Prosím o kontrolu logu

Zpráva

hcyruh · #1 Příspěvek od **hcyruh** » 26 led 2010 11:31

Dobrý den, prosím o kontrolu logu. Počítač pomalu startuje a pracuje rovněž velmi pomalu. Děkuji

Logfile of random's system information tool 1.06 (written by random/random)
Run by Václav Hurych at 2010-01-26 11:17:15
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 8 GB (28%) free of 30 GB
Total RAM: 223 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:19:17, on 26.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ConMet\CMService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\ConMet\ConMet.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\OKsoftware\Svátky a výročí\Vyroci.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZSTW10.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZSTW10.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZSTC10.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZSTW10.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZSTW10.exe
D:\Documents and Settings\Václav Hurych\Dokumenty\Stažené soubory\RSIT.exe
D:\Documents and Settings\Václav Hurych\Dokumenty\Stažené soubory\Václav Hurych.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60347
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tiscali.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=rychle.tiscali.cz:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;;*.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: XBTP06568 - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [ConMet] C:\Program Files\ConMet\ConMet.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Svátky a výročí] C:\Program Files\OKsoftware\Svátky a výročí\Vyroci.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: []
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.cz
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{31E89C2E-3FF2-48F1-AB6E-1A999325C94D}: NameServer = 192.168.51.250,192.168.51.252
O17 - HKLM\System\CS1\Services\Tcpip\..\{31E89C2E-3FF2-48F1-AB6E-1A999325C94D}: NameServer = 192.168.51.250,192.168.51.252
O17 - HKLM\System\CS2\Services\Tcpip\..\{31E89C2E-3FF2-48F1-AB6E-1A999325C94D}: NameServer = 192.168.51.250,192.168.51.252
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Connection Meter Service (CMService) - Mgr. Tomas Papousek - C:\Program Files\ConMet\CMService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 8130 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\1-Click Maintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2005-12-07 399424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6}]
XBTP06568 Class - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll [2006-08-15 872448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2010-01-26 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-06-14 1004800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-19 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-19 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2005-12-07 399424]
{3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - AOL Security Toolbar - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll [2006-08-15 872448]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-06-14 1004800]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"ConMet"=C:\Program Files\ConMet\ConMet.exe [2010-01-13 3902464]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2010-01-26 2043160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
""=1 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Svátky a výročí"=C:\Program Files\OKsoftware\Svátky a výročí\Vyroci.exe [2004-12-12 960512]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-01-22 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStatusMessages"=0
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
"NoInstrumentation"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\NeroExpress\Installation\Setupx.exe"="E:\NeroExpress\Installation\Setupx.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45747784-d55b-11db-8ff5-825945cb9441}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - Recycled\ctfmon.exe

======List of files/folders created in the last 1 months======

2010-01-26 11:17:15 ----D---- C:\rsit
2010-01-26 10:17:56 ----D---- C:\Qoobox
2010-01-24 18:36:07 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-22 23:20:03 ----HD---- C:\WINDOWS\$NtUninstallKB978207$
2010-01-22 21:33:34 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2010-01-22 21:32:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
2010-01-22 20:45:01 ----D---- C:\Program Files\Grisoft
2010-01-19 17:44:08 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-01-19 17:44:04 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2010-01-19 17:40:46 ----D---- C:\Program Files\TuneUp Utilities 2008
2010-01-18 18:22:18 ----A---- C:\WINDOWS\system32\sstunst2.exe
2010-01-18 10:53:50 ----SHD---- C:\FOUND.011
2010-01-13 22:42:40 ----HD---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 22:42:17 ----HD---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-08 19:15:19 ----A---- C:\WINDOWS\Intelli HyperSpeed 2005 Uninstall Log.txt
2010-01-04 09:09:31 ----A---- C:\WINDOWS\system32\muweb.dll
2010-01-04 09:09:31 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-01-04 09:09:30 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-01-03 18:39:11 ----D---- C:\Program Files\Windows Live SkyDrive
2010-01-03 18:38:33 ----D---- C:\Program Files\Windows Live
2010-01-03 18:38:00 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-01-03 18:30:21 ----D---- C:\Program Files\Common Files\Windows Live
2009-12-29 17:25:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\HappyFoto
2009-12-29 17:24:31 ----D---- C:\Program Files\HappyFoto
2009-12-27 19:07:57 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-12-27 19:07:52 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-12-27 19:07:51 ----D---- C:\Program Files\Xvid
2009-12-27 19:07:23 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2009-12-27 19:07:21 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2009-12-27 19:07:20 ----A---- C:\WINDOWS\system32\pthreadGC2.dll
2009-12-27 19:07:18 ----D---- C:\Program Files\ffdshow
2009-12-27 19:05:59 ----D---- C:\Program Files\AviSynth 2.5
2009-12-27 19:03:44 ----D---- C:\Program Files\Avi2Dvd

======List of files/folders modified in the last 1 months======

2010-01-25 12:02:22 ----A---- C:\WINDOWS\wincmd.ini
2010-01-24 21:01:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-18 11:16:30 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-13 22:42:48 ----A---- C:\WINDOWS\imsins.BAK
2010-01-10 13:34:06 ----A---- C:\WINDOWS\win.ini
2010-01-09 19:42:24 ----A---- C:\fftrlog.txt
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-02 15:33:28 ----A---- C:\WINDOWS\ModemLog_PCI SoftV92 Modem.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-01-22 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-01-22 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-01-22 108552]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2004-09-02 12928]
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-08-23 821760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-09-29 1036928]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2004-09-29 219136]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-20 21248]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2004-09-03 229888]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2002-07-10 32256]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-09-29 702592]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\SophosMEMSWEEP.SYS []
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys []
S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2010-01-26 297752]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CMService;Connection Meter Service; C:\Program Files\ConMet\CMService.exe [2009-11-10 71680]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-19 152984]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-06-20 68096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-09 194032]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-01-19 355584]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

#2 Příspěvek od **motji** » 26 led 2010 11:44

Hezké poledne

Vy jste dnes spouštěl combofix? Poprosím o log z něj.
A přečtěte si varování v mém podpise.

hcyruh · #3 Příspěvek od **hcyruh** » 26 led 2010 13:06

Dobrý den, omlouvám se ale COMBOFIX jsem pouze omylem stáhnul ale neotevřel, na základě varování, které se po stažení objevilo. Nevím tedy jak log z COMBOFIXU vygenerovat.

#4 Příspěvek od **motji** » 26 led 2010 17:11

Pokud jste ho nespustil, tak ho z něj nedostanete

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, skopírujte celý jeho obsah sem

hcyruh · #5 Příspěvek od **hcyruh** » 27 led 2010 09:40

Dobrý den,
omlouvám se ale vůbec mě to nejde. Stahnu ComboFix z uvedené adresy, v okně dám uložit. Otevře se mě varovací okno. Zavřu všechna aktivní okna, ve správci úloh vypnu AVG a počítač se zasekne. Opakoval jsem to a znovu. Nevím co dělám špatně. Děkuji.

#6 Příspěvek od **motji** » 27 led 2010 12:07

Nevadí, uděláme to jinak

.

Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

Stahněte TFC a použijte
TFC (http://oldtimer.geekstogo.com/TFC.exe)

Spusťte Otl,
-všechno odoznačte - nebo dejte na none.
- nastavte file created a file modified... na File age.
- do bílého pole zkopirujte tento skript:

Kód: Vybrat vše

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
ndis.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
/md5stop
c:\windows\*.* /JN
c:\windows\*.* /HL
c:\windows\*.* /RP

-klikněte na run scan
-objeví se log, zkopírujte ho zde

Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.

hcyruh · #7 Příspěvek od **hcyruh** » 27 led 2010 16:26

Dobrý den,
asi si řeknete, co je to za pitomce, ale jsem už z toho bezradný. Když jsem ComboFix chtěl odinstalovat, podle vašeho návodu, píše mě to stále "systém W nemůže nalést ComboFix. Když jsem prohledal PC našel jsem ho ve složce Documents and Settings/Stažené soubory (vůbec nevím, kde se ta složka vzala, já jsem žádnou takovou nezaložil). Při zadání celé cesty do okénka Spustit mě to stále píše to samé, že systém W nemůže ComboFix nalést. Když soubor pouze odstraním, tak si asi moc nepomůže. Co mi poradíte? Děkuji.

#8 Příspěvek od **motji** » 27 led 2010 17:51

To je v pořádku, použijte T-cleaner, ten ho odstraní

hcyruh · #9 Příspěvek od **hcyruh** » 27 led 2010 20:06

Dobrý večer,
udělal jsem všechno až po Stahněte TFC a použijte. Dalším úkolem bylo Spusťte Otl - a jsem v koncích. Nevím co mám dělat. Říkal jsem, že máte co do činění s pitomcem. Omlouvám se. Děkuji za další radu.

#10 Příspěvek od **motji** » 27 led 2010 20:52

Omlouvám se, chyba je u mě

, nedala jsem tam link na stažení.
A když něco nevíte, klidně se zeptejte, od toho jsem tu

.

ten link je zde

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

hcyruh · #11 Příspěvek od **hcyruh** » 29 led 2010 11:25

Dobrý den,
omlouvám, ale včera jsem se k tomu kvůli sněhové kalamitě vůbec nedostal.Posílam log z Otl
a z GMERu. Snad jsem to udělal dobře. Dělal jsem to dle návodu. Log mě ale nešel vložit do toho vašeho textu a tam jsem to udělal takto. Děkuji za trpělivost se mnou.

OTL logfile created on: 29.1.2010 10:18:00 - Run 2
OTL by OldTimer - Version 3.1.27.0 Folder = D:\Documents and Settings\Václav Hurych\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

223,00 Mb Total Physical Memory | 64,00 Mb Available Physical Memory | 29,00% Memory free
881,00 Mb Paging File | 462,00 Mb Available in Paging File | 52,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0D:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 8,63 Gb Free Space | 29,48% Space Free | Partition Type: FAT32
Drive D: | 45,22 Gb Total Space | 26,03 Gb Free Space | 57,58% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LABU-Q9JA55981T
Current User Name: Václav Hurych
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Files/Folders - Created Within 30 Days ==========

[2010.01.24 18:39:05 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.01.24 18:38:53 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.01.24 18:36:07 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.01.22 22:03:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Václav Hurych\Local Settings\Data aplikací\AVG Security Toolbar
[2010.01.22 21:33:34 | 00,011,952 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010.01.22 21:33:33 | 00,108,552 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010.01.22 21:33:19 | 00,335,240 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010.01.22 21:33:16 | 00,027,784 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010.01.22 21:33:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010.01.22 21:32:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2010.01.22 20:45:01 | 00,000,000 | ---D | C] -- C:\Program Files\Grisoft
[2010.01.19 17:44:08 | 00,028,416 | ---- | C] (TuneUp Software GmbH) -- C:\WINDOWS\System32\uxtuneup.dll
[2010.01.19 17:44:04 | 00,355,584 | ---- | C] (TuneUp Software GmbH) -- C:\WINDOWS\System32\TuneUpDefragService.exe
[2010.01.19 17:40:46 | 00,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2008
[2010.01.18 18:22:18 | 00,029,184 | ---- | C] (Stardust Software) -- C:\WINDOWS\System32\sstunst2.exe
[2010.01.18 18:22:14 | 00,400,896 | ---- | C] (Stardust Software) -- C:\WINDOWS\System32\Baby Animals.scr
[2010.01.18 10:53:50 | 00,000,000 | -HSD | C] -- C:\FOUND.011
[2010.01.13 14:27:55 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010.01.08 19:11:09 | 00,000,000 | ---D | C] -- D:\Documents and Settings\Václav Hurych\Dokumenty\Můj Garmin
[2010.01.04 11:39:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Václav Hurych\Local Settings\Data aplikací\HF Designer 1.4
[2010.01.04 09:09:31 | 00,017,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010.01.04 09:09:30 | 00,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010.01.03 18:39:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft
[2010.01.03 18:39:11 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010.01.03 18:38:33 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010.01.03 18:38:00 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2010.01.03 18:30:21 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2009.12.09 19:00:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2009.12.09 18:55:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2009.11.20 10:07:59 | 00,017,408 | ---- | C] (Mgr. Tomas Papousek) -- C:\Program Files\CMTxt.dll
[2009.11.20 10:06:27 | 03,887,104 | ---- | C] (Mgr. Tomáš Papoušek) -- C:\Program Files\conmet_.exe
[2009.11.20 09:13:09 | 00,071,680 | ---- | C] (Mgr. Tomas Papousek) -- C:\Program Files\CMSvc_.exe
[2009.01.30 12:28:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2006.12.26 17:08:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\PCHealth
[2004.12.12 18:56:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2004.12.12 18:56:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2004.12.12 18:44:50 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2004.12.12 18:44:50 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft

========== Files - Modified Within 30 Days ==========

[2010.01.29 10:00:20 | 00,000,502 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010.01.29 08:38:18 | 00,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.01.29 08:36:24 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.01.29 08:36:14 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.01.28 19:15:06 | 08,912,896 | ---- | M] () -- C:\Documents and Settings\Václav Hurych\ntuser.dat
[2010.01.28 19:15:06 | 00,000,272 | -HS- | M] () -- C:\Documents and Settings\Václav Hurych\ntuser.ini
[2010.01.28 18:20:04 | 54,799,381 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.01.27 17:52:42 | 00,023,768 | ---- | M] () -- C:\Documents and Settings\Václav Hurych\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.01.25 12:02:22 | 00,001,039 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.01.24 18:40:04 | 00,000,605 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.01.24 15:40:42 | 08,912,896 | ---- | M] () -- C:\Documents and Settings\Václav Hurych\ntuser.dat_BAK_78638
[2010.01.22 23:20:42 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.01.22 21:54:20 | 00,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010.01.22 21:54:18 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010.01.22 21:54:16 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010.01.22 21:54:12 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010.01.22 21:54:10 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010.01.22 21:33:34 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010.01.22 21:33:06 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2010.01.21 14:02:20 | 00,024,064 | ---- | M] () -- D:\Documents and Settings\Václav Hurych\Dokumenty\Vážený pane profesore.doc
[2010.01.19 17:44:06 | 00,355,584 | ---- | M] (TuneUp Software GmbH) -- C:\WINDOWS\System32\TuneUpDefragService.exe
[2010.01.18 18:22:20 | 00,029,184 | ---- | M] (Stardust Software) -- C:\WINDOWS\System32\sstunst2.exe
[2010.01.18 18:22:16 | 00,657,282 | ---- | M] () -- C:\WINDOWS\System32\Baby Animals.msf
[2010.01.18 18:22:16 | 00,400,896 | ---- | M] (Stardust Software) -- C:\WINDOWS\System32\Baby Animals.scr
[2010.01.18 11:16:30 | 00,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.01.13 21:37:26 | 00,004,266 | ---- | M] () -- C:\Documents and Settings\Václav Hurych\.recently-used.xbel
[2010.01.11 19:03:32 | 00,026,624 | ---- | M] () -- D:\Documents and Settings\Václav Hurych\Dokumenty\DOMÁCÍ CHLÉB PODLE BABIČKY.doc
[2010.01.10 13:34:06 | 00,000,881 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.01.07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.01.07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.01.04 11:39:52 | 00,010,861 | ---- | M] () -- C:\Documents and Settings\Václav Hurych\Data aplikací\mdbu.bin
[2010.01.04 09:02:22 | 00,142,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.01.03 18:52:36 | 00,080,384 | ---- | M] () -- C:\Documents and Settings\Václav Hurych\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.03 18:42:20 | 00,023,768 | ---- | M] () -- C:\Documents and Settings\Václav Hurych\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2009.12.30 17:56:16 | 00,001,597 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Zoner Photo Studio 11.lnk

========== Files Created - No Company Name ==========

[2010.01.24 18:40:03 | 00,000,605 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.01.22 21:33:04 | 54,799,381 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.01.22 21:33:04 | 00,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010.01.22 21:33:04 | 00,142,495 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010.01.22 21:33:02 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2010.01.18 18:22:15 | 00,657,282 | ---- | C] () -- C:\WINDOWS\System32\Baby Animals.msf
[2010.01.16 19:56:18 | 00,024,064 | ---- | C] () -- D:\Documents and Settings\Václav Hurych\Dokumenty\Vážený pane profesore.doc
[2010.01.13 21:37:25 | 00,004,266 | ---- | C] () -- C:\Documents and Settings\Václav Hurych\.recently-used.xbel
[2010.01.05 10:39:36 | 00,026,624 | ---- | C] () -- D:\Documents and Settings\Václav Hurych\Dokumenty\DOMÁCÍ CHLÉB PODLE BABIČKY.doc
[2009.12.30 17:56:14 | 00,001,597 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Zoner Photo Studio 11.lnk
[2009.12.27 19:07:57 | 00,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.12.27 19:07:52 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.12.27 19:07:23 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.12.27 19:07:21 | 00,084,480 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.11.20 09:13:13 | 00,001,043 | ---- | C] () -- C:\Program Files\tipy.txt
[2009.11.20 09:13:12 | 01,257,980 | ---- | C] () -- C:\Program Files\oskarova.map
[2009.11.20 09:13:12 | 00,003,962 | ---- | C] () -- C:\Program Files\ConMet.hlp
[2009.11.20 09:13:10 | 00,303,673 | ---- | C] () -- C:\Program Files\ConMet.chm
[2009.11.20 09:13:09 | 00,017,920 | ---- | C] () -- C:\Program Files\CMUNST_.EXE
[2009.05.18 08:02:26 | 00,030,208 | ---- | C] () -- C:\WINDOWS\System32\WNASPI32.DLL
[2009.05.18 08:02:26 | 00,000,291 | ---- | C] () -- C:\WINDOWS\msfsetup.ini
[2009.05.18 07:49:56 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2009.03.24 09:04:42 | 00,010,861 | ---- | C] () -- C:\Documents and Settings\Václav Hurych\Data aplikací\mdbu.bin
[2009.03.20 19:50:48 | 00,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009.01.16 19:30:21 | 00,030,658 | ---- | C] () -- C:\WINDOWS\System32\DOSDRV.SYS
[2008.10.16 12:09:19 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2008.05.26 22:22:14 | 00,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 22:22:10 | 00,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 22:22:04 | 00,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008.04.11 10:12:22 | 00,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2008.03.26 09:57:10 | 00,000,043 | ---- | C] () -- C:\WINDOWS\hpfccopy.INI
[2008.03.25 16:10:13 | 00,000,942 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2008.03.25 14:50:48 | 00,000,133 | ---- | C] () -- C:\Documents and Settings\Václav Hurych\Local Settings\Data aplikací\fusioncache.dat
[2008.03.25 14:35:31 | 00,000,004 | ---- | C] () -- C:\WINDOWS\vzory.ini
[2007.02.15 10:21:26 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2006.11.05 10:40:49 | 00,204,857 | ---- | C] () -- C:\WINDOWS\System32\InstallHelp.dll
[2006.10.04 17:40:37 | 00,000,029 | ---- | C] () -- C:\WINDOWS\pslabeler3.ini
[2006.10.04 17:40:32 | 00,000,025 | ---- | C] () -- C:\WINDOWS\calcpslab3.ini
[2005.11.09 18:01:11 | 00,000,076 | ---- | C] () -- C:\WINDOWS\prsi.ini
[2005.08.01 16:40:33 | 00,000,163 | ---- | C] () -- C:\WINDOWS\fre.INI
[2005.07.05 15:19:49 | 00,000,678 | ---- | C] () -- C:\WINDOWS\ChaseHQ2EvoConfig.ini
[2005.07.02 14:20:48 | 00,000,020 | ---- | C] () -- C:\WINDOWS\level.ini
[2005.04.10 18:55:07 | 00,000,229 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2005.03.30 10:40:04 | 00,056,320 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2005.03.30 10:39:54 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005.02.11 16:03:20 | 00,000,459 | ---- | C] () -- C:\Documents and Settings\Václav Hurych\Data aplikací\enigmarc.lua
[2005.01.22 13:39:05 | 00,000,810 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2005.01.16 15:51:26 | 00,000,029 | ---- | C] () -- C:\WINDOWS\pslabeler.ini
[2004.12.25 11:52:31 | 00,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2004.12.25 11:52:26 | 00,080,384 | ---- | C] () -- C:\Documents and Settings\Václav Hurych\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004.12.25 11:06:44 | 00,000,439 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2004.12.16 18:58:51 | 00,000,441 | ---- | C] () -- C:\WINDOWS\Marias.ini
[2004.12.16 17:42:35 | 00,000,387 | ---- | C] () -- C:\WINDOWS\spidla.INI
[2004.12.12 19:35:36 | 00,001,039 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2004.12.12 19:23:57 | 00,000,504 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004.12.12 19:14:34 | 00,001,729 | ---- | C] () -- C:\WINDOWS\hpdj3740.ini
[2004.12.12 19:04:07 | 00,028,672 | R--- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2004.12.12 19:04:00 | 00,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2004.12.12 19:03:59 | 00,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2004.12.12 19:03:57 | 00,000,117 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2004.12.12 19:03:49 | 00,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2004.12.12 18:59:12 | 00,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[2004.10.19 14:52:21 | 00,000,027 | ---- | C] () -- C:\WINDOWS\calcpslab.ini
[2004.09.02 04:33:56 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\xfire_lsp_9028.dll

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Svátky a výročí" = C:\Program Files\OKsoftware\Svátky a výročí\Vyroci.exe -- [2004.12.12 22:58:04 | 00,960,512 | ---- | M] (Igor Gottwald - OKsoftware)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:18 | 00,015,360 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >

< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.01.13 11:24:40 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2009.01.13 11:24:40 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.01.13 11:24:40 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2009.01.13 11:24:40 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:42 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:42 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NDIS.SYS >
[2008.04.13 20:20:38 | 00,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:38 | 00,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 00,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtUninstallKB944043-v3_0$\netlogon.dll
[2008.05.05 13:09:28 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=760DDFE65DD4B0926D3661B31582F987 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.17 06:59:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=B3D65E8F4D9EC988FA17060F21AC445B -- C:\WINDOWS\$hf_mig$\KB944043-v3\SP3QFE\netlogon.dll
[2008.04.17 06:59:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=B3D65E8F4D9EC988FA17060F21AC445B -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.17 06:59:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=B3D65E8F4D9EC988FA17060F21AC445B -- C:\WINDOWS\system32\netlogon.dll
[2008.04.14 04:21:50 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\$NtUninstallKB944043-v3$\netlogon.dll
[2008.04.14 04:21:50 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 00,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 00,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 00,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< c:\windows\*.* /JN >
[2009.05.19 06:51:04 | 00,000,227 | ---- | M] () -- c:\WINDOWS\system.ini
[2010.01.10 13:34:06 | 00,000,881 | ---- | M] () -- c:\WINDOWS\win.ini
[2009.11.17 09:32:42 | 00,081,516 | ---- | M] () -- c:\WINDOWS\DPINST.LOG
[2001.10.25 11:00:00 | 00,000,707 | ---- | M] () -- c:\windows\_default.pif
[2001.10.25 11:00:00 | 00,000,080 | ---- | M] () -- c:\windows\explorer.scf
[2010.01.22 23:20:42 | 00,001,374 | ---- | M] () -- c:\WINDOWS\imsins.BAK
[2001.10.25 11:00:00 | 00,001,405 | ---- | M] () -- c:\WINDOWS\msdfmap.ini
[2001.10.25 11:00:00 | 00,094,784 | ---- | M] (Twain Working Group) -- c:\WINDOWS\twain.dll
[2010.01.29 09:24:52 | 00,268,045 | ---- | M] () -- c:\WINDOWS\setupapi.log
[2001.10.25 11:00:00 | 00,049,680 | ---- | M] (Twain Working Group) -- c:\WINDOWS\twunk_16.exe
[2001.10.25 11:00:00 | 00,025,600 | ---- | M] (Twain Working Group) -- c:\WINDOWS\twunk_32.exe
[2001.10.25 11:00:00 | 00,256,419 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\winhelp.exe
[1998.10.29 16:45:06 | 00,306,688 | ---- | M] (InstallShield Software Corporation) -- c:\WINDOWS\IsUninst.exe
[2001.10.25 11:00:00 | 00,036,582 | ---- | M] () -- c:\WINDOWS\wmprfCSY.prx
[2001.10.25 11:00:00 | 00,082,944 | ---- | M] () -- c:\WINDOWS\clock.avi
[2001.10.25 11:00:00 | 00,018,944 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\vmmreg32.dll
[2009.05.18 08:02:28 | 00,000,291 | ---- | M] () -- c:\WINDOWS\msfsetup.ini
[2010.01.25 11:50:58 | 00,005,417 | ---- | M] () -- c:\WINDOWS\setupact.log
[2008.11.08 19:41:04 | 00,054,156 | -H-- | M] () -- c:\WINDOWS\QTFont.qfn
[2010.01.18 11:16:30 | 00,000,202 | ---- | M] () -- c:\WINDOWS\NeroDigital.ini
[2009.06.30 21:08:18 | 00,001,763 | ---- | M] () -- c:\WINDOWS\ie8_main.log
[2009.07.15 22:47:04 | 00,014,107 | ---- | M] () -- c:\WINDOWS\KB961371.log
[2010.01.26 19:11:14 | 00,129,921 | ---- | M] () -- c:\WINDOWS\ocgen.log
[2010.01.26 19:11:14 | 00,042,661 | ---- | M] () -- c:\WINDOWS\iis6.log
[2010.01.26 19:11:12 | 00,006,790 | ---- | M] () -- c:\WINDOWS\FaxSetup.log
[2010.01.26 19:11:14 | 00,089,081 | ---- | M] () -- c:\WINDOWS\comsetup.log
[2010.01.26 19:11:14 | 00,103,002 | ---- | M] () -- c:\WINDOWS\tsoc.log
[2010.01.26 19:11:14 | 00,001,917 | ---- | M] () -- c:\WINDOWS\imsins.log
[2004.12.12 19:19:28 | 00,010,553 | ---- | M] () -- c:\WINDOWS\hpdj3740.bu2
[2001.10.25 11:00:00 | 00,015,360 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\TASKMAN.EXE
[2010.01.26 19:11:14 | 00,013,457 | ---- | M] () -- c:\WINDOWS\msgsocm.log
[2004.12.12 18:52:04 | 00,004,265 | ---- | M] () -- c:\WINDOWS\ODBCINST.INI
[2010.01.26 19:11:14 | 00,016,725 | ---- | M] () -- c:\WINDOWS\ocmsn.log
[2009.07.15 22:50:20 | 00,013,863 | ---- | M] () -- c:\WINDOWS\KB971633.log
[2009.07.15 22:50:26 | 00,007,574 | ---- | M] () -- c:\WINDOWS\KB973346.log
[2009.07.29 13:56:34 | 00,017,828 | ---- | M] () -- c:\WINDOWS\KB972260.log
[2004.12.12 19:19:28 | 00,189,626 | ---- | M] () -- c:\WINDOWS\hpdj3740.hi2
[2008.07.28 09:03:36 | 00,000,000 | ---- | M] () -- c:\WINDOWS\nsreg.dat
[2010.01.22 23:20:24 | 00,012,721 | ---- | M] () -- c:\WINDOWS\updspapi.log
[2004.12.12 18:46:56 | 00,000,000 | ---- | M] () -- c:\WINDOWS\Sti_Trace.log
[2010.01.28 19:15:16 | 00,000,049 | ---- | M] () -- c:\WINDOWS\wiaservc.log
[2010.01.29 08:36:44 | 00,000,159 | ---- | M] () -- c:\WINDOWS\wiadebug.log
[2005.10.23 18:26:38 | 00,001,729 | ---- | M] () -- c:\WINDOWS\hpdj3740.ini
[2005.10.23 18:26:38 | 00,008,457 | ---- | M] () -- c:\WINDOWS\hpdj3740.his
[2001.10.25 12:00:00 | 00,001,272 | ---- | M] () -- c:\WINDOWS\Modrá krajka 16.bmp
[2004.10.19 14:52:22 | 00,000,027 | ---- | M] () -- c:\WINDOWS\calcpslab.ini
[2001.10.25 12:00:00 | 00,065,978 | ---- | M] () -- c:\WINDOWS\Mýdlové bubliny.bmp
[2005.01.16 15:51:28 | 00,000,029 | ---- | M] () -- c:\WINDOWS\pslabeler.ini
[2001.10.25 12:00:00 | 00,017,062 | ---- | M] () -- c:\WINDOWS\Zrnko kávy.bmp
[2005.01.20 08:57:40 | 00,000,280 | ---- | M] () -- c:\WINDOWS\emm386s.dl
[2009.08.16 21:24:14 | 00,015,055 | ---- | M] () -- c:\WINDOWS\KB973507.log
[2001.10.25 12:00:00 | 00,016,730 | ---- | M] () -- c:\WINDOWS\Textura peří.bmp
[2005.07.04 19:40:22 | 00,000,020 | ---- | M] () -- c:\WINDOWS\level.ini
[2001.10.25 12:00:00 | 00,017,336 | ---- | M] () -- c:\WINDOWS\Na rybách.bmp
[2009.08.28 14:41:12 | 00,023,228 | ---- | M] () -- c:\WINDOWS\KB968389.log
[2009.09.09 20:23:32 | 00,008,049 | ---- | M] () -- c:\WINDOWS\KB956844.log
[2001.10.25 12:00:00 | 00,026,582 | ---- | M] () -- c:\WINDOWS\Zelený kámen.bmp
[2007.01.01 17:24:02 | 00,000,810 | ---- | M] () -- c:\WINDOWS\Rtcw.INI
[2001.10.25 12:00:00 | 00,065,954 | ---- | M] () -- c:\WINDOWS\Prérijní vítr.bmp
[2005.07.04 20:19:38 | 00,000,528 | ---- | M] () -- c:\WINDOWS\eReg.dat
[2001.10.25 12:00:00 | 00,017,362 | ---- | M] () -- c:\WINDOWS\Rododendron.bmp
[2009.08.16 21:24:34 | 00,014,495 | ---- | M] () -- c:\WINDOWS\KB971557.log
[2009.08.16 21:24:40 | 00,019,286 | ---- | M] () -- c:\WINDOWS\KB971657.log
[2001.10.25 12:00:00 | 00,026,680 | ---- | M] () -- c:\WINDOWS\Řeka Sumida.bmp
[1998.10.07 12:08:12 | 00,327,168 | ---- | M] (InstallShield Software Corporation) -- c:\WINDOWS\IsUn040c.exe
[2001.10.25 12:00:00 | 00,065,832 | ---- | M] () -- c:\WINDOWS\Omítka Santa Fe.bmp
[2008.11.08 19:41:06 | 00,001,409 | ---- | M] () -- c:\WINDOWS\QTFont.for
[2001.10.25 12:00:00 | 00,009,522 | ---- | M] () -- c:\WINDOWS\Zapotec.bmp
[2008.10.02 10:16:16 | 01,719,001 | ---- | M] () -- c:\WINDOWS\setupapi.log.0.old
[2004.12.12 18:49:42 | 00,000,036 | ---- | M] () -- c:\WINDOWS\vb.ini
[2004.12.12 18:49:42 | 00,000,037 | ---- | M] () -- c:\WINDOWS\vbaddin.ini
[2009.08.16 21:24:48 | 00,014,934 | ---- | M] () -- c:\WINDOWS\KB960859.log
[2001.10.25 12:00:00 | 00,000,002 | ---- | M] () -- c:\WINDOWS\desktop.ini
[2009.08.16 21:20:38 | 00,014,580 | ---- | M] () -- c:\WINDOWS\KB973815.log
[2001.10.25 12:00:00 | 00,048,680 | -HS- | M] () -- c:\WINDOWS\winnt.bmp
[2009.08.16 21:23:52 | 00,007,146 | ---- | M] () -- c:\WINDOWS\KB973540.log
[2001.10.25 12:00:00 | 00,048,680 | -HS- | M] () -- c:\WINDOWS\winnt256.bmp
[2009.08.17 08:06:46 | 00,001,084 | ---- | M] () -- c:\WINDOWS\spupdsvc.log
[2009.08.16 21:23:50 | 00,000,618 | ---- | M] () -- c:\WINDOWS\wmsetup.log
[2004.12.12 18:51:14 | 00,000,749 | RH-- | M] () -- c:\WINDOWS\WindowsShell.Manifest
[2010.01.02 15:33:28 | 00,037,062 | ---- | M] () -- c:\WINDOWS\ModemLog_PCI SoftV92 Modem.txt
[2009.08.16 21:24:08 | 00,008,169 | ---- | M] () -- c:\WINDOWS\KB973354.log
[2004.12.12 18:52:08 | 00,299,552 | ---- | M] () -- c:\WINDOWS\WMSysPrx.prx
[2004.12.12 18:52:14 | 00,000,000 | ---- | M] () -- c:\WINDOWS\control.ini
[2010.01.29 08:36:14 | 00,002,048 | --S- | M] () -- c:\WINDOWS\bootstat.dat
[2004.12.12 18:55:40 | 00,008,192 | ---- | M] () -- c:\WINDOWS\REGLOCS.OLD
[2010.01.28 19:15:22 | 00,032,626 | ---- | M] () -- c:\WINDOWS\SchedLgU.Txt
[2009.08.16 21:24:20 | 00,008,531 | ---- | M] () -- c:\WINDOWS\KB973869.log
[2009.08.16 21:24:28 | 00,008,922 | ---- | M] () -- c:\WINDOWS\KB956744.log
[2009.09.10 14:21:50 | 00,008,338 | ---- | M] () -- c:\WINDOWS\KB971961.log
[2009.09.10 14:21:56 | 00,006,326 | ---- | M] () -- c:\WINDOWS\KB968816.log
[2002.01.02 08:40:50 | 00,032,768 | ---- | M] () -- c:\WINDOWS\SIS_LIB.DLL
[2008.10.30 14:02:30 | 00,110,705 | ---- | M] () -- c:\WINDOWS\UninstallThunderbird.exe
[2009.10.15 12:46:52 | 00,020,598 | ---- | M] () -- c:\WINDOWS\KB975467.log
[2009.10.15 12:49:38 | 00,016,123 | ---- | M] () -- c:\WINDOWS\KB974112.log
[2009.11.04 12:58:10 | 00,016,172 | ---- | M] () -- c:\WINDOWS\KB976749.log
[2009.11.11 14:06:56 | 00,015,287 | ---- | M] () -- c:\WINDOWS\KB969947.log
[2009.10.15 12:49:48 | 00,016,911 | ---- | M] () -- c:\WINDOWS\KB969059.log
[2002.10.18 15:56:06 | 00,028,672 | ---- | M] () -- c:\WINDOWS\CMIRmDriver.dll
[2008.10.30 14:02:26 | 00,008,317 | ---- | M] () -- c:\WINDOWS\mozver.dat
[2009.10.15 12:53:40 | 00,020,398 | ---- | M] () -- c:\WINDOWS\KB974455.log
[2003.08.05 14:23:24 | 00,266,240 | ---- | M] () -- c:\WINDOWS\CMIUninstall.exe
[2009.10.15 12:49:24 | 00,017,002 | ---- | M] () -- c:\WINDOWS\KB974571.log
[2009.10.15 12:49:32 | 00,016,482 | ---- | M] () -- c:\WINDOWS\KB975025.log
[2009.01.06 17:18:32 | 00,000,117 | ---- | M] () -- c:\WINDOWS\Wininit.ini
[2004.12.12 19:04:00 | 00,000,026 | ---- | M] () -- c:\WINDOWS\CMCDPLAY.INI
[2004.12.12 19:04:02 | 00,000,092 | ---- | M] () -- c:\WINDOWS\CMISETUP.INI
[2009.10.15 12:47:00 | 00,008,717 | ---- | M] () -- c:\WINDOWS\KB973525.log
[2009.10.15 12:47:14 | 00,012,581 | ---- | M] () -- c:\WINDOWS\KB971486.log
[2009.10.15 12:49:42 | 00,008,002 | ---- | M] () -- c:\WINDOWS\KB954155.log
[2005.01.13 19:33:06 | 00,001,729 | ---- | M] () -- c:\WINDOWS\hpdj3740.bu1
[2005.01.13 19:33:06 | 00,008,457 | ---- | M] () -- c:\WINDOWS\hpdj3740.hi1
[2009.10.15 12:53:26 | 00,008,002 | ---- | M] () -- c:\WINDOWS\KB958869.log
[2009.11.25 19:48:38 | 00,009,493 | ---- | M] () -- c:\WINDOWS\KB973687.log
[2004.03.17 14:12:48 | 00,000,362 | ---- | M] () -- c:\WINDOWS\hpfins_s04_main.dat
[2004.03.17 14:11:52 | 00,005,428 | ---- | M] () -- c:\WINDOWS\hpfmdl_s04_main.dat
[2009.07.28 22:23:16 | 00,000,504 | ---- | M] () -- c:\WINDOWS\ODBC.INI
[2010.01.25 12:02:22 | 00,001,039 | ---- | M] () -- c:\WINDOWS\wincmd.ini
[2004.04.16 06:03:00 | 00,000,545 | ---- | M] () -- c:\windows\ARJ.PIF
[2004.04.16 06:03:00 | 00,000,545 | ---- | M] () -- c:\windows\LHA.PIF
[2004.04.16 06:03:00 | 00,000,545 | ---- | M] () -- c:\windows\NOCLOSE.PIF
[2004.04.16 06:03:00 | 00,000,545 | ---- | M] () -- c:\windows\PKUNZIP.PIF
[2004.04.16 06:03:00 | 00,000,545 | ---- | M] () -- c:\windows\PKZIP.PIF
[2004.04.16 06:03:00 | 00,000,545 | ---- | M] () -- c:\windows\RAR.PIF
[2004.04.16 06:03:00 | 00,000,545 | ---- | M] () -- c:\windows\UC.PIF
[2008.09.02 13:38:38 | 00,033,496 | ---- | M] () -- c:\WINDOWS\ModemLog_SoftV92 Data Fax Modem.txt
[1999.06.25 11:55:30 | 00,149,504 | ---- | M] () -- c:\WINDOWS\UNWISE.EXE
[2009.12.09 11:52:58 | 00,015,929 | ---- | M] () -- c:\WINDOWS\KB971737.log
[2009.12.09 11:53:06 | 00,016,006 | ---- | M] () -- c:\WINDOWS\KB974392.log
[2010.01.03 18:37:02 | 00,000,610 | ---- | M] () -- c:\WINDOWS\KB954708.log
[2010.01.13 22:42:36 | 00,008,396 | ---- | M] () -- c:\WINDOWS\KB972270.log
[2009.12.09 11:53:34 | 00,019,507 | ---- | M] () -- c:\WINDOWS\KB976325.log
[2005.07.05 15:26:56 | 00,000,678 | ---- | M] () -- c:\WINDOWS\ChaseHQ2EvoConfig.ini
[2009.12.09 11:53:42 | 00,019,238 | ---- | M] () -- c:\WINDOWS\KB974318.log
[2009.12.09 11:53:50 | 00,020,830 | ---- | M] () -- c:\WINDOWS\KB970430.log
[2008.04.14 04:22:22 | 01,034,240 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\explorer.exe
[2005.08.01 16:40:34 | 00,000,163 | ---- | M] () -- c:\WINDOWS\fre.INI
[2004.08.17 15:49:28 | 00,000,316 | ---- | M] () -- c:\WINDOWS\emm386u.ddl
[2009.12.09 11:53:16 | 00,010,508 | ---- | M] () -- c:\WINDOWS\KB973904.log
[2010.01.13 22:42:48 | 00,009,933 | ---- | M] () -- c:\WINDOWS\KB955759.log
[2008.04.14 04:22:04 | 00,050,688 | ---- | M] (Twain Working Group) -- c:\WINDOWS\twain_32.dll
[2010.01.22 23:20:42 | 00,018,729 | ---- | M] () -- c:\WINDOWS\KB978207.log
[2008.04.14 04:22:42 | 00,147,968 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\regedit.exe
[2008.04.14 04:22:38 | 00,069,632 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\notepad.exe
[2008.04.14 04:22:26 | 00,010,752 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\hh.exe
[2005.08.18 11:23:14 | 00,000,056 | ---- | M] () -- c:\WINDOWS\1.00.0000
[2008.04.14 04:22:52 | 00,283,648 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\winhlp32.exe
[2007.11.23 21:40:00 | 00,316,640 | ---- | M] () -- c:\WINDOWS\WMSysPr9.prx
[1998.10.09 18:04:30 | 00,327,168 | ---- | M] (InstallShield Software Corporation) -- c:\WINDOWS\IsUn0405.exe
[2008.04.14 04:22:46 | 00,032,866 | ---- | M] (Smart Link) -- c:\WINDOWS\slrundll.exe
[2010.01.28 19:15:00 | 01,889,225 | ---- | M] () -- c:\WINDOWS\WindowsUpdate.log
[2005.11.09 18:24:48 | 00,000,076 | ---- | M] () -- c:\WINDOWS\prsi.ini
[2005.02.27 16:30:40 | 00,000,387 | ---- | M] () -- c:\WINDOWS\spidla.INI
[2008.07.30 10:49:28 | 00,000,441 | ---- | M] () -- c:\WINDOWS\Marias.ini
[2004.12.22 19:57:14 | 00,000,293 | ---- | M] () -- c:\WINDOWS\infomar.dta
[2005.07.16 19:08:56 | 00,000,439 | ---- | M] () -- c:\WINDOWS\SIERRA.INI
[2006.02.16 13:00:24 | 00,000,025 | ---- | M] () -- c:\WINDOWS\calcpslab3.ini
[2006.10.04 17:40:38 | 00,000,029 | ---- | M] () -- c:\WINDOWS\pslabeler3.ini
[1995.08.01 04:44:46 | 00,212,480 | ---- | M] (Eastman Kodak) -- c:\WINDOWS\PCDLIB32.DLL
[2005.08.30 20:37:52 | 00,000,050 | ---- | M] () -- c:\WINDOWS\UNNeroVision.cfg
[2005.09.12 15:13:46 | 00,233,472 | ---- | M] (Nero AG) -- c:\WINDOWS\UNNeroVision.exe
[2005.08.30 20:37:04 | 00,000,050 | ---- | M] () -- c:\WINDOWS\UNNeroShowTime.cfg
[2005.09.12 15:13:46 | 00,233,472 | ---- | M] (Nero AG) -- c:\WINDOWS\UNNeroShowTime.exe
[2005.08.30 20:36:38 | 00,000,050 | ---- | M] () -- c:\WINDOWS\UNRecode.cfg
[2005.09.12 15:13:46 | 00,233,472 | ---- | M] (Nero AG) -- c:\WINDOWS\UNRecode.exe
[2005.09.15 13:35:46 | 00,000,050 | ---- | M] () -- c:\WINDOWS\UNNeroMediaHome.cfg
[2005.09.12 15:13:46 | 00,233,472 | ---- | M] (Nero AG) -- c:\WINDOWS\UNNeroMediaHome.exe
[2005.08.30 20:33:38 | 00,000,050 | ---- | M] () -- c:\WINDOWS\UNNeroBackItUp.cfg
[2005.09.12 15:13:46 | 00,233,472 | ---- | M] (Nero AG) -- c:\WINDOWS\UNNeroBackItUp.exe
[2006.03.26 09:52:38 | 00,107,134 | ---- | M] () -- c:\WINDOWS\UninstallFirefox.exe
[2008.12.31 14:56:28 | 00,011,550 | ---- | M] () -- c:\WINDOWS\ModemLog_Nokia 6300 USB Modem.txt
[2007.12.12 09:59:42 | 00,001,738 | ---- | M] () -- c:\WINDOWS\M_VACA.DBF
[2007.12.12 10:28:54 | 00,000,955 | ---- | M] () -- c:\WINDOWS\ST5UNST.000
[1997.01.16 00:00:00 | 00,071,680 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\ST5UNST.EXE
[2007.11.20 00:38:22 | 00,766,464 | ---- | M] () -- c:\WINDOWS\Christmas Night 3D.scr
[2008.03.25 14:37:34 | 00,000,004 | ---- | M] () -- c:\WINDOWS\vzory.ini
[2007.07.23 00:37:02 | 00,000,149 | ---- | M] () -- c:\WINDOWS\hpgmdl30.dat
[2009.02.14 19:05:54 | 00,140,797 | ---- | M] () -- c:\WINDOWS\hpgins30.dat
[2009.09.02 15:52:34 | 00,000,043 | ---- | M] () -- c:\WINDOWS\hpfccopy.INI
[2007.03.12 03:35:12 | 00,012,288 | R--- | M] (Hewlett-Packard Company) -- c:\WINDOWS\Twunk_16.dll
[2007.03.12 03:35:12 | 00,012,288 | R--- | M] (Hewlett-Packard Company) -- c:\WINDOWS\Twunk_32.dll
[2008.04.11 10:12:24 | 00,000,000 | ---- | M] () -- c:\WINDOWS\hpqEmlSz.INI
[2009.05.19 12:49:14 | 00,008,159 | ---- | M] () -- c:\WINDOWS\Intelli HyperSpeed 2005 Setup Log.txt
[2010.01.26 19:11:14 | 00,001,599 | ---- | M] () -- c:\WINDOWS\ntdtcsetup.log
[2009.11.25 19:48:10 | 00,309,310 | ---- | M] () -- c:\WINDOWS\msxml4-KB973688-enu.LOG
[2010.01.08 19:16:00 | 00,002,810 | ---- | M] () -- c:\WINDOWS\Intelli HyperSpeed 2005 Uninstall Log.txt
[2002.07.12 11:15:12 | 00,106,496 | ---- | M] (Silicon Integrated Systems Corp.) -- c:\WINDOWS\SiSUSBrg.exe
[2001.12.07 03:11:42 | 00,003,583 | ---- | M] (Windows (R) 2000 DDK provider) -- c:\WINDOWS\SiSport.sys
[2009.01.26 11:04:48 | 00,000,000 | ---- | M] () -- c:\WINDOWS\setuperr.log
[2010.01.29 08:36:32 | 00,000,000 | ---- | M] () -- c:\WINDOWS\0.log
[2009.03.20 19:50:50 | 00,000,025 | ---- | M] () -- c:\WINDOWS\cdplayer.ini

< c:\windows\*.* /HL >

< c:\windows\*.* /RP >
< End of report >

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-01-29 10:59:33
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\VÁCLAV~1\LOCALS~1\Temp\kfgdqfod.sys

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- EOF - GMER 1.0.15 ----

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-29 11:19:25
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\VÁCLAV~1\LOCALS~1\Temp\kfgdqfod.sys

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\SearchIndexer.exe[1588] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

#12 Příspěvek od **motji** » 29 led 2010 12:57

Dejte soubor otestovat na http://www.virustotal.com

C:\Program Files\CMTxt.dll
C:\Program Files\conmet_.exe
C:\WINDOWS\System32\Baby Animals.msf
C:\WINDOWS\System32\Baby Animals.scr
C:\WINDOWS\System32\sstunst2.exe

Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
Sem vložte link s výsledky.

hcyruh · #13 Příspěvek od **hcyruh** » 29 led 2010 19:07

Dobrý večer,
posílám výsledky testu. Bohužel zase se mi nepodařilo je vložit, tam jak jste chtěla. Asi něco dělám špatně. Nevím zda to bude mít pro vás nějaký význam, ale po testu druhého souboru
(conmet.exe) se rozběhl program Úklid jedním kliknutím z TuneUp Utilities 2008. Nevím, jestli ty potíže nakonec nedělá tento program.
Děkuji.

a-squared 4.5.0.50 2010.01.29 -
AhnLab-V3 5.0.0.2 2010.01.29 -
AntiVir 7.9.1.154 2010.01.29 -
Antiy-AVL 2.0.3.7 2010.01.28 -
Authentium 5.2.0.5 2010.01.29 -
Avast 4.8.1351.0 2010.01.29 -
AVG 9.0.0.730 2010.01.29 -
BitDefender 7.2 2010.01.29 -
CAT-QuickHeal 10.00 2010.01.29 -
ClamAV 0.96.0.0-git 2010.01.29 -
Comodo 3749 2010.01.29 -
DrWeb 5.0.1.12222 2010.01.29 -
eSafe 7.0.17.0 2010.01.28 -
eTrust-Vet 35.2.7270 2010.01.29 -
F-Prot 4.5.1.85 2010.01.29 -
F-Secure 9.0.15370.0 2010.01.29 -
Fortinet 4.0.14.0 2010.01.28 -
GData 19 2010.01.29 -
Ikarus T3.1.1.80.0 2010.01.29 -
Jiangmin 13.0.900 2010.01.28 -
K7AntiVirus 7.10.959 2010.01.28 -
Kaspersky 7.0.0.125 2010.01.29 -
McAfee 5875 2010.01.28 -
McAfee+Artemis 5875 2010.01.28 -
McAfee-GW-Edition 6.8.5 2010.01.29 -
Microsoft 1.5406 2010.01.29 -
NOD32 4818 2010.01.29 -
Norman 6.04.03 2010.01.29 -
nProtect 2009.1.8.0 2010.01.29 -
Panda 10.0.2.2 2010.01.29 -
PCTools 7.0.3.5 2010.01.29 -
Prevx 3.0 2010.01.29 -
Rising 22.32.04.03 2010.01.29 -
Sophos 4.50.0 2010.01.29 -
Sunbelt 3.2.1858.2 2010.01.29 -
Symantec 20091.2.0.41 2010.01.29 -
TheHacker 6.5.1.0.170 2010.01.29 -
TrendMicro 9.120.0.1004 2010.01.29 -
VBA32 3.12.12.1 2010.01.29 -
ViRobot 2010.1.29.2162 2010.01.29 -
VirusBuster 5.0.21.0 2010.01.29 -
Rozšiřující informace
File size: 17408 bytes
MD5...: 41e5bc24a82a9f8be536514c85c72806
SHA1..: 787382926c086f185faa9d60ef3cb8d99be7b5dd
SHA256: 1787502e06cd9ec2795313905de14fb5236604d07acd7d5db6f48353e0acfd64
ssdeep: 384:HT4+V1qw6W5EuH7OXtfXTD8nWj5K6S89mXBEesf/E+w:NV1qwf5EuHiXtfDD
8WpSBKekE
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x3b8c
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

( 7 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x2bb0 0x2c00 6.43 b11ddfb312cabfcadd50439e173cd8e0
DATA 0x4000 0xc0 0x200 1.90 a124152c932616bcaf49a07347c98f6d
BSS 0x5000 0x4e9 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x6000 0x554 0x600 3.99 8456de2bad6fe867d4a5968013c0fde6
.edata 0x7000 0x45 0x200 0.60 895db3dc59e236670a5c3b1207f68a8a
.reloc 0x8000 0x35c 0x400 5.97 5c7685f7bbb4a364410f96b0c63331a7
.rsrc 0x9000 0x600 0x600 2.77 f994522e182b6f6671248688a91d5f63

( 7 imports )
> kernel32.dll: GetCurrentThreadId, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, VirtualQuery, lstrlenA, lstrcpyA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetCommandLineA, FreeLibrary, ExitProcess, WriteFile, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, CreateFileA, CloseHandle
> user32.dll: GetKeyboardType, MessageBoxA
> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
> oleaut32.dll: VariantClear
> kernel32.dll: TlsSetValue, TlsGetValue, TlsFree, TlsAlloc, LocalFree, LocalAlloc, GetModuleFileNameA
> kernel32.dll: UnmapViewOfFile, OpenFileMappingA, MapViewOfFile, GetTickCount, CloseHandle
> user32.dll: PostMessageA, GetDoubleClickTime, CallNextHookEx

( 1 exports )
HookProc
RDS...: NSRL Reference Data Set
-
sigcheck:
publisher....: Mgr. Tomas Papousek
copyright....: Copyright (c) 2008, Tom__ Papou_ek
product......: Connection Meter_ Mouse Hook
description..: Connection Meter_ Mouse Hook
original name: CMTxt.dll
internal name: CMTxt
file version.: 1.0
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
trid..: Win32 Executable Generic (58.3%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
pdfid.: -

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.01.29 -
AhnLab-V3 5.0.0.2 2010.01.29 -
AntiVir 7.9.1.154 2010.01.29 -
Antiy-AVL 2.0.3.7 2010.01.28 -
Authentium 5.2.0.5 2010.01.29 -
Avast 4.8.1351.0 2010.01.29 -
AVG 9.0.0.730 2010.01.29 -
BitDefender 7.2 2010.01.29 -
CAT-QuickHeal 10.00 2010.01.29 -
ClamAV 0.96.0.0-git 2010.01.29 -
Comodo 3749 2010.01.29 -
DrWeb 5.0.1.12222 2010.01.29 -
eSafe 7.0.17.0 2010.01.28 -
eTrust-Vet 35.2.7270 2010.01.29 -
F-Prot 4.5.1.85 2010.01.29 -
F-Secure 9.0.15370.0 2010.01.29 -
Fortinet 4.0.14.0 2010.01.28 -
GData 19 2010.01.29 -
Ikarus T3.1.1.80.0 2010.01.29 -
Jiangmin 13.0.900 2010.01.28 -
K7AntiVirus 7.10.959 2010.01.28 -
Kaspersky 7.0.0.125 2010.01.29 -
McAfee 5875 2010.01.28 New Malware.b
McAfee+Artemis 5875 2010.01.28 New Malware.b
McAfee-GW-Edition 6.8.5 2010.01.29 -
Microsoft 1.5406 2010.01.29 -
NOD32 4818 2010.01.29 -
Norman 6.04.03 2010.01.29 -
nProtect 2009.1.8.0 2010.01.29 -
Panda 10.0.2.2 2010.01.29 -
PCTools 7.0.3.5 2010.01.29 -
Rising 22.32.04.03 2010.01.29 -
Sophos 4.50.0 2010.01.29 -
Sunbelt 3.2.1858.2 2010.01.29 -
Symantec 20091.2.0.41 2010.01.29 -
TheHacker 6.5.1.0.170 2010.01.29 -
TrendMicro 9.120.0.1004 2010.01.29 -
VBA32 3.12.12.1 2010.01.29 -
ViRobot 2010.1.29.2162 2010.01.29 -
VirusBuster 5.0.21.0 2010.01.29 -
Rozšiřující informace
File size: 3887104 bytes
MD5...: b95a184ac401cbe010d3efa40a6416f3
SHA1..: bdfe9e34505e1f5eeb6d3146845f71cc659a5176
SHA256: f16d9837d33121547a79abf60727f4b066eecc098252959ad37b915708415ced
ssdeep: 49152:k+aWhuVWuyT63QmdIRzt5p917J29NvnfurX5L:wTVUTJ5XsNvUL
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x266ffc
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x266510 0x266600 6.54 db0d7f016fa27c08476f2141e9731b3a
DATA 0x268000 0xcb28 0xcc00 4.39 562b7c3a3e091d5a3d2d7767f29e096e
BSS 0x275000 0x8b1dd 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x301000 0x37e4 0x3800 5.02 d07356e920075532e4bd2e1d74bd1ddf
.tls 0x305000 0x10 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x306000 0x18 0x200 0.21 1c30f69e9643eee631ab10667c443e1b
.reloc 0x307000 0x26460 0x26600 6.79 6de7bd564b3e402d3f564e685ece254c
.rsrc 0x32e000 0x117a00 0x117a00 4.80 594d22598294017b31033142ebb523c1

( 28 imports )
> kernel32.dll: GetCurrentThreadId, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpyA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetCommandLineA, FreeLibrary, ExitProcess, ExitThread, CreateThread, WriteFile, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, MoveFileA, GetStdHandle, GetFileSize, GetSystemTime, GetFileType, DeleteFileA, CreateFileA, CloseHandle
> user32.dll: GetKeyboardType, LoadStringA, MessageBoxA
> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
> oleaut32.dll: VariantChangeTypeEx, VariantCopyInd, VariantClear, SysStringLen, SysFreeString, SysReAllocStringLen, SysAllocStringLen
> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA, GetModuleFileNameA
> advapi32.dll: SetSecurityDescriptorDacl, SetFileSecurityA, RegSetValueExA, RegSetValueA, RegQueryValueExA, RegQueryValueA, RegQueryInfoKeyA, RegOpenKeyExA, RegOpenKeyA, RegFlushKey, RegEnumValueA, RegEnumKeyExA, RegDeleteValueA, RegDeleteKeyA, RegCreateKeyExA, RegCreateKeyA, RegCloseKey, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueA, LookupAccountSidA, LookupAccountNameA, InitializeSecurityDescriptor, InitializeAcl, GetUserNameA, GetTokenInformation, GetSecurityDescriptorDacl, GetFileSecurityA, GetAclInformation, GetAce, FreeSid, EqualSid, AllocateAndInitializeSid, AdjustTokenPrivileges, AddAccessAllowedAce
> kernel32.dll: lstrcpynA, lstrcpyA, lstrcmpA, WritePrivateProfileStringA, WriteFile, WinExec, WaitNamedPipeA, WaitForSingleObject, VirtualQuery, VirtualAlloc, UnmapViewOfFile, TerminateThread, TerminateProcess, SystemTimeToFileTime, SuspendThread, Sleep, SizeofResource, SetThreadPriority, SetThreadLocale, SetProcessWorkingSetSize, SetLocalTime, SetFileTime, SetFilePointer, SetFileAttributesA, SetEvent, SetErrorMode, SetEndOfFile, SetCommTimeouts, SetCommState, ResumeThread, ResetEvent, RemoveDirectoryA, ReadFile, OutputDebugStringA, OpenProcess, MultiByteToWideChar, MulDiv, MoveFileA, MapViewOfFile, LockResource, LocalFileTimeToFileTime, LocalAlloc, LoadResource, LoadLibraryA, LeaveCriticalSection, InitializeCriticalSection, HeapSize, HeapFree, GlobalUnlock, GlobalSize, GlobalReAlloc, GlobalMemoryStatus, GlobalHandle, GlobalLock, GlobalFree, GlobalDeleteAtom, GlobalAlloc, GlobalAddAtomA, GetWindowsDirectoryA, GetVolumeInformationA, GetVersionExA, GetVersion, GetTimeZoneInformation, GetTickCount, GetThreadLocale, GetTempPathA, GetSystemTime, GetSystemPowerStatus, GetSystemInfo, GetShortPathNameA, GetProfileStringA, GetProcessHeap, GetProcAddress, GetPrivateProfileStringA, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLocalTime, GetLastError, GetFileTime, GetFileAttributesA, GetExitCodeThread, GetExitCodeProcess, GetDriveTypeA, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentThreadId, GetCurrentThread, GetCurrentProcessId, GetCurrentProcess, GetComputerNameA, GetCommState, GetCommModemStatus, GetCPInfo, FreeResource, FreeLibrary, FormatMessageA, FindResourceA, FindNextFileA, FindFirstFileA, FindClose, FileTimeToSystemTime, FileTimeToLocalFileTime, FileTimeToDosDateTime, ExitProcess, EnumCalendarInfoA, EnterCriticalSection, DosDateTimeToFileTime, DeleteFileA, DeleteCriticalSection, CreateThread, CreateMutexA, CreateFileMappingA, CreateFileA, CreateEventA, CreateDirectoryA, CopyFileA, CompareStringA, CloseHandle, CallNamedPipeA, Beep
> mpr.dll: WNetGetUniversalNameA
> version.dll: VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA
> gdi32.dll: UnrealizeObject, StretchDIBits, StretchBlt, StartPage, StartDocA, SetWindowOrgEx, SetWindowExtEx, SetWinMetaFileBits, SetViewportOrgEx, SetViewportExtEx, SetTextColor, SetStretchBltMode, SetROP2, SetPixel, SetMapMode, SetEnhMetaFileBits, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SetAbortProc, SelectPalette, SelectObject, SelectClipRgn, SaveDC, RoundRect, RestoreDC, Rectangle, RectVisible, RealizePalette, Polyline, PolyPolyline, PlayEnhMetaFile, Pie, PatBlt, MoveToEx, MaskBlt, LineTo, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetTextMetricsA, GetTextExtentPointA, GetTextExtentPoint32A, GetSystemPaletteEntries, GetStockObject, GetRgnBox, GetPixel, GetPaletteEntries, GetObjectType, GetObjectA, GetNearestPaletteIndex, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetClipRgn, GetClipBox, GetBrushOrgEx, GetBitmapBits, GdiFlush, ExtTextOutA, ExtCreatePen, ExcludeClipRect, EnumFontsA, EnumFontFamiliesExA, EndPage, EndDoc, Ellipse, DeleteObject, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreateRectRgn, CreatePenIndirect, CreatePalette, CreateICA, CreateHalftonePalette, CreateFontIndirectA, CreateDIBitmap, CreateDIBSection, CreateDCA, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileA, CombineRgn, BitBlt
> user32.dll: WindowFromPoint, WinHelpA, WaitMessage, ValidateRect, UpdateWindow, UnregisterHotKey, UnregisterClassA, UnionRect, UnhookWindowsHookEx, TranslateMessage, TranslateMDISysAccel, TrackPopupMenu, SystemParametersInfoA, ShowWindow, ShowScrollBar, ShowOwnedPopups, ShowCursor, SetWindowRgn, SetWindowsHookExA, SetWindowTextA, SetWindowPos, SetWindowPlacement, SetWindowLongA, SetTimer, SetScrollRange, SetScrollPos, SetScrollInfo, SetRect, SetPropA, SetMenuItemInfoA, SetMenu, SetKeyboardState, SetForegroundWindow, SetFocus, SetCursor, SetClipboardData, SetCapture, SetActiveWindow, SendMessageA, SendDlgItemMessageA, ScrollWindowEx, ScrollWindow, ScreenToClient, RemovePropA, RemoveMenu, ReleaseDC, ReleaseCapture, RegisterWindowMessageA, RegisterHotKey, RegisterClipboardFormatA, RegisterClassA, RedrawWindow, PtInRect, PostQuitMessage, PostMessageA, PeekMessageA, OpenClipboard, OffsetRect, OemToCharA, MsgWaitForMultipleObjects, MessageBoxA, MessageBeep, MapWindowPoints, MapVirtualKeyA, LoadStringA, LoadImageA, LoadIconA, LoadCursorA, LoadBitmapA, KillTimer, IsZoomed, IsWindowVisible, IsWindowEnabled, IsWindow, IsRectEmpty, IsIconic, IsDialogMessageA, IsClipboardFormatAvailable, IsChild, IsCharAlphaNumericA, IsCharAlphaA, InvalidateRect, IntersectRect, InsertMenuItemA, InsertMenuA, InflateRect, GetWindowThreadProcessId, GetWindowTextLengthA, GetWindowTextA, GetWindowRgn, GetWindowRect, GetWindowPlacement, GetWindowLongA, GetWindowDC, GetUpdateRect, GetTopWindow, GetSystemMetrics, GetSystemMenu, GetSysColor, GetSubMenu, GetScrollRange, GetScrollPos, GetScrollInfo, GetPropA, GetParent, GetWindow, GetMessageTime, GetMenuStringA, GetMenuState, GetMenuItemInfoA, GetMenuItemID, GetMenuItemCount, GetMenu, GetLastActivePopup, GetKeyboardState, GetKeyboardLayoutList, GetKeyboardLayout, GetKeyState, GetKeyNameTextA, GetIconInfo, GetForegroundWindow, GetFocus, GetDoubleClickTime, GetDlgItem, GetDesktopWindow, GetDCEx, GetDC, GetCursorPos, GetCursor, GetClipboardData, GetClientRect, GetClassNameA, GetClassInfoA, GetCapture, GetActiveWindow, FrameRect, FindWindowExA, FindWindowA, FillRect, ExitWindowsEx, EqualRect, EnumWindows, EnumThreadWindows, EnumClipboardFormats, EndPaint, EnableWindow, EnableScrollBar, EnableMenuItem, EmptyClipboard, DrawTextA, DrawMenuBar, DrawIconEx, DrawIcon, DrawFrameControl, DrawFocusRect, DrawEdge, DispatchMessageA, DestroyWindow, DestroyMenu, DestroyIcon, DestroyCursor, DeleteMenu, DefWindowProcA, DefMDIChildProcA, DefFrameProcA, CreateWindowExA, CreatePopupMenu, CreateMenu, CreateIcon, CopyImage, CloseClipboard, ClientToScreen, CheckMenuItem, CallWindowProcA, CallNextHookEx, BeginPaint, CharLowerBuffA, CharLowerA, CharUpperBuffA, AdjustWindowRectEx, ActivateKeyboardLayout
> ole32.dll: CLSIDFromProgID, CoCreateInstance, CoUninitialize, CoInitialize, IsEqualGUID
> oleaut32.dll: GetErrorInfo, RegisterTypeLib, LoadTypeLib, SysFreeString
> comctl32.dll: ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_SetDragCursorImage, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_Remove, ImageList_DrawEx, ImageList_Replace, ImageList_Draw, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_ReplaceIcon, ImageList_Add, ImageList_GetImageCount, ImageList_Destroy, ImageList_Create, InitCommonControls
> winspool.drv: OpenPrinterA, EnumPrintersA, DocumentPropertiesA, ClosePrinter
> comdlg32.dll: ChooseFontA, ChooseColorA, GetSaveFileNameA, GetOpenFileNameA
> wsock32.dll: WSACleanup, WSAStartup, WSAGetLastError, WSACancelAsyncRequest, WSAAsyncGetHostByName, gethostname, gethostbyname, gethostbyaddr, socket, setsockopt, recv, ntohs, inet_ntoa, inet_addr, htons, closesocket, bind
> kernel32.dll: MulDiv
> winmm.dll: timeGetTime, sndPlaySoundA, mciSendCommandA, mciGetErrorStringA
> ole32.dll: OleUninitialize, OleInitialize, CoTaskMemFree, StringFromCLSID, CoCreateInstance, CoGetMalloc
> shell32.dll: Shell_NotifyIconA, ShellExecuteExA, ShellExecuteA
> shell32.dll: SHGetDesktopFolder, SHBrowseForFolder, SHGetSpecialFolderLocation, SHGetPathFromIDList
> wininet.dll: InternetOpenA, DeleteUrlCacheEntry, InternetErrorDlg, InternetGetCookieA, InternetSetCookieA, HttpQueryInfoA, HttpSendRequestA, HttpOpenRequestA, InternetSetStatusCallback, InternetSetOptionA, InternetQueryOptionA, InternetReadFile, InternetCloseHandle, InternetConnectA
> advapi32.dll: QueryServiceStatus, OpenServiceA, OpenSCManagerA, DeleteService, ControlService, CloseServiceHandle
> shell32.dll: SHGetPathFromIDList, SHGetSpecialFolderLocation
> user32.dll: DdeCmpStringHandles, DdeFreeStringHandle, DdeQueryStringA, DdeCreateStringHandleA, DdeGetLastError, DdeFreeDataHandle, DdeUnaccessData, DdeAccessData, DdeCreateDataHandle, DdeClientTransaction, DdeNameService, DdePostAdvise, DdeSetUserHandle, DdeQueryConvInfo, DdeDisconnect, DdeConnect, DdeUninitialize, DdeInitializeA
> Tapi32.dll: lineShutdown, lineOpen, lineNegotiateAPIVersion, lineInitialize, lineGetCallInfo, lineDeallocateCall, lineClose
> advapi32.dll: RegNotifyChangeKeyValue

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Borland Delphi 5 (79.8%)
InstallShield setup (7.6%)
Win32 EXE PECompact compressed (generic) (7.3%)
Win32 Executable Delphi generic (2.5%)
Win32 Executable Generic (1.5%)
sigcheck:
publisher....: Mgr. Tom__ Papou_ek
copyright....: Copyright(c) 1998-2009, Mgr. Tom__ Papou_ek
product......: Connection Meter_
description..: Connection Meter_
original name: ConMet.exe
internal name: ConMet
file version.: 7.8.6.5
comments.....:
signers......: -
signing date.: -
verified.....: Unsigned

Soubor Baby_Animals.msf přijatý 2010.01.29 17:54:09 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO
Výsledek: 0/41 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 4.
Odhadovaný čas začátku mezi 70 a 100 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Formátované
Vytisknout výsledky Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.

Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.01.29 -
AhnLab-V3 5.0.0.2 2010.01.29 -
AntiVir 7.9.1.154 2010.01.29 -
Antiy-AVL 2.0.3.7 2010.01.28 -
Authentium 5.2.0.5 2010.01.29 -
Avast 4.8.1351.0 2010.01.29 -
AVG 9.0.0.730 2010.01.29 -
BitDefender 7.2 2010.01.29 -
CAT-QuickHeal 10.00 2010.01.29 -
ClamAV 0.96.0.0-git 2010.01.29 -
Comodo 3749 2010.01.29 -
DrWeb 5.0.1.12222 2010.01.29 -
eSafe 7.0.17.0 2010.01.28 -
eTrust-Vet 35.2.7270 2010.01.29 -
F-Prot 4.5.1.85 2010.01.29 -
F-Secure 9.0.15370.0 2010.01.29 -
Fortinet 4.0.14.0 2010.01.28 -
GData 19 2010.01.29 -
Ikarus T3.1.1.80.0 2010.01.29 -
Jiangmin 13.0.900 2010.01.28 -
K7AntiVirus 7.10.959 2010.01.28 -
Kaspersky 7.0.0.125 2010.01.29 -
McAfee 5875 2010.01.28 -
McAfee+Artemis 5875 2010.01.28 -
McAfee-GW-Edition 6.8.5 2010.01.29 -
Microsoft 1.5406 2010.01.29 -
NOD32 4818 2010.01.29 -
Norman 6.04.03 2010.01.29 -
nProtect 2009.1.8.0 2010.01.29 -
Panda 10.0.2.2 2010.01.29 -
PCTools 7.0.3.5 2010.01.29 -
Prevx 3.0 2010.01.29 -
Rising 22.32.04.03 2010.01.29 -
Sophos 4.50.0 2010.01.29 -
Sunbelt 3.2.1858.2 2010.01.29 -
Symantec 20091.2.0.41 2010.01.29 -
TheHacker 6.5.1.0.170 2010.01.29 -
TrendMicro 9.120.0.1004 2010.01.29 -
VBA32 3.12.12.1 2010.01.29 -
ViRobot 2010.1.29.2162 2010.01.29 -
VirusBuster 5.0.21.0 2010.01.29 -
Rozšiřující informace
File size: 657282 bytes
MD5...: e77a54df7d075e457fc53d9d051aad43
SHA1..: 916f83cdddaf868173674f20b768a61301058837
SHA256: 59a45f171b208010547a2186181cb562d9361a8d9929ac377839b168770f1870
ssdeep: 12288:5Zcw0UHTfqHx9//f2ue2ShJjKEwNT/JOLyAcsVKTCpHhD+bGfT:5jHTyD/
/c2ShJRwdQ+A6Gf
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

Soubor Baby_Animals.scr přijatý 2010.01.29 17:56:53 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO
Výsledek: 0/41 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 2.
Odhadovaný čas začátku mezi 50 a 71 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Formátované
Vytisknout výsledky Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.

Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.01.29 -
AhnLab-V3 5.0.0.2 2010.01.29 -
AntiVir 7.9.1.154 2010.01.29 -
Antiy-AVL 2.0.3.7 2010.01.28 -
Authentium 5.2.0.5 2010.01.29 -
Avast 4.8.1351.0 2010.01.29 -
AVG 9.0.0.730 2010.01.29 -
BitDefender 7.2 2010.01.29 -
CAT-QuickHeal 10.00 2010.01.29 -
ClamAV 0.96.0.0-git 2010.01.29 -
Comodo 3749 2010.01.29 -
DrWeb 5.0.1.12222 2010.01.29 -
eSafe 7.0.17.0 2010.01.28 -
eTrust-Vet 35.2.7270 2010.01.29 -
F-Prot 4.5.1.85 2010.01.29 -
F-Secure 9.0.15370.0 2010.01.29 -
Fortinet 4.0.14.0 2010.01.28 -
GData 19 2010.01.29 -
Ikarus T3.1.1.80.0 2010.01.29 -
Jiangmin 13.0.900 2010.01.28 -
K7AntiVirus 7.10.959 2010.01.28 -
Kaspersky 7.0.0.125 2010.01.29 -
McAfee 5875 2010.01.28 -
McAfee+Artemis 5875 2010.01.28 -
McAfee-GW-Edition 6.8.5 2010.01.29 -
Microsoft 1.5406 2010.01.29 -
NOD32 4818 2010.01.29 -
Norman 6.04.03 2010.01.29 -
nProtect 2009.1.8.0 2010.01.29 -
Panda 10.0.2.2 2010.01.29 -
PCTools 7.0.3.5 2010.01.29 -
Prevx 3.0 2010.01.29 -
Rising 22.32.04.03 2010.01.29 -
Sophos 4.50.0 2010.01.29 -
Sunbelt 3.2.1858.2 2010.01.29 -
Symantec 20091.2.0.41 2010.01.29 -
TheHacker 6.5.1.0.170 2010.01.29 -
TrendMicro 9.120.0.1004 2010.01.29 -
VBA32 3.12.12.1 2010.01.29 -
ViRobot 2010.1.29.2162 2010.01.29 -
VirusBuster 5.0.21.0 2010.01.29 -
Rozšiřující informace
File size: 400896 bytes
MD5...: a30219f0f5fe05c9aed84f1f962ab514
SHA1..: bdf9263e1a74c92c9efae26c809c372c8ad0528a
SHA256: 966789807ce6a81423829b2e8245489e86e69df499356c31ceecbf270fc908e3
ssdeep: 6144:lBb2FnlrC9cvb8GTgShek+WV4fBWyK7ziTClrCW9Cf3zvAdh:lMFnlnv3wv
fBtEGTCgW
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x11740
timedatestamp.....: 0x3541015a (Fri Apr 24 21:17:14 1998)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x44487 0x44600 6.60 f73774871880ec8b82cb7b40f6b9585d
.rdata 0x46000 0xa9d4 0xaa00 4.85 2459e83bdc00904d159430701eb1630c
.data 0x51000 0xbcc8 0x6600 3.98 8a33d2d0e3e90d2619b8ee4b3699f2ed
.rsrc 0x5d000 0xc328 0xc400 3.82 1df9307e1f66fef39efb8c5cbb394fb7

( 10 imports )
> WINMM.dll: waveOutReset, waveOutClose, waveOutWrite, midiOutUnprepareHeader, midiStreamOut, midiOutReset, midiStreamProperty, midiStreamOpen, midiOutPrepareHeader, midiStreamClose, mmioOpenA, waveOutUnprepareHeader, midiStreamStop, mmioClose, mmioRead, midiStreamRestart, waveOutPause, mmioSeek, waveOutOpen, mmioAscend, waveOutPrepareHeader, mmioDescend
> MSVFW32.dll: DrawDibRealize, MCIWndCreateA, DrawDibClose, DrawDibOpen, DrawDibDraw
> KERNEL32.dll: FindFirstFileA, GetVolumeInformationA, GetFullPathNameA, FindClose, SetEndOfFile, GetFileTime, GetFileAttributesA, GlobalAddAtomA, SetErrorMode, GetTempFileNameA, GlobalSize, HeapFree, GetTimeZoneInformation, GetSystemTime, GetLocalTime, HeapReAlloc, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, RaiseException, TerminateProcess, LockFile, HeapSize, GetCPInfo, GetACP, GetOEMCP, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, UnhandledExceptionFilter, FreeEnvironmentStringsA, FlushFileBuffers, UnlockFile, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, SetUnhandledExceptionFilter, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadWritePtr, IsBadCodePtr, GetLocaleInfoA, SetStdHandle, GetLocaleInfoW, CompareStringA, CompareStringW, SetEnvironmentVariableA, LocalLock, LocalFree, LocalAlloc, lstrcatA, SetFilePointer, GlobalReAlloc, lstrcpyA, WriteFile, GlobalFree, CreateFileA, ReadFile, GlobalAlloc, CloseHandle, GetWindowsDirectoryA, CopyFileA, DeleteFileA, GetTickCount, GetModuleFileNameA, ExitProcess, GetVersion, lstrlenA, Sleep, GetTempPathA, GetProfileStringA, GetCurrentProcess, DuplicateHandle, WritePrivateProfileStringA, TlsGetValue, GetVersionExA, GetProcessVersion, LeaveCriticalSection, TlsSetValue, EnterCriticalSection, DeleteCriticalSection, GlobalHandle, GetLastError, TlsAlloc, InitializeCriticalSection, lstrcpynA, SetLastError, GlobalFlags, FileTimeToSystemTime, MulDiv, FileTimeToLocalFileTime, lstrcmpA, GlobalDeleteAtom, MultiByteToWideChar, lstrcmpiA, GetCurrentThread, InterlockedIncrement, WideCharToMultiByte, InterlockedDecrement, GlobalLock, GetCurrentThreadId, GlobalGetAtomNameA, GlobalUnlock, WinExec, SizeofResource, GetFileSize, FindResourceA, LoadLibraryA, LoadResource, LockResource, LocalReAlloc, GetProcAddress, FreeLibrary, FreeEnvironmentStringsW, LocalUnlock, GetEnvironmentStrings, RtlUnwind, HeapAlloc
> USER32.dll: PtInRect, TabbedTextOutA, GrayStringA, IntersectRect, InflateRect, GetClassNameA, GetDesktopWindow, LoadCursorA, GetSysColorBrush, DestroyMenu, OffsetRect, FillRect, GetWindowDC, WindowFromPoint, CharUpperA, SetRectEmpty, LoadAcceleratorsA, TranslateAcceleratorA, SetMenu, ReuseDDElParam, ReleaseCapture, BringWindowToTop, UnpackDDElParam, IsDialogMessageA, IsDlgButtonChecked, CheckDlgButton, LoadIconA, SendDlgItemMessageA, MapWindowPoints, DispatchMessageA, GetFocus, SetFocus, AdjustWindowRectEx, EqualRect, DeferWindowPos, BeginDeferWindowPos, CopyRect, EndDeferWindowPos, IsWindowVisible, ScrollWindow, SetScrollInfo, ShowScrollBar, SetScrollRange, GetScrollPos, SetScrollPos, IsIconic, GetCapture, WinHelpA, GetClassInfoA, GetMessageA, DrawFocusRect, MessageBoxA, GetWindowTextLengthA, GetWindowTextA, GetDlgCtrlID, GetKeyState, SetWindowsHookExA, CallNextHookEx, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetLastActivePopup, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, SetWindowPos, RegisterWindowMessageA, GetNextDlgTabItem, EndDialog, GetActiveWindow, SetActiveWindow, CreateDialogIndirectParamA, DestroyWindow, GetDlgItem, IsWindowEnabled, DrawTextA, PostMessageA, GetCursorPos, PeekMessageA, SetCursor, IsWindow, SystemParametersInfoA, GetSysColor, DrawIcon, ClientToScreen, LoadMenuA, GetSubMenu, CheckMenuRadioItem, TrackPopupMenu, MoveWindow, ShowWindow, MessageBeep, UpdateWindow, ShowOwnedPopups, wvsprintfA, LoadStringA, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, GetWindowRect, ScreenToClient, PostQuitMessage, wsprintfA, FindWindowA, GetForegroundWindow, ShowCursor, GetSystemMetrics, SetForegroundWindow, GetParent, LoadImageA, SendMessageA, CreateWindowExA, RegisterClassA, TranslateMessage, GetMenuItemCount, ValidateRect, GetTopWindow, IsChild, EnableMenuItem, GetWindowLongA, SetWindowLongA, GetClientRect, BeginPaint, EndPaint, GetDC, ReleaseDC, InvalidateRect, DefWindowProcA, EnableWindow, SetMenuItemBitmaps, CheckMenuItem, GetMenuItemID, SetWindowTextA, GetMenu, GetWindow, UnregisterClassA, HideCaret, ShowCaret, ExcludeUpdateRgn, DefDlgProcA, CharNextA, IsWindowUnicode
> GDI32.dll: PatBlt, CreateBitmap, DeleteDC, GetObjectA, SaveDC, RestoreDC, StretchBlt, SetBkColor, MoveToEx, LineTo, CreateFontIndirectA, CreatePalette, CreateDIBitmap, SetTextColor, CreateCompatibleDC, BitBlt, CreateCompatibleBitmap, CreatePen, DeleteObject, SelectObject, GetTextMetricsA, SetMapMode, SetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, OffsetViewportOrgEx, SetWindowExtEx, GetClipBox, ScaleWindowExtEx, IntersectClipRect, GetDeviceCaps, CreateSolidBrush, PtVisible, RectVisible, ExtTextOutA, Escape, TextOutA, GetTextExtentPointA, SetBkMode, GetStockObject
> comdlg32.dll: ChooseFontA, GetFileTitleA
> WINSPOOL.DRV: ClosePrinter, DocumentPropertiesA, OpenPrinterA
> ADVAPI32.dll: RegQueryValueA, RegQueryValueExA, RegCloseKey, RegOpenKeyExA, RegCreateKeyA, RegOpenKeyA, RegCreateKeyExA, RegSetValueExA
> SHELL32.dll: DragQueryFileA, DragFinish, ShellExecuteA
> COMCTL32.dll: ImageList_Destroy, -

( 0 exports )
RDS...: NSRL Reference Data Set
-
sigcheck:
publisher....: Stardust Software
copyright....: Copyright (c) 1995-1998 Stardust Software.
product......: Stardust Screen Saver Toolkit
description..: Slideshow/Presentation Screen Saver Engine
original name: ESlideShow.exe
internal name: ESlideShow
file version.: 2, 1, 0, 32
comments.....: Powered by Stardust Screen Saver Toolkit 2.1
signers......: -
signing date.: -
verified.....: Unsigned
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)

oubor sstunst2.exe přijatý 2010.01.29 18:00:23 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO
Výsledek: 0/41 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 2.
Odhadovaný čas začátku mezi 50 a 71 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Formátované
Vytisknout výsledky Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.

Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.01.29 -
AhnLab-V3 5.0.0.2 2010.01.29 -
AntiVir 7.9.1.154 2010.01.29 -
Antiy-AVL 2.0.3.7 2010.01.28 -
Authentium 5.2.0.5 2010.01.29 -
Avast 4.8.1351.0 2010.01.29 -
AVG 9.0.0.730 2010.01.29 -
BitDefender 7.2 2010.01.29 -
CAT-QuickHeal 10.00 2010.01.29 -
ClamAV 0.96.0.0-git 2010.01.29 -
Comodo 3749 2010.01.29 -
DrWeb 5.0.1.12222 2010.01.29 -
eSafe 7.0.17.0 2010.01.28 -
eTrust-Vet 35.2.7270 2010.01.29 -
F-Prot 4.5.1.85 2010.01.29 -
F-Secure 9.0.15370.0 2010.01.29 -
Fortinet 4.0.14.0 2010.01.28 -
GData 19 2010.01.29 -
Ikarus T3.1.1.80.0 2010.01.29 -
Jiangmin 13.0.900 2010.01.28 -
K7AntiVirus 7.10.959 2010.01.28 -
Kaspersky 7.0.0.125 2010.01.29 -
McAfee 5875 2010.01.28 -
McAfee+Artemis 5875 2010.01.28 -
McAfee-GW-Edition 6.8.5 2010.01.29 -
Microsoft 1.5406 2010.01.29 -
NOD32 4818 2010.01.29 -
Norman 6.04.03 2010.01.29 -
nProtect 2009.1.8.0 2010.01.29 -
Panda 10.0.2.2 2010.01.29 -
PCTools 7.0.3.5 2010.01.29 -
Prevx 3.0 2010.01.29 -
Rising 22.32.04.03 2010.01.29 -
Sophos 4.50.0 2010.01.29 -
Sunbelt 3.2.1858.2 2010.01.29 -
Symantec 20091.2.0.41 2010.01.29 -
TheHacker 6.5.1.0.170 2010.01.29 -
TrendMicro 9.120.0.1004 2010.01.29 -
VBA32 3.12.12.1 2010.01.29 -
ViRobot 2010.1.29.2162 2010.01.29 -
VirusBuster 5.0.21.0 2010.01.29 -
Rozšiřující informace
File size: 29184 bytes
MD5...: 8f375a3478445143bdfd072ad5950918
SHA1..: de76b6eb0014f46a360b104985508f059b14d38b
SHA256: 19f977bf5747ede306a227dbd690ed544b19738bbf174b617d0561cb3c261683
ssdeep: 384:sb7Ofh/KxNEXI9TcWEMInL/GafZ3P+0BGJSVgIz/:sb7OfFdqcWEf/JBZBiS
Vgm
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1e80
timedatestamp.....: 0x35410163 (Fri Apr 24 21:17:23 1998)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x36c6 0x3800 6.35 ae60bd3aee0bac07ce4d13693d3dd187
.rdata 0x5000 0x938 0xa00 5.02 140dcc0c6c3c1b3e4754d43fa2987692
.data 0x6000 0x2a98 0x2600 0.70 b369ff11253694e0da0f032ff6b1b2b9
.rsrc 0x9000 0x468 0x600 2.61 1f27b1c5dce9fca8c23ef44603b28883

( 3 imports )
> KERNEL32.dll: CopyFileA, GlobalFree, WriteFile, lstrcpyA, CloseHandle, CreateFileA, ReadFile, lstrlenA, lstrcatA, FindNextFileA, FindFirstFileA, GetSystemDirectoryA, GlobalAlloc, SetFilePointer, ExitProcess, WideCharToMultiByte, GetCPInfo, GetProcAddress, VirtualAlloc, LoadLibraryA, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, GetVersion, DeleteFileA, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, GetModuleFileNameA, FreeEnvironmentStringsA, MultiByteToWideChar, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, HeapCreate, VirtualFree, GetACP, GetOEMCP, SetHandleCount, GetStdHandle, GetFileType, HeapDestroy, LCMapStringW, RtlUnwind, LCMapStringA, GetStringTypeA, HeapFree, HeapAlloc, GetStringTypeW
> USER32.dll: wsprintfA, MessageBoxA, GetLastActivePopup, GetActiveWindow
> ADVAPI32.dll: RegDeleteKeyA, RegOpenKeyA, RegCloseKey

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: Stardust Software
copyright....: Copyright (c) 1996-1998 Stardust Software.
product......: Stardust Screen Saver Uninstaller
description..: Screen Saver Uninstaller
original name: SSUninstall.exe
internal name: SSUninstall
file version.: 2, 1, 0, 33
comments.....: www.sdust.com
signers......: -
signing date.: -
verified.....: Unsigned

#14 Příspěvek od **motji** » 29 led 2010 20:06

Zkusíme ještě jednou combofix

:arrow:combofix stahněte takto:
-pravým myšítkem klikněte na odkaz combofixu --uložit jako.. ,a teď to přejmenujte na Potvora.com a uložte.

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, skopírujte celý jeho obsah sem

hcyruh · #15 Příspěvek od **hcyruh** » 30 led 2010 12:59

Hezké poledne.
přestože jsem postupoval podle vašeho návodu, nedařilo se. ComboFix jsem stáhl podle návodu na plochu, zavřel všechna okna. Snažil jsem se vypnout AVG ( nenašel jsem žádnou možnost vypnutí a tak jsem to zkoušel ve správci úloh). Když jsem chtěl ComboFix spustit, tak se PC zasekl a nic nešlo. musel jsem ho vypnout. Druhý pokus skončil zrovna tak. Nakonec jsem AVG odinstaloval. Pak se to povedlo. Log tedy posílám. Nepřišel jsem ale stále na to, jak vložit log, do toho vašeho textu. Tak se omlouvám. Jestli ještě mohu poprosit, byl bych rád za radu jaký antivirový program nainstalovat. Děkuji.

ComboFix 10-01-29.08 - Václav Hurych 30.01.2010 12:36:45.1.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.223.104 [GMT 1:00]
Spuštěný z: c:\documents and settings\Václav Hurych\Plocha\Potvora.com
SP: Spy Emergency *disabled* (Updated) {82117492-906E-4b02-A33A-84D42A2DD907}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\INSTALL.LOG
c:\windows\system32\ieuinit.inf
d:\documents and settings\V clav Hurych\Dokumenty\Opraven‚ registry 26.1.2009.reg
d:\documents and settings\V clav Hurych\Dokumenty\Opraven‚ registry.reg

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-28 do 2010-01-30 )))))))))))))))))))))))))))))))
.

2010-01-24 17:39 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-24 17:38 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-24 17:36 . 2010-01-24 17:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-19 16:44 . 2008-05-29 08:28 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2010-01-19 16:44 . 2010-01-19 16:44 355584 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2010-01-19 16:40 . 2010-01-19 16:40 -------- d-----w- c:\program files\TuneUp Utilities 2008
2010-01-18 17:22 . 2010-01-18 17:22 29184 ----a-w- c:\windows\system32\sstunst2.exe
2010-01-18 17:22 . 2010-01-18 17:22 400896 ----a-w- c:\windows\system32\Baby Animals.scr
2010-01-18 09:53 . 2010-01-18 09:53 -------- d-----w- C:\FOUND.011
2010-01-13 13:27 . 2009-11-21 16:03 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2010-01-04 08:09 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-01-04 08:09 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-01-03 17:39 . 2010-01-03 17:39 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-01-03 17:38 . 2010-01-03 17:38 -------- d-----w- c:\program files\Windows Live
2010-01-03 17:38 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-01-03 17:30 . 2010-01-03 17:30 -------- d-----w- c:\program files\Common Files\Windows Live

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-29 16:24 . 2009-12-29 16:24 -------- d-----w- c:\program files\HappyFoto
2009-12-27 18:07 . 2009-12-27 18:07 -------- d-----w- c:\program files\Xvid
2009-12-27 18:07 . 2009-12-27 18:07 -------- d-----w- c:\program files\ffdshow
2009-12-27 18:06 . 2009-12-27 18:05 -------- d-----w- c:\program files\AviSynth 2.5
2009-12-27 18:03 . 2009-12-27 18:03 -------- d-----w- c:\program files\Avi2Dvd
2009-12-22 05:09 . 2002-10-02 17:07 668160 ----a-w- c:\windows\system32\wininet.dll
2009-12-22 05:09 . 2004-12-12 19:02 81920 ------w- c:\windows\system32\ieencode.dll
2009-12-10 08:57 . 2009-12-10 08:57 -------- d-----w- c:\program files\Crawler
2009-12-08 17:28 . 2009-12-08 17:28 -------- d-----w- c:\program files\iPod
2009-12-08 17:21 . 2009-12-08 17:21 -------- d-----w- c:\program files\QuickTime
2009-12-07 08:12 . 2009-12-07 08:12 -------- d-----w- c:\program files\XnView
2009-11-21 16:03 . 2001-10-25 10:00 471552 ----a-w- c:\windows\AppPatch\AcLayers.dll
2009-11-20 09:06 . 2009-11-20 09:06 3887104 ----a-w- c:\program files\conmet_.exe
2009-11-20 09:04 . 2009-11-20 08:13 1043 ----a-w- c:\program files\tipy.txt
2009-11-20 09:04 . 2009-11-20 08:13 3962 ----a-w- c:\program files\ConMet.hlp
2009-11-20 09:04 . 2009-11-20 08:13 1257980 ----a-w- c:\program files\oskarova.map
2009-11-20 09:04 . 2009-11-20 09:07 17408 ----a-w- c:\program files\CMTxt.dll
2009-11-20 09:04 . 2009-11-20 08:13 303673 ----a-w- c:\program files\ConMet.chm
2009-11-20 09:04 . 2009-11-20 08:13 17920 ----a-w- c:\program files\CMUNST_.EXE
2009-11-20 09:04 . 2009-11-20 08:13 71680 ----a-w- c:\program files\CMSvc_.exe
2009-11-20 09:00 . 2009-11-20 09:00 3887104 ----a-w- C:\conmet_.exe
2009-11-19 18:25 . 2009-11-20 16:36 17408 ----a-w- C:\CMTxt.dll
2009-11-19 18:25 . 2009-11-19 18:25 71680 ----a-w- C:\CMService.exe
2009-11-19 18:25 . 2009-11-19 18:25 17920 ----a-w- C:\CMUNST_.EXE
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Svátky a výročí"="c:\program files\OKsoftware\Svátky a výročí\Vyroci.exe" [2004-12-12 960512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ConMet"="c:\program files\ConMet\ConMet.exe" [2010-01-13 3902464]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"ctfmon.exe"=c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"AppleSyncNotifier"=c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"SiSUSBRG"=c:\windows\SiSUSBrg.exe
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd
"HP Software Update"=c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
"HPDJ Taskbar Utility"=c:\windows\System32\spool\drivers\w32x86\3\hpztsb10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R2 CMService;Connection Meter Service;c:\program files\ConMet\CMService.exe [10.11.2009 18:54 71680]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\SophosMEMSWEEP.SYS --> c:\windows\system32\SophosMEMSWEEP.SYS [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2009-12-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-01-30 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 08:09]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = 127.0.0.1;;*.local;<local>
uInternet Settings,ProxyServer = http=rychle.tiscali.cz:8080
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Zobrazit originál
TCP: {31E89C2E-3FF2-48F1-AB6E-1A999325C94D} = 192.168.51.250,192.168.51.252
FF - ProfilePath - c:\documents and settings\Václav Hurych\Data aplikací\Mozilla\Firefox\Profiles\o6ewhmfb.Nepojmenovaný\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - component: c:\documents and settings\Václav Hurych\Data aplikací\Mozilla\Firefox\Profiles\o6ewhmfb.Nepojmenovaný\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox 3 Beta 5\plugins\npyaxmpb.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox 3 Beta 5\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKU-Default-Run-DWQueuedReporting - c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-30 12:43
Windows 5.1.2600 Service Pack 3 FAT NTAPI

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2010-01-30 12:46:07
ComboFix-quarantined-files.txt 2010-01-30 11:46

Před spuštěním: 9 159 852 032
Po spuštění: 9 125 380 096

- - End Of File - - 9B24200B957154A0CB532499367E2C84

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu