VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=113401

Stránka 2 z 2

Re: Prosím o kontrolu logu

Napsal: 22 črc 2011 18:17
od Rudy
Ještě požádám o jedno spuštění CF, tentokrát tímto skriptem:
Driver::
26227010

Re: Prosím o kontrolu logu

Napsal: 22 črc 2011 20:12
od Octavo
ComboFix 11-07-22.02 - Maťo . 07. 2011 20:51:54.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1918.1281 [GMT 2:00]
Spuštěný z: c:\documents and settings\Maťo\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Maťo\Plocha\CFScript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_26227010
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-22 do 2011-07-22 )))))))))))))))))))))))))))))))
.
.
2011-07-22 07:25 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-07-21 17:53 . 2011-07-21 17:53 -------- d-----w- c:\program files\Microsoft Silverlight
2011-06-30 14:39 . 2011-06-30 14:39 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-06-30 14:39 . 2011-06-30 14:39 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-04 11:43 . 2011-04-23 08:37 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2011-04-23 08:37 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-04-23 08:37 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2011-04-23 08:37 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2011-04-23 08:37 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:35 . 2011-04-23 08:37 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-04 11:35 . 2011-04-23 08:37 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-04 11:32 . 2011-04-23 08:37 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2011-04-23 08:37 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-04 11:32 . 2011-04-23 08:37 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-03 19:14 . 2011-06-14 15:20 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-06 11:35 . 2004-08-18 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-29 07:11 . 2011-04-21 19:20 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2011-04-21 19:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-02 15:32 . 2009-08-01 17:29 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2004-08-18 12:00 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-26 11:07 . 2004-08-18 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-04-26 11:07 . 2004-08-18 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-04-25 16:06 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:06 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:06 . 2004-08-18 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-06-30 14:39 . 2011-04-18 19:57 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2004-08-18 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\atapi.sys
[-] 2004-08-03 20:59 . !HASH: COULD NOT OPEN FILE !!!!! . 95360 . . [------] . . c:\windows\system32\drivers\atapi.sys
.
[-] 2008-04-14 03:21 . 3EF79D1F5B06B29B3C317DFFB8BE0F8F . 1405440 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 03:21 . 3EF79D1F5B06B29B3C317DFFB8BE0F8F . 1405440 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[7] 2008-04-14 03:21 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\VistaMizer\old\comres.dll
[7] 2004-08-18 12:00 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[7] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\winlogon.exe
[7] 2004-08-18 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
.
[-] 2010-08-23 . CED16C5B6DACB15B47B65839F2C39A5B . 724992 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2010-08-23 . CED16C5B6DACB15B47B65839F2C39A5B . 724992 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . CED16C5B6DACB15B47B65839F2C39A5B . 724992 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\VistaMizer\old\comctl32.dll
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . 92FAE100B7A31616DEBF6F91175000AA . 724992 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2004-08-18 . 876C658C44F2BF4AF050E5534A9F066F . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[7] 2004-08-18 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2004-08-18 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[-] 2008-04-14 . 581480DE9C65D6BD0552E35BF17379B2 . 587776 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . 581480DE9C65D6BD0552E35BF17379B2 . 587776 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[7] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\user32.dll
[7] 2004-08-18 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . B720487896E2D91DA23E59820F718E34 . 1552384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . B720487896E2D91DA23E59820F718E34 . 1552384 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\VistaMizer\old\explorer.exe
[7] 2004-08-18 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . c:\windows\ServicePackFiles\i386\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . c:\windows\system32\dllcache\ole32.dll
[7] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . c:\windows\VistaMizer\old\ole32.dll
[7] 2010-07-16 . C85BE0CF9C91EB64CECA1D639D71D4CC . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[-] 2008-04-14 . 79E4E0BCF353CA222DCCA7DD396F15A9 . 1312256 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[7] 2004-08-18 . 7FE54C063DDA8EF226846510852E6B1B . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ole32.dll
.
[-] 2008-04-14 . D8152865F2A59D765AF8317E38AA5FB4 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[7] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\ctfmon.exe
[7] 2004-08-18 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[-] 2008-04-14 . FDE84E2C6D0E1F75D61D7CC111A1DA5A . 369152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . FDE84E2C6D0E1F75D61D7CC111A1DA5A . 369152 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[7] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\hnetcfg.dll
[7] 2004-08-18 . FAABA83BE47C5B15F620FAA53267A9B8 . 345088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[7] 2010-12-09 . 40D176442F70573DBA0E05A7E40D3EBB . 2071552 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[-] 2010-12-09 . 7D99B5CB3A37D7856326EA1EE472BF76 . 2286592 . . [5.1.2600.6055] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2010-12-09 . 7D99B5CB3A37D7856326EA1EE472BF76 . 2286592 . . [5.1.2600.6055] . . c:\windows\system32\ntkrnlpa.exe
[-] 2010-12-09 . 7D99B5CB3A37D7856326EA1EE472BF76 . 2286592 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2010-12-09 . 3BDF4E6E7BAA918AAA1670B7EBA505A3 . 2029056 . . [5.1.2600.6055] . . c:\windows\VistaMizer\old\ntkrnlpa.exe
[7] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2010-04-28 . 2FA1EF498F026847CF276DF9099ABE79 . 2069120 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[-] 2010-04-28 . 828D70D9C1AB7E42960A59D79AF5EB25 . 2284032 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
[7] 2010-02-16 . D46E1BB887F3340430D10DA536FE79E1 . 2026496 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[7] 2010-02-16 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[7] 2009-12-09 . 58516936F00D10D4B615C458A8A4AB71 . 2068352 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[7] 2009-12-09 . B2CEA3C57AA8230C7BCC0B2AF35EC55A . 2025984 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[7] 2009-08-04 . 97815C93200676C727CE951AE5C78137 . 2068352 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[7] 2009-08-04 . C50A3A3C9724135FFBD9CB31355F9341 . 2025984 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
[7] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[7] 2009-02-09 . 2A10C3D1EFA71B00EADF711EEE9F94B5 . 2017792 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[7] 2009-02-09 . BB64DC108F8C4EE4D4B7998AA19E5FA7 . 2065152 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 . 151C755277023F693F0C3AAF755762EC . 2283520 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
[7] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2008-04-14 . 9F12E026DC0B0C43F521114EFB3A3ACC . 2025984 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[7] 2004-08-18 . 7715EDDD01EDFEF9EF335D29C6DFE212 . 2017280 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe
.
[-] 2009-03-08 . C94590AF0DB0E97199688FF1A77037D2 . 727904 . . [8.00.6001.18702] . . c:\windows\ServicePackFiles\i386\iexplore.exe
[-] 2009-03-08 . C94590AF0DB0E97199688FF1A77037D2 . 727904 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\VistaMizer\old\iexplore.exe
[7] 2004-08-18 . 63E527C26AC3059EAD766C6C11746D07 . 93184 . . [6.00.2900.2180] . . c:\windows\ie8\iexplore.exe
.
[7] 2010-12-09 . 8D222D8EF9B1951296F822583A044542 . 2194944 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[7] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2010-12-09 . C52901B0D4A05D717181A55944696981 . 2408448 . . [5.1.2600.6055] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2010-12-09 . C52901B0D4A05D717181A55944696981 . 2408448 . . [5.1.2600.6055] . . c:\windows\system32\ntoskrnl.exe
[-] 2010-12-09 . C52901B0D4A05D717181A55944696981 . 2408448 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2010-12-09 . EB4B6B42932C180632A2C2C43F23B84C . 2150912 . . [5.1.2600.6055] . . c:\windows\VistaMizer\old\ntoskrnl.exe
[-] 2010-04-28 . 5B0587FFED09BED2CD4A748671550098 . 2405888 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
[7] 2010-04-28 . 91FE668957FF51A2DBCEE0D8637BA77E . 2192256 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[7] 2010-02-16 . CD79AD67BF88021BB60B2602D1947FB3 . 2148352 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[7] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[7] 2009-12-09 . 7782F11AE957B736585870CD2671227B . 2191488 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[7] 2009-12-09 . 07A58A2A4460A4B7A58E0920F4CFA729 . 2147328 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[7] 2009-08-04 . 3742270B8C90A97A0BDD25DED1201AA9 . 2147328 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
