Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:27:03, on 15.2.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WIN32\System32\smss.exe
C:\WIN32\system32\winlogon.exe
C:\WIN32\system32\services.exe
C:\WIN32\system32\lsass.exe
C:\WIN32\system32\Ati2evxx.exe
C:\WIN32\system32\svchost.exe
C:\WIN32\system32\Ati2evxx.exe
C:\WIN32\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WIN32\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Innovative Solutions\DriverMax\devices.exe
C:\Program Files\Innovative Solutions\DriverMax\devices.exe
C:\WIN32\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WIN32\system32\locator.exe
C:\WIN32\system32\rsvp.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKCU\..\Run: [DriverMax] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -agent
O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -RESTART
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WIN32\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WIN32\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Zobrazit originál - C:\Program Files\www.cproxy.com\original.htm
O8 - Extra context menu item: Zobrazit vše jako originál - C:\Program Files\www.cproxy.com\originalAll.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\win32\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{57A535B7-15C5-457E-BCD0-202C73ADD322}: NameServer = 217.77.165.81 217.77.161.131
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WIN32\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WIN32\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: VideoAcceleratorService - VIA Technologies, Inc. - (no file)
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WIN32\System32\wltrysvc.exe
--
End of file - 6682 bytes
Prosím o kontrolu logu
-
autoprd
- Level 4.5
- Příspěvky: 1715
- Registrován: únor 09
- Bydliště: ▼▲☺U Pc ☺▼▲
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o kontrolu logu
Vypni rez. ochrany antiviru+deaktivuj firewall.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah[/quote]
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah[/quote]
Re: Prosím o kontrolu logu
ComboFix 10-02-12.01 - noname 16.02.2010 1:16.4.1 - x86
Spuštěný z: c:\documents and settings\noname\Plocha\ComboFix.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-16 do 2010-02-16 )))))))))))))))))))))))))))))))
.
2010-02-15 21:00 . 2010-01-07 15:07 38224 ----a-w- c:\win32\system32\drivers\mbamswissarmy.sys
2010-02-15 21:00 . 2010-02-15 21:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-15 21:00 . 2010-01-07 15:07 19160 ----a-w- c:\win32\system32\drivers\mbam.sys
2010-02-15 18:45 . 2010-02-15 18:45 -------- d-----w- c:\program files\Trend Micro
2010-02-14 10:42 . 2001-08-17 20:57 16128 -c--a-w- c:\win32\system32\dllcache\modemcsa.sys
2010-02-14 10:42 . 2001-08-17 20:57 16128 ----a-w- c:\win32\system32\drivers\MODEMCSA.sys
2010-02-14 10:41 . 2010-02-14 10:41 -------- d-----w- c:\program files\Motorola
2010-02-14 10:41 . 2007-08-28 10:53 1019136 ----a-w- c:\win32\system32\drivers\smserial.sys
2010-02-14 10:41 . 2007-08-28 10:48 221184 ----a-w- c:\win32\system32\sm56co76.dll
2010-02-06 13:02 . 2001-10-24 11:24 110621 -c--a-w- c:\win32\system32\dllcache\digirlpt.dll
2010-02-06 13:02 . 2001-10-24 11:24 110621 ----a-w- c:\win32\system32\digirlpt.dll
2010-02-06 13:02 . 2001-10-24 10:41 42432 -c--a-w- c:\win32\system32\dllcache\digirlpt.sys
2010-02-06 13:02 . 2001-10-24 10:41 42432 ----a-w- c:\win32\system32\drivers\digirlpt.sys
2010-01-30 19:00 . 2010-01-30 19:00 27632 ----a-w- c:\win32\system32\drivers\seehcri.sys
2010-01-30 17:30 . 2010-02-01 06:33 -------- d-----w- c:\program files\QuickTime
2010-01-30 16:57 . 2010-01-31 17:29 -------- d-----w- c:\win32\Downloaded Installations
2010-01-30 14:26 . 2010-01-30 14:26 -------- d-----w- c:\program files\AnvSoft
2010-01-30 14:25 . 2010-01-03 23:20 -------- d-----w- c:\program files\Any.DVD.Converter.Professional.v4.0.1.(1.1.2010) (Šlape OKI)
2010-01-27 04:37 . 2010-01-27 04:37 -------- d-----w- c:\program files\Innovative Solutions
2010-01-27 01:24 . 2010-01-27 01:24 -------- dc----w- C:\inetpub
2010-01-27 01:22 . 2010-01-27 01:22 -------- d-----w- c:\win32\system32\wbem\MUI
2010-01-25 05:46 . 2010-01-25 05:46 -------- d-----w- c:\program files\PSPad editor
2010-01-24 23:32 . 2010-01-25 01:32 -------- d-----w- c:\program files\Notepad++
2010-01-24 20:54 . 2010-02-15 22:27 -------- dc----w- C:\Firefox cache
2010-01-18 20:49 . 2010-02-12 05:19 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-01-17 09:45 . 2010-01-17 09:45 -------- d-----w- c:\program files\Conduit
2010-01-17 09:23 . 2010-01-17 11:28 -------- d-----w- c:\program files\Kazaa Acceleration Patch
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-15 23:28 . 2010-01-02 22:28 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 5
2010-02-15 22:39 . 2009-10-24 11:42 -------- d-----w- c:\program files\SpeedBit Video Downloader
2010-02-14 14:46 . 2001-10-25 14:00 96734 ----a-w- c:\win32\system32\perfc005.dat
2010-02-14 14:46 . 2001-10-25 14:00 489228 ----a-w- c:\win32\system32\perfh005.dat
2010-02-14 07:58 . 2004-08-03 21:14 359040 ----a-w- c:\win32\system32\drivers\tcpip.sys
2010-02-14 06:15 . 2009-08-05 20:55 -------- d-----w- c:\program files\Ashampoo
2010-02-13 11:41 . 2009-01-30 21:18 298 ----a-w- c:\win32\dorp.dat
2010-02-01 06:33 . 2008-12-30 23:07 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-01 05:40 . 2009-01-09 12:28 -------- d-----w- c:\program files\Sony Ericsson
2010-01-31 17:32 . 2009-03-22 06:23 -------- d-----w- c:\program files\Common Files\Teleca Shared
2010-01-30 14:16 . 2009-05-17 21:22 -------- d-----w- c:\program files\SlySoft
2010-01-21 19:10 . 2009-04-18 07:56 -------- d-----w- c:\program files\Opera
2010-01-17 01:48 . 2009-12-25 21:36 -------- d-----w- c:\program files\mozilla.org
2010-01-16 23:51 . 2009-10-24 10:03 -------- d-----w- c:\program files\Serials 2005
2010-01-16 23:41 . 2009-12-25 22:19 -------- d-----w- c:\program files\PC Connectivity Solution
2010-01-16 23:29 . 2009-05-02 14:18 -------- d-----w- c:\program files\Lavalys
2010-01-14 20:39 . 2010-01-12 06:10 -------- d-----w- c:\program files\USBTrace
2010-01-14 20:38 . 2009-04-28 11:36 -------- d-----w- c:\program files\Vodafone
2010-01-14 14:54 . 2010-01-12 06:11 16 ----a-w- c:\win32\system32\utinfo.dat
2010-01-12 12:29 . 2010-01-10 06:31 -------- d-----w- c:\program files\Maxthon2
2010-01-10 13:33 . 2010-01-10 13:33 0 ----a-w- c:\win32\system32\cid_store.dat
2010-01-07 21:45 . 2010-01-04 04:47 -------- d-----w- c:\program files\Trojan Remover
2010-01-07 21:43 . 2010-01-04 05:16 -------- d-----w- c:\program files\Anti Trojan Elite
2010-01-07 18:04 . 2010-01-04 01:25 -------- d-----w- c:\program files\Fighters
2010-01-06 05:57 . 2010-01-06 05:57 -------- d-----w- c:\program files\OO Software
2010-01-05 13:15 . 2010-01-05 13:15 -------- d-----w- c:\program files\Driver-Soft
2010-01-04 03:47 . 2010-01-03 21:55 -------- d-----w- c:\program files\CCleaner
2010-01-04 00:27 . 2010-01-02 16:23 -------- d-----w- c:\program files\Lavasoft
2010-01-03 19:13 . 2009-01-03 09:47 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-02 21:27 . 2009-12-14 21:54 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 2
2009-12-29 02:36 . 2009-12-29 02:36 0 ----a-w- c:\win32\ativpsrm.bin
2009-12-29 02:14 . 2009-12-28 21:44 -------- d-----w- c:\program files\ATI Technologies
2009-12-29 01:24 . 2009-12-28 21:44 -------- d-----w- c:\program files\ATI
2009-12-28 20:03 . 2009-08-06 16:56 -------- d-----w- c:\program files\VSO
2009-12-28 20:01 . 2009-08-06 17:10 -------- d-----w- c:\program files\GRETECH
2009-12-28 11:40 . 2009-01-01 09:37 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-28 11:00 . 2009-01-31 14:51 -------- d-----w- c:\program files\Nokia
2009-12-27 13:57 . 2009-12-27 13:57 -------- d-----w- c:\program files\Alwil Software
2009-12-27 11:32 . 2009-12-27 11:32 -------- d-----w- c:\program files\AVG
2009-12-27 01:13 . 2009-10-28 18:44 -------- d-----w- c:\program files\Zkratky
2009-12-26 20:37 . 2009-12-07 04:46 -------- d-----w- c:\program files\CrackDown22
2009-12-26 19:35 . 2009-12-26 19:35 -------- d-----w- c:\program files\Windows Sidebar
2009-12-26 14:56 . 2009-12-17 12:26 -------- d-----w- c:\program files\ProxyPlus
2009-12-25 21:38 . 2009-04-13 10:26 335 -c--a-w- c:\win32\nsreg.dat
2009-12-25 21:37 . 2009-12-25 21:37 8657 ----a-w- c:\win32\mozver.dat
2009-12-23 17:01 . 2009-12-22 20:04 -------- d-----w- c:\program files\Panda Security
2009-12-19 13:31 . 2009-12-17 18:23 -------- d-----w- c:\program files\A4Proxy
2009-12-19 13:30 . 2009-08-06 17:39 -------- d-----w- c:\program files\DesktopPlant
2009-12-15 08:00 . 2009-12-15 08:01 411368 ----a-w- c:\win32\system32\deploytk.dll
2009-11-24 23:54 . 2009-12-29 05:13 1280480 ----a-w- c:\win32\system32\aswBoot.exe
2009-11-24 23:51 . 2009-12-29 05:13 93424 ----a-w- c:\win32\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-12-29 05:13 94160 ----a-w- c:\win32\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-12-29 05:13 114768 ----a-w- c:\win32\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-12-29 05:13 20560 ----a-w- c:\win32\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-12-29 05:13 48560 ----a-w- c:\win32\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-12-29 05:13 23120 ----a-w- c:\win32\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-12-29 05:13 27408 ----a-w- c:\win32\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-12-29 05:13 97480 ----a-w- c:\win32\system32\AvastSS.scr
2009-11-08 22:09 . 2009-11-08 22:09 4607344 ----a-w- c:\program files\PSPad.exe
2008-07-25 08:31 . 2009-05-19 01:17 28672 ----a-w- c:\program files\mozilla firefox\components\flashgetXpi.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-10-29 22:11 . 2010-01-17 11:34 251392 ----a-w- c:\program files\opera\program\plugins\dapop.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.
------- Sigcheck -------
[-] 2010-02-14 . 7B11118B078B88F87183FE69EDA43137 . 359040 . . [5.1.2600.2180] . . c:\win32\system32\dllcache\tcpip.sys
[-] 2010-02-14 . 7B11118B078B88F87183FE69EDA43137 . 359040 . . [5.1.2600.2180] . . c:\win32\system32\drivers\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverMax"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2010-01-18 9072032]
"DriverMax_RESTART"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2010-01-18 9072032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"MobileConnect"="c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2008-11-04 2087424]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-08-28 655360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\win32\system32\CTFMON.EXE" [2004-08-17 15360]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsNetHood"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\c:\0autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WIN32^Nabídka Start^Programy^Po spuštění^Sledování připojení telefonu.lnk]
backupExtension=.CommonStartup
backup=c:\win32\pss\Sledování připojení telefonu.lnk.CommonStartup
[HKLM\~\startupfolder\C:^Documents and Settings^noname^Nabídka Start^Programy^Po spuštění^A4Proxy.lnk]
backup=c:\win32\pss\A4Proxy.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
c:\win32\system32\WLTRAY [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\win32\system32\dumprep 0 -k [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADeck]
2008-12-01 13:35 450560 ----a-w- c:\program files\VIAudioi\SBADeck\ADeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
2008-12-01 13:35 450560 ----a-w- c:\program files\VIAudioi\SBADeck\ADeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
2009-11-24 23:51 81000 ----a-w- c:\progra~1\ALWILS~1\Avast4\ashDisp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cproxy]
2009-12-13 07:21 1896448 ----a-w- c:\program files\www.cproxy.com\CPROXY.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
2009-10-29 22:11 2754048 ----a-w- c:\program files\DAP\DAP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax]
2010-01-18 09:07 9072032 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART]
2010-01-18 09:07 9072032 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-04-25 15:38 133104 ----atw- c:\documents and settings\noname\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kazaa Acceleration Patch]
2010-01-17 09:45 792 ----a-w- c:\program files\Kazaa Acceleration Patch\Kazaa Acceleration Patch.lnk
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2009-09-11 23:34 2524416 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\oodtray]
2009-09-11 23:34 2524416 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfFactory Dispatcher v2]
2006-06-19 20:15 499712 ----a-w- c:\win32\system32\spool\drivers\w32x86\3\fppdis2a.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2009-02-03 21:21 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME]
2007-03-14 14:52 3770024 ----a-w- c:\program files\TomTom HOME\TomTomHOME.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2007-03-14 14:52 3770024 ----a-w- c:\program files\TomTom HOME\TomTomHOME.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\www.cproxy.com]
2009-12-13 07:21 1896448 ----a-w- c:\program files\www.cproxy.com\CPROXY.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WinProxy"=2 (0x2)
"NMIndexingService"=3 (0x3)
"wltrysvc"=2 (0x2)
"VideoAcceleratorService"=3 (0x3)
"O&O Defrag"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WIN32\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\noname\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TomTom HOME\\TomTomHOME.exe"=
"c:\\Program Files\\Vodafone\\HUAWEI K3520\\Driver\\DriverSetup.exe"=
"c:\\Program Files\\www.cproxy.com\\CPROXY.exe"=
"c:\\Program Files\\Vodafone\\Vodafone Mobile Connect\\Bin\\MobileConnect.exe"=
"c:\\Program Files\\Lavalys\\EVEREST Ultimate Edition\\everest.exe"=
"c:\\Program Files\\WIDCOMM\\Bluetooth Software\\BTTray.exe"=
"c:\\Program Files\\Kazaa Acceleration Patch\\Kazaa Acceleration Patch.exe"=
"c:\\Program Files\\Alwil Software\\Avast4\\ashAvast.exe"=
"c:\\Program Files\\Alwil Software\\Avast4\\Setup\\avast.setup"=
"c:\\Program Files\\DAP\\DAP.exe"=
"c:\\Program Files\\Mozilla Firefox 3.6 Beta 5\\firefox.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Fighters\\SLOW-PCfighter\\SLOW-PCfighter.exe"=
"c:\\Program Files\\Adobe\\Acrobat.com\\Acrobat.com.exe"=
"c:\\Program Files\\Innovative Solutions\\DriverMax\\devices.exe"=
"c:\\WIN32\\system32\\dpnsvr.exe"=
"c:\\WIN32\\system32\\dxdiag.exe"=
"c:\\Program Files\\Intuwave Ltd\\Shared\\mRouterRunTime\\mRouterRuntime.exe"=
"e:\\setup_vmc_lite.exe"=
"c:\\Documents and Settings\\noname\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\AnvSoft\\Any DVD Converter Professional\\DVDConvPro.exe"=
"c:\\Program Files\\OO Software\\Defrag\\oodag.exe"=
"c:\\Program Files\\Fighters\\SLOW-PCfighter\\UpDates.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1:TCP"= 1:TCP:*:Disabled:BT COM
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 0 (0x0)
"AllowInboundMaskRequest"= 0 (0x0)
"AllowInboundRouterRequest"= 0 (0x0)
"AllowOutboundDestinationUnreachable"= 0 (0x0)
"AllowOutboundSourceQuench"= 0 (0x0)
"AllowOutboundParameterProblem"= 0 (0x0)
"AllowOutboundTimeExceeded"= 0 (0x0)
"AllowOutboundPacketTooBig"= 0 (0x0)
"AllowRedirect"= 0 (0x0)
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\win32\system32\drivers\klbg.sys [27.12.2009 2:17 33808]
R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\win32\system32\drivers\xfilt.sys [24.10.2009 11:23 22168]
R1 aswSP;avast! Self Protection;c:\win32\system32\drivers\aswSP.sys [29.12.2009 6:13 114768]
R1 HMFAxCore46691b2fe72383a3b643d95081ef1d95;HMFAxCore46691b2fe72383a3b643d95081ef1d95;c:\win32\system32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys [29.10.2009 18:51 24064]
R2 aswFsBlk;aswFsBlk;c:\win32\system32\drivers\aswFsBlk.sys [29.12.2009 6:13 20560]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [4.11.2008 11:39 14336]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\win32\system32\drivers\klmouflt.sys [27.12.2009 2:18 19472]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\win32\system32\drivers\seehcri.sys [30.1.2010 20:00 27632]
S1 SASKUTIL;SASKUTIL; [x]
S3 ATE_PROCMON;ATE_PROCMON; [x]
S3 AVFSFilter;AVFSFilter;c:\win32\system32\DRIVERS\avfsfilter.sys --> c:\win32\system32\DRIVERS\avfsfilter.sys [?]
S3 clr_optimization_v4.0.21006_32;Microsoft .NET Framework NGEN v4.0.21006_X86;c:\win32\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe [7.10.2009 1:44 129856]
S3 DIGIRPS;Ovladač Digi PortServer Driver;c:\win32\system32\drivers\digirlpt.sys [6.2.2010 14:02 42432]
S3 FTLUND;Lundinova Filter Driver;c:\win32\system32\drivers\ftlund.sys [14.2.2009 15:17 6828]
S3 GTMMDMUSB;GT M 3G+ USB MDM;c:\win32\system32\drivers\gtmmdmusb.sys [9.1.2010 22:00 25472]
S3 GTMSERUSB;GT M 3G+ USB SER;c:\win32\system32\drivers\gtmserusb.sys [9.1.2010 19:45 21888]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\win32\system32\drivers\klim5.sys [27.12.2009 2:18 31760]
S3 utdrv;utdrv; [x]
S3 zFTPSvc;zFTPServer; [x]
S4 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\win32\Microsoft.NET\Framework\v4.0.21006\WPF\WPFFontCache_v0400.exe [7.10.2009 1:44 752984]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: Download with Rapget
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Zobrazit originál - c:\program files\www.cproxy.com\original.htm
IE: Zobrazit vše jako originál - c:\program files\www.cproxy.com\originalAll.htm
IE: ???????? ? ????-??????
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\translat\WEBIE.DLL
TCP: {57A535B7-15C5-457E-BCD0-202C73ADD322} = 217.77.165.81 217.77.161.131
FF - ProfilePath - c:\documents and settings\noname\Data aplikací\Mozilla\Firefox\Profiles\77xv9e16.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
c:\program files\Mozilla Firefox 3.6 Beta 5\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{EBFCD017-BCAD-42C3-9ED5-89DBDFC59171} - c:\program files\SpeedBit Toolbar\Toolbar\SpeedBit.dll
MSConfigStartUp-SpeedBitVideoAccelerator - c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-16 01:22
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="B63DC7CD0802A42A38BA5BA702986FC21478533CACD5327A8F3AABB9041C3A99C25870391F13CF0447B95951E2842277F6110503C98BC51EBA76B4EFBB0E356CE9C9A1E3F08A77523568DCACEBB4C1BDA92EC6447FE134E83BD08D4562C427FCE7FB4139597B047FE04C74ABEA69ABFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DA2D97226D213B555A6171C11EC38DE3DF1502D1769CDB3241FFDFEA9DBC7EF0C2F04112A43ACDD9AF199D40AF589339B2C6102443B5C59160B1D02FBEA5347B4DDECBBB6CD0A303DAF1A2619DC677F1EA0F62CBA447D248B994D600B4284AFA34BDD06C0C762BEAC006EDB5BF63C39DF3D67CC3BEA215E43AE83DB3FCB3E2012EE8CE9783E27CDBB11ACCE6C97AB93EA834B39E7E43DC81FC2796263C5E6065CD6F4977317D2965EA3B28BC7E6E034EB0B80F847BFCD14A6DFAF9B2841E940002156F0A8065EC5AD8BA04FD0600535347D27C842DD4D6884A6E4DF9E24B423A383348C7597CA7DE534590FCA53CAA4BB1A2599A872406008C823BC3F29BA768D46D43399AA1D52E91A8572E06467049B32248F2D072A0CA48E3274E5DB7377AA4444653AEF594DBB4E92D4200B914A912B1083E378156D6F529F7C5221D7D489EFD15660710F6A06752EC4F91387DFFE811A014AF68FFB24843F7E262CE7B35FCB8FEA7607CA1C164B4F06C21C0AA5EAC139C93D882B22A2A72756E908A4AB84F0D43DCEE023C75B9AAC913599DC6AFE0FA3D1FE04FC3F6C533097891217C7F28B3D1D1C022D44EB454112ED55C776081ED9C236189EA7A9B27987547C47094B5B280CF7C005607F414F676EE79A03F83C9A776E44AD20A385E41EFBCB46E351B538C1DE47CB5DF4965A241C43223DE7C46B0114DDCC654B9D988A9ADBA4BFEE02D429AF15246ECA64A990C02A36498DAB16A3F98C2025B1E47E2DA9D87BF72D3DA85EB0FCB53EA75A4A270AB5AC3B49F62859574F52040FD3C51D0945E25EBDF624368926ACE8543E0C9908CF659D1BC071CCC6F49118BDFADFA2FA76FAB573537836C68AB7803DE9834932BA3E6FAB37085F45230EEBBCFD82BA299566B5C70C9E9958F90B89734A87CE5F089CA1C11C442637D2FE002F13A8971EA2CA8B556BD1CD92155E7C2B5F3675CF1FE99ACDC6C4E8E0D01C455B078F9FC96DD3565C538FF5AED46DC73E41EE3DA13E13B360A0E8246EBCA4252CB73A6B7D1CB02ABF371C68C803F7C9299655585DF2073C30A8D6096D0DD9783119ED4972A8920F0920FD30603F41D90D9D5130EA233C769671787B4F8901101D32363A43603082632A810B5C7A91412EA68FDD1805A916119F7914ECCEE3AD479E5FF270E6C4721F0434EB02FD333C7799013494A44DC7C26F"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(612)
c:\win32\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(2460)
c:\win32\system32\msi.dll
.
Celkový čas: 2010-02-16 01:25:32
ComboFix-quarantined-files.txt 2010-02-16 00:25
Před spuštěním: Volných bajtů: 10 400 423 936
Po spuštění: Volných bajtů: 10 367 918 080
Current=7 Default=7 Failed=6 LastKnownGood=8 Sets=1,2,3,4,5,6,7,8
- - End Of File - - 25E3DB7737EF35801661591FF2016E3F
Spuštěný z: c:\documents and settings\noname\Plocha\ComboFix.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-16 do 2010-02-16 )))))))))))))))))))))))))))))))
.
2010-02-15 21:00 . 2010-01-07 15:07 38224 ----a-w- c:\win32\system32\drivers\mbamswissarmy.sys
2010-02-15 21:00 . 2010-02-15 21:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-15 21:00 . 2010-01-07 15:07 19160 ----a-w- c:\win32\system32\drivers\mbam.sys
2010-02-15 18:45 . 2010-02-15 18:45 -------- d-----w- c:\program files\Trend Micro
2010-02-14 10:42 . 2001-08-17 20:57 16128 -c--a-w- c:\win32\system32\dllcache\modemcsa.sys
2010-02-14 10:42 . 2001-08-17 20:57 16128 ----a-w- c:\win32\system32\drivers\MODEMCSA.sys
2010-02-14 10:41 . 2010-02-14 10:41 -------- d-----w- c:\program files\Motorola
2010-02-14 10:41 . 2007-08-28 10:53 1019136 ----a-w- c:\win32\system32\drivers\smserial.sys
2010-02-14 10:41 . 2007-08-28 10:48 221184 ----a-w- c:\win32\system32\sm56co76.dll
2010-02-06 13:02 . 2001-10-24 11:24 110621 -c--a-w- c:\win32\system32\dllcache\digirlpt.dll
2010-02-06 13:02 . 2001-10-24 11:24 110621 ----a-w- c:\win32\system32\digirlpt.dll
2010-02-06 13:02 . 2001-10-24 10:41 42432 -c--a-w- c:\win32\system32\dllcache\digirlpt.sys
2010-02-06 13:02 . 2001-10-24 10:41 42432 ----a-w- c:\win32\system32\drivers\digirlpt.sys
2010-01-30 19:00 . 2010-01-30 19:00 27632 ----a-w- c:\win32\system32\drivers\seehcri.sys
2010-01-30 17:30 . 2010-02-01 06:33 -------- d-----w- c:\program files\QuickTime
2010-01-30 16:57 . 2010-01-31 17:29 -------- d-----w- c:\win32\Downloaded Installations
2010-01-30 14:26 . 2010-01-30 14:26 -------- d-----w- c:\program files\AnvSoft
2010-01-30 14:25 . 2010-01-03 23:20 -------- d-----w- c:\program files\Any.DVD.Converter.Professional.v4.0.1.(1.1.2010) (Šlape OKI)
2010-01-27 04:37 . 2010-01-27 04:37 -------- d-----w- c:\program files\Innovative Solutions
2010-01-27 01:24 . 2010-01-27 01:24 -------- dc----w- C:\inetpub
2010-01-27 01:22 . 2010-01-27 01:22 -------- d-----w- c:\win32\system32\wbem\MUI
2010-01-25 05:46 . 2010-01-25 05:46 -------- d-----w- c:\program files\PSPad editor
2010-01-24 23:32 . 2010-01-25 01:32 -------- d-----w- c:\program files\Notepad++
2010-01-24 20:54 . 2010-02-15 22:27 -------- dc----w- C:\Firefox cache
2010-01-18 20:49 . 2010-02-12 05:19 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-01-17 09:45 . 2010-01-17 09:45 -------- d-----w- c:\program files\Conduit
2010-01-17 09:23 . 2010-01-17 11:28 -------- d-----w- c:\program files\Kazaa Acceleration Patch
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-15 23:28 . 2010-01-02 22:28 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 5
2010-02-15 22:39 . 2009-10-24 11:42 -------- d-----w- c:\program files\SpeedBit Video Downloader
2010-02-14 14:46 . 2001-10-25 14:00 96734 ----a-w- c:\win32\system32\perfc005.dat
2010-02-14 14:46 . 2001-10-25 14:00 489228 ----a-w- c:\win32\system32\perfh005.dat
2010-02-14 07:58 . 2004-08-03 21:14 359040 ----a-w- c:\win32\system32\drivers\tcpip.sys
2010-02-14 06:15 . 2009-08-05 20:55 -------- d-----w- c:\program files\Ashampoo
2010-02-13 11:41 . 2009-01-30 21:18 298 ----a-w- c:\win32\dorp.dat
2010-02-01 06:33 . 2008-12-30 23:07 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-01 05:40 . 2009-01-09 12:28 -------- d-----w- c:\program files\Sony Ericsson
2010-01-31 17:32 . 2009-03-22 06:23 -------- d-----w- c:\program files\Common Files\Teleca Shared
2010-01-30 14:16 . 2009-05-17 21:22 -------- d-----w- c:\program files\SlySoft
2010-01-21 19:10 . 2009-04-18 07:56 -------- d-----w- c:\program files\Opera
2010-01-17 01:48 . 2009-12-25 21:36 -------- d-----w- c:\program files\mozilla.org
2010-01-16 23:51 . 2009-10-24 10:03 -------- d-----w- c:\program files\Serials 2005
2010-01-16 23:41 . 2009-12-25 22:19 -------- d-----w- c:\program files\PC Connectivity Solution
2010-01-16 23:29 . 2009-05-02 14:18 -------- d-----w- c:\program files\Lavalys
2010-01-14 20:39 . 2010-01-12 06:10 -------- d-----w- c:\program files\USBTrace
2010-01-14 20:38 . 2009-04-28 11:36 -------- d-----w- c:\program files\Vodafone
2010-01-14 14:54 . 2010-01-12 06:11 16 ----a-w- c:\win32\system32\utinfo.dat
2010-01-12 12:29 . 2010-01-10 06:31 -------- d-----w- c:\program files\Maxthon2
2010-01-10 13:33 . 2010-01-10 13:33 0 ----a-w- c:\win32\system32\cid_store.dat
2010-01-07 21:45 . 2010-01-04 04:47 -------- d-----w- c:\program files\Trojan Remover
2010-01-07 21:43 . 2010-01-04 05:16 -------- d-----w- c:\program files\Anti Trojan Elite
2010-01-07 18:04 . 2010-01-04 01:25 -------- d-----w- c:\program files\Fighters
2010-01-06 05:57 . 2010-01-06 05:57 -------- d-----w- c:\program files\OO Software
2010-01-05 13:15 . 2010-01-05 13:15 -------- d-----w- c:\program files\Driver-Soft
2010-01-04 03:47 . 2010-01-03 21:55 -------- d-----w- c:\program files\CCleaner
2010-01-04 00:27 . 2010-01-02 16:23 -------- d-----w- c:\program files\Lavasoft
2010-01-03 19:13 . 2009-01-03 09:47 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-02 21:27 . 2009-12-14 21:54 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 2
2009-12-29 02:36 . 2009-12-29 02:36 0 ----a-w- c:\win32\ativpsrm.bin
2009-12-29 02:14 . 2009-12-28 21:44 -------- d-----w- c:\program files\ATI Technologies
2009-12-29 01:24 . 2009-12-28 21:44 -------- d-----w- c:\program files\ATI
2009-12-28 20:03 . 2009-08-06 16:56 -------- d-----w- c:\program files\VSO
2009-12-28 20:01 . 2009-08-06 17:10 -------- d-----w- c:\program files\GRETECH
2009-12-28 11:40 . 2009-01-01 09:37 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-28 11:00 . 2009-01-31 14:51 -------- d-----w- c:\program files\Nokia
2009-12-27 13:57 . 2009-12-27 13:57 -------- d-----w- c:\program files\Alwil Software
2009-12-27 11:32 . 2009-12-27 11:32 -------- d-----w- c:\program files\AVG
2009-12-27 01:13 . 2009-10-28 18:44 -------- d-----w- c:\program files\Zkratky
2009-12-26 20:37 . 2009-12-07 04:46 -------- d-----w- c:\program files\CrackDown22
2009-12-26 19:35 . 2009-12-26 19:35 -------- d-----w- c:\program files\Windows Sidebar
2009-12-26 14:56 . 2009-12-17 12:26 -------- d-----w- c:\program files\ProxyPlus
2009-12-25 21:38 . 2009-04-13 10:26 335 -c--a-w- c:\win32\nsreg.dat
2009-12-25 21:37 . 2009-12-25 21:37 8657 ----a-w- c:\win32\mozver.dat
2009-12-23 17:01 . 2009-12-22 20:04 -------- d-----w- c:\program files\Panda Security
2009-12-19 13:31 . 2009-12-17 18:23 -------- d-----w- c:\program files\A4Proxy
2009-12-19 13:30 . 2009-08-06 17:39 -------- d-----w- c:\program files\DesktopPlant
2009-12-15 08:00 . 2009-12-15 08:01 411368 ----a-w- c:\win32\system32\deploytk.dll
2009-11-24 23:54 . 2009-12-29 05:13 1280480 ----a-w- c:\win32\system32\aswBoot.exe
2009-11-24 23:51 . 2009-12-29 05:13 93424 ----a-w- c:\win32\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-12-29 05:13 94160 ----a-w- c:\win32\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-12-29 05:13 114768 ----a-w- c:\win32\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-12-29 05:13 20560 ----a-w- c:\win32\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-12-29 05:13 48560 ----a-w- c:\win32\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-12-29 05:13 23120 ----a-w- c:\win32\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-12-29 05:13 27408 ----a-w- c:\win32\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-12-29 05:13 97480 ----a-w- c:\win32\system32\AvastSS.scr
2009-11-08 22:09 . 2009-11-08 22:09 4607344 ----a-w- c:\program files\PSPad.exe
2008-07-25 08:31 . 2009-05-19 01:17 28672 ----a-w- c:\program files\mozilla firefox\components\flashgetXpi.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-10-29 22:11 . 2010-01-17 11:34 251392 ----a-w- c:\program files\opera\program\plugins\dapop.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.
------- Sigcheck -------
[-] 2010-02-14 . 7B11118B078B88F87183FE69EDA43137 . 359040 . . [5.1.2600.2180] . . c:\win32\system32\dllcache\tcpip.sys
[-] 2010-02-14 . 7B11118B078B88F87183FE69EDA43137 . 359040 . . [5.1.2600.2180] . . c:\win32\system32\drivers\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverMax"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2010-01-18 9072032]
"DriverMax_RESTART"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2010-01-18 9072032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"MobileConnect"="c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2008-11-04 2087424]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-08-28 655360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\win32\system32\CTFMON.EXE" [2004-08-17 15360]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsNetHood"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\c:\0autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WIN32^Nabídka Start^Programy^Po spuštění^Sledování připojení telefonu.lnk]
backupExtension=.CommonStartup
backup=c:\win32\pss\Sledování připojení telefonu.lnk.CommonStartup
[HKLM\~\startupfolder\C:^Documents and Settings^noname^Nabídka Start^Programy^Po spuštění^A4Proxy.lnk]
backup=c:\win32\pss\A4Proxy.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
c:\win32\system32\WLTRAY [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\win32\system32\dumprep 0 -k [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADeck]
2008-12-01 13:35 450560 ----a-w- c:\program files\VIAudioi\SBADeck\ADeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
2008-12-01 13:35 450560 ----a-w- c:\program files\VIAudioi\SBADeck\ADeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
2009-11-24 23:51 81000 ----a-w- c:\progra~1\ALWILS~1\Avast4\ashDisp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cproxy]
2009-12-13 07:21 1896448 ----a-w- c:\program files\www.cproxy.com\CPROXY.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
2009-10-29 22:11 2754048 ----a-w- c:\program files\DAP\DAP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax]
2010-01-18 09:07 9072032 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART]
2010-01-18 09:07 9072032 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-04-25 15:38 133104 ----atw- c:\documents and settings\noname\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kazaa Acceleration Patch]
2010-01-17 09:45 792 ----a-w- c:\program files\Kazaa Acceleration Patch\Kazaa Acceleration Patch.lnk
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2009-09-11 23:34 2524416 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\oodtray]
2009-09-11 23:34 2524416 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfFactory Dispatcher v2]
2006-06-19 20:15 499712 ----a-w- c:\win32\system32\spool\drivers\w32x86\3\fppdis2a.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2009-02-03 21:21 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME]
2007-03-14 14:52 3770024 ----a-w- c:\program files\TomTom HOME\TomTomHOME.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2007-03-14 14:52 3770024 ----a-w- c:\program files\TomTom HOME\TomTomHOME.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\www.cproxy.com]
2009-12-13 07:21 1896448 ----a-w- c:\program files\www.cproxy.com\CPROXY.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WinProxy"=2 (0x2)
"NMIndexingService"=3 (0x3)
"wltrysvc"=2 (0x2)
"VideoAcceleratorService"=3 (0x3)
"O&O Defrag"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WIN32\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\noname\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TomTom HOME\\TomTomHOME.exe"=
"c:\\Program Files\\Vodafone\\HUAWEI K3520\\Driver\\DriverSetup.exe"=
"c:\\Program Files\\www.cproxy.com\\CPROXY.exe"=
"c:\\Program Files\\Vodafone\\Vodafone Mobile Connect\\Bin\\MobileConnect.exe"=
"c:\\Program Files\\Lavalys\\EVEREST Ultimate Edition\\everest.exe"=
"c:\\Program Files\\WIDCOMM\\Bluetooth Software\\BTTray.exe"=
"c:\\Program Files\\Kazaa Acceleration Patch\\Kazaa Acceleration Patch.exe"=
"c:\\Program Files\\Alwil Software\\Avast4\\ashAvast.exe"=
"c:\\Program Files\\Alwil Software\\Avast4\\Setup\\avast.setup"=
"c:\\Program Files\\DAP\\DAP.exe"=
"c:\\Program Files\\Mozilla Firefox 3.6 Beta 5\\firefox.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Fighters\\SLOW-PCfighter\\SLOW-PCfighter.exe"=
"c:\\Program Files\\Adobe\\Acrobat.com\\Acrobat.com.exe"=
"c:\\Program Files\\Innovative Solutions\\DriverMax\\devices.exe"=
"c:\\WIN32\\system32\\dpnsvr.exe"=
"c:\\WIN32\\system32\\dxdiag.exe"=
"c:\\Program Files\\Intuwave Ltd\\Shared\\mRouterRunTime\\mRouterRuntime.exe"=
"e:\\setup_vmc_lite.exe"=
"c:\\Documents and Settings\\noname\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\AnvSoft\\Any DVD Converter Professional\\DVDConvPro.exe"=
"c:\\Program Files\\OO Software\\Defrag\\oodag.exe"=
"c:\\Program Files\\Fighters\\SLOW-PCfighter\\UpDates.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1:TCP"= 1:TCP:*:Disabled:BT COM
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 0 (0x0)
"AllowInboundMaskRequest"= 0 (0x0)
"AllowInboundRouterRequest"= 0 (0x0)
"AllowOutboundDestinationUnreachable"= 0 (0x0)
"AllowOutboundSourceQuench"= 0 (0x0)
"AllowOutboundParameterProblem"= 0 (0x0)
"AllowOutboundTimeExceeded"= 0 (0x0)
"AllowOutboundPacketTooBig"= 0 (0x0)
"AllowRedirect"= 0 (0x0)
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\win32\system32\drivers\klbg.sys [27.12.2009 2:17 33808]
R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\win32\system32\drivers\xfilt.sys [24.10.2009 11:23 22168]
R1 aswSP;avast! Self Protection;c:\win32\system32\drivers\aswSP.sys [29.12.2009 6:13 114768]
R1 HMFAxCore46691b2fe72383a3b643d95081ef1d95;HMFAxCore46691b2fe72383a3b643d95081ef1d95;c:\win32\system32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys [29.10.2009 18:51 24064]
R2 aswFsBlk;aswFsBlk;c:\win32\system32\drivers\aswFsBlk.sys [29.12.2009 6:13 20560]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [4.11.2008 11:39 14336]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\win32\system32\drivers\klmouflt.sys [27.12.2009 2:18 19472]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\win32\system32\drivers\seehcri.sys [30.1.2010 20:00 27632]
S1 SASKUTIL;SASKUTIL; [x]
S3 ATE_PROCMON;ATE_PROCMON; [x]
S3 AVFSFilter;AVFSFilter;c:\win32\system32\DRIVERS\avfsfilter.sys --> c:\win32\system32\DRIVERS\avfsfilter.sys [?]
S3 clr_optimization_v4.0.21006_32;Microsoft .NET Framework NGEN v4.0.21006_X86;c:\win32\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe [7.10.2009 1:44 129856]
S3 DIGIRPS;Ovladač Digi PortServer Driver;c:\win32\system32\drivers\digirlpt.sys [6.2.2010 14:02 42432]
S3 FTLUND;Lundinova Filter Driver;c:\win32\system32\drivers\ftlund.sys [14.2.2009 15:17 6828]
S3 GTMMDMUSB;GT M 3G+ USB MDM;c:\win32\system32\drivers\gtmmdmusb.sys [9.1.2010 22:00 25472]
S3 GTMSERUSB;GT M 3G+ USB SER;c:\win32\system32\drivers\gtmserusb.sys [9.1.2010 19:45 21888]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\win32\system32\drivers\klim5.sys [27.12.2009 2:18 31760]
S3 utdrv;utdrv; [x]
S3 zFTPSvc;zFTPServer; [x]
S4 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\win32\Microsoft.NET\Framework\v4.0.21006\WPF\WPFFontCache_v0400.exe [7.10.2009 1:44 752984]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: Download with Rapget
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Zobrazit originál - c:\program files\www.cproxy.com\original.htm
IE: Zobrazit vše jako originál - c:\program files\www.cproxy.com\originalAll.htm
IE: ???????? ? ????-??????
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\translat\WEBIE.DLL
TCP: {57A535B7-15C5-457E-BCD0-202C73ADD322} = 217.77.165.81 217.77.161.131
FF - ProfilePath - c:\documents and settings\noname\Data aplikací\Mozilla\Firefox\Profiles\77xv9e16.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
c:\program files\Mozilla Firefox 3.6 Beta 5\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{EBFCD017-BCAD-42C3-9ED5-89DBDFC59171} - c:\program files\SpeedBit Toolbar\Toolbar\SpeedBit.dll
MSConfigStartUp-SpeedBitVideoAccelerator - c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-16 01:22
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="B63DC7CD0802A42A38BA5BA702986FC21478533CACD5327A8F3AABB9041C3A99C25870391F13CF0447B95951E2842277F6110503C98BC51EBA76B4EFBB0E356CE9C9A1E3F08A77523568DCACEBB4C1BDA92EC6447FE134E83BD08D4562C427FCE7FB4139597B047FE04C74ABEA69ABFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DA2D97226D213B555A6171C11EC38DE3DF1502D1769CDB3241FFDFEA9DBC7EF0C2F04112A43ACDD9AF199D40AF589339B2C6102443B5C59160B1D02FBEA5347B4DDECBBB6CD0A303DAF1A2619DC677F1EA0F62CBA447D248B994D600B4284AFA34BDD06C0C762BEAC006EDB5BF63C39DF3D67CC3BEA215E43AE83DB3FCB3E2012EE8CE9783E27CDBB11ACCE6C97AB93EA834B39E7E43DC81FC2796263C5E6065CD6F4977317D2965EA3B28BC7E6E034EB0B80F847BFCD14A6DFAF9B2841E940002156F0A8065EC5AD8BA04FD0600535347D27C842DD4D6884A6E4DF9E24B423A383348C7597CA7DE534590FCA53CAA4BB1A2599A872406008C823BC3F29BA768D46D43399AA1D52E91A8572E06467049B32248F2D072A0CA48E3274E5DB7377AA4444653AEF594DBB4E92D4200B914A912B1083E378156D6F529F7C5221D7D489EFD15660710F6A06752EC4F91387DFFE811A014AF68FFB24843F7E262CE7B35FCB8FEA7607CA1C164B4F06C21C0AA5EAC139C93D882B22A2A72756E908A4AB84F0D43DCEE023C75B9AAC913599DC6AFE0FA3D1FE04FC3F6C533097891217C7F28B3D1D1C022D44EB454112ED55C776081ED9C236189EA7A9B27987547C47094B5B280CF7C005607F414F676EE79A03F83C9A776E44AD20A385E41EFBCB46E351B538C1DE47CB5DF4965A241C43223DE7C46B0114DDCC654B9D988A9ADBA4BFEE02D429AF15246ECA64A990C02A36498DAB16A3F98C2025B1E47E2DA9D87BF72D3DA85EB0FCB53EA75A4A270AB5AC3B49F62859574F52040FD3C51D0945E25EBDF624368926ACE8543E0C9908CF659D1BC071CCC6F49118BDFADFA2FA76FAB573537836C68AB7803DE9834932BA3E6FAB37085F45230EEBBCFD82BA299566B5C70C9E9958F90B89734A87CE5F089CA1C11C442637D2FE002F13A8971EA2CA8B556BD1CD92155E7C2B5F3675CF1FE99ACDC6C4E8E0D01C455B078F9FC96DD3565C538FF5AED46DC73E41EE3DA13E13B360A0E8246EBCA4252CB73A6B7D1CB02ABF371C68C803F7C9299655585DF2073C30A8D6096D0DD9783119ED4972A8920F0920FD30603F41D90D9D5130EA233C769671787B4F8901101D32363A43603082632A810B5C7A91412EA68FDD1805A916119F7914ECCEE3AD479E5FF270E6C4721F0434EB02FD333C7799013494A44DC7C26F"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(612)
c:\win32\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(2460)
c:\win32\system32\msi.dll
.
Celkový čas: 2010-02-16 01:25:32
ComboFix-quarantined-files.txt 2010-02-16 00:25
Před spuštěním: Volných bajtů: 10 400 423 936
Po spuštění: Volných bajtů: 10 367 918 080
Current=7 Default=7 Failed=6 LastKnownGood=8 Sets=1,2,3,4,5,6,7,8
- - End Of File - - 25E3DB7737EF35801661591FF2016E3F
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o kontrolu logu
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:
File::
c:\win32\dorp.dat
c:\win32\system32\utinfo.dat
c:\win32\system32\cid_store.dat
c:\win32\nsreg.dat
Folder::
c:\program files\Any.DVD.Converter.Professional.v4.0.1.(1.1.2010) (Šlape OKI)
C:\inetpub
c:\program files\Conduit
c:\program files\Kazaa Acceleration Patch
c:\program files\SpeedBit Video Downloader
c:\program files\AVG
c:\program files\Panda Security
Driver::
SASKUTIL;SASKUTIL
ATE_PROCMON;ATE_PROCMON
utdrv;utdrv
zFTPSvc;zFTPServer
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače
Zkopíruj do něj následující celý text označený zeleně:
File::
c:\win32\dorp.dat
c:\win32\system32\utinfo.dat
c:\win32\system32\cid_store.dat
c:\win32\nsreg.dat
Folder::
c:\program files\Any.DVD.Converter.Professional.v4.0.1.(1.1.2010) (Šlape OKI)
C:\inetpub
c:\program files\Conduit
c:\program files\Kazaa Acceleration Patch
c:\program files\SpeedBit Video Downloader
c:\program files\AVG
c:\program files\Panda Security
Driver::
SASKUTIL;SASKUTIL
ATE_PROCMON;ATE_PROCMON
utdrv;utdrv
zFTPSvc;zFTPServer
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: Prosím o kontrolu logu
ComboFix 10-02-12.01 - noname 16.02.2010 3:09.5.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1535.1015 [GMT 1:00]
Spuštěný z: c:\documents and settings\noname\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\noname\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100215-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FILE ::
"c:\win32\dorp.dat"
"c:\win32\nsreg.dat"
"c:\win32\system32\cid_store.dat"
"c:\win32\system32\utinfo.dat"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\inetpub
c:\inetpub\uddi\resources\uddi.cs.resources
c:\inetpub\uddi\webroot\help\1029\coordinate.configureuddiservices.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.context.categorizationschemes.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.context.coordinate.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.context.changeowner.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.context.impersonateuser.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.context.importdata.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.context.statisticscategorization.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.context.statisticsentity.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.context.statisticspublisher.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.deletecategorizationscheme.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.footer.htm
c:\inetpub\uddi\webroot\help\1029\coordinate.gettingstarted.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.glossary.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.header.htm
c:\inetpub\uddi\webroot\help\1029\coordinate.heading.htm
c:\inetpub\uddi\webroot\help\1029\coordinate.impersonateuser.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.importcategorizationscheme.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.manageownerships.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.toc.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.tou.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.troubleshooting.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.viewstatisticreports.aspx
c:\inetpub\uddi\webroot\help\1029\glossary.administrator.htm
c:\inetpub\uddi\webroot\help\1029\glossary.binding.htm
c:\inetpub\uddi\webroot\help\1029\glossary.categorization.htm
c:\inetpub\uddi\webroot\help\1029\glossary.contact.htm
c:\inetpub\uddi\webroot\help\1029\glossary.coordinator.htm
c:\inetpub\uddi\webroot\help\1029\glossary.discoveryurl.htm
c:\inetpub\uddi\webroot\help\1029\glossary.entity.htm
c:\inetpub\uddi\webroot\help\1029\glossary.htm
c:\inetpub\uddi\webroot\help\1029\glossary.identifier.htm
c:\inetpub\uddi\webroot\help\1029\glossary.instanceinfo.htm
c:\inetpub\uddi\webroot\help\1029\glossary.instanceparameter.htm
c:\inetpub\uddi\webroot\help\1029\glossary.interface.htm
c:\inetpub\uddi\webroot\help\1029\glossary.overviewdocument.htm
c:\inetpub\uddi\webroot\help\1029\glossary.provider.htm
c:\inetpub\uddi\webroot\help\1029\glossary.publisher.htm
c:\inetpub\uddi\webroot\help\1029\glossary.relationship.htm
c:\inetpub\uddi\webroot\help\1029\glossary.service.htm
c:\inetpub\uddi\webroot\help\1029\glossary.soap.htm
c:\inetpub\uddi\webroot\help\1029\glossary.tmodel.htm
c:\inetpub\uddi\webroot\help\1029\glossary.uddi.htm
c:\inetpub\uddi\webroot\help\1029\glossary.user.htm
c:\inetpub\uddi\webroot\help\1029\glossary.webservice.htm
c:\inetpub\uddi\webroot\help\1029\glossary.wsdl.htm
c:\inetpub\uddi\webroot\help\1029\glossary.xml.htm
c:\inetpub\uddi\webroot\help\1029\glossary.xmlwebservice.htm
c:\inetpub\uddi\webroot\help\1029\home.footer.htm
c:\inetpub\uddi\webroot\help\1029\home.glossary.aspx
c:\inetpub\uddi\webroot\help\1029\home.header.htm
c:\inetpub\uddi\webroot\help\1029\home.heading.htm
c:\inetpub\uddi\webroot\help\1029\home.toc.aspx
c:\inetpub\uddi\webroot\help\1029\home.tou.aspx
c:\inetpub\uddi\webroot\help\1029\home.troubleshooting.aspx
c:\inetpub\uddi\webroot\help\1029\images\additional.gif
c:\inetpub\uddi\webroot\help\1029\images\bullet.gif
c:\inetpub\uddi\webroot\help\1029\images\coord.guide.gif
c:\inetpub\uddi\webroot\help\1029\images\home.gif
c:\inetpub\uddi\webroot\help\1029\images\publish.guide.gif
c:\inetpub\uddi\webroot\help\1029\images\search.guide.gif
c:\inetpub\uddi\webroot\help\1029\images\stepbystep.guide.gif
c:\inetpub\uddi\webroot\help\1029\images\uddi_logo.gif
c:\inetpub\uddi\webroot\help\1029\intro.footer.htm
c:\inetpub\uddi\webroot\help\1029\intro.glossary.aspx
c:\inetpub\uddi\webroot\help\1029\intro.header.htm
c:\inetpub\uddi\webroot\help\1029\intro.heading.htm
c:\inetpub\uddi\webroot\help\1029\intro.toc.aspx
c:\inetpub\uddi\webroot\help\1029\intro.tou.aspx
c:\inetpub\uddi\webroot\help\1029\intro.troubleshooting.aspx
c:\inetpub\uddi\webroot\help\1029\intro.whatisuddi.aspx
c:\inetpub\uddi\webroot\help\1029\publish.addbindings.aspx
c:\inetpub\uddi\webroot\help\1029\publish.addcontacts.aspx
c:\inetpub\uddi\webroot\help\1029\publish.addinstances.aspx
c:\inetpub\uddi\webroot\help\1029\publish.addproviders.aspx
c:\inetpub\uddi\webroot\help\1029\publish.addservices.aspx
c:\inetpub\uddi\webroot\help\1029\publish.addtmodels.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.bindingaddinstance.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.bindinginstanceinfo.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.providercontacts.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.providerservices.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publish.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishbindingdetails.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishcontactaddress.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishcontactdetails.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishcontactemail.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishcontactphone.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishinstanceinfodetails.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishinstanceinfooverviewdocument.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishinstanceinstanceinfodetails.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishprovidercategories.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishproviderdetails.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishproviderdiscoveryurls.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishprovideridentifiers.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishproviderrelationships.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishproviders.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishservicecategories.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishservicedetails.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishtmodelcategories.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishtmodeldetails.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishtmodelidentifiers.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishtmodeloverviewdocument.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishtmodels.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.serviceeditbinding.aspx
c:\inetpub\uddi\webroot\help\1029\publish.delete.aspx
c:\inetpub\uddi\webroot\help\1029\publish.footer.htm
c:\inetpub\uddi\webroot\help\1029\publish.gettingstarted.aspx
c:\inetpub\uddi\webroot\help\1029\publish.glossary.aspx
c:\inetpub\uddi\webroot\help\1029\publish.header.htm
c:\inetpub\uddi\webroot\help\1029\publish.heading.htm
c:\inetpub\uddi\webroot\help\1029\publish.modify.aspx
c:\inetpub\uddi\webroot\help\1029\publish.publishinuddiservices.aspx
c:\inetpub\uddi\webroot\help\1029\publish.toc.aspx
c:\inetpub\uddi\webroot\help\1029\publish.tou.aspx
c:\inetpub\uddi\webroot\help\1029\publish.troubleshooting.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.bindingdetails.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.bindinginstanceinfos.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.contactaddress.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.contactdetails.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.contactemail.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.contactemails.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.contactphones.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.instanceinfodetails.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.instanceinfoinstancedetails.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.instanceinfooverviewdocument.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.providercategories.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.providercontacts.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.providerdetails.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.providerdiscoveryurls.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.provideridentifiers.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.providerrelationships.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.providerservices.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.searchbrowsecategory.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.searchproviders.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.searchservices.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.searchtmodels.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.servicebindings.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.servicecategories.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.servicedetails.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.tmodelcategories.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.tmodeldetails.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.tmodelidentifiers.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.tmodeloverviewdocument.aspx
c:\inetpub\uddi\webroot\help\1029\search.footer.htm
c:\inetpub\uddi\webroot\help\1029\search.gettingstarted.aspx
c:\inetpub\uddi\webroot\help\1029\search.glossary.aspx
c:\inetpub\uddi\webroot\help\1029\search.header.htm
c:\inetpub\uddi\webroot\help\1029\search.heading.htm
c:\inetpub\uddi\webroot\help\1029\search.searchbycategory.aspx
c:\inetpub\uddi\webroot\help\1029\search.searchforproviders.aspx
c:\inetpub\uddi\webroot\help\1029\search.searchforservices.aspx
c:\inetpub\uddi\webroot\help\1029\search.searchfortmodels.aspx
c:\inetpub\uddi\webroot\help\1029\search.toc.aspx
c:\inetpub\uddi\webroot\help\1029\search.tou.aspx
c:\inetpub\uddi\webroot\help\1029\search.troubleshooting.aspx
c:\inetpub\uddi\webroot\help\1029\tou.htm
c:\inetpub\uddi\webroot\help\1029\troubleshooting.htm
c:\inetpub\uddi\webroot\help\1029\warning.changestouddi.htm
c:\inetpub\uddi\webroot\help\1029\web.config
c:\inetpub\uddi\webroot\help\1029\wsdlinfo.htm
c:\program files\AVG
c:\program files\AVG\AVG9\avglogx.dll.install_backup
c:\program files\Conduit
c:\program files\Conduit\Community Alerts\Alert.dll
c:\program files\Kazaa Acceleration Patch
c:\program files\Kazaa Acceleration Patch\gdiplus.dll
c:\program files\Kazaa Acceleration Patch\Kazaa Acceleration Patch.exe
c:\program files\Kazaa Acceleration Patch\Kazaa Acceleration Patch.ini
c:\program files\Kazaa Acceleration Patch\Kazaa Acceleration Patch.lnk
c:\program files\Kazaa Acceleration Patch\mfc80.dll
c:\program files\Kazaa Acceleration Patch\packet.dll
c:\program files\Kazaa Acceleration Patch\Skin.skf
c:\program files\Kazaa Acceleration Patch\uninstall.exe
c:\program files\Panda Security
c:\program files\SpeedBit Video Downloader
c:\program files\SpeedBit Video Downloader\SPFireFox\chrome\speedbitvideodownloader.jar
c:\win32\dorp.dat
c:\win32\nsreg.dat
c:\win32\system32\cid_store.dat
c:\win32\system32\utinfo.dat
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-16 do 2010-02-16 )))))))))))))))))))))))))))))))
.
2010-02-15 21:00 . 2010-01-07 15:07 38224 ----a-w- c:\win32\system32\drivers\mbamswissarmy.sys
2010-02-15 21:00 . 2010-02-15 21:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-15 21:00 . 2010-01-07 15:07 19160 ----a-w- c:\win32\system32\drivers\mbam.sys
2010-02-15 18:45 . 2010-02-15 18:45 -------- d-----w- c:\program files\Trend Micro
2010-02-14 10:42 . 2001-08-17 20:57 16128 -c--a-w- c:\win32\system32\dllcache\modemcsa.sys
2010-02-14 10:42 . 2001-08-17 20:57 16128 ----a-w- c:\win32\system32\drivers\MODEMCSA.sys
2010-02-14 10:41 . 2010-02-14 10:41 -------- d-----w- c:\program files\Motorola
2010-02-14 10:41 . 2007-08-28 10:53 1019136 ----a-w- c:\win32\system32\drivers\smserial.sys
2010-02-14 10:41 . 2007-08-28 10:48 221184 ----a-w- c:\win32\system32\sm56co76.dll
2010-02-06 13:02 . 2001-10-24 11:24 110621 -c--a-w- c:\win32\system32\dllcache\digirlpt.dll
2010-02-06 13:02 . 2001-10-24 11:24 110621 ----a-w- c:\win32\system32\digirlpt.dll
2010-02-06 13:02 . 2001-10-24 10:41 42432 -c--a-w- c:\win32\system32\dllcache\digirlpt.sys
2010-02-06 13:02 . 2001-10-24 10:41 42432 ----a-w- c:\win32\system32\drivers\digirlpt.sys
2010-01-30 19:00 . 2010-01-30 19:00 27632 ----a-w- c:\win32\system32\drivers\seehcri.sys
2010-01-30 17:30 . 2010-02-01 06:33 -------- d-----w- c:\program files\QuickTime
2010-01-30 16:57 . 2010-01-31 17:29 -------- d-----w- c:\win32\Downloaded Installations
2010-01-30 14:26 . 2010-01-30 14:26 -------- d-----w- c:\program files\AnvSoft
2010-01-30 14:25 . 2010-01-03 23:20 -------- d-----w- c:\program files\Any.DVD.Converter.Professional.v4.0.1.(1.1.2010) (Šlape OKI)
2010-01-27 04:37 . 2010-01-27 04:37 -------- d-----w- c:\program files\Innovative Solutions
2010-01-27 01:22 . 2010-01-27 01:22 -------- d-----w- c:\win32\system32\wbem\MUI
2010-01-25 05:46 . 2010-01-25 05:46 -------- d-----w- c:\program files\PSPad editor
2010-01-24 23:32 . 2010-01-25 01:32 -------- d-----w- c:\program files\Notepad++
2010-01-24 20:54 . 2010-02-15 22:27 -------- dc----w- C:\Firefox cache
2010-01-18 20:49 . 2010-02-12 05:19 -------- d-----w- c:\program files\TuneUp Utilities 2010
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-16 00:29 . 2010-01-02 22:28 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 5
2010-02-14 14:46 . 2001-10-25 14:00 96734 ----a-w- c:\win32\system32\perfc005.dat
2010-02-14 14:46 . 2001-10-25 14:00 489228 ----a-w- c:\win32\system32\perfh005.dat
2010-02-14 07:58 . 2004-08-03 21:14 359040 ----a-w- c:\win32\system32\drivers\tcpip.sys
2010-02-14 06:15 . 2009-08-05 20:55 -------- d-----w- c:\program files\Ashampoo
2010-02-01 06:33 . 2008-12-30 23:07 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-01 05:40 . 2009-01-09 12:28 -------- d-----w- c:\program files\Sony Ericsson
2010-01-31 17:32 . 2009-03-22 06:23 -------- d-----w- c:\program files\Common Files\Teleca Shared
2010-01-30 14:16 . 2009-05-17 21:22 -------- d-----w- c:\program files\SlySoft
2010-01-21 19:10 . 2009-04-18 07:56 -------- d-----w- c:\program files\Opera
2010-01-17 01:48 . 2009-12-25 21:36 -------- d-----w- c:\program files\mozilla.org
2010-01-16 23:51 . 2009-10-24 10:03 -------- d-----w- c:\program files\Serials 2005
2010-01-16 23:41 . 2009-12-25 22:19 -------- d-----w- c:\program files\PC Connectivity Solution
2010-01-16 23:29 . 2009-05-02 14:18 -------- d-----w- c:\program files\Lavalys
2010-01-14 20:39 . 2010-01-12 06:10 -------- d-----w- c:\program files\USBTrace
2010-01-14 20:38 . 2009-04-28 11:36 -------- d-----w- c:\program files\Vodafone
2010-01-12 12:29 . 2010-01-10 06:31 -------- d-----w- c:\program files\Maxthon2
2010-01-07 21:45 . 2010-01-04 04:47 -------- d-----w- c:\program files\Trojan Remover
2010-01-07 21:43 . 2010-01-04 05:16 -------- d-----w- c:\program files\Anti Trojan Elite
2010-01-07 18:04 . 2010-01-04 01:25 -------- d-----w- c:\program files\Fighters
2010-01-06 05:57 . 2010-01-06 05:57 -------- d-----w- c:\program files\OO Software
2010-01-05 13:15 . 2010-01-05 13:15 -------- d-----w- c:\program files\Driver-Soft
2010-01-04 03:47 . 2010-01-03 21:55 -------- d-----w- c:\program files\CCleaner
2010-01-04 00:27 . 2010-01-02 16:23 -------- d-----w- c:\program files\Lavasoft
2010-01-03 19:13 . 2009-01-03 09:47 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-02 21:27 . 2009-12-14 21:54 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 2
2009-12-29 02:36 . 2009-12-29 02:36 0 ----a-w- c:\win32\ativpsrm.bin
2009-12-29 02:14 . 2009-12-28 21:44 -------- d-----w- c:\program files\ATI Technologies
2009-12-29 01:24 . 2009-12-28 21:44 -------- d-----w- c:\program files\ATI
2009-12-28 20:03 . 2009-08-06 16:56 -------- d-----w- c:\program files\VSO
2009-12-28 20:01 . 2009-08-06 17:10 -------- d-----w- c:\program files\GRETECH
2009-12-28 11:40 . 2009-01-01 09:37 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-28 11:00 . 2009-01-31 14:51 -------- d-----w- c:\program files\Nokia
2009-12-27 13:57 . 2009-12-27 13:57 -------- d-----w- c:\program files\Alwil Software
2009-12-27 01:13 . 2009-10-28 18:44 -------- d-----w- c:\program files\Zkratky
2009-12-26 20:37 . 2009-12-07 04:46 -------- d-----w- c:\program files\CrackDown22
2009-12-26 19:35 . 2009-12-26 19:35 -------- d-----w- c:\program files\Windows Sidebar
2009-12-26 14:56 . 2009-12-17 12:26 -------- d-----w- c:\program files\ProxyPlus
2009-12-25 21:37 . 2009-12-25 21:37 8657 ----a-w- c:\win32\mozver.dat
2009-12-19 13:31 . 2009-12-17 18:23 -------- d-----w- c:\program files\A4Proxy
2009-12-19 13:30 . 2009-08-06 17:39 -------- d-----w- c:\program files\DesktopPlant
2009-12-15 08:00 . 2009-12-15 08:01 411368 ----a-w- c:\win32\system32\deploytk.dll
2009-11-24 23:54 . 2009-12-29 05:13 1280480 ----a-w- c:\win32\system32\aswBoot.exe
2009-11-24 23:51 . 2009-12-29 05:13 93424 ----a-w- c:\win32\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-12-29 05:13 94160 ----a-w- c:\win32\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-12-29 05:13 114768 ----a-w- c:\win32\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-12-29 05:13 20560 ----a-w- c:\win32\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-12-29 05:13 48560 ----a-w- c:\win32\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-12-29 05:13 23120 ----a-w- c:\win32\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-12-29 05:13 27408 ----a-w- c:\win32\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-12-29 05:13 97480 ----a-w- c:\win32\system32\AvastSS.scr
2009-11-08 22:09 . 2009-11-08 22:09 4607344 ----a-w- c:\program files\PSPad.exe
2008-07-25 08:31 . 2009-05-19 01:17 28672 ----a-w- c:\program files\mozilla firefox\components\flashgetXpi.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-10-29 22:11 . 2010-01-17 11:34 251392 ----a-w- c:\program files\opera\program\plugins\dapop.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.
------- Sigcheck -------
[-] 2010-02-14 . 7B11118B078B88F87183FE69EDA43137 . 359040 . . [5.1.2600.2180] . . c:\win32\system32\dllcache\tcpip.sys
[-] 2010-02-14 . 7B11118B078B88F87183FE69EDA43137 . 359040 . . [5.1.2600.2180] . . c:\win32\system32\drivers\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverMax"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2010-01-18 9072032]
"DriverMax_RESTART"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2010-01-18 9072032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"MobileConnect"="c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2008-11-04 2087424]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-08-28 655360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\win32\system32\CTFMON.EXE" [2004-08-17 15360]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsNetHood"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\c:\0autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WIN32^Nabídka Start^Programy^Po spuštění^Sledování připojení telefonu.lnk]
backupExtension=.CommonStartup
backup=c:\win32\pss\Sledování připojení telefonu.lnk.CommonStartup
[HKLM\~\startupfolder\C:^Documents and Settings^noname^Nabídka Start^Programy^Po spuštění^A4Proxy.lnk]
backup=c:\win32\pss\A4Proxy.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
c:\win32\system32\WLTRAY [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\win32\system32\dumprep 0 -k [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADeck]
2008-12-01 13:35 450560 ----a-w- c:\program files\VIAudioi\SBADeck\ADeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
2008-12-01 13:35 450560 ----a-w- c:\program files\VIAudioi\SBADeck\ADeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
2009-11-24 23:51 81000 ----a-w- c:\progra~1\ALWILS~1\Avast4\ashDisp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cproxy]
2009-12-13 07:21 1896448 ----a-w- c:\program files\www.cproxy.com\CPROXY.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
2009-10-29 22:11 2754048 ----a-w- c:\program files\DAP\DAP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax]
2010-01-18 09:07 9072032 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART]
2010-01-18 09:07 9072032 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-04-25 15:38 133104 ----atw- c:\documents and settings\noname\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2009-09-11 23:34 2524416 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\oodtray]
2009-09-11 23:34 2524416 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfFactory Dispatcher v2]
2006-06-19 20:15 499712 ----a-w- c:\win32\system32\spool\drivers\w32x86\3\fppdis2a.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2009-02-03 21:21 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME]
2007-03-14 14:52 3770024 ----a-w- c:\program files\TomTom HOME\TomTomHOME.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2007-03-14 14:52 3770024 ----a-w- c:\program files\TomTom HOME\TomTomHOME.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\www.cproxy.com]
2009-12-13 07:21 1896448 ----a-w- c:\program files\www.cproxy.com\CPROXY.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WinProxy"=2 (0x2)
"NMIndexingService"=3 (0x3)
"wltrysvc"=2 (0x2)
"VideoAcceleratorService"=3 (0x3)
"O&O Defrag"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WIN32\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\noname\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TomTom HOME\\TomTomHOME.exe"=
"c:\\Program Files\\Vodafone\\HUAWEI K3520\\Driver\\DriverSetup.exe"=
"c:\\Program Files\\www.cproxy.com\\CPROXY.exe"=
"c:\\Program Files\\Vodafone\\Vodafone Mobile Connect\\Bin\\MobileConnect.exe"=
"c:\\Program Files\\Lavalys\\EVEREST Ultimate Edition\\everest.exe"=
"c:\\Program Files\\WIDCOMM\\Bluetooth Software\\BTTray.exe"=
"c:\\Program Files\\Alwil Software\\Avast4\\ashAvast.exe"=
"c:\\Program Files\\Alwil Software\\Avast4\\Setup\\avast.setup"=
"c:\\Program Files\\DAP\\DAP.exe"=
"c:\\Program Files\\Mozilla Firefox 3.6 Beta 5\\firefox.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Fighters\\SLOW-PCfighter\\SLOW-PCfighter.exe"=
"c:\\Program Files\\Adobe\\Acrobat.com\\Acrobat.com.exe"=
"c:\\Program Files\\Innovative Solutions\\DriverMax\\devices.exe"=
"c:\\WIN32\\system32\\dpnsvr.exe"=
"c:\\WIN32\\system32\\dxdiag.exe"=
"c:\\Program Files\\Intuwave Ltd\\Shared\\mRouterRunTime\\mRouterRuntime.exe"=
"e:\\setup_vmc_lite.exe"=
"c:\\Documents and Settings\\noname\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\AnvSoft\\Any DVD Converter Professional\\DVDConvPro.exe"=
"c:\\Program Files\\OO Software\\Defrag\\oodag.exe"=
"c:\\Program Files\\Fighters\\SLOW-PCfighter\\UpDates.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1:TCP"= 1:TCP:*:Disabled:BT COM
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 0 (0x0)
"AllowInboundMaskRequest"= 0 (0x0)
"AllowInboundRouterRequest"= 0 (0x0)
"AllowOutboundDestinationUnreachable"= 0 (0x0)
"AllowOutboundSourceQuench"= 0 (0x0)
"AllowOutboundParameterProblem"= 0 (0x0)
"AllowOutboundTimeExceeded"= 0 (0x0)
"AllowOutboundPacketTooBig"= 0 (0x0)
"AllowRedirect"= 0 (0x0)
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\win32\system32\drivers\klbg.sys [27.12.2009 2:17 33808]
R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\win32\system32\drivers\xfilt.sys [24.10.2009 11:23 22168]
R1 aswSP;avast! Self Protection;c:\win32\system32\drivers\aswSP.sys [29.12.2009 6:13 114768]
R1 HMFAxCore46691b2fe72383a3b643d95081ef1d95;HMFAxCore46691b2fe72383a3b643d95081ef1d95;c:\win32\system32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys [29.10.2009 18:51 24064]
R2 aswFsBlk;aswFsBlk;c:\win32\system32\drivers\aswFsBlk.sys [29.12.2009 6:13 20560]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [4.11.2008 11:39 14336]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\win32\system32\drivers\klmouflt.sys [27.12.2009 2:18 19472]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\win32\system32\drivers\seehcri.sys [30.1.2010 20:00 27632]
S1 SASKUTIL;SASKUTIL; [x]
S3 ATE_PROCMON;ATE_PROCMON; [x]
S3 AVFSFilter;AVFSFilter;c:\win32\system32\DRIVERS\avfsfilter.sys --> c:\win32\system32\DRIVERS\avfsfilter.sys [?]
S3 clr_optimization_v4.0.21006_32;Microsoft .NET Framework NGEN v4.0.21006_X86;c:\win32\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe [7.10.2009 1:44 129856]
S3 DIGIRPS;Ovladač Digi PortServer Driver;c:\win32\system32\drivers\digirlpt.sys [6.2.2010 14:02 42432]
S3 FTLUND;Lundinova Filter Driver;c:\win32\system32\drivers\ftlund.sys [14.2.2009 15:17 6828]
S3 GTMMDMUSB;GT M 3G+ USB MDM;c:\win32\system32\drivers\gtmmdmusb.sys [9.1.2010 22:00 25472]
S3 GTMSERUSB;GT M 3G+ USB SER;c:\win32\system32\drivers\gtmserusb.sys [9.1.2010 19:45 21888]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\win32\system32\drivers\klim5.sys [27.12.2009 2:18 31760]
S3 utdrv;utdrv; [x]
S3 zFTPSvc;zFTPServer; [x]
S4 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\win32\Microsoft.NET\Framework\v4.0.21006\WPF\WPFFontCache_v0400.exe [7.10.2009 1:44 752984]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: Download with Rapget
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Zobrazit originál - c:\program files\www.cproxy.com\original.htm
IE: Zobrazit vše jako originál - c:\program files\www.cproxy.com\originalAll.htm
IE: ???????? ? ????-??????
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\translat\WEBIE.DLL
TCP: {57A535B7-15C5-457E-BCD0-202C73ADD322} = 217.77.165.81 217.77.161.131
FF - ProfilePath - c:\documents and settings\noname\Data aplikací\Mozilla\Firefox\Profiles\77xv9e16.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
c:\program files\Mozilla Firefox 3.6 Beta 5\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
MSConfigStartUp-Kazaa Acceleration Patch - c:\program files\Kazaa Acceleration Patch\Kazaa Acceleration Patch.lnk
AddRemove-Kazaa Acceleration Patch - c:\program files\Kazaa Acceleration Patch\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-16 03:16
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="B63DC7CD0802A42A38BA5BA702986FC21478533CACD5327A8F3AABB9041C3A99C25870391F13CF0447B95951E2842277F6110503C98BC51EBA76B4EFBB0E356CE9C9A1E3F08A77523568DCACEBB4C1BDA92EC6447FE134E83BD08D4562C427FCE7FB4139597B047FE04C74ABEA69ABFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DA2D97226D213B555A6171C11EC38DE3DF1502D1769CDB3241FFDFEA9DBC7EF0C2F04112A43ACDD9AF199D40AF589339B2C6102443B5C59160B1D02FBEA5347B4DDECBBB6CD0A303DAF1A2619DC677F1EA0F62CBA447D248B994D600B4284AFA34BDD06C0C762BEAC006EDB5BF63C39DF3D67CC3BEA215E43AE83DB3FCB3E2012EE8CE9783E27CDBB11ACCE6C97AB93EA834B39E7E43DC81FC2796263C5E6065CD6F4977317D2965EA3B28BC7E6E034EB0B80F847BFCD14A6DFAF9B2841E940002156F0A8065EC5AD8BA04FD0600535347D27C842DD4D6884A6E4DF9E24B423A383348C7597CA7DE534590FCA53CAA4BB1A2599A872406008C823BC3F29BA768D46D43399AA1D52E91A8572E06467049B32248F2D072A0CA48E3274E5DB7377AA4444653AEF594DBB4E92D4200B914A912B1083E378156D6F529F7C5221D7D489EFD15660710F6A06752EC4F91387DFFE811A014AF68FFB24843F7E262CE7B35FCB8FEA7607CA1C164B4F06C21C0AA5EAC139C93D882B22A2A72756E908A4AB84F0D43DCEE023C75B9AAC913599DC6AFE0FA3D1FE04FC3F6C533097891217C7F28B3D1D1C022D44EB454112ED55C776081ED9C236189EA7A9B27987547C47094B5B280CF7C005607F414F676EE79A03F83C9A776E44AD20A385E41EFBCB46E351B538C1DE47CB5DF4965A241C43223DE7C46B0114DDCC654B9D988A9ADBA4BFEE02D429AF15246ECA64A990C02A36498DAB16A3F98C2025B1E47E2DA9D87BF72D3DA85EB0FCB53EA75A4A270AB5AC3B49F62859574F52040FD3C51D0945E25EBDF624368926ACE8543E0C9908CF659D1BC071CCC6F49118BDFADFA2FA76FAB573537836C68AB7803DE9834932BA3E6FAB37085F45230EEBBCFD82BA299566B5C70C9E9958F90B89734A87CE5F089CA1C11C442637D2FE002F13A8971EA2CA8B556BD1CD92155E7C2B5F3675CF1FE99ACDC6C4E8E0D01C455B078F9FC96DD3565C538FF5AED46DC73E41EE3DA13E13B360A0E8246EBCA4252CB73A6B7D1CB02ABF371C68C803F7C9299655585DF2073C30A8D6096D0DD9783119ED4972A8920F0920FD30603F41D90D9D5130EA233C769671787B4F8901101D32363A43603082632A810B5C7A91412EA68FDD1805A916119F7914ECCEE3AD479E5FF270E6C4721F0434EB02FD333C7799013494A44DC7C26F"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(612)
c:\win32\system32\Ati2evxx.dll
.
Celkový čas: 2010-02-16 03:19:41
ComboFix-quarantined-files.txt 2010-02-16 02:19
ComboFix2.txt 2010-02-16 00:25
Před spuštěním: Volných bajtů: 10 308 435 968
Po spuštění: Volných bajtů: 10 274 848 768
Current=7 Default=7 Failed=6 LastKnownGood=8 Sets=1,2,3,4,5,6,7,8
- - End Of File - - 3B765A2578E99EB3CBC9EC1AE82C259D
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1535.1015 [GMT 1:00]
Spuštěný z: c:\documents and settings\noname\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\noname\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100215-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FILE ::
"c:\win32\dorp.dat"
"c:\win32\nsreg.dat"
"c:\win32\system32\cid_store.dat"
"c:\win32\system32\utinfo.dat"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\inetpub
c:\inetpub\uddi\resources\uddi.cs.resources
c:\inetpub\uddi\webroot\help\1029\coordinate.configureuddiservices.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.context.categorizationschemes.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.context.coordinate.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.context.changeowner.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.context.impersonateuser.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.context.importdata.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.context.statisticscategorization.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.context.statisticsentity.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.context.statisticspublisher.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.deletecategorizationscheme.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.footer.htm
c:\inetpub\uddi\webroot\help\1029\coordinate.gettingstarted.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.glossary.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.header.htm
c:\inetpub\uddi\webroot\help\1029\coordinate.heading.htm
c:\inetpub\uddi\webroot\help\1029\coordinate.impersonateuser.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.importcategorizationscheme.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.manageownerships.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.toc.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.tou.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.troubleshooting.aspx
c:\inetpub\uddi\webroot\help\1029\coordinate.viewstatisticreports.aspx
c:\inetpub\uddi\webroot\help\1029\glossary.administrator.htm
c:\inetpub\uddi\webroot\help\1029\glossary.binding.htm
c:\inetpub\uddi\webroot\help\1029\glossary.categorization.htm
c:\inetpub\uddi\webroot\help\1029\glossary.contact.htm
c:\inetpub\uddi\webroot\help\1029\glossary.coordinator.htm
c:\inetpub\uddi\webroot\help\1029\glossary.discoveryurl.htm
c:\inetpub\uddi\webroot\help\1029\glossary.entity.htm
c:\inetpub\uddi\webroot\help\1029\glossary.htm
c:\inetpub\uddi\webroot\help\1029\glossary.identifier.htm
c:\inetpub\uddi\webroot\help\1029\glossary.instanceinfo.htm
c:\inetpub\uddi\webroot\help\1029\glossary.instanceparameter.htm
c:\inetpub\uddi\webroot\help\1029\glossary.interface.htm
c:\inetpub\uddi\webroot\help\1029\glossary.overviewdocument.htm
c:\inetpub\uddi\webroot\help\1029\glossary.provider.htm
c:\inetpub\uddi\webroot\help\1029\glossary.publisher.htm
c:\inetpub\uddi\webroot\help\1029\glossary.relationship.htm
c:\inetpub\uddi\webroot\help\1029\glossary.service.htm
c:\inetpub\uddi\webroot\help\1029\glossary.soap.htm
c:\inetpub\uddi\webroot\help\1029\glossary.tmodel.htm
c:\inetpub\uddi\webroot\help\1029\glossary.uddi.htm
c:\inetpub\uddi\webroot\help\1029\glossary.user.htm
c:\inetpub\uddi\webroot\help\1029\glossary.webservice.htm
c:\inetpub\uddi\webroot\help\1029\glossary.wsdl.htm
c:\inetpub\uddi\webroot\help\1029\glossary.xml.htm
c:\inetpub\uddi\webroot\help\1029\glossary.xmlwebservice.htm
c:\inetpub\uddi\webroot\help\1029\home.footer.htm
c:\inetpub\uddi\webroot\help\1029\home.glossary.aspx
c:\inetpub\uddi\webroot\help\1029\home.header.htm
c:\inetpub\uddi\webroot\help\1029\home.heading.htm
c:\inetpub\uddi\webroot\help\1029\home.toc.aspx
c:\inetpub\uddi\webroot\help\1029\home.tou.aspx
c:\inetpub\uddi\webroot\help\1029\home.troubleshooting.aspx
c:\inetpub\uddi\webroot\help\1029\images\additional.gif
c:\inetpub\uddi\webroot\help\1029\images\bullet.gif
c:\inetpub\uddi\webroot\help\1029\images\coord.guide.gif
c:\inetpub\uddi\webroot\help\1029\images\home.gif
c:\inetpub\uddi\webroot\help\1029\images\publish.guide.gif
c:\inetpub\uddi\webroot\help\1029\images\search.guide.gif
c:\inetpub\uddi\webroot\help\1029\images\stepbystep.guide.gif
c:\inetpub\uddi\webroot\help\1029\images\uddi_logo.gif
c:\inetpub\uddi\webroot\help\1029\intro.footer.htm
c:\inetpub\uddi\webroot\help\1029\intro.glossary.aspx
c:\inetpub\uddi\webroot\help\1029\intro.header.htm
c:\inetpub\uddi\webroot\help\1029\intro.heading.htm
c:\inetpub\uddi\webroot\help\1029\intro.toc.aspx
c:\inetpub\uddi\webroot\help\1029\intro.tou.aspx
c:\inetpub\uddi\webroot\help\1029\intro.troubleshooting.aspx
c:\inetpub\uddi\webroot\help\1029\intro.whatisuddi.aspx
c:\inetpub\uddi\webroot\help\1029\publish.addbindings.aspx
c:\inetpub\uddi\webroot\help\1029\publish.addcontacts.aspx
c:\inetpub\uddi\webroot\help\1029\publish.addinstances.aspx
c:\inetpub\uddi\webroot\help\1029\publish.addproviders.aspx
c:\inetpub\uddi\webroot\help\1029\publish.addservices.aspx
c:\inetpub\uddi\webroot\help\1029\publish.addtmodels.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.bindingaddinstance.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.bindinginstanceinfo.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.providercontacts.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.providerservices.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publish.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishbindingdetails.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishcontactaddress.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishcontactdetails.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishcontactemail.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishcontactphone.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishinstanceinfodetails.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishinstanceinfooverviewdocument.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishinstanceinstanceinfodetails.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishprovidercategories.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishproviderdetails.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishproviderdiscoveryurls.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishprovideridentifiers.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishproviderrelationships.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishproviders.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishservicecategories.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishservicedetails.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishtmodelcategories.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishtmodeldetails.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishtmodelidentifiers.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishtmodeloverviewdocument.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.publishtmodels.aspx
c:\inetpub\uddi\webroot\help\1029\publish.context.serviceeditbinding.aspx
c:\inetpub\uddi\webroot\help\1029\publish.delete.aspx
c:\inetpub\uddi\webroot\help\1029\publish.footer.htm
c:\inetpub\uddi\webroot\help\1029\publish.gettingstarted.aspx
c:\inetpub\uddi\webroot\help\1029\publish.glossary.aspx
c:\inetpub\uddi\webroot\help\1029\publish.header.htm
c:\inetpub\uddi\webroot\help\1029\publish.heading.htm
c:\inetpub\uddi\webroot\help\1029\publish.modify.aspx
c:\inetpub\uddi\webroot\help\1029\publish.publishinuddiservices.aspx
c:\inetpub\uddi\webroot\help\1029\publish.toc.aspx
c:\inetpub\uddi\webroot\help\1029\publish.tou.aspx
c:\inetpub\uddi\webroot\help\1029\publish.troubleshooting.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.bindingdetails.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.bindinginstanceinfos.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.contactaddress.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.contactdetails.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.contactemail.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.contactemails.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.contactphones.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.instanceinfodetails.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.instanceinfoinstancedetails.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.instanceinfooverviewdocument.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.providercategories.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.providercontacts.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.providerdetails.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.providerdiscoveryurls.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.provideridentifiers.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.providerrelationships.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.providerservices.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.searchbrowsecategory.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.searchproviders.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.searchservices.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.searchtmodels.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.servicebindings.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.servicecategories.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.servicedetails.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.tmodelcategories.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.tmodeldetails.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.tmodelidentifiers.aspx
c:\inetpub\uddi\webroot\help\1029\search.context.tmodeloverviewdocument.aspx
c:\inetpub\uddi\webroot\help\1029\search.footer.htm
c:\inetpub\uddi\webroot\help\1029\search.gettingstarted.aspx
c:\inetpub\uddi\webroot\help\1029\search.glossary.aspx
c:\inetpub\uddi\webroot\help\1029\search.header.htm
c:\inetpub\uddi\webroot\help\1029\search.heading.htm
c:\inetpub\uddi\webroot\help\1029\search.searchbycategory.aspx
c:\inetpub\uddi\webroot\help\1029\search.searchforproviders.aspx
c:\inetpub\uddi\webroot\help\1029\search.searchforservices.aspx
c:\inetpub\uddi\webroot\help\1029\search.searchfortmodels.aspx
c:\inetpub\uddi\webroot\help\1029\search.toc.aspx
c:\inetpub\uddi\webroot\help\1029\search.tou.aspx
c:\inetpub\uddi\webroot\help\1029\search.troubleshooting.aspx
c:\inetpub\uddi\webroot\help\1029\tou.htm
c:\inetpub\uddi\webroot\help\1029\troubleshooting.htm
c:\inetpub\uddi\webroot\help\1029\warning.changestouddi.htm
c:\inetpub\uddi\webroot\help\1029\web.config
c:\inetpub\uddi\webroot\help\1029\wsdlinfo.htm
c:\program files\AVG
c:\program files\AVG\AVG9\avglogx.dll.install_backup
c:\program files\Conduit
c:\program files\Conduit\Community Alerts\Alert.dll
c:\program files\Kazaa Acceleration Patch
c:\program files\Kazaa Acceleration Patch\gdiplus.dll
c:\program files\Kazaa Acceleration Patch\Kazaa Acceleration Patch.exe
c:\program files\Kazaa Acceleration Patch\Kazaa Acceleration Patch.ini
c:\program files\Kazaa Acceleration Patch\Kazaa Acceleration Patch.lnk
c:\program files\Kazaa Acceleration Patch\mfc80.dll
c:\program files\Kazaa Acceleration Patch\packet.dll
c:\program files\Kazaa Acceleration Patch\Skin.skf
c:\program files\Kazaa Acceleration Patch\uninstall.exe
c:\program files\Panda Security
c:\program files\SpeedBit Video Downloader
c:\program files\SpeedBit Video Downloader\SPFireFox\chrome\speedbitvideodownloader.jar
c:\win32\dorp.dat
c:\win32\nsreg.dat
c:\win32\system32\cid_store.dat
c:\win32\system32\utinfo.dat
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-16 do 2010-02-16 )))))))))))))))))))))))))))))))
.
2010-02-15 21:00 . 2010-01-07 15:07 38224 ----a-w- c:\win32\system32\drivers\mbamswissarmy.sys
2010-02-15 21:00 . 2010-02-15 21:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-15 21:00 . 2010-01-07 15:07 19160 ----a-w- c:\win32\system32\drivers\mbam.sys
2010-02-15 18:45 . 2010-02-15 18:45 -------- d-----w- c:\program files\Trend Micro
2010-02-14 10:42 . 2001-08-17 20:57 16128 -c--a-w- c:\win32\system32\dllcache\modemcsa.sys
2010-02-14 10:42 . 2001-08-17 20:57 16128 ----a-w- c:\win32\system32\drivers\MODEMCSA.sys
2010-02-14 10:41 . 2010-02-14 10:41 -------- d-----w- c:\program files\Motorola
2010-02-14 10:41 . 2007-08-28 10:53 1019136 ----a-w- c:\win32\system32\drivers\smserial.sys
2010-02-14 10:41 . 2007-08-28 10:48 221184 ----a-w- c:\win32\system32\sm56co76.dll
2010-02-06 13:02 . 2001-10-24 11:24 110621 -c--a-w- c:\win32\system32\dllcache\digirlpt.dll
2010-02-06 13:02 . 2001-10-24 11:24 110621 ----a-w- c:\win32\system32\digirlpt.dll
2010-02-06 13:02 . 2001-10-24 10:41 42432 -c--a-w- c:\win32\system32\dllcache\digirlpt.sys
2010-02-06 13:02 . 2001-10-24 10:41 42432 ----a-w- c:\win32\system32\drivers\digirlpt.sys
2010-01-30 19:00 . 2010-01-30 19:00 27632 ----a-w- c:\win32\system32\drivers\seehcri.sys
2010-01-30 17:30 . 2010-02-01 06:33 -------- d-----w- c:\program files\QuickTime
2010-01-30 16:57 . 2010-01-31 17:29 -------- d-----w- c:\win32\Downloaded Installations
2010-01-30 14:26 . 2010-01-30 14:26 -------- d-----w- c:\program files\AnvSoft
2010-01-30 14:25 . 2010-01-03 23:20 -------- d-----w- c:\program files\Any.DVD.Converter.Professional.v4.0.1.(1.1.2010) (Šlape OKI)
2010-01-27 04:37 . 2010-01-27 04:37 -------- d-----w- c:\program files\Innovative Solutions
2010-01-27 01:22 . 2010-01-27 01:22 -------- d-----w- c:\win32\system32\wbem\MUI
2010-01-25 05:46 . 2010-01-25 05:46 -------- d-----w- c:\program files\PSPad editor
2010-01-24 23:32 . 2010-01-25 01:32 -------- d-----w- c:\program files\Notepad++
2010-01-24 20:54 . 2010-02-15 22:27 -------- dc----w- C:\Firefox cache
2010-01-18 20:49 . 2010-02-12 05:19 -------- d-----w- c:\program files\TuneUp Utilities 2010
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-16 00:29 . 2010-01-02 22:28 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 5
2010-02-14 14:46 . 2001-10-25 14:00 96734 ----a-w- c:\win32\system32\perfc005.dat
2010-02-14 14:46 . 2001-10-25 14:00 489228 ----a-w- c:\win32\system32\perfh005.dat
2010-02-14 07:58 . 2004-08-03 21:14 359040 ----a-w- c:\win32\system32\drivers\tcpip.sys
2010-02-14 06:15 . 2009-08-05 20:55 -------- d-----w- c:\program files\Ashampoo
2010-02-01 06:33 . 2008-12-30 23:07 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-01 05:40 . 2009-01-09 12:28 -------- d-----w- c:\program files\Sony Ericsson
2010-01-31 17:32 . 2009-03-22 06:23 -------- d-----w- c:\program files\Common Files\Teleca Shared
2010-01-30 14:16 . 2009-05-17 21:22 -------- d-----w- c:\program files\SlySoft
2010-01-21 19:10 . 2009-04-18 07:56 -------- d-----w- c:\program files\Opera
2010-01-17 01:48 . 2009-12-25 21:36 -------- d-----w- c:\program files\mozilla.org
2010-01-16 23:51 . 2009-10-24 10:03 -------- d-----w- c:\program files\Serials 2005
2010-01-16 23:41 . 2009-12-25 22:19 -------- d-----w- c:\program files\PC Connectivity Solution
2010-01-16 23:29 . 2009-05-02 14:18 -------- d-----w- c:\program files\Lavalys
2010-01-14 20:39 . 2010-01-12 06:10 -------- d-----w- c:\program files\USBTrace
2010-01-14 20:38 . 2009-04-28 11:36 -------- d-----w- c:\program files\Vodafone
2010-01-12 12:29 . 2010-01-10 06:31 -------- d-----w- c:\program files\Maxthon2
2010-01-07 21:45 . 2010-01-04 04:47 -------- d-----w- c:\program files\Trojan Remover
2010-01-07 21:43 . 2010-01-04 05:16 -------- d-----w- c:\program files\Anti Trojan Elite
2010-01-07 18:04 . 2010-01-04 01:25 -------- d-----w- c:\program files\Fighters
2010-01-06 05:57 . 2010-01-06 05:57 -------- d-----w- c:\program files\OO Software
2010-01-05 13:15 . 2010-01-05 13:15 -------- d-----w- c:\program files\Driver-Soft
2010-01-04 03:47 . 2010-01-03 21:55 -------- d-----w- c:\program files\CCleaner
2010-01-04 00:27 . 2010-01-02 16:23 -------- d-----w- c:\program files\Lavasoft
2010-01-03 19:13 . 2009-01-03 09:47 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-02 21:27 . 2009-12-14 21:54 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 2
2009-12-29 02:36 . 2009-12-29 02:36 0 ----a-w- c:\win32\ativpsrm.bin
2009-12-29 02:14 . 2009-12-28 21:44 -------- d-----w- c:\program files\ATI Technologies
2009-12-29 01:24 . 2009-12-28 21:44 -------- d-----w- c:\program files\ATI
2009-12-28 20:03 . 2009-08-06 16:56 -------- d-----w- c:\program files\VSO
2009-12-28 20:01 . 2009-08-06 17:10 -------- d-----w- c:\program files\GRETECH
2009-12-28 11:40 . 2009-01-01 09:37 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-28 11:00 . 2009-01-31 14:51 -------- d-----w- c:\program files\Nokia
2009-12-27 13:57 . 2009-12-27 13:57 -------- d-----w- c:\program files\Alwil Software
2009-12-27 01:13 . 2009-10-28 18:44 -------- d-----w- c:\program files\Zkratky
2009-12-26 20:37 . 2009-12-07 04:46 -------- d-----w- c:\program files\CrackDown22
2009-12-26 19:35 . 2009-12-26 19:35 -------- d-----w- c:\program files\Windows Sidebar
2009-12-26 14:56 . 2009-12-17 12:26 -------- d-----w- c:\program files\ProxyPlus
2009-12-25 21:37 . 2009-12-25 21:37 8657 ----a-w- c:\win32\mozver.dat
2009-12-19 13:31 . 2009-12-17 18:23 -------- d-----w- c:\program files\A4Proxy
2009-12-19 13:30 . 2009-08-06 17:39 -------- d-----w- c:\program files\DesktopPlant
2009-12-15 08:00 . 2009-12-15 08:01 411368 ----a-w- c:\win32\system32\deploytk.dll
2009-11-24 23:54 . 2009-12-29 05:13 1280480 ----a-w- c:\win32\system32\aswBoot.exe
2009-11-24 23:51 . 2009-12-29 05:13 93424 ----a-w- c:\win32\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-12-29 05:13 94160 ----a-w- c:\win32\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-12-29 05:13 114768 ----a-w- c:\win32\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-12-29 05:13 20560 ----a-w- c:\win32\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-12-29 05:13 48560 ----a-w- c:\win32\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-12-29 05:13 23120 ----a-w- c:\win32\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-12-29 05:13 27408 ----a-w- c:\win32\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-12-29 05:13 97480 ----a-w- c:\win32\system32\AvastSS.scr
2009-11-08 22:09 . 2009-11-08 22:09 4607344 ----a-w- c:\program files\PSPad.exe
2008-07-25 08:31 . 2009-05-19 01:17 28672 ----a-w- c:\program files\mozilla firefox\components\flashgetXpi.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-10-29 22:11 . 2010-01-17 11:34 251392 ----a-w- c:\program files\opera\program\plugins\dapop.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.
------- Sigcheck -------
[-] 2010-02-14 . 7B11118B078B88F87183FE69EDA43137 . 359040 . . [5.1.2600.2180] . . c:\win32\system32\dllcache\tcpip.sys
[-] 2010-02-14 . 7B11118B078B88F87183FE69EDA43137 . 359040 . . [5.1.2600.2180] . . c:\win32\system32\drivers\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverMax"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2010-01-18 9072032]
"DriverMax_RESTART"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2010-01-18 9072032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"MobileConnect"="c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2008-11-04 2087424]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-08-28 655360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\win32\system32\CTFMON.EXE" [2004-08-17 15360]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsNetHood"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\c:\0autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WIN32^Nabídka Start^Programy^Po spuštění^Sledování připojení telefonu.lnk]
backupExtension=.CommonStartup
backup=c:\win32\pss\Sledování připojení telefonu.lnk.CommonStartup
[HKLM\~\startupfolder\C:^Documents and Settings^noname^Nabídka Start^Programy^Po spuštění^A4Proxy.lnk]
backup=c:\win32\pss\A4Proxy.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
c:\win32\system32\WLTRAY [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\win32\system32\dumprep 0 -k [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADeck]
2008-12-01 13:35 450560 ----a-w- c:\program files\VIAudioi\SBADeck\ADeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
2008-12-01 13:35 450560 ----a-w- c:\program files\VIAudioi\SBADeck\ADeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
2009-11-24 23:51 81000 ----a-w- c:\progra~1\ALWILS~1\Avast4\ashDisp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cproxy]
2009-12-13 07:21 1896448 ----a-w- c:\program files\www.cproxy.com\CPROXY.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
2009-10-29 22:11 2754048 ----a-w- c:\program files\DAP\DAP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax]
2010-01-18 09:07 9072032 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART]
2010-01-18 09:07 9072032 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-04-25 15:38 133104 ----atw- c:\documents and settings\noname\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2009-09-11 23:34 2524416 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\oodtray]
2009-09-11 23:34 2524416 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfFactory Dispatcher v2]
2006-06-19 20:15 499712 ----a-w- c:\win32\system32\spool\drivers\w32x86\3\fppdis2a.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2009-02-03 21:21 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME]
2007-03-14 14:52 3770024 ----a-w- c:\program files\TomTom HOME\TomTomHOME.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2007-03-14 14:52 3770024 ----a-w- c:\program files\TomTom HOME\TomTomHOME.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\www.cproxy.com]
2009-12-13 07:21 1896448 ----a-w- c:\program files\www.cproxy.com\CPROXY.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WinProxy"=2 (0x2)
"NMIndexingService"=3 (0x3)
"wltrysvc"=2 (0x2)
"VideoAcceleratorService"=3 (0x3)
"O&O Defrag"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WIN32\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\noname\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TomTom HOME\\TomTomHOME.exe"=
"c:\\Program Files\\Vodafone\\HUAWEI K3520\\Driver\\DriverSetup.exe"=
"c:\\Program Files\\www.cproxy.com\\CPROXY.exe"=
"c:\\Program Files\\Vodafone\\Vodafone Mobile Connect\\Bin\\MobileConnect.exe"=
"c:\\Program Files\\Lavalys\\EVEREST Ultimate Edition\\everest.exe"=
"c:\\Program Files\\WIDCOMM\\Bluetooth Software\\BTTray.exe"=
"c:\\Program Files\\Alwil Software\\Avast4\\ashAvast.exe"=
"c:\\Program Files\\Alwil Software\\Avast4\\Setup\\avast.setup"=
"c:\\Program Files\\DAP\\DAP.exe"=
"c:\\Program Files\\Mozilla Firefox 3.6 Beta 5\\firefox.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Fighters\\SLOW-PCfighter\\SLOW-PCfighter.exe"=
"c:\\Program Files\\Adobe\\Acrobat.com\\Acrobat.com.exe"=
"c:\\Program Files\\Innovative Solutions\\DriverMax\\devices.exe"=
"c:\\WIN32\\system32\\dpnsvr.exe"=
"c:\\WIN32\\system32\\dxdiag.exe"=
"c:\\Program Files\\Intuwave Ltd\\Shared\\mRouterRunTime\\mRouterRuntime.exe"=
"e:\\setup_vmc_lite.exe"=
"c:\\Documents and Settings\\noname\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\AnvSoft\\Any DVD Converter Professional\\DVDConvPro.exe"=
"c:\\Program Files\\OO Software\\Defrag\\oodag.exe"=
"c:\\Program Files\\Fighters\\SLOW-PCfighter\\UpDates.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1:TCP"= 1:TCP:*:Disabled:BT COM
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 0 (0x0)
"AllowInboundMaskRequest"= 0 (0x0)
"AllowInboundRouterRequest"= 0 (0x0)
"AllowOutboundDestinationUnreachable"= 0 (0x0)
"AllowOutboundSourceQuench"= 0 (0x0)
"AllowOutboundParameterProblem"= 0 (0x0)
"AllowOutboundTimeExceeded"= 0 (0x0)
"AllowOutboundPacketTooBig"= 0 (0x0)
"AllowRedirect"= 0 (0x0)
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\win32\system32\drivers\klbg.sys [27.12.2009 2:17 33808]
R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\win32\system32\drivers\xfilt.sys [24.10.2009 11:23 22168]
R1 aswSP;avast! Self Protection;c:\win32\system32\drivers\aswSP.sys [29.12.2009 6:13 114768]
R1 HMFAxCore46691b2fe72383a3b643d95081ef1d95;HMFAxCore46691b2fe72383a3b643d95081ef1d95;c:\win32\system32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys [29.10.2009 18:51 24064]
R2 aswFsBlk;aswFsBlk;c:\win32\system32\drivers\aswFsBlk.sys [29.12.2009 6:13 20560]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [4.11.2008 11:39 14336]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\win32\system32\drivers\klmouflt.sys [27.12.2009 2:18 19472]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\win32\system32\drivers\seehcri.sys [30.1.2010 20:00 27632]
S1 SASKUTIL;SASKUTIL; [x]
S3 ATE_PROCMON;ATE_PROCMON; [x]
S3 AVFSFilter;AVFSFilter;c:\win32\system32\DRIVERS\avfsfilter.sys --> c:\win32\system32\DRIVERS\avfsfilter.sys [?]
S3 clr_optimization_v4.0.21006_32;Microsoft .NET Framework NGEN v4.0.21006_X86;c:\win32\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe [7.10.2009 1:44 129856]
S3 DIGIRPS;Ovladač Digi PortServer Driver;c:\win32\system32\drivers\digirlpt.sys [6.2.2010 14:02 42432]
S3 FTLUND;Lundinova Filter Driver;c:\win32\system32\drivers\ftlund.sys [14.2.2009 15:17 6828]
S3 GTMMDMUSB;GT M 3G+ USB MDM;c:\win32\system32\drivers\gtmmdmusb.sys [9.1.2010 22:00 25472]
S3 GTMSERUSB;GT M 3G+ USB SER;c:\win32\system32\drivers\gtmserusb.sys [9.1.2010 19:45 21888]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\win32\system32\drivers\klim5.sys [27.12.2009 2:18 31760]
S3 utdrv;utdrv; [x]
S3 zFTPSvc;zFTPServer; [x]
S4 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\win32\Microsoft.NET\Framework\v4.0.21006\WPF\WPFFontCache_v0400.exe [7.10.2009 1:44 752984]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: Download with Rapget
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Zobrazit originál - c:\program files\www.cproxy.com\original.htm
IE: Zobrazit vše jako originál - c:\program files\www.cproxy.com\originalAll.htm
IE: ???????? ? ????-??????
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\translat\WEBIE.DLL
TCP: {57A535B7-15C5-457E-BCD0-202C73ADD322} = 217.77.165.81 217.77.161.131
FF - ProfilePath - c:\documents and settings\noname\Data aplikací\Mozilla\Firefox\Profiles\77xv9e16.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
c:\program files\Mozilla Firefox 3.6 Beta 5\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
MSConfigStartUp-Kazaa Acceleration Patch - c:\program files\Kazaa Acceleration Patch\Kazaa Acceleration Patch.lnk
AddRemove-Kazaa Acceleration Patch - c:\program files\Kazaa Acceleration Patch\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-16 03:16
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="B63DC7CD0802A42A38BA5BA702986FC21478533CACD5327A8F3AABB9041C3A99C25870391F13CF0447B95951E2842277F6110503C98BC51EBA76B4EFBB0E356CE9C9A1E3F08A77523568DCACEBB4C1BDA92EC6447FE134E83BD08D4562C427FCE7FB4139597B047FE04C74ABEA69ABFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DA2D97226D213B555A6171C11EC38DE3DF1502D1769CDB3241FFDFEA9DBC7EF0C2F04112A43ACDD9AF199D40AF589339B2C6102443B5C59160B1D02FBEA5347B4DDECBBB6CD0A303DAF1A2619DC677F1EA0F62CBA447D248B994D600B4284AFA34BDD06C0C762BEAC006EDB5BF63C39DF3D67CC3BEA215E43AE83DB3FCB3E2012EE8CE9783E27CDBB11ACCE6C97AB93EA834B39E7E43DC81FC2796263C5E6065CD6F4977317D2965EA3B28BC7E6E034EB0B80F847BFCD14A6DFAF9B2841E940002156F0A8065EC5AD8BA04FD0600535347D27C842DD4D6884A6E4DF9E24B423A383348C7597CA7DE534590FCA53CAA4BB1A2599A872406008C823BC3F29BA768D46D43399AA1D52E91A8572E06467049B32248F2D072A0CA48E3274E5DB7377AA4444653AEF594DBB4E92D4200B914A912B1083E378156D6F529F7C5221D7D489EFD15660710F6A06752EC4F91387DFFE811A014AF68FFB24843F7E262CE7B35FCB8FEA7607CA1C164B4F06C21C0AA5EAC139C93D882B22A2A72756E908A4AB84F0D43DCEE023C75B9AAC913599DC6AFE0FA3D1FE04FC3F6C533097891217C7F28B3D1D1C022D44EB454112ED55C776081ED9C236189EA7A9B27987547C47094B5B280CF7C005607F414F676EE79A03F83C9A776E44AD20A385E41EFBCB46E351B538C1DE47CB5DF4965A241C43223DE7C46B0114DDCC654B9D988A9ADBA4BFEE02D429AF15246ECA64A990C02A36498DAB16A3F98C2025B1E47E2DA9D87BF72D3DA85EB0FCB53EA75A4A270AB5AC3B49F62859574F52040FD3C51D0945E25EBDF624368926ACE8543E0C9908CF659D1BC071CCC6F49118BDFADFA2FA76FAB573537836C68AB7803DE9834932BA3E6FAB37085F45230EEBBCFD82BA299566B5C70C9E9958F90B89734A87CE5F089CA1C11C442637D2FE002F13A8971EA2CA8B556BD1CD92155E7C2B5F3675CF1FE99ACDC6C4E8E0D01C455B078F9FC96DD3565C538FF5AED46DC73E41EE3DA13E13B360A0E8246EBCA4252CB73A6B7D1CB02ABF371C68C803F7C9299655585DF2073C30A8D6096D0DD9783119ED4972A8920F0920FD30603F41D90D9D5130EA233C769671787B4F8901101D32363A43603082632A810B5C7A91412EA68FDD1805A916119F7914ECCEE3AD479E5FF270E6C4721F0434EB02FD333C7799013494A44DC7C26F"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(612)
c:\win32\system32\Ati2evxx.dll
.
Celkový čas: 2010-02-16 03:19:41
ComboFix-quarantined-files.txt 2010-02-16 02:19
ComboFix2.txt 2010-02-16 00:25
Před spuštěním: Volných bajtů: 10 308 435 968
Po spuštění: Volných bajtů: 10 274 848 768
Current=7 Default=7 Failed=6 LastKnownGood=8 Sets=1,2,3,4,5,6,7,8
- - End Of File - - 3B765A2578E99EB3CBC9EC1AE82C259D
Re: Prosím o kontrolu logu
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:23:50, on 16.2.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WIN32\System32\smss.exe
C:\WIN32\system32\winlogon.exe
C:\WIN32\system32\services.exe
C:\WIN32\system32\lsass.exe
C:\WIN32\system32\Ati2evxx.exe
C:\WIN32\system32\svchost.exe
C:\WIN32\system32\Ati2evxx.exe
C:\WIN32\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WIN32\system32\spoolsv.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WIN32\system32\locator.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\WIN32\system32\notepad.exe
C:\WIN32\explorer.exe
C:\Program Files\Mozilla Firefox 3.6 Beta 5\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKCU\..\Run: [DriverMax] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -agent
O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -RESTART
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WIN32\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WIN32\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Zobrazit originál - C:\Program Files\www.cproxy.com\original.htm
O8 - Extra context menu item: Zobrazit vše jako originál - C:\Program Files\www.cproxy.com\originalAll.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\win32\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{57A535B7-15C5-457E-BCD0-202C73ADD322}: NameServer = 217.77.165.81 217.77.161.131
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WIN32\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WIN32\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WIN32\System32\wltrysvc.exe
--
End of file - 6436 bytes
Scan saved at 3:23:50, on 16.2.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WIN32\System32\smss.exe
C:\WIN32\system32\winlogon.exe
C:\WIN32\system32\services.exe
C:\WIN32\system32\lsass.exe
C:\WIN32\system32\Ati2evxx.exe
C:\WIN32\system32\svchost.exe
C:\WIN32\system32\Ati2evxx.exe
C:\WIN32\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WIN32\system32\spoolsv.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WIN32\system32\locator.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\WIN32\system32\notepad.exe
C:\WIN32\explorer.exe
C:\Program Files\Mozilla Firefox 3.6 Beta 5\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKCU\..\Run: [DriverMax] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -agent
O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -RESTART
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WIN32\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WIN32\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Zobrazit originál - C:\Program Files\www.cproxy.com\original.htm
O8 - Extra context menu item: Zobrazit vše jako originál - C:\Program Files\www.cproxy.com\originalAll.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\win32\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{57A535B7-15C5-457E-BCD0-202C73ADD322}: NameServer = 217.77.165.81 217.77.161.131
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WIN32\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WIN32\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WIN32\System32\wltrysvc.exe
--
End of file - 6436 bytes
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o kontrolu logu
Prosím tě, co to máš za program?:
? Mám origoš 4.0.3 (překládám to), proto vím, že toto je blbost.
SUPERAntiSpyware bylo odinstalované pomocí SASUnin?
Červený soubor zkontroluj na Virustotalu a vlož sem odkaz na výsledek.
Pokud ho nenajdeš, dej si zobrazit skryté a systémové soubory. Pokud ti nabídne, že soubor už kontroloval,
nech ho zkontrolovat znovu, a počkej až se objeví "Dokončeno" a výsledek.Potom sem zkopíruj adresní řádek.
c:\program files\www.cproxy.com\CPROXY.exe
c:\win32\system32\spool\drivers\w32x86\3\fppdis2a.exe
Kód: Vybrat vše
c:\program files\Any.DVD.Converter.Professional.v4.0.1.(1.1.2010) (Šlape OKI)? Mám origoš 4.0.3 (překládám to), proto vím, že toto je blbost.
SUPERAntiSpyware bylo odinstalované pomocí SASUnin?
Červený soubor zkontroluj na Virustotalu a vlož sem odkaz na výsledek.
Pokud ho nenajdeš, dej si zobrazit skryté a systémové soubory. Pokud ti nabídne, že soubor už kontroloval,
nech ho zkontrolovat znovu, a počkej až se objeví "Dokončeno" a výsledek.Potom sem zkopíruj adresní řádek.
c:\program files\www.cproxy.com\CPROXY.exe
c:\win32\system32\spool\drivers\w32x86\3\fppdis2a.exe
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: Prosím o kontrolu logu
adresní řádek:
http://www.virustotal.com/cs/analisis/6 ... 1266289993
výsledek prvního odkazu: Soubor CPROXY.exe přijatý 2010.02.16 03:13:13 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO
Výsledek: 1/41 (2.44%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: ___.
Odhadovaný čas začátku mezi ___ a ___ .
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Formátované
Vytisknout výsledky Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.
Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.02.16 -
AhnLab-V3 5.0.0.2 2010.02.15 -
AntiVir 7.9.1.170 2010.02.15 -
Antiy-AVL 2.0.3.7 2010.02.15 -
Authentium 5.2.0.5 2010.02.15 -
Avast 4.8.1351.0 2010.02.15 -
AVG 9.0.0.730 2010.02.16 -
BitDefender 7.2 2010.02.16 -
CAT-QuickHeal 10.00 2010.02.15 -
ClamAV 0.96.0.0-git 2010.02.15 -
Comodo 3950 2010.02.16 -
DrWeb 5.0.1.12222 2010.02.16 -
eSafe 7.0.17.0 2010.02.15 -
eTrust-Vet 35.2.7304 2010.02.15 -
F-Prot 4.5.1.85 2010.02.15 -
F-Secure 9.0.15370.0 2010.02.15 -
Fortinet 4.0.14.0 2010.02.15 -
GData 19 2010.02.16 -
Ikarus T3.1.1.80.0 2010.02.16 -
Jiangmin 13.0.900 2010.02.15 -
K7AntiVirus 7.10.974 2010.02.15 -
Kaspersky 7.0.0.125 2010.02.16 -
McAfee 5893 2010.02.15 -
McAfee+Artemis 5893 2010.02.15 -
McAfee-GW-Edition 6.8.5 2010.02.15 -
Microsoft 1.5406 2010.02.16 -
NOD32 4869 2010.02.15 -
Norman 6.04.08 2010.02.15 -
nProtect 2009.1.8.0 2010.02.15 -
Panda 10.0.2.2 2010.02.15 -
PCTools 7.0.3.5 2010.02.16 -
Prevx 3.0 2010.02.16 -
Rising 22.34.01.03 2010.02.11 -
Sophos 4.50.0 2010.02.15 CProxy
Sunbelt 5680 2010.02.16 -
Symantec 20091.2.0.41 2010.02.16 -
TheHacker 6.5.1.4.195 2010.02.16 -
TrendMicro 9.120.0.1004 2010.02.15 -
VBA32 3.12.12.2 2010.02.16 -
ViRobot 2010.2.13.2186 2010.02.13 -
VirusBuster 5.0.21.0 2010.02.15 -
Rozšiřující informace
File size: 1896448 bytes
MD5...: e8cf6e1cc70a62ab1ad527973bce03dc
SHA1..: 8c3d590cd7f22d2e6a606bd06d0d91be085bcc49
SHA256: 6ff3e035323767769a9320587152abd2308c0badb34360d9d887312d9a67af90
ssdeep: 24576:2Cozf1D52S7S+U4Ssn0M/EnGFkL37cYtpEtMcv4Pca8ieTXEDaSZJ6w9fd
y:2jzNOLun0hZ37hZL8DUZ42y
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x13eadc
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)
( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x13e18c 0x13e200 6.51 da0e8ddf778558e2a1df35c1ed4966ad
DATA 0x140000 0x1dfc0 0x1e000 7.40 85fdbeaa6819c34787e6c532086b1374
BSS 0x15e000 0x2186d 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x180000 0x3234 0x3400 4.97 d66f50f911c0e9b7e71ee563a730dd30
.tls 0x184000 0x24 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x185000 0x18 0x200 0.21 ab6635ea71a811672338ab21d708c5f7
.reloc 0x186000 0x149fc 0x14a00 6.66 30fdfde634f58d7ee2eb78e38f476528
.rsrc 0x19b000 0x5aa00 0x5aa00 6.52 0fefcb923cf60e7a3ca05d4103cd65a4
( 20 imports )
> kernel32.dll: GetCurrentThreadId, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpynA, lstrcpyA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, ExitThread, CreateThread, WriteFile, UnhandledExceptionFilter, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetSystemTime, GetFileType, CreateFileA, CloseHandle
> user32.dll: GetKeyboardType, LoadStringA, MessageBoxA, CharNextA
> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
> oleaut32.dll: SafeArrayPutElement, SafeArrayPtrOfIndex, SafeArrayGetElement, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayGetUBound, SafeArrayCreate, VariantChangeTypeEx, VariantCopyInd, VariantClear, SysStringLen, SysFreeString, SysReAllocStringLen, SysAllocStringLen
> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA, GetModuleFileNameA
> advapi32.dll: ReportEventA, RegisterEventSourceA, RegSetValueExW, RegSetValueExA, RegQueryValueExW, RegQueryValueExA, RegQueryInfoKeyA, RegOpenKeyExW, RegOpenKeyExA, RegFlushKey, RegEnumKeyExW, RegEnumKeyExA, RegDeleteValueA, RegDeleteKeyW, RegDeleteKeyA, RegCreateKeyExW, RegCreateKeyExA, RegCloseKey, GetUserNameA, DeregisterEventSource
> kernel32.dll: lstrcpyA, WritePrivateProfileStringA, WriteFile, WideCharToMultiByte, WaitForSingleObject, WaitForMultipleObjects, VirtualQuery, VirtualProtect, VirtualAlloc, TerminateThread, SuspendThread, Sleep, SizeofResource, SetThreadPriority, SetThreadLocale, SetFilePointer, SetFileAttributesA, SetEvent, SetErrorMode, SetEndOfFile, SetCurrentDirectoryA, ResumeThread, ResetEvent, ReadFile, QueryPerformanceCounter, MultiByteToWideChar, MulDiv, MoveFileA, LockResource, LoadResource, LoadLibraryA, LeaveCriticalSection, InitializeCriticalSection, GlobalUnlock, GlobalSize, GlobalReAlloc, GlobalHandle, GlobalLock, GlobalFree, GlobalDeleteAtom, GlobalAlloc, GlobalAddAtomA, GetWindowsDirectoryA, GetVersionExA, GetVersion, GetUserDefaultLCID, GetTimeZoneInformation, GetTickCount, GetThreadLocale, GetSystemTime, GetSystemInfo, GetProcAddress, GetPrivateProfileStringA, GetModuleHandleA, GetModuleFileNameW, GetModuleFileNameA, GetLocaleInfoA, GetLocalTime, GetLastError, GetFullPathNameA, GetExitCodeThread, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentThreadId, GetCurrentProcessId, GetCurrentDirectoryA, GetCommandLineW, GetCPInfo, GetACP, FreeResource, FreeLibrary, FormatMessageA, FlushFileBuffers, FindResourceA, FindNextFileA, FindFirstFileA, FindClose, FileTimeToLocalFileTime, FileTimeToDosDateTime, EnumCalendarInfoA, EnterCriticalSection, DeleteFileA, DeleteCriticalSection, CreateThread, CreateProcessA, CreateMutexA, CreateFileW, CreateFileA, CreateEventA, CreateDirectoryA, CompareStringW, CompareStringA, CloseHandle
> version.dll: VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA
> gdi32.dll: UnrealizeObject, StretchBlt, SetWindowOrgEx, SetWindowExtEx, SetWinMetaFileBits, SetViewportOrgEx, SetViewportExtEx, SetTextColor, SetStretchBltMode, SetROP2, SetPixel, SetMapMode, SetEnhMetaFileBits, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SelectPalette, SelectObject, SelectClipRgn, SaveDC, RoundRect, RestoreDC, Rectangle, RectVisible, RealizePalette, Polyline, PolyPolyline, PlayEnhMetaFile, PatBlt, MoveToEx, MaskBlt, LineTo, LPtoDP, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetTextMetricsA, GetTextExtentPointA, GetTextExtentPoint32W, GetTextExtentPoint32A, GetSystemPaletteEntries, GetStockObject, GetRgnBox, GetPixel, GetPaletteEntries, GetObjectType, GetObjectA, GetNearestColor, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileDescriptionA, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetClipRgn, GetClipBox, GetBrushOrgEx, GetBitmapBits, GdiFlush, ExtTextOutW, ExtTextOutA, ExtCreatePen, ExcludeClipRect, Ellipse, DeleteObject, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreateRectRgn, CreatePenIndirect, CreatePalette, CreateHalftonePalette, CreateFontIndirectA, CreateEnhMetaFileA, CreateDIBitmap, CreateDIBSection, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileA, CombineRgn, CloseEnhMetaFile, BitBlt
> user32.dll: WindowFromPoint, WinHelpA, WaitMessage, ValidateRect, UpdateWindow, UnregisterClassW, UnregisterClassA, UnionRect, UnhookWindowsHookEx, TranslateMessage, TranslateMDISysAccel, TrackPopupMenu, SystemParametersInfoA, ShowWindow, ShowScrollBar, ShowOwnedPopups, ShowCursor, SetWindowsHookExW, SetWindowsHookExA, SetWindowTextW, SetWindowTextA, SetWindowPos, SetWindowPlacement, SetWindowLongW, SetWindowLongA, SetTimer, SetScrollRange, SetScrollPos, SetScrollInfo, SetRect, SetPropA, SetParent, SetMenuItemInfoW, SetMenuItemInfoA, SetMenu, SetKeyboardState, SetForegroundWindow, SetFocus, SetCursor, SetClipboardData, SetClassLongA, SetCapture, SetActiveWindow, SendMessageW, SendMessageA, ScrollWindowEx, ScrollWindow, ScreenToClient, RemovePropA, RemoveMenu, ReleaseDC, ReleaseCapture, RegisterWindowMessageA, RegisterClipboardFormatA, RegisterClassW, RegisterClassA, RedrawWindow, PtInRect, PostThreadMessageA, PostQuitMessage, PostMessageW, PostMessageA, PeekMessageA, OpenClipboard, OffsetRect, OemToCharA, MsgWaitForMultipleObjects, MessageBoxA, MessageBeep, MapWindowPoints, MapVirtualKeyW, MapVirtualKeyA, LoadStringW, LoadStringA, LoadKeyboardLayoutA, LoadIconA, LoadCursorA, LoadBitmapA, KillTimer, IsZoomed, IsWindowVisible, IsWindowUnicode, IsWindowEnabled, IsWindow, IsRectEmpty, IsIconic, IsDialogMessageA, IsClipboardFormatAvailable, IsChild, IsCharAlphaNumericA, IsCharAlphaA, InvalidateRect, IntersectRect, InsertMenuItemA, InsertMenuA, InflateRect, GetWindowThreadProcessId, GetWindowTextLengthW, GetWindowTextW, GetWindowTextA, GetWindowRect, GetWindowPlacement, GetWindowLongW, GetWindowLongA, GetWindowDC, GetTopWindow, GetSystemMetrics, GetSystemMenu, GetSysColor, GetSubMenu, GetScrollRange, GetScrollPos, GetScrollInfo, GetPropA, GetParent, GetWindow, GetMessageTime, GetMessageA, GetMenuStringW, GetMenuStringA, GetMenuState, GetMenuItemInfoW, GetMenuItemInfoA, GetMenuItemID, GetMenuItemCount, GetMenu, GetLastActivePopup, GetKeyboardState, GetKeyboardLayoutList, GetKeyboardLayout, GetKeyState, GetKeyNameTextW, GetKeyNameTextA, GetIconInfo, GetForegroundWindow, GetFocus, GetDoubleClickTime, GetDesktopWindow, GetDCEx, GetDC, GetCursorPos, GetCursor, GetClipboardData, GetClientRect, GetClassNameW, GetClassInfoW, GetClassInfoA, GetCapture, GetActiveWindow, FrameRect, FlashWindow, FindWindowA, FillRect, EqualRect, EnumWindows, EnumThreadWindows, EnumClipboardFormats, EndPaint, EnableWindow, EnableScrollBar, EnableMenuItem, EmptyClipboard, DrawTextW, DrawTextA, DrawMenuBar, DrawIconEx, DrawIcon, DrawFrameControl, DrawFocusRect, DrawEdge, DispatchMessageW, DispatchMessageA, DestroyWindow, DestroyMenu, DestroyIcon, DestroyCursor, DeleteMenu, DefWindowProcW, DefWindowProcA, DefMDIChildProcW, DefMDIChildProcA, DefFrameProcW, DefFrameProcA, CreateWindowExW, CreateWindowExA, CreatePopupMenu, CreateMenu, CreateMDIWindowW, CreateIcon, CloseClipboard, ClientToScreen, CheckMenuItem, CharUpperBuffW, CharUpperW, CharLowerBuffW, CharLowerW, CallWindowProcW, CallWindowProcA, CallNextHookEx, BeginPaint, CharLowerBuffA, CharLowerA, CharUpperBuffA, CharUpperA, AdjustWindowRectEx, ActivateKeyboardLayout
> kernel32.dll: VirtualFree, VirtualAlloc, LocalAlloc
> ole32.dll: CreateStreamOnHGlobal, IsAccelerator, OleDraw, OleSetMenuDescriptor, CoCreateInstance, CoGetClassObject, CoUninitialize, CoInitialize, IsEqualGUID
> oleaut32.dll: GetErrorInfo, SysFreeString
> advapi32.dll: StartServiceCtrlDispatcherA, SetServiceStatus, RegisterServiceCtrlHandlerA, QueryServiceConfigA, OpenServiceA, OpenSCManagerA, DeleteService, CreateServiceA, CloseServiceHandle
> comctl32.dll: ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_SetDragCursorImage, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_Remove, ImageList_DrawEx, ImageList_Replace, ImageList_Draw, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_ReplaceIcon, ImageList_Add, ImageList_GetImageCount, ImageList_Destroy, ImageList_Create, InitCommonControls
> shell32.dll: Shell_NotifyIconW, Shell_NotifyIconA, ShellExecuteA
> wininet.dll: InternetSetOptionA, InternetQueryOptionA
> winmm.dll: timeGetTime
> wsock32.dll: __WSAFDIsSet, WSACleanup, WSAStartup, WSAGetLastError, gethostname, getservbyport, getservbyname, getprotobynumber, getprotobyname, gethostbyname, gethostbyaddr, socket, shutdown, setsockopt, sendto, send, select, recvfrom, recv, ntohs, ntohl, listen, ioctlsocket, inet_ntoa, inet_addr, htons, htonl, getsockopt, getsockname, getpeername, connect, closesocket, bind, accept
> kernel32.dll: MulDiv
( 0 exports )
RDS...: NSRL Reference Data Set
-
trid..: InstallShield setup (37.7%)
Win32 EXE PECompact compressed (generic) (36.4%)
Win32 Executable Delphi generic (12.8%)
Win32 Executable Generic (7.4%)
Win16/32 Executable Delphi generic (1.8%)
sigcheck:
publisher....: www.cproxy.com
copyright....: Jaroslav Br__ek
product......:
description..: CPROXY.com
original name: CPROXY.exe
internal name:
file version.: 1.0.8.77
comments.....:
signers......: -
signing date.: -
verified.....: Unsigned
pdfid.: -
http://www.virustotal.com/cs/analisis/6 ... 1266289993
výsledek prvního odkazu: Soubor CPROXY.exe přijatý 2010.02.16 03:13:13 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO
Výsledek: 1/41 (2.44%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: ___.
Odhadovaný čas začátku mezi ___ a ___ .
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Formátované
Vytisknout výsledky Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.
Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.02.16 -
AhnLab-V3 5.0.0.2 2010.02.15 -
AntiVir 7.9.1.170 2010.02.15 -
Antiy-AVL 2.0.3.7 2010.02.15 -
Authentium 5.2.0.5 2010.02.15 -
Avast 4.8.1351.0 2010.02.15 -
AVG 9.0.0.730 2010.02.16 -
BitDefender 7.2 2010.02.16 -
CAT-QuickHeal 10.00 2010.02.15 -
ClamAV 0.96.0.0-git 2010.02.15 -
Comodo 3950 2010.02.16 -
DrWeb 5.0.1.12222 2010.02.16 -
eSafe 7.0.17.0 2010.02.15 -
eTrust-Vet 35.2.7304 2010.02.15 -
F-Prot 4.5.1.85 2010.02.15 -
F-Secure 9.0.15370.0 2010.02.15 -
Fortinet 4.0.14.0 2010.02.15 -
GData 19 2010.02.16 -
Ikarus T3.1.1.80.0 2010.02.16 -
Jiangmin 13.0.900 2010.02.15 -
K7AntiVirus 7.10.974 2010.02.15 -
Kaspersky 7.0.0.125 2010.02.16 -
McAfee 5893 2010.02.15 -
McAfee+Artemis 5893 2010.02.15 -
McAfee-GW-Edition 6.8.5 2010.02.15 -
Microsoft 1.5406 2010.02.16 -
NOD32 4869 2010.02.15 -
Norman 6.04.08 2010.02.15 -
nProtect 2009.1.8.0 2010.02.15 -
Panda 10.0.2.2 2010.02.15 -
PCTools 7.0.3.5 2010.02.16 -
Prevx 3.0 2010.02.16 -
Rising 22.34.01.03 2010.02.11 -
Sophos 4.50.0 2010.02.15 CProxy
Sunbelt 5680 2010.02.16 -
Symantec 20091.2.0.41 2010.02.16 -
TheHacker 6.5.1.4.195 2010.02.16 -
TrendMicro 9.120.0.1004 2010.02.15 -
VBA32 3.12.12.2 2010.02.16 -
ViRobot 2010.2.13.2186 2010.02.13 -
VirusBuster 5.0.21.0 2010.02.15 -
Rozšiřující informace
File size: 1896448 bytes
MD5...: e8cf6e1cc70a62ab1ad527973bce03dc
SHA1..: 8c3d590cd7f22d2e6a606bd06d0d91be085bcc49
SHA256: 6ff3e035323767769a9320587152abd2308c0badb34360d9d887312d9a67af90
ssdeep: 24576:2Cozf1D52S7S+U4Ssn0M/EnGFkL37cYtpEtMcv4Pca8ieTXEDaSZJ6w9fd
y:2jzNOLun0hZ37hZL8DUZ42y
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x13eadc
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)
( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x13e18c 0x13e200 6.51 da0e8ddf778558e2a1df35c1ed4966ad
DATA 0x140000 0x1dfc0 0x1e000 7.40 85fdbeaa6819c34787e6c532086b1374
BSS 0x15e000 0x2186d 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x180000 0x3234 0x3400 4.97 d66f50f911c0e9b7e71ee563a730dd30
.tls 0x184000 0x24 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x185000 0x18 0x200 0.21 ab6635ea71a811672338ab21d708c5f7
.reloc 0x186000 0x149fc 0x14a00 6.66 30fdfde634f58d7ee2eb78e38f476528
.rsrc 0x19b000 0x5aa00 0x5aa00 6.52 0fefcb923cf60e7a3ca05d4103cd65a4
( 20 imports )
> kernel32.dll: GetCurrentThreadId, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpynA, lstrcpyA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, ExitThread, CreateThread, WriteFile, UnhandledExceptionFilter, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetSystemTime, GetFileType, CreateFileA, CloseHandle
> user32.dll: GetKeyboardType, LoadStringA, MessageBoxA, CharNextA
> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
> oleaut32.dll: SafeArrayPutElement, SafeArrayPtrOfIndex, SafeArrayGetElement, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayGetUBound, SafeArrayCreate, VariantChangeTypeEx, VariantCopyInd, VariantClear, SysStringLen, SysFreeString, SysReAllocStringLen, SysAllocStringLen
> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA, GetModuleFileNameA
> advapi32.dll: ReportEventA, RegisterEventSourceA, RegSetValueExW, RegSetValueExA, RegQueryValueExW, RegQueryValueExA, RegQueryInfoKeyA, RegOpenKeyExW, RegOpenKeyExA, RegFlushKey, RegEnumKeyExW, RegEnumKeyExA, RegDeleteValueA, RegDeleteKeyW, RegDeleteKeyA, RegCreateKeyExW, RegCreateKeyExA, RegCloseKey, GetUserNameA, DeregisterEventSource
> kernel32.dll: lstrcpyA, WritePrivateProfileStringA, WriteFile, WideCharToMultiByte, WaitForSingleObject, WaitForMultipleObjects, VirtualQuery, VirtualProtect, VirtualAlloc, TerminateThread, SuspendThread, Sleep, SizeofResource, SetThreadPriority, SetThreadLocale, SetFilePointer, SetFileAttributesA, SetEvent, SetErrorMode, SetEndOfFile, SetCurrentDirectoryA, ResumeThread, ResetEvent, ReadFile, QueryPerformanceCounter, MultiByteToWideChar, MulDiv, MoveFileA, LockResource, LoadResource, LoadLibraryA, LeaveCriticalSection, InitializeCriticalSection, GlobalUnlock, GlobalSize, GlobalReAlloc, GlobalHandle, GlobalLock, GlobalFree, GlobalDeleteAtom, GlobalAlloc, GlobalAddAtomA, GetWindowsDirectoryA, GetVersionExA, GetVersion, GetUserDefaultLCID, GetTimeZoneInformation, GetTickCount, GetThreadLocale, GetSystemTime, GetSystemInfo, GetProcAddress, GetPrivateProfileStringA, GetModuleHandleA, GetModuleFileNameW, GetModuleFileNameA, GetLocaleInfoA, GetLocalTime, GetLastError, GetFullPathNameA, GetExitCodeThread, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentThreadId, GetCurrentProcessId, GetCurrentDirectoryA, GetCommandLineW, GetCPInfo, GetACP, FreeResource, FreeLibrary, FormatMessageA, FlushFileBuffers, FindResourceA, FindNextFileA, FindFirstFileA, FindClose, FileTimeToLocalFileTime, FileTimeToDosDateTime, EnumCalendarInfoA, EnterCriticalSection, DeleteFileA, DeleteCriticalSection, CreateThread, CreateProcessA, CreateMutexA, CreateFileW, CreateFileA, CreateEventA, CreateDirectoryA, CompareStringW, CompareStringA, CloseHandle
> version.dll: VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA
> gdi32.dll: UnrealizeObject, StretchBlt, SetWindowOrgEx, SetWindowExtEx, SetWinMetaFileBits, SetViewportOrgEx, SetViewportExtEx, SetTextColor, SetStretchBltMode, SetROP2, SetPixel, SetMapMode, SetEnhMetaFileBits, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SelectPalette, SelectObject, SelectClipRgn, SaveDC, RoundRect, RestoreDC, Rectangle, RectVisible, RealizePalette, Polyline, PolyPolyline, PlayEnhMetaFile, PatBlt, MoveToEx, MaskBlt, LineTo, LPtoDP, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetTextMetricsA, GetTextExtentPointA, GetTextExtentPoint32W, GetTextExtentPoint32A, GetSystemPaletteEntries, GetStockObject, GetRgnBox, GetPixel, GetPaletteEntries, GetObjectType, GetObjectA, GetNearestColor, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileDescriptionA, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetClipRgn, GetClipBox, GetBrushOrgEx, GetBitmapBits, GdiFlush, ExtTextOutW, ExtTextOutA, ExtCreatePen, ExcludeClipRect, Ellipse, DeleteObject, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreateRectRgn, CreatePenIndirect, CreatePalette, CreateHalftonePalette, CreateFontIndirectA, CreateEnhMetaFileA, CreateDIBitmap, CreateDIBSection, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileA, CombineRgn, CloseEnhMetaFile, BitBlt
> user32.dll: WindowFromPoint, WinHelpA, WaitMessage, ValidateRect, UpdateWindow, UnregisterClassW, UnregisterClassA, UnionRect, UnhookWindowsHookEx, TranslateMessage, TranslateMDISysAccel, TrackPopupMenu, SystemParametersInfoA, ShowWindow, ShowScrollBar, ShowOwnedPopups, ShowCursor, SetWindowsHookExW, SetWindowsHookExA, SetWindowTextW, SetWindowTextA, SetWindowPos, SetWindowPlacement, SetWindowLongW, SetWindowLongA, SetTimer, SetScrollRange, SetScrollPos, SetScrollInfo, SetRect, SetPropA, SetParent, SetMenuItemInfoW, SetMenuItemInfoA, SetMenu, SetKeyboardState, SetForegroundWindow, SetFocus, SetCursor, SetClipboardData, SetClassLongA, SetCapture, SetActiveWindow, SendMessageW, SendMessageA, ScrollWindowEx, ScrollWindow, ScreenToClient, RemovePropA, RemoveMenu, ReleaseDC, ReleaseCapture, RegisterWindowMessageA, RegisterClipboardFormatA, RegisterClassW, RegisterClassA, RedrawWindow, PtInRect, PostThreadMessageA, PostQuitMessage, PostMessageW, PostMessageA, PeekMessageA, OpenClipboard, OffsetRect, OemToCharA, MsgWaitForMultipleObjects, MessageBoxA, MessageBeep, MapWindowPoints, MapVirtualKeyW, MapVirtualKeyA, LoadStringW, LoadStringA, LoadKeyboardLayoutA, LoadIconA, LoadCursorA, LoadBitmapA, KillTimer, IsZoomed, IsWindowVisible, IsWindowUnicode, IsWindowEnabled, IsWindow, IsRectEmpty, IsIconic, IsDialogMessageA, IsClipboardFormatAvailable, IsChild, IsCharAlphaNumericA, IsCharAlphaA, InvalidateRect, IntersectRect, InsertMenuItemA, InsertMenuA, InflateRect, GetWindowThreadProcessId, GetWindowTextLengthW, GetWindowTextW, GetWindowTextA, GetWindowRect, GetWindowPlacement, GetWindowLongW, GetWindowLongA, GetWindowDC, GetTopWindow, GetSystemMetrics, GetSystemMenu, GetSysColor, GetSubMenu, GetScrollRange, GetScrollPos, GetScrollInfo, GetPropA, GetParent, GetWindow, GetMessageTime, GetMessageA, GetMenuStringW, GetMenuStringA, GetMenuState, GetMenuItemInfoW, GetMenuItemInfoA, GetMenuItemID, GetMenuItemCount, GetMenu, GetLastActivePopup, GetKeyboardState, GetKeyboardLayoutList, GetKeyboardLayout, GetKeyState, GetKeyNameTextW, GetKeyNameTextA, GetIconInfo, GetForegroundWindow, GetFocus, GetDoubleClickTime, GetDesktopWindow, GetDCEx, GetDC, GetCursorPos, GetCursor, GetClipboardData, GetClientRect, GetClassNameW, GetClassInfoW, GetClassInfoA, GetCapture, GetActiveWindow, FrameRect, FlashWindow, FindWindowA, FillRect, EqualRect, EnumWindows, EnumThreadWindows, EnumClipboardFormats, EndPaint, EnableWindow, EnableScrollBar, EnableMenuItem, EmptyClipboard, DrawTextW, DrawTextA, DrawMenuBar, DrawIconEx, DrawIcon, DrawFrameControl, DrawFocusRect, DrawEdge, DispatchMessageW, DispatchMessageA, DestroyWindow, DestroyMenu, DestroyIcon, DestroyCursor, DeleteMenu, DefWindowProcW, DefWindowProcA, DefMDIChildProcW, DefMDIChildProcA, DefFrameProcW, DefFrameProcA, CreateWindowExW, CreateWindowExA, CreatePopupMenu, CreateMenu, CreateMDIWindowW, CreateIcon, CloseClipboard, ClientToScreen, CheckMenuItem, CharUpperBuffW, CharUpperW, CharLowerBuffW, CharLowerW, CallWindowProcW, CallWindowProcA, CallNextHookEx, BeginPaint, CharLowerBuffA, CharLowerA, CharUpperBuffA, CharUpperA, AdjustWindowRectEx, ActivateKeyboardLayout
> kernel32.dll: VirtualFree, VirtualAlloc, LocalAlloc
> ole32.dll: CreateStreamOnHGlobal, IsAccelerator, OleDraw, OleSetMenuDescriptor, CoCreateInstance, CoGetClassObject, CoUninitialize, CoInitialize, IsEqualGUID
> oleaut32.dll: GetErrorInfo, SysFreeString
> advapi32.dll: StartServiceCtrlDispatcherA, SetServiceStatus, RegisterServiceCtrlHandlerA, QueryServiceConfigA, OpenServiceA, OpenSCManagerA, DeleteService, CreateServiceA, CloseServiceHandle
> comctl32.dll: ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_SetDragCursorImage, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_Remove, ImageList_DrawEx, ImageList_Replace, ImageList_Draw, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_ReplaceIcon, ImageList_Add, ImageList_GetImageCount, ImageList_Destroy, ImageList_Create, InitCommonControls
> shell32.dll: Shell_NotifyIconW, Shell_NotifyIconA, ShellExecuteA
> wininet.dll: InternetSetOptionA, InternetQueryOptionA
> winmm.dll: timeGetTime
> wsock32.dll: __WSAFDIsSet, WSACleanup, WSAStartup, WSAGetLastError, gethostname, getservbyport, getservbyname, getprotobynumber, getprotobyname, gethostbyname, gethostbyaddr, socket, shutdown, setsockopt, sendto, send, select, recvfrom, recv, ntohs, ntohl, listen, ioctlsocket, inet_ntoa, inet_addr, htons, htonl, getsockopt, getsockname, getpeername, connect, closesocket, bind, accept
> kernel32.dll: MulDiv
( 0 exports )
RDS...: NSRL Reference Data Set
-
trid..: InstallShield setup (37.7%)
Win32 EXE PECompact compressed (generic) (36.4%)
Win32 Executable Delphi generic (12.8%)
Win32 Executable Generic (7.4%)
Win16/32 Executable Delphi generic (1.8%)
sigcheck:
publisher....: www.cproxy.com
copyright....: Jaroslav Br__ek
product......:
description..: CPROXY.com
original name: CPROXY.exe
internal name:
file version.: 1.0.8.77
comments.....:
signers......: -
signing date.: -
verified.....: Unsigned
pdfid.: -
Re: Prosím o kontrolu logu
adresní řádek:
http://www.virustotal.com/cs/analisis/b ... 1266291213
tady je ten druhý:
Soubor fppdis2a.exe přijatý 2010.02.16 03:33:33 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO
Výsledek: 0/41 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 3.
Odhadovaný čas začátku mezi 54 a 77 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Formátované
Vytisknout výsledky Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.
Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.02.16 -
AhnLab-V3 5.0.0.2 2010.02.15 -
AntiVir 7.9.1.170 2010.02.15 -
Antiy-AVL 2.0.3.7 2010.02.15 -
Authentium 5.2.0.5 2010.02.15 -
Avast 4.8.1351.0 2010.02.15 -
AVG 9.0.0.730 2010.02.16 -
BitDefender 7.2 2010.02.16 -
CAT-QuickHeal 10.00 2010.02.16 -
ClamAV 0.96.0.0-git 2010.02.15 -
Comodo 3950 2010.02.16 -
DrWeb 5.0.1.12222 2010.02.16 -
eSafe 7.0.17.0 2010.02.15 -
eTrust-Vet 35.2.7304 2010.02.15 -
F-Prot 4.5.1.85 2010.02.15 -
F-Secure 9.0.15370.0 2010.02.15 -
Fortinet 4.0.14.0 2010.02.15 -
GData 19 2010.02.16 -
Ikarus T3.1.1.80.0 2010.02.16 -
Jiangmin 13.0.900 2010.02.15 -
K7AntiVirus 7.10.974 2010.02.15 -
Kaspersky 7.0.0.125 2010.02.16 -
McAfee 5893 2010.02.15 -
McAfee+Artemis 5893 2010.02.15 -
McAfee-GW-Edition 6.8.5 2010.02.15 -
Microsoft 1.5406 2010.02.16 -
NOD32 4869 2010.02.15 -
Norman 6.04.08 2010.02.15 -
nProtect 2009.1.8.0 2010.02.15 -
Panda 10.0.2.2 2010.02.15 -
PCTools 7.0.3.5 2010.02.16 -
Prevx 3.0 2010.02.16 -
Rising 22.34.01.03 2010.02.11 -
Sophos 4.50.0 2010.02.16 -
Sunbelt 5680 2010.02.16 -
Symantec 20091.2.0.41 2010.02.16 -
TheHacker 6.5.1.4.195 2010.02.16 -
TrendMicro 9.120.0.1004 2010.02.16 -
VBA32 3.12.12.2 2010.02.16 -
ViRobot 2010.2.16.2187 2010.02.16 -
VirusBuster 5.0.21.0 2010.02.15 -
Rozšiřující informace
File size: 499712 bytes
MD5...: 79c442ad9363da3fa630033113b94a1d
SHA1..: eb74ab6940d6c620de65ebc1ff0d735495492578
SHA256: be3b50afe5cba5e8d9e408c8c17aae6f3f34b6ef009b5bb64f32ddf9c140a231
ssdeep: 12288:Kw0E9aBWna39pZscCOXel8l0H9BtCbqEOVJ/Loz:H9aBWnSpZ9XI7ttVLo
z
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x48cea
timedatestamp.....: 0x44974c28 (Tue Jun 20 01:15:20 2006)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x608b2 0x61000 6.32 a6e04f44ab260669a0a84bdacf33ad79
.rdata 0x62000 0xa4a6 0xb000 4.56 d9b713f795515c85b63f743794af0860
.data 0x6d000 0xe2bc 0xa000 3.81 41492327440f87f8bf1707461ca7ce1b
.rsrc 0x7c000 0x20c0 0x3000 3.17 ad613c480f4532059450a61ecaf80911
( 11 imports )
> ole32.dll: CoCreateInstance, CoInitialize, CoUninitialize
> VERSION.dll: GetFileVersionInfoA, VerQueryValueA, GetFileVersionInfoSizeA
> MPR.dll: WNetOpenEnumA, WNetEnumResourceA, WNetCloseEnum, WNetGetResourceInformationA
> KERNEL32.dll: HeapFree, GetDriveTypeA, GetTimeZoneInformation, GetSystemTime, HeapAlloc, GetStartupInfoA, GetCommandLineA, ExitProcess, RaiseException, TerminateProcess, CreateThread, ExitThread, GetACP, HeapReAlloc, HeapSize, GetEnvironmentVariableA, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, SetUnhandledExceptionFilter, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, IsBadCodePtr, SetStdHandle, CompareStringA, CompareStringW, SetEnvironmentVariableA, FileTimeToLocalFileTime, FileTimeToSystemTime, GlobalFree, GlobalUnlock, GlobalHandle, GlobalLock, GlobalAlloc, IsDBCSLeadByte, MultiByteToWideChar, WideCharToMultiByte, MulDiv, SetEvent, CloseHandle, SetCurrentDirectoryA, CreateEventA, CreateMutexA, ReleaseMutex, lstrcmpA, LoadLibraryA, FreeLibrary, Sleep, WaitNamedPipeA, GetTickCount, WriteFile, TransactNamedPipe, WaitForMultipleObjects, FlushFileBuffers, DeleteCriticalSection, GetCurrentThreadId, GlobalGetAtomNameA, GetLastError, FormatMessageA, lstrcpyA, CreateFileA, SetFilePointer, GetFileSize, ReadFile, SetEndOfFile, GetSystemDirectoryA, GetProcAddress, CreateDirectoryA, FindClose, FindNextFileA, CopyFileA, FindFirstFileA, ResumeThread, SetThreadPriority, CreateProcessA, GetFileAttributesA, SetFileAttributesA, DeleteFileA, GetFullPathNameA, SetErrorMode, GetTempFileNameA, GetOEMCP, GetCPInfo, GetProcessVersion, TlsGetValue, LocalReAlloc, TlsSetValue, TlsFree, TlsAlloc, LocalAlloc, GetVersion, lstrcatA, GlobalAddAtomA, GlobalFindAtomA, GlobalDeleteAtom, lstrcmpiA, LocalFree, InterlockedDecrement, InterlockedIncrement, lstrcpynA, IsBadReadPtr, SetNamedPipeHandleState, GetComputerNameA, GetCurrentProcessId, lstrlenA, SuspendThread, GetCurrentThread, OpenMutexA, OpenFileMappingA, CreateIoCompletionPort, GetQueuedCompletionStatus, PostQueuedCompletionStatus, GetModuleFileNameW, GetModuleFileNameA, ExpandEnvironmentStringsA, GetShortPathNameA, MoveFileExA, WritePrivateProfileSectionA, GetPrivateProfileSectionA, GetPrivateProfileIntA, WritePrivateProfileStringA, GetPrivateProfileSectionNamesA, GetPrivateProfileStringA, GetProfileIntA, SetLastError, WriteProfileStringA, GetProfileStringA, EnumSystemLocalesA, GetCurrentProcess, GetModuleHandleA, GetSystemInfo, GetVersionExA, DisconnectNamedPipe, PeekNamedPipe, CreateNamedPipeA, ResetEvent, ConnectNamedPipe, FindResourceA, LoadResource, LockResource, UnmapViewOfFile, CreateFileMappingA, MapViewOfFile, MoveFileA, WaitForSingleObject, GetLocaleInfoA, GlobalReAlloc, GlobalSize, GlobalFlags, EnterCriticalSection, LeaveCriticalSection, InitializeCriticalSection, GetWindowsDirectoryA, GetLocalTime, GetCurrentDirectoryA, RemoveDirectoryA, RtlUnwind, GetTempPathA
> USER32.dll: UnpackDDElParam, BringWindowToTop, ClientToScreen, GetSysColorBrush, BeginDeferWindowPos, EndDeferWindowPos, GetTopWindow, GetCapture, GetMenu, GetSubMenu, GetMessageTime, GetMessagePos, GetForegroundWindow, GetWindowPlacement, GetWindowTextLengthA, GetDlgItemInt, CheckRadioButton, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, GetFocus, GetNextDlgTabItem, GetMessageA, GetActiveWindow, GetKeyState, ValidateRect, IsWindowVisible, GetCursorPos, ReuseDDElParam, ScreenToClient, PostQuitMessage, IsDialogMessageA, TranslateMessage, DispatchMessageA, GetClassLongA, ExitWindowsEx, GetWindowThreadProcessId, MapDialogRect, RemovePropA, CallWindowProcA, GetPropA, SetPropA, BeginPaint, EndPaint, IsIconic, LoadImageA, GetClassInfoA, RegisterClassA, DestroyWindow, UnregisterClassA, GetSystemMenu, GetMenuItemID, DeleteMenu, SendMessageTimeoutA, OffsetRect, IsZoomed, DeferWindowPos, EnableMenuItem, GetMenuItemCount, GetMenuItemInfoA, AppendMenuA, GrayStringA, DrawTextA, TabbedTextOutA, CopyRect, DrawFocusRect, GetDesktopWindow, DefWindowProcA, OpenClipboard, EmptyClipboard, SetClipboardData, CloseClipboard, WinHelpA, IsWindow, EnumWindows, CharLowerA, CallNextHookEx, CreateWindowExA, MessageBeep, SetWindowsHookExA, MessageBoxA, UnhookWindowsHookEx, GetLastActivePopup, SetMenu, LoadMenuA, DestroyMenu, ReleaseCapture, TranslateAcceleratorA, LoadAcceleratorsA, SetRectEmpty, MapWindowPoints, SetActiveWindow, AdjustWindowRectEx, ShowOwnedPopups, EqualRect, KillTimer, SystemParametersInfoA, RegisterWindowMessageA, PostMessageA, FindWindowA, SetTimer, wvsprintfA, IsDlgButtonChecked, LoadIconA, DestroyIcon, GetDialogBaseUnits, SetFocus, InvalidateRect, SetWindowPos, UpdateWindow, ShowWindow, IsWindowEnabled, PtInRect, GetSystemMetrics, GetDC, GetWindowTextA, ReleaseDC, GetWindowRect, GetDlgCtrlID, GetWindow, GetClassNameA, IntersectRect, GetDlgItem, EnableWindow, GetClientRect, PeekMessageA, MsgWaitForMultipleObjects, LoadCursorA, ShowCursor, SetCursor, LoadStringA, EndDialog, SetWindowTextA, DialogBoxParamA, GetWindowLongA, GetDlgItemTextA, SetDlgItemTextA, SetWindowLongA, GetParent, SetForegroundWindow, wsprintfA, SendMessageA, FillRect, GetSysColor
> GDI32.dll: GetTextExtentPointA, GetObjectA, GetStockObject, GetTextMetricsA, GetCharWidthA, GetCharWidthW, GetOutlineTextMetricsA, GetDeviceCaps, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, PatBlt, CreateCompatibleBitmap, GetBkColor, CreateFontIndirectA, EnumFontFamiliesExA, ResetDCA, DeleteObject, TranslateCharsetInfo, GetCurrentObject, GetGlyphOutlineW, GetObjectType, CreateFontA, GetFontLanguageInfo, CreateBitmap, GetClipBox, SetTextColor, SetBkColor, SaveDC, RestoreDC, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, ExtEscape, SetWindowExtEx, ScaleWindowExtEx, DeleteDC, RemoveFontResourceA, GetTextExtentPoint32A, SelectObject, CreateDCA
> comdlg32.dll: GetSaveFileNameA, GetOpenFileNameA
> WINSPOOL.DRV: EnumPrintersW, EnumPrinterDriversA, OpenPrinterA, OpenPrinterW, GetPrinterW, GetPrinterA, SetPrinterW, SetPrinterA, EnumPrintersA, DocumentPropertiesA, AddMonitorA, AddPrinterConnectionA, DeviceCapabilitiesA, AddPrinterA, ClosePrinter, AddPrinterW, GetPrinterDriverDirectoryA, EnumPortsA, GetJobA, GetPrinterDriverA
> ADVAPI32.dll: RegDeleteKeyA, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, GetUserNameA, RegOpenKeyExW, RegEnumKeyExW, RegDeleteKeyW, RegCloseKey, LookupPrivilegeValueA, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, GetTokenInformation, AllocateAndInitializeSid, EqualSid, FreeSid, LookupAccountNameA, RegisterServiceCtrlHandlerA, SetServiceStatus, StartServiceCtrlDispatcherA, ControlService, StartServiceA, OpenSCManagerA, OpenServiceA, QueryServiceStatus, EnumDependentServicesA, DeleteService, CreateServiceA, CloseServiceHandle, RegNotifyChangeKeyValue, RegUnLoadKeyA, RegLoadKeyA, LookupAccountSidA, RegQueryInfoKeyA, RegEnumValueA, RegEnumKeyExA, RegFlushKey, RegEnumKeyA, RegCreateKeyA, ReportEventA, DeregisterEventSource, RegisterEventSourceA, RegSetValueExA, RegCreateKeyExA, RegDeleteValueA, RegOpenKeyExA, RegOpenKeyA, RegQueryValueExA
> SHELL32.dll: SHGetMalloc, SHBrowseForFolderA, ShellExecuteA, ExtractIconExA, SHGetFileInfoA, SHGetSpecialFolderLocation, SHGetDesktopFolder, DragFinish, DragQueryFileA, SHGetPathFromIDListA
> COMCTL32.dll: -, ImageList_ReplaceIcon
( 0 exports )
RDS...: NSRL Reference Data Set
-
sigcheck:
publisher....: FinePrint Software, LLC
copyright....: Copyright (c) 2001-2006 FinePrint Software, LLC
product......: pdfFactory
description..: pdfFactory
original name: n/a
internal name: n/a
file version.: 2.54
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
pdfid.: -
trid..: Win32 EXE PECompact compressed (generic) (36.9%)
Win32 Executable MS Visual C++ (generic) (33.5%)
Windows Screen Saver (11.6%)
Win32 Executable Generic (7.5%)
Win32 Dynamic Link Library (generic) (6.7%)
http://www.virustotal.com/cs/analisis/b ... 1266291213
tady je ten druhý:
Soubor fppdis2a.exe přijatý 2010.02.16 03:33:33 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO
Výsledek: 0/41 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 3.
Odhadovaný čas začátku mezi 54 a 77 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Formátované
Vytisknout výsledky Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.
Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.02.16 -
AhnLab-V3 5.0.0.2 2010.02.15 -
AntiVir 7.9.1.170 2010.02.15 -
Antiy-AVL 2.0.3.7 2010.02.15 -
Authentium 5.2.0.5 2010.02.15 -
Avast 4.8.1351.0 2010.02.15 -
AVG 9.0.0.730 2010.02.16 -
BitDefender 7.2 2010.02.16 -
CAT-QuickHeal 10.00 2010.02.16 -
ClamAV 0.96.0.0-git 2010.02.15 -
Comodo 3950 2010.02.16 -
DrWeb 5.0.1.12222 2010.02.16 -
eSafe 7.0.17.0 2010.02.15 -
eTrust-Vet 35.2.7304 2010.02.15 -
F-Prot 4.5.1.85 2010.02.15 -
F-Secure 9.0.15370.0 2010.02.15 -
Fortinet 4.0.14.0 2010.02.15 -
GData 19 2010.02.16 -
Ikarus T3.1.1.80.0 2010.02.16 -
Jiangmin 13.0.900 2010.02.15 -
K7AntiVirus 7.10.974 2010.02.15 -
Kaspersky 7.0.0.125 2010.02.16 -
McAfee 5893 2010.02.15 -
McAfee+Artemis 5893 2010.02.15 -
McAfee-GW-Edition 6.8.5 2010.02.15 -
Microsoft 1.5406 2010.02.16 -
NOD32 4869 2010.02.15 -
Norman 6.04.08 2010.02.15 -
nProtect 2009.1.8.0 2010.02.15 -
Panda 10.0.2.2 2010.02.15 -
PCTools 7.0.3.5 2010.02.16 -
Prevx 3.0 2010.02.16 -
Rising 22.34.01.03 2010.02.11 -
Sophos 4.50.0 2010.02.16 -
Sunbelt 5680 2010.02.16 -
Symantec 20091.2.0.41 2010.02.16 -
TheHacker 6.5.1.4.195 2010.02.16 -
TrendMicro 9.120.0.1004 2010.02.16 -
VBA32 3.12.12.2 2010.02.16 -
ViRobot 2010.2.16.2187 2010.02.16 -
VirusBuster 5.0.21.0 2010.02.15 -
Rozšiřující informace
File size: 499712 bytes
MD5...: 79c442ad9363da3fa630033113b94a1d
SHA1..: eb74ab6940d6c620de65ebc1ff0d735495492578
SHA256: be3b50afe5cba5e8d9e408c8c17aae6f3f34b6ef009b5bb64f32ddf9c140a231
ssdeep: 12288:Kw0E9aBWna39pZscCOXel8l0H9BtCbqEOVJ/Loz:H9aBWnSpZ9XI7ttVLo
z
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x48cea
timedatestamp.....: 0x44974c28 (Tue Jun 20 01:15:20 2006)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x608b2 0x61000 6.32 a6e04f44ab260669a0a84bdacf33ad79
.rdata 0x62000 0xa4a6 0xb000 4.56 d9b713f795515c85b63f743794af0860
.data 0x6d000 0xe2bc 0xa000 3.81 41492327440f87f8bf1707461ca7ce1b
.rsrc 0x7c000 0x20c0 0x3000 3.17 ad613c480f4532059450a61ecaf80911
( 11 imports )
> ole32.dll: CoCreateInstance, CoInitialize, CoUninitialize
> VERSION.dll: GetFileVersionInfoA, VerQueryValueA, GetFileVersionInfoSizeA
> MPR.dll: WNetOpenEnumA, WNetEnumResourceA, WNetCloseEnum, WNetGetResourceInformationA
> KERNEL32.dll: HeapFree, GetDriveTypeA, GetTimeZoneInformation, GetSystemTime, HeapAlloc, GetStartupInfoA, GetCommandLineA, ExitProcess, RaiseException, TerminateProcess, CreateThread, ExitThread, GetACP, HeapReAlloc, HeapSize, GetEnvironmentVariableA, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, SetUnhandledExceptionFilter, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, IsBadCodePtr, SetStdHandle, CompareStringA, CompareStringW, SetEnvironmentVariableA, FileTimeToLocalFileTime, FileTimeToSystemTime, GlobalFree, GlobalUnlock, GlobalHandle, GlobalLock, GlobalAlloc, IsDBCSLeadByte, MultiByteToWideChar, WideCharToMultiByte, MulDiv, SetEvent, CloseHandle, SetCurrentDirectoryA, CreateEventA, CreateMutexA, ReleaseMutex, lstrcmpA, LoadLibraryA, FreeLibrary, Sleep, WaitNamedPipeA, GetTickCount, WriteFile, TransactNamedPipe, WaitForMultipleObjects, FlushFileBuffers, DeleteCriticalSection, GetCurrentThreadId, GlobalGetAtomNameA, GetLastError, FormatMessageA, lstrcpyA, CreateFileA, SetFilePointer, GetFileSize, ReadFile, SetEndOfFile, GetSystemDirectoryA, GetProcAddress, CreateDirectoryA, FindClose, FindNextFileA, CopyFileA, FindFirstFileA, ResumeThread, SetThreadPriority, CreateProcessA, GetFileAttributesA, SetFileAttributesA, DeleteFileA, GetFullPathNameA, SetErrorMode, GetTempFileNameA, GetOEMCP, GetCPInfo, GetProcessVersion, TlsGetValue, LocalReAlloc, TlsSetValue, TlsFree, TlsAlloc, LocalAlloc, GetVersion, lstrcatA, GlobalAddAtomA, GlobalFindAtomA, GlobalDeleteAtom, lstrcmpiA, LocalFree, InterlockedDecrement, InterlockedIncrement, lstrcpynA, IsBadReadPtr, SetNamedPipeHandleState, GetComputerNameA, GetCurrentProcessId, lstrlenA, SuspendThread, GetCurrentThread, OpenMutexA, OpenFileMappingA, CreateIoCompletionPort, GetQueuedCompletionStatus, PostQueuedCompletionStatus, GetModuleFileNameW, GetModuleFileNameA, ExpandEnvironmentStringsA, GetShortPathNameA, MoveFileExA, WritePrivateProfileSectionA, GetPrivateProfileSectionA, GetPrivateProfileIntA, WritePrivateProfileStringA, GetPrivateProfileSectionNamesA, GetPrivateProfileStringA, GetProfileIntA, SetLastError, WriteProfileStringA, GetProfileStringA, EnumSystemLocalesA, GetCurrentProcess, GetModuleHandleA, GetSystemInfo, GetVersionExA, DisconnectNamedPipe, PeekNamedPipe, CreateNamedPipeA, ResetEvent, ConnectNamedPipe, FindResourceA, LoadResource, LockResource, UnmapViewOfFile, CreateFileMappingA, MapViewOfFile, MoveFileA, WaitForSingleObject, GetLocaleInfoA, GlobalReAlloc, GlobalSize, GlobalFlags, EnterCriticalSection, LeaveCriticalSection, InitializeCriticalSection, GetWindowsDirectoryA, GetLocalTime, GetCurrentDirectoryA, RemoveDirectoryA, RtlUnwind, GetTempPathA
> USER32.dll: UnpackDDElParam, BringWindowToTop, ClientToScreen, GetSysColorBrush, BeginDeferWindowPos, EndDeferWindowPos, GetTopWindow, GetCapture, GetMenu, GetSubMenu, GetMessageTime, GetMessagePos, GetForegroundWindow, GetWindowPlacement, GetWindowTextLengthA, GetDlgItemInt, CheckRadioButton, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, GetFocus, GetNextDlgTabItem, GetMessageA, GetActiveWindow, GetKeyState, ValidateRect, IsWindowVisible, GetCursorPos, ReuseDDElParam, ScreenToClient, PostQuitMessage, IsDialogMessageA, TranslateMessage, DispatchMessageA, GetClassLongA, ExitWindowsEx, GetWindowThreadProcessId, MapDialogRect, RemovePropA, CallWindowProcA, GetPropA, SetPropA, BeginPaint, EndPaint, IsIconic, LoadImageA, GetClassInfoA, RegisterClassA, DestroyWindow, UnregisterClassA, GetSystemMenu, GetMenuItemID, DeleteMenu, SendMessageTimeoutA, OffsetRect, IsZoomed, DeferWindowPos, EnableMenuItem, GetMenuItemCount, GetMenuItemInfoA, AppendMenuA, GrayStringA, DrawTextA, TabbedTextOutA, CopyRect, DrawFocusRect, GetDesktopWindow, DefWindowProcA, OpenClipboard, EmptyClipboard, SetClipboardData, CloseClipboard, WinHelpA, IsWindow, EnumWindows, CharLowerA, CallNextHookEx, CreateWindowExA, MessageBeep, SetWindowsHookExA, MessageBoxA, UnhookWindowsHookEx, GetLastActivePopup, SetMenu, LoadMenuA, DestroyMenu, ReleaseCapture, TranslateAcceleratorA, LoadAcceleratorsA, SetRectEmpty, MapWindowPoints, SetActiveWindow, AdjustWindowRectEx, ShowOwnedPopups, EqualRect, KillTimer, SystemParametersInfoA, RegisterWindowMessageA, PostMessageA, FindWindowA, SetTimer, wvsprintfA, IsDlgButtonChecked, LoadIconA, DestroyIcon, GetDialogBaseUnits, SetFocus, InvalidateRect, SetWindowPos, UpdateWindow, ShowWindow, IsWindowEnabled, PtInRect, GetSystemMetrics, GetDC, GetWindowTextA, ReleaseDC, GetWindowRect, GetDlgCtrlID, GetWindow, GetClassNameA, IntersectRect, GetDlgItem, EnableWindow, GetClientRect, PeekMessageA, MsgWaitForMultipleObjects, LoadCursorA, ShowCursor, SetCursor, LoadStringA, EndDialog, SetWindowTextA, DialogBoxParamA, GetWindowLongA, GetDlgItemTextA, SetDlgItemTextA, SetWindowLongA, GetParent, SetForegroundWindow, wsprintfA, SendMessageA, FillRect, GetSysColor
> GDI32.dll: GetTextExtentPointA, GetObjectA, GetStockObject, GetTextMetricsA, GetCharWidthA, GetCharWidthW, GetOutlineTextMetricsA, GetDeviceCaps, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, PatBlt, CreateCompatibleBitmap, GetBkColor, CreateFontIndirectA, EnumFontFamiliesExA, ResetDCA, DeleteObject, TranslateCharsetInfo, GetCurrentObject, GetGlyphOutlineW, GetObjectType, CreateFontA, GetFontLanguageInfo, CreateBitmap, GetClipBox, SetTextColor, SetBkColor, SaveDC, RestoreDC, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, ExtEscape, SetWindowExtEx, ScaleWindowExtEx, DeleteDC, RemoveFontResourceA, GetTextExtentPoint32A, SelectObject, CreateDCA
> comdlg32.dll: GetSaveFileNameA, GetOpenFileNameA
> WINSPOOL.DRV: EnumPrintersW, EnumPrinterDriversA, OpenPrinterA, OpenPrinterW, GetPrinterW, GetPrinterA, SetPrinterW, SetPrinterA, EnumPrintersA, DocumentPropertiesA, AddMonitorA, AddPrinterConnectionA, DeviceCapabilitiesA, AddPrinterA, ClosePrinter, AddPrinterW, GetPrinterDriverDirectoryA, EnumPortsA, GetJobA, GetPrinterDriverA
> ADVAPI32.dll: RegDeleteKeyA, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, GetUserNameA, RegOpenKeyExW, RegEnumKeyExW, RegDeleteKeyW, RegCloseKey, LookupPrivilegeValueA, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, GetTokenInformation, AllocateAndInitializeSid, EqualSid, FreeSid, LookupAccountNameA, RegisterServiceCtrlHandlerA, SetServiceStatus, StartServiceCtrlDispatcherA, ControlService, StartServiceA, OpenSCManagerA, OpenServiceA, QueryServiceStatus, EnumDependentServicesA, DeleteService, CreateServiceA, CloseServiceHandle, RegNotifyChangeKeyValue, RegUnLoadKeyA, RegLoadKeyA, LookupAccountSidA, RegQueryInfoKeyA, RegEnumValueA, RegEnumKeyExA, RegFlushKey, RegEnumKeyA, RegCreateKeyA, ReportEventA, DeregisterEventSource, RegisterEventSourceA, RegSetValueExA, RegCreateKeyExA, RegDeleteValueA, RegOpenKeyExA, RegOpenKeyA, RegQueryValueExA
> SHELL32.dll: SHGetMalloc, SHBrowseForFolderA, ShellExecuteA, ExtractIconExA, SHGetFileInfoA, SHGetSpecialFolderLocation, SHGetDesktopFolder, DragFinish, DragQueryFileA, SHGetPathFromIDListA
> COMCTL32.dll: -, ImageList_ReplaceIcon
( 0 exports )
RDS...: NSRL Reference Data Set
-
sigcheck:
publisher....: FinePrint Software, LLC
copyright....: Copyright (c) 2001-2006 FinePrint Software, LLC
product......: pdfFactory
description..: pdfFactory
original name: n/a
internal name: n/a
file version.: 2.54
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
pdfid.: -
trid..: Win32 EXE PECompact compressed (generic) (36.9%)
Win32 Executable MS Visual C++ (generic) (33.5%)
Windows Screen Saver (11.6%)
Win32 Executable Generic (7.5%)
Win32 Dynamic Link Library (generic) (6.7%)
Re: Prosím o kontrolu logu
Ten program je odsud:
http://www.any-dvd-converter.com/
http://www.any-dvd-converter.com/
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o kontrolu logu
Když ho překládám (opravdu a do českého jazkyka),tak asi vím odkud je, jen ho mám asi takto: "D:\Any DVD Converter Professional" bez teček a poznámek v závorce: c:\program files\Any.DVD.Converter.Professional.v4.0.1.(1.1.2010) (Šlape OKI) , protože jen tak běžně si při instalaci takto nějaký program neoznačuji.
Je-li to něco z torrentu, lze předpokládat upravenou aplikaci pro nějakýho šmejda. Ještě by mě zajímalo, co si dělala na Nový Rok (kromě instalace ADvDCP). Já měl tuším oči jak muchapuk.
Proto se ptám.
Stáhni si :Dr. Web CureIt nebo z http://www.majorgeeks.com/Dr.Web_CureIT_d4783.html dej update , po aktualizaci dej start.
Tlačítky dole můzeš soubor léčit, smazat, přesunout nebo přejmenovat.Pak napiš výsledek. Sken může trvat dlouho. Nalezenou infekci nejdříve léčit, potom teprve smazat. Pokud něco najde ve složce System Volume Information, tak smazat.
Je-li to něco z torrentu, lze předpokládat upravenou aplikaci pro nějakýho šmejda. Ještě by mě zajímalo, co si dělala na Nový Rok (kromě instalace ADvDCP). Já měl tuším oči jak muchapuk.
Proto se ptám.
Stáhni si :Dr. Web CureIt nebo z http://www.majorgeeks.com/Dr.Web_CureIT_d4783.html dej update , po aktualizaci dej start.
Tlačítky dole můzeš soubor léčit, smazat, přesunout nebo přejmenovat.Pak napiš výsledek. Sken může trvat dlouho. Nalezenou infekci nejdříve léčit, potom teprve smazat. Pokud něco najde ve složce System Volume Information, tak smazat.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: Prosím o kontrolu logu
Chtěl bych tě ještě moc poprosit,zda-li bys mi neporadil jak správně nastavit připojení k internetu,používám USB Modem Huawei K 3520 od Vodafonu,běhá mi to strašně pomalu,při stahování se mi to někdy rozběhne na 850-940 KB/s a pak to pomalu padá až na 3-5 KB/s,někdy se mi to ani celé nestáhne,ale vyskočí hláška že už je staženo.Jsem z toho úplně zoufalý.Prohlížeč mám Firefox 3.6 beta 5,stránky se mi načítají také strašně pomalu.Nevím kde je zakopanej pes.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 64 hostů