Při instalaci hry mi Norton diagnostikoval Trojského koně na DVD,než jsem zasáhnul nevím jestli už nepřešel do systému. Logfile of random's system information tool 1.06 (written by random/random)
Run by ivos at 2010-08-22 12:45:52
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 109 GB (78%) free of 140 GB
Total RAM: 2047 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:46:07, on 22.8.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
C:\Documents and Settings\ivos\Dokumenty\Obrázky\RSIT.exe
C:\Program Files\trend micro\ivos.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{4318D541-001C-4D29-938E-C4872C33AFDB}: NameServer = 212.96.161.6,212.96.160.7
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 5616 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Automatic maintenance.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{18850413-4479-4AE5-8289-8B17FEDE4A7D}.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll [2010-05-13 394608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL [2010-05-14 79224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-21 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-21 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll [2010-05-13 394608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-02-13 16857600]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TuneUp MemOptimizer"=C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe [2008-12-22 150528]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
""= []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-05-27 159744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2010-01-14 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2010-01-14 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2010-01-14 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2010-08-22 12:45:52 ----D---- C:\rsit
2010-08-22 10:55:16 ----A---- C:\WINDOWS\system32\binkw32.dll
2010-08-22 10:54:45 ----A---- C:\WINDOWS\IsUninst.exe
2010-08-22 10:26:17 ----D---- C:\Program Files\F.E.A.R. 2
2010-08-12 11:55:27 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-12 11:50:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-07-29 11:34:47 ----D---- C:\Program Files\MIKSOFT
2010-07-29 11:21:04 ----D---- C:\Documents and Settings\ivos\Data aplikací\Nokia
2010-07-29 09:57:52 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-29 09:57:10 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-07-29 09:57:10 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-07-29 09:55:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
2010-07-27 16:58:38 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-07-27 16:58:38 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-07-27 16:58:37 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-07-27 16:58:36 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-07-27 16:58:36 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-07-27 16:58:35 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-07-27 16:58:34 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-07-27 16:58:34 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-07-27 16:57:55 ----HD---- C:\WINDOWS\msdownld.tmp
2010-07-26 13:11:56 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-07-26 13:11:56 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-07-26 13:11:55 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-07-26 13:11:55 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
======List of files/folders modified in the last 1 months======
2010-08-22 12:45:58 ----D---- C:\Program Files\trend micro
2010-08-22 12:45:55 ----D---- C:\WINDOWS\Prefetch
2010-08-22 12:45:27 ----D---- C:\WINDOWS\Temp
2010-08-22 12:14:50 ----RD---- C:\Program Files
2010-08-22 12:13:09 ----D---- C:\WINDOWS
2010-08-22 12:12:28 ----D---- C:\WINDOWS\system32
2010-08-22 12:08:21 ----SHD---- C:\System Volume Information
2010-08-22 12:08:21 ----D---- C:\WINDOWS\system32\Restore
2010-08-22 11:19:12 ----D---- C:\WINDOWS\system32\drivers
2010-08-22 11:17:56 ----SHD---- C:\WINDOWS\Installer
2010-08-22 11:16:59 ----D---- C:\Program Files\ATI
2010-08-22 10:55:35 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-22 09:14:00 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-08-20 18:10:10 ----D---- C:\Documents and Settings\ivos\Data aplikací\Vso
2010-08-20 12:26:15 ----A---- C:\WINDOWS\NeroDigital.ini
2010-08-18 22:27:36 ----D---- C:\Documents and Settings\ivos\Data aplikací\ICQ
2010-08-18 22:26:44 ----D---- C:\Program Files\ICQ7.0
2010-08-14 15:09:37 ----D---- C:\WINDOWS\Network Diagnostic
2010-08-13 13:12:51 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-13 13:11:49 ----RSD---- C:\WINDOWS\assembly
2010-08-13 10:27:46 ----D---- C:\Documents and Settings\ivos\Data aplikací\Skype
2010-08-13 09:54:46 ----D---- C:\Documents and Settings\ivos\Data aplikací\skypePM
2010-08-13 09:49:26 ----SD---- C:\Documents and Settings\ivos\Data aplikací\Microsoft
2010-08-13 09:49:25 ----D---- C:\Documents and Settings\ivos\Data aplikací\Adobe
2010-08-12 13:56:24 ----D---- C:\WINDOWS\Debug
2010-08-12 11:55:33 ----HD---- C:\WINDOWS\inf
2010-08-12 11:55:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-12 11:55:26 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-12 11:53:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-12 11:53:29 ----D---- C:\WINDOWS\WinSxS
2010-08-12 11:50:56 ----D---- C:\Program Files\Internet Explorer
2010-08-12 11:50:37 ----D---- C:\WINDOWS\ie8updates
2010-08-12 11:42:36 ----D---- C:\Program Files\Movie Maker
2010-08-03 20:09:31 ----A---- C:\WINDOWS\system32\MRT.exe
2010-07-31 11:15:00 ----D---- C:\Program Files\Ubisoft
2010-07-30 16:26:41 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-30 13:00:28 ----D---- C:\Documents and Settings\ivos\Data aplikací\Voipwise
2010-07-29 11:53:31 ----D---- C:\Documents and Settings\ivos\Data aplikací\PC Suite
2010-07-29 11:30:14 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-29 11:29:24 ----D---- C:\WINDOWS\system32\LogFiles
2010-07-29 11:28:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2010-07-29 09:59:12 ----D---- C:\Program Files\Common Files\Nokia
2010-07-29 09:58:18 ----D---- C:\Program Files\Nokia
2010-07-29 09:58:06 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-07-27 19:41:02 ----D---- C:\Program Files\Mozilla Firefox
2010-07-27 18:59:45 ----D---- C:\Program Files\CCleaner
2010-07-27 18:33:35 ----D---- C:\WINDOWS\system32\config
2010-07-27 17:17:17 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-07-27 17:16:54 ----D---- C:\Program Files\AGEIA Technologies
2010-07-27 17:00:37 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2010-07-27 17:00:37 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2010-07-27 16:58:39 ----D---- C:\WINDOWS\system32\DirectX
2010-07-27 16:57:49 ----D---- C:\WINDOWS\Logs
2010-07-27 08:29:10 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-25 10:14:33 ----A---- C:\WINDOWS\BlendSettings.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20100810.004\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\NIS\1107000.00C\ccHPx86.sys [2010-02-26 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SRTSP.SYS [2010-04-22 325680]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NIS\1107000.00C\SRTSPX.SYS [2010-04-22 43696]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NIS\1107000.00C\Ironx86.SYS [2010-04-29 116784]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SYMTDI.SYS [2010-05-06 361904]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/01/22 13:17:02]; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-01-21 21035]
R2 EAPPkt;Realtek EAPPkt Protocol; C:\WINDOWS\system32\DRIVERS\EAPPkt.sys [2007-10-09 38144]
R2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2010-01-14 62848]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-05-27 4830720]
R3 CIF USB CAMERA Service;CIF USB CAMERA; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2003-09-18 112380]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20100820.001\IDSxpx86.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-02-14 4676096]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20100821.004\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20100821.004\NAVEX15.SYS []
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-01-21 47360]
R3 rtl8029;Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8029.SYS [2001-08-17 19017]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-11-27 177152]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-06-08 30464]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 DumpDrv;Crash Dump Driver; C:\WINDOWS\system32\drivers\DumpDrv.sys [2010-01-14 9472]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 SuperMounter;SuperMounter; C:\WINDOWS\system32\drivers\SuperMounter.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-03 10232128]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver; C:\WINDOWS\system32\DRIVERS\wg111v3.sys [2007-12-28 287232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2010-01-14 32384]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2010-01-14 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2010-01-14 133632]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-05-27 602112]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-21 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-12-02 877864]
R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe [2010-02-26 126392]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-01-21 603904]
R2 UxTuneUp;TuneUp Rozšíření vzhledu; C:\WINDOWS\System32\svchost.exe [2010-01-14 14848]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2009-03-25 537896]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-01-22 360192]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2010-01-14 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu.
Zdravim a pekne rano preji 
To jako ze by bylo DVD zavirovano uz z vyroby spolecnosti co hru distribuuje 
Nebo se jedna o nejaky warezik apod. 
Kazdopadne at tak ci tak, PC vypada ciste, ale projedeme jej pro jistotu
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
To jako ze by bylo DVD zavirovano uz z vyroby spolecnosti co hru distribuuje Nebo se jedna o nejaky warezik apod. Kazdopadne at tak ci tak, PC vypada ciste, ale projedeme jej pro jistotu
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
- Provedte aktualizaci - treti zalozka
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
kengura.ivo
- 5. stupeň - BAN
- Příspěvky: 82
- Registrován: 12 říj 2008 11:10
Re: Prosím o kontrolu.
Příjemný den.Máte pravdu,bylo to vypalované DVD. Posílám log MAB.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4465
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
23.8.2010 9:38:37
mbam-log-2010-08-23 (09-38-37).txt
Typ skenu: Úplný sken (C:\|)
Skenované objekty: 176277
Uplynulý čas: 41 minuta(y), 25 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
C:\Program Files\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> No action taken.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4465
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
23.8.2010 9:38:37
mbam-log-2010-08-23 (09-38-37).txt
Typ skenu: Úplný sken (C:\|)
Skenované objekty: 176277
Uplynulý čas: 41 minuta(y), 25 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
C:\Program Files\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> No action taken.
Re: Prosím o kontrolu.
Pokud budete pouzivat nelegalni sw a cracky, tak budete mit PC zaprasene jedna dve Nehlede na porusovani autorskych zakonu a pachani trestneho cinu...
Overime zda MBAM nema falesny poplach
Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)
Nehlede na porusovani autorskych zakonu a pachani trestneho cinu...Overime zda MBAM nema falesny poplach
Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)
- C:\Program Files\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2.dll
- Kliknete na Prochazet
- Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
- Pokud napise Soubor byl jiz testovan, dejte otestovat znovu
- Kliknete na Otestovat soubor
- Vysledek analyzy sem vlozte (jako odkaz)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
kengura.ivo
- 5. stupeň - BAN
- Příspěvky: 82
- Registrován: 12 říj 2008 11:10
Re: Prosím o kontrolu.
Díky.
ubiorbitapi_r2.dll
Submission date:
2010-08-23 02:28:37 (UTC)
Current status:
finished
Result:
9 /42 (21.4%)
VT Community
not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2010.08.22.00 2010.08.21 -
AntiVir 8.2.4.38 2010.08.23 TR/Black.Gen2
Antiy-AVL 2.0.3.7 2010.08.23 -
Authentium 5.2.0.5 2010.08.22 -
Avast 4.8.1351.0 2010.08.22 -
Avast5 5.0.332.0 2010.08.22 -
AVG 9.0.0.851 2010.08.22 -
BitDefender 7.2 2010.08.23 -
CAT-QuickHeal 11.00 2010.08.21 -
ClamAV 0.96.2.0-git 2010.08.23 -
Comodo 5825 2010.08.23 -
DrWeb 5.0.2.03300 2010.08.23 -
Emsisoft 5.0.0.37 2010.08.23 possible-Threat.Patch.AssassinsCreed!IK
eSafe 7.0.17.0 2010.08.22 -
eTrust-Vet 36.1.7804 2010.08.21 -
F-Prot 4.6.1.107 2010.08.22 -
F-Secure 9.0.15370.0 2010.08.23 -
Fortinet 4.1.143.0 2010.08.22 -
GData 21 2010.08.23 -
Ikarus T3.1.1.88.0 2010.08.23 possible-Threat.Patch.AssassinsCreed
Jiangmin 13.0.900 2010.08.23 -
Kaspersky 7.0.0.125 2010.08.23 -
McAfee 5.400.0.1158 2010.08.23 Artemis!FE74570ED00E
McAfee-GW-Edition 2010.1B 2010.08.23 Artemis!FE74570ED00E
Microsoft 1.6103 2010.08.22 -
NOD32 5386 2010.08.22 a variant of Win32/Packed.VMProtect.AAA
Norman 6.05.11 2010.08.22 -
nProtect 2010-08-22.01 2010.08.22 -
Panda 10.0.2.7 2010.08.22 -
PCTools 7.0.3.5 2010.08.23 -
Prevx 3.0 2010.08.23 -
Rising 22.61.06.04 2010.08.22 Trojan.Win32.Generic.520871DE
Sophos 4.56.0 2010.08.22 Mal/Behav-363
Sunbelt 6777 2010.08.23 -
SUPERAntiSpyware 4.40.0.1006 2010.08.23 -
Symantec 20101.1.1.7 2010.08.23 -
TheHacker 6.5.2.1.353 2010.08.22 -
TrendMicro 9.120.0.1004 2010.08.22 -
TrendMicro-HouseCall 9.120.0.1004 2010.08.23 -
VBA32 3.12.14.0 2010.08.20 -
ViRobot 2010.8.18.3995 2010.08.22 -
VirusBuster 5.0.27.0 2010.08.22 Trojan.Packed.AEP
Additional information
Show all
MD5 : fe74570ed00e733bedb15257e3f95533
SHA1 : acadf2b82aecdedb4d590808eeb01d436999e91e
SHA256: b73846e6f1e2515ae3b89fd0412064af7ef95fffa892e0d57cd34b717c4369d7
ssdeep: 12288:8Sce1WHJWtkv7+ySuNVBaygbxwGpSNOI4krBi0W6DPa94MS9cNGvvOTqR4ND4:8S712JW
t5yjNVAeNO0WK6FPTa
File size : 765952 bytes
First seen: 2010-04-21 18:28:35
Last seen : 2010-08-23 02:28:37
Magic: PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit
TrID:
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEiD: -
packers (Kaspersky): PE_Patch, PE_Patch
PEInfo: PE structure information
[[ basic data ]]
entrypointaddress: 0x18FEAD
timedatestamp....: 0x4BCED166 (Wed Apr 21 10:20:22 2010)
machinetype......: 0x14C (Intel I386)
[[ 9 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x246B9, 0x0, 0.0, d41d8cd98f00b204e9800998ecf8427e
.rdata, 0x26000, 0x799F, 0x0, 0.0, d41d8cd98f00b204e9800998ecf8427e
.data, 0x2E000, 0x4384, 0x0, 0.0, d41d8cd98f00b204e9800998ecf8427e
.tls, 0x33000, 0x2, 0x200, 0.0, bf619eac0cdf3f68d496ea9344137e8b
.rsrc, 0x34000, 0x2A338, 0x400, 3.01, c855a59c962adfa1ea24c79916c4b1d4
.vmp0, 0x5F000, 0x373E, 0x0, 0.0, d41d8cd98f00b204e9800998ecf8427e
.vmp1, 0x63000, 0x8C7AC, 0x0, 0.0, d41d8cd98f00b204e9800998ecf8427e
.vmp2, 0xF0000, 0xBA2C0, 0xBA400, 7.91, 5d469bc21983c9f30dde7e7816e4bd76
.reloc, 0x1AB000, 0xF0, 0x200, 2.55, 5bc4b8dc6a105091ede5cc45e3910ff2
[[ 2 import(s) ]]
kernel32.dll: RtlUnwind, GetModuleHandleA, LoadLibraryA, LocalAlloc, LocalFree, GetModuleFileNameA, ExitProcess
wsock32.dll: -
[[ 69 export(s) ]]
__0OrbitSession@orbitdll@mg@@QAE@PBDG@Z, __0OrbitSession@orbitdll@mg@@QAE@XZ, __0Proxy@orbitdll@mg@@QAE@PAVIFileCallback@12@@Z, __1OrbitSession@orbitdll@mg@@QAE@XZ, __1Proxy@orbitdll@mg@@QAE@XZ, ___FProxy@orbitdll@mg@@QAEXXZ, _ClaimCdKey@OrbitSession@orbitdll@mg@@QAEXIPAVIClaimCdKeyListener@23@PADI@Z, _Close@SavegameReader@orbitdll@mg@@QAEXXZ, _Close@SavegameWriter@orbitdll@mg@@QAEX_N@Z, _CreateAccount@OrbitSession@orbitdll@mg@@QAEXIPAVICreateAccountListener@23@PAD1PAG11EEG_N3@Z, _GetGeoIpCountry@OrbitSession@orbitdll@mg@@QAEXIPAVIGetGeoIpCountryListener@23@@Z, _GetLocText@OrbitSession@orbitdll@mg@@QAEPBGPBGPBD@Z, _GetLoginDetails@OrbitSession@orbitdll@mg@@QAEXIPAVIGetLoginDetailsListener@23@@Z, _GetName@SavegameInfo@orbitdll@mg@@QAEPBGXZ, _GetNetworkTraffic@OrbitSession@orbitdll@mg@@QAEXIPAVIGetNetworkTrafficListener@23@@Z, _GetOrbitServer@OrbitSession@orbitdll@mg@@QAEXIPAVIGetOrbitServerListener@23@II@Z, _GetProductId@SavegameInfo@orbitdll@mg@@QAEIXZ, _GetProxyIfNeeded@Proxy@orbitdll@mg@@QAE_NPBDGAAV_$StaticString@$0BAAA@@common@3@@Z, _GetRequestUniqueId@OrbitSession@orbitdll@mg@@QAEIXZ, _GetSavegameId@SavegameInfo@orbitdll@mg@@QAEIXZ, _GetSavegameList@OrbitSession@orbitdll@mg@@QAEXIPAVIGetSavegameListListener@23@I@Z, _GetSavegameReader@OrbitSession@orbitdll@mg@@QAEXIPAVIGetSavegameReaderListener@23@II@Z, _GetSavegameWriter@OrbitSession@orbitdll@mg@@QAEXIPAVIGetSavegameWriterListener@23@II_N@Z, _GetSize@SavegameInfo@orbitdll@mg@@QAEIXZ, _GetTos@OrbitSession@orbitdll@mg@@QAEXIPAVIGetTosListener@23@PBD1@Z, _IsSavegamesInSync@Proxy@orbitdll@mg@@QAE_NXZ, _IsVersionBanned@OrbitSession@orbitdll@mg@@QAEXIPAVIIsVersionBannedListener@23@II@Z, _LogIn@OrbitSession@orbitdll@mg@@QAEXIPAVILogInListener@23@PADPAG@Z, _LogOut@OrbitSession@orbitdll@mg@@QAEXIPAVILogOutListener@23@@Z, _OwnsProduct@OrbitSession@orbitdll@mg@@QAEXIPAVIOwnsProductListener@23@I@Z, _Read@SavegameReader@orbitdll@mg@@QAEXIPAVISavegameReadListener@23@IPAXI@Z, _RemoveSavegame@OrbitSession@orbitdll@mg@@QAEXIPAVIRemoveSavegameListener@23@II@Z, _SetCookie@Proxy@orbitdll@mg@@QAEXI@Z, _SetName@SavegameWriter@orbitdll@mg@@QAE_NPAG@Z, _SetSavegameSyncCallback@Proxy@orbitdll@mg@@QAEXPAVISavegameSyncCallback@23@@Z, _SetStaticProxy@Proxy@orbitdll@mg@@QAEXPBD@Z, _SetUseOnlineSave@Proxy@orbitdll@mg@@QAEX_N@Z, _Start@Proxy@orbitdll@mg@@QAE_NXZ, _StartLauncher@OrbitSession@orbitdll@mg@@QAE_NIIPBD0@Z, _StartProcessingSavegameSyncTasks@Proxy@orbitdll@mg@@QAEXXZ, _StartSavegameSync@Proxy@orbitdll@mg@@QAEXW4TestMode@SavegameStorage@23@PAVITestStatusCallback@523@@Z, _StopSavegameSync@Proxy@orbitdll@mg@@QAEXXZ, _Update@OrbitSession@orbitdll@mg@@QAEXXZ, _ValidateLauncherCookie@OrbitSession@orbitdll@mg@@QAEXIPAVIValidateLauncherCookieListener@23@I@Z, _ValidateUsername@OrbitSession@orbitdll@mg@@QAEXIPAVIValidateUsernameListener@23@PAD@Z, _Write@SavegameWriter@orbitdll@mg@@QAEXIPAVISavegameWriteListener@23@PAXI@Z, MgOrbitdllGetFakeSession, MgOrbitdllGetLocText, MgOrbitdllGetLoginDetails, MgOrbitdllGetNetworkTraffic, MgOrbitdllGetOrbitServer, MgOrbitdllGetRequestUniqueId, MgOrbitdllGetSavegameList, MgOrbitdllGetSavegameReader, MgOrbitdllGetSavegameWriter, MgOrbitdllGetSession, MgOrbitdllRemoveSavegame, MgOrbitdllSaveGameInfoGetName, MgOrbitdllSaveGameInfoGetProductId, MgOrbitdllSaveGameInfoGetSavegameId, MgOrbitdllSaveGameInfoGetSize, MgOrbitdllSaveGameReaderClose, MgOrbitdllSaveGameReaderRead, MgOrbitdllSaveGameWriterClose, MgOrbitdllSaveGameWriterSetName, MgOrbitdllSaveGameWriterWrite, MgOrbitdllStartLauncher, MgOrbitdllUpdate, jK_1cuw___x_Qx_m4S_rDPOr3E__k__G_tXKbh___bv_Soy__Y$7Q_U___UVo_t____q_.__ehbwjeA__ytDlC__zXD_4__H7_ nggvr_S5_ _BA_3__2.e__xE 1jki2B_Oh_yZ___D_JFG_v__8___GUU._a__7___5L3_k_GcY@sAed_9VNDFX_GiWW_rX_nGk0g_No_8U5_Xnt_J___w_321rr_yQDj_h__c_Cy__l_FK___B_VPuLUl.2lh_92_r_E_bG_Dk_Nq_RNFi_noS_jEf___s_8_J9H_RQ_.j_TM0qOn_L9_pr__qFiMk_J_G__Z__SE_S_ MuQu._N_Y___4_amD_b899_sZBobYzPy_@P_eJFaomoR_L1__Rh_b0K__vU__Je6huIK__Iti_I_3p_XYMBY___123hvS_f$_sQ_Hch__b_ _z____Ck___VD_xM_rmi_D_Te_Z_U__cE_lfGw85f7A_n_L ___ojwbjpN1__Cb yX_8_x9V$_0_zd_JoLH__X_1U_tjj ww__u8I__wmT_____X _fwq_N usn__.07I_j___Xu4V5_Mnq_H___x___3___SWg___h___mtwyFjDu_I.w_sfrR_Tv_uL_G__b_s5ZynDD_ZAy__zl_@_$____tY_i$_X_pFB_I_6__XDl_U__Y___9uG__c__F_jjM___$8l2_Fsp_r_u_J_R_._tDuLbxD29mHcXdM_G7P_p_iXAaLM__N9k__q__QSQ$y6s_ Bd_aI____pGW_S8_jVS_m__Uh9nwh@OxHGi_fH__cdMBUS7y_4SpP$sB__GQ__._q09Ib_g_RzM$__Pv_xzel__pxqcfRPEo7__cM9x_S_q_kgJHSTyXpKUA_Ksdqt_Y_k_mpW__t_d9_e49A__N1tj_VyfL__@J_dc_A_pGo_eTD9_V__SNUg__y__w_yU__t__5_S_v2ha9_d0Gj__fl__n__a2o__t_n_.VJ_6O_Q_L7_YF_Q@_6b_E063PM3___DV_Dk_XF3_LUQc__Z_f1U_Gs__Zl6_j_tJ_A@____1OVt_6fEE__9AjjB_qr__05_KHfsPwcoG__gLM$___LRo__yrj_._iAsBz___E__$U_wj__hN_bxAt__$_BKIJA____73Cs_VV_PdWj__NW_A_
Prevx Info:
http://info.prevx.com/aboutprogramtext. ... 007DC46092
Symantec reputation:Suspicious.Insight
VT Community
0
This file has never been reviewed by any VT Community member. Be the first one to comment on it!
VirusTotal Team
Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?
You can add basic styles to your comments using the following accepted bbcode tags:
text -- bold
text -- italics
text -- underline
[s]text[/s] -- strikethrough - preformatted text
You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for.
Goodware
Malware
Spam attachment/link
P2P download
Propagating via IM
Network worm
Drive-by-download
Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review.
Preview comment Edit comment
Post comment
Posting comment...
Comment successfully posted
ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
VirusTotal © Hispasec Sistemas - Blog - Twitter - Contact: info@virustotal.com - Terms of Service & Privacy Policy
ubiorbitapi_r2.dll
Submission date:
2010-08-23 02:28:37 (UTC)
Current status:
finished
Result:
9 /42 (21.4%)
VT Community
not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2010.08.22.00 2010.08.21 -
AntiVir 8.2.4.38 2010.08.23 TR/Black.Gen2
Antiy-AVL 2.0.3.7 2010.08.23 -
Authentium 5.2.0.5 2010.08.22 -
Avast 4.8.1351.0 2010.08.22 -
Avast5 5.0.332.0 2010.08.22 -
AVG 9.0.0.851 2010.08.22 -
BitDefender 7.2 2010.08.23 -
CAT-QuickHeal 11.00 2010.08.21 -
ClamAV 0.96.2.0-git 2010.08.23 -
Comodo 5825 2010.08.23 -
DrWeb 5.0.2.03300 2010.08.23 -
Emsisoft 5.0.0.37 2010.08.23 possible-Threat.Patch.AssassinsCreed!IK
eSafe 7.0.17.0 2010.08.22 -
eTrust-Vet 36.1.7804 2010.08.21 -
F-Prot 4.6.1.107 2010.08.22 -
F-Secure 9.0.15370.0 2010.08.23 -
Fortinet 4.1.143.0 2010.08.22 -
GData 21 2010.08.23 -
Ikarus T3.1.1.88.0 2010.08.23 possible-Threat.Patch.AssassinsCreed
Jiangmin 13.0.900 2010.08.23 -
Kaspersky 7.0.0.125 2010.08.23 -
McAfee 5.400.0.1158 2010.08.23 Artemis!FE74570ED00E
McAfee-GW-Edition 2010.1B 2010.08.23 Artemis!FE74570ED00E
Microsoft 1.6103 2010.08.22 -
NOD32 5386 2010.08.22 a variant of Win32/Packed.VMProtect.AAA
Norman 6.05.11 2010.08.22 -
nProtect 2010-08-22.01 2010.08.22 -
Panda 10.0.2.7 2010.08.22 -
PCTools 7.0.3.5 2010.08.23 -
Prevx 3.0 2010.08.23 -
Rising 22.61.06.04 2010.08.22 Trojan.Win32.Generic.520871DE
Sophos 4.56.0 2010.08.22 Mal/Behav-363
Sunbelt 6777 2010.08.23 -
SUPERAntiSpyware 4.40.0.1006 2010.08.23 -
Symantec 20101.1.1.7 2010.08.23 -
TheHacker 6.5.2.1.353 2010.08.22 -
TrendMicro 9.120.0.1004 2010.08.22 -
TrendMicro-HouseCall 9.120.0.1004 2010.08.23 -
VBA32 3.12.14.0 2010.08.20 -
ViRobot 2010.8.18.3995 2010.08.22 -
VirusBuster 5.0.27.0 2010.08.22 Trojan.Packed.AEP
Additional information
Show all
MD5 : fe74570ed00e733bedb15257e3f95533
SHA1 : acadf2b82aecdedb4d590808eeb01d436999e91e
SHA256: b73846e6f1e2515ae3b89fd0412064af7ef95fffa892e0d57cd34b717c4369d7
ssdeep: 12288:8Sce1WHJWtkv7+ySuNVBaygbxwGpSNOI4krBi0W6DPa94MS9cNGvvOTqR4ND4:8S712JW
t5yjNVAeNO0WK6FPTa
File size : 765952 bytes
First seen: 2010-04-21 18:28:35
Last seen : 2010-08-23 02:28:37
Magic: PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit
TrID:
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEiD: -
packers (Kaspersky): PE_Patch, PE_Patch
PEInfo: PE structure information
[[ basic data ]]
entrypointaddress: 0x18FEAD
timedatestamp....: 0x4BCED166 (Wed Apr 21 10:20:22 2010)
machinetype......: 0x14C (Intel I386)
[[ 9 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x246B9, 0x0, 0.0, d41d8cd98f00b204e9800998ecf8427e
.rdata, 0x26000, 0x799F, 0x0, 0.0, d41d8cd98f00b204e9800998ecf8427e
.data, 0x2E000, 0x4384, 0x0, 0.0, d41d8cd98f00b204e9800998ecf8427e
.tls, 0x33000, 0x2, 0x200, 0.0, bf619eac0cdf3f68d496ea9344137e8b
.rsrc, 0x34000, 0x2A338, 0x400, 3.01, c855a59c962adfa1ea24c79916c4b1d4
.vmp0, 0x5F000, 0x373E, 0x0, 0.0, d41d8cd98f00b204e9800998ecf8427e
.vmp1, 0x63000, 0x8C7AC, 0x0, 0.0, d41d8cd98f00b204e9800998ecf8427e
.vmp2, 0xF0000, 0xBA2C0, 0xBA400, 7.91, 5d469bc21983c9f30dde7e7816e4bd76
.reloc, 0x1AB000, 0xF0, 0x200, 2.55, 5bc4b8dc6a105091ede5cc45e3910ff2
[[ 2 import(s) ]]
kernel32.dll: RtlUnwind, GetModuleHandleA, LoadLibraryA, LocalAlloc, LocalFree, GetModuleFileNameA, ExitProcess
wsock32.dll: -
[[ 69 export(s) ]]
__0OrbitSession@orbitdll@mg@@QAE@PBDG@Z, __0OrbitSession@orbitdll@mg@@QAE@XZ, __0Proxy@orbitdll@mg@@QAE@PAVIFileCallback@12@@Z, __1OrbitSession@orbitdll@mg@@QAE@XZ, __1Proxy@orbitdll@mg@@QAE@XZ, ___FProxy@orbitdll@mg@@QAEXXZ, _ClaimCdKey@OrbitSession@orbitdll@mg@@QAEXIPAVIClaimCdKeyListener@23@PADI@Z, _Close@SavegameReader@orbitdll@mg@@QAEXXZ, _Close@SavegameWriter@orbitdll@mg@@QAEX_N@Z, _CreateAccount@OrbitSession@orbitdll@mg@@QAEXIPAVICreateAccountListener@23@PAD1PAG11EEG_N3@Z, _GetGeoIpCountry@OrbitSession@orbitdll@mg@@QAEXIPAVIGetGeoIpCountryListener@23@@Z, _GetLocText@OrbitSession@orbitdll@mg@@QAEPBGPBGPBD@Z, _GetLoginDetails@OrbitSession@orbitdll@mg@@QAEXIPAVIGetLoginDetailsListener@23@@Z, _GetName@SavegameInfo@orbitdll@mg@@QAEPBGXZ, _GetNetworkTraffic@OrbitSession@orbitdll@mg@@QAEXIPAVIGetNetworkTrafficListener@23@@Z, _GetOrbitServer@OrbitSession@orbitdll@mg@@QAEXIPAVIGetOrbitServerListener@23@II@Z, _GetProductId@SavegameInfo@orbitdll@mg@@QAEIXZ, _GetProxyIfNeeded@Proxy@orbitdll@mg@@QAE_NPBDGAAV_$StaticString@$0BAAA@@common@3@@Z, _GetRequestUniqueId@OrbitSession@orbitdll@mg@@QAEIXZ, _GetSavegameId@SavegameInfo@orbitdll@mg@@QAEIXZ, _GetSavegameList@OrbitSession@orbitdll@mg@@QAEXIPAVIGetSavegameListListener@23@I@Z, _GetSavegameReader@OrbitSession@orbitdll@mg@@QAEXIPAVIGetSavegameReaderListener@23@II@Z, _GetSavegameWriter@OrbitSession@orbitdll@mg@@QAEXIPAVIGetSavegameWriterListener@23@II_N@Z, _GetSize@SavegameInfo@orbitdll@mg@@QAEIXZ, _GetTos@OrbitSession@orbitdll@mg@@QAEXIPAVIGetTosListener@23@PBD1@Z, _IsSavegamesInSync@Proxy@orbitdll@mg@@QAE_NXZ, _IsVersionBanned@OrbitSession@orbitdll@mg@@QAEXIPAVIIsVersionBannedListener@23@II@Z, _LogIn@OrbitSession@orbitdll@mg@@QAEXIPAVILogInListener@23@PADPAG@Z, _LogOut@OrbitSession@orbitdll@mg@@QAEXIPAVILogOutListener@23@@Z, _OwnsProduct@OrbitSession@orbitdll@mg@@QAEXIPAVIOwnsProductListener@23@I@Z, _Read@SavegameReader@orbitdll@mg@@QAEXIPAVISavegameReadListener@23@IPAXI@Z, _RemoveSavegame@OrbitSession@orbitdll@mg@@QAEXIPAVIRemoveSavegameListener@23@II@Z, _SetCookie@Proxy@orbitdll@mg@@QAEXI@Z, _SetName@SavegameWriter@orbitdll@mg@@QAE_NPAG@Z, _SetSavegameSyncCallback@Proxy@orbitdll@mg@@QAEXPAVISavegameSyncCallback@23@@Z, _SetStaticProxy@Proxy@orbitdll@mg@@QAEXPBD@Z, _SetUseOnlineSave@Proxy@orbitdll@mg@@QAEX_N@Z, _Start@Proxy@orbitdll@mg@@QAE_NXZ, _StartLauncher@OrbitSession@orbitdll@mg@@QAE_NIIPBD0@Z, _StartProcessingSavegameSyncTasks@Proxy@orbitdll@mg@@QAEXXZ, _StartSavegameSync@Proxy@orbitdll@mg@@QAEXW4TestMode@SavegameStorage@23@PAVITestStatusCallback@523@@Z, _StopSavegameSync@Proxy@orbitdll@mg@@QAEXXZ, _Update@OrbitSession@orbitdll@mg@@QAEXXZ, _ValidateLauncherCookie@OrbitSession@orbitdll@mg@@QAEXIPAVIValidateLauncherCookieListener@23@I@Z, _ValidateUsername@OrbitSession@orbitdll@mg@@QAEXIPAVIValidateUsernameListener@23@PAD@Z, _Write@SavegameWriter@orbitdll@mg@@QAEXIPAVISavegameWriteListener@23@PAXI@Z, MgOrbitdllGetFakeSession, MgOrbitdllGetLocText, MgOrbitdllGetLoginDetails, MgOrbitdllGetNetworkTraffic, MgOrbitdllGetOrbitServer, MgOrbitdllGetRequestUniqueId, MgOrbitdllGetSavegameList, MgOrbitdllGetSavegameReader, MgOrbitdllGetSavegameWriter, MgOrbitdllGetSession, MgOrbitdllRemoveSavegame, MgOrbitdllSaveGameInfoGetName, MgOrbitdllSaveGameInfoGetProductId, MgOrbitdllSaveGameInfoGetSavegameId, MgOrbitdllSaveGameInfoGetSize, MgOrbitdllSaveGameReaderClose, MgOrbitdllSaveGameReaderRead, MgOrbitdllSaveGameWriterClose, MgOrbitdllSaveGameWriterSetName, MgOrbitdllSaveGameWriterWrite, MgOrbitdllStartLauncher, MgOrbitdllUpdate, jK_1cuw___x_Qx_m4S_rDPOr3E__k__G_tXKbh___bv_Soy__Y$7Q_U___UVo_t____q_.__ehbwjeA__ytDlC__zXD_4__H7_ nggvr_S5_ _BA_3__2.e__xE 1jki2B_Oh_yZ___D_JFG_v__8___GUU._a__7___5L3_k_GcY@sAed_9VNDFX_GiWW_rX_nGk0g_No_8U5_Xnt_J___w_321rr_yQDj_h__c_Cy__l_FK___B_VPuLUl.2lh_92_r_E_bG_Dk_Nq_RNFi_noS_jEf___s_8_J9H_RQ_.j_TM0qOn_L9_pr__qFiMk_J_G__Z__SE_S_ MuQu._N_Y___4_amD_b899_sZBobYzPy_@P_eJFaomoR_L1__Rh_b0K__vU__Je6huIK__Iti_I_3p_XYMBY___123hvS_f$_sQ_Hch__b_ _z____Ck___VD_xM_rmi_D_Te_Z_U__cE_lfGw85f7A_n_L ___ojwbjpN1__Cb yX_8_x9V$_0_zd_JoLH__X_1U_tjj ww__u8I__wmT_____X _fwq_N usn__.07I_j___Xu4V5_Mnq_H___x___3___SWg___h___mtwyFjDu_I.w_sfrR_Tv_uL_G__b_s5ZynDD_ZAy__zl_@_$____tY_i$_X_pFB_I_6__XDl_U__Y___9uG__c__F_jjM___$8l2_Fsp_r_u_J_R_._tDuLbxD29mHcXdM_G7P_p_iXAaLM__N9k__q__QSQ$y6s_ Bd_aI____pGW_S8_jVS_m__Uh9nwh@OxHGi_fH__cdMBUS7y_4SpP$sB__GQ__._q09Ib_g_RzM$__Pv_xzel__pxqcfRPEo7__cM9x_S_q_kgJHSTyXpKUA_Ksdqt_Y_k_mpW__t_d9_e49A__N1tj_VyfL__@J_dc_A_pGo_eTD9_V__SNUg__y__w_yU__t__5_S_v2ha9_d0Gj__fl__n__a2o__t_n_.VJ_6O_Q_L7_YF_Q@_6b_E063PM3___DV_Dk_XF3_LUQc__Z_f1U_Gs__Zl6_j_tJ_A@____1OVt_6fEE__9AjjB_qr__05_KHfsPwcoG__gLM$___LRo__yrj_._iAsBz___E__$U_wj__hN_bxAt__$_BKIJA____73Cs_VV_PdWj__NW_A_
Prevx Info:
http://info.prevx.com/aboutprogramtext. ... 007DC46092
Symantec reputation:Suspicious.Insight
VT Community
0
This file has never been reviewed by any VT Community member. Be the first one to comment on it!
VirusTotal Team
Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?
You can add basic styles to your comments using the following accepted bbcode tags:
text -- bold
text -- italics
text -- underline
[s]text[/s] -- strikethrough
Kód: Vybrat vše
textYou can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for.
Goodware
Malware
Spam attachment/link
P2P download
Propagating via IM
Network worm
Drive-by-download
Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review.
Preview comment Edit comment
Post comment
Posting comment...
Comment successfully posted
ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
VirusTotal © Hispasec Sistemas - Blog - Twitter - Contact: info@virustotal.com - Terms of Service & Privacy Policy
Re: Prosím o kontrolu.
Takze ten nalez MBAM smazte...
Ani snad nebudu patrat jestli mate NIS legalne zakoupeny
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy
Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič
Jinak log OK 
Ani snad nebudu patrat jestli mate NIS legalne zakoupeny Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaruPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Jinak log OK "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?