Prosím o kontrolu logu

Zpráva

katarina69 · #1 Příspěvek od **katarina69** » 23 úno 2010 01:07

Prosím o kontrolu logu NOD32 našel WIN32/OTU Trojan

Logfile of random's system information tool 1.06 (written by random/random)
Run by Robert at 2010-02-22 23:01:41
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 43 GB (45%) free of 95 GB
Total RAM: 2037 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:02:30, on 22.2.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\CSR\Vista Profile Pack\BtHidUi.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Eset\ESET NOD32 Antivirus\egui.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Robert\Downloads\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Robert\Downloads\Robert.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O3 - Toolbar: Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Mobile-based device management] %WINDIR%\WindowsMobile\wmdcBase.exe
O4 - HKLM\..\Run: [BtHidUi] C:\Program Files\CSR\Vista Profile Pack\BtHidUi.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe

--
End of file - 4065 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2009-10-22 1171760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806} - Centrum.cz Toolbar - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2009-10-22 1171760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]
"BtHidUi"=C:\Program Files\CSR\Vista Profile Pack\BtHidUi.exe [2006-11-15 1298432]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-29 2054360]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-09-13 405504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-02-22 23:01:41 ----D---- C:\rsit
2010-02-22 23:01:41 ----D---- \rsit
2010-02-19 16:41:02 ----D---- C:\Program Files\Bob The Builder Can-Do Zoo
2010-02-19 15:33:27 ----D---- C:\Users\Robert\AppData\Roaming\gamelab
2010-02-19 15:32:23 ----D---- C:\Program Files\LEGO Fever
2010-02-18 23:11:40 ----D---- C:\Users\Robert\AppData\Roaming\LEGO Company
2010-02-18 23:11:23 ----D---- C:\Program Files\LEGO Company
2010-02-17 22:31:23 ----A---- C:\Windows\system32\stlang.dll
2010-02-17 22:31:23 ----A---- C:\Windows\system32\stacsv.exe
2010-02-17 22:28:28 ----A---- C:\Windows\system32\stcplx.dll
2010-02-17 22:28:28 ----A---- C:\Windows\system32\stapo.dll
2010-02-17 22:28:28 ----A---- C:\Windows\system32\stapi32.dll
2010-02-15 23:20:57 ----A---- C:\Program Files\heroes_trial.exe
2010-02-13 15:31:48 ----D---- C:\Users\Robert\AppData\Roaming\Skype
2010-02-13 15:31:34 ----D---- C:\Program Files\Common Files\Skype
2010-02-13 15:31:27 ----RD---- C:\Program Files\Skype
2010-02-13 04:56:00 ----A---- C:\Windows\system32\tmp.txt
2010-02-13 04:55:49 ----A---- C:\rapport.txt
2010-02-13 04:55:49 ----A---- \rapport.txt
2010-02-11 22:48:05 ----D---- C:\Users\Robert\AppData\Roaming\Sega
2010-02-11 22:47:50 ----D---- C:\Program Files\Sega
2010-02-11 10:04:58 ----A---- C:\Users\Robert\AppData\Roaming\sdsetup-cnet.exe
2010-02-10 12:11:02 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 12:10:56 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 12:10:54 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 12:10:52 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 12:10:49 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 12:10:45 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 12:10:35 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 12:10:29 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-10 12:10:26 ----A---- C:\Windows\system32\avifil32.dll
2010-02-10 12:08:48 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-10 12:08:46 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-07 12:00:57 ----D---- C:\Users\Robert\AppData\Roaming\IObit
2010-02-07 05:28:12 ----D---- C:\Windows\Minidump
2010-02-07 03:16:11 ----D---- C:\Users\Robert\AppData\Roaming\uTorrent
2010-02-03 19:41:51 ----D---- C:\Program Files\Eset
2010-01-31 21:49:54 ----A---- C:\Windows\system32\st325614.dll
2010-01-31 21:49:54 ----A---- C:\Windows\system32\ctppld.dll
2010-01-31 21:49:54 ----A---- C:\Windows\system32\ctapo32.dll
2010-01-31 21:49:52 ----D---- C:\Program Files\SigmaTel
2010-01-31 21:47:47 ----D---- C:\Users\Robert\AppData\Roaming\CSR
2010-01-31 21:47:47 ----D---- C:\Program Files\CSR
2010-01-31 01:53:53 ----D---- C:\Program Files\Dell

