VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosim o kontrolu,

https://forum.viry.cz:443/viewtopic.php?t=104011

Stránka 1 z 1

prosim o kontrolu,

Napsal: 24 srp 2010 15:14
od yugges
Dobry den,
prosim o kontrolu logu. NOD hlasi ze v aplikaci doslo k chybe a bude ukoncena... restartuje se sluzba ESET Service. Pokud se nepletu, deje se tak pravdepodobne po probehle aktualizaci.

Tady je log z RSIT. Diky!
-------------------------------------

Logfile of random's system information tool 1.08 (written by random/random)
Run by Owner at 2010-08-24 16:12:32
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 7 GB (33%) free of 20 GB
Total RAM: 502 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:12:42, on 24.8.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\WINDOWS\hporclnr.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\mmc.exe
D:\RSIT.exe
C:\Program Files\trend micro\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [HP OrderReminder Cleaner] C:\WINDOWS\hporclnr.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2551495445
O17 - HKLM\System\CCS\Services\Tcpip\..\{F82F0F57-6FDE-4881-B598-F87118AEEDF5}: NameServer = 212.71.188.71,212.71.128.8
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

--
End of file - 4238 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-03-21 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-03-21 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-03-21 137752]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2008-04-10 29757440]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"OrderReminder"=C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [2005-12-22 98304]
"HP OrderReminder Cleaner"=C:\WINDOWS\hporclnr.exe [2006-08-11 104960]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-08-12 2215064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-03-17 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1005MC.EXE"="C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1005MC.EXE:*:Enabled:SMLMProxy Module - HP1005MC.EXE"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-08-24 16:12:33 ----D---- C:\Program Files\trend micro
2010-08-24 16:12:32 ----D---- C:\rsit
2010-08-24 16:02:55 ----SHD---- C:\Config.Msi
2010-08-24 16:02:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2010-08-24 16:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-08-24 16:02:26 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-08-24 16:02:01 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2010-08-24 15:49:45 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-08-24 15:49:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2183461$
2010-08-24 15:49:11 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-08-24 15:48:56 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-08-24 15:48:36 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-08-24 15:48:24 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-08-24 15:48:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-08-24 15:48:05 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-08-24 15:47:56 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-24 15:47:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-08-24 15:47:37 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-08-24 15:47:27 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-08-24 15:47:21 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2010-08-24 15:47:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-24 15:47:08 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-08-24 15:47:00 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-08-24 15:46:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-08-24 15:46:47 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-08-24 15:46:42 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-08-24 15:46:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-08-24 15:46:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-08-24 15:46:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-08-24 15:46:20 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-08-24 15:46:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-08-24 15:46:09 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-08-24 15:46:05 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-08-24 15:46:01 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-08-24 15:45:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-08-24 15:45:49 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-08-24 15:45:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-08-24 15:45:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-08-24 15:45:24 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-24 15:45:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-08-24 15:45:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-24 15:45:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-08-24 15:45:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-08-24 15:44:54 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-08-24 15:44:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-08-24 15:44:43 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-08-24 15:44:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-08-24 15:44:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-24 15:44:26 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-08-24 15:44:21 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-08-24 15:44:16 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-08-24 15:44:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-08-24 15:44:03 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-24 15:43:01 ----A---- C:\WINDOWS\system32\MRT.exe
2010-08-24 15:42:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-08-24 15:42:47 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-08-24 15:42:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-08-24 15:42:24 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-08-24 15:42:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-08-24 15:42:04 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-08-24 15:41:59 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-08-24 15:41:52 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2010-08-24 15:41:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-08-24 15:41:38 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-08-24 15:41:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-08-24 15:41:15 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-08-24 15:40:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-24 15:40:39 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-08-24 15:40:29 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-08-24 15:40:20 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-08-24 15:40:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-08-24 15:39:53 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-24 15:39:42 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-08-24 15:39:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-08-24 15:34:15 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-08-24 15:34:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-08-24 15:33:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-08-24 15:33:26 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-24 15:33:12 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-08-24 15:33:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-08-24 15:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-08-24 15:32:25 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-08-24 15:01:20 ----D---- C:\Program Files\CCleaner
2010-08-24 14:56:56 ----D---- C:\WINDOWS\Prefetch
2010-08-24 14:50:47 ----N---- C:\WINDOWS\system32\msxml6r.dll
2010-08-24 14:50:46 ----N---- C:\WINDOWS\system32\msxml6.dll
2010-08-24 14:50:27 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2010-08-24 14:50:27 ----N---- C:\WINDOWS\system32\azroles.dll
2010-08-24 14:50:27 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2010-08-24 14:50:27 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-08-24 14:50:27 ----N---- C:\WINDOWS\system32\ati3duag.dll
2010-08-24 14:50:27 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-08-24 14:50:27 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2010-08-24 14:50:27 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-08-24 14:50:27 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2010-08-24 14:50:27 ----N---- C:\WINDOWS\system32\aaclient.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\eapsvc.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\eapqec.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\eappprxy.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\eapphost.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\eappgnui.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\eappcfg.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\eapolqec.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\dot3ui.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\dot3svc.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\dot3msm.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\dot3api.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\dimsroam.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2010-08-24 14:50:26 ----N---- C:\WINDOWS\system32\credssp.dll
2010-08-24 14:50:25 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-08-24 14:50:24 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2010-08-24 14:50:24 ----N---- C:\WINDOWS\system32\kmsvc.dll
2010-08-24 14:50:24 ----N---- C:\WINDOWS\system32\kbdpash.dll
2010-08-24 14:50:24 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2010-08-24 14:50:24 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2010-08-24 14:50:24 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2010-08-24 14:50:23 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2010-08-24 14:50:23 ----N---- C:\WINDOWS\system32\mssha.dll
2010-08-24 14:50:23 ----N---- C:\WINDOWS\system32\mmcperf.exe
2010-08-24 14:50:23 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2010-08-24 14:50:23 ----N---- C:\WINDOWS\system32\mmcex.dll
2010-08-24 14:50:23 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2010-08-24 14:50:23 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2010-08-24 14:50:22 ----N---- C:\WINDOWS\system32\onex.dll
2010-08-24 14:50:22 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2010-08-24 14:50:22 ----N---- C:\WINDOWS\system32\napstat.exe
2010-08-24 14:50:22 ----N---- C:\WINDOWS\system32\napmontr.dll
2010-08-24 14:50:22 ----N---- C:\WINDOWS\system32\napipsec.dll
2010-08-24 14:50:22 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-08-24 14:50:21 ----N---- C:\WINDOWS\system32\slserv.exe
2010-08-24 14:50:21 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-08-24 14:50:21 ----N---- C:\WINDOWS\system32\slgen.dll
2010-08-24 14:50:21 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-08-24 14:50:21 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-08-24 14:50:21 ----N---- C:\WINDOWS\system32\setupn.exe
2010-08-24 14:50:21 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-08-24 14:50:21 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2010-08-24 14:50:21 ----N---- C:\WINDOWS\system32\rasqec.dll
2010-08-24 14:50:21 ----N---- C:\WINDOWS\system32\qutil.dll
2010-08-24 14:50:21 ----N---- C:\WINDOWS\system32\qcliprov.dll
2010-08-24 14:50:21 ----N---- C:\WINDOWS\system32\qagentrt.dll
2010-08-24 14:50:21 ----N---- C:\WINDOWS\system32\qagent.dll
2010-08-24 14:50:21 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2010-08-24 14:50:20 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-08-24 14:50:20 ----N---- C:\WINDOWS\system32\tspkg.dll
2010-08-24 14:50:20 ----N---- C:\WINDOWS\system32\tsgqec.dll
2010-08-24 14:50:19 ----N---- C:\WINDOWS\system32\wmphoto.dll
2010-08-24 14:50:19 ----N---- C:\WINDOWS\system32\wlanapi.dll
2010-08-24 14:50:19 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2010-08-24 14:50:19 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2010-08-24 14:50:19 ----N---- C:\WINDOWS\system32\verclsid.exe
2010-08-24 14:50:18 ----N---- C:\WINDOWS\system32\xmllite.dll
2010-08-24 14:50:18 ----N---- C:\WINDOWS\slrundll.exe
2010-08-24 14:50:18 ----D---- C:\WINDOWS\system32\cs-cz
2010-08-24 14:50:16 ----D---- C:\WINDOWS\system32\cs
2010-08-24 14:50:16 ----D---- C:\WINDOWS\l2schemas
2010-08-24 14:50:15 ----D---- C:\WINDOWS\system32\bits
2010-08-24 14:47:27 ----D---- C:\WINDOWS\ServicePackFiles
2010-08-24 14:44:49 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2010-08-24 14:44:49 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2010-08-24 14:44:49 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2010-08-24 14:44:49 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2010-08-24 14:44:49 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2010-08-24 14:44:49 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2010-08-24 14:44:49 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2010-08-24 14:44:49 ----D---- C:\WINDOWS\network diagnostic
