Dik - posielam pozadovane subory....
Soubor Install.exe přijatý 2009.12.29 10:04:32 (UTC)
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.43 2009.12.29 Riskware.AdWare.Win32.Casino.q!IK
AhnLab-V3 5.0.0.2 2009.12.28 -
AntiVir 7.9.1.122 2009.12.29 GAME/Casino.Gen
Antiy-AVL 2.0.3.7 2009.12.29 -
Authentium 5.2.0.5 2009.12.29 W32/Adware.AP
Avast 4.8.1351.0 2009.12.27 -
AVG 8.5.0.430 2009.12.28 Generic.KLT
BitDefender 7.2 2009.12.29 Adware.Generic.59500
CAT-QuickHeal 10.00 2009.12.29 -
ClamAV 0.94.1 2009.12.29 Adware.Casino-3
Comodo 3399 2009.12.29 ApplicUnwnt.Win32.Adware.CasOnline.8
DrWeb 5.0.1.12222 2009.12.29 Adware.Casino
eSafe 7.0.17.0 2009.12.28 -
eTrust-Vet 35.1.7203 2009.12.29 Win32/CasOnline!Adware
F-Prot 4.5.1.85 2009.12.28 W32/Adware.AP
F-Secure 9.0.15370.0 2009.12.29 Adware.Generic.59500
Fortinet 4.0.14.0 2009.12.29 Adware/Casino
GData 19 2009.12.29 Adware.Generic.59500
Ikarus T3.1.1.79.0 2009.12.29 not-a-virus:AdWare.Win32.Casino.q
Jiangmin 13.0.900 2009.12.29 Adware/Ncast.e
K7AntiVirus 7.10.932 2009.12.28 Non-Virus:AdWare.Win32.Casino.q
Kaspersky 7.0.0.125 2009.12.29 -
McAfee 5845 2009.12.28 potentially unwanted program CasOnline
McAfee+Artemis 5845 2009.12.28 potentially unwanted program CasOnline
McAfee-GW-Edition 6.8.5 2009.12.29 Heuristic.LooksLike.Win32.CasOnline.H
Microsoft 1.5302 2009.12.29 -
NOD32 4723 2009.12.28 -
Norman 6.04.03 2009.12.28 W32/Casino.AB
nProtect 2009.1.8.0 2009.12.29 -
Panda 10.0.2.2 2009.12.15 Adware/888Bar
PCTools 7.0.3.5 2009.12.29 Adware.Casino.N
Prevx 3.0 2009.12.29 Low Risk Adware
Rising 22.28.01.03 2009.12.29 -
Sophos 4.49.0 2009.12.29 Casino-On-Net downloader
Sunbelt 3.2.1858.2 2009.12.29 Trojan.Agent
Symantec 1.4.4.12 2009.12.29 -
TheHacker 6.5.0.3.117 2009.12.29 -
TrendMicro 9.120.0.1004 2009.12.29 -
VBA32 3.12.12.1 2009.12.28 -
ViRobot 2009.12.29.2114 2009.12.29 -
VirusBuster 5.0.21.0 2009.12.28 Adware.Agent.JOSX
Rozšiřující informace
File size: 166680 bytes
MD5...: 0972eddd484b43168f879a75ae7e6fb4
SHA1..: ddbc006670e3cb8e045f7a669867795153ed0a5c
SHA256: 6de8b18779decf77d1c257bc0b20c364403238513f5a51db7911a02abbda0512
ssdeep: 3072:7+R0hajiERTWntMGQhGzRRlKOogPbtL5wbNhYJWfln5lwrlXnN:7J2yR0Qb<br>tLONhtlCl9<br>
PEiD..: -
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x13bff<br>timedatestamp.....: 0x43c614a4 (Thu Jan 12 08:34:44 2006)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x1b9d4 0x1c000 6.33 57a5ff17a55be38db514dca8f5e969a2<br>.rdata 0x1d000 0x1c20 0x2000 4.96 918883116a59907003ab7f252f2f614e<br>.data 0x1f000 0x3122c 0x5000 2.91 e0542c994b283c37f252af1ea2a51b81<br>.rsrc 0x51000 0xec0 0x1000 4.93 dd07dc988312c9df2fae84641e74b801<br><br>( 8 imports ) <br>> WSOCK32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<br>> VERSION.dll: GetFileVersionInfoSizeA, VerQueryValueA, GetFileVersionInfoA<br>> KERNEL32.dll: ReleaseMutex, GetPrivateProfileIntA, CreateThread, LeaveCriticalSection, EnterCriticalSection, TerminateThread, GetModuleFileNameA, GetTempPathA, GetModuleHandleA, GetCurrentDirectoryA, lstrlenA, GetLastError, WaitForMultipleObjects, DeleteFileA, InitializeCriticalSection, DeleteCriticalSection, WriteFile, CopyFileA, GetUserDefaultLangID, GlobalFree, GlobalSize, GlobalUnlock, GlobalLock, GlobalAlloc, LocalFree, LocalAlloc, SetConsoleCtrlHandler, SetStdHandle, FlushFileBuffers, CompareStringA, CompareStringW, SetEnvironmentVariableA, GlobalMemoryStatus, GetVersion, GetVersionExA, CreateMutexA, CloseHandle, CreateEventA, WinExec, GetTickCount, GetPrivateProfileStringA, WaitForSingleObject, SetEvent, MulDiv, CreateFileA, LoadLibraryA, ReadFile, SetFilePointer, GetFileSize, IsBadWritePtr, HeapCreate, HeapDestroy, VirtualFree, GetProcAddress, HeapSize, GetEnvironmentVariableA, TerminateProcess, VirtualAlloc, UnhandledExceptionFilter, GetCurrentProcess, GetOEMCP, GetACP, GetCPInfo, RemoveDirectoryA, CreateDirectoryA, ExitProcess, GetCommandLineA, GetStartupInfoA, HeapFree, HeapAlloc, GetStringTypeW, GetSystemTime, GetTimeZoneInformation, GetLocalTime, FreeEnvironmentStringsA, FreeEnvironmentStringsW, RtlUnwind, GetEnvironmentStrings, GetEnvironmentStringsW, WideCharToMultiByte, GetStdHandle, GetFileType, SetHandleCount, IsBadReadPtr, IsBadCodePtr, SetUnhandledExceptionFilter, LCMapStringA, LCMapStringW, MultiByteToWideChar, GetStringTypeA, HeapReAlloc<br>> USER32.dll: LoadIconA, DialogBoxParamA, TranslateAcceleratorA, TranslateMessage, DispatchMessageA, LoadCursorA, MessageBoxA, GetClassInfoExA, SetForegroundWindow, EndPaint, FindWindowA, SetFocus, ReleaseDC, FillRect, GetClientRect, ScreenToClient, GetDC, CreateWindowExA, ShowWindow, GetWindowRect, SetWindowTextA, IntersectRect, IsRectEmpty, PtInRect, UnionRect, SendDlgItemMessageA, DrawTextA, InvalidateRect, UpdateWindow, SetDlgItemTextA, KillTimer, SetTimer, EnumDisplaySettingsA, ChangeDisplaySettingsA, GetSystemMetrics, GetMessageA, MessageBoxIndirectA, EndDialog, DestroyWindow, PostQuitMessage, GetDlgItem, EnableWindow, RegisterClassExA, DefWindowProcA, LoadAcceleratorsA, PostMessageA, SendMessageA, IsWindow<br>> GDI32.dll: CreateSolidBrush, CreateCompatibleDC, SelectObject, CreateCompatibleBitmap, GetDeviceCaps, GetObjectA, CreateFontIndirectA, SetMapMode, SetTextColor, SetBkColor, GetBkColor, DeleteDC, SetBkMode, CreateBitmap, CreateDIBitmap, DeleteObject, BitBlt<br>> ADVAPI32.dll: RegCloseKey, RegSetValueExA, RegCreateKeyExA, RegOpenKeyExA, RegQueryValueExA<br>> SHELL32.dll: ShellExecuteExA<br>> ole32.dll: CoCreateGuid<br><br>( 0 exports ) <br>
RDS...: NSRL Reference Data Set<br>-
pdfid.: -
trid..: Win64 Executable Generic (59.6%)<br>Win32 Executable MS Visual C++ (generic) (26.2%)<br>Win32 Executable Generic (5.9%)<br>Win32 Dynamic Link Library (generic) (5.2%)<br>Generic Win/DOS Executable (1.3%)
<a href='http://info.prevx.com/aboutprogramtext.asp?PX5=1CF4239B1896CD0C8B6502E99EAC710038E21EAF' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=1CF4239B1896CD0C8B6502E99EAC710038E21EAF</a>
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=0972eddd484b43168f879a75ae7e6fb4' target='_blank'>http://www.threatexpert.com/report.aspx?md5=0972eddd484b43168f879a75ae7e6fb4</a>
sigcheck:<br>publisher....: Random-Logic<br>copyright....: Copyright (c) 2004<br>product......: Random-Logic Installer<br>description..: Installer<br>original name: Installer.exe<br>internal name: Installer<br>file version.: 3.5.0.6<br>comments.....: <br>signers......: -<br>signing date.: -<br>verified.....: Unsigned<br>
CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\bitcomet\torrents\crysis.cracks+key-saved.torrent
c:\program files\bitcomet\torrents\mass.effect.crackfix+key-saved.torrent
scanner sequence 3.LB.11
----- EOF -----
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-12-01.01)
Systém Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 27.12.2009 22:40:47
System Uptime: 29.12.2009 10:52:36 (1 hours ago)
Motherboard: MICRO-STAR INC. | | MS-6580
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | FC-478 | 2800/133mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 49 GiB total, 27,218 GiB free.
F: is FIXED (NTFS) - 78 GiB total, 22,78 GiB free.
G: is FIXED (NTFS) - 22 GiB total, 21,021 GiB free.
H: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Ralink Turbo Wireless LAN Card
Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_25611814&REV_00\4&1A671D0C&0&18F0
Manufacturer: Ralink Technology, Inc.
Name: Ralink Turbo Wireless LAN Card #4
PNP Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_25611814&REV_00\4&1A671D0C&0&18F0
Service: RT61
Class GUID: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Description: Sekundární kanál IDE
Device ID: PCIIDE\IDECHANNEL\4&EDAF9CF&0&1
Manufacturer: (Standardní řadiče IDE ATA/ATAPI)
Name: Sekundární kanál IDE
PNP Device ID: PCIIDE\IDECHANNEL\4&EDAF9CF&0&1
Service: idechndr
==== System Restore Points ===================
RP1: 27.12.2009 22:56:48 - Kontrolní bod systému
RP2: 27.12.2009 23:10:45 - Nainstalováno Windows XP Service Pack 3.
==== Installed Programs ======================
32 Bit HP CIO Components Installer
Acronis Disk Director Suite
Adobe Acrobat 6.0 Professional
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
AIM
AnswerWorks Runtime
AutoCAD 2008 - Český
AutoCAD LT 2000i česká verze
Autodesk DWF Viewer 7
avast! Antivirus
BitComet 0.60
BS.Player FREE
BSPlayer
BufferChm
C4580
C4580_Help
Cards_Calendar_OrderGift_DoMorePlugout
Codec Pack - All In 1 6.0.3.0
Comfy KB-16M
Core Center
Destination Component
DeviceDiscovery
DocProc
DocProcQFolder
eSupportQFolder
Freelancer
Gaming Mouse
GPBaseService
HijackThis 2.0.2
HP Imaging Device Functions 11.0
HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4
HP Photosmart Essential 2.5
HP Photosmart Essential 3.0
HP Smart Web Printing
HP Solution Center 11.0
HP Update
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
Intel Application Accelerator
ioCentre
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0 Language Pack - CSY
Microsoft AutoRoute Express Europa 2000
Microsoft Game Studios Common Redistributables Pack 1
Microsoft Office Professional Edition 2003
Microsoft Visual C++ 2005 Redistributable
Microsoft XML Parser
Mozilla Firefox (3.0.16)
MSXML 6.0 Parser
Nero 6 Ultra Edition
Nero 6.6.0.18 a Nero vision express 3.1.0.21 Cz
Network
Norton PartitionMagic
Norton PartitionMagic 8.0
NVIDIA Drivers
OCR Software by I.R.I.S. 11.0
PanoStandAlone
PowerISO
PS_AIO_04_C4580_ProductContext
PS_AIO_04_C4580_Software
PS_AIO_04_C4580_Software_Min
PSSWCORE
Ralink Wireless LAN Card
Realtek AC'97 Audio
Realtek High Definition Audio Driver
Registry Mechanic 6.0
Scan
SmartWebPrinting
SolutionCenter
Spybot - Search & Destroy
Status
The KMPlayer (remove only)
Toolbox
TrayApp
TuneUp Utilities 2008
UnloadSupport
VBA (2627.01)
VideoToolkit01
WebFldrs XP
WebReg
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WingMan Software
WinRAR archivátor
X3 Reunion v2.5
X3 Terran Conflict v2.5
Zoner Photo Studio 8
==== End Of File ===========================
DDS (Ver_09-12-01.01) - NTFSx86
Run by user at 11:15:46,53 on ut 29. 12. 2009
Internet Explorer: 6.0.2900.5512
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.649 [GMT 1:00]
AV: avast! antivirus 4.8.1368 [VPS 091227-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gKbStatus.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\MSI\Core Center\CoreCenter.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Documents and Settings\user\Plocha\dds.scr
============== Pseudo HJT Report ===============
uStart Page =
hxxp://www.google.sk/uSearch Page =
hxxp://www.google.comuSearch Bar =
hxxp://www.google.com/iemDefault_Search_URL =
hxxp://www.google.com/ieuSearchAssistant =
hxxp://www.google.com/ieuSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [ioCentre] c:\genius\iocentre\gTaskBar.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [OSSelectorReinstall] c:\program files\common files\acronis\acronis disk director\oss_reinstall.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\user\nabdka~1\programy\posput~1\fuzzyp~1.lnk - c:\program files\msi\core center\CoreCenter.exe
StartupFolder: c:\docume~1\alluse~1\nabdka~1\programy\posput~1\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: csob.sk\ib24
DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1}
DPF: {461A37E7-17B3-40E3-B6BB-7CAEC732C9E4} -
hxxps://ib24.csob.sk/Comp/CSOBEnroll.dllDPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} -
hxxp://update.microsoft.com/windowsupda ... 2002392687DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122}
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
hxxp://fpdownload.macromedia.com/pub/sh ... wflash.cabDPF: {F281A59C-7B65-11D3-8617-0010830243BD}
TCP: {5CC0DEFE-EBC2-462C-80E8-31E723E680FC} = 208.67.220.220,208.67.222.222
Notify: ComPlusSetup - c:\windows\system32\catsrvut.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1
www.spywareinfo.com================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\user\dataap~1\mozilla\firefox\profiles\rta72c9p.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.conduit.com/ResultsExt.as ... ource=3&q=FF - prefs.js: browser.search.selectedEngine - BS_Player Customized Web Search
FF - prefs.js: browser.startup.homepage -
www.google.sk---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.default.XMLHttpRequest.channel", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("security.checkloaduri", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("bidi.characterset", 1);
c:\program files\mozilla firefox\defaults\pref\channel-prefs.js - pref("app.update.channel", "release");
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
============= SERVICES / DRIVERS ===============
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [2009-1-17 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [2009-1-17 5248]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [2005-12-6 35328]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-1-17 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-1-17 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-1-17 138680]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [2009-2-28 17408]
R3 PCAlertDriver;PCAlertDriver;c:\program files\msi\core center\NTGLM7X.sys [2009-1-15 28160]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2004-8-3 69120]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-1-17 254040]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-1-17 352920]
=============== Created Last 30 ================
2009-12-28 18:00:22 844 ------w- c:\windows\hpomdl30.dat
2009-12-28 18:00:22 166422 ----a-w- c:\windows\hpoins30.dat
2009-12-28 17:19:10 974848 ----a-w- c:\windows\system32\hpost_p01a.dll
2009-12-28 17:19:10 729088 ----a-w- c:\windows\system32\hposwia_p01a.dll
2009-12-28 17:19:10 372736 ----a-w- c:\windows\system32\hppldcoi.dll
2009-12-28 17:19:10 309760 ----a-w- c:\windows\system32\difxapi.dll
2009-12-28 17:19:10 303104 ----a-w- c:\windows\system32\hposc_p01a.dll
2009-12-28 12:17:37 0 d---a-w- c:\windows\rundll16.exe
2009-12-28 12:17:37 0 d---a-w- c:\windows\logo1_.exe
2009-12-27 22:13:49 0 d-----w- c:\windows\ServicePackFiles
2009-12-27 22:13:29 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2009-12-27 22:10:37 19569 ----a-w- c:\windows\003338_.tmp
2009-12-27 21:39:59 23040 -c--a-w- c:\windows\system32\dllcache\EXCH_regtrace.exe
2009-12-27 21:38:59 13463552 -c--a-w- c:\windows\system32\dllcache\hwxjpn.dll
2009-12-27 21:37:58 95232 -c--a-w- c:\windows\system32\dllcache\certmap.ocx
2009-12-27 21:36:27 488 ---ha-r- c:\windows\system32\logonui.exe.manifest
2009-12-27 21:36:20 749 ---ha-r- c:\windows\WindowsShell.Manifest
2009-12-27 21:36:20 749 ---ha-r- c:\windows\system32\wuaucpl.cpl.manifest
2009-12-27 21:36:20 749 ---ha-r- c:\windows\system32\sapi.cpl.manifest
2009-12-27 21:36:20 749 ---ha-r- c:\windows\system32\nwc.cpl.manifest
2009-12-27 21:36:20 749 ---ha-r- c:\windows\system32\ncpa.cpl.manifest
2009-12-27 21:36:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2009-12-27 21:35:54 162304 ----a-w- c:\windows\system32\wuaucpl.cpl
2009-12-27 21:35:00 0 d-----w- c:\windows\system32\wbem\Repository
2009-12-27 21:30:42 0 d-----w- c:\windows\system32\ReinstallBackups
2009-12-27 19:34:47 25065 ----a-w- c:\windows\system32\wmpscheme.xml
2009-12-27 19:34:44 299552 ----a-w- c:\windows\WMSysPrx.prx
2009-12-27 19:24:34 6272 ----a-w- c:\windows\system32\drivers\splitter.sys
2009-12-27 19:24:32 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys
2009-12-27 19:21:09 58496 ----a-w- c:\windows\system32\drivers\redbook.sys
2009-12-27 19:21:00 40840 ----a-w- c:\windows\system32\drivers\termdd.sys
2009-12-27 19:20:58 196224 ----a-w- c:\windows\system32\drivers\rdpdr.sys
2009-12-27 17:41:08 0 d-----w- c:\program files\Trend Micro
2009-12-27 13:50:02 0 d---a-w- c:\windows\VDLL.DLL
2009-12-27 13:50:02 0 d---a-w- c:\windows\system32\runouce.exe
2009-12-27 13:50:02 0 d---a-w- c:\windows\RUNDL132.EXE
2009-12-27 13:50:02 0 d---a-w- c:\windows\logo_1.exe
2009-12-27 13:49:18 54 ----a-w- c:\windows\Lic.xxx
2009-12-27 13:48:50 632064 ----a-w- c:\windows\system32\msvcr80.dll
2009-12-27 13:48:49 554240 ----a-w- c:\windows\system32\msvcp80.dll
2009-12-27 13:48:47 522 ----a-w- c:\windows\system32\Microsoft.VC80.CRT.manifest
2009-12-27 13:48:47 34048 ----a-w- c:\windows\system32\eEmpty.exe
2009-12-27 13:48:45 147968 ----a-w- c:\windows\R.COM
2009-12-27 13:48:45 137216 ----a-w- c:\windows\system32\TASKMGR.COM
2009-12-27 13:48:45 137216 ----a-w- c:\windows\system32\T.COM
2009-12-27 13:48:44 147968 ----a-w- c:\windows\REGEDIT.COM
2009-12-27 13:48:42 0 d-----w- c:\program files\common files\MicroWorld
2009-12-27 13:48:40 0 d-----w- c:\docume~1\alluse~1\dataap~1\MicroWorld
2009-12-13 12:41:45 0 d-----w- c:\program files\common files\HP
2009-12-13 12:41:16 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2009-12-13 12:39:16 316286 ----a-w- c:\windows\setupapi.old
2009-12-12 14:23:54 588148 ----a-w- c:\windows\hpoins30.dat.temp
2009-12-12 14:23:53 844 ----a-w- c:\windows\hpomdl30.dat.temp
2009-12-12 14:22:48 49920 ----a-r- c:\windows\system32\drivers\HPZid412.sys
2009-12-12 14:22:05 21568 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2009-12-12 14:21:42 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-12-06 18:27:00 0 d-----w- c:\program files\EGOSOFT
2009-12-06 13:10:13 0 d-----w- c:\program files\Rapget
==================== Find3M ====================
2009-12-29 09:57:19 87168 ----a-w- c:\windows\system32\perfc005.dat
2009-12-29 09:57:19 432736 ----a-w- c:\windows\system32\perfh005.dat
2009-12-27 21:34:43 22900 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-17 18:41:22 796672 ----a-w- c:\windows\GPInstall.exe
============= FINISH: 11:16:06,79 ===============
, zacal som sa vaznejsie zaujimat o SW... Prosim o kontrolu logu mojho zalozneho Pc - nerad by som prisiel i jeho data. Prikladam vypis scanu MWAV a HJT log. Vopred dik. P.S: pravidelne pouzivam AVAST a Spyboot, ale evidentne je to malo... Vopred dakujem.
