PC-HELP.CZ

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 19:37:35, on 21.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Ashampoo\Ashampoo HDD Control\HDDControlGuard.exe
C:\WINDOWS\system32\uuqh.exe
C:\WINDOWS\system32\imPlayok.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\feryking\imPlayok.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\msa.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashChest.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Spyware Terminator\Spywareterminator.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Ashampoo HDD Control Guard] C:\Program Files\Ashampoo\Ashampoo HDD Control\HDDControlGuard.exe
O4 - HKLM\..\Run: [uuqh] C:\WINDOWS\system32\uuqh.exe \u
O4 - HKLM\..\Run: [imPlayok] C:\WINDOWS\system32\imPlayok.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [imPlayok] C:\Documents and Settings\feryking\imPlayok.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo HDD Control\Dfsdks.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 6760 bytes

Jen jednoho? Myslím, že se shodneme na třech Vypni si natrvalo rezidenta u ST.

Odinstaluj si Crawler Toolbar.

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [uuqh] C:\WINDOWS\system32\uuqh.exe \u
O4 - HKLM\..\Run: [imPlayok] C:\WINDOWS\system32\imPlayok.exe
O4 - HKCU\..\Run: [imPlayok] C:\Documents and Settings\feryking\imPlayok.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
*****************************************************************************************************************************************
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

21.1.2010 20:29:33
mbam-log-2010-01-21 (20-29-28).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 102458
Uplynulý čas: 3 minute(s), 26 second(s)

Infikované procesy v paměti: 1
Infikované moduly v paměti: 0
Infikované klíče registru: 3
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 5

Infikované procesy v paměti:
C:\WINDOWS\msa.exe (Trojan.Agent) -> No action taken.

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSHNAS (Trojan.Renos) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.

Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\kr_done1 (Malware.Trace) -> No action taken.

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> No action taken.
C:\WINDOWS\system32\kr_done1 (Malware.Trace) -> No action taken.
C:\Documents and Settings\feryking\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> No action taken.
C:\WINDOWS\msa.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.

Takže spusť znovu MbAM a dej Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Konec

Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

21.1.2010 21:06:03
mbam-log-2010-01-21 (21-06-03).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 103498
Uplynulý čas: 3 minute(s), 28 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

Musim do prace zitra se ozvu. Dekuji za pomoc

Jasně, pak sem dej ten log z ComboFixu.

ComboFix 10-01-22.01 - feryking 23.01.2010 8:08.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1474 [GMT 1:00]
Spuštěný z: c:\documents and settings\feryking\Plocha\ComboFix.exe
Použité ovládací přepínače :: /u
AV: avast! antivirus 4.8.1368 [VPS 100122-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\cdrom.sys chyběl.
Obnovena kopie z - c:\system volume information\_restore{DFA50383-5E62-48BC-9240-6A96668194A3}\RP42\A0028255.sys

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS


((((((((((((((((((((((((( Soubory vytvořené od 2009-12-23 do 2010-01-23 )))))))))))))))))))))))))))))))
.

2010-01-23 07:10 . 2008-04-13 22:10 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys
2010-01-22 16:59 . 2010-01-22 16:59 -------- d-----w- C:\found.003
2010-01-21 19:23 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-21 19:10 . 2010-01-21 19:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-21 19:10 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-21 18:37 . 2010-01-21 18:37 -------- d-----w- c:\program files\TrendMicro
2010-01-21 18:25 . 2010-01-22 10:42 -------- d-----w- c:\program files\WinClamAVShield
2010-01-21 18:23 . 2010-01-21 18:23 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-01-21 18:14 . 2010-01-22 19:14 -------- d-----w- c:\program files\Spyware Terminator
2010-01-21 16:53 . 2010-01-21 16:53 -------- d-----w- C:\found.002
2010-01-21 15:59 . 2010-01-21 15:59 57856 ---h--w- c:\documents and settings\feryking\ojl.exe
2010-01-21 15:23 . 2010-01-21 19:04 -------- d-----w- c:\program files\HDD Regenerator
2010-01-21 15:21 . 2010-01-21 15:21 -------- d-----w- C:\found.001
2010-01-21 15:02 . 2009-08-24 21:13 34304 ----a-w- c:\windows\system32\DfSdkBt64.exe
2010-01-21 15:02 . 2009-08-24 21:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2010-01-21 15:02 . 2010-01-21 15:02 -------- d-----w- c:\program files\Ashampoo
2010-01-21 12:41 . 2010-01-21 12:41 -------- d-----w- c:\program files\SCi Games
2010-01-21 12:05 . 2008-05-22 13:13 2097151 ----a-w- c:\temp\autorun.bin
2010-01-21 12:05 . 2010-01-21 12:12 -------- d-----w- C:\Temp
2010-01-21 12:05 . 2008-05-20 09:49 1570816 ----a-w- c:\temp\TSDNWIN.exe
2010-01-21 11:07 . 2010-01-21 11:07 -------- d-----w- c:\program files\Lavalys
2010-01-21 10:58 . 2010-01-21 11:00 -------- d-----w- c:\windows\system32\NtmsData
2010-01-20 19:35 . 2010-01-20 19:51 -------- d-----w- c:\program files\Unlocker
2010-01-20 12:54 . 2010-01-20 12:54 -------- d-----w- c:\windows\system32\custom matrices
2010-01-20 12:54 . 2010-01-20 12:54 -------- d-----w- c:\windows\system32\QuickTime
2010-01-20 12:54 . 2010-01-20 12:54 -------- d-----w- c:\windows\system32\C2MP
2010-01-20 12:52 . 2009-10-29 07:43 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-01-20 12:52 . 2009-10-29 07:43 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-01-20 12:52 . 2009-10-29 07:43 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-01-20 12:52 . 2009-10-29 07:43 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-01-20 12:52 . 2009-10-29 07:43 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-01-20 12:52 . 2009-10-29 07:43 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-01-20 12:11 . 2009-10-20 16:20 265728 -c----w- c:\windows\system32\dllcache\http.sys
2010-01-19 18:22 . 2010-01-19 18:22 -------- d-----w- c:\program files\Common Files\migrosoft shared
2010-01-19 18:12 . 2010-01-19 18:12 -------- d-----w- C:\found.000
2010-01-19 14:47 . 2008-04-13 23:16 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2010-01-19 14:47 . 2008-04-13 23:16 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2010-01-19 14:46 . 2008-04-13 23:16 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2010-01-19 14:45 . 2008-04-13 23:09 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2010-01-19 14:45 . 2008-04-13 23:16 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2010-01-19 14:45 . 2008-04-13 23:16 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2010-01-19 14:43 . 2006-06-14 12:44 12288 ----a-r- c:\windows\system32\drivers\EIO_XP.sys
2010-01-19 14:40 . 2010-01-19 14:40 -------- d-----w- c:\program files\My Company Name
2010-01-19 14:39 . 2008-04-14 07:52 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-01-19 14:39 . 2010-01-19 18:01 -------- d-----w- c:\program files\ASUS
2010-01-19 14:39 . 2008-07-03 18:13 12416 ----a-w- c:\windows\system32\drivers\asusgsb.sys
2010-01-19 14:33 . 2008-06-24 14:08 307200 ----a-r- c:\windows\system32\atiiiexx.dll
2010-01-19 14:32 . 2008-06-24 14:11 421888 ----a-r- c:\windows\system32\ATIDEMGX.dll
2010-01-19 14:32 . 2008-06-24 13:36 887724 ----a-r- c:\windows\system32\ativva6x.dat
2010-01-19 14:32 . 2008-06-24 13:36 3107788 ----a-r- c:\windows\system32\ativva5x.dat
2010-01-19 14:32 . 2008-06-10 09:50 174819 ----a-r- c:\windows\system32\atiicdxx.dat
2010-01-19 14:20 . 2009-11-25 02:44 13533184 ----a-w- c:\windows\system32\atioglxx.dll
2010-01-19 14:20 . 2009-11-25 02:26 65024 ----a-w- c:\windows\system32\atimpc32.dll
2010-01-19 14:20 . 2009-11-25 02:20 45056 ----a-w- c:\windows\system32\aticalrt.dll
2010-01-19 14:20 . 2009-11-25 02:20 45056 ----a-w- c:\windows\system32\aticalcl.dll
2010-01-19 14:20 . 2009-11-25 02:18 3612672 ----a-w- c:\windows\system32\aticaldd.dll
2010-01-19 14:20 . 2009-05-11 22:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2010-01-19 14:20 . 2010-01-19 14:26 -------- dc----w- c:\windows\system32\DRVSTORE
2010-01-19 14:20 . 2010-01-19 14:20 -------- d-----w- c:\program files\ATI
2010-01-19 14:18 . 2010-01-19 14:18 -------- d-----w- C:\ATI
2010-01-19 14:13 . 2010-01-19 14:13 -------- d-----w- c:\program files\Common Files\DirectX
2010-01-19 13:47 . 2010-01-23 06:53 -------- d-----w- c:\program files\ICQ6.5
2010-01-19 13:19 . 2008-04-14 07:51 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-01-19 13:19 . 2001-10-24 11:25 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-01-19 13:19 . 2008-04-13 23:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-21 12:41 . 2010-01-19 12:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-21 12:39 . 2010-01-19 11:50 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-21 12:39 . 2010-01-19 11:50 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-21 12:38 . 2010-01-19 11:50 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-21 11:06 . 2010-01-19 12:03 16512 ----a-w- c:\windows\gdrv.sys
2010-01-20 12:47 . 2001-10-25 12:00 46016 ----a-w- c:\windows\system32\perfc005.dat
2010-01-20 12:47 . 2001-10-25 12:00 309716 ----a-w- c:\windows\system32\perfh005.dat
2010-01-19 18:05 . 2010-01-19 12:09 -------- d-----w- c:\program files\ATI Technologies
2010-01-19 14:50 . 2010-01-19 14:50 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-01-19 12:11 . 2010-01-19 12:11 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-19 12:09 . 2010-01-19 12:03 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-19 12:03 . 2010-01-19 12:03 -------- d-----w- c:\program files\Realtek
2010-01-19 12:03 . 2010-01-19 12:03 315392 ----a-w- c:\windows\HideWin.exe
2010-01-19 11:59 . 2010-01-19 11:59 -------- d-----w- c:\program files\Alwil Software
2010-01-19 11:51 . 2010-01-19 11:51 -------- d-----w- c:\program files\microsoft frontpage
2010-01-19 11:47 . 2010-01-19 11:47 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-25 03:26 . 2009-11-25 03:26 300032 ----a-w- c:\windows\system32\SET50.tmp
2009-11-25 03:11 . 2009-11-25 03:11 208896 ----a-w- c:\windows\system32\SET6C.tmp
2009-11-25 03:10 . 2009-11-25 03:10 43520 ----a-w- c:\windows\system32\SET70.tmp
2009-11-25 03:10 . 2009-11-25 03:10 155648 ----a-w- c:\windows\system32\SET6A.tmp
2009-11-25 03:09 . 2009-11-25 03:09 602112 ----a-w- c:\windows\system32\SET68.tmp
2009-11-25 02:59 . 2009-11-25 02:59 3538496 ----a-w- c:\windows\system32\SET56.tmp
2009-11-25 02:43 . 2009-11-25 02:43 2142848 ----a-w- c:\windows\system32\SET58.tmp
2009-11-25 02:21 . 2009-11-25 02:21 565248 ----a-w- c:\windows\system32\SET72.tmp
2009-11-25 02:17 . 2009-11-25 02:17 397312 ----a-w- c:\windows\system32\SET78.tmp
2009-11-25 02:12 . 2009-11-25 02:12 638976 ----a-w- c:\windows\system32\SET52.tmp
2009-11-24 23:54 . 2010-01-19 11:59 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2010-01-19 11:59 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2010-01-19 11:59 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2010-01-19 11:59 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2010-01-19 11:59 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2010-01-19 11:59 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2010-01-19 11:59 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2010-01-19 11:59 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2010-01-19 11:59 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2008-04-14 06:51 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-29 07:43 . 2008-04-14 06:52 916480 ----a-w- c:\windows\system32\wininet.dll
.

------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys

[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys

[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\1d2803a1f84cfd41d61e509943d67213\sp3qfe\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\1d2803a1f84cfd41d61e509943d67213\sp3gdr\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys

[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\browser.dll

[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe

[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll

[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll

[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . 2B269C916766BDB43404F043B763427D . 399360 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\rpcss.dll
[-] 2009-02-09 . BEF7BB41E666EAA34BE7E99C2B107DB8 . 401408 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll

[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\services.exe
[-] 2009-02-09 . 4F9F7B567970B524F31D9970A23F7C24 . 111104 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\services.exe
[-] 2009-02-09 . 33081FED75032291EE0E008D5385E86F . 111104 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe

[-] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
[-] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\spoolsv.exe

[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe

[-] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll

[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll

[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\SoftwareDistribution\Download\238cf948db525111b0a69f7144be46ee\sp3gdr\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\SoftwareDistribution\Download\238cf948db525111b0a69f7144be46ee\sp3qfe\es.dll
[-] 2008-04-14 06:51 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll

[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll

[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\SoftwareDistribution\Download\5aa53a77792c8cc6cbdb431d4bf47daa\sp3gdr\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\SoftwareDistribution\Download\5aa53a77792c8cc6cbdb431d4bf47daa\sp3qfe\kernel32.dll
[-] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll

[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll

[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll

[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll

[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\1d2803a1f84cfd41d61e509943d67213\sp3gdr\mswsock.dll
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\1d2803a1f84cfd41d61e509943d67213\sp3qfe\mswsock.dll
[-] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll

[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll

[-] 2009-08-04 . F61EB18DA0AA630E2F8A944ED6BD3BF9 . 2191360 . . [5.1.2600.5857] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2009-08-04 . F61EB18DA0AA630E2F8A944ED6BD3BF9 . 2191360 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\fd1bc4b90d8186dfe936ba7e1aed3d74\SP3GDR\ntoskrnl.exe
[-] 2009-08-04 . F61EB18DA0AA630E2F8A944ED6BD3BF9 . 2191360 . . [5.1.2600.5857] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2009-08-04 . 3742270B8C90A97A0BDD25DED1201AA9 . 2147328 . . [5.1.2600.5857] . . c:\windows\system32\ntoskrnl.exe
[-] 2009-08-04 . 3502DBBC657001D7A2A2768BD7DE1483 . 2191488 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 3502DBBC657001D7A2A2768BD7DE1483 . 2191488 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\fd1bc4b90d8186dfe936ba7e1aed3d74\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 90DFE2B714EDEF95891C979720E23B4F . 2188160 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\fd1bc4b90d8186dfe936ba7e1aed3d74\SP2QFE\ntoskrnl.exe
[-] 2009-08-04 . F46E90D50BA9D114D606C19D81ADB761 . 2182528 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\fd1bc4b90d8186dfe936ba7e1aed3d74\SP2GDR\ntoskrnl.exe
[-] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . DF530FCAD41349C92945DF52EBA9F3E4 . 2182656 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\ntoskrnl.exe
[-] 2009-02-09 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\ntoskrnl.exe
[-] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\ntoskrnl.exe
[-] 2008-04-14 . 27C7A7AED8A477F6A0C7D3AD00AB9419 . 2147328 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe

[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll

[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll

[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll

[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe

[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll

[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll

[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe

[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll

[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe

[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll

[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe

[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll

[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll

[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll

[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe

[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\shsvcs.dll

[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll

[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll

[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll

[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll

[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\appmgmts.dll

[-] 2001-10-25 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2008-04-13 21:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 21:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys

[-] 2008-04-14 06:51 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll
[-] 2008-04-14 06:51 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\system32\dllcache\mfc40u.dll

[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll

[-] 2008-04-14 06:51 . 6199B2AE3F9DB9CB6DB230471A1DC601 . 52224 . . [9.0.1.56] . . c:\windows\system32\mspmsnsv.dll
[-] 2008-04-14 06:51 . 6199B2AE3F9DB9CB6DB230471A1DC601 . 52224 . . [9.0.1.56] . . c:\windows\system32\dllcache\mspmsnsv.dll

[-] 2009-08-04 . 97815C93200676C727CE951AE5C78137 . 2068352 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 97815C93200676C727CE951AE5C78137 . 2068352 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\fd1bc4b90d8186dfe936ba7e1aed3d74\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 182A95C233C9C254FEE7F047E6CA73D1 . 2068224 . . [5.1.2600.5857] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2009-08-04 . 182A95C233C9C254FEE7F047E6CA73D1 . 2068224 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\fd1bc4b90d8186dfe936ba7e1aed3d74\SP3GDR\ntkrnlpa.exe
[-] 2009-08-04 . 182A95C233C9C254FEE7F047E6CA73D1 . 2068224 . . [5.1.2600.5857] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2009-08-04 . C50A3A3C9724135FFBD9CB31355F9341 . 2025984 . . [5.1.2600.5857] . . c:\windows\system32\ntkrnlpa.exe
[-] 2009-08-04 . 90E58FFA70A7951899BBF5551A9D246A . 2065152 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\fd1bc4b90d8186dfe936ba7e1aed3d74\SP2QFE\ntkrnlpa.exe
[-] 2009-08-04 . 809D2CA366FBA705B143D1EA84A3BC1A . 2059904 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\fd1bc4b90d8186dfe936ba7e1aed3d74\SP2GDR\ntkrnlpa.exe
[-] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\ntkrnlpa.exe
[-] 2009-02-09 . 73A13AA10E146A3E2B4AC6D007953A74 . 2059904 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\ntkrnlpa.exe
[-] 2009-02-09 . BB64DC108F8C4EE4D4B7998AA19E5FA7 . 2065152 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\ntkrnlpa.exe
[-] 2008-04-14 . 9F12E026DC0B0C43F521114EFB3A3ACC . 2025984 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe

[-] 2008-04-14 06:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 06:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll

[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-01-21 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"RTHDCPL"="RTHDCPL.EXE" [2007-08-20 16384512]
"Ashampoo HDD Control Guard"="c:\program files\Ashampoo\Ashampoo HDD Control\HDDControlGuard.exe" [2009-09-09 2874712]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-01-22 2166784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Documents and Settings\\feryking\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Documents and Settings\\feryking\\ojl.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [19.1.2010 12:59 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [21.1.2010 19:23 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19.1.2010 12:59 20560]
S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo HDD Control\DfSdkS.exe [21.1.2010 16:02 406016]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-23 08:15
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(744)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2900)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\RTHDCPL.EXE
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Celkový čas: 2010-01-23 08:17:20 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-23 07:17

Před spuštěním: Volných bajtů: 96 205 320 192
Po spuštění: Volných bajtů: 96 578 920 448

- - End Of File - - BB6D0A2AF861380305E0933E70B003C8

Co si to použil za script? Zbytečnýho balastu tam je taky dost

K čemu máš složku "c:\temp" ?

Červený soubor zkontroluj na Virustotalu a vlož sem odkaz na výsledek.
Pokud ho nenajdeš, dej si zobrazit skryté a systémové soubory. Pokud ti nabídne, že soubor už kontroloval,
nech ho zkontrolovat znovu, a počkej až se objeví "Dokončeno" a výsledek.Potom sem zkopíruj adresní řádek.

c:\documents and settings\feryking\ojl.exe
c:\temp\TSDNWIN.exe

Soubor ojl.exe přijatý 2010.01.23 07:49:19 (UTC)
Současný stav: Dokončeno

Výsledek: 7/41 (17.07%)
Formátované Vytisknout výsledky Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.01.23 -
AhnLab-V3 5.0.0.2 2010.01.22 -
AntiVir 7.9.1.146 2010.01.22 -
Antiy-AVL 2.0.3.7 2010.01.22 -
Authentium 5.2.0.5 2010.01.23 -
Avast 4.8.1351.0 2010.01.22 -
AVG 9.0.0.730 2010.01.22 SHeur2.CHOR
BitDefender 7.2 2010.01.23 -
CAT-QuickHeal 10.00 2010.01.22 -
ClamAV 0.94.1 2010.01.22 -
Comodo 3677 2010.01.23 -
DrWeb 5.0.1.12222 2010.01.23 BackDoor.BlackHole.3071
eSafe 7.0.17.0 2010.01.21 -
eTrust-Vet 35.2.7255 2010.01.22 -
F-Prot 4.5.1.85 2010.01.22 -
F-Secure 9.0.15370.0 2010.01.23 Suspicious:W32/Riskware!Online
Fortinet 4.0.14.0 2010.01.23 -
GData 19 2010.01.23 -
Ikarus T3.1.1.80.0 2010.01.23 -
Jiangmin 13.0.900 2010.01.23 -
K7AntiVirus 7.10.952 2010.01.22 -
Kaspersky 7.0.0.125 2010.01.23 -
McAfee 5869 2010.01.22 -
McAfee+Artemis 5869 2010.01.22 Artemis!44231B5D10DF
McAfee-GW-Edition 6.8.5 2010.01.23 -
Microsoft 1.5405 2010.01.22 -
NOD32 4798 2010.01.22 a variant of Win32/Kryptik.BXI
Norman 6.04.03 2010.01.22 -
nProtect 2009.1.8.0 2010.01.22 -
Panda 10.0.2.2 2010.01.22 -
PCTools 7.0.3.5 2010.01.23 -
Prevx 3.0 2010.01.23 Medium Risk Malware
Rising 22.31.04.04 2010.01.22 -
Sophos 4.50.0 2010.01.23 Mal/Generic-A
Sunbelt 3.2.1858.2 2010.01.23 -
Symantec 20091.2.0.41 2010.01.23 -
TheHacker 6.5.0.9.160 2010.01.23 -
TrendMicro 9.120.0.1004 2010.01.23 -
VBA32 3.12.12.1 2010.01.21 -
ViRobot 2010.1.22.2151 2010.01.22 -
VirusBuster 5.0.21.0 2010.01.22 -
Rozšiřující informace
File size: 57856 bytes
MD5 : 44231b5d10df4693599d3522e3ac325e
SHA1 : 7f2e6d1d1abcdaf5041e0f90369399a403fb0592
SHA256: 75d6afb2cd437dc66a874b70c142b15efb4c47cd545d6f0723bacad340e24de8
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x17B6
timedatestamp.....: 0x4B5833E8 (Thu Jan 21 12:00:56 2010)
machinetype.......: 0x14C (Intel I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x6ECD 0x7000 6.34 ece26b657a07c5ef6f9709b7f1b33e3a
.bss 0x8000 0xC000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.data 0x14000 0x626B 0x6400 7.76 657476fc1c9eee390f90326891babf2b
.idata 0x1B000 0x34E 0x400 4.25 d09b40b7fdf5f16bc739ff8883f8871a
.rsrc 0x1C000 0x594 0x600 4.60 ec55010607fad022d62abd81b6247235

( 2 imports )

> kernel32.dll: CloseHandle, CreateEventA, DisableThreadLibraryCalls, FreeLibrary, GetCurrentProcess, GetCurrentProcessId, GetModuleHandleA, GetProcAddress, GetProcessHeap, GetSystemTimeAsFileTime, GetTickCount, HeapFree, InterlockedCompareExchange, InterlockedExchange, VirtualAlloc
> user32.dll: DestroyWindow, DialogBoxParamA, EndDialog, EndPaint, GetDC, GetSystemMetrics, GetWindowLongA, InvalidateRect, IsDlgButtonChecked, PeekMessageA, PostQuitMessage, ReleaseDC, SendMessageA, ShowWindow

( 0 exports )

TrID : File type identification
Win32 Executable Generic (58.2%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.6%)
DOS Executable Generic (13.6%)
VXD Driver (0.2%)
ssdeep: 1536:KIVWFOupldRRKn21cmmRG/UXajiPkdnC:GY0x4KsXaGPk
Prevx Info: http://info.prevx.com/aboutprogramtext. ... 006FAA945B
PEiD : -
RDS : NSRL Reference Data Set
-

Soubor TSDNWIN.exe přijatý 2010.01.23 07:56:14 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO


Výsledek: 0/40 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 2.
Odhadovaný čas začátku mezi 58 a 83 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Vytisknout výsledky Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.
Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov. Email:


Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.01.23 -
AhnLab-V3 5.0.0.2 2010.01.22 -
AntiVir 7.9.1.146 2010.01.22 -
Antiy-AVL 2.0.3.7 2010.01.22 -
Authentium 5.2.0.5 2010.01.23 -
Avast 4.8.1351.0 2010.01.22 -
AVG 9.0.0.730 2010.01.22 -
BitDefender 7.2 2010.01.23 -
CAT-QuickHeal 10.00 2010.01.22 -
ClamAV 0.94.1 2010.01.22 -
Comodo 3677 2010.01.23 -
DrWeb 5.0.1.12222 2010.01.23 -
eSafe 7.0.17.0 2010.01.21 -
eTrust-Vet 35.2.7255 2010.01.22 -
F-Prot 4.5.1.85 2010.01.22 -
F-Secure 9.0.15370.0 2010.01.23 -
Fortinet 4.0.14.0 2010.01.23 -
GData 19 2010.01.23 -
Ikarus T3.1.1.80.0 2010.01.23 -
Jiangmin 13.0.900 2010.01.23 -
K7AntiVirus 7.10.952 2010.01.22 -
Kaspersky 7.0.0.125 2010.01.23 -
McAfee 5869 2010.01.22 -
McAfee+Artemis 5869 2010.01.22 -
McAfee-GW-Edition 6.8.5 2010.01.23 -
Microsoft 1.5405 2010.01.22 -
NOD32 4798 2010.01.22 -
Norman 6.04.03 2010.01.22 -
nProtect 2009.1.8.0 2010.01.22 -
Panda 10.0.2.2 2010.01.22 -
PCTools 7.0.3.5 2010.01.23 -
Rising 22.31.04.04 2010.01.22 -
Sophos 4.50.0 2010.01.23 -
Sunbelt 3.2.1858.2 2010.01.23 -
Symantec 20091.2.0.41 2010.01.23 -
TheHacker 6.5.0.9.160 2010.01.23 -
TrendMicro 9.120.0.1004 2010.01.23 -
VBA32 3.12.12.1 2010.01.21 -
ViRobot 2010.1.22.2151 2010.01.22 -
VirusBuster 5.0.21.0 2010.01.22 -
Rozšiřující informace
File size: 1570816 bytes
MD5...: 4786db9855c572d946e3221a9f32d2ef
SHA1..: 5a2834a44b6368ece845c37a9ed4452a3dfa8503
SHA256: 2ed1836e8e1f2b5feda7776565b634881231f1d09fe4599cb1962334bfc7ffe6
ssdeep: 24576:1eIXiP979/bmvM3WVdDzgnKlKXQXLwL2Op:Rk98tD84IGLwL2Op

PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1404
timedatestamp.....: 0x482a41fc (Wed May 14 01:35:56 2008)
machinetype.......: 0x14c (I386)

( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xb4000 0xb3e00 6.52 ebae232011b55e03fb1930ca25730786
.data 0xb5000 0x1d000 0x8400 5.28 a5a1d7a21074cc8328cbbfb0e800b308
.tls 0xd2000 0x1000 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b
.rdata 0xd3000 0x1000 0x200 0.21 401aaf8ad6a58334153b9135cc7b5cd9
.idata 0xd4000 0x3000 0x2a00 5.02 536df0cb74d8bc2abcb12b1e149d8ecf
.edata 0xd7000 0x6000 0x5600 5.59 49faf475d3b188e17921a71202c42be5
.rsrc 0xdd000 0xb0000 0xaf800 5.19 849326add7ee68ff11c4d80bc3596347
.reloc 0x18d000 0xc000 0xb400 6.63 2819007d077171e1a41f0b7aff221277

( 9 imports )
> ADVAPI32.DLL: AdjustTokenPrivileges, LookupPrivilegeValueA, OpenProcessToken, RegCloseKey, RegOpenKeyExA, RegQueryValueExA
> KERNEL32.DLL: CloseHandle, CompareStringA, CreateEventA, CreateFileA, CreateThread, CreateToolhelp32Snapshot, DeleteCriticalSection, DeleteFileA, DeviceIoControl, EnterCriticalSection, EnumCalendarInfoA, ExitProcess, ExitThread, FileTimeToDosDateTime, FileTimeToLocalFileTime, FindClose, FindFirstFileA, FindResourceA, FormatMessageA, FreeLibrary, FreeResource, GetACP, GetCPInfo, GetCommandLineA, GetCurrentProcess, GetCurrentProcessId, GetCurrentThreadId, GetDiskFreeSpaceA, GetDriveTypeA, GetEnvironmentStrings, GetExitCodeProcess, GetExitCodeThread, GetFileAttributesA, GetFileSize, GetFileType, GetLastError, GetLocalTime, GetLocaleInfoA, GetModuleFileNameA, GetModuleHandleA, GetOEMCP, GetProcAddress, GetProcessHeap, GetStartupInfoA, GetStdHandle, GetStringTypeExA, GetStringTypeW, GetSystemDefaultLangID, GetSystemInfo, GetThreadLocale, GetTickCount, GetVersion, GetVersionExA, GlobalAddAtomA, GlobalAlloc, GlobalDeleteAtom, GlobalFindAtomA, GlobalFree, GlobalHandle, GlobalLock, GlobalReAlloc, GlobalSize, GlobalUnlock, HeapAlloc, HeapFree, InitializeCriticalSection, InterlockedDecrement, InterlockedIncrement, LCMapStringA, LeaveCriticalSection, LoadLibraryA, LoadLibraryExA, LoadResource, LocalAlloc, LocalFree, LockResource, MulDiv, MultiByteToWideChar, OpenProcess, Process32First, Process32Next, RaiseException, ReadFile, ResetEvent, ResumeThread, RtlUnwind, SetConsoleCtrlHandler, SetEndOfFile, SetErrorMode, SetEvent, SetFilePointer, SetHandleCount, SetLastError, SetThreadLocale, SetThreadPriority, SizeofResource, Sleep, SuspendThread, TerminateProcess, TlsAlloc, TlsFree, TlsGetValue, TlsSetValue, UnhandledExceptionFilter, VirtualAlloc, VirtualFree, VirtualQuery, WaitForSingleObject, WideCharToMultiByte, WriteFile, lstrcmpA, lstrcpyA, lstrcpynA, lstrlenA
> VERSION.DLL: GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA
> COMCTL32.DLL: ImageList_Add, ImageList_BeginDrag, ImageList_Create, ImageList_Destroy, ImageList_DragEnter, ImageList_DragLeave, ImageList_DragMove, ImageList_DragShowNolock, ImageList_Draw, ImageList_DrawEx, ImageList_EndDrag, ImageList_GetBkColor, ImageList_GetDragImage, ImageList_GetIconSize, ImageList_GetImageCount, ImageList_Read, ImageList_Remove, ImageList_Replace, ImageList_ReplaceIcon, ImageList_SetBkColor, ImageList_SetDragCursorImage, ImageList_SetIconSize, ImageList_Write, -
> COMDLG32.DLL: GetOpenFileNameA
> GDI32.DLL: BitBlt, CombineRgn, CopyEnhMetaFileA, CreateBitmap, CreateBrushIndirect, CreateCompatibleBitmap, CreateCompatibleDC, CreateDIBSection, CreateDIBitmap, CreateFontIndirectA, CreateHalftonePalette, CreatePalette, CreatePenIndirect, CreateRectRgn, CreateRoundRectRgn, CreateSolidBrush, DeleteDC, DeleteEnhMetaFile, DeleteObject, ExcludeClipRect, ExtTextOutA, GdiFlush, GetBitmapBits, GetBrushOrgEx, GetClipBox, GetCurrentPositionEx, GetDCOrgEx, GetDIBColorTable, GetDIBits, GetDeviceCaps, GetEnhMetaFileBits, GetEnhMetaFileHeader, GetEnhMetaFilePaletteEntries, GetNearestPaletteIndex, GetObjectA, GetObjectType, GetPaletteEntries, GetPixel, GetRgnBox, GetStockObject, GetSystemPaletteEntries, GetTextExtentPoint32A, GetTextMetricsA, GetWinMetaFileBits, GetWindowOrgEx, IntersectClipRect, LineTo, MaskBlt, MoveToEx, PatBlt, PlayEnhMetaFile, RealizePalette, RectVisible, Rectangle, RestoreDC, SaveDC, SelectObject, SelectPalette, SetBkColor, SetBkMode, SetBrushOrgEx, SetDIBColorTable, SetEnhMetaFileBits, SetPixel, SetROP2, SetStretchBltMode, SetTextColor, SetViewportOrgEx, SetWinMetaFileBits, SetWindowOrgEx, StretchBlt, UnrealizeObject
> USER32.DLL: ActivateKeyboardLayout, AdjustWindowRectEx, BeginDeferWindowPos, BeginPaint, CallNextHookEx, CallWindowProcA, CharLowerA, CharLowerBuffA, CharNextA, CharUpperBuffA, CheckMenuItem, ChildWindowFromPoint, ClientToScreen, CopyImage, CreateIcon, CreateMenu, CreatePopupMenu, CreateWindowExA, DefFrameProcA, DefMDIChildProcA, DefWindowProcA, DeferWindowPos, DeleteMenu, DestroyCursor, DestroyIcon, DestroyMenu, DestroyWindow, DispatchMessageA, DrawEdge, DrawFocusRect, DrawFrameControl, DrawIcon, DrawIconEx, DrawMenuBar, DrawTextA, EnableMenuItem, EnableScrollBar, EnableWindow, EndDeferWindowPos, EndPaint, EnumThreadWindows, EnumWindows, EqualRect, ExitWindowsEx, FillRect, FindWindowA, FrameRect, GetActiveWindow, GetCapture, GetClassInfoA, GetClassNameA, GetClientRect, GetClipboardData, GetCursor, GetCursorPos, GetDC, GetDCEx, GetDesktopWindow, GetDlgItem, GetFocus, GetForegroundWindow, GetIconInfo, GetKeyNameTextA, GetKeyState, GetKeyboardLayout, GetKeyboardLayoutList, GetKeyboardState, GetKeyboardType, GetLastActivePopup, GetMenu, GetMenuItemCount, GetMenuItemID, GetMenuItemInfoA, GetMenuState, GetMenuStringA, GetMessagePos, GetParent, GetPropA, GetScrollInfo, GetScrollPos, GetScrollRange, GetSubMenu, GetSystemMenu, GetSystemMetrics, GetTopWindow, GetWindow, GetWindowDC, GetWindowLongA, GetWindowPlacement, GetWindowRect, GetWindowTextA, GetWindowThreadProcessId, InflateRect, InsertMenuA, InsertMenuItemA, IntersectRect, InvalidateRect, IsChild, IsDialogMessageA, IsIconic, IsRectEmpty, IsWindow, IsWindowEnabled, IsWindowVisible, IsZoomed, KillTimer, LoadBitmapA, LoadCursorA, LoadIconA, LoadKeyboardLayoutA, LoadStringA, MapVirtualKeyA, MapWindowPoints, MessageBoxA, MsgWaitForMultipleObjects, OemToCharA, OffsetRect, PeekMessageA, PostMessageA, PostQuitMessage, PtInRect, RedrawWindow, RegisterClassA, RegisterClipboardFormatA, RegisterWindowMessageA, ReleaseCapture, ReleaseDC, RemoveMenu, RemovePropA, ScreenToClient, ScrollWindow, SendMessageA, SetActiveWindow, SetCapture, SetClassLongA, SetClipboardData, SetCursor, SetFocus, SetForegroundWindow, SetMenu, SetMenuItemInfoA, SetPropA, SetRect, SetScrollInfo, SetScrollPos, SetScrollRange, SetTimer, SetWindowLongA, SetWindowPlacement, SetWindowPos, SetWindowRgn, SetWindowTextA, SetWindowsHookExA, ShowCursor, ShowOwnedPopups, ShowScrollBar, ShowWindow, SystemParametersInfoA, TrackPopupMenu, TranslateMDISysAccel, TranslateMessage, UnhookWindowsHookEx, UnregisterClassA, UpdateWindow, WaitMessage, WinHelpA, WindowFromPoint, wsprintfA, GetSysColor
> WINMM.DLL: timeGetTime
> OLEAUT32.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -

( 412 exports )
@$xp$17Gifimage@TGIFItem, @$xp$17Gifimage@TGIFList, @$xp$18Gifimage@TGIFBlock, @$xp$18Gifimage@TGIFImage, @$xp$19Gifimage@TGIFGCERec, @$xp$19Gifimage@TGIFHeader, @$xp$20Gifimage@PGIFPainter, @$xp$20Gifimage@TDitherMode, @$xp$20Gifimage@TGIFPainter, @$xp$20Gifimage@TGIFTrailer, @$xp$20Gifimage@TGIFVersion, @$xp$20Gifimage@TGIFWarning, @$xp$21Gifimage@GIFException, @$xp$21Gifimage@TGIFColorMap, @$xp$21Gifimage@TGIFSeverity, @$xp$21Gifimage@TGIFSubImage, @$xp$22Gifimage@TGIFExtension, @$xp$22Gifimage@TGIFImageList, @$xp$23Gifimage@TGIFDrawOption, @$xp$23Gifimage@TGIFVersionRec, @$xp$24Gifimage@TColorReduction, @$xp$24Gifimage@TDisposalMethod, @$xp$24Gifimage@TGIFCompression, @$xp$24Gifimage@TGIFDrawOptions, @$xp$25Gifimage@TGIFAppExtNSLoop, @$xp$25Gifimage@TImageDescriptor, @$xp$26Gifimage@TGIFExtensionList, @$xp$26Gifimage@TGIFTextExtension, @$xp$27Gifimage@TGIFApplicationRec, @$xp$27Gifimage@TGIFExtensionClass, @$xp$27Gifimage@TGIFIdentifierCode, @$xp$27Gifimage@TGIFOptimizeOption, @$xp$28Gifimage@TGIFOptimizeOptions, @$xp$29Gifimage@TGIFCommentExtension, @$xp$30Gifimage@TGIFAppExtensionClass, @$xp$31Gifimage@TGIFAuthenticationCode, @$xp$32Gifimage@TGIFUnknownAppExtension, @$xp$33Gifimage@TGIFApplicationExtension, @$xp$34Gifimage@TGIFPlainTextExtensionRec, @$xp$36Gifimage@TGIFGraphicControlExtension, @@Atapilib@Finalize, @@Atapilib@Initialize, @@Fwlib@Finalize, @@Fwlib@Initialize, @@Tsdnwinabout@Finalize, @@Tsdnwinabout@Initialize, @@Tsdnwincaution@Finalize, @@Tsdnwincaution@Initialize, @@Tsdnwinengineeroption@Finalize, @@Tsdnwinengineeroption@Initialize, @@Tsdnwinmain@Finalize, @@Tsdnwinmain@Initialize, @@Tsdnwinsmallmsg@Finalize, @@Tsdnwinsmallmsg@Initialize, @@Tsdnwinthread@Finalize, @@Tsdnwinthread@Initialize, @Gifimage@CF_GIF, @Gifimage@CreateOptimizedPaletteFromManyBitmaps$qqrp13Classes@TListiio, @Gifimage@DoAutoDither, @Gifimage@Finalization$qqrv, @Gifimage@GIFDefaultDelay, @Gifimage@GIFDelayExp, @Gifimage@GIFException@, @Gifimage@GIFImageDefaultAnimationSpeed, @Gifimage@GIFImageDefaultColorReduction, @Gifimage@GIFImageDefaultColorReductionBits, @Gifimage@GIFImageDefaultCompression, @Gifimage@GIFImageDefaultDitherMode, @Gifimage@GIFImageDefaultDrawOptions, @Gifimage@GIFImageDefaultThreadPriority, @Gifimage@GIFImageOptimizeOnStream, @Gifimage@GIFImageRenderOnLoad, @Gifimage@GIFMaximumDelay, @Gifimage@GIFMinimumDelay, @Gifimage@GIFVersions, @Gifimage@InternalGetDIB$qqruiuipvt321Graphics@TPixelFormat, @Gifimage@InternalGetDIBSizes$qqruirit221Graphics@TPixelFormat, @Gifimage@PaletteDevice, @Gifimage@ReduceColors$qqrp16Graphics@TBitmap24Gifimage@TColorReduction20Gifimage@TDitherModeiui, @Gifimage@Register$qqrv, @Gifimage@TGIFAppExtNSLoop@, @Gifimage@TGIFAppExtNSLoop@$bctr$qqrp21Gifimage@TGIFSubImage, @Gifimage@TGIFAppExtNSLoop@LoadData$qqrp15Classes@TStream, @Gifimage@TGIFAppExtNSLoop@SaveData$qqrp15Classes@TStream, @Gifimage@TGIFApplicationExtension@, @Gifimage@TGIFApplicationExtension@$bctr$qqrp21Gifimage@TGIFSubImage, @Gifimage@TGIFApplicationExtension@$bdtr$qqrv, @Gifimage@TGIFApplicationExtension@FindSubExtension$qqrp17System@TMetaClassp15Classes@TStream, @Gifimage@TGIFApplicationExtension@GetAuthentication$qqrv, @Gifimage@TGIFApplicationExtension@GetExtensionType$qqrv, @Gifimage@TGIFApplicationExtension@GetIdentifier$qqrv, @Gifimage@TGIFApplicationExtension@LoadData$qqrp15Classes@TStream, @Gifimage@TGIFApplicationExtension@LoadFromStream$qqrp15Classes@TStream, @Gifimage@TGIFApplicationExtension@RegisterExtension$qqrp17System@TMetaClassrx27Gifimage@TGIFApplicationRect1, @Gifimage@TGIFApplicationExtension@SaveData$qqrp15Classes@TStream, @Gifimage@TGIFApplicationExtension@SaveToStream$qqrp15Classes@TStream, @Gifimage@TGIFApplicationExtension@SetAuthentication$qqrx17System@AnsiString, @Gifimage@TGIFApplicationExtension@SetIdentifier$qqrx17System@AnsiString, @Gifimage@TGIFBlock@, @Gifimage@TGIFBlock@$bctr$qqri, @Gifimage@TGIFBlock@$bdtr$qqrv, @Gifimage@TGIFBlock@LoadFromStream$qqrp15Classes@TStream, @Gifimage@TGIFBlock@SaveToStream$qqrp15Classes@TStream, @Gifimage@TGIFColorMap@, @Gifimage@TGIFColorMap@$bctr$qqrv, @Gifimage@TGIFColorMap@$bdtr$qqrv, @Gifimage@TGIFColorMap@Add$qqr15Graphics@TColor, @Gifimage@TGIFColorMap@AddUnique$qqr15Graphics@TColor, @Gifimage@TGIFColorMap@Assign$qqrp19Classes@TPersistent, @Gifimage@TGIFColorMap@BuildHistogram$qqrp20Gifimage@TUsageCount, @Gifimage@TGIFColorMap@Changed$qqrv, @Gifimage@TGIFColorMap@Clear$qqrv, @Gifimage@TGIFColorMap@Color2RGB$qqrp17System@TMetaClass15Graphics@TColor, @Gifimage@TGIFColorMap@Delete$qqri, @Gifimage@TGIFColorMap@DoOptimize$qqrv, @Gifimage@TGIFColorMap@ExportPalette$qqrv, @Gifimage@TGIFColorMap@GetBitsPerPixel$qqrv, @Gifimage@TGIFColorMap@GetColor$qqri, @Gifimage@TGIFColorMap@ImportColorMap$qqrpx18Gifimage@TGIFColori, @Gifimage@TGIFColorMap@ImportColorTable$qqrpvi, @Gifimage@TGIFColorMap@ImportDIBColors$qqrui, @Gifimage@TGIFColorMap@ImportPalette$qqrui, @Gifimage@TGIFColorMap@IndexOf$qqr15Graphics@TColor, @Gifimage@TGIFColorMap@LoadFromStream$qqrp15Classes@TStreami, @Gifimage@TGIFColorMap@MapImages$qqrpuc, @Gifimage@TGIFColorMap@Optimize$qqrv, @Gifimage@TGIFColorMap@RGB2Color$qqrp17System@TMetaClass18Gifimage@TGIFColor, @Gifimage@TGIFColorMap@SaveToStream$qqrp15Classes@TStream, @Gifimage@TGIFColorMap@SetCapacity$qqri, @Gifimage@TGIFColorMap@SetColor$qqri15Graphics@TColor, @Gifimage@TGIFColorMap@Warning$qqr21Gifimage@TGIFSeverity17System@AnsiString, @Gifimage@TGIFCommentExtension@, @Gifimage@TGIFCommentExtension@$bctr$qqrp21Gifimage@TGIFSubImage, @Gifimage@TGIFCommentExtension@$bdtr$qqrv, @Gifimage@TGIFCommentExtension@GetExtensionType$qqrv, @Gifimage@TGIFCommentExtension@LoadFromStream$qqrp15Classes@TStream, @Gifimage@TGIFCommentExtension@SaveToStream$qqrp15Classes@TStream, @Gifimage@TGIFExtension@, @Gifimage@TGIFExtension@$bctr$qqrp21Gifimage@TGIFSubImage, @Gifimage@TGIFExtension@$bdtr$qqrv, @Gifimage@TGIFExtension@DoReadFromStream$qqrp15Classes@TStream, @Gifimage@TGIFExtension@FindExtension$qqrp17System@TMetaClassp15Classes@TStream, @Gifimage@TGIFExtension@FindSubExtension$qqrp17