2010-08-24 14:44:48 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2010-08-24 14:44:48 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2010-08-24 14:44:48 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2010-08-24 14:44:48 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2010-08-24 14:44:48 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2010-08-24 14:44:48 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2010-08-24 14:44:48 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2010-08-24 14:44:48 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2010-08-24 14:44:48 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2010-08-24 14:44:48 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2010-08-24 14:44:48 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2010-08-24 14:44:48 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2010-08-24 14:44:48 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2010-08-24 14:44:48 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2010-08-24 14:44:48 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2010-08-24 14:44:47 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2010-08-24 14:44:47 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2010-08-24 14:44:47 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2010-08-24 14:44:47 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2010-08-24 14:44:47 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2010-08-24 14:44:47 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2010-08-24 14:44:47 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2010-08-24 14:44:47 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2010-08-24 14:44:47 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2010-08-24 14:44:47 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2010-08-24 14:44:47 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2010-08-24 14:44:47 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2010-08-24 14:44:47 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2010-08-24 14:44:47 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2010-08-24 14:44:47 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-08-24 14:44:46 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2010-08-24 14:44:46 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2010-08-24 14:44:46 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2010-08-24 14:44:46 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2010-08-24 14:44:46 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2010-08-24 14:44:46 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2010-08-24 14:44:46 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2010-08-24 14:44:46 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2010-08-24 14:44:46 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2010-08-24 14:44:46 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2010-08-24 14:44:46 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2010-08-24 14:44:46 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2010-08-24 14:44:45 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2010-08-24 14:44:45 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2010-08-24 14:44:45 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2010-08-24 14:44:45 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2010-08-24 14:44:44 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2010-08-24 14:44:44 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2010-08-24 14:44:44 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2010-08-24 14:44:44 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2010-08-24 14:44:44 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2010-08-24 14:44:44 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2010-08-24 14:44:44 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2010-08-24 14:44:44 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2010-08-24 14:44:44 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2010-08-24 14:44:43 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2010-08-24 14:44:43 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2010-08-24 14:44:43 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2010-08-24 14:44:43 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2010-08-24 14:44:43 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2010-08-24 14:44:43 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2010-08-24 14:44:43 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2010-08-24 14:44:43 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2010-08-24 14:44:43 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2010-08-24 14:44:42 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2010-08-24 14:44:42 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2010-08-24 14:44:42 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2010-08-24 14:44:42 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2010-08-24 14:44:42 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2010-08-24 14:44:42 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2010-08-24 14:44:42 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2010-08-24 14:44:42 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2010-08-24 14:44:42 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2010-08-24 14:44:42 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2010-08-24 14:44:42 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2010-08-24 14:42:03 ----A---- C:\WINDOWS\002613_.tmp
2010-08-24 14:30:35 ----A---- C:\WINDOWS\002614_.tmp
2010-08-24 14:27:20 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-08-24 14:26:54 ----D---- C:\WINDOWS\EHome
2010-08-23 10:43:59 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Windows Genuine Advantage
2010-08-23 10:22:08 ----D---- C:\WINDOWS\system32\PreInstall
2010-08-23 10:22:06 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-08-23 10:21:48 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-08-23 10:21:40 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-08-23 10:18:49 ----A---- C:\WINDOWS\system32\wups2.dll
2010-08-23 10:18:49 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2010-08-23 10:18:49 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2010-08-23 10:18:48 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-08-23 10:18:48 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2010-07-29 13:31:26 ----A---- C:\WINDOWS\system32\drivers\ehdrv.sys

======List of files/folders modified in the last 1 months======

2010-08-24 16:12:33 ----RD---- C:\Program Files
2010-08-24 16:12:33 ----D---- C:\WINDOWS\Temp
2010-08-24 16:06:35 ----D---- C:\WINDOWS\system32
2010-08-24 16:06:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-24 16:05:58 ----D---- C:\WINDOWS
2010-08-24 16:04:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-24 16:03:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-24 16:03:25 ----SHD---- C:\WINDOWS\Installer
2010-08-24 16:02:40 ----HD---- C:\WINDOWS\inf
2010-08-24 16:02:34 ----A---- C:\WINDOWS\imsins.BAK
2010-08-24 16:02:28 ----D---- C:\WINDOWS\system32\drivers
2010-08-24 16:02:10 ----D---- C:\WINDOWS\security
2010-08-24 16:01:53 ----D---- C:\WINDOWS\system32\mui
2010-08-24 15:59:17 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-24 15:58:43 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-24 15:51:19 ----D---- C:\WINDOWS\system32\wbem
2010-08-24 15:51:19 ----D---- C:\WINDOWS\AppPatch
2010-08-24 15:48:28 ----D---- C:\Program Files\Messenger
2010-08-24 15:47:48 ----D---- C:\WINDOWS\WinSxS
2010-08-24 15:41:17 ----D---- C:\Program Files\Outlook Express
2010-08-24 15:39:59 ----D---- C:\Program Files\Movie Maker
2010-08-24 15:37:52 ----D---- C:\WINDOWS\Registration
2010-08-24 15:34:58 ----SD---- C:\Documents and Settings\Owner\Data aplikací\Microsoft
2010-08-24 14:58:30 ----A---- C:\WINDOWS\OEWABLog.txt
2010-08-24 14:57:59 ----A---- C:\WINDOWS\setuplog.txt
2010-08-24 14:56:27 ----D---- C:\WINDOWS\system32\Setup
2010-08-24 14:56:25 ----RD---- C:\WINDOWS\Fonts
2010-08-24 14:53:54 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-24 14:50:46 ----D---- C:\Program Files\Windows Media Player
2010-08-24 14:50:44 ----D---- C:\WINDOWS\Help
2010-08-24 14:50:30 ----D---- C:\WINDOWS\ime
2010-08-24 14:50:17 ----D---- C:\WINDOWS\system32\usmt
2010-08-24 14:50:17 ----D---- C:\Program Files\Internet Explorer
2010-08-24 14:50:15 ----D---- C:\WINDOWS\PeerNet
2010-08-24 14:47:14 ----D---- C:\WINDOWS\system32\Restore
2010-08-24 14:47:14 ----D---- C:\WINDOWS\system32\npp
2010-08-24 14:47:13 ----D---- C:\WINDOWS\msagent
2010-08-24 14:47:12 ----D---- C:\WINDOWS\srchasst
2010-08-24 14:47:11 ----D---- C:\Program Files\NetMeeting
2010-08-24 14:47:09 ----D---- C:\WINDOWS\system32\Com
2010-08-24 14:47:06 ----D---- C:\Program Files\Windows NT
2010-08-24 14:47:03 ----D---- C:\Program Files\Common Files\System
2010-08-24 14:46:41 ----D---- C:\WINDOWS\system32\oobe
2010-08-24 14:46:39 ----D---- C:\WINDOWS\system
2010-08-24 14:08:34 ----A---- C:\WINDOWS\IE4 Error Log.txt
2010-08-23 10:46:15 ----D---- C:\WINDOWS\Debug
2010-08-23 10:43:06 ----D---- C:\WINDOWS\SoftwareDistribution
2010-08-23 10:18:20 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-07-27 08:30:31 ----A---- C:\WINDOWS\system32\shell32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-03-17 5955872]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-05-19 108032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2008-02-14 222976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-08-12 33584]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

Re: prosim o kontrolu,

Napsal: 25 srp 2010 17:04
od Rudy
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz