XP SECURITY TOOL 2010

Zpráva

PoldaX · #1 Příspěvek od **PoldaX** » 21 bře 2010 11:40

Dobrý den. Prosím o pomoc skoro nic nefunguje (přesněji ke všem programům se musí hledat cesta aby se spustily a u některých se ani cesta najít nedá) a pořád mi vyskakuje XP SECURITY TOOL 2010. tady je log RSIT. předem děkuji za pomoc!!!

Logfile of random's system information tool 1.06 (written by random/random)
Run by Tomik at 2010-03-21 11:03:32
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 23 GB (15%) free of 153 GB
Total RAM: 2047 MB (78% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-14 1217896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2006-11-07 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-11 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-11 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\listicka.dll [2009-09-23 1413272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2006-11-07 491520]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-14 1217896]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-11 263280]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
"FLMOFFICE4DMOUSE"=C:\Program Files\Labtec\Desktop\V5.1\moffice.exe [2008-11-16 958464]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-06-28 8466432]
"nwiz"=nwiz.exe /install []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-04-15 77824]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-06-28 81920]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"OFFICEKB"=C:\Program Files\Labtec\Keyboard\V5.1\kbdap32a.exe [2009-07-27 387584]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-08-24 1783808]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TClockEx"=C:\ZALOHY\TClockEx\TCLOCKEX.EXE [1999-03-14 75264]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-05-01 68856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"Svátky a výročí"=E:\Program1\SVÁTKY\Vyroci.exe [2003-03-28 881664]
""= []

C:\Documents and Settings\Tomik\Nabídka Start\Programy\Po spuštění
GIGABYTE VGA Utility.lnk - C:\Documents and Settings\Tomik\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe
syspck32.exe
Yahoo! Widgets.lnk - E:\Program2\Yahoo!\Widgets\YahooWidgets.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\ArcSoft\TotalMedia\TotalMedia.exe"="C:\Program Files\ArcSoft\TotalMedia\TotalMedia.exe:LocalSubNet:Enabled:ArcSoft TotalMedia"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"E:\Program1\uTorrent\utorrent.exe"="E:\Program1\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"E:\Hry2\Empire Interactive\Strangelite\Starship Troopers\STGame.exe"="E:\Hry2\Empire Interactive\Strangelite\Starship Troopers\STGame.exe:*:Disabled:Starship Troopers"
"C:\Program1\Maxthon\Maxthon.exe"="C:\Program1\Maxthon\Maxthon.exe:*:Disabled:Maxthon Web Browser"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"E:\Hry\Valve\Condition Zero\czero.exe"="E:\Hry\Valve\Condition Zero\czero.exe:*:Disabled:Condition Zero Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*:Enabled:Sdílení aplikací RTC"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Call"
"E:\Hry5\SEGA\Beijing 2008\Beijing.exe"="E:\Hry5\SEGA\Beijing 2008\Beijing.exe:*:Disabled:Beijing 2008™"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\HRY\Ubisoft\Prince of Persia\Prince of Persia.exe"="C:\HRY\Ubisoft\Prince of Persia\Prince of Persia.exe:*:Enabled:Prince of Persia Dx"
"C:\HRY\Ubisoft\Prince of Persia\PrinceOfPersia_Launcher.exe"="C:\HRY\Ubisoft\Prince of Persia\PrinceOfPersia_Launcher.exe:*:Enabled:Prince of Persia Update"
"C:\Program Files\Java\jre1.6.0_07\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre1.6.0_07\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\HRY\Electronic Arts\Burnout Paradise\BurnoutLauncher.exe"="C:\HRY\Electronic Arts\Burnout Paradise\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\HRY\Electronic Arts\Burnout Paradise\BurnoutConfigTool.exe"="C:\HRY\Electronic Arts\Burnout Paradise\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\HRY\Electronic Arts\Burnout Paradise\BurnoutParadise.exe"="C:\HRY\Electronic Arts\Burnout Paradise\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program1\Maxthon2\Modules\MxDownloader\MxDownloadServer.exe"="C:\Program1\Maxthon2\Modules\MxDownloader\MxDownloadServer.exe:*:Enabled:MxDownloadServer"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{081ab026-46b9-11dd-8737-f747466cbafe}]
shell\AutoRun\command - N:\wd_windows_tools\setup.exe

======File associations======

.exe - open - "C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\ave.exe" /START "%1" %*

======List of files/folders created in the last 1 months======

2010-03-21 11:03:33 ----D---- C:\Program Files\trend micro
2010-03-21 11:03:32 ----D---- C:\rsit
2010-03-19 10:21:43 ----D---- C:\Program Files\PC Connectivity Solution
2010-03-11 20:58:28 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-10 13:30:07 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-02 20:12:43 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2010-03-02 20:12:43 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-02-24 09:47:57 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$

======List of files/folders modified in the last 1 months======

2010-03-21 11:03:33 ----RD---- C:\Program Files
2010-03-21 11:02:42 ----D---- C:\WINDOWS
2010-03-21 11:02:42 ----A---- C:\WINDOWS\MAILTRAN.INI
2010-03-21 11:00:34 ----D---- C:\WINDOWS\Temp
2010-03-21 10:38:19 ----SD---- C:\WINDOWS\Tasks
2010-03-21 10:33:48 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-21 10:33:48 ----D---- C:\WINDOWS\system32
2010-03-21 10:33:48 ----D---- C:\Download
2010-03-21 10:33:46 ----D---- C:\FILM2
2010-03-21 10:33:46 ----D---- C:\FILM1
2010-03-21 10:33:38 ----D---- C:\Program Files\Spyware Terminator
2010-03-21 10:33:36 ----D---- C:\ZALOHY
2010-03-21 10:33:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-21 10:26:59 ----D---- C:\WINDOWS\Prefetch
2010-03-21 10:26:39 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-20 20:20:06 ----D---- C:\Documents and Settings\Tomik\Data aplikací\Spyware Terminator
2010-03-20 15:38:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-03-20 12:22:02 ----D---- C:\WINDOWS\system32\AGEIA(2)
2010-03-20 03:05:35 ----D---- C:\WINDOWS\system32\drivers
2010-03-20 00:13:51 ----D---- C:\Program Files\Mozilla Firefox
2010-03-20 00:08:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-19 11:12:29 ----SHD---- C:\Config.Msi
2010-03-19 11:05:15 ----SHD---- C:\WINDOWS\Installer
2010-03-19 10:23:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-19 10:23:05 ----HD---- C:\WINDOWS\inf
2010-03-19 10:15:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
2010-03-19 10:07:53 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-16 11:29:50 ----D---- C:\Documents and Settings\Tomik\Data aplikací\MxBoost
2010-03-15 15:26:59 ----D---- C:\Documents and Settings\Tomik\Data aplikací\gtk-2.0
2010-03-11 19:42:47 ----D---- C:\Documents and Settings\Tomik\Data aplikací\PC Suite
2010-03-10 13:30:09 ----D---- C:\Program Files\Movie Maker
2010-03-10 13:29:48 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-06 20:15:02 ----D---- C:\FILM3
2010-03-02 20:15:58 ----D---- C:\WINDOWS\WinSxS
2010-03-02 20:14:38 ----D---- C:\Program Files\Common Files\Nokia
2010-03-02 20:12:38 ----D---- C:\Program Files\Nokia
2010-03-02 10:38:04 ----A---- C:\WINDOWS\TRNCOM.INI
2010-03-02 06:30:12 ----A---- C:\WINDOWS\system32\MRT.exe
2010-02-28 11:21:07 ----A---- C:\WINDOWS\win.ini
2010-02-24 10:23:10 ----D---- C:\Zaloha
2010-02-24 10:16:06 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2010-02-24 09:48:36 ----A---- C:\WINDOWS\imsins.BAK
2010-02-24 09:48:33 ----D---- C:\WINDOWS\ie8updates

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-11-29 278728]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-07-04 18048]
R2 MaVctrl;MaVctrl; C:\WINDOWS\system32\DRIVERS\MaVc2K.sys [2004-08-23 11089]
R2 TVicHW32;TVicHW32; C:\WINDOWS\system32\drivers\TVicHW32.sys [2006-10-13 29536]
R3 3xHybrid;SAA7135 Analog + Digital TV Card; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-04-18 683904]
R3 actser;actser; C:\WINDOWS\system32\drivers\actser.sys [2004-08-23 29440]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-19 2317504]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-06-28 6807328]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-02-01 47360]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 a44ymn3l;a44ymn3l; C:\WINDOWS\system32\drivers\a44ymn3l.sys []
S3 aazuio9u;aazuio9u; C:\WINDOWS\system32\drivers\aazuio9u.sys []
S3 adfmgni6;adfmgni6; C:\WINDOWS\system32\drivers\adfmgni6.sys []
S3 adnk2i9m;adnk2i9m; C:\WINDOWS\system32\drivers\adnk2i9m.sys []
S3 afxj3ygb;afxj3ygb; C:\WINDOWS\system32\drivers\afxj3ygb.sys []
S3 ah1pyr8r;ah1pyr8r; C:\WINDOWS\system32\drivers\ah1pyr8r.sys []
S3 ajmmfirk;ajmmfirk; C:\WINDOWS\system32\drivers\ajmmfirk.sys []
S3 ame6kfk7;ame6kfk7; C:\WINDOWS\system32\drivers\ame6kfk7.sys []
S3 apxvfk2f;apxvfk2f; C:\WINDOWS\system32\drivers\apxvfk2f.sys []
S3 aq443g76;aq443g76; C:\WINDOWS\system32\drivers\aq443g76.sys []
S3 asgpvhzb;asgpvhzb; C:\WINDOWS\system32\drivers\asgpvhzb.sys []
S3 asvkblwm;asvkblwm; C:\WINDOWS\system32\drivers\asvkblwm.sys []
S3 axypa7l5;axypa7l5; C:\WINDOWS\system32\drivers\axypa7l5.sys []
S3 az1hilgh;az1hilgh; C:\WINDOWS\system32\drivers\az1hilgh.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys []
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys []
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys []
S3 genmcmn;Genius NetScroll Optical Mouse Driver; C:\WINDOWS\system32\DRIVERS\gmfiltr.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 MaRdPnp;MaRdPnp; C:\WINDOWS\system32\DRIVERS\MaRdP2K.sys [2004-09-13 49611]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-12-30 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-12-30 8320]
S3 P730C;P730C; C:\WINDOWS\system32\DRIVERS\P730C.sys [2004-09-16 25300]
S3 P730M;P730M; C:\WINDOWS\system32\DRIVERS\P730M.sys [2004-09-16 25300]
S3 P730U;P730U; C:\WINDOWS\system32\DRIVERS\P730U.sys [2005-05-25 49365]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 Ser2pl;SIEMENS Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-05-07 41472]
S3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2008-03-03 43392]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-12-30 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-12-30 7936]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S3 xnacc;Microsoft Common Controller For Windows Driver Service; C:\WINDOWS\system32\DRIVERS\xnacc.sys [2006-06-01 509440]
S3 ZSMC301b;VideoCAM Web V4; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-04-22 90534]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-06-28 155716]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-08-24 570880]
R2 UxTuneUp;TuneUp rozšíření vzhledu; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
S2 gupdate1ca5427638f3db0;Služba Google Update (gupdate1ca5427638f3db0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-23 133104]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-22 182768]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-07-21 306432]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\Windows Live\Messenger\usnsvc.exe []

-----------------EOF-----------------

#2 Příspěvek od **Caroprd111** » 21 bře 2010 11:50

Zdravím

Na logu se pracuje. prosím o strpení.

#3 Příspěvek od **Caroprd111** » 21 bře 2010 12:06

Soubor z přílohy stáhněte a rozbalte. Poté na soubor standardně 2X kliknete a potvrďte dialogové okno.

xp_exe_fix.zip: (743 bajtů) Staženo 102 x

Stáhněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=67229

Podle návodu v odkazu nainstalujte, poté dejte úplný sken.
Nic nemažte MBAM má občas falešné detekce a mohl by smazat např. systémové soubory.
Log vložte sem.

PoldaX · #4 Příspěvek od **PoldaX** » 21 bře 2010 15:17

Posílám MBAM log:

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

21.3.2010 15:09:17
mbam-log-2010-03-21 (15-08-51).txt

Typ kontroly: Kompletní kontrola (C:\|E:\|)
Zkontrolované objekty: 343335
Uplynulý čas: 2 hour(s), 7 minute(s), 29 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 3
Infikované adresáře: 0
Infikované soubory: 6

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\Download\3D Filmy\3D Anaglyph mazec.exe (Malware.Packer.Krunchy) -> No action taken.
E:\System Volume Information\_restore{B443C6E6-2D58-4953-8C03-869D478B04BD}\RP164\A0021412.exe (Trojan.FakeAlert) -> No action taken.
E:\System Volume Information\_restore{B443C6E6-2D58-4953-8C03-869D478B04BD}\RP169\A0030552.exe (Trojan.Downloader) -> No action taken.
E:\System Volume Information\_restore{B443C6E6-2D58-4953-8C03-869D478B04BD}\RP198\A0032559.exe (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> No action taken.
C:\Documents and Settings\Tomik\Data aplikací\avdrn.dat (Malware.Trace) -> No action taken.

#5 Příspěvek od **Caroprd111** » 21 bře 2010 15:31

Vše, co našel MBAM smažte a dejte nový log z RSIT.

PoldaX · #6 Příspěvek od **PoldaX** » 21 bře 2010 15:50

Tak už se mi všechno co zmizelo zase zpátky objevilo a funkční jsou i cesty k programům!!! ale pořád mi vyskakuje ten XP Security tool 2010 a myslím že je nacpanej v ovládacích panelech u brána firewall systému windows a centrum zabezpečení!

log RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Tomik at 2010-03-21 15:40:22
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 23 GB (15%) free of 153 GB
Total RAM: 2047 MB (69% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-14 1217896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2006-11-07 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-11 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-11 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\listicka.dll [2009-09-23 1413272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2006-11-07 491520]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-14 1217896]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-11 263280]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
"FLMOFFICE4DMOUSE"=C:\Program Files\Labtec\Desktop\V5.1\moffice.exe [2008-11-16 958464]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-06-28 8466432]
"nwiz"=nwiz.exe /install []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-04-15 77824]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-06-28 81920]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"OFFICEKB"=C:\Program Files\Labtec\Keyboard\V5.1\kbdap32a.exe [2009-07-27 387584]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-08-24 1783808]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TClockEx"=C:\ZALOHY\TClockEx\TCLOCKEX.EXE [1999-03-14 75264]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-05-01 68856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"Svátky a výročí"=E:\Program1\SVÁTKY\Vyroci.exe [2003-03-28 881664]
""= []

C:\Documents and Settings\Tomik\Nabídka Start\Programy\Po spuštění
GIGABYTE VGA Utility.lnk - C:\Documents and Settings\Tomik\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe
syspck32.exe
Yahoo! Widgets.lnk - E:\Program2\Yahoo!\Widgets\YahooWidgets.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\ArcSoft\TotalMedia\TotalMedia.exe"="C:\Program Files\ArcSoft\TotalMedia\TotalMedia.exe:LocalSubNet:Enabled:ArcSoft TotalMedia"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"E:\Program1\uTorrent\utorrent.exe"="E:\Program1\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"E:\Hry2\Empire Interactive\Strangelite\Starship Troopers\STGame.exe"="E:\Hry2\Empire Interactive\Strangelite\Starship Troopers\STGame.exe:*:Disabled:Starship Troopers"
"C:\Program1\Maxthon\Maxthon.exe"="C:\Program1\Maxthon\Maxthon.exe:*:Disabled:Maxthon Web Browser"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"E:\Hry\Valve\Condition Zero\czero.exe"="E:\Hry\Valve\Condition Zero\czero.exe:*:Disabled:Condition Zero Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*:Enabled:Sdílení aplikací RTC"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Call"
"E:\Hry5\SEGA\Beijing 2008\Beijing.exe"="E:\Hry5\SEGA\Beijing 2008\Beijing.exe:*:Disabled:Beijing 2008™"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\HRY\Ubisoft\Prince of Persia\Prince of Persia.exe"="C:\HRY\Ubisoft\Prince of Persia\Prince of Persia.exe:*:Enabled:Prince of Persia Dx"
"C:\HRY\Ubisoft\Prince of Persia\PrinceOfPersia_Launcher.exe"="C:\HRY\Ubisoft\Prince of Persia\PrinceOfPersia_Launcher.exe:*:Enabled:Prince of Persia Update"
"C:\Program Files\Java\jre1.6.0_07\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre1.6.0_07\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\HRY\Electronic Arts\Burnout Paradise\BurnoutLauncher.exe"="C:\HRY\Electronic Arts\Burnout Paradise\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\HRY\Electronic Arts\Burnout Paradise\BurnoutConfigTool.exe"="C:\HRY\Electronic Arts\Burnout Paradise\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\HRY\Electronic Arts\Burnout Paradise\BurnoutParadise.exe"="C:\HRY\Electronic Arts\Burnout Paradise\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program1\Maxthon2\Modules\MxDownloader\MxDownloadServer.exe"="C:\Program1\Maxthon2\Modules\MxDownloader\MxDownloadServer.exe:*:Enabled:MxDownloadServer"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{081ab026-46b9-11dd-8737-f747466cbafe}]
shell\AutoRun\command - N:\wd_windows_tools\setup.exe

======List of files/folders created in the last 1 months======

2010-03-21 12:57:01 ----D---- C:\Documents and Settings\Tomik\Data aplikací\Malwarebytes
2010-03-21 12:56:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-03-21 12:56:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-21 11:03:33 ----D---- C:\Program Files\trend micro
2010-03-21 11:03:32 ----D---- C:\rsit
2010-03-19 10:21:43 ----D---- C:\Program Files\PC Connectivity Solution
2010-03-11 20:58:28 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-10 13:30:07 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-02 20:12:43 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2010-03-02 20:12:43 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-02-24 09:47:57 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$

======List of files/folders modified in the last 1 months======

2010-03-21 15:40:20 ----D---- C:\WINDOWS\Temp
2010-03-21 15:39:40 ----D---- C:\WINDOWS
2010-03-21 15:39:40 ----A---- C:\WINDOWS\MAILTRAN.INI
2010-03-21 15:38:38 ----SD---- C:\WINDOWS\Tasks
2010-03-21 15:38:18 ----D---- C:\WINDOWS\Prefetch
2010-03-21 15:35:04 ----D---- C:\WINDOWS\system32\drivers
2010-03-21 15:34:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-21 12:56:55 ----RD---- C:\Program Files
2010-03-21 12:54:00 ----A---- C:\WINDOWS\win.ini
2010-03-21 10:33:48 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-21 10:33:48 ----D---- C:\WINDOWS\system32
2010-03-21 10:33:48 ----D---- C:\FILM1
2010-03-21 10:33:48 ----D---- C:\Download
2010-03-21 10:33:46 ----D---- C:\FILM2
2010-03-21 10:33:38 ----D---- C:\Program Files\Spyware Terminator
2010-03-21 10:33:36 ----D---- C:\ZALOHY
2010-03-21 10:26:39 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-20 20:20:06 ----D---- C:\Documents and Settings\Tomik\Data aplikací\Spyware Terminator
2010-03-20 15:38:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-03-20 12:22:02 ----D---- C:\WINDOWS\system32\AGEIA(2)
2010-03-20 00:13:51 ----D---- C:\Program Files\Mozilla Firefox
2010-03-20 00:08:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-19 11:12:29 ----SHD---- C:\Config.Msi
2010-03-19 11:05:15 ----SHD---- C:\WINDOWS\Installer
2010-03-19 10:23:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-19 10:23:05 ----HD---- C:\WINDOWS\inf
2010-03-19 10:15:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
2010-03-19 10:07:53 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-16 11:29:50 ----D---- C:\Documents and Settings\Tomik\Data aplikací\MxBoost
2010-03-15 15:26:59 ----D---- C:\Documents and Settings\Tomik\Data aplikací\gtk-2.0
2010-03-11 19:42:47 ----D---- C:\Documents and Settings\Tomik\Data aplikací\PC Suite
2010-03-10 13:30:09 ----D---- C:\Program Files\Movie Maker
2010-03-10 13:29:48 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-06 20:15:02 ----D---- C:\FILM3
2010-03-02 20:15:58 ----D---- C:\WINDOWS\WinSxS
2010-03-02 20:14:38 ----D---- C:\Program Files\Common Files\Nokia
2010-03-02 20:12:38 ----D---- C:\Program Files\Nokia
2010-03-02 10:38:04 ----A---- C:\WINDOWS\TRNCOM.INI
2010-03-02 06:30:12 ----A---- C:\WINDOWS\system32\MRT.exe
2010-02-24 10:23:10 ----D---- C:\Zaloha
2010-02-24 10:16:06 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2010-02-24 09:48:36 ----A---- C:\WINDOWS\imsins.BAK
2010-02-24 09:48:33 ----D---- C:\WINDOWS\ie8updates

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-11-29 278728]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-07-04 18048]
R2 MaVctrl;MaVctrl; C:\WINDOWS\system32\DRIVERS\MaVc2K.sys [2004-08-23 11089]
R2 TVicHW32;TVicHW32; C:\WINDOWS\system32\drivers\TVicHW32.sys [2006-10-13 29536]
R3 3xHybrid;SAA7135 Analog + Digital TV Card; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-04-18 683904]
R3 actser;actser; C:\WINDOWS\system32\drivers\actser.sys [2004-08-23 29440]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-19 2317504]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-06-28 6807328]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-02-01 47360]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 a0yca9w9;a0yca9w9; C:\WINDOWS\system32\drivers\a0yca9w9.sys []
S3 a44ymn3l;a44ymn3l; C:\WINDOWS\system32\drivers\a44ymn3l.sys []
S3 aazuio9u;aazuio9u; C:\WINDOWS\system32\drivers\aazuio9u.sys []
S3 adfmgni6;adfmgni6; C:\WINDOWS\system32\drivers\adfmgni6.sys []
S3 adnk2i9m;adnk2i9m; C:\WINDOWS\system32\drivers\adnk2i9m.sys []
S3 adxf0dmz;adxf0dmz; C:\WINDOWS\system32\drivers\adxf0dmz.sys []
S3 afxj3ygb;afxj3ygb; C:\WINDOWS\system32\drivers\afxj3ygb.sys []
S3 ah1pyr8r;ah1pyr8r; C:\WINDOWS\system32\drivers\ah1pyr8r.sys []
S3 ajmmfirk;ajmmfirk; C:\WINDOWS\system32\drivers\ajmmfirk.sys []
S3 ame6kfk7;ame6kfk7; C:\WINDOWS\system32\drivers\ame6kfk7.sys []
S3 aq443g76;aq443g76; C:\WINDOWS\system32\drivers\aq443g76.sys []
S3 asgpvhzb;asgpvhzb; C:\WINDOWS\system32\drivers\asgpvhzb.sys []
S3 axypa7l5;axypa7l5; C:\WINDOWS\system32\drivers\axypa7l5.sys []
S3 az1hilgh;az1hilgh; C:\WINDOWS\system32\drivers\az1hilgh.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys []
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys []
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys []
S3 genmcmn;Genius NetScroll Optical Mouse Driver; C:\WINDOWS\system32\DRIVERS\gmfiltr.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 MaRdPnp;MaRdPnp; C:\WINDOWS\system32\DRIVERS\MaRdP2K.sys [2004-09-13 49611]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-12-30 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-12-30 8320]
S3 P730C;P730C; C:\WINDOWS\system32\DRIVERS\P730C.sys [2004-09-16 25300]
S3 P730M;P730M; C:\WINDOWS\system32\DRIVERS\P730M.sys [2004-09-16 25300]
S3 P730U;P730U; C:\WINDOWS\system32\DRIVERS\P730U.sys [2005-05-25 49365]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 Ser2pl;SIEMENS Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-05-07 41472]
S3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2008-03-03 43392]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-12-30 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-12-30 7936]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S3 xnacc;Microsoft Common Controller For Windows Driver Service; C:\WINDOWS\system32\DRIVERS\xnacc.sys [2006-06-01 509440]
S3 ZSMC301b;VideoCAM Web V4; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-04-22 90534]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-06-28 155716]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-08-24 570880]
R2 UxTuneUp;TuneUp rozšíření vzhledu; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
S2 gupdate1ca5427638f3db0;Služba Google Update (gupdate1ca5427638f3db0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-23 133104]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-22 182768]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-07-21 306432]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\Windows Live\Messenger\usnsvc.exe []

-----------------EOF-----------------

#7 Příspěvek od **Caroprd111** » 21 bře 2010 15:55

Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano"
Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna
Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
Během skenování může být počítač restartován.

PoldaX · #8 Příspěvek od **PoldaX** » 21 bře 2010 16:24

log COMBO:

ComboFix 10-03-20.01 - Tomik 21.03.2010 16:13:11.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1497 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tomik\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1296 [VPS 100319-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycler\S-1-5-21-1659004503-1770027372-839522115-1004
c:\recycler\S-1-5-21-1745499403-3921054619-2334279787-1004
c:\recycler\S-1-5-21-244681182-2930739669-2085013442-1004
c:\windows\system32\config\systemprofile\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\windows\xobglu16.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-21 do 2010-03-21 )))))))))))))))))))))))))))))))
.

2010-03-21 15:10 . 2010-03-21 15:17 838144 ----a-w- c:\windows\system32\drivers\ayxpgovt.sys
2010-03-21 11:56 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-21 11:56 . 2010-03-21 11:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-21 11:56 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-21 10:03 . 2010-03-21 10:03 -------- d-----w- c:\program files\trend micro
2010-03-21 10:03 . 2010-03-21 10:03 -------- d-----w- C:\rsit
2010-03-21 09:26 . 2010-03-21 09:33 -------- d-----w- c:\documents and settings\Flexio\.gimp-2.6
2010-03-21 09:23 . 2010-03-21 09:23 -------- d-sh--w- c:\documents and settings\Flexio\IETldCache
2010-03-20 02:05 . 2008-04-13 19:40 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys
2010-03-19 23:20 . 2010-03-19 23:20 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2010-03-19 10:14 . 2008-04-13 19:40 62976 -c--a-w- c:\windows\system32\dllcache\cdrom.sys
2010-03-19 09:23 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-03-19 09:21 . 2010-03-19 09:22 -------- d-----w- c:\program files\PC Connectivity Solution
2010-03-11 19:58 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-10 07:50 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-03-02 19:12 . 2009-12-30 10:25 8320 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys
2010-03-02 19:12 . 2009-12-30 10:30 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-03-02 19:12 . 2009-12-30 10:25 137344 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2010-03-02 19:12 . 2009-12-30 10:30 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-03-02 19:12 . 2009-12-30 10:30 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-03-02 19:12 . 2010-01-21 13:53 18048 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-03-02 19:12 . 2009-12-30 10:30 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-03-02 19:12 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-21 09:33 . 2008-08-24 09:05 -------- d-----w- c:\program files\Spyware Terminator
2010-03-20 08:29 . 2010-03-21 09:27 196040 ----a-w- c:\windows\pchealth\helpctr\Config\Cache\Personal_32_1029.dat
2010-03-19 23:08 . 2004-08-18 12:00 524270 ----a-w- c:\windows\system32\perfh005.dat
2010-03-19 23:08 . 2004-08-18 12:00 108260 ----a-w- c:\windows\system32\perfc005.dat
2010-03-02 19:14 . 2007-10-07 08:32 -------- d-----w- c:\program files\Common Files\Nokia
2010-03-02 19:12 . 2007-10-07 08:32 -------- d-----w- c:\program files\Nokia
2010-02-24 09:16 . 2009-10-03 15:09 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-07 08:58 . 2010-02-07 08:58 -------- d-----w- c:\program files\GIMP-2.0
2010-02-04 07:00 . 2008-08-09 20:37 -------- d-----w- c:\program files\TuneUp Utilities 2008
2010-01-30 14:19 . 2010-01-30 14:19 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-01-28 20:48 . 2010-01-28 20:46 -------- d-----w- c:\program files\Windows Live
2010-01-28 20:48 . 2010-01-28 20:48 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-01-28 20:47 . 2010-01-28 20:47 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-01-28 20:46 . 2010-01-28 20:46 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-01-24 13:10 . 2010-01-24 09:57 -------- d-----w- c:\program files\NokiaFREE Unlock Codes Calculator
2010-01-23 23:20 . 2010-01-23 23:20 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-01-23 23:20 . 2010-01-23 23:20 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-01-23 23:14 . 2010-01-23 23:14 -------- d-----w- c:\program files\Common Files\PCSuite
2010-01-23 18:11 . 2010-01-23 18:11 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-01-23 18:11 . 2010-01-23 18:11 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-01-21 08:57 . 2009-09-16 14:04 -------- d-----w- c:\program files\Microsoft Silverlight
2009-12-31 16:50 . 2004-08-18 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-30 10:30 . 2007-10-07 08:32 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-12-21 19:08 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2004-10-01 13:00 . 2006-07-18 13:23 40960 ----a-w- c:\program files\Uninstall_CDS.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TClockEx"="c:\zalohy\TClockEx\TCLOCKEX.EXE" [1999-03-13 75264]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-01 68856]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
"Svátky a výročí"="e:\program1\SVÁTKY\Vyroci.exe" [2003-03-28 881664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"FLMOFFICE4DMOUSE"="c:\program files\Labtec\Desktop\V5.1\moffice.exe" [2008-11-16 958464]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
"nwiz"="nwiz.exe" [2007-06-28 1626112]
"SoundMan"="SOUNDMAN.EXE" [2005-04-15 77824]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"OFFICEKB"="c:\program files\Labtec\Keyboard\V5.1\kbdap32a.exe" [2009-07-27 387584]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-08-24 1783808]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

c:\documents and settings\Tomik\Nabˇdka Start\Programy\Po spuçtŘnˇ\
GIGABYTE VGA Utility.lnk - c:\documents and settings\Tomik\Data aplikacˇ\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe [2008-10-14 40960]
syspck32.exe [2008-4-14 35840]
Yahoo! Widgets.lnk - e:\program2\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TV Card Remote Control Device Monitor"=c:\windows\3xHybridRMT.exe
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe"
"RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
"SoundMan"=SOUNDMAN.EXE
"ScanRegistry"=C:\
"OFFICEKB"=c:\program files\Labtec\Desktop\V5.1\kbdap32a.exe
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"Hotplug"=c:\program files\Silicon Integrated Systems\SiSRaidPackage\hot_plug.exe
"SiSRaid"=c:\program files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"e:\\Program1\\uTorrent\\utorrent.exe"=
"e:\\Hry2\\Empire Interactive\\Strangelite\\Starship Troopers\\STGame.exe"=
"c:\\Program1\\Maxthon\\Maxthon.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"e:\\Hry\\Valve\\Condition Zero\\czero.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"e:\\Hry5\\SEGA\\Beijing 2008\\Beijing.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\HRY\\Ubisoft\\Prince of Persia\\Prince of Persia.exe"=
"c:\\HRY\\Ubisoft\\Prince of Persia\\PrinceOfPersia_Launcher.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\launch4j-tmp\\frd.exe"=
"c:\\HRY\\Electronic Arts\\Burnout Paradise\\BurnoutLauncher.exe"=
"c:\\HRY\\Electronic Arts\\Burnout Paradise\\BurnoutConfigTool.exe"=
"c:\\HRY\\Electronic Arts\\Burnout Paradise\\BurnoutParadise.exe"=
"c:\\Program1\\Maxthon2\\Modules\\MxDownloader\\MxDownloadServer.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10044:TCP"= 10044:TCP:*:Disabled:BitComet 10044 TCP
"10044:UDP"= 10044:UDP:*:Disabled:BitComet 10044 UDP
"26880:TCP"= 26880:TCP:*:Disabled:BitComet 26880 TCP
"26880:UDP"= 26880:UDP:*:Disabled:BitComet 26880 UDP
"8807:TCP"= 8807:TCP:*:Disabled:BitComet 8807 TCP
"8807:UDP"= 8807:UDP:*:Disabled:BitComet 8807 UDP
"10718:TCP"= 10718:TCP:*:Disabled:BitComet 10718 TCP
"10718:UDP"= 10718:UDP:*:Disabled:BitComet 10718 UDP
"12383:TCP"= 12383:TCP:*:Disabled:BitComet 12383 TCP
"12383:UDP"= 12383:UDP:*:Disabled:BitComet 12383 UDP

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [3.2.2009 23:59 111184]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [24.8.2008 10:05 141312]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.2.2009 23:59 20560]
R2 TVicHW32;TVicHW32;c:\windows\system32\drivers\TVicHW32.sys [14.10.2008 18:42 29536]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 18:19 13592]
R3 3xHybrid;SAA7135 Analog + Digital TV Card;c:\windows\system32\drivers\3xHybrid.sys [18.7.2006 13:49 683904]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [18.12.2009 18:22 27632]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19.9.2006 20:50 685816]
S2 gupdate1ca5427638f3db0;Služba Google Update (gupdate1ca5427638f3db0);c:\program files\Google\Update\GoogleUpdate.exe [23.10.2009 22:25 133104]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [24.7.2009 18:27 8704]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [24.7.2009 18:27 3072]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2.3.2010 20:12 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2.3.2010 20:12 8320]
S3 P730C;P730C;c:\windows\system32\drivers\P730C.sys [4.12.2006 1:37 25300]
S3 P730M;P730M;c:\windows\system32\drivers\P730M.sys [4.12.2006 1:37 25300]
S3 P730U;P730U;c:\windows\system32\drivers\P730U.sys [4.12.2006 1:37 49365]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - AYXPGOVT
*Deregistered* - ayxpgovt

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-03-05 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 12:49]

2010-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-23 21:25]

2010-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-23 21:25]

2010-03-21 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Add to AMV Convert Tool... - e:\program2\MP3 Player Utilities 4.00\AMVConverter\grab.html
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: MediaManager tool grab multimedia file - e:\program2\MP3 Player Utilities 4.00\MediaManager\grab.html
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Tomik\Data aplikací\Mozilla\Firefox\Profiles\w9h06evg.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - component: c:\documents and settings\Tomik\Data aplikací\Mozilla\Firefox\Profiles\w9h06evg.default\extensions\{7E7165E2-0767-448c-852F-5FA8714F2C37}\components\PlainOldFavorites.dll
FF - component: c:\documents and settings\Tomik\Data aplikací\Mozilla\Firefox\Profiles\w9h06evg.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\thriXXX\WebLaunch\Binaries\npWebLaunch.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: e:\program2\Real Alternative\browser\plugins\nppl3260.dll
FF - plugin: e:\program2\Real Alternative\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKU-Default-Run-Nokia.PCSync - c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
AddRemove-My Addicting Games Arcade_is1 - l:\games\My Addicting Games Arcade\unins000.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-21 16:17
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet018\Services\ayxpgovt]

.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3063369759-1615306458-201157244-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-3063369759-1615306458-201157244-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:95,a4,1d,5a,9a,ab,39,db,11,bd,47,33,6c,26,74,17,1b,da,d2,53,49,57,e2,
7d,e2,52,c3,48,ba,24,02,14,c7,70,1d,f5,c5,9c,ba,d8,e3,c1,22,9f,68,9a,ca,3d,\
"??"=hex:db,c7,2a,bc,48,8d,ed,70,6f,8d,d4,47,89,a7,8f,40

[HKEY_USERS\S-1-5-21-3063369759-1615306458-201157244-1006\Software\SecuROM\License information*]
"datasecu"=hex:27,4a,1b,fe,21,e0,83,82,83,d2,ae,cc,75,e4,28,7c,21,a0,cb,04,c7,
ca,60,5d,2b,8c,8a,c2,fd,0f,71,7c,44,1b,7c,3f,6d,35,4b,9a,11,b9,5d,78,32,ef,\
"rkeysecu"=hex:21,25,90,dd,7e,72,c0,4a,7b,e6,5e,c0,6f,4f,93,0e
.
Celkový čas: 2010-03-21 16:20:06
ComboFix-quarantined-files.txt 2010-03-21 15:19

Před spuštěním: Volných bajtů: 24 073 625 600
Po spuštění: Volných bajtů: 24 046 759 936

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

Current=18 Default=18 Failed=17 LastKnownGood=19 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19
- - End Of File - - 2F3521D33A1903B9E8215FB187D054A0

#9 Příspěvek od **Caroprd111** » 21 bře 2010 16:54

Pokud nemáte, přesuňte Combofix na plochu

Otevřete si Poznámkový blok a zkopírujte do něj text z bílého okénka.

Kód: Vybrat vše

Driver::
a0yca9w9
a44ymn3l
aazuio9u
adfmgni6
adnk2i9m
adxf0dmz
afxj3ygb
ah1pyr8r
ajmmfirk
ame6kfk7
aq443g76
asgpvhzb
axypa7l5
az1hilgh
ayxpgovt

File::
C:\WINDOWS\system32\drivers\a0yca9w9.sys
C:\WINDOWS\system32\drivers\a44ymn3l.sys
C:\WINDOWS\system32\drivers\aazuio9u.sys
C:\WINDOWS\system32\drivers\adfmgni6.sys
C:\WINDOWS\system32\drivers\adnk2i9m.sys
C:\WINDOWS\system32\drivers\adxf0dmz.sys
C:\WINDOWS\system32\drivers\afxj3ygb.sys
C:\WINDOWS\system32\drivers\ah1pyr8r.sys
C:\WINDOWS\system32\drivers\ajmmfirk.sys
C:\WINDOWS\system32\drivers\ame6kfk7.sys
C:\WINDOWS\system32\drivers\aq443g76.sys
C:\WINDOWS\system32\drivers\asgpvhzb.sys
C:\WINDOWS\system32\drivers\axypa7l5.sys
C:\WINDOWS\system32\drivers\az1hilgh.sys
c:\windows\system32\drivers\ayxpgovt.sys
C:\Documents and Settings\Tomik\Nabídka Start\Programy\Po spuštění\syspck32.exe

RegLock::
[HKEY_USERS\S-1-5-21-3063369759-1615306458-201157244-1006
[HKEY_USERS\S-1-5-21-3063369759-1615306458-201157244-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-3063369759-1615306458-201157244-1006\Software\SecuROM\License information*]

Uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
Po uložení uchopte vámi vytvořený skript levým myšítkem a přesuňte ho nad ikonu Combofixu, kde ho upustíte:
Po aplikaci na Vás vypadne další log,vložte ho sem

Může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Obrázek

Tohle otestujte na http://www.virustotal.com/cs/
c:\windows\system32\drivers\P730C.sys
c:\windows\system32\epmntdrv.sys
c:\windows\system32\EuGdiDrv.sys
c:\windows\system32\browserchoice.exe
c:\windows\system32\dllcache\moviemk.exe
c:\windows\system32\drivers\cdrom.sys

(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)

PoldaX · #10 Příspěvek od **PoldaX** » 21 bře 2010 18:07

tak posílám druhý Combo log a přikládám odkaz na ty otestované soubory:

ComboFix 10-03-20.01 - Tomik 21.03.2010 17:13:44.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1516 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tomik\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Tomik\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1296 [VPS 100319-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\documents and settings\Tomik\Nabídka Start\Programy\Po spuštění\syspck32.exe"
"c:\windows\system32\drivers\a0yca9w9.sys"
"c:\windows\system32\drivers\a44ymn3l.sys"
"c:\windows\system32\drivers\aazuio9u.sys"
"c:\windows\system32\drivers\adfmgni6.sys"
"c:\windows\system32\drivers\adnk2i9m.sys"
"c:\windows\system32\drivers\adxf0dmz.sys"
"c:\windows\system32\drivers\afxj3ygb.sys"
"c:\windows\system32\drivers\ah1pyr8r.sys"
"c:\windows\system32\drivers\ajmmfirk.sys"
"c:\windows\system32\drivers\ame6kfk7.sys"
"c:\windows\system32\drivers\aq443g76.sys"
"c:\windows\system32\drivers\asgpvhzb.sys"
"c:\windows\system32\drivers\axypa7l5.sys"
"c:\windows\system32\drivers\ayxpgovt.sys"
"c:\windows\system32\drivers\az1hilgh.sys"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Tomik\Nabídka Start\Programy\Po spuštění\syspck32.exe
c:\windows\system32\drivers\ayxpgovt.sys

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_AYXPGOVT
-------\Service_a44ymn3l
-------\Service_aazuio9u
-------\Service_adfmgni6
-------\Service_adnk2i9m
-------\Service_afxj3ygb
-------\Service_ah1pyr8r
-------\Service_ajmmfirk
-------\Service_ame6kfk7
-------\Service_aq443g76
-------\Service_asgpvhzb
-------\Service_axypa7l5
-------\Service_ayxpgovt
-------\Service_az1hilgh

((((((((((((((((((((((((( Soubory vytvořené od 2010-02-21 do 2010-03-21 )))))))))))))))))))))))))))))))
.

2010-03-21 15:22 . 2010-03-21 15:22 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-03-21 11:56 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-21 11:56 . 2010-03-21 11:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-21 11:56 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-21 10:03 . 2010-03-21 10:03 -------- d-----w- c:\program files\trend micro
2010-03-21 10:03 . 2010-03-21 10:03 -------- d-----w- C:\rsit
2010-03-21 09:26 . 2010-03-21 09:33 -------- d-----w- c:\documents and settings\Flexio\.gimp-2.6
2010-03-21 09:23 . 2010-03-21 09:23 -------- d-sh--w- c:\documents and settings\Flexio\IETldCache
2010-03-20 02:05 . 2008-04-13 19:40 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys
2010-03-19 23:20 . 2010-03-19 23:20 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2010-03-19 10:14 . 2008-04-13 19:40 62976 -c--a-w- c:\windows\system32\dllcache\cdrom.sys
2010-03-19 09:23 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-03-19 09:21 . 2010-03-19 09:22 -------- d-----w- c:\program files\PC Connectivity Solution
2010-03-11 19:58 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-10 07:50 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-03-02 19:12 . 2009-12-30 10:25 8320 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys
2010-03-02 19:12 . 2009-12-30 10:30 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-03-02 19:12 . 2009-12-30 10:25 137344 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2010-03-02 19:12 . 2009-12-30 10:30 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-03-02 19:12 . 2009-12-30 10:30 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-03-02 19:12 . 2010-01-21 13:53 18048 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-03-02 19:12 . 2009-12-30 10:30 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-03-02 19:12 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-21 09:33 . 2008-08-24 09:05 -------- d-----w- c:\program files\Spyware Terminator
2010-03-20 08:29 . 2010-03-21 09:27 196040 ----a-w- c:\windows\pchealth\helpctr\Config\Cache\Personal_32_1029.dat
2010-03-19 23:08 . 2004-08-18 12:00 524270 ----a-w- c:\windows\system32\perfh005.dat
2010-03-19 23:08 . 2004-08-18 12:00 108260 ----a-w- c:\windows\system32\perfc005.dat
2010-03-02 19:14 . 2007-10-07 08:32 -------- d-----w- c:\program files\Common Files\Nokia
2010-03-02 19:12 . 2007-10-07 08:32 -------- d-----w- c:\program files\Nokia
2010-02-24 09:16 . 2009-10-03 15:09 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-07 08:58 . 2010-02-07 08:58 -------- d-----w- c:\program files\GIMP-2.0
2010-02-04 07:00 . 2008-08-09 20:37 -------- d-----w- c:\program files\TuneUp Utilities 2008
2010-01-30 14:19 . 2010-01-30 14:19 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-01-28 20:48 . 2010-01-28 20:46 -------- d-----w- c:\program files\Windows Live
2010-01-28 20:48 . 2010-01-28 20:48 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-01-28 20:47 . 2010-01-28 20:47 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-01-28 20:46 . 2010-01-28 20:46 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-01-24 13:10 . 2010-01-24 09:57 -------- d-----w- c:\program files\NokiaFREE Unlock Codes Calculator
2010-01-23 23:20 . 2010-01-23 23:20 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-01-23 23:20 . 2010-01-23 23:20 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-01-23 23:14 . 2010-01-23 23:14 -------- d-----w- c:\program files\Common Files\PCSuite
2010-01-23 18:11 . 2010-01-23 18:11 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-01-23 18:11 . 2010-01-23 18:11 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-01-21 08:57 . 2009-09-16 14:04 -------- d-----w- c:\program files\Microsoft Silverlight
2009-12-31 16:50 . 2004-08-18 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-30 10:30 . 2007-10-07 08:32 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-12-21 19:08 . 2004-08-18 12:00 916480 ------w- c:\windows\system32\wininet.dll
2004-10-01 13:00 . 2006-07-18 13:23 40960 ----a-w- c:\program files\Uninstall_CDS.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TClockEx"="c:\zalohy\TClockEx\TCLOCKEX.EXE" [1999-03-13 75264]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-01 68856]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
"Svátky a výročí"="e:\program1\SVÁTKY\Vyroci.exe" [2003-03-28 881664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"FLMOFFICE4DMOUSE"="c:\program files\Labtec\Desktop\V5.1\moffice.exe" [2008-11-16 958464]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
"nwiz"="nwiz.exe" [2007-06-28 1626112]
"SoundMan"="SOUNDMAN.EXE" [2005-04-15 77824]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"OFFICEKB"="c:\program files\Labtec\Keyboard\V5.1\kbdap32a.exe" [2009-07-27 387584]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-08-24 1783808]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

c:\documents and settings\Tomik\Nabˇdka Start\Programy\Po spuçtŘnˇ\
GIGABYTE VGA Utility.lnk - c:\documents and settings\Tomik\Data aplikacˇ\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe [2008-10-14 40960]
Yahoo! Widgets.lnk - e:\program2\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TV Card Remote Control Device Monitor"=c:\windows\3xHybridRMT.exe
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe"
"RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
"SoundMan"=SOUNDMAN.EXE
"ScanRegistry"=C:\
"OFFICEKB"=c:\program files\Labtec\Desktop\V5.1\kbdap32a.exe
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"Hotplug"=c:\program files\Silicon Integrated Systems\SiSRaidPackage\hot_plug.exe
"SiSRaid"=c:\program files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"e:\\Program1\\uTorrent\\utorrent.exe"=
"e:\\Hry2\\Empire Interactive\\Strangelite\\Starship Troopers\\STGame.exe"=
"c:\\Program1\\Maxthon\\Maxthon.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"e:\\Hry\\Valve\\Condition Zero\\czero.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"e:\\Hry5\\SEGA\\Beijing 2008\\Beijing.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\HRY\\Ubisoft\\Prince of Persia\\Prince of Persia.exe"=
"c:\\HRY\\Ubisoft\\Prince of Persia\\PrinceOfPersia_Launcher.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\launch4j-tmp\\frd.exe"=
"c:\\HRY\\Electronic Arts\\Burnout Paradise\\BurnoutLauncher.exe"=
"c:\\HRY\\Electronic Arts\\Burnout Paradise\\BurnoutConfigTool.exe"=
"c:\\HRY\\Electronic Arts\\Burnout Paradise\\BurnoutParadise.exe"=
"c:\\Program1\\Maxthon2\\Modules\\MxDownloader\\MxDownloadServer.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10044:TCP"= 10044:TCP:*:Disabled:BitComet 10044 TCP
"10044:UDP"= 10044:UDP:*:Disabled:BitComet 10044 UDP
"26880:TCP"= 26880:TCP:*:Disabled:BitComet 26880 TCP
"26880:UDP"= 26880:UDP:*:Disabled:BitComet 26880 UDP
"8807:TCP"= 8807:TCP:*:Disabled:BitComet 8807 TCP
"8807:UDP"= 8807:UDP:*:Disabled:BitComet 8807 UDP
"10718:TCP"= 10718:TCP:*:Disabled:BitComet 10718 TCP
"10718:UDP"= 10718:UDP:*:Disabled:BitComet 10718 UDP
"12383:TCP"= 12383:TCP:*:Disabled:BitComet 12383 TCP
"12383:UDP"= 12383:UDP:*:Disabled:BitComet 12383 UDP

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19.9.2006 20:50 685816]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [3.2.2009 23:59 111184]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [24.8.2008 10:05 141312]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.2.2009 23:59 20560]
R2 TVicHW32;TVicHW32;c:\windows\system32\drivers\TVicHW32.sys [14.10.2008 18:42 29536]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 18:19 13592]
R3 3xHybrid;SAA7135 Analog + Digital TV Card;c:\windows\system32\drivers\3xHybrid.sys [18.7.2006 13:49 683904]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [18.12.2009 18:22 27632]
S2 gupdate1ca5427638f3db0;Služba Google Update (gupdate1ca5427638f3db0);c:\program files\Google\Update\GoogleUpdate.exe [23.10.2009 22:25 133104]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [24.7.2009 18:27 8704]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [24.7.2009 18:27 3072]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2.3.2010 20:12 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2.3.2010 20:12 8320]
S3 P730C;P730C;c:\windows\system32\drivers\P730C.sys [4.12.2006 1:37 25300]
S3 P730M;P730M;c:\windows\system32\drivers\P730M.sys [4.12.2006 1:37 25300]
S3 P730U;P730U;c:\windows\system32\drivers\P730U.sys [4.12.2006 1:37 49365]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-03-05 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 12:49]

2010-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-23 21:25]

2010-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-23 21:25]

2010-03-21 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Add to AMV Convert Tool... - e:\program2\MP3 Player Utilities 4.00\AMVConverter\grab.html
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: MediaManager tool grab multimedia file - e:\program2\MP3 Player Utilities 4.00\MediaManager\grab.html
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Tomik\Data aplikací\Mozilla\Firefox\Profiles\w9h06evg.default\
FF - prefs.js: browser.startup.homepage - http://www.seznam.cz
FF - component: c:\documents and settings\Tomik\Data aplikací\Mozilla\Firefox\Profiles\w9h06evg.default\extensions\{7E7165E2-0767-448c-852F-5FA8714F2C37}\components\PlainOldFavorites.dll
FF - component: c:\documents and settings\Tomik\Data aplikací\Mozilla\Firefox\Profiles\w9h06evg.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-21 17:19
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys >>UNKNOWN [0x8ADA18AC]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba8ecf28
\Driver\ACPI -> ACPI.sys @ 0xba67dcb8
\Driver\atapi -> atapi.sys @ 0xba4f9b40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579022
ParseProcedure -> ntkrnlpa.exe @ 0x80577c84
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579022
ParseProcedure -> ntkrnlpa.exe @ 0x80577c84
NDIS: -> SendCompleteHandler -> 0x0
PacketIndicateHandler -> 0x0
SendHandler -> 0x0
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3063369759-1615306458-201157244-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:95,a4,1d,5a,9a,ab,39,db,11,bd,47,33,6c,26,74,17,1b,da,d2,53,49,57,e2,
7d,e2,52,c3,48,ba,24,02,14,c7,70,1d,f5,c5,9c,ba,d8,e3,c1,22,9f,68,9a,ca,3d,\
"??"=hex:db,c7,2a,bc,48,8d,ed,70,6f,8d,d4,47,89,a7,8f,40

[HKEY_USERS\S-1-5-21-3063369759-1615306458-201157244-1006\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:27,4a,1b,fe,21,e0,83,82,83,d2,ae,cc,75,e4,28,7c,21,a0,cb,04,c7,
ca,60,5d,2b,8c,8a,c2,fd,0f,71,7c,44,1b,7c,3f,6d,35,4b,9a,11,b9,5d,78,32,ef,\
"rkeysecu"=hex:21,25,90,dd,7e,72,c0,4a,7b,e6,5e,c0,6f,4f,93,0e
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(1672)
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSCS.DLL
c:\windows\system32\nvwddi.dll
c:\program files\Labtec\Keyboard\V5.1\MOUDL32A.DLL
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Labtec\Keyboard\V5.1\MOUSE32A.EXE
c:\windows\SOUNDMAN.EXE
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\GIGABYTE\VGA Utility Manager\Utility.exe
.
**************************************************************************
.
Celkový čas: 2010-03-21 17:27:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-21 16:27
ComboFix2.txt 2010-03-21 15:20

Před spuštěním: Volných bajtů: 24 077 795 328
Po spuštění: Volných bajtů: 23 896 014 848

Current=18 Default=18 Failed=17 LastKnownGood=19 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19
- - End Of File - - C805BEA1ED56B5F024F4A52B9698F7C1

#11 Příspěvek od **Caroprd111** » 21 bře 2010 19:17

Nějak nemůžu najít ty odkazy.

PoldaX · #12 Příspěvek od **PoldaX** » 21 bře 2010 19:30

Zkopíroval jsem to do poznámkového bloku a nejde sem to dát že to nepodporuje txt. Jak to mám vložit (ten odkaz?) Děkuji

#13 Příspěvek od **Caroprd111** » 21 bře 2010 19:32

Vložte sem ty odkazy přes Ctrl + C a Ctrl + V (do příspěvku).

PoldaX · #14 Příspěvek od **PoldaX** » 21 bře 2010 19:36

Tak to ono:

Soubor P730C.sys přijatý 2010.03.21 16:39:03 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO

Výsledek: 0/42 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 2.
Odhadovaný čas začátku mezi 49 a 70 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.

Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.03.21 -
AhnLab-V3 5.0.0.2 2010.03.20 -
AntiVir 8.2.1.196 2010.03.19 -
Antiy-AVL 2.0.3.7 2010.03.19 -
Authentium 5.2.0.5 2010.03.21 -
Avast 4.8.1351.0 2010.03.21 -
Avast5 5.0.332.0 2010.03.21 -
AVG 9.0.0.787 2010.03.21 -
BitDefender 7.2 2010.03.21 -
CAT-QuickHeal 10.00 2010.03.19 -
ClamAV 0.96.0.0-git 2010.03.20 -
Comodo 4341 2010.03.21 -
DrWeb 5.0.1.12222 2010.03.21 -
eSafe 7.0.17.0 2010.03.21 -
eTrust-Vet 35.2.7376 2010.03.19 -
F-Prot 4.5.1.85 2010.03.21 -
F-Secure 9.0.15370.0 2010.03.21 -
Fortinet 4.0.14.0 2010.03.20 -
GData 19 2010.03.21 -
Ikarus T3.1.1.80.0 2010.03.21 -
Jiangmin 13.0.900 2010.03.21 -
K7AntiVirus 7.10.1002 2010.03.19 -
Kaspersky 7.0.0.125 2010.03.21 -
McAfee 5927 2010.03.21 -
McAfee+Artemis 5927 2010.03.21 -
McAfee-GW-Edition 6.8.5 2010.03.21 -
Microsoft 1.5605 2010.03.21 -
NOD32 4962 2010.03.21 -
Norman 6.04.09 2010.03.21 -
nProtect 2009.1.8.0 2010.03.21 -
Panda 10.0.2.2 2010.03.21 -
PCTools 7.0.3.5 2010.03.21 -
Prevx 3.0 2010.03.21 -
Rising 22.39.06.01 2010.03.21 -
Sophos 4.51.0 2010.03.21 -
Sunbelt 6009 2010.03.21 -
Symantec 20091.2.0.41 2010.03.21 -
TheHacker 6.5.2.0.241 2010.03.21 -
TrendMicro 9.120.0.1004 2010.03.21 -
VBA32 3.12.12.2 2010.03.19 -
ViRobot 2010.3.19.2236 2010.03.20 -
VirusBuster 5.0.27.0 2010.03.20 -
Rozšiřující informace
File size: 25300 bytes
MD5...: b7f88d160f8daf09140d241b19087bd8
SHA1..: 949f98078b55fcc357d67815facefd76cc7c7973
SHA256: 8c641920f0167e05bba5eb741b342342b3092c04114062c1d904d7d6012c14dd
ssdeep: 384:KdSipOW6nPxvtsPvi9E90zkfLly1SAUDXoBDijaXwR10UKoE3iGEef:KWnPh
tqiCzly1SAUDXoe5RuayJE+

PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x4e18
timedatestamp.....: 0x414958a5 (Thu Sep 16 09:11:01 2004)
machinetype.......: 0x14c (I386)

( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x300 0x3e50 0x3e80 6.19 6036e1013629619538e1f58ec093cd71
.data 0x4180 0xb9 0x100 2.31 de5db323b3c2125e998fe916ddc29db3
.CRT 0x4280 0xc 0x80 0.20 d5b9b25d372fa44c5eb8b26387e5fd85
.STL 0x4300 0x10 0x80 0.00 f09f35a5637839458e462e6350ecbce4
PAGE 0x4380 0xa65 0xa80 6.11 fc80027af8909faba6035780388d87ee
INIT 0x4e00 0x886 0x900 5.63 b0328feac02f44ca676cd8d2227f2747
.rsrc 0x5700 0x4a8 0x500 3.19 edbac561ab9b4f241edf5be50e6f8f6e
.reloc 0x5c00 0x668 0x680 5.37 c0d6eeceae4f88c646282325abe7eba5

( 2 imports )
> NTOSKRNL.EXE: ObfDereferenceObject, IofCallDriver, DbgPrint, PsTerminateSystemThread, InterlockedExchange, ZwClose, RtlWriteRegistryValue, wcscpy, wcslen, KeDelayExecutionThread, ZwQueryValueKey, RtlInitUnicodeString, IoOpenDeviceRegistryKey, ObReferenceObjectByHandle, PsCreateSystemThread, RtlDeleteRegistryValue, KeWaitForSingleObject, PoCallDriver, PoStartNextPowerIrp, IofCompleteRequest, RtlFreeUnicodeString, InterlockedIncrement, KeReleaseMutex, InterlockedDecrement, IoDeleteDevice, IoDeleteSymbolicLink, IoDetachDevice, IoReleaseCancelSpinLock, IoAcquireCancelSpinLock, KeClearEvent, KeSetEvent, IoIsWdmVersionAvailable, IoFreeIrp, IoAllocateIrp, PoRequestPowerIrp, IoCancelIrp, IoRegisterDeviceInterface, IoSetDeviceInterfaceState, KeInitializeSpinLock, ExFreePool, PoSetPowerState, IoAttachDeviceToDeviceStack, RtlAppendUnicodeStringToString, IoCreateSymbolicLink, IoCreateDevice, IoCreateUnprotectedSymbolicLink, ZwOpenKey, ZwCreateKey, memmove, KeInitializeEvent, KeInitializeMutex, KeRemoveEntryDeviceQueue, KefAcquireSpinLockAtDpcLevel, KefReleaseSpinLockFromDpcLevel, ExAllocatePoolWithTag
> HAL.DLL: KfReleaseSpinLock, KeGetCurrentIrql, KfAcquireSpinLock

( 0 exports )

RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
sigcheck:
publisher....: Mobile Action Technology Inc.
copyright....: (C) Mobile Action Technology Inc. All rights reserved.
product......: Handset Manager
description..: USB MODEM Driver
original name: hellowdm.sys
internal name: UsbModem
file version.: 1, 1, 1, 8
comments.....:
signers......: -
signing date.: -
verified.....: Unsigned

Soubor epmntdrv.sys přijatý 2010.03.21 16:42:37 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO

Výsledek: 0/42 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 4.
Odhadovaný čas začátku mezi 63 a 90 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.

Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.03.21 -
AhnLab-V3 5.0.0.2 2010.03.20 -
AntiVir 8.2.1.196 2010.03.19 -
Antiy-AVL 2.0.3.7 2010.03.19 -
Authentium 5.2.0.5 2010.03.21 -
Avast 4.8.1351.0 2010.03.21 -
Avast5 5.0.332.0 2010.03.21 -
AVG 9.0.0.787 2010.03.21 -
BitDefender 7.2 2010.03.21 -
CAT-QuickHeal 10.00 2010.03.19 -
ClamAV 0.96.0.0-git 2010.03.20 -
Comodo 4341 2010.03.21 -
DrWeb 5.0.1.12222 2010.03.21 -
eSafe 7.0.17.0 2010.03.21 -
eTrust-Vet 35.2.7376 2010.03.19 -
F-Prot 4.5.1.85 2010.03.21 -
F-Secure 9.0.15370.0 2010.03.21 -
Fortinet 4.0.14.0 2010.03.20 -
GData 19 2010.03.21 -
Ikarus T3.1.1.80.0 2010.03.21 -
Jiangmin 13.0.900 2010.03.21 -
K7AntiVirus 7.10.1002 2010.03.19 -
Kaspersky 7.0.0.125 2010.03.21 -
McAfee 5927 2010.03.21 -
McAfee+Artemis 5927 2010.03.21 -
McAfee-GW-Edition 6.8.5 2010.03.21 -
Microsoft 1.5605 2010.03.21 -
NOD32 4962 2010.03.21 -
Norman 6.04.09 2010.03.21 -
nProtect 2009.1.8.0 2010.03.21 -
Panda 10.0.2.2 2010.03.21 -
PCTools 7.0.3.5 2010.03.21 -
Prevx 3.0 2010.03.21 -
Rising 22.39.06.01 2010.03.21 -
Sophos 4.51.0 2010.03.21 -
Sunbelt 6009 2010.03.21 -
Symantec 20091.2.0.41 2010.03.21 -
TheHacker 6.5.2.0.241 2010.03.21 -
TrendMicro 9.120.0.1004 2010.03.21 -
VBA32 3.12.12.2 2010.03.19 -
ViRobot 2010.3.19.2236 2010.03.20 -
VirusBuster 5.0.27.0 2010.03.20 -
Rozšiřující informace
File size: 8704 bytes
MD5...: 57cc1bf06c159dfbb989f5783c0e6a50
SHA1..: fd25ae2f3e51b08816b5c3af712a36014be28078
SHA256: 6b878122d2533a3e162bcaf119d0d38ffe20183220a7b7639c3560c5db57a943
ssdeep: 96:GrbxkRoTRo9LtLcRlac3ff7RK00q3RX4/r0K9RDfTYjDZf0R2Ztq8KSNLcxLi
oFZ:pJgR9fN2qBIf9pYf0mtq81NL

PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1d05
timedatestamp.....: 0x4897e6b0 (Tue Aug 05 05:35:44 2008)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x480 0x15ce 0x1600 6.26 68c84af2632118f2fd70196641c7b92a
.rdata 0x1a80 0x1d5 0x200 4.74 a088f3513b68ed63036d47e4eae5b847
.data 0x1c80 0x60 0x80 1.27 e27918cd4bc6289095f759fcf3c65f72
INIT 0x1d00 0x352 0x380 5.20 6a966a3c841ac34cf9732bfe06224601
.reloc 0x2080 0x15e 0x180 4.14 3b178276205d421cad26b943ca2a438d

( 1 imports )
> ntoskrnl.exe: DbgPrint, IoDeleteDevice, IoDeleteSymbolicLink, ObfReferenceObject, IoGetDeviceObjectPointer, RtlInitUnicodeString, memset, IoFreeIrp, KeSetEvent, IoFreeMdl, MmUnlockPages, ExFreePoolWithTag, KeWaitForSingleObject, IofCallDriver, KeInitializeEvent, IoBuildAsynchronousFsdRequest, IofCompleteRequest, MmMapLockedPagesSpecifyCache, ObfDereferenceObject, IoGetAttachedDeviceReference, RtlUnicodeStringToInteger, ExAllocatePoolWithTag, memcpy, IoBuildDeviceIoControlRequest, IoCreateSymbolicLink, IoCreateDevice, KeTickCount, KeBugCheckEx, RtlAnsiCharToUnicodeChar

( 0 exports )

RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win16/32 Executable Delphi generic (25.4%)
Clipper DOS Executable (24.8%)
Generic Win/DOS Executable (24.6%)
DOS Executable Generic (24.6%)
VXD Driver (0.3%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

Soubor EuGdiDrv.sys přijatý 2010.03.21 16:44:32 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO

Výsledek: 0/42 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 1.
Odhadovaný čas začátku mezi 42 a 60 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.

Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.03.21 -
AhnLab-V3 5.0.0.2 2010.03.20 -
AntiVir 8.2.1.196 2010.03.19 -
Antiy-AVL 2.0.3.7 2010.03.19 -
Authentium 5.2.0.5 2010.03.21 -
Avast 4.8.1351.0 2010.03.21 -
Avast5 5.0.332.0 2010.03.21 -
AVG 9.0.0.787 2010.03.21 -
BitDefender 7.2 2010.03.21 -
CAT-QuickHeal 10.00 2010.03.19 -
ClamAV 0.96.0.0-git 2010.03.20 -
Comodo 4341 2010.03.21 -
DrWeb 5.0.1.12222 2010.03.21 -
eSafe 7.0.17.0 2010.03.21 -
eTrust-Vet 35.2.7376 2010.03.19 -
F-Prot 4.5.1.85 2010.03.21 -
F-Secure 9.0.15370.0 2010.03.21 -
Fortinet 4.0.14.0 2010.03.20 -
GData 19 2010.03.21 -
Ikarus T3.1.1.80.0 2010.03.21 -
Jiangmin 13.0.900 2010.03.21 -
K7AntiVirus 7.10.1002 2010.03.19 -
Kaspersky 7.0.0.125 2010.03.21 -
McAfee 5927 2010.03.21 -
McAfee+Artemis 5927 2010.03.21 -
McAfee-GW-Edition 6.8.5 2010.03.21 -
Microsoft 1.5605 2010.03.21 -
NOD32 4962 2010.03.21 -
Norman 6.04.09 2010.03.21 -
nProtect 2009.1.8.0 2010.03.21 -
Panda 10.0.2.2 2010.03.21 -
PCTools 7.0.3.5 2010.03.21 -
Prevx 3.0 2010.03.21 -
Rising 22.39.06.01 2010.03.21 -
Sophos 4.51.0 2010.03.21 -
Sunbelt 6009 2010.03.21 -
Symantec 20091.2.0.41 2010.03.21 -
TheHacker 6.5.2.0.241 2010.03.21 -
TrendMicro 9.120.0.1004 2010.03.21 -
VBA32 3.12.12.2 2010.03.19 -
ViRobot 2010.3.19.2236 2010.03.20 -
VirusBuster 5.0.27.0 2010.03.20 -
Rozšiřující informace
File size: 3072 bytes
MD5...: 5f779f5edab787f2d090c71a9051f365
SHA1..: f3a892028dc6f5e618c023e8d57b6617459b7ec0
SHA256: b2c4d872550a41a91efc2a12fe699e99b3f6baa26e68d75f1004389fbcf7db89
ssdeep: 24:e/GSeed/XveKChTKQD97CeDYlvDiAuxZhkSMJeQcIYFSC4c4tWW21g152AzYR
qrR:Q3hvtAKgBwbIZKpESC4LsWKYERRWL

PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x78e
timedatestamp.....: 0x48a14cf5 (Tue Aug 12 08:42:29 2008)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x400 0x448 0x480 5.91 d274f23352781cfc58577357bfc5f799
.rdata 0x880 0xeb 0x100 4.55 a5319e0d99b07471fa7d279c6dce6232
INIT 0x980 0x1d2 0x200 4.42 a55d2a66ed767c912467e14ecf38d5e5
.reloc 0xb80 0x60 0x80 3.31 b504644c5a309a4360ab9262a4e670ad

( 2 imports )
> ntoskrnl.exe: IofCompleteRequest, InbvDisplayString, InbvSetScrollRegion, InbvEnableDisplayString, RtlInitUnicodeString, InbvSetTextColor, IoCreateSymbolicLink, IoCreateDevice, IoDeleteSymbolicLink, IoDeleteDevice, InbvSolidColorFill, DbgPrint
> BOOTVID.dll: VidBufferToScreenBlt, VidScreenToBufferBlt, VidBitBlt

( 0 exports )

RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Clipper DOS Executable (33.3%)
Generic Win/DOS Executable (33.0%)
DOS Executable Generic (33.0%)
VXD Driver (0.5%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

Soubor browserchoice.exe přijatý 2010.03.21 16:48:40 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO

Výsledek: 0/40 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 1.
Odhadovaný čas začátku mezi 42 a 60 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.

Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.03.21 -
AhnLab-V3 5.0.0.2 2010.03.20 -
AntiVir 8.2.1.196 2010.03.19 -
Antiy-AVL 2.0.3.7 2010.03.19 -
Authentium 5.2.0.5 2010.03.21 -
Avast 4.8.1351.0 2010.03.21 -
Avast5 5.0.332.0 2010.03.21 -
AVG 9.0.0.787 2010.03.21 -
BitDefender 7.2 2010.03.21 -
CAT-QuickHeal 10.00 2010.03.19 -
ClamAV 0.96.0.0-git 2010.03.20 -
Comodo 4341 2010.03.21 -
DrWeb 5.0.1.12222 2010.03.21 -
eTrust-Vet 35.2.7376 2010.03.19 -
F-Prot 4.5.1.85 2010.03.21 -
F-Secure 9.0.15370.0 2010.03.21 -
Fortinet 4.0.14.0 2010.03.20 -
GData 19 2010.03.21 -
Ikarus T3.1.1.80.0 2010.03.21 -
Jiangmin 13.0.900 2010.03.21 -
K7AntiVirus 7.10.1002 2010.03.19 -
Kaspersky 7.0.0.125 2010.03.21 -
McAfee 5927 2010.03.21 -
McAfee+Artemis 5927 2010.03.21 -
McAfee-GW-Edition 6.8.5 2010.03.21 -
Microsoft 1.5605 2010.03.21 -
NOD32 4962 2010.03.21 -
Norman 6.04.09 2010.03.21 -
nProtect 2009.1.8.0 2010.03.21 -
Panda 10.0.2.2 2010.03.21 -
PCTools 7.0.3.5 2010.03.21 -
Prevx 3.0 2010.03.21 -
Rising 22.39.06.01 2010.03.21 -
Sophos 4.51.0 2010.03.21 -
Sunbelt 6009 2010.03.21 -
Symantec 20091.2.0.41 2010.03.21 -
TheHacker 6.5.2.0.241 2010.03.21 -
TrendMicro 9.120.0.1004 2010.03.21 -
ViRobot 2010.3.19.2236 2010.03.20 -
VirusBuster 5.0.27.0 2010.03.20 -
Rozšiřující informace
File size: 293376 bytes
MD5...: da1919d896dbd5895e138932ae9e398b
SHA1..: 361bee6e2535d9fc10a01ac6686be55d854fc5ba
SHA256: 4c5fb3c35ca7c2e10ae2920afd40e854c123219901c15a80941ac9f53eef97d7
ssdeep: 6144:IEesYclzRCayeopvGE0zM6s4D8e8FIBK86dNvMXfAo:IEerclzRCayeopvG
NzM6s4D8e8FIBK8f

PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x3363
timedatestamp.....: 0x4b737c6f (Thu Feb 11 03:41:35 2010)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x34ca 0x3600 6.18 e0356f94745647bc2bed78b680e83512
.data 0x5000 0x68c 0x400 5.80 28fcfd5ab0eb9c208220c87444240f30
.rsrc 0x6000 0x44000 0x43400 6.41 1370a78bf18215c408206d0638b25934
.reloc 0x4a000 0x648 0x800 2.72 cb9cda0ca1762d2b27ddcf4dd8860ae5

( 10 imports )
> ADVAPI32.dll: RegCloseKey, RegCreateKeyExW, GetTokenInformation, OpenProcessToken, CreateProcessAsUserW, SetTokenInformation, GetLengthSid, ConvertStringSidToSidW, DuplicateTokenEx
> KERNEL32.dll: GetLastError, VerifyVersionInfoW, VerSetConditionMask, FreeLibrary, GetProcAddress, LoadLibraryW, CloseHandle, GetCurrentProcess, GetUserGeoID, GetExitCodeProcess, WaitForSingleObject, LocalFree, GetModuleHandleW, lstrcmpA, GetModuleFileNameW, UnhandledExceptionFilter, TerminateProcess, GetSystemTimeAsFileTime, GetCurrentProcessId, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, GetModuleHandleA, SetUnhandledExceptionFilter, GetStartupInfoA, InterlockedCompareExchange, Sleep, InterlockedExchange
> USER32.dll: LoadStringW
> msvcrt.dll: _controlfp, _vsnwprintf, memset, __3@YAXPAX@Z, wcschr, _wcsnicmp, _terminate@@YAXXZ, __set_app_type, __p__fmode, __p__commode, __setusermatherr, _amsg_exit, _initterm, _acmdln, exit, _ismbblead, _XcptFilter, _exit, _cexit, __getmainargs, _wtoi, __2@YAPAXI@Z
> ole32.dll: CoUninitialize, CoTaskMemFree, CoCreateInstance, CoInitializeEx
> ntdll.dll: RtlUnwind
> SHELL32.dll: -, SHGetFolderPathW, -, -, ShellExecuteW, SHBindToParent
> SHLWAPI.dll: PathCombineW, PathAddExtensionW, -, SHRegGetBoolUSValueW, SHRegGetUSValueW, SHDeleteValueW, PathFindFileNameW, -, SHRegSetUSValueW, SHSetValueW
> WININET.dll: InternetGetCookieW, InternetSetCookieW
> OLEAUT32.dll: -, -

( 0 exports )

RDS...: NSRL Reference Data Set
-
pdfid.: -
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: Browser Choice
original name: browserchoice.exe
internal name: Browser Choice
file version.: 6.1.7600.16526 (win7_gdr.100210-1504)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

trid..: Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

Soubor moviemk.exe přijatý 2010.03.21 16:52:38 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO

Výsledek: 0/42 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 1.
Odhadovaný čas začátku mezi 42 a 60 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.

Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.03.21 -
AhnLab-V3 5.0.0.2 2010.03.20 -
AntiVir 8.2.1.196 2010.03.19 -
Antiy-AVL 2.0.3.7 2010.03.19 -
Authentium 5.2.0.5 2010.03.21 -
Avast 4.8.1351.0 2010.03.21 -
Avast5 5.0.332.0 2010.03.21 -
AVG 9.0.0.787 2010.03.21 -
BitDefender 7.2 2010.03.21 -
CAT-QuickHeal 10.00 2010.03.19 -
ClamAV 0.96.0.0-git 2010.03.20 -
Comodo 4341 2010.03.21 -
DrWeb 5.0.1.12222 2010.03.21 -
eSafe 7.0.17.0 2010.03.21 -
eTrust-Vet 35.2.7376 2010.03.19 -
F-Prot 4.5.1.85 2010.03.21 -
F-Secure 9.0.15370.0 2010.03.21 -
Fortinet 4.0.14.0 2010.03.20 -
GData 19 2010.03.21 -
Ikarus T3.1.1.80.0 2010.03.21 -
Jiangmin 13.0.900 2010.03.21 -
K7AntiVirus 7.10.1002 2010.03.19 -
Kaspersky 7.0.0.125 2010.03.21 -
McAfee 5927 2010.03.21 -
McAfee+Artemis 5927 2010.03.21 -
McAfee-GW-Edition 6.8.5 2010.03.21 -
Microsoft 1.5605 2010.03.21 -
NOD32 4962 2010.03.21 -
Norman 6.04.09 2010.03.21 -
nProtect 2009.1.8.0 2010.03.21 -
Panda 10.0.2.2 2010.03.21 -
PCTools 7.0.3.5 2010.03.21 -
Prevx 3.0 2010.03.21 -
Rising 22.39.06.01 2010.03.21 -
Sophos 4.51.0 2010.03.21 -
Sunbelt 6009 2010.03.21 -
Symantec 20091.2.0.41 2010.03.21 -
TheHacker 6.5.2.0.241 2010.03.21 -
TrendMicro 9.120.0.1004 2010.03.21 -
VBA32 3.12.12.2 2010.03.19 -
ViRobot 2010.3.19.2236 2010.03.20 -
VirusBuster 5.0.27.0 2010.03.21 -
Rozšiřující informace
File size: 3558912 bytes
MD5...: e002a7e05185bd7fc7646cd229311b22
SHA1..: 12ad930da43fb8f0e70719233ef7d8b9159407c8
SHA256: 3adade66abce7f85f9405afe9bc24df04915b749e455bf55e17aed6be91304e5
ssdeep: 49152:pKawgpy+qMBYVqILjO+QpKuyzYETj2CQWpVE8lwzImdB8x1yrZO:Eawgpy
SBYV/jOfpgzkCpVEyPGu1G

PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x160272
timedatestamp.....: 0x4ae1cb82 (Fri Oct 23 15:28:02 2009)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x2cc2ee 0x2cc400 6.44 ee1a04bed51a99d816129f865947c2d7
.data 0x2ce000 0x73bc 0x4000 3.35 0bee4ec0767d4a83aa68fa1a1040b63e
MovieMak 0x2d6000 0x4 0x200 0.07 1d7d80e8b5ce8c86e7c833467964b6ae
.rsrc 0x2d7000 0x942c8 0x94400 6.53 2a1e5a1f361249b5c2fbb0e2e5236847

( 23 imports )
> msvcrt.dll: __3@YAXPAX@Z, __2@YAPAXI@Z, _ftol, realloc, malloc, free, wcscmp, _purecall, memmove, wcsstr, _wcsicmp, _snwprintf, wcsrchr, _wfullpath, iswspace, _wtoi, ceil, wcscat, wcsncpy, _wfopen, fclose, fgetc, fread, ftell, fseek, isprint, strncpy, tolower, _vsnwprintf, iswctype, _wtol, isdigit, wcsncmp, _strnicmp, vswprintf, iswdigit, wcsncat, _wcsnicmp, swprintf, wcscpy, wcslen, _endthreadex, calloc, _beginthreadex, srand, time, qsort, wcschr, _wcsrev, sprintf, wcspbrk, rand, _stricmp, ctime, swscanf, _c_exit, _exit, __CxxFrameHandler, _XcptFilter, _cexit, exit, _controlfp, _onexit, __dllonexit, _terminate@@YAXXZ, _except_handler3, __set_app_type, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _initterm, __getmainargs, _acmdln
> ADVAPI32.dll: RegEnumValueW, RegOpenKeyExW, RegOpenKeyExA, RegQueryValueExA, RegQueryValueExW, RegSetValueExW, RegDeleteValueW, RegCreateKeyExW, RegDeleteKeyW, RegEnumKeyExW, RegEnumKeyW, RegCloseKey
> KERNEL32.dll: FindClose, GetFileAttributesW, SetErrorMode, GlobalUnlock, GlobalLock, GlobalAlloc, FindFirstFileW, DeleteFileW, CopyFileW, lstrcpynA, lstrcpynW, GetLastError, GetFullPathNameW, GetDiskFreeSpaceExW, GetLocaleInfoW, GetNumberFormatW, CompareStringW, lstrcmpiW, FreeResource, GlobalFree, GlobalHandle, InitializeCriticalSection, DeleteCriticalSection, MultiByteToWideChar, lstrcatW, GetModuleFileNameW, SetThreadPriority, FindNextFileW, GetProfileIntW, GetTempPathW, CloseHandle, UnmapViewOfFile, MapViewOfFile, OpenFileMappingA, WaitForSingleObject, GetLongPathNameW, lstrlenA, EnumResourceLanguagesW, GetTickCount, Sleep, CreateFileMappingA, CreateEventW, GetUserDefaultUILanguage, SetEvent, CreateDirectoryW, GetShortPathNameW, ReleaseMutex, CreateMutexW, GetCommandLineW, CreateFileW, MoveFileW, GetTempFileNameW, CompareFileTime, SleepEx, GetFileSize, GetDriveTypeW, WideCharToMultiByte, GetACP, SizeofResource, WriteFile, VirtualProtect, VirtualQuery, GetModuleHandleW, EnumUILanguagesW, LoadLibraryExW, ExpandEnvironmentStringsW, SetEnvironmentVariableW, QueryPerformanceCounter, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetModuleHandleA, GetStartupInfoA, GetCurrentProcessId, FindResourceW, LoadResource, LockResource, GetVersionExW, LoadLibraryW, GetProcAddress, FreeLibrary, InterlockedIncrement, lstrcmpW, lstrcpyW, MulDiv, SetLastError, GetCurrentThreadId, EnterCriticalSection, LeaveCriticalSection, GetCurrentProcess, FlushInstructionCache, FormatMessageW, LocalFree, InterlockedDecrement, lstrlenW, SetFilePointer, DebugBreak, LocalAlloc, GetVolumeInformationW, MapViewOfFileEx, CreateFileMappingW, GetPrivateProfileIntW, GetPrivateProfileStringW, SetEndOfFile, OutputDebugStringW, GetExitCodeThread, ResetEvent, GetVolumeNameForVolumeMountPointW, DeviceIoControl, WaitForMultipleObjects, PostQueuedCompletionStatus, ReadDirectoryChangesW, GetOverlappedResult, GetQueuedCompletionStatus, CreateIoCompletionPort, GetDiskFreeSpaceW, GetFileSizeEx, SetFilePointerEx, VirtualAlloc, VirtualFree, LoadLibraryA, HeapAlloc, GetProcessHeap, HeapFree, GetVersion, HeapDestroy, IsBadWritePtr, WinExec, GetTimeFormatW, GetDateFormatW, SystemTimeToTzSpecificLocalTime, FileTimeToSystemTime, GlobalSize, GetFileAttributesExW, SetFileAttributesW, RemoveDirectoryW, ReadFile, SetThreadExecutionState, GetUserDefaultLCID, IsBadReadPtr, GetThreadLocale, CreateThread, GetSystemTimeAsFileTime
> GDI32.dll: ExcludeClipRect, GetDIBits, GetObjectA, TextOutW, Polygon, CombineRgn, SetRectRgn, CreateRectRgnIndirect, GetClipBox, DPtoLP, GetLayout, CreateRectRgn, StretchBlt, SelectClipRgn, ExtTextOutW, Rectangle, SetViewportOrgEx, SetROP2, GetNearestColor, CreatePen, CreateDCW, GetCurrentObject, RestoreDC, LineTo, LPtoDP, SetWindowOrgEx, SetMapMode, SaveDC, MoveToEx, GetTextMetricsW, GetTextExtentPoint32W, CreateSolidBrush, GetStockObject, GetDeviceCaps, CreateDIBSection, CreateCompatibleBitmap, SetBrushOrgEx, CreateFontIndirectW, SetBkMode, CreateCompatibleDC, BitBlt, CreateBitmap, CreatePatternBrush, SelectObject, PatBlt, DeleteDC, DeleteObject, GetObjectW, SetBkColor, SetTextColor
> USER32.dll: GetDesktopWindow, RedrawWindow, CreateAcceleratorTableW, PostQuitMessage, LoadStringA, GetDlgItemInt, LoadIconW, DrawIcon, SetDlgItemInt, GetCursorPos, GetDlgCtrlID, DrawFocusRect, DispatchMessageW, TranslateMessage, GetMessageW, CreateDialogIndirectParamW, GetMenu, SetMenu, BringWindowToTop, GetWindowPlacement, GetTopWindow, TranslateAcceleratorW, GetMenuStringW, AppendMenuW, FindWindowW, EnableMenuItem, InsertMenuW, DeleteMenu, EndMenu, AdjustWindowRectEx, TrackPopupMenu, SetRect, PostThreadMessageW, IsIconic, SetProcessDefaultLayout, ScrollWindowEx, SetScrollPos, GetScrollInfo, SetScrollInfo, IsRectEmpty, GetAsyncKeyState, GetIconInfo, SetClassLongW, DrawTextExW, UnionRect, IntersectRect, IsDlgButtonChecked, CheckDlgButton, GetProcessDefaultLayout, GetDoubleClickTime, InvalidateRgn, TrackMouseEvent, ClipCursor, UpdateLayeredWindow, DestroyCursor, NotifyWinEvent, DragDetect, GetClassLongW, LoadAcceleratorsW, GetDC, UnregisterClassW, DestroyIcon, DialogBoxParamW, GetWindowTextLengthW, GetWindowTextW, SetForegroundWindow, SetWindowPlacement, ClientToScreen, PeekMessageW, DrawFrameControl, InflateRect, OffsetRect, FrameRect, DrawTextW, GetKeyState, CharNextW, CharLowerW, WindowFromPoint, MessageBeep, GetActiveWindow, GetWindowThreadProcessId, IsMenu, SetWindowsHookExW, UnhookWindowsHookEx, GetClassNameW, CallNextHookEx, GetSubMenu, GetLastActivePopup, MessageBoxW, ModifyMenuW, TrackPopupMenuEx, LoadBitmapW, MoveWindow, CreatePopupMenu, FindWindowExW, LoadMenuW, PostMessageW, DrawEdge, SetCapture, GetCapture, SetCursor, ReleaseDC, GetWindowDC, EndPaint, BeginPaint, GetMessagePos, ScreenToClient, PtInRect, ReleaseCapture, GetAncestor, SetMenuDefaultItem, GetMenuItemCount, GetMenuItemID, GetMenuItemInfoW, SetMenuItemInfoW, GetSystemMetrics, CallWindowProcW, DefWindowProcW, SetActiveWindow, IsWindowVisible, IsChild, GetClassInfoExW, LoadCursorW, wsprintfW, RegisterClassExW, InvalidateRect, RegisterWindowMessageW, CreateDialogParamW, CopyRect, IsWindowEnabled, GetFocus, SetFocus, EnableWindow, GetNextDlgTabItem, KillTimer, SetTimer, UpdateWindow, SetWindowTextW, CreateWindowExW, DestroyMenu, RemoveMenu, SendMessageW, DestroyWindow, EndDialog, LoadImageW, SetWindowLongW, IsWindow, IsDialogMessageW, GetDlgItem, ShowWindow, GetSystemMenu, GetSysColor, GetSysColorBrush, FillRect, LoadStringW, GetWindow, GetWindowRect, SystemParametersInfoW, MapWindowPoints, SetWindowPos, GetParent, SetDlgItemTextW, GetClientRect, GetWindowLongW, GetWindowLongA, GetClassNameA, SendMessageA, IsWindowUnicode, DrawTextA, MapDialogRect, CopyImage, RegisterClipboardFormatW, GetMonitorInfoW, MonitorFromWindow, CharUpperW, CopyIcon, GetForegroundWindow, EqualRect, MsgWaitForMultipleObjects, DestroyAcceleratorTable, SetWindowRgn, CharUpperBuffW, SetRectEmpty, GetMessageTime
> comdlg32.dll: GetOpenFileNameW, GetSaveFileNameW, ChooseColorW
> SHELL32.dll: ShellAboutW, ShellExecuteW, ShellExecuteExW, SHGetDiskFreeSpaceExW, SHGetSettings, SHGetPathFromIDListW, SHGetFolderPathW, DragQueryFileW, SHAddToRecentDocs, SHGetMalloc, SHParseDisplayName, SHGetFileInfoW, SHBrowseForFolderW, SHPathPrepareForWriteW, SHGetSpecialFolderPathW, CommandLineToArgvW, SHFileOperationW, SHCreateQueryCancelAutoPlayMoniker, SHGetDesktopFolder, SHGetFolderLocation, -, SHGetFolderPathAndSubDirW
> ole32.dll: RegisterDragDrop, GetRunningObjectTable, CreateStreamOnHGlobal, OleUninitialize, CoTaskMemFree, StringFromCLSID, CoTaskMemAlloc, OleLockRunning, CLSIDFromProgID, CLSIDFromString, OleGetClipboard, ReleaseStgMedium, OleFlushClipboard, OleIsCurrentClipboard, CoUninitialize, CoInitialize, CoRevokeClassObject, CoRegisterClassObject, CoResumeClassObjects, StringFromGUID2, RevokeDragDrop, StgIsStorageFile, OleSaveToStream, WriteClassStm, OleLoadFromStream, CreateOleAdviseHolder, OleRegGetUserType, OleRegEnumVerbs, CoMarshalInterThreadInterfaceInStream, CoGetInterfaceAndReleaseStream, PropVariantClear, StgCreatePropStg, StgOpenPropStg, FreePropVariantArray, CoCreateGuid, StgOpenStorage, StgCreateDocfile, OleSetClipboard, CoCreateInstance, CoFreeUnusedLibraries, DoDragDrop, OleInitialize
> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> COMCTL32.dll: -, ImageList_Destroy, ImageList_AddMasked, ImageList_Add, ImageList_Create, ImageList_ReplaceIcon, ImageList_GetIcon, ImageList_GetImageCount, ImageList_Draw, ImageList_DrawIndirect, DestroyPropertySheetPage, PropertySheetW, CreatePropertySheetPageW, _TrackMouseEvent, ImageList_Remove, ImageList_GetIconSize, InitCommonControlsEx, ImageList_LoadImageW, CreateStatusWindowW
> SHLWAPI.dll: PathIsURLW, PathSkipRootW, PathCanonicalizeW, PathFindNextComponentW, UrlIsW, PathAddBackslashW, UrlGetPartW, PathIsRelativeW, PathRemoveFileSpecW, StrRetToStrW, PathCompactPathExW, StrCmpLogicalW, PathFindExtensionW, PathFindFileNameW, SHAutoComplete, PathStripToRootW
> WINMM.dll: mixerOpen, mixerClose, mixerGetLineControlsW, mixerSetControlDetails, mixerGetControlDetailsW, mixerGetDevCapsW, timeGetTime, waveOutGetNumDevs, mixerGetNumDevs, mixerGetID, waveOutClose, waveOutOpen, mixerGetLineInfoW
> RPCRT4.dll: UuidCreate, RpcStringFreeA, UuidToStringW, RpcStringFreeW, UuidFromStringW, UuidEqual, UuidToStringA
> WMVCore.DLL: WMCreateProfileManager, WMCreateEditor, WMCreateReader
> gdiplus.dll: GdipGetImageGraphicsContext, GdipDrawImagePointRectI, GdipCreatePen1, GdipCreateBitmapFromResource, GdipFree, GdipDrawRectangleI, GdipDrawImageRectRect, GdipSaveImageToStream, GdipGetImageWidth, GdipGetImageHeight, GdipGetImagePixelFormat, GdipDeletePen, GdipSetPropertyItem, GdipCreateBitmapFromFile, GdipCreateBitmapFromFileICM, GdipCreateBitmapFromStream, GdipCreateBitmapFromStreamICM, GdipCreateBitmapFromScan0, GdipCreateBitmapFromGdiDib, GdipCreateHBITMAPFromBitmap, GdipBitmapLockBits, GdipBitmapUnlockBits, GdipGetImageEncodersSize, GdipGetImageEncoders, GdipGraphicsClear, GdipGetImageThumbnail, GdipGetImageHorizontalResolution, GdipGetImageVerticalResolution, GdipGetPropertyItemSize, GdipGetPropertyItem, GdipCreateFromHDC, GdipSetInterpolationMode, GdipDrawImageRectI, GdipDrawImageRectRectI, GdipAlloc, GdipCloneImage, GdipGetFontCollectionFamilyCount, GdipNewInstalledFontCollection, GdipDeleteFontFamily, GdipDeleteFont, GdiplusShutdown, GdiplusStartup, GdipDeleteGraphics, GdipDisposeImage, GdipImageGetFrameCount, GdipCreateBitmapFromHBITMAP, GdipCloneFontFamily, GdipGetFontCollectionFamilyList, GdipGetFamilyName, GdipIsStyleAvailable, GdipCreateFontFromDC, GdipCreateFontFromLogfontA, GdipGetFamily, GdipSaveImageToFile, GdipSetSmoothingMode
> Secur32.dll: GetUserNameExW
> MSIMG32.dll: GradientFill, AlphaBlend
> VERSION.dll: VerQueryValueW, GetFileVersionInfoSizeW, GetFileVersionInfoW
> UxTheme.dll: GetThemeInt, DrawThemeBackground, OpenThemeData, CloseThemeData, IsAppThemed
> AVIFIL32.dll: AVIFileOpenW
> CRYPT32.dll: CryptProtectData, CryptUnprotectData
> WININET.dll: FtpSetCurrentDirectoryW, HttpSendRequestW, InternetConnectW, FtpCreateDirectoryW, InternetAutodial, InternetAttemptConnect, InternetGoOnlineW, InternetCheckConnectionW, InternetOpenW, InternetGetLastResponseInfoW, HttpOpenRequestW, HttpAddRequestHeadersW, HttpSendRequestExW, HttpEndRequestW, InternetOpenUrlW, InternetReadFile, InternetCloseHandle, InternetGetConnectedState, InternetWriteFile
> urlmon.dll: CoGetClassObjectFromURL, CreateFormatEnumerator, CreateAsyncBindCtx

