Vyskakuje okno Error

[xstation]

Ahoj,

prosím o kontrolu logu. Při běžné činnosti na PC mi občas vyskočí toto okno:



Děkuji


log z RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Martin at 2013-02-23 19:34:52
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 11 GB (56%) free of 20 GB
Total RAM: 1983 MB (67% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-15 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-15 157672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2012-09-02 110592]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-04-27 7561216]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-04-27 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-09-12 16264192]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2005-10-17 987136]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-10-21 761945]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-03-07 3117344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
C:\WINDOWS\sm56hlpr.exe [2006-01-20 544768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2012-09-02 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe"="C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\utorrent-portable\utorrent.exe"="C:\Program Files\utorrent-portable\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2013-02-23 19:34:52 ----D---- C:\rsit
2013-02-23 19:34:52 ----D---- C:\Program Files\trend micro
2013-02-23 16:26:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\MagicSoftware
2013-02-23 16:26:05 ----D---- C:\Program Files\MagicDVDRipper
2013-02-21 08:12:55 ----D---- C:\Program Files\Seznam filmů
2013-02-20 23:25:48 ----A---- C:\WINDOWS\system32\ZLIB32.DLL
2013-02-20 10:37:49 ----D---- C:\Documents and Settings\Martin\Data aplikací\FreeHDConverter
2013-02-17 07:03:39 ----D---- C:\Program Files\ytd-1.22-lite
2013-02-15 20:45:04 ----D---- C:\Program Files\Common Files\Skype
2013-02-13 17:24:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2780091$
2013-02-13 17:23:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2802968$
2013-02-13 17:17:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2799494$
2013-02-13 17:16:38 ----A---- C:\WINDOWS\imsins.BAK
2013-02-13 17:16:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2778344$
2013-02-02 08:25:56 ----D---- C:\Documents and Settings\Martin\Data aplikací\Help
2013-02-02 08:25:50 ----D---- C:\Program Files\GoldWave
2013-01-30 17:52:48 ----D---- C:\Program Files\FreeRapid-0.9u1

======List of files/folders modified in the last 1 months======

2013-02-23 19:34:52 ----RD---- C:\Program Files
2013-02-23 19:26:41 ----D---- C:\WINDOWS\Temp
2013-02-23 18:20:44 ----A---- C:\WINDOWS\NeroDigital.ini
2013-02-23 16:12:38 ----D---- C:\WINDOWS\system32
2013-02-23 16:12:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-02-20 22:52:08 ----SD---- C:\Documents and Settings\Martin\Data aplikací\Microsoft
2013-02-18 19:54:33 ----HD---- C:\WINDOWS\inf
2013-02-18 19:54:33 ----D---- C:\WINDOWS\system32\CatRoot2
2013-02-18 19:54:33 ----D---- C:\WINDOWS
2013-02-17 07:17:22 ----D---- C:\Program Files\IDOS
2013-02-16 20:35:38 ----D---- C:\Documents and Settings\Martin\Data aplikací\Skype
2013-02-15 20:45:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-02-15 20:45:11 ----SHD---- C:\WINDOWS\Installer
2013-02-15 20:45:07 ----RD---- C:\Program Files\Skype
2013-02-15 20:44:48 ----D---- C:\Program Files\Common Files
2013-02-13 17:46:57 ----RSD---- C:\WINDOWS\assembly
2013-02-13 17:46:57 ----D---- C:\WINDOWS\Microsoft.NET
2013-02-13 17:27:19 ----D---- C:\Program Files\Internet Explorer
2013-02-13 17:24:25 ----A---- C:\WINDOWS\system32\MRT.exe
2013-02-13 17:24:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-02-13 17:23:57 ----HD---- C:\WINDOWS\$hf_mig$
2013-02-13 17:23:21 ----D---- C:\WINDOWS\WinSxS
2013-02-11 19:48:01 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-02-03 16:52:36 ----A---- C:\WINDOWS\win.ini
2013-02-02 22:18:33 ----D---- C:\Program Files\SumatraPDF
2013-02-02 08:09:28 ----D---- C:\Program Files\CCleaner
2013-01-28 14:10:17 ----D---- C:\Program Files\utorrent-portable
2013-01-27 13:02:41 ----D---- C:\Documents and Settings\Martin\Data aplikací\Winamp
2013-01-27 12:54:49 ----D---- C:\Program Files\Winamp
2013-01-26 04:55:07 ----A---- C:\WINDOWS\system32\oleaut32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2012-03-14 160816]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2012-03-14 120152]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2012-03-14 61936]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2012-03-14 148504]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\ATK0100\ASNDIS5.SYS []
R3 BCM43XX;Ovladač síťového adaptéru ASUS 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2012-03-14 40336]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HX97USB;JP1081 USB2.0 To Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\jp97usb.sys [2010-11-08 16512]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-09-12 4381184]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2012-09-02 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-28 5760]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-04-27 3659968]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2012-09-02 11136]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-07-12 51328]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-01-20 862340]
R3 SynMini;USB2.0 1.3M Web Cam; C:\WINDOWS\System32\Drivers\SynMini.sys [2005-10-03 720470]
R3 SynScan;USB2.0 1.3M Web Cam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2005-10-03 8278]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-10-21 191936]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2012-09-02 60800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2012-09-02 61824]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 Ser2pl;Prolific Serial port WDMdriver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2012-07-26 67584]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2012-09-02 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2012-09-02 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-03-07 913144]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-09-15 161768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-04-27 143427]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------=

[Rudy]

Zdravím!
V logu není nic zvláštního vidět. Hláška vyskakuje při nějaké konkrétní činnosti? Nebo po instalaci nějakého programu?

[xstation]

Zdravím,

hláška vyskočí nejčastěji, když chci pustit nějaké video. Stačí když chci otevřít video v nějakém programu (např. program na převod do jiného formátu).

[Rudy]

Nevím, k čemu ta hláška patří. Zkusíme sken ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[xstation]

ComboFix 13-02-23.01 - Martin 23.02.2013 20:44:47.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1983.1537 [GMT 1:00]
Spuštěný z: c:\documents and settings\Martin\Plocha\ComboFix.exe
AV: ESET Smart Security 5.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-23 do 2013-02-23 )))))))))))))))))))))))))))))))
.
.
2013-02-23 18:34 . 2013-02-23 18:38 -------- d-----w- c:\program files\trend micro
2013-02-23 18:34 . 2013-02-23 18:34 -------- d-----w- C:\rsit
2013-02-23 15:26 . 2013-02-23 15:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MagicSoftware
2013-02-23 15:26 . 2013-02-23 15:26 -------- d-----w- c:\documents and settings\Martin\Local Settings\Data aplikací\MagicSoftware
2013-02-23 15:26 . 2013-02-23 15:26 -------- d-----w- c:\program files\MagicDVDRipper
2013-02-21 07:12 . 2013-02-21 22:11 -------- d-----w- c:\program files\Seznam filmů
2013-02-20 22:25 . 1998-07-12 00:13 53760 ----a-w- c:\windows\system32\ZLIB32.DLL
2013-02-20 22:25 . 1998-06-24 09:55 609584 ----a-w- c:\windows\system32\Comctl32.ocx
2013-02-20 09:37 . 2013-02-20 09:37 -------- d-----w- c:\documents and settings\Martin\Data aplikací\FreeHDConverter
2013-02-20 08:34 . 2013-02-20 08:34 -------- d-----w- c:\documents and settings\Martin\Local Settings\Data aplikací\Thinstall
2013-02-17 06:03 . 2013-02-17 06:04 -------- d-----w- c:\program files\ytd-1.22-lite
2013-02-15 19:45 . 2013-02-15 19:45 -------- d-----w- c:\program files\Common Files\Skype
2013-02-02 07:25 . 2013-02-02 07:25 -------- d-----w- c:\documents and settings\Martin\Local Settings\Data aplikací\Help
2013-02-02 07:25 . 2013-02-02 07:26 -------- d-----w- c:\program files\GoldWave
2013-01-30 16:52 . 2013-01-30 16:52 -------- d-----w- c:\program files\FreeRapid-0.9u1
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-11 18:48 . 2012-09-08 21:38 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-11 18:48 . 2012-09-08 21:38 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-26 03:55 . 2012-09-02 16:51 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 07:24 . 2012-05-05 03:14 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-07 07:24 . 2012-09-02 16:55 2195328 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 10:09 . 2012-09-02 16:57 1876224 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2012-09-02 16:53 1294848 ----a-w- c:\windows\system32\quartz.dll
2013-01-02 06:49 . 2008-04-14 06:52 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2012-12-26 20:20 . 2012-09-02 16:56 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:19 . 2008-04-14 06:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:19 . 2008-04-14 06:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40 . 2012-09-02 16:56 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:31 . 2012-09-02 16:52 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-05 21:16 . 2008-04-14 06:52 24064 ----a-w- c:\windows\system32\ctfmon.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2012-12-05 21:16 . C3A2915C71AE6F225EB906C25CCD29B5 . 24064 . . [1.0.0.5] . . c:\windows\system32\dllcache\ctfmon.exe
[-] 2012-12-05 21:16 . C3A2915C71AE6F225EB906C25CCD29B5 . 24064 . . [1.0.0.5] . . c:\windows\system32\ctfmon.exe
.
[-] 2012-09-05 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2012-09-02 110592]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-27 7561216]
"nwiz"="nwiz.exe" [2006-04-27 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-04-27 86016]
"RTHDCPL"="RTHDCPL.EXE" [2006-09-12 16264192]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-10-21 761945]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 3117344]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2012-12-05 24064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2007-04-03 16:50 1603152 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2006-01-20 20:34 544768 ----a-r- c:\windows\sm56hlpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 07:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\pluginwrapper\\opera_plugin_wrapper.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\utorrent-portable\\utorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.3.2012 7:40 120152]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [7.3.2012 14:40 913144]
R3 HX97USB;JP1081 USB2.0 To Fast Ethernet Adapter;c:\windows\system32\drivers\jp97usb.sys [10.9.2012 16:21 16512]
R3 SynMini;USB2.0 1.3M Web Cam;c:\windows\system32\drivers\SynMini.sys [8.9.2012 16:35 720470]
R3 SynScan;USB2.0 1.3M Web Cam Still Image;c:\windows\system32\drivers\SynScan.sys [8.9.2012 16:35 8278]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [8.1.2013 12:55 161536]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.1 10.0.0.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-23 20:47
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3952)
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\system32\webcheck.dll
.
Celkový čas: 2013-02-23 20:49:02
ComboFix-quarantined-files.txt 2013-02-23 19:48
.
Před spuštěním: Volných bajtů: 12 085 817 344
Po spuštění: Volných bajtů: 12 413 947 904
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - F4A9B5F3D6287179D8B3C9B72B91ED14

[Rudy]

Nic tam nevidím, log vypadá OK. Co jste instaloval těsně před tím, než se problém objevil?

[xstation]

Zkoušel jsem nějaké programy na ripování DVD jako DVD Decrypter, Magic DVD Ripper.

Zkusím odinstalovat a uvidí se.

[Rudy]

Zkuste a dejte vědět.

[xstation]

Tak to vypadá, že odinstalace zabrala. Akorát mi teď nejde automaticky přehrát dvd po vložení do mechaniky. Vyskočí okno s výběrem, co dělat s DVD, ale když kliknu na "Přehrát pomocí WMP player", tak se nic nepřehrává. A ani otevřít pomocí tohoto okna to nejde.

[Rudy]

Vstupte do editoru registry: http://forum.viry.cz/viewtopic.php?f=11&t=2791 a vyhledejte klíč:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CDRom\Autorun

Jeho hodnotu nastavte na "1". Nastavení uložte a restartujte PC.

[xstation]

Nastaveno, ale bohužel to nepomohlo.

A ještě doplním, že mi to dříve u usb flashky zobrazovalo ikonu, kterou jsem měl nastavenou v souboru autorun.inf a teď ji to nezobrazuje.

[Rudy]

Zkuste obnovu systému k datu, kdy korektně fungoval.

[xstation]

OK. Pomohlo to. Děkuji mnohokrát.

[Rudy]

Nemáte zač!