System@TMetaClassp15Classes@TStream, @Gifimage@TGIFExtension@GetExtensionType$qqrv, @Gifimage@TGIFExtension@GetVersion$qqrv, @Gifimage@TGIFExtension@LoadFromStream$qqrp15Classes@TStream, @Gifimage@TGIFExtension@RegisterExtension$qqrp17System@TMetaClassuct1, @Gifimage@TGIFExtension@SaveToStream$qqrp15Classes@TStream, @Gifimage@TGIFExtensionList@, @Gifimage@TGIFExtensionList@GetExtension$qqri, @Gifimage@TGIFExtensionList@LoadFromStream$qqrp15Classes@TStreamp14System@TObject, @Gifimage@TGIFExtensionList@SetExtension$qqrip22Gifimage@TGIFExtension, @Gifimage@TGIFGraphicControlExtension@, @Gifimage@TGIFGraphicControlExtension@$bctr$qqrp21Gifimage@TGIFSubImage, @Gifimage@TGIFGraphicControlExtension@$bdtr$qqrv, @Gifimage@TGIFGraphicControlExtension@GetDelay$qqrv, @Gifimage@TGIFGraphicControlExtension@GetDisposal$qqrv, @Gifimage@TGIFGraphicControlExtension@GetExtensionType$qqrv, @Gifimage@TGIFGraphicControlExtension@GetTransparent$qqrv, @Gifimage@TGIFGraphicControlExtension@GetTransparentColor$qqrv, @Gifimage@TGIFGraphicControlExtension@GetTransparentColorIndex$qqrv, @Gifimage@TGIFGraphicControlExtension@GetUserInput$qqrv, @Gifimage@TGIFGraphicControlExtension@LoadFromStream$qqrp15Classes@TStream, @Gifimage@TGIFGraphicControlExtension@SaveToStream$qqrp15Classes@TStream, @Gifimage@TGIFGraphicControlExtension@SetDelay$qqrus, @Gifimage@TGIFGraphicControlExtension@SetDisposal$qqr24Gifimage@TDisposalMethod, @Gifimage@TGIFGraphicControlExtension@SetTransparent$qqro, @Gifimage@TGIFGraphicControlExtension@SetTransparentColor$qqr15Graphics@TColor, @Gifimage@TGIFGraphicControlExtension@SetTransparentColorIndex$qqruc, @Gifimage@TGIFGraphicControlExtension@SetUserInput$qqro, @Gifimage@TGIFHeader@, @Gifimage@TGIFHeader@$bctr$qqrp18Gifimage@TGIFImage, @Gifimage@TGIFHeader@$bdtr$qqrv, @Gifimage@TGIFHeader@Assign$qqrp19Classes@TPersistent, @Gifimage@TGIFHeader@Clear$qqrv, @Gifimage@TGIFHeader@GetBackgroundColor$qqrv, @Gifimage@TGIFHeader@GetBitsPerPixel$qqrv, @Gifimage@TGIFHeader@GetColorResolution$qqrv, @Gifimage@TGIFHeader@GetVersion$qqrv, @Gifimage@TGIFHeader@LoadFromStream$qqrp15Classes@TStream, @Gifimage@TGIFHeader@Prepare$qqrv, @Gifimage@TGIFHeader@SaveToStream$qqrp15Classes@TStream, @Gifimage@TGIFHeader@SetBackgroundColor$qqr15Graphics@TColor, @Gifimage@TGIFHeader@SetBackgroundColorIndex$qqruc, @Gifimage@TGIFImage@, @Gifimage@TGIFImage@$bctr$qqrv, @Gifimage@TGIFImage@$bdtr$qqrv, @Gifimage@TGIFImage@Add$qqrp19Classes@TPersistent, @Gifimage@TGIFImage@Assign$qqrp19Classes@TPersistent, @Gifimage@TGIFImage@AssignTo$qqrp19Classes@TPersistent, @Gifimage@TGIFImage@Clear$qqrv, @Gifimage@TGIFImage@Draw$qqrp16Graphics@TCanvasrx11Types@TRect, @Gifimage@TGIFImage@Equals$qqrp17Graphics@TGraphic, @Gifimage@TGIFImage@FreeBitmap$qqrv, @Gifimage@TGIFImage@GetAnimate$qqrv, @Gifimage@TGIFImage@GetAspectRatio$qqrv, @Gifimage@TGIFImage@GetBackgroundColor$qqrv, @Gifimage@TGIFImage@GetBackgroundColorIndex$qqrv, @Gifimage@TGIFImage@GetBitmap$qqrv, @Gifimage@TGIFImage@GetBitsPerPixel$qqrv, @Gifimage@TGIFImage@GetColorMap$qqrv, @Gifimage@TGIFImage@GetColorResolution$qqrv, @Gifimage@TGIFImage@GetDoDither$qqrv, @Gifimage@TGIFImage@GetEmpty$qqrv, @Gifimage@TGIFImage@GetHeight$qqrv, @Gifimage@TGIFImage@GetIsTransparent$qqrv, @Gifimage@TGIFImage@GetPalette$qqrv, @Gifimage@TGIFImage@GetVersion$qqrv, @Gifimage@TGIFImage@GetWidth$qqrv, @Gifimage@TGIFImage@InternalPaint$qqrpp20Gifimage@TGIFPainterp16Graphics@TCanvasrx11Types@TRect52System@_Set$t23Gifimage@TGIFDrawOption$iuc$0$iuc$10_, @Gifimage@TGIFImage@LoadFromClipboardFormat$qqrusuiui, @Gifimage@TGIFImage@LoadFromResourceName$qqruix17System@AnsiString, @Gifimage@TGIFImage@LoadFromStream$qqrp15Classes@TStream, @Gifimage@TGIFImage@NewBitmap$qqrv, @Gifimage@TGIFImage@NewImage$qqrv, @Gifimage@TGIFImage@Optimize$qqr55System@_Set$t27Gifimage@TGIFOptimizeOption$iuc$0$iuc$4_24Gifimage@TColorReduction20Gifimage@TDitherModei, @Gifimage@TGIFImage@OptimizeColorMap$qqrv, @Gifimage@TGIFImage@Pack$qqrv, @Gifimage@TGIFImage@Paint$qqrp16Graphics@TCanvasrx11Types@TRect52System@_Set$t23Gifimage@TGIFDrawOption$iuc$0$iuc$10_, @Gifimage@TGIFImage@PaintPause$qqrv, @Gifimage@TGIFImage@PaintRestart$qqrv, @Gifimage@TGIFImage@PaintResume$qqrv, @Gifimage@TGIFImage@PaintStart$qqrv, @Gifimage@TGIFImage@PaintStop$qqrv, @Gifimage@TGIFImage@SaveToClipboardFormat$qqrrusruit2, @Gifimage@TGIFImage@SaveToStream$qqrp15Classes@TStream, @Gifimage@TGIFImage@SetAnimate$qqrxo, @Gifimage@TGIFImage@SetAnimationSpeed$qqri, @Gifimage@TGIFImage@SetAspectRatio$qqrxuc, @Gifimage@TGIFImage@SetBackgroundColor$qqrx15Graphics@TColor, @Gifimage@TGIFImage@SetBackgroundColorIndex$qqrxuc, @Gifimage@TGIFImage@SetDrawOptions$qqr52System@_Set$t23Gifimage@TGIFDrawOption$iuc$0$iuc$10_, @Gifimage@TGIFImage@SetForceFrame$qqrxi, @Gifimage@TGIFImage@SetHeight$qqri, @Gifimage@TGIFImage@SetPalette$qqrui, @Gifimage@TGIFImage@SetReductionBits$qqri, @Gifimage@TGIFImage@SetWidth$qqri, @Gifimage@TGIFImage@StopDraw$qqrv, @Gifimage@TGIFImage@Warning$qqrp14System@TObject21Gifimage@TGIFSeverity17System@AnsiString, @Gifimage@TGIFImage@WriteData$qqrp15Classes@TStream, @Gifimage@TGIFImageList@, @Gifimage@TGIFImageList@GetImage$qqri, @Gifimage@TGIFImageList@LoadFromStream$qqrp15Classes@TStreamp14System@TObject, @Gifimage@TGIFImageList@SaveToStream$qqrp15Classes@TStream, @Gifimage@TGIFImageList@SetImage$qqrip21Gifimage@TGIFSubImage, @Gifimage@TGIFItem@, @Gifimage@TGIFItem@$bctr$qqrp18Gifimage@TGIFImage, @Gifimage@TGIFItem@GetVersion$qqrv, @Gifimage@TGIFItem@LoadFromFile$qqrx17System@AnsiString, @Gifimage@TGIFItem@LoadFromStream$qqrp15Classes@TStream, @Gifimage@TGIFItem@SaveToFile$qqrx17System@AnsiString, @Gifimage@TGIFItem@SaveToStream$qqrp15Classes@TStream, @Gifimage@TGIFItem@Warning$qqr21Gifimage@TGIFSeverity17System@AnsiString, @Gifimage@TGIFList@, @Gifimage@TGIFList@$bctr$qqrp18Gifimage@TGIFImage, @Gifimage@TGIFList@$bdtr$qqrv, @Gifimage@TGIFList@Add$qqrp17Gifimage@TGIFItem, @Gifimage@TGIFList@Clear$qqrv, @Gifimage@TGIFList@Delete$qqri, @Gifimage@TGIFList@Exchange$qqrii, @Gifimage@TGIFList@First$qqrv, @Gifimage@TGIFList@GetCount$qqrv, @Gifimage@TGIFList@GetItem$qqri, @Gifimage@TGIFList@IndexOf$qqrp17Gifimage@TGIFItem, @Gifimage@TGIFList@Insert$qqrip17Gifimage@TGIFItem, @Gifimage@TGIFList@Last$qqrv, @Gifimage@TGIFList@LoadFromStream$qqrp15Classes@TStreamp14System@TObject, @Gifimage@TGIFList@Move$qqrii, @Gifimage@TGIFList@Remove$qqrp17Gifimage@TGIFItem, @Gifimage@TGIFList@SaveToStream$qqrp15Classes@TStream, @Gifimage@TGIFList@SetItem$qqrip17Gifimage@TGIFItem, @Gifimage@TGIFList@Warning$qqr21Gifimage@TGIFSeverity17System@AnsiString, @Gifimage@TGIFPainter@, @Gifimage@TGIFPainter@$bctr$qqrp18Gifimage@TGIFImagep16Graphics@TCanvasrx11Types@TRect52System@_Set$t23Gifimage@TGIFDrawOption$iuc$0$iuc$10_, @Gifimage@TGIFPainter@$bctr$qqrpp20Gifimage@TGIFPainterp18Gifimage@TGIFImagep16Graphics@TCanvasrx11Types@TRect52System@_Set$t23Gifimage@TGIFDrawOption$iuc$0$iuc$10_, @Gifimage@TGIFPainter@$bdtr$qqrv, @Gifimage@TGIFPainter@DoEvent$qqrv, @Gifimage@TGIFPainter@DoOnTerminate$qqrp14System@TObject, @Gifimage@TGIFPainter@DoPaint$qqrv, @Gifimage@TGIFPainter@DoPaintFrame$qqrv, @Gifimage@TGIFPainter@DoSynchronize$qqrynpqqrv$v, @Gifimage@TGIFPainter@Execute$qqrv, @Gifimage@TGIFPainter@Restart$qqrv, @Gifimage@TGIFPainter@SetActiveImage$qqrxi, @Gifimage@TGIFPainter@SetAnimationSpeed$qqri, @Gifimage@TGIFPainter@Start$qqrv, @Gifimage@TGIFPainter@Stop$qqrv, @Gifimage@TGIFSubImage@, @Gifimage@TGIFSubImage@$bctr$qqrp18Gifimage@TGIFImage, @Gifimage@TGIFSubImage@$bdtr$qqrv, @Gifimage@TGIFSubImage@Assign$qqrp19Classes@TPersistent, @Gifimage@TGIFSubImage@AssignTo$qqrp19Classes@TPersistent, @Gifimage@TGIFSubImage@Clear$qqrv, @Gifimage@TGIFSubImage@Compress$qqrp15Classes@TStream, @Gifimage@TGIFSubImage@Crop$qqrv, @Gifimage@TGIFSubImage@Decompress$qqrp15Classes@TStream, @Gifimage@TGIFSubImage@DoGetBitmap$qqrv, @Gifimage@TGIFSubImage@DoGetDitherBitmap$qqrv, @Gifimage@TGIFSubImage@DoSetBounds$qqriiii, @Gifimage@TGIFSubImage@Draw$qqrp16Graphics@TCanvasrx11Types@TRectoo, @Gifimage@TGIFSubImage@FreeBitmap$qqrv, @Gifimage@TGIFSubImage@FreeImage$qqrv, @Gifimage@TGIFSubImage@FreeMask$qqrv, @Gifimage@TGIFSubImage@GetActiveColorMap$qqrv, @Gifimage@TGIFSubImage@GetBitmap$qqrv, @Gifimage@TGIFSubImage@GetBitsPerPixel$qqrv, @Gifimage@TGIFSubImage@GetBounds$qqri, @Gifimage@TGIFSubImage@GetBoundsRect$qqrv, @Gifimage@TGIFSubImage@GetClientRect$qqrv, @Gifimage@TGIFSubImage@GetColorResolution$qqrv, @Gifimage@TGIFSubImage@GetEmpty$qqrv, @Gifimage@TGIFSubImage@GetHasBitmap$qqrv, @Gifimage@TGIFSubImage@GetInterlaced$qqrv, @Gifimage@TGIFSubImage@GetPalette$qqrv, @Gifimage@TGIFSubImage@GetPixel$qqrii, @Gifimage@TGIFSubImage@GetScanline$qqri, @Gifimage@TGIFSubImage@GetVersion$qqrv, @Gifimage@TGIFSubImage@HasMask$qqrv, @Gifimage@TGIFSubImage@LoadFromStream$qqrp15Classes@TStream, @Gifimage@TGIFSubImage@Merge$qqrp21Gifimage@TGIFSubImage, @Gifimage@TGIFSubImage@NeedImage$qqrv, @Gifimage@TGIFSubImage@NewBitmap$qqrv, @Gifimage@TGIFSubImage@NewImage$qqrv, @Gifimage@TGIFSubImage@Prepare$qqrv, @Gifimage@TGIFSubImage@SaveToStream$qqrp15Classes@TStream, @Gifimage@TGIFSubImage@ScaleRect$qqrrx11Types@TRect, @Gifimage@TGIFSubImage@SetBitmap$qqrp16Graphics@TBitmap, @Gifimage@TGIFSubImage@SetBounds$qqrius, @Gifimage@TGIFSubImage@SetBoundsRect$qqrrx11Types@TRect, @Gifimage@TGIFSubImage@SetHasBitmap$qqro, @Gifimage@TGIFSubImage@SetInterlaced$qqro, @Gifimage@TGIFSubImage@SetPalette$qqrui, @Gifimage@TGIFSubImage@StretchDraw$qqrp16Graphics@TCanvasrx11Types@TRectoo, @Gifimage@TGIFTextExtension@, @Gifimage@TGIFTextExtension@$bctr$qqrp21Gifimage@TGIFSubImage, @Gifimage@TGIFTextExtension@$bdtr$qqrv, @Gifimage@TGIFTextExtension@GetBackgroundColor$qqrv, @Gifimage@TGIFTextExtension@GetBounds$qqri, @Gifimage@TGIFTextExtension@GetCharWidthHeight$qqri, @Gifimage@TGIFTextExtension@GetColorIndex$qqri, @Gifimage@TGIFTextExtension@GetExtensionType$qqrv, @Gifimage@TGIFTextExtension@GetForegroundColor$qqrv, @Gifimage@TGIFTextExtension@LoadFromStream$qqrp15Classes@TStream, @Gifimage@TGIFTextExtension@SaveToStream$qqrp15Classes@TStream, @Gifimage@TGIFTextExtension@SetBackgroundColor$qqr15Graphics@TColor, @Gifimage@TGIFTextExtension@SetBounds$qqrius, @Gifimage@TGIFTextExtension@SetCharWidthHeight$qqriuc, @Gifimage@TGIFTextExtension@SetColorIndex$qqriuc, @Gifimage@TGIFTextExtension@SetForegroundColor$qqr15Graphics@TColor, @Gifimage@TGIFTrailer@, @Gifimage@TGIFTrailer@LoadFromStream$qqrp15Classes@TStream, @Gifimage@TGIFTrailer@SaveToStream$qqrp15Classes@TStream, @Gifimage@TGIFUnknownAppExtension@, @Gifimage@TGIFUnknownAppExtension@$bctr$qqrp21Gifimage@TGIFSubImage, @Gifimage@TGIFUnknownAppExtension@$bdtr$qqrv, @Gifimage@TGIFUnknownAppExtension@LoadData$qqrp15Classes@TStream, @Gifimage@TGIFUnknownAppExtension@SaveData$qqrp15Classes@TStream, @Gifimage@WebPalette$qqrv, @Gifimage@_sBadBlock, @Gifimage@_sBadBlockSize, @Gifimage@_sBadColorIndex, @Gifimage@_sBadDimension, @Gifimage@_sBadExtensionInstance, @Gifimage@_sBadExtensionLabel, @Gifimage@_sBadHeight, @Gifimage@_sBadPixelCoordinates, @Gifimage@_sBadSignature, @Gifimage@_sBadTrailer, @Gifimage@_sBadVersion, @Gifimage@_sBadWidth, @Gifimage@_sDIBCreate, @Gifimage@_sDecodeCircular, @Gifimage@_sDecodeTooFewBits, @Gifimage@_sEmptyColorMap, @Gifimage@_sEmptyImage, @Gifimage@_sFailedPaste, @Gifimage@_sGIFImageFile, @Gifimage@_sImageBadColorSize, @Gifimage@_sInvalidBitSize, @Gifimage@_sInvalidBitmapList, @Gifimage@_sInvalidColor, @Gifimage@_sInvalidData, @Gifimage@_sInvalidPixelFormat, @Gifimage@_sInvalidReduction, @Gifimage@_sInvalidStream, @Gifimage@_sNoColorTable, @Gifimage@_sNoDIB, @Gifimage@_sOutOfData, @Gifimage@_sOutOfMemDIB, @Gifimage@_sProgressConverting, @Gifimage@_sProgressCopying, @Gifimage@_sProgressLoading, @Gifimage@_sProgressOptimizing, @Gifimage@_sProgressRendering, @Gifimage@_sProgressSaving, @Gifimage@_sScreenBadColorSize, @Gifimage@_sScreenSizeExceeded, @Gifimage@_sTooManyColors, @Gifimage@_sUnknownExtension, @Gifimage@_sUnsupportedBitmap, @Gifimage@_sUnsupportedClass, @Gifimage@initialization$qqrv, _AtapiLib, _FormAbout, _FormCaution, _FormEngOption, _FormMsg, _FwLib, _MainForm, _SysFun, __GetExceptDLLinfo, ___CPPdebugHook

RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: InstallShield setup (32.5%)
Win32 EXE PECompact compressed (generic) (31.3%)
Win32 Executable Delphi generic (11.0%)
DOS Executable Borland C++ (9.8%)
Win32 Executable Generic (6.4%)
sigcheck:
publisher....: Toshiba Samsung Storage Technology Coporation
copyright....: Toshiba Samsung Storage Technology Coporation
product......: TSDNWIN
description..: Software Flash Download for Windows
original name: TSDNWIN.EXE
internal name: TSDNWIN
file version.: 1.0.2.0
comments.....: Software Flash Download for Windows
signers......: -
signing date.: -

soubor temp jsem uz smazal byl to zbytek programku na dvd rom

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\documents and settings\feryking\ojl.exe
c:\windows\system32\emptyregdb.dat
c:\windows\system32\SET50.tmp
c:\windows\system32\SET6C.tmp
c:\windows\system32\SET70.tmp
c:\windows\system32\SET6A.tmp
c:\windows\system32\SET68.tmp
c:\windows\system32\SET56.tmp
c:\windows\system32\SET58.tmp
c:\windows\system32\SET72.tmp
c:\windows\system32\SET78.tmp
c:\windows\system32\SET52.tmp

Folder::
C:\found.003
C:\found.002
C:\found.001
C:\found.000
C:\Temp
C:\temp

DirLook::
c:\windows\system32\custom matrices

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Documents and Settings\\feryking\\ojl.exe"=-

Registry-clean::



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu