Win32:Trojan-gen + Spyware

FABROS · Příspěvekod **FABROS** » 10 srp 2006 11:40

Logfile of HijackThis v1.99.1
Scan saved at 11:39:18, on 10.8.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Honzik\LOCALS~1\Temp\mexe.com
C:\DOCUME~1\Honzik\LOCALS~1\Temp\kavss.exe
C:\hak\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.5:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O1 - Hosts: localhost 127.0.0.1
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\MSDXM.OCX
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{19A18288-9FD6-4FD7-B4DF-7165428F1528}: NameServer = 85.255.115.238,85.255.112.216
O17 - HKLM\System\CCS\Services\Tcpip\..\{67172102-A75C-4275-A62E-C7FE13DA02E2}: NameServer = 85.255.115.238,85.255.112.216
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.238 85.255.112.216
O17 - HKLM\System\CS1\Services\Tcpip\..\{19A18288-9FD6-4FD7-B4DF-7165428F1528}: NameServer = 85.255.115.238,85.255.112.216
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.238 85.255.112.216
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe

Reklama

FABROS · Příspěvekod **FABROS** » 10 srp 2006 11:42

MWAV LOG
Thu Aug 10 11:37:43 2006 => **********************************************************
Thu Aug 10 11:37:43 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Thu Aug 10 11:37:43 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc.
Thu Aug 10 11:37:43 2006 => **********************************************************
Thu Aug 10 11:37:43 2006 => Source: C:\hak\mwav.exe
Thu Aug 10 11:37:43 2006 => Version 8.5.1 (C:\DOCUME~1\Honzik\LOCALS~1\Temp\mexe.com)
Thu Aug 10 11:37:43 2006 => Log File: C:\DOCUME~1\Honzik\LOCALS~1\Temp\MWAV.LOG
Thu Aug 10 11:37:43 2006 => Last Scan Date and Time: 10.08.2006 11:34:29
Thu Aug 10 11:37:43 2006 => MWAV Registered: FALSE.
Thu Aug 10 11:37:43 2006 => User Account: Honzik
Thu Aug 10 11:37:43 2006 => OS Type: Windows Workstation
Thu Aug 10 11:37:43 2006 => OS: Windows XP
Thu Aug 10 11:37:43 2006 => Ver: Service Pack 2 (Build 2600)
Thu Aug 10 11:37:43 2006 => Windows Root Folder: C:\WINDOWS
Thu Aug 10 11:37:43 2006 => Windows Sys32 Folder: C:\WINDOWS\system32
Thu Aug 10 11:37:43 2006 => Local Fixed Drives: c:\
Thu Aug 10 11:37:43 2006 => MWAV Mode: Only Scan files.

Thu Aug 10 11:38:05 2006 => Options Selected by User:
Thu Aug 10 11:38:05 2006 => Memory Check: Enabled
Thu Aug 10 11:38:05 2006 => Registry Check: Enabled
Thu Aug 10 11:38:05 2006 => StartUp Folder Check: Enabled
Thu Aug 10 11:38:05 2006 => System Folder Check: Enabled
Thu Aug 10 11:38:05 2006 => System Area Check: Disabled
Thu Aug 10 11:38:05 2006 => Services Check: Enabled
Thu Aug 10 11:38:05 2006 => Drive Check Option Disabled
Thu Aug 10 11:38:05 2006 => Folder Check: Disabled

Thu Aug 10 11:38:06 2006 => ***** Scanning Memory Files *****
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\System32\smss.exe
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\ntdll.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\basesrv.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\winsrv.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\USER32.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\KERNEL32.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\GDI32.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\sxs.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\RPCRT4.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\Apphelp.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\VERSION.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\AUTHZ.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\msvcrt.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\CRYPT32.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\MSASN1.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\NDdeApi.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\PROFMAP.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\NETAPI32.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\USERENV.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\PSAPI.DLL
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\REGAPI.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\Secur32.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\WINSTA.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\WINTRUST.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\WS2_32.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\WS2HELP.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\MSGINA.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll
Thu Aug 10 11:38:06 2006 => Scanning File C:\WINDOWS\system32\COMCTL32.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\ODBC32.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\comdlg32.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\odbcint.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\SHSVCS.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\sfc.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\sfc_os.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\ole32.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\WINSCARD.DLL
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\uxtheme.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\WINMM.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\cscdll.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\rsaenh.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\MPR.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\SAMLIB.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\msv1_0.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\iphlpapi.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\cscui.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\xpsp2res.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\WLDAP32.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\wdmaud.drv
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\msacm32.drv
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\MSACM32.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\midimap.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\COMRes.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\services.exe
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\SCESRV.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\MSVCP60.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\ShimEng.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\AppPatch\AcGenral.DLL
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\eventlog.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\lsass.exe
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\LSASRV.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\SAMSRV.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\cryptdll.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\DNSAPI.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\msprivs.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\kerberos.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\netlogon.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\w32time.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\schannel.dll
Thu Aug 10 11:38:07 2006 => Scanning File C:\WINDOWS\system32\wdigest.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\scecli.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\ipsecsvc.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\oakley.DLL
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\WINIPSEC.DLL
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\mswsock.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\hnetcfg.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\wshtcpip.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\pstorsvc.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\psbase.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\dssenh.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\rpcss.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\msi.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\termsrv.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\ICAAPI.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\mstlsapi.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\ACTIVEDS.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\adsldpc.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\ATL.DLL
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\winrnr.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\rasadhlp.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\dhcpcsvc.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\wzcsvc.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\rtutils.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\WMI.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\ESENT.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\rastls.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\CRYPTUI.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\WININET.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\MPRAPI.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\RASAPI32.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\rasman.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\TAPI32.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\raschap.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\schedsvc.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\MSIDLE.DLL
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\audiosrv.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\wkssvc.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\qmgr.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\SHFOLDER.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\WINHTTP.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\cryptsvc.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\certcli.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\dmserver.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\ersvc.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\es.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\pchealth\helpctr\binaries\pchsvc.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\srvsvc.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\seclogon.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\sens.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\srsvc.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\POWRPROF.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\trkwks.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\wbem\wmisvc.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\wscsvc.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\netshell.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\credui.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\wuauserv.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\wuaueng.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\ADVPACK.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\Cabinet.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\mspatcha.dll
Thu Aug 10 11:38:08 2006 => Scanning File c:\windows\system32\browser.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\wbem\wbemcomn.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\Wbem\wbemcore.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\Wbem\esscli.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\Wbem\FastProx.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\wbem\wmiutils.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\wbem\repdrvfs.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\System32\wbem\wmiprvsd.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\comsvcs.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\MTXCLU.DLL
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\WSOCK32.dll
Thu Aug 10 11:38:08 2006 => Scanning File C:\WINDOWS\system32\colbact.DLL
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\CLUSAPI.DLL
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\RESUTILS.DLL
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\wbem\wbemess.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\wbem\ncprov.dll
Thu Aug 10 11:38:09 2006 => Scanning File c:\windows\system32\tapisrv.dll
Thu Aug 10 11:38:09 2006 => Scanning File c:\windows\system32\rasmans.dll
Thu Aug 10 11:38:09 2006 => Scanning File c:\windows\system32\netcfgx.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\rastapi.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\unimdm.tsp
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\uniplat.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\kmddsp.tsp
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\ndptsp.tsp
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\ipconf.tsp
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\h323.tsp
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\hidphone.tsp
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\HID.DLL
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\rasppp.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\ntlsapi.dll
Thu Aug 10 11:38:09 2006 => Scanning File c:\windows\system32\netman.dll
Thu Aug 10 11:38:09 2006 => Scanning File c:\windows\system32\WZCSAPI.DLL
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\upnp.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\SSDPAPI.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\RASDLG.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\wups.dll
Thu Aug 10 11:38:09 2006 => Scanning File c:\windows\system32\dnsrslvr.dll
Thu Aug 10 11:38:09 2006 => Scanning File c:\windows\system32\lmhsvc.dll
Thu Aug 10 11:38:09 2006 => Scanning File c:\windows\system32\webclnt.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\urlmon.dll
Thu Aug 10 11:38:09 2006 => Scanning File c:\windows\system32\regsvc.dll
Thu Aug 10 11:38:09 2006 => Scanning File c:\windows\system32\ssdpsrv.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\Explorer.EXE
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\BROWSEUI.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\SHDOCVW.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\themeui.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\MSIMG32.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\ACTXPRXY.DLL
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\msutb.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\MSCTF.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\LINKINFO.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\ctagent.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\stobject.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\BatMeter.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\shdoclc.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\drprov.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\ntlanman.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\NETUI0.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\NETUI1.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\NETRAP.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\System32\davclnt.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\browselc.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\ActiveX\ACROIE~1.DLL
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\MSVCR71.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\DUSER.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\PROGRA~1\MICROS~2\Office10\msohev.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\ActiveX\PDFShell.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\cryptnet.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\SensApi.dll
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\SPOOLSS.DLL
Thu Aug 10 11:38:09 2006 => Scanning File C:\WINDOWS\system32\localspl.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\cnbjmon.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\pjlmon.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\tcpmon.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\usbmon.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\win32spl.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\inetpp.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\CTHELPER.EXE
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\MSVCP71.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\dbghelp.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\Czech\Base.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\Czech\Lang.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\MFC71.DLL
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll
Thu Aug 10 11:38:10 2006 => Scanning File c:\PROGRA~1\ALWILS~1\avast4\ahruimai.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll
Thu Aug 10 11:38:10 2006 => Scanning File c:\PROGRA~1\ALWILS~1\avast4\ahruimes.dll
Thu Aug 10 11:38:10 2006 => Scanning File c:\PROGRA~1\ALWILS~1\avast4\ahruins.dll
Thu Aug 10 11:38:10 2006 => Scanning File c:\PROGRA~1\ALWILS~1\avast4\ahruiout.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\MAPI32.dll
Thu Aug 10 11:38:10 2006 => Scanning File c:\PROGRA~1\ALWILS~1\avast4\ahruip2p.dll
Thu Aug 10 11:38:10 2006 => Scanning File c:\PROGRA~1\ALWILS~1\avast4\ahruistd.dll
Thu Aug 10 11:38:10 2006 => Scanning File c:\PROGRA~1\ALWILS~1\avast4\ahruiws.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnd.exe
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\HEWLET~1\HPSHAR~1\S2WNSRES.DLL
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\HEWLET~1\HPSHAR~1\HPGS2W~1.DLL
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\HEWLET~1\DIGITA~1\Unload\hpqcmon.exe
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\MFC42.DLL
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\MFC42LOC.DLL
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\HEWLET~1\DIGITA~1\Unload\HpqUnRes.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\HpqUtil.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZR3205.DLL
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ICQLite\ICQLite.exe
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ICQLite\ICQRT.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ICQLite\LITESK~1.DLL
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ICQLite\ICQLSRP.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ICQLite\EMOEXT~1.DLL
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\OLEPRO32.DLL
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\Icmp.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ICQLite\LiteRes.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\System32\msxml3.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ICQLite\MISB.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\WINDOWS\system32\mlang.dll
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ICQLite\actskin4.ocx
Thu Aug 10 11:38:10 2006 => Scanning File C:\PROGRA~1\ICQLite\LiteUtil.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\RICHED32.DLL
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\RICHED20.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\asycfilt.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\System32\mshtml.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\System32\msls31.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\System32\msimtf.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\System32\jscript.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\IMM32.DLL
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\devenum.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\msdmo.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\Macromed\Common\SwSupport.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\System32\vbscript.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\dxtrans.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\System32\ddrawex.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\System32\DDRAW.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\System32\DCIMAN32.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\dxtmsft.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\System32\iepeers.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\ImgUtil.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\System32\pngfilt.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\plugin.ocx
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\ctfmon.exe
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\aswUpdSv.exe
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\ashServ.exe
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\aswEngin.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\aswScan.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\aswInteg.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\aswIdle.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\UNACEV2.DLL
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\AhResMai.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\ahResMes.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\AhResNS.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\AhResOut.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\ahResP2P.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\AhResStd.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\AhResWS.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\ashSSqlt.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\perfos.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\System32\CTsvcCDA.exe
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\nvsvc32.exe
Thu Aug 10 11:38:11 2006 => Scanning File c:\windows\system32\wiaservc.dll
Thu Aug 10 11:38:11 2006 => Scanning File c:\windows\system32\CFGMGR32.dll
Thu Aug 10 11:38:11 2006 => Scanning File c:\windows\system32\mscms.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\wdfmgr.exe
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\System32\MsPMSPSv.exe
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\ashMaiSv.exe
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\Czech\langmai.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\ashWebSv.exe
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\security.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\ashWsFtr.dll
Thu Aug 10 11:38:11 2006 => Scanning File C:\WINDOWS\system32\OLEACC.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\wscntfy.exe
Thu Aug 10 11:38:12 2006 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe
Thu Aug 10 11:38:12 2006 => Scanning File C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\yt.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\System32\mshtmled.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\DOCUME~1\Honzik\LOCALS~1\Temp\mexe.com
Thu Aug 10 11:38:12 2006 => Scanning File C:\DOCUME~1\Honzik\LOCALS~1\Temp\msvlclnt.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\DOCUME~1\Honzik\LOCALS~1\Temp\kavssdi.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\DOCUME~1\Honzik\LOCALS~1\Temp\kavssd.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\DOCUME~1\Honzik\LOCALS~1\Temp\kavssi.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\DOCUME~1\Honzik\LOCALS~1\Temp\ipc.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\DOCUME~1\Honzik\LOCALS~1\Temp\PSAPI.DLL
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\VDMDBG.DLL
Thu Aug 10 11:38:12 2006 => Scanning File C:\DOCUME~1\Honzik\LOCALS~1\Temp\kavss.exe
Thu Aug 10 11:38:12 2006 => Scanning File C:\DOCUME~1\Honzik\LOCALS~1\Temp\kavss.dll

Thu Aug 10 11:38:12 2006 => ***** Scanning Registry Files *****

Thu Aug 10 11:38:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\System32\stobject.dll

Thu Aug 10 11:38:12 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

Thu Aug 10 11:38:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension

Thu Aug 10 11:38:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
Thu Aug 10 11:38:12 2006 => Scanning File C:\PROGRA~1\ICQTOO~1\toolbaru.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\yt.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\MSDXM.OCX

Thu Aug 10 11:38:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
Thu Aug 10 11:38:12 2006 => {02478D38-C3F9-4EFB-9B51-7695ECA05670} = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\yt.dll
Thu Aug 10 11:38:12 2006 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\ActiveX\ACROIE~1.DLL

Thu Aug 10 11:38:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\System32\browseui.dll

Thu Aug 10 11:38:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\mmsys.cpl
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\icmui.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\rshx32.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\docprop.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\System32\themeui.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\deskadp.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\deskmon.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\dssec.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\SlayerXP.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\shscrap.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\diskcopy.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\ntlanui2.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\System32\icmui.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\icmui.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\printui.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\dskquoui.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\syncui.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\System32\hticons.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\fontext.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\icmui.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\rshx32.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\deskperf.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\cryptext.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\cryptext.dll
Thu Aug 10 11:38:12 2006 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\remotepg.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\wshext.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\PROGRA~1\COMMON~1\System\OLEDB~1\oledb32.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\mstask.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\mstask.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\mstask.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\sendmail.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\sendmail.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\occache.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\cdfview.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\cdfview.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\cdfview.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\cdfview.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\cdfview.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\msieftp.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\dsquery.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\dsquery.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\dsquery.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\dsquery.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\dsuiext.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\dsuiext.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\mydocs.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\mydocs.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\mydocs.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\msagent\agentpsh.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\dfsshlex.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\photowiz.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\mmcshext.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\cabview.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\wabfind.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\twext.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\twext.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\System32\extmgr.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\nvcpl.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\nvcpl.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\nvshell.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\nvshell.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\nvshell.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\Audiodev.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\Audiodev.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\PROGRA~1\WinRAR\rarext.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\PROGRA~1\ICQLite\ICQLIT~1.DLL
Thu Aug 10 11:38:13 2006 => Scanning File C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
Thu Aug 10 11:38:13 2006 => Scanning File C:\PROGRA~1\MICROS~2\Office10\OLKFSTUB.DLL
Thu Aug 10 11:38:13 2006 => Scanning File C:\PROGRA~1\MICROS~2\Office10\msohev.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\ashShell.dll

Thu Aug 10 11:38:13 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Thu Aug 10 11:38:13 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\Explorer.exe
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\userinit.exe
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\gptext.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\fdeploy.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\dskquota.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\gptext.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\gptext.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\iedkcs32.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\scecli.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\iedkcs32.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\scecli.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\appmgmts.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\gptext.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\crypt32.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\cryptnet.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\cscdll.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\sclgntfy.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll

Thu Aug 10 11:38:13 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Thu Aug 10 11:38:13 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

Thu Aug 10 11:38:13 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Thu Aug 10 11:38:13 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AEDEBUG
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\drwtsn32.exe

Thu Aug 10 11:38:13 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
Thu Aug 10 11:38:13 2006 => Scanning File C:\WINDOWS\system32\ntsd.exe

Thu Aug 10 11:38:14 2006 => Scanning HKCU\Control Panel\Desktop
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\fish.scr

Thu Aug 10 11:38:14 2006 => Scanning HKLM\SYSTEM\CurrentControlSet\Control\WOW
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\ntvdm.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\ntvdm.exe

Thu Aug 10 11:38:14 2006 => Scanning HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\inf\unregmp2.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\shmgrate.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\RunDLL32.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\shmgrate.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\ie4uinit.exe

Thu Aug 10 11:38:14 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Thu Aug 10 11:38:14 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Thu Aug 10 11:38:14 2006 => Scanning HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Run

Thu Aug 10 11:38:14 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Run

Thu Aug 10 11:38:14 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\CTHELPER.EXE
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\UpdReg.EXE
Thu Aug 10 11:38:14 2006 => Scanning File C:\PROGRA~1\Creative\SBLive\PROGRAM\ADGJDet.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\PROGRA~1\Creative\SPLASH~1\CTEaxSpl.EXE
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\RUNDLL32.EXE
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\nwiz.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\RUNDLL32.EXE
Thu Aug 10 11:38:14 2006 => Scanning File C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnd.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\PROGRA~1\HEWLET~1\DIGITA~1\Unload\hpqcmon.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\PROGRA~1\ICQLite\ICQLite.exe
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\dumprep.exe

Thu Aug 10 11:38:14 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Thu Aug 10 11:38:14 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Thu Aug 10 11:38:14 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Thu Aug 10 11:38:14 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce

Thu Aug 10 11:38:14 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\system32\ctfmon.exe

Thu Aug 10 11:38:14 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Thu Aug 10 11:38:14 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Thu Aug 10 11:38:14 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Thu Aug 10 11:38:14 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Setup

Thu Aug 10 11:38:14 2006 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\System32\CTFMON.EXE

Thu Aug 10 11:38:14 2006 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Thu Aug 10 11:38:14 2006 => Scanning HKCR\txtfile\shell\open\command

Thu Aug 10 11:38:14 2006 => Scanning HKCR\comfile\shell\open\command

Thu Aug 10 11:38:14 2006 => Scanning HKCR\exefile\shell\open\command

Thu Aug 10 11:38:14 2006 => Scanning HKCR\dllfile\shell\open\command

Thu Aug 10 11:38:14 2006 => Scanning HKCR\batfile\shell\open\command

Thu Aug 10 11:38:14 2006 => Scanning HKCR\piffile\shell\open\command

Thu Aug 10 11:38:14 2006 => Scanning HKCR\scrfile\shell\open\command

Thu Aug 10 11:38:14 2006 => Scanning HKCR\scrfile\shell\config\command

Thu Aug 10 11:38:14 2006 => Scanning HKCR\regfile\shell\open\command

Thu Aug 10 11:38:14 2006 => Scanning HKCR\htmlfile\shell\open\command
Thu Aug 10 11:38:14 2006 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe

Thu Aug 10 11:38:14 2006 => Scanning HKCR\htafile\shell\open\command
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\System32\mshta.exe

Thu Aug 10 11:38:14 2006 => Scanning HKCR\jsfile\shell\open\command
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Thu Aug 10 11:38:14 2006 => Scanning HKCR\jsefile\shell\open\command
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Thu Aug 10 11:38:14 2006 => Scanning HKCR\vbsfile\shell\open\command
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Thu Aug 10 11:38:14 2006 => Scanning HKCR\vbefile\shell\open\command
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Thu Aug 10 11:38:14 2006 => Scanning HKCR\wshfile\shell\open\command
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Thu Aug 10 11:38:14 2006 => Scanning HKCR\wsffile\shell\open\command
Thu Aug 10 11:38:14 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Thu Aug 10 11:38:14 2006 => ***** Scanning StartUp Folders *****

Thu Aug 10 11:38:14 2006 => ***** Scanning C:\Documents and Settings\Honzik\Nabídka Start\Programy\Po spuštění Folder *****
Thu Aug 10 11:38:14 2006 => Scanning Folder: C:\Documents and Settings\Honzik\Nabídka Start\Programy\Po spuštění\*.*
Thu Aug 10 11:38:14 2006 => Scanning File C:\Documents and Settings\Honzik\Nabídka Start\Programy\Po spuštění\desktop.ini

Thu Aug 10 11:38:14 2006 => ***** Scanning C:\Documents and Settings\Honzik\Plocha Folder *****
Thu Aug 10 11:38:14 2006 => Scanning Folder: C:\Documents and Settings\Honzik\Plocha\*.*
Thu Aug 10 11:38:14 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\CCleaner.lnk
Thu Aug 10 11:38:14 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Creative Surround Mixer.lnk
Thu Aug 10 11:38:14 2006 => Scanning Folder: C:\Documents and Settings\Honzik\Plocha\hity\*.*
Thu Aug 10 11:38:14 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\hity\0330e7d64fdc0816abcd33dcc2f95aa4Bob_Sinclair_feat._Gary_Nesta_Pine_-_Love_Generation.mp3
Thu Aug 10 11:38:14 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\hity\20=2D=20Starosta=2Emp3-=.mp3
Thu Aug 10 11:38:14 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\hity\cimtoje.mp3
Thu Aug 10 11:38:14 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\hity\Desktop.ini
Thu Aug 10 11:38:14 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\hity\Karmah - Just Be Good To Me.mp3
Thu Aug 10 11:38:14 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\hity\Kovarna-10.mp3
Thu Aug 10 11:38:14 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\hity\Peha-Za-Tebou.mp3
Thu Aug 10 11:38:14 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\HLSW.lnk
Thu Aug 10 11:38:14 2006 => Scanning Folder: C:\Documents and Settings\Honzik\Plocha\Honza\*.*
Thu Aug 10 11:38:14 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\,-.doc
Thu Aug 10 11:38:14 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\Audiograbber.lnk
Thu Aug 10 11:38:14 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\BSINSTALL.exe
Thu Aug 10 11:38:16 2006 => File C:\Documents and Settings\Honzik\Plocha\Honza\BSINSTALL.exe tagged as "not-a-virus:AdWare.Win32.180Solutions.ao". Action Taken: No Action Taken.

Thu Aug 10 11:38:16 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\Call_of_Duty_Keygen.zip
Thu Aug 10 11:38:16 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\Desktop.ini
Thu Aug 10 11:38:16 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\fd.doc
Thu Aug 10 11:38:16 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\ggmm.rar
Thu Aug 10 11:38:16 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\hry.txt
Thu Aug 10 11:38:16 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\hudba.txt
Thu Aug 10 11:38:16 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\lucka výlet.wmv
Thu Aug 10 11:38:16 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\m,.doc
Thu Aug 10 11:38:16 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\Malování 2.doc
Thu Aug 10 11:38:16 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\Malování.doc
Thu Aug 10 11:38:17 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\Mixcraft.lnk
Thu Aug 10 11:38:17 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\Nový objekt - Dokument aplikace Microsoft Word (2).doc
Thu Aug 10 11:38:17 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\programy.txt
Thu Aug 10 11:38:17 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\Pískoviště 2.bmp
Thu Aug 10 11:38:17 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\Pískoviště 3.bmp
Thu Aug 10 11:38:17 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\Pískoviště 3.psd
Thu Aug 10 11:38:17 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\Pískoviště.bmp
Thu Aug 10 11:38:17 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\SmitfraudFix.exe
Thu Aug 10 11:38:17 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\Thumbs.db
Thu Aug 10 11:38:17 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\vng-lotrme.exe
Thu Aug 10 11:38:18 2006 => Scanning Folder: C:\Documents and Settings\Honzik\Plocha\Honza\x\*.*
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\x\Nový objekt - Dokument aplikace Microsoft Word.doc
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\x\P1013554.JPG
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\x\P1013556.JPG
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\x\P1013558.JPG
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\x\P1013560.JPG
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\x\P1013562.JPG
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\x\P1013563.JPG
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\x\P1013564.JPG
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\x\Thumbs.db
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\Zástupce - Mp3Decode.lnk
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\Honza\životopis.doc
Thu Aug 10 11:38:18 2006 => Scanning Folder: C:\Documents and Settings\Honzik\Plocha\lucík\*.*
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Desktop.ini
Thu Aug 10 11:38:18 2006 => Scanning Folder: C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\*.*
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Desktop.ini
Thu Aug 10 11:38:18 2006 => Scanning Folder: C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Dokumentace Lucik\*.*
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Dokumentace Lucik\Azyl Buss.doc
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Dokumentace Lucik\Charita Bohumín MSK.doc
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Dokumentace Lucik\Milek - potvrzení příjmu 3Q-2006.doc
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Dokumentace Lucik\T-Mobile.doc
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Dokumentace Lucik\Životopis.doc
Thu Aug 10 11:38:18 2006 => Scanning Folder: C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Hry Lucik\*.*
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Hry Lucik\AirXonix.lnk
Thu Aug 10 11:38:18 2006 => Scanning Folder: C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Kombinace spoření\*.*
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Kombinace spoření\Kapitálové životní pojištění.xls
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Kombinace spoření\Penzijní fond.xls
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Kombinace spoření\Program daňových úlev.xls
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Kombinace spoření\Propočet výhod SS.xls
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Kombinace spoření\Stavební spoření Honzík.xls
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Kombinace spoření\Stavební spoření.xls
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Kombinace spoření\Uzavřené smlouvy, body, Kč.xls
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\Kombinace spoření\Verči otázky k stavebnímu spoření.doc
Thu Aug 10 11:38:18 2006 => Scanning Folder: C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\NOTY LUCÍK 2\*.*
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\NOTY LUCÍK 2\Antifona - Kristus vítězí.doc
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\NOTY LUCÍK 2\Bílá sobota.doc
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\NOTY LUCÍK 2\Everything i do for you - svatba.doc
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\NOTY LUCÍK 2\Květná neděle.doc
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\NOTY LUCÍK 2\Nebeští kavalérové.doc
Thu Aug 10 11:38:18 2006 => Scanning Folder: C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\NOTY LUCÍK 2\noteditor\*.*
Thu Aug 10 11:38:18 2006 => Scanning Folder: C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\NOTY LUCÍK 2\noteditor\data\*.*
Thu Aug 10 11:38:18 2006 => Scanning Folder: C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\NOTY LUCÍK 2\noteditor\data\bmps\*.*
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\NOTY LUCÍK 2\noteditor\data\bmps\add_nota.bmp
Thu Aug 10 11:38:18 2006 => Scanning File C:\Documents and Settings\Honzik\Plocha\lucík\Lucinčiné\NOTY LUCÍK 2\noteditor\data\bmps\add_pause.bmp
Thu A

FABROS · Příspěvekod **FABROS** » 10 srp 2006 11:45

A TY IP ADRESY NEZNÁM A OHLEDNĚ VZKAZU PRO MĚHO POSKYTOVATELE,CO MÁM PŘENĚ ŘÍCT,JÁ SE VTOM MOC NEVYZNÁM

Příspěvekod **fredik** » 10 srp 2006 12:40

Aha, ja ti to tam blbě napsal ten log si sem nemusel vkládat stačilo si ho uložit a nechat na disku. Bylo by dobré sem vložit výsledek testu (jako minule) jestli ti něco našel.

Zeptej se ho na nastavení DNS servru.
(Měly by to bý dvě IP adresy, primární DNS a sekundární DNS), ale je taky možnost že nastavení DNS servru si měl nastavenou na automatickou.

FABROS · Příspěvekod **FABROS** » 23 srp 2006 13:40

Konečně jsem dostal odpověď moc se v ní navyznám,tak vám ji jen kopíruju.

zdravim
pokud nemate nastavene dns servry tak by mely byt
primarni 192.168.1.5
sekundarni 212.47.0.4

sakiri · Příspěvekod **sakiri** » 23 srp 2006 13:51

Restartu PC do nouzového režimu ve kterém ani na okamžik nespouštěj zadny prohlizec Internetu.
pak spusť HJT a v HJT Fixni:
O1 - Hosts: localhost 127.0.0.1
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O17 - HKLM\System\CCS\Services\Tcpip\..\{19A18288-9FD6-4FD7-B4DF-7165428F1528}: NameServer = 85.255.115.238,85.255.112.216
O17 - HKLM\System\CCS\Services\Tcpip\..\{67172102-A75C-4275-A62E-C7FE13DA02E2}: NameServer = 85.255.115.238,85.255.112.216
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.238 85.255.112.216
O17 - HKLM\System\CS1\Services\Tcpip\..\{19A18288-9FD6-4FD7-B4DF-7165428F1528}: NameServer = 85.255.115.238,85.255.112.216
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.238 85.255.112.216

Poté restartuj PC a hod sem nový log + výsledky MWAV scanu

FABROS · Příspěvekod **FABROS** » 24 srp 2006 09:48

VIRUS LOG INFORMATION-

File C:\Documents and Settings\Honzik\Plocha\Honza\BSINSTALL.exe tagged as "not-a-virus:AdWare.Win32.180Solutions.ao". Action Taken: No Action Taken.
File C:\Documents and Settings\Honzik\Plocha\Honza\SmitfraudFix.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.
Object "whenu.savenow Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "wareout Adware" found in File System! Action Taken: No Action Taken.
Object "wareout Adware" found in File System! Action Taken: No Action Taken.
Object "Wareout adware" found in File System! Action Taken: No Action Taken.
Object "UnSpyPC adware" found in File System! Action Taken: No Action Taken.
Object "whenu.weathercast Spyware/Adware" found in File System! Action Taken: No Action Taken.
Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object ""D:\data\cdw32.exe"". Action Taken: No Action Taken.
File C:\WINDOWS\63i0oeol.exe infected by "Trojan-Downloader.Win32.Small.ng" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\eknlqczi.exe infected by "Trojan-Downloader.Win32.Small.dnt" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\loader174.exe infected by "Trojan-Downloader.Win32.VB.vc" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\loadnew.exe infected by "Trojan-Downloader.Win32.Small.dnt" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\mainrescontr.exe infected by "Trojan-Dropper.Win32.Agent.add" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\msysmsgk.exe infected by "Trojan.Win32.StartPage.ain" Virus! Action Taken: No Action Taken.

FABROS · Příspěvekod **FABROS** » 24 srp 2006 09:50

TENTO JSEM ALE NENAŠEL

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

Příspěvekod **mikel** » 24 srp 2006 13:02

Všechny tyhle soubory najdi na disku a smaž:
C:\WINDOWS\63i0oeol.exe
C:\WINDOWS\eknlqczi.exe
C:\WINDOWS\loader174.exe
C:\WINDOWS\loadnew.exe
C:\WINDOWS\mainrescontr.exe
C:\WINDOWS\msysmsgk.exe

Jestli ještě nemáš zapnuté zobrazování skrytých souborů, tak si ho možná budeš muset zapnout.

Příspěvekod **fredik** » 24 srp 2006 14:15

Pak sem ještě vlož pro jistotu log z HJT.

FABROS · Příspěvekod **FABROS** » 24 srp 2006 15:51

Logfile of HijackThis v1.99.1
Scan saved at 15:51:00, on 24.8.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\system32\kernels8.exe
C:\WINDOWS\system32\rpcc.exe
C:\windows\system32\stonedrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\xpupdate.exe
C:\WINDOWS\system32\aspi248288.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dlh9jkdq2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\dlh9jkdq6.exe
C:\WINDOWS\system32\dlh9jkdq7.exe
C:\WINDOWS\system32\dlh9jkdq6.exe
C:\WINDOWS\system32\dlh9jkdq7.exe
C:\hak\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.5:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\MSDXM.OCX
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [System] C:\WINDOWS\system32\kernels8.exe
O4 - HKLM\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\system32\kernels8.exe
O4 - HKLM\..\RunServices: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKCU\..\Run: [Winsvr] C:\DOCUME~1\Honzik\LOCALS~1\Temp\2.tmp5632.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe

Milka. · Příspěvekod **Milka.** » 25 srp 2006 14:50

Bohužel je to adware Wareout-tohoto se bez Fixwareout nezbavíš : český postup s ním je tu je zbytečné psát znova totéž a najdeš tam i postup jak a kde doplnit zaslaná DNS od poskytovatele:

Než ho použiješ bylo by dobré se odpojit manuálně ze síťě, jinak ti to co tam máš dotáhne zase další malware, odstraníme to všechno a pak si ten net zase zapojíš :smile:

Takže použij :

:Fixwareout: dle návodu

:Killbox:

C:\WINDOWS\system32\kernels8.exe
C:\WINDOWS\system32\rpcc.exe
C:\windows\system32\stonedrv.exe
C:\Windows\xpupdate.exe
C:\WINDOWS\system32\aspi248288.exe
C:\WINDOWS\system32\dlh9jkdq2.exe
C:\WINDOWS\system32\dlh9jkdq6.exe
C:\WINDOWS\system32\dlh9jkdq7.exe
C:\WINDOWS\system32\dlh9jkdq6.exe
C:\WINDOWS\system32\dlh9jkdq7.exe

Označ vypsané řádky a ulož si je na plochu do text. dokumentu. Jdi do nouzového režimu, spusť killbox a z uloženého text. dokumentu stiskem klávec /Ctrl+A/ následně /Ctrl+C/ (tím vložíme text do Win. schránky) dej kopírovat do Killboxu:Spusť Killbox / File /Paste from Clipboard/ … tím se vloží kopírovaný text ze schránky-zaškrtni /Delete on reboot /All Files/ Červený křížek a je to.

V tom nouzovým ještě zůstaň a spusť :HJT: zafixuj tyhle řádky( je možné že tam už nějaký po použití fixwareoutu nebude)

O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [System] C:\WINDOWS\system32\kernels8.exe
O4 - HKLM\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\system32\kernels8.exe
O4 - HKLM\..\RunServices: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKCU\..\Run: [Winsvr] C:\DOCUME~1\Honzik\LOCALS~1\Temp\2.tmp5632.exe

Pak restart do normálního režimu .. zapoj si ten net .. přenastav DNS a pošli sem logy z fixwareout/C:\fixwareout\report.txt / + aktuální z HJT

btw: tohle jsem přesně neidentifikovala, ale předtím to v logách nebylo takže asi nově dotažený šmejdík, jestli chceš tak ho nejprve ještě otestuj na jotti /nápovědu jak na to tu už máš od fredíka / C:\WINDOWS\system32\aspi248288.exe ... nemá ani žádný klíč, tak buď to bude mít skrytou službu a nebo ho drží něco jiného ... uvidíš po fixu co se odkryje

Win32:Trojan-gen + Spyware

Zjistil jsem to

Kdo je online