( 43 exports )
__0CtrlContainerFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAXPAVCompositeFrame@1@@Z, __0CtrlFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAXPAVCompositeFrame@1@@Z, __0FrameEqualizer@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@@Z, __0GroupBoxFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAX1PAVCompositeFrame@1@@Z, __0GroupBoxFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAXPAVCompositeFrame@1@@Z, __0HorizFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAVCompositeFrame@1@@Z, __0IMsoAutoLayoutDialog@DlgAutoLayout@@IAE@XZ, __0ListEditFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAX1PAVCompositeFrame@1@@Z, __0MsoWCtrlContainerFrame@@QAE@AAVIMsoWAutoLayoutDialog@@GPAVMsoWCompositeFrame@@@Z, __0MsoWCtrlFrame@@QAE@AAVIMsoWAutoLayoutDialog@@GPAVMsoWCompositeFrame@@@Z, __0MsoWFrameEqualizer@@QAE@AAVIMsoWAutoLayoutDialog@@@Z, __0MsoWGroupBoxFrame@@QAE@AAVIMsoWAutoLayoutDialog@@GGPAVMsoWCompositeFrame@@@Z, __0MsoWGroupBoxFrame@@QAE@AAVIMsoWAutoLayoutDialog@@GPAVMsoWCompositeFrame@@@Z, __0MsoWHorizFrame@@QAE@AAVIMsoWAutoLayoutDialog@@PAVMsoWCompositeFrame@@@Z, __0MsoWListEditFrame@@QAE@AAVIMsoWAutoLayoutDialog@@GGPAVMsoWCompositeFrame@@@Z, __0MsoWNumInputFrame@@QAE@AAVIMsoWAutoLayoutDialog@@GGPAVMsoWCompositeFrame@@@Z, __0MsoWOverlapFrame@@QAE@AAVIMsoWAutoLayoutDialog@@PAVMsoWCompositeFrame@@@Z, __0MsoWTabCtrlFrame@@QAE@AAVIMsoWAutoLayoutDialog@@GPAVMsoWCompositeFrame@@@Z, __0MsoWTableFrame@@QAE@AAVIMsoWAutoLayoutDialog@@HHPAVMsoWCompositeFrame@@@Z, __0MsoWVertFrame@@QAE@AAVIMsoWAutoLayoutDialog@@PAVMsoWCompositeFrame@@@Z, __0NumInputFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAX1PAVCompositeFrame@1@@Z, __0NumInputFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAXPAVCompositeFrame@1@@Z, __0OverlapFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAVCompositeFrame@1@@Z, __0TabCtrlFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAX1PAVCompositeFrame@1@@Z, __0TabCtrlFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAXPAVCompositeFrame@1@@Z, __0TableFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@HHPAVCompositeFrame@1@@Z, __0VertFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAVCompositeFrame@1@@Z, __1IMsoAutoLayoutDialog@DlgAutoLayout@@MAE@XZ, _MsoDALCheckBoxBMHeight@0, _MsoDALCheckBoxBMWidth@0, _MsoDALCheckBoxBMWidthPlusMargin@4, _MsoDALDestructFrames@4, _MsoDALEditStrHeightPix@4, _MsoDALFDlgIsValid@4, _MsoDALGroupBoxNoLabelTopAdjustPix@4, _MsoDALMarkDlgInvalid@4, _MsoDALSuspendFrameDestruction@4, _MsoDUToPix@12, _MsoDestroyIMsoWAutoLayoutDialog@4, _MsoFCreateIMsoWAutoLayoutDialog@12, _MsoPixToDU@12, _MsoWIsAutoLayoutEnabled@8, _MsoWTabCtrlIndexToHwnd@8

RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: Copyright (C) Microsoft Corp, 2004
product......: Windows Movie Maker
description..: Windows Movie Maker
original name: MOVIEMK2.EXE
internal name: MOVIEMK2
file version.: 2, 1, 4027, 0
comments.....:
signers......: -
signing date.: -
verified.....: Unsigned

Soubor cdrom.sys přijatý 2010.03.21 17:00:40 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO

Výsledek: 0/42 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: ___.
Odhadovaný čas začátku mezi ___ a ___ .
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.

Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.03.21 -
AhnLab-V3 5.0.0.2 2010.03.20 -
AntiVir 8.2.1.196 2010.03.19 -
Antiy-AVL 2.0.3.7 2010.03.19 -
Authentium 5.2.0.5 2010.03.21 -
Avast 4.8.1351.0 2010.03.21 -
Avast5 5.0.332.0 2010.03.21 -
AVG 9.0.0.787 2010.03.21 -
BitDefender 7.2 2010.03.21 -
CAT-QuickHeal 10.00 2010.03.19 -
ClamAV 0.96.0.0-git 2010.03.20 -
Comodo 4341 2010.03.21 -
DrWeb 5.0.1.12222 2010.03.21 -
eSafe 7.0.17.0 2010.03.21 -
eTrust-Vet 35.2.7376 2010.03.19 -
F-Prot 4.5.1.85 2010.03.21 -
F-Secure 9.0.15370.0 2010.03.21 -
Fortinet 4.0.14.0 2010.03.20 -
GData 19 2010.03.21 -
Ikarus T3.1.1.80.0 2010.03.21 -
Jiangmin 13.0.900 2010.03.21 -
K7AntiVirus 7.10.1002 2010.03.19 -
Kaspersky 7.0.0.125 2010.03.21 -
McAfee 5927 2010.03.21 -
McAfee+Artemis 5927 2010.03.21 -
McAfee-GW-Edition 6.8.5 2010.03.21 -
Microsoft 1.5605 2010.03.21 -
NOD32 4962 2010.03.21 -
Norman 6.04.09 2010.03.21 -
nProtect 2009.1.8.0 2010.03.21 -
Panda 10.0.2.2 2010.03.21 -
PCTools 7.0.3.5 2010.03.21 -
Prevx 3.0 2010.03.21 -
Rising 22.39.06.01 2010.03.21 -
Sophos 4.51.0 2010.03.21 -
Sunbelt 6009 2010.03.21 -
Symantec 20091.2.0.41 2010.03.21 -
TheHacker 6.5.2.0.241 2010.03.21 -
TrendMicro 9.120.0.1004 2010.03.21 -
VBA32 3.12.12.2 2010.03.19 -
ViRobot 2010.3.19.2236 2010.03.20 -
VirusBuster 5.0.27.0 2010.03.21 -
Rozšiřující informace
File size: 62976 bytes
MD5...: 1f4260cc5b42272d71f79e570a27a4fe
SHA1..: a80d103eecfe831b93c01f092abcddae90bccd6f
SHA256: b51c2a3ed3c309953d0ea45869c8e464c10f2533dade9e0286af674979098d1d
ssdeep: 1536:WxY6E/OU1rQzm/P174HlqV17EjmwzYVmcsdR:Wj/U1rQ6F74HQV7YYVmcsd
R

PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xd7f2
timedatestamp.....: 0x480253ad (Sun Apr 13 18:40:45 2008)
machinetype.......: 0x14c (I386)

( 11 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x380 0xb336 0xb380 6.47 5a32f306185e1a4ad2cd99f78fd68f95
.rdata 0xb700 0x7ca 0x800 4.59 b065c91fa7f5b699dfa951ee12c50867
.data 0xbf00 0x50 0x80 2.98 3af530f8b58513e653816241f3fd659b
PAGE 0xbf80 0x101b 0x1080 6.05 3a567203d8c32be151bb69e1e2d2b354
PAGEHIT2 0xd000 0x65 0x80 4.39 52e50ac51e6ac2a003e6f84d722e794d
PAGEHITA 0xd080 0x196 0x200 5.48 9e26e56d44e1e2d1516ae69518e050c9
PAGETOSH 0xd280 0x218 0x280 5.60 15796fdd18f07fbca32fce140b5edff7
PAGE 0xd500 0x110 0x180 1.81 b9ffcbab85ed2ab7cfe06001fcc62b34
INIT 0xd680 0xcde 0xd00 5.64 281ca5d003b86f3af422b4ab89db87e2
.rsrc 0xe380 0x3d8 0x400 3.32 7e2d33ab3e6191db9c89c25eb49d0126
.reloc 0xe780 0xe40 0xe80 6.59 52696ee940c55b8f96b1d57bd654d493

( 3 imports )
> ntoskrnl.exe: IoSetHardErrorOrVerifyDevice, _allshr, MmLockPagableDataSection, KeDelayExecutionThread, _allmul, IoSetDeviceInterfaceState, IoRegisterDeviceInterface, RtlGetVersion, KeInitializeSpinLock, MmUnlockPagableImageSection, RtlFreeUnicodeString, IoSetStartIoAttributes, strchr, memmove, _allshl, IoFreeWorkItem, IoReportTargetDeviceChangeAsynchronous, KeReleaseMutex, _aullshr, KeTickCount, ZwCreateKey, KeBugCheckEx, IoGetAttachedDeviceReference, ObfDereferenceObject, IoGetDriverObjectExtension, sprintf, IoAttachDeviceToDeviceStack, IoDeleteDevice, KeInitializeMutex, KeSetEvent, KeClearEvent, IoReuseIrp, KeInitializeEvent, IofCompleteRequest, KeEnterCriticalRegion, KeWaitForSingleObject, KeLeaveCriticalRegion, IoStartPacket, IoAllocateWorkItem, IoQueueWorkItem, RtlWriteRegistryValue, IoOpenDeviceRegistryKey, RtlQueryRegistryValues, ZwClose, swprintf, IoCreateSymbolicLink, IoDeleteSymbolicLink, IoAllocateIrp, IoAllocateMdl, MmBuildMdlForNonPagedPool, IoFreeMdl, IoFreeIrp, ExAllocatePoolWithTag, IoBuildAsynchronousFsdRequest, ExFreePoolWithTag, IofCallDriver, IoGetConfigurationInformation, IoWMIRegistrationControl, RtlInitUnicodeString, WmiQueryTraceInformation, WmiTraceMessage, IoAllocateDriverObjectExtension, IoStartNextPacket
> HAL.dll: KfRaiseIrql, KfAcquireSpinLock, KfReleaseSpinLock, KeGetCurrentIrql, KeRaiseIrqlToDpcLevel, KfLowerIrql
> CLASSPNP.SYS: ClassGetVpb, ClassDisableMediaChangeDetection, ClassFindModePage, ClassSpinDownPowerHandler, ClassInitialize, ClassDeleteSrbLookasideList, ClassGetDriverExtension, ClassInitializeSrbLookasideList, ClassQueryTimeOutRegistryValue, ClassReadDriveCapacity, ClassInitializeMediaChangeDetection, ClassGetDeviceParameter, ClassSetDeviceParameter, ClassResetMediaChangeTimer, ClassScanForSpecial, ClassReleaseQueue, ClassBuildRequest, ClassSplitRequest, ClassClaimDevice, ClassCreateDeviceObject, ClassUpdateInformationInRegistry, ClassInterpretSenseInfo, ClassEnableMediaChangeDetection, ClassIoComplete, ClassSendSrbAsynchronous, ClassSendSrbSynchronous, ClassSendDeviceIoControlSynchronous, ClassAsynchronousCompletion, ClassSendStartUnit, ClassAcquireRemoveLockEx, ClassReleaseRemoveLock, ClassCompleteRequest, ClassDeviceControl

( 0 exports )

RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win64 Executable Generic (95.5%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
packers (Kaspersky): PE_Patch
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: SCSI CD-ROM Driver
original name: cdrom.sys
internal name: cdrom.sys
file version.: 5.1.2600.5512 (xpsp.080413-2108)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

#15 Příspěvek od **Caroprd111** » 21 bře 2010 19:39

Po dokončení testu sem musíte vložit odkaz z adresního řádku prohlížeče.

VIRY.CZ

XP SECURITY TOOL 2010

XP SECURITY TOOL 2010

Re: XP SECURITY TOOL 2010

Re: XP SECURITY TOOL 2010

Re: XP SECURITY TOOL 2010

Re: XP SECURITY TOOL 2010

Re: XP SECURITY TOOL 2010

Re: XP SECURITY TOOL 2010

Re: XP SECURITY TOOL 2010

Re: XP SECURITY TOOL 2010

Re: XP SECURITY TOOL 2010

Re: XP SECURITY TOOL 2010

Re: XP SECURITY TOOL 2010

Re: XP SECURITY TOOL 2010

Re: XP SECURITY TOOL 2010

Re: XP SECURITY TOOL 2010