dumprep 0-k

[suprrotka]

Zrazu mi nakrátko vypísala modrá obrazovka reštartovala sa mi pc...zľakla som sa a preto som si pozrela pomocou príkazu msconfig a ten mi vypísal, pri štarte novú vecičku .... čo to vlastne je, nejaká systémová chyba alebo malware? Mám túto službu zakázať??

%systemroot%/system32/dumprep 0-k
kernelfaultcheck?


Logfile of random's system information tool 1.06 (written by random/random)
Run by Adika at 2010-02-16 19:39:40
Systém Microsoft Windows XP Professional Service Pack 3, v.3180
System drive C: has 61 GB (84%) free of 73 GB
Total RAM: 1977 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:39:48, on 16.2.2010
Platform: Windows XP SP3, v.3180 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 SP3 (7.00.6000.20583)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Documents and Settings\Adika\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Adika\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Adika\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Adika\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Adika\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Adika\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Adika\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Adika\My Documents\Preberanie\Inštalačky\RSIT.exe
C:\Program Files\HijackThis\Adika.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cas.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {96372AB6-15EB-4316-B497-71C741BC548C} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 5856 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1229272821-706699826-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1229272821-706699826-725345543-1003UA.job
C:\WINDOWS\tasks\System Restore.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96372AB6-15EB-4316-B497-71C741BC548C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-31 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-31 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-06-17 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-06-17 170520]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-09-11 2054360]
"AzMixerSel"=C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe [2006-07-17 53248]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2007-07-19 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Adika\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-12-28 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2008-06-17 141848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-01-05 2002160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Adika^Start Menu^Programs^Startup^306313.lnk]
C:\Documents and Settings\Adika\Local Settings\Temp\nvscv.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-06-11 212992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-02-16 19:39:40 ----D---- C:\rsit
2010-02-16 18:17:39 ----D---- C:\Program Files\1BlackOut
2010-02-16 11:33:32 ----D---- C:\Program Files\RegSeeker
2010-02-16 10:59:09 ----SHD---- C:\WINDOWS\ftpcache
2010-02-15 19:51:45 ----D---- C:\Program Files\žlté hviezdy- 8
2010-02-15 19:45:45 ----D---- C:\totalcmd
2010-02-15 19:45:45 ----D---- C:\Documents and Settings\Adika\Application Data\GHISLER
2010-02-12 18:52:36 ----A---- C:\WINDOWS\system32\TUKernel.exe
2010-02-10 20:36:35 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2010-02-10 20:36:26 ----D---- C:\Program Files\SUPERAntiSpyware
2010-02-10 20:36:26 ----D---- C:\Documents and Settings\Adika\Application Data\SUPERAntiSpyware.com
2010-02-10 20:36:04 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-02-10 16:03:26 ----D---- C:\Documents and Settings\Adika\Application Data\nswb
2010-02-10 14:31:32 ----D---- C:\Program Files\Common Files\Akamai
2010-02-09 23:25:03 ----D---- C:\Program Files\Foxit Reader
2010-02-09 13:20:40 ----A---- C:\WINDOWS\EasyGifAnimator_Toolbar_Uninstaller_4015.exe
2010-02-09 13:20:37 ----D---- C:\Program Files\Easy Gif Animator Extension
2010-02-09 13:19:38 ----D---- C:\Program Files\Easy GIF Animator
2010-02-07 13:25:22 ----D---- C:\Documents and Settings\Adika\Application Data\Zoner
2010-02-07 13:11:22 ----D---- C:\Program Files\Zoner
2010-01-31 13:20:04 ----D---- C:\WINDOWS\Sun
2010-01-31 13:15:17 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-01-31 13:15:16 ----D---- C:\Program Files\Common Files\Java
2010-01-31 13:14:56 ----A---- C:\WINDOWS\system32\javaws.exe
2010-01-31 13:14:56 ----A---- C:\WINDOWS\system32\javaw.exe
2010-01-31 13:14:56 ----A---- C:\WINDOWS\system32\java.exe
2010-01-31 13:14:56 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-01-31 13:14:43 ----D---- C:\Program Files\Java
2010-01-31 12:54:22 ----D---- C:\Documents and Settings\Adika\Application Data\Sun
2010-01-19 13:35:01 ----D---- C:\Documents and Settings\Adika\Application Data\GlarySoft
2010-01-19 13:16:12 ----A---- C:\WINDOWS\system32\ssubtmr6.dll

======List of files/folders modified in the last 1 months======

2010-02-16 19:39:48 ----D---- C:\WINDOWS\temp
2010-02-16 19:39:42 ----D---- C:\Program Files\HijackThis
2010-02-16 19:29:46 ----D---- C:\WINDOWS
2010-02-16 19:28:26 ----RSD---- C:\WINDOWS\Fonts
2010-02-16 18:40:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-16 18:17:39 ----RD---- C:\Program Files
2010-02-16 18:06:34 ----D---- C:\Program Files\Mozilla Firefox
2010-02-16 18:06:12 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-16 11:26:57 ----D---- C:\Program Files\Common Files
2010-02-16 11:26:46 ----SHD---- C:\WINDOWS\Installer
2010-02-16 11:26:46 ----D---- C:\Config.Msi
2010-02-16 11:26:45 ----SD---- C:\WINDOWS\Tasks
2010-02-16 11:19:35 ----D---- C:\Documents and Settings\Adika\Application Data\vlc
2010-02-14 21:34:29 ----HD---- C:\WINDOWS\inf
2010-02-14 20:26:56 ----D---- C:\Program Files\PhotoFiltre
2010-02-14 20:26:17 ----D---- C:\Program Files\TuneUp Utilities 2009
2010-02-14 20:23:52 ----D---- C:\Program Files\CCleaner
2010-02-12 18:52:37 ----RSH---- C:\boot.ini
2010-02-12 18:52:36 ----AD---- C:\WINDOWS\system32
2010-02-10 19:40:40 ----RD---- C:\WINDOWS\Web
2010-02-10 19:40:40 ----D---- C:\WINDOWS\system32\drivers
2010-02-09 23:35:09 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-02-09 23:35:01 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-09 23:33:17 ----D---- C:\TRANSLAT
2010-02-09 23:29:50 ----D---- C:\Program Files\ICQ6.5
2010-02-09 23:24:27 ----D---- C:\Program Files\Ares
2010-02-09 23:23:54 ----D---- C:\Program Files\Winamp
2010-02-05 11:21:27 ----SHD---- C:\System Volume Information
2010-02-05 10:54:01 ----D---- C:\WINDOWS\Prefetch
2010-01-29 13:32:04 ----SD---- C:\Documents and Settings\Adika\Application Data\Microsoft
2010-01-22 12:00:43 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-19 13:18:11 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-01-19 13:15:27 ----D---- C:\Program Files\ESET
2010-01-17 15:12:13 ----D---- C:\WINDOWS\system32\config
2010-01-17 15:12:01 ----D---- C:\WINDOWS\system32\wbem
2010-01-17 15:12:01 ----D---- C:\WINDOWS\Registration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-11 108792]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-09-11 55768]
R1 HMFAxCore46691b2fe72383a3b643d95081ef1d95;HMFAxCore46691b2fe72383a3b643d95081ef1d95; C:\WINDOWS\system32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys [2009-12-18 24064]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-02-12 31360]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-02-12 33792]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2007-07-18 36096]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2007-07-18 8832]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-09-11 135048]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2007-07-18 62848]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-11-05 1343616]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-03-19 175104]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-03-23 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-11-05 879528]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2007-07-18 13952]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-06-19 33096]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2007-07-22 138752]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-06-11 6021184]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-13 4754944]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; C:\WINDOWS\system32\drivers\IntcHdmi.sys [2008-04-29 108032]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-07-18 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-07-18 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2007-07-18 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-02-12 112384]
S2 ATE_PROCMON;ATE_PROCMON; C:\WINDOWS\system32\drivers\ATE_PROCMON.sys []
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-11-05 539576]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-06-29 156392]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2007-03-31 55352]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-08-27 74656]
S3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2007-07-18 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2007-07-22 12160]
S3 PEEK5;PEEK5 Protocol Driver; \??\F:\Marika\k\BOX\PEEK5.SYS []
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2007-07-18 26368]
S3 VDSDK;VDSDK; \??\C:\DOCUME~1\Adika\LOCALS~1\Temp\vdsdk.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-11-01 264800]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-09-11 735960]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-02-12 924160]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-31 153376]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-12-30 235344]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-09-18 603904]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2007-07-19 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-09-11 20680]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-09-18 360192]

-----------------EOF-----------------

[Caroprd111]

Zdravím

http://www.viry.cz/forum/viewtopic.php?f=11&t=5186 hned první položka

Chcete rovnou preventivně zkontrolovat log

[suprrotka]

áno pekne prosím, stalo sa mi to krátko na to, čo som si skopírovala nový font písma "visitor"

[Caroprd111]

OK, podívám se na log.

[suprrotka]

ďakujem

[Caroprd111]

Tohle otestujte na http://www.virustotal.com/cs/
C:\WINDOWS\system32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys
C:\DOCUME~1\Adika\LOCALS~1\Temp\vdsdk.sys

(Soubory nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem vložte.)


Doporučuji odinstalovat:
C:\Program Files\Ares\Ares.exe

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.

[suprrotka]

Kód: Vybrat vše

Soubor HMFAxCore46691b2fe72383a3b643d950 přijatý 2010.02.01 22:23:03 (UTC)
Současný stav: Dokončeno 
Výsledek: 1/40 (2.50%)
  Formátované
Vytisknout výsledky 
Antivirus	Verze	Poslední aktualizace	Výsledek
a-squared	4.5.0.50	2010.02.01	-
AhnLab-V3	5.0.0.2	2010.02.01	-
AntiVir	7.9.1.156	2010.02.01	-
Antiy-AVL	2.0.3.7	2010.02.01	-
Authentium	5.2.0.5	2010.02.01	-
Avast	4.8.1351.0	2010.02.01	-
AVG	9.0.0.730	2010.02.01	-
BitDefender	7.2	2010.02.01	-
CAT-QuickHeal	10.00	2010.02.01	-
ClamAV	0.96.0.0-git	2010.02.01	-
Comodo	3786	2010.02.01	-
DrWeb	5.0.1.12222	2010.02.01	-
eSafe	7.0.17.0	2010.02.01	-
eTrust-Vet	35.2.7275	2010.02.01	-
F-Prot	4.5.1.85	2010.02.01	-
F-Secure	9.0.15370.0	2010.02.01	-
Fortinet	4.0.14.0	2010.02.01	-
GData	19	2010.02.01	-
Ikarus	T3.1.1.80.0	2010.02.01	-
Jiangmin	13.0.900	2010.01.28	-
K7AntiVirus	7.10.962	2010.02.01	-
Kaspersky	7.0.0.125	2010.02.01	-
McAfee	5879	2010.02.01	-
McAfee+Artemis	5879	2010.02.01	-
McAfee-GW-Edition	6.8.5	2010.02.01	-
Microsoft	1.5406	2010.02.01	-
NOD32	4825	2010.02.01	-
Norman	6.04.03	2010.02.01	-
nProtect	2009.1.8.0	2010.02.01	-
Panda	10.0.2.2	2010.02.01	-
PCTools	7.0.3.5	2010.02.01	-
Rising	22.33.00.04	2010.02.01	-
Sophos	4.50.0	2010.02.01	-
Sunbelt	3.2.1858.2	2010.02.01	-
Symantec	20091.2.0.41	2010.02.01	Reser.Reputation.1
TheHacker	6.5.1.0.176	2010.02.01	-
TrendMicro	9.120.0.1004	2010.02.01	-
VBA32	3.12.12.1	2010.02.01	-
ViRobot	2010.2.1.2166	2010.02.01	-
VirusBuster	5.0.21.0	2010.02.01	-
Rozšiřující informace
File size: 24064 bytes
MD5   : e83af7a288831fab229b3851f4ea1f1d
SHA1  : ce27a7200f926ea6a8a716deefb5c18c4c10538c
SHA256: 19754f4da00ddd7a582dfe07db0614289fe45522b8c1c0321c9ba36555068c47
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x6005
timedatestamp.....: 0x48184D49 (Wed Apr 30 12:43:21 2008)
machinetype.......: 0x14C (Intel I386)

( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x2BA2 0x2C00 6.36 c96386394f8c7c9070e14f78c2e02f48
.rdata 0x4000 0x244 0x400 2.53 39bef0a702edf296e90a539618915e31
.data 0x5000 0x52C 0x200 1.61 89d039cb0005ef0cfc5b928fdf305c6d
INIT 0x6000 0x498 0x600 4.56 05b11d28d6d69b264e2edcacb5051ce5
.rsrc 0x7000 0x3C0 0x400 3.20 82cc1cebf55bc7c70a84b34204dde376
.reloc 0x8000 0x3BE 0x400 5.54 406da50530549c27c4d637f75ee11ae8

( 1 imports )

> ntoskrnl.exe: IofCompleteRequest, memcpy, IoDeleteDevice, RtlInitUnicodeString, ExFreePoolWithTag, IoCreateSymbolicLink, IoCreateDevice, PsGetVersion, ExAllocatePoolWithTag, memset, KeSetEvent, IoFreeWorkItem, RtlAppendUnicodeToString, RtlAppendUnicodeStringToString, ObfDereferenceObject, ObQueryNameString, ObReferenceObjectByHandle, KeWaitForSingleObject, IoQueueWorkItem, KeInitializeEvent, IoAllocateWorkItem, ZwClose, RtlUpcaseUnicodeString, ZwReadFile, ZwQuerySymbolicLinkObject, ZwOpenSymbolicLinkObject, FsRtlIsNameInExpression, RtlFreeUnicodeString, PsGetCurrentProcessId, memmove, ZwWriteFile, RtlCompareUnicodeString, KeServiceDescriptorTable, ZwQueryValueKey, ZwOpenKey, ZwSetValueKey, ZwFlushKey, ZwQueryInformationFile, ZwSetInformationFile, ZwQueryInformationProcess, KeTickCount, KeBugCheckEx, RtlUnwind

( 0 exports )
TrID  : File type identification
Win64 Executable Generic (95.5%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
ssdeep: 384:viPi2+a0QcSFOAoEDumHp17xUQg+sYJLWDkjbp86jf:aPB+5QgVEK6Jg+hLJbp8mf
PEiD  : -
RDS   : NSRL Reference Data Set
-

Počuj to sys neviem nájsť nikde to nie je dala som odkryť aj skryté súbory

Ares idem odinštalovať

[Caroprd111]

Je to v pořádku, jinak v logu nic škodlivého nevidím


Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
- Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.

Záložka Čistič
- Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

Záložka Registry
- Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít

[suprrotka]

Ešte predtým než si mi to napísal, som to išla urobiť , ďakujem pekne, čiže nič vážne ??? a to čo našiel Norton?? To je čo , nejaký hoax?

[Caroprd111]

Nevím přesně co to je, pokud to neznáte, můžete to smazat. Jinak tam nic škodlivého nevidím

[suprrotka]

Oki verím Vám (TI) dúfam, že už neuvidím tú modrú smrť

Krásny večer

[Caroprd111]

Vám také přeji hezký večer