vir z FCB RSIT log prosim o pomoc

Zpráva

Otto76 · #16 Příspěvek od **Otto76** » 07 zář 2011 22:22

ComboFix 11-09-07.04 - technik 07.09.2011 22:49:52.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.895.247 [GMT 2:00]
Spuštěný z: c:\documents and settings\technik\Dokumenty\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\~WRD0004.tmp
c:\documents and settings\technik\Dokumenty\~WRL1583.tmp
C:\Thumbs.db
c:\windows\btc_client_iplist.txt
c:\windows\d.ini
c:\windows\ehome\medctrro.exe
c:\windows\front_ip_list.txt
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\loader2.exe_ok
c:\windows\msmqinst.log
c:\windows\phoenix
c:\windows\phoenix.rar
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\__init__.pyc
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\BFIPatcher.pyc
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\BFIPatcher.pyc
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\rpcminer
c:\windows\rpcminer.rar
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\system32\oaKelNt.dll
c:\windows\system32\oaPassCn.dll
c:\windows\system32\setup.ini
c:\windows\system32\TZLog.log
c:\windows\ufa.rar
c:\windows\update.1
c:\windows\update.2
c:\windows\update.5.0
c:\windows\update.7.1
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
H:\autorun.inf
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_DDSERVICE
-------\Legacy_SRVBTCCLIENT
-------\Legacy_SRVIECHECK
-------\Legacy_WXPDRIVERS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-07 do 2011-09-07 )))))))))))))))))))))))))))))))
.
.
2011-09-07 13:42 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-07 13:42 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-05 19:36 . 2011-09-05 19:36 -------- d-----w- c:\program files\trend micro
2011-09-05 19:36 . 2011-09-05 19:36 -------- d-----w- C:\rsit
2011-09-03 10:17 . 2011-09-03 10:17 602112 -c----w- c:\windows\system32\dllcache\crypt32.dll
2011-08-31 19:40 . 2011-08-31 19:41 -------- d-----w- C:\!KillBox
2011-08-31 14:36 . 2011-08-31 14:36 -------- d-----w- c:\windows\system32\wbem\Repository
2011-08-31 14:35 . 2011-08-31 14:35 -------- d-----w- c:\program files\Common Files\Skype
2011-08-22 22:27 . 2011-08-22 22:27 -------- d-----w- c:\documents and settings\technik\Data aplikací\Malwarebytes
2011-08-22 22:27 . 2011-08-22 22:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-08-22 22:27 . 2011-09-07 18:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-21 17:35 . 2011-08-21 17:35 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE
2011-08-21 17:35 . 2011-08-21 17:35 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Data aplikací\Winamp Toolbar
2011-08-21 17:08 . 2011-08-21 17:08 -------- d-----w- c:\program files\AMD APP
2011-08-21 17:07 . 2011-08-21 17:07 -------- d-----w- c:\program files\ATI
2011-08-21 16:48 . 2011-08-21 16:48 -------- d-----w- C:\ATI
2011-08-21 16:43 . 2011-08-21 16:43 -------- d-----w- c:\windows\av_ico
2011-08-21 16:42 . 2011-08-21 16:42 -------- d-----w- c:\windows\ufa
2011-08-21 16:42 . 2011-08-21 16:42 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2011-08-21 16:41 . 2011-08-21 16:42 246272 ----a-w- c:\windows\unrar.exe
2011-08-21 16:35 . 2011-09-07 18:43 -------- d--h--w- c:\windows\update.tray-2-0-lnk
2011-08-21 16:35 . 2011-08-22 22:39 -------- d--h--w- c:\windows\update.tray-2-0
2011-08-21 16:35 . 2011-09-07 18:43 -------- d--h--w- c:\windows\update.tray-3-0-lnk
2011-08-21 16:35 . 2011-08-22 22:39 -------- d--h--w- c:\windows\update.tray-3-0
2011-08-21 16:18 . 2011-08-21 16:18 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
2011-08-18 12:03 . 2011-08-18 12:03 -------- d-----w- c:\documents and settings\technik\Local Settings\Data aplikací\Winamp Toolbar
2011-08-14 04:50 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-14 04:49 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-03 10:17 . 2006-03-02 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-07-28 15:49 . 2011-07-28 15:49 53760 ----a-w- c:\windows\system32\OVDecode.dll
2011-07-28 15:48 . 2011-07-28 15:48 43520 ----a-w- c:\windows\system32\OpenCL.dll
2011-07-28 15:48 . 2011-07-28 15:48 13555712 ----a-w- c:\windows\system32\amdocl.dll
2011-07-19 05:58 . 2011-05-29 19:29 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-15 13:29 . 2006-03-02 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2006-03-02 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2007-09-26 17:53 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:31 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2006-03-02 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-16 01:34 . 2011-06-16 01:34 79872 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
2011-06-16 01:34 . 2011-06-16 01:34 2117632 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-07-18 22:43 . 2011-05-18 22:50 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2006-07-07 576320]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2006-07-07 600896]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143872]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"RTHDCPL"="RTHDCPL.EXE" [2010-05-28 16269312]
"SkyTel"="SkyTel.EXE" [2010-05-28 2879488]
"QuickTime Task"="c:\program files\QuickTime Alternative\qttask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-03-17 74752]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2006-5-16 1777664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"disablecad"= 1 (0x1)
"EnableSecureUIAPaths"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Místní vyhledávání.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Místní vyhledávání.lnk
backup=c:\windows\pss\Místní vyhledávání.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2010-05-28 11:30 2879488 ----a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2006-03-21 14:54 544768 -c----r- c:\windows\sm56hlpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"DisableThumbnailCache"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Java\\jre1.6.0_07\\bin\\java.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\IPCorderDiscover.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"5529:TCP"= 5529:TCP:oa_nh29
"5528:TCP"= 5528:TCP:oa_nh28
"5527:TCP"= 5527:TCP:oa_nh27
"5526:TCP"= 5526:TCP:oa_nh26
"5525:TCP"= 5525:TCP:oa_nh25
"5524:TCP"= 5524:TCP:oa_nh24
"5523:TCP"= 5523:TCP:oa_nh23
"5522:TCP"= 5522:TCP:oa_nh22
"5521:TCP"= 5521:TCP:oa_nh21
"5520:TCP"= 5520:TCP:oa_nh20
"5519:TCP"= 5519:TCP:oa_nh19
"5518:TCP"= 5518:TCP:oa_nh18
"5517:TCP"= 5517:TCP:oa_nh17
"5516:TCP"= 5516:TCP:oa_nh16
"5515:TCP"= 5515:TCP:oa_nh15
"5514:TCP"= 5514:TCP:oa_nh14
"5513:TCP"= 5513:TCP:oa_nh13
"5512:TCP"= 5512:TCP:oa_nh12
"5511:TCP"= 5511:TCP:oa_nh11
"5510:TCP"= 5510:TCP:oa_nh10
"5509:TCP"= 5509:TCP:oa_nh9
"5508:TCP"= 5508:TCP:oa_nh8
"5507:TCP"= 5507:TCP:oa_nh7
"5506:TCP"= 5506:TCP:oa_nh6
"5505:TCP"= 5505:TCP:oa_nh5
"5504:TCP"= 5504:TCP:oa_nh4
"5503:TCP"= 5503:TCP:oa_nh3
"5502:TCP"= 5502:TCP:oa_nh2
"5501:TCP"= 5501:TCP:oa_nh1
"5500:TCP"= 5500:TCP:oa_nh0
"5020:TCP"= 5020:TCP:oa_rcclient
.
R0 oaFile;oaFile;c:\windows\system32\drivers\oafile.sys [26.9.2007 15:29 37376]
R0 oaRegMgr;oaRegMgr;c:\windows\system32\drivers\oaRegMgr.sys [26.9.2007 15:29 18944]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [19.3.2009 11:44 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [18.8.2008 13:27 93848]
R2 rcClient;rcClient;c:\program files\OA10\rcClient --> c:\program files\OA10\rcClient [?]
R3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [26.9.2007 20:36 1116544]
R3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [26.9.2007 20:36 7808]
S2 ekrn;ESET Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?]
S2 gupdate1cafe6a42a985b8;Služba Google Update (gupdate1cafe6a42a985b8);c:\program files\Google\Update\GoogleUpdate.exe [28.5.2010 15:32 133104]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [26.10.2007 15:55 93440]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [7.9.2010 10:20 6016]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [28.5.2010 15:32 133104]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [7.9.2011 15:42 41272]
S3 MODRC;DiBcom Infrared Receiver;c:\windows\system32\DRIVERS\modrc.sys --> c:\windows\system32\DRIVERS\modrc.sys [?]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [7.9.2010 10:16 19712]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [7.9.2010 10:16 8320]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [7.9.2010 10:20 23552]
S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [7.9.2010 10:20 9472]
S3 oaServerNT;oaServerNT;c:\program files\OA10\oaServerNt.exe [21.10.2009 9:28 325120]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2.3.2006 14:00 14336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]
.
2011-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-28 13:32]
.
2011-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-28 13:32]
.
2011-09-07 c:\windows\Tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_ABL_truzicka.job
- c:\windows\system32\mobsync.exe [2006-03-02 06:52]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.2.254
Name-Space Handler: ftp\WorkSpy - {5D3387A9-354F-4efd-8939-5AFB4FAAFE1D} - c:\program files\OA10\WorkSpDw.dll
Name-Space Handler: http\WorkSpy - {12584F2C-7F9B-4e6a-B49D-3D31CD14A340} - c:\program files\OA10\WorkSpDw.dll
Name-Space Handler: https\WorkSpy - {B4041D07-5D17-44be-B975-3151919DC7D5} - c:\program files\OA10\WorkSpDw.dll
DPF: {4ADC518E-B607-11D4-B395-0001020F4519} - hxxps://portal.ozp.cz/obj/Signer.cab
DPF: {9FCBA748-B8E5-460D-8B5F-E536BDA58A70} - hxxp://85.239.226.10/program/SonyNetworkCameraViewer2.cab
DPF: {EF991872-9158-4570-A7FF-E7DBB6A4B8E9} - hxxp://democam6.iqeye.com/iqweb.ocx.gz
FF - ProfilePath - c:\documents and settings\technik\Data aplikací\Mozilla\Firefox\Profiles\e6qwkln5.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-egui - c:\program files\ESET\ESET NOD32 Antivirus\egui.exe
HKLM-Run-PelcoSysman - c:\program files\Pelco\System Manager 9760\ShowSysManager.exe
MSConfigStartUp-3082507 - c:\windows\TEMP\3082507.exe
MSConfigStartUp-3996606 - c:\windows\TEMP\3996606.exe
MSConfigStartUp-8202174 - c:\windows\TEMP\8202174.exe
MSConfigStartUp-97905815-loader2 - c:\windows\TEMP\97905815-loader2.exe
MSConfigStartUp-Adobe Photo Downloader - c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
MSConfigStartUp-PCSuiteTrayApplication - c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
MSConfigStartUp-RCApp - c:\program files\gigabyte\RCApp\U7000RCApp.exe
MSConfigStartUp-RemoteControl - c:\program files\CyberLink\PowerDVD\PDVDServ.exe
MSConfigStartUp-sysdriver32 - c:\windows\sysdriver32.exe
MSConfigStartUp-sysdriver32_ - c:\windows\sysdriver32_.exe
MSConfigStartUp-TomTomHOME - c:\program files\TomTom HOME 2\HOMERunner.exe
HKLM_ActiveSetup-ccc-core-static - msiexec
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-07 23:09
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rcClient]
"ImagePath"="c:\program files\OA10\rcClient"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(920)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2524)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\OA10\rcClient.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\ATK0100\ATKOSD.exe
c:\windows\RTHDCPL.EXE
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclToBTSrv.exe
.
**************************************************************************
.
Celkový čas: 2011-09-07 23:15:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-07 21:15
.
Před spuštěním: Volných bajtů: 20 179 705 856
Po spuštění: Volných bajtů: 20 787 261 440
.
- - End Of File - - 6A19BA021CB1D6751082BF3195EF1ED5

#17 Příspěvek od **vyosek** » 07 zář 2011 22:26

Kolega snad jasne napsal, ze to tu resit nebudem

Havet stale v PC je, ale na to mate draze placene IT techniky...

VIRY.CZ

vir z FCB RSIT log prosim o pomoc

Re: vir z FCB RSIT log prosim o pomoc

Re: vir z FCB RSIT log prosim o pomoc