======List of files/folders modified in the last 1 months======

2010-02-22 23:02:31 ----D---- C:\Windows\Temp
2010-02-22 23:02:07 ----D---- C:\Windows\Prefetch
2010-02-22 20:40:20 ----D---- C:\Windows\tracing
2010-02-22 19:32:11 ----D---- C:\Windows\System32
2010-02-22 19:32:10 ----D---- C:\Windows\inf
2010-02-22 19:32:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-22 11:01:57 ----SHD---- C:\System Volume Information
2010-02-22 11:01:57 ----SHD---- \System Volume Information
2010-02-21 23:01:28 ----D---- C:\Windows\system32\WDI
2010-02-21 20:13:27 ----D---- C:\Users\Robert\AppData\Roaming\Azureus
2010-02-21 12:06:22 ----D---- C:\Windows\Debug
2010-02-20 09:49:53 ----HD---- C:\ProgramData
2010-02-20 09:49:53 ----HD---- \ProgramData
2010-02-20 09:33:35 ----RD---- C:\Program Files
2010-02-20 09:33:35 ----RD---- \Program Files
2010-02-19 21:34:32 ----D---- C:\Program Files\Microids
2010-02-19 21:33:04 ----D---- C:\Program Files\Common Files
2010-02-19 17:39:20 ----D---- C:\Windows\system32\catroot2
2010-02-18 19:59:55 ----D---- C:\Windows
2010-02-18 19:59:55 ----D---- \Windows
2010-02-17 22:31:04 ----D---- C:\Windows\system32\catroot
2010-02-17 21:06:10 ----SHD---- C:\Windows\Installer
2010-02-17 21:06:09 ----D---- C:\Program Files\Common Files\microsoft shared
2010-02-17 00:05:54 ----RSD---- C:\Windows\assembly
2010-02-17 00:04:16 ----D---- C:\Windows\Logs
2010-02-15 00:33:37 ----D---- C:\dell
2010-02-15 00:33:37 ----D---- \dell
2010-02-14 11:17:27 ----D---- C:\Program Files\Mozilla Firefox
2010-02-14 09:48:19 ----D---- C:\Users\Robert\AppData\Roaming\skypePM
2010-02-13 21:52:33 ----D---- C:\Windows\Tasks
2010-02-13 15:31:41 ----D---- C:\Windows\system32\Tasks
2010-02-13 04:54:27 ----A---- C:\Windows\ntbtlog.txt
2010-02-13 04:42:41 ----D---- C:\Windows\system32\drivers
2010-02-10 13:17:04 ----D---- C:\Windows\winsxs
2010-02-10 13:03:31 ----D---- C:\Program Files\Windows Mail
2010-02-08 09:47:28 ----A---- C:\Windows\Return to Mysterious Island 2 Uninstall Log.txt
2010-02-08 09:39:12 ----D---- C:\Windows\system32\Msdtc
2010-02-08 09:39:12 ----D---- C:\Windows\system32\config
2010-02-08 09:39:12 ----D---- C:\Windows\Panther
2010-02-08 09:39:12 ----D---- C:\Program Files\Vuze
2010-02-07 11:52:32 ----SD---- C:\Windows\Downloaded Program Files
2010-02-07 11:52:29 ----D---- C:\Program Files\Windows Live Safety Center
2010-02-06 01:43:11 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe
2010-01-31 21:49:50 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-31 15:17:23 ----D---- C:\Windows\system32\LogFiles
2010-01-30 03:11:51 ----D---- C:\Program Files\Common Files\InstallShield
2010-01-27 23:52:00 ----D---- C:\Program Files\Internet Explorer
2010-01-23 03:06:56 ----D---- C:\Windows\system32\migration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-09-29 108792]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-09-29 116008]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-09-29 95896]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-19 95744]
R3 b57nd60x;%SvcDispName%; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-19 179712]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
R3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 SMSCIRDA;SMSC Infrared Device Driver; C:\Windows\system32\DRIVERS\SMSCirda.sys [2007-04-25 31232]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-09-13 330240]
R3 USBCCID;Čtecí zařízení čipových karet USB; C:\Windows\system32\DRIVERS\usbccid.sys [2009-04-11 30208]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 a4iqbx4l;a4iqbx4l; C:\Windows\system32\drivers\a4iqbx4l.sys []
S3 BTHFILT;Bluetooth Command Filter; C:\Windows\system32\DRIVERS\BthFilt.sys [2006-11-06 13824]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 CSRBC;CSRBC.Sys CSR test driver; C:\Windows\System32\Drivers\csrbcxp.sys [2006-10-11 31744]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 IpwP;IPWireless 3G Network Adapter; C:\Windows\system32\DRIVERS\ipw3gnet.sys [2008-10-10 51040]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\Windows\system32\DRIVERS\MSIRCOMM.sys [2008-01-19 24064]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-19 2225664]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
S3 SaiKF620;SaiKF620; C:\Windows\system32\DRIVERS\SaiKF620.sys [2008-10-22 106496]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-11 31616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-29 735960]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-11-13 9728]
R2 SNMP;@%SystemRoot%\system32\snmp.exe,-3; C:\Windows\System32\snmp.exe [2009-04-11 47616]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-09-13 102400]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-29 20680]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]

Díky

-----------------EOF-----------------

#2 Příspěvek od **motji** » 23 úno 2010 08:35

Dobré ranko

V jakém souboru vir hlásí?

katarina69 · #3 Příspěvek od **katarina69** » 23 úno 2010 10:12

Taky přeju dobré ranko

-

Tohle jsem zkopírovala z logu z ESETU :

C:\Users\Robert\AppData\Roaming\sdsetup-cnet.exe » NSIS » sdsetup-cnet.exe » NSIS » sdsetup-cnet.exe » NSIS » onload.exe - Win32/VB.OTU trojan
C:\Users\Robert\AppData\Roaming\sdsetup-cnet.exe » NSIS » sdsetup-cnet.exe » NSIS » onload.exe - Win32/VB.OTU trojan
C:\Users\Robert\AppData\Roaming\sdsetup-cnet.exe » NSIS » onload.exe - Win32/VB.OTU trojan

#4 Příspěvek od **motji** » 23 úno 2010 12:33

Dejte soubor otestovat na http://www.virustotal.com

C:\Users\Robert\AppData\Roaming\sdsetup-cnet.exe

-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu