34 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe
9.2.2010 1:39:36 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe
9.2.2010 1:39:36 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe
9.2.2010 1:39:36 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn2.exe
9.2.2010 1:39:43 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn2.exe
9.2.2010 1:39:43 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\Connection Wizard\icwconn2.exe
9.2.2010 1:39:43 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\MKVtoolnix\mmg.exe
9.2.2010 1:39:46 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\MKVtoolnix\mmg.exe Skipped by user
9.2.2010 1:39:46 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Microsoft ActiveSync\wcescomm.exe
9.2.2010 1:39:54 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\Microsoft ActiveSync\wcescomm.exe
9.2.2010 1:39:54 Detected: Packed.Win32.Krap.x C:\Program Files\Microsoft ActiveSync\wcescomm.exe
9.2.2010 1:41:05 Deleted: Packed.Win32.Krap.x C:\Program Files\Microsoft ActiveSync\wcescomm.exe
9.2.2010 1:41:05 Detected: Packed.Win32.Krap.x C:\Program Files\Microsoft Office\Office12\groovemonitor.exe
9.2.2010 1:41:12 Untreated: Packed.Win32.Krap.x C:\Program Files\Microsoft Office\Office12\groovemonitor.exe Skipped by user
9.2.2010 1:41:12 Detected: not-a-virus:AdWare.Win32.EZula.ll C:\Program Files\Mozilla Firefox\extensions\{4b06c587-17dc-1680-5def-3864f40f0f9b}\components\6-6v_L.dll
9.2.2010 1:41:23 Deleted: not-a-virus:AdWare.Win32.EZula.ll C:\Program Files\Mozilla Firefox\extensions\{4b06c587-17dc-1680-5def-3864f40f0f9b}\components\6-6v_L.dll
9.2.2010 1:41:23 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\PFPortChecker\PFPortChecker.exe
9.2.2010 1:41:27 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\PFPortChecker\PFPortChecker.exe Skipped by user
9.2.2010 1:41:27 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Palm\Palm Reader\Palm Reader.exe
9.2.2010 1:41:29 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Palm\Palm Reader\Palm Reader.exe Skipped by user
9.2.2010 1:41:29 Detected: Packed.Win32.Krap.x C:\Program Files\QuickTime Alternative\qttask.exe
9.2.2010 1:41:31 Untreated: Packed.Win32.Krap.x C:\Program Files\QuickTime Alternative\qttask.exe Skipped by user
9.2.2010 1:41:31 Detected: Packed.Win32.Krap.x C:\Program Files\Rainlendar2\rainlendar2.exe
9.2.2010 1:41:33 Untreated: Packed.Win32.Krap.x C:\Program Files\Rainlendar2\rainlendar2.exe Skipped by user
9.2.2010 1:41:33 Detected: Packed.Win32.Krap.x C:\Program Files\SPAMfighter\sfagent.exe
9.2.2010 1:41:34 Untreated: Packed.Win32.Krap.x C:\Program Files\SPAMfighter\sfagent.exe Skipped by user
9.2.2010 1:41:34 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Total Video Converter\tvp.exe
9.2.2010 1:41:36 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Total Video Converter\tvp.exe Skipped by user
9.2.2010 1:41:36 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Unlocker\Unlocker.exe
9.2.2010 1:41:37 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Unlocker\Unlocker.exe Skipped by user
9.2.2010 1:41:37 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\WinRAR\WinRAR.exe
9.2.2010 1:41:38 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\WinRAR\WinRAR.exe Skipped by user
9.2.2010 1:41:38 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Windows Media Player\wmplayer.exe
9.2.2010 1:41:40 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Windows Media Player\wmplayer.exe Skipped by user
9.2.2010 1:41:40 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Windows NT\Pinball\PINBALL.EXE
9.2.2010 1:41:44 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\Windows NT\Pinball\PINBALL.EXE
9.2.2010 1:41:44 Disinfected: P2P-Worm.Win32.Polip.a C:\Program Files\Windows NT\Pinball\PINBALL.EXE
9.2.2010 1:41:44 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Womble Multimedia\MPEG Video Wizard DVD\MpegVideoWizard.exe
9.2.2010 1:41:46 Untreated: P2P-Worm.Win32.Polip.a C:\Program Files\Womble Multimedia\MPEG Video Wizard DVD\MpegVideoWizard.exe Skipped by user
9.2.2010 1:41:47 Detected: Packed.Win32.Krap.x C:\Program Files\iTunes\ituneshelper.exe
9.2.2010 1:41:48 Untreated: Packed.Win32.Krap.x C:\Program Files\iTunes\ituneshelper.exe Skipped by user
9.2.2010 1:41:48 Detected: Trojan-Downloader.Win32.Genome.afca C:\Qoobox\Quarantine\C\DOCUME~1\Krylias\LOCALS~1\temp\init.exe.vir
9.2.2010 1:42:33 Deleted: Trojan-Downloader.Win32.Genome.afca C:\Qoobox\Quarantine\C\DOCUME~1\Krylias\LOCALS~1\temp\init.exe.vir
9.2.2010 1:42:33 Detected: P2P-Worm.Win32.Polip.a C:\Qoobox\Quarantine\C\Program Files\Adobe\acrotray .exe.vir
9.2.2010 1:42:42 Untreated: P2P-Worm.Win32.Polip.a C:\Qoobox\Quarantine\C\Program Files\Adobe\acrotray .exe.vir Skipped by user
9.2.2010 1:42:42 Detected: Packed.Win32.Krap.x C:\Qoobox\Quarantine\C\Program Files\Internet Explorer\js.mui.vir
9.2.2010 1:42:56 Deleted: Packed.Win32.Krap.x C:\Qoobox\Quarantine\C\Program Files\Internet Explorer\js.mui.vir
9.2.2010 1:42:56 Detected: P2P-Worm.Win32.Polip.a C:\Qoobox\Quarantine\C\Program Files\Internet Explorer\wmpscfgs.exe.vir
9.2.2010 1:43:02 Disinfected: P2P-Worm.Win32.Polip.a C:\Qoobox\Quarantine\C\Program Files\Internet Explorer\wmpscfgs.exe.vir
9.2.2010 1:43:02 Detected: Packed.Win32.Krap.x C:\Qoobox\Quarantine\C\Program Files\Internet Explorer\wmpscfgs.exe.vir
9.2.2010 1:43:09 Deleted: Packed.Win32.Krap.x C:\Qoobox\Quarantine\C\Program Files\Internet Explorer\wmpscfgs.exe.vir
9.2.2010 1:43:09 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Qoobox\Quarantine\C\WINDOWS\ccdrive32.exe.vir
9.2.2010 1:43:16 Detected: Trojan.Win32.Vilsel.sfj C:\Qoobox\Quarantine\C\WINDOWS\system32\app_dll.dll.vir
9.2.2010 1:43:25 Deleted: Trojan.Win32.Vilsel.sfj C:\Qoobox\Quarantine\C\WINDOWS\system32\app_dll.dll.vir
9.2.2010 1:43:25 Detected: Trojan.Win32.Sasfis.ttz C:\Qoobox\Quarantine\C\WINDOWS\system32\regedit .exe.vir
9.2.2010 1:44:12 Deleted: Trojan.Win32.Sasfis.ttz C:\Qoobox\Quarantine\C\WINDOWS\system32\regedit .exe.vir
9.2.2010 1:44:13 Detected: Trojan-Downloader.Win32.Genome.agvx C:\Qoobox\Quarantine\C\WINDOWS\system32\regedit.exe.vir
9.2.2010 1:44:21 Deleted: Trojan-Downloader.Win32.Genome.agvx C:\Qoobox\Quarantine\C\WINDOWS\system32\regedit.exe.vir
9.2.2010 1:44:21 Detected: Trojan.Win32.Vilsel.shg C:\Qoobox\Quarantine\C\lsass.exe.vir
9.2.2010 1:44:28 Deleted: Trojan.Win32.Vilsel.shg C:\Qoobox\Quarantine\C\lsass.exe.vir
9.2.2010 1:44:28 Detected: Trojan-PSW.Win32.Dybalom.lq C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(2)\RP52\A0008474.exe/data0002
9.2.2010 1:44:37 Deleted: Trojan-PSW.Win32.Dybalom.lq C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(2)\RP52\A0008474.exe
9.2.2010 1:44:37 Detected: Trojan-PSW.Win32.Dybalom.lq C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(2)\RP52\A0008477.exe/data0002
9.2.2010 1:44:46 Deleted: Trojan-PSW.Win32.Dybalom.lq C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(2)\RP52\A0008477.exe
9.2.2010 1:44:46 Detected: Virus.Win32.Induc.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(2)\RP53\A0009916.exe
9.2.2010 1:44:54 Deleted: Virus.Win32.Induc.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(2)\RP53\A0009916.exe
9.2.2010 1:44:54 Detected: Virus.Win32.Induc.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(2)\RP53\A0009920.exe
9.2.2010 1:45:04 Deleted: Virus.Win32.Induc.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(2)\RP53\A0009920.exe
9.2.2010 1:45:04 Detected: Trojan-Downloader.Win32.Adload.lrt C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(3)\RP5\A0027423.CS
9.2.2010 1:45:11 Deleted: Trojan-Downloader.Win32.Adload.lrt C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(3)\RP5\A0027423.CS
9.2.2010 1:45:12 Detected: Trojan-Downloader.Win32.Adload.ibw C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(3)\RP5\A0027424.exe/data0000
9.2.2010 1:45:54 Deleted: Trojan-Downloader.Win32.Adload.ibw C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(3)\RP5\A0027424.exe
9.2.2010 1:45:54 Detected: Trojan-PSW.Win32.Dybalom.aq C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(4)\RP12\A0028092.exe
9.2.2010 1:46:03 Deleted: Trojan-PSW.Win32.Dybalom.aq C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(4)\RP12\A0028092.exe
9.2.2010 1:46:03 Detected: Virus.Win32.Induc.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(5)\RP102\A0058141.exe/PE_Patch/MewBundle/MEW
9.2.2010 1:46:12 Deleted: Virus.Win32.Induc.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(5)\RP102\A0058141.exe
9.2.2010 1:46:14 Detected: HackTool.Win32.PassDic.y C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(5)\RP117\A0058741.exe/data0011
9.2.2010 1:46:24 Deleted: HackTool.Win32.PassDic.y C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}(5)\RP117\A0058741.exe
9.2.2010 1:46:24 Detected: Virus.Win32.Parite.b C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011148.exe
9.2.2010 1:46:26 Disinfected: Virus.Win32.Parite.b C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011148.exe
9.2.2010 1:46:26 Disinfected: Virus.Win32.Parite.b C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011148.exe
9.2.2010 1:46:26 Detected: Virus.Win32.Parite.b C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011149.exe
9.2.2010 1:46:28 Disinfected: Virus.Win32.Parite.b C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011149.exe
9.2.2010 1:46:29 Disinfected: Virus.Win32.Parite.b C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011149.exe
9.2.2010 1:46:30 Detected: Trojan.Win32.VB.msz C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011161.EXE/data0000.cab/dll.exe
9.2.2010 1:46:40 Deleted: Trojan.Win32.VB.msz C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP13\A0011161.EXE
9.2.2010 1:46:40 Detected: Trojan-Dropper.Win32.Clons.dor C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP22\A0015822.exe
9.2.2010 1:46:48 Deleted: Trojan-Dropper.Win32.Clons.dor C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP22\A0015822.exe
9.2.2010 1:46:48 Detected: Trojan-Dropper.Win32.Clons.dor C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP22\A0015940.exe
9.2.2010 1:47:28 Deleted: Trojan-Dropper.Win32.Clons.dor C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP22\A0015940.exe
9.2.2010 1:47:29 Detected: Trojan-Downloader.NSIS.Agent.cn C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016082.exe/data0003/data0001
9.2.2010 1:47:37 Deleted: Trojan-Downloader.NSIS.Agent.cn C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016082.exe
9.2.2010 1:47:37 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016109.exe
9.2.2010 1:47:45 Deleted: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016109.exe
9.2.2010 1:47:45 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016111.exe
9.2.2010 1:47:51 Deleted: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016111.exe
9.2.2010 1:47:51 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016112.exe
9.2.2010 1:47:57 Deleted: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016112.exe
9.2.2010 1:47:57 Detected: Backdoor.Win32.IRCBot.nma C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016113.exe
9.2.2010 1:48:04 Deleted: Backdoor.Win32.IRCBot.nma C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016113.exe
9.2.2010 1:48:04 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016116.exe
9.2.2010 1:48:10 Deleted: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016116.exe
9.2.2010 1:48:10 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016117.exe
9.2.2010 1:48:17 Deleted: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016117.exe
9.2.2010 1:48:17 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016118.exe
9.2.2010 1:48:24 Deleted: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016118.exe
9.2.2010 1:48:24 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016119.exe
9.2.2010 1:49:05 Deleted: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP27\A0016119.exe
9.2.2010 1:49:05 Detected: Backdoor.Win32.IRCBot.nma C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016136.exe
9.2.2010 1:49:12 Deleted: Backdoor.Win32.IRCBot.nma C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016136.exe
9.2.2010 1:49:12 Detected: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016151.exe
9.2.2010 1:49:20 Deleted: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016151.exe
9.2.2010 1:49:20 Detected: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016194.exe
9.2.2010 1:49:27 Deleted: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016194.exe
9.2.2010 1:49:27 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016196.exe
9.2.2010 1:49:37 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016196.exe
9.2.2010 1:49:37 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016197.exe
9.2.2010 1:49:44 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016197.exe
9.2.2010 1:49:44 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016198.exe
9.2.2010 1:49:55 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016198.exe
9.2.2010 1:49:55 Detected: Trojan.Win32.Sasfis.zpx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016200.exe
9.2.2010 1:50:01 Deleted: Trojan.Win32.Sasfis.zpx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016200.exe
9.2.2010 1:50:01 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016201.exe
9.2.2010 1:50:43 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016201.exe
9.2.2010 1:50:43 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016202.exe
9.2.2010 1:50:53 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016202.exe
9.2.2010 1:50:53 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016203.exe
9.2.2010 1:51:02 Deleted: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016203.exe
9.2.2010 1:51:02 Detected: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016204.exe
9.2.2010 1:51:09 Deleted: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016204.exe
9.2.2010 1:51:09 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016206.exe
9.2.2010 1:51:16 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016206.exe
9.2.2010 1:51:16 Detected: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016207.exe
9.2.2010 1:51:22 Deleted: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016207.exe
9.2.2010 1:51:23 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016209.exe
9.2.2010 1:51:30 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016209.exe
9.2.2010 1:51:30 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016210.exe
9.2.2010 1:52:24 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016210.exe
9.2.2010 1:52:24 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016211.exe
9.2.2010 1:52:33 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016211.exe
9.2.2010 1:52:33 Detected: Trojan.Win32.Sasfis.zpx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016212.exe
9.2.2010 1:52:39 Deleted: Trojan.Win32.Sasfis.zpx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016212.exe
9.2.2010 1:52:39 Detected: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016241.exe
9.2.2010 1:52:45 Deleted: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016241.exe
9.2.2010 1:52:45 Detected: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016243.exe
9.2.2010 1:52:52 Deleted: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016243.exe
9.2.2010 1:52:52 Detected: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016244.exe
9.2.2010 1:52:58 Deleted: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016244.exe
9.2.2010 1:52:58 Detected: Trojan.Win32.Sasfis.zpx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016246.exe
9.2.2010 1:53:04 Deleted: Trojan.Win32.Sasfis.zpx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016246.exe
9.2.2010 1:53:04 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016247.exe
9.2.2010 1:53:10 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016247.exe
9.2.2010 1:53:10 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016248.exe
9.2.2010 1:53:16 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016248.exe
9.2.2010 1:53:16 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016250.exe
9.2.2010 1:53:23 Deleted: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016250.exe
9.2.2010 1:53:23 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016254.exe
9.2.2010 1:54:03 Deleted: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016254.exe
9.2.2010 1:54:03 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016255.exe
9.2.2010 1:54:10 Deleted: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016255.exe
9.2.2010 1:54:10 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016262.exe
9.2.2010 1:54:17 Deleted: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016262.exe
9.2.2010 1:54:17 Detected: not-a-virus:AdWare.Win32.EZula.la C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016269.dll
9.2.2010 1:54:26 Deleted: not-a-virus:AdWare.Win32.EZula.la C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016269.dll
9.2.2010 1:54:26 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016270.exe
9.2.2010 1:54:35 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016270.exe
9.2.2010 1:54:35 Detected: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016279.exe
9.2.2010 1:54:42 Deleted: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016279.exe
9.2.2010 1:54:42 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016282.exe
9.2.2010 1:54:49 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016282.exe
9.2.2010 1:54:49 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016284.exe
9.2.2010 1:54:59 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016284.exe
9.2.2010 1:54:59 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016285.exe
9.2.2010 1:55:41 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016285.exe
9.2.2010 1:55:41 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016286.exe
9.2.2010 1:55:49 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016286.exe
9.2.2010 1:55:49 Detected: Trojan-Downloader.Win32.Genome.agvx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016287.exe
9.2.2010 1:56:01 Deleted: Trojan-Downloader.Win32.Genome.agvx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016287.exe
9.2.2010 1:56:01 Detected: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016288.exe
9.2.2010 1:56:07 Deleted: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016288.exe
9.2.2010 1:56:07 Detected: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016289.exe
9.2.2010 1:56:13 Deleted: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016289.exe
9.2.2010 1:56:13 Detected: Trojan-Downloader.Win32.Genome.agvx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016290.exe
9.2.2010 1:56:19 Deleted: Trojan-Downloader.Win32.Genome.agvx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016290.exe
9.2.2010 1:56:19 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016311.exe
9.2.2010 1:56:25 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016311.exe
9.2.2010 1:56:25 Detected: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016312.exe
9.2.2010 1:56:34 Deleted: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016312.exe
9.2.2010 1:56:34 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016330.exe
9.2.2010 1:56:40 Deleted: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016330.exe
9.2.2010 1:56:40 Detected: Trojan.Win32.Sasfis.ttz C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016331.exe
9.2.2010 1:57:26 Deleted: Trojan.Win32.Sasfis.ttz C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016331.exe
9.2.2010 1:57:26 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016332.exe
9.2.2010 1:57:34 Deleted: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016332.exe
9.2.2010 1:57:34 Detected: Backdoor.Win32.IRCBot.nma C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016333.exe
9.2.2010 1:57:43 Deleted: Backdoor.Win32.IRCBot.nma C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016333.exe
9.2.2010 1:57:43 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016338.exe
9.2.2010 1:57:50 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016338.exe
9.2.2010 1:57:50 Detected: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016353.exe
9.2.2010 1:57:57 Deleted: Trojan.Win32.Vilsel.shg C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016353.exe
9.2.2010 1:57:57 Detected: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016354.exe
9.2.2010 1:58:07 Deleted: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016354.exe
9.2.2010 1:58:07 Detected: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016355.exe
9.2.2010 1:58:14 Deleted: P2P-Worm.Win32.Polip.a C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016355.exe
9.2.2010 1:58:14 Detected: Trojan.Win32.Vilsel.sfj C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016357.dll
9.2.2010 1:58:20 Deleted: Trojan.Win32.Vilsel.sfj C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016357.dll
9.2.2010 1:58:20 Detected: Trojan.Win32.Sasfis.ttz C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016360.exe
9.2.2010 1:58:27 Deleted: Trojan.Win32.Sasfis.ttz C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016360.exe
9.2.2010 1:58:27 Detected: Trojan-Downloader.Win32.Genome.agvx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016361.exe
9.2.2010 1:59:14 Deleted: Trojan-Downloader.Win32.Genome.agvx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0016361.exe
9.2.2010 1:59:15 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017373.exe
9.2.2010 1:59:25 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017373.exe
9.2.2010 1:59:25 Detected: Trojan.Win32.Sasfis.zpx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017388.exe
9.2.2010 1:59:32 Deleted: Trojan.Win32.Sasfis.zpx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017388.exe
9.2.2010 1:59:32 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017389.exe
9.2.2010 1:59:38 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017389.exe
9.2.2010 1:59:38 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017390.exe
9.2.2010 1:59:45 Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017390.exe
9.2.2010 1:59:45 Detected: Trojan-Downloader.Win32.Genome.agvx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017391.exe
9.2.2010 1:59:52 Deleted: Trojan-Downloader.Win32.Genome.agvx C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017391.exe
9.2.2010 1:59:52 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017392.exe
9.2.2010 2:00:02 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017393.exe
9.2.2010 2:00:07 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017394.exe
9.2.2010 2:00:12 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017415.exe
9.2.2010 2:00:59 Deleted: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017415.exe
9.2.2010 2:00:59 Detected: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017416.exe
9.2.2010 2:01:11 Deleted: Packed.Win32.Krap.x C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017416.exe
9.2.2010 2:01:11 Detected: Trojan-Downloader.Win32.Genome.abqm C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017418.exe
9.2.2010 2:01:16 Deleted: Trojan-Downloader.Win32.Genome.abqm C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017418.exe
9.2.2010 2:01:17 Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017419.exe
9.2.2010 2:01:22 Detected: Trojan-Dropper.Win32.Clons.dor C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017421.exe
9.2.2010 2:01:26 Deleted: Trojan-Dropper.Win32.Clons.dor C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017421.exe
9.2.2010 2:01:26 Detected: Trojan-Downloader.Win32.FraudLoad.feh C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017426.exe
9.2.2010 2:01:31 Deleted: Trojan-Downloader.Win32.FraudLoad.feh C:\System Volume Information\_restore{B4C567E4-60F1-423B-9166-DBEC7A975B92}\RP28\A0017426.exe
9.2.2010 2:01:31 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\inf\unregmp2.exe
9.2.2010 2:01:42 Disinfected: P2P-Worm.Win32.Polip.a C:\WINDOWS\inf\unregmp2.exe
9.2.2010 2:01:42 Disinfected: P2P-Worm.Win32.Polip.a C:\WINDOWS\inf\unregmp2.exe
9.2.2010 2:01:42 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\regedit.exe
9.2.2010 2:02:35 Task completed
Disinfect active threats: completed 4 minutes ago (events: 17, objects: 2501, time: 00:11:27)
Nahoru
Vlasta333
4. Stupeň Varování
Příspěvky: 73
Registrován: 25 kvě 2008 18:07

Re: Strašná kopa vírusov...

#9 Příspěvek od Vlasta333 »

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Autoscan: completed 16 minutes ago (events: 993, objects: 956252, time: 02:58:26)
Disinfect active threats: completed 4 minutes ago (events: 17, objects: 2501, time: 00:11:27)
9.2.2010 2:02:35 Task started
9.2.2010 2:02:35 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\regedit.exe
9.2.2010 2:03:13 Deleted: P2P-Worm.Win32.Polip.a C:\WINDOWS\regedit.exe
9.2.2010 2:03:26 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\System32\wbem\wmiprvse.exe
9.2.2010 2:03:31 Disinfection on system restart failed: P2P-Worm.Win32.Polip.a C:\WINDOWS\System32\wbem\wmiprvse.exe
9.2.2010 2:03:39 Will be deleted on system restart: P2P-Worm.Win32.Polip.a C:\WINDOWS\System32\wbem\wmiprvse.exe
9.2.2010 2:03:40 Detected: Packed.Win32.Krap.x C:\WINDOWS\System32\ctfmon.exe
9.2.2010 2:04:21 Deleted: Packed.Win32.Krap.x C:\WINDOWS\System32\ctfmon.exe
9.2.2010 2:04:21 Detected: Packed.Win32.Krap.x C:\Program Files\Google\GoogleToolbarNotifier\googletoolbarnotifier.exe
9.2.2010 2:04:26 Untreated: Packed.Win32.Krap.x C:\Program Files\Google\GoogleToolbarNotifier\googletoolbarnotifier.exe Skipped by user
9.2.2010 2:04:27 Detected: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\wmpscfgs.exe
9.2.2010 2:04:56 Disinfection on system restart failed: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\wmpscfgs.exe
9.2.2010 2:05:36 Will be deleted on system restart: P2P-Worm.Win32.Polip.a C:\Program Files\Internet Explorer\wmpscfgs.exe
9.2.2010 2:05:59 Detected: P2P-Worm.Win32.Polip.a C:\WINDOWS\System32\mshta.exe
9.2.2010 2:13:47 Deleted: P2P-Worm.Win32.Polip.a C:\WINDOWS\System32\mshta.exe
9.2.2010 2:13:47 Deleted: P2P-Worm.Win32.Polip.a C:\WINDOWS\System32\mshta.exe
9.2.2010 2:14:02 Task completed

Táto ikona je vlastne vírus - napadol mi mnoho programov - po preinštalovaní však fungujú.

Obrázek

Je to virut ? :roll:

Ďakujem za rady :arcisit: :(
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Strašná kopa vírusov...

#10 Příspěvek od motji »

:boxed: :boxed: Nevím jestli to je virut, ale nějaký fileinfector tam bude. Ale jinak tam máte plno různé havěti :arcisit: . Takže se opravdu rozmyslete, zda to zformátujete, a pokud ano, tak hned! Nevím co všechno je napadeno, můžeme počítač vyčistit, ale infekce se bude šířit dál.
:arrow: klikněte mi v podpisu na SVI a vypněte obnovu systému.
:arrow: otestujte na www.virustotal.com
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
c:\windows\system32\spoolsv.exe
c:\windows\system32\svchost.exe
c:\windows\system32\winlogon.exe
c:\windows\explorer.exe
c:\windows\system32\services.exe

Uvidíme které antiviry vir detekuji.
:arrow:
Co máte na druhém disku? Máte tam i exe soubory? AVPtool skenoval i tento disk? Ted na něj rozhodně nic neukládejte, at si soubory také nenakazíte.
Tak mi napište, jestli mám chystat skript na vyčištění, nebo to zformátujete. Ale asi bych Vám doporučila ten formát. Systém může být pěkně nakopnutý.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Vlasta333
4. Stupeň Varování
Příspěvky: 73
Registrován: 25 kvě 2008 18:07

Re: Strašná kopa vírusov...

#11 Příspěvek od Vlasta333 »

Srdečne teda DĚKUJI ! Idem na to.
ÁNO - mám aj na disku D exe súbory,ale tak zatiaľ dúfam,že tie poškodené nie sú :(
Mám tam všetok SW ktorý používam pri práci.
AVPTool skenoval aj ten oddiel.Nasiel aj v nich nieco, ale to bolo ciste - skontrolovane uz davno predtym a tak som to nedaval vymazat.
Idem teda naformátovať tú partíciu C a dúfať,že sa tie mrchy nerozliezli aj na D partíciu...

ĎAKUJEM ! :wink: :closed:
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Strašná kopa vírusov...

#12 Příspěvek od motji »

Já bych ale potřebovala ještě otestovat ty soubory, co jsem psala..už proto, abychom věděli, které antiviry viry detekují, a mohli pak zkontrolovat ten druhý disk.
I po reinstalu totiž není vyhráno, aby se nerozšířili právě z druhíého disku :arcisit:

A přečtěte si sz :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Vlasta333
4. Stupeň Varování
Příspěvky: 73
Registrován: 25 kvě 2008 18:07

Re: Strašná kopa vírusov...

#13 Příspěvek od Vlasta333 »

motji píše:Já bych ale potřebovala ještě otestovat ty soubory, co jsem psala..už proto, abychom věděli, které antiviry viry detekují, a mohli pak zkontrolovat ten druhý disk.
I po reinstalu totiž není vyhráno, aby se nerozšířili právě z druhého disku :arcisit:

A přečtěte si sz :)
No jo - milá "Motji" - mali ste svätú pravdu !!!

To bola teda fuška ! To Vám teda poviem ! Tie červy sa mi vskutku zaryli aj do druhej partície a napadli takmer všetky EXE súbory!
Po preformátovaní systémového oddielu som išiel z druhej partície inštalovať driver k zvukovke a už v ňom bol vírus.
Pliaga odporná ! Takisto aj grafika ... Potom som otestoval ostatné súbory a bolo ich cca 70-80% nakazených.
Takže formát komplet :boxed: :?:
Spravil som však aspoň zálohu na sieťový disk z ktorého to pomaličky obnovujem a čistím...
V živote som už natrafil na kadejakú zgerbu - toto bolo však nad moje nervy a vlastne aj schopnosti.
Ďakujem - viac takisto v SZ :worship: :closed:
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Strašná kopa vírusov...

#14 Příspěvek od motji »

Není zač :)

:arrow: Ještě tu vložte pro jistotu log ze Rsitu
:arrow: proskenujte všechny disky a flešky postupně Avptoolem, webcureitem, mwawem..třeba ob 2dny.
Bohužel stačí 1 napadený soubor a je to zpět :( .

Dobrou noc :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“