[7] 2009-08-04 . 3502DBBC657001D7A2A2768BD7DE1483 . 2191488 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2009-02-09 . E4CB0FFB4C55DB2268B93F4A17EACBF2 . 2138112 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[7] 2009-02-09 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[7] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[-] 2009-02-09 . D9C8914A48C7F690429306E04F47E7EF . 2404864 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[7] 2008-04-14 . 27C7A7AED8A477F6A0C7D3AD00AB9419 . 2147328 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[7] 2004-08-18 . 84FEF6BE553ACC66729F5D4113F53310 . 2150400 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\ntoskrnl.exe
.
((((((((((((((((((((((((((((( SnapShot_2011-07-21_18.20.15 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-22 19:04 . 2011-07-22 19:04 16384 c:\windows\Temp\Perflib_Perfdata_7b8.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-10 16126464]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-29 638976]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"AtiPTA"="atiptaxx.exe" [2006-02-22 344064]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2006-12-14 192512]
"LMgrVolOSD"="c:\program files\Launch Manager\OSD.exe" [2006-12-26 180224]
"LMgrOSD"="c:\program files\Launch Manager\OSDCtrl.exe" [2006-08-29 241664]
"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2006-11-09 86016]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [BU]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 25088]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Rychlě zaź tek s aplikacˇ HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-05 08:18 133432 ----a-w- c:\program files\ICQ7.2\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2011-05-20 14:56 724536 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2009-09-24 13:41 434176 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-12-10 12:28 247144 -c--a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"EmmaUpdMgmtSvc"=2 (0x2)
"EmmaDevMgmtSvc"=2 (0x2)
"TomTomHOMEService"=2 (0x2)
"OMSI download service"=2 (0x2)
"NMIndexingService"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Sony Ericsson\\SEMC OMSI Module\\SEMC OMSI Module.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"=
"c:\\Documents and Settings\\Maťo\\Plocha\\Magda\\Dokumenty\\OVB\\Calculator SK\\Deutscher Ring Calculator SK.exe"=
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [2. 8. 2009 11:26 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [2. 8. 2009 11:26 5248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [23. 4. 2011 10:37 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [23. 4. 2011 10:37 309848]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [30. 7. 2008 7:51 277736]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23. 4. 2011 10:37 19544]
R2 NSHE;Guardant Emulator Driver;c:\windows\system32\drivers\NSHE.SYS [15. 7. 2010 19:40 97792]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [10. 12. 2010 14:29 92008]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [8. 11. 2009 17:51 27632]
R3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [21. 1. 2010 19:11 118784]
S1 mailKmd;mailKmd; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18. 3. 2010 14:16 130384]
S2 gupdate1ca13523887e3da;Služba Google Update (gupdate1ca13523887e3da);c:\program files\Google\Update\GoogleUpdate.exe [5. 8. 2009 20:23 133104]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [12. 9. 2010 20:09 23456]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [11. 8. 2009 21:42 13224]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5. 8. 2009 20:23 133104]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [8. 11. 2009 17:50 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [8. 11. 2009 17:50 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [8. 11. 2009 17:50 120744]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [8. 11. 2009 17:50 110632]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18. 3. 2010 14:16 753504]
S4 EmmaDevMgmtSvc;Emma Device Management;c:\program files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe [16. 12. 2009 14:36 306296]
S4 EmmaUpdMgmtSvc;Emma Update Management;c:\program files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe [16. 12. 2009 14:36 162936]
S4 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [28. 11. 2009 14:10 90112]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-05 18:23]
.
2011-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-05 18:23]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Maťo\Data aplikací\Mozilla\Firefox\Profiles\tg7fbtfu.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
FF - user.js: network.proxy.http_port - 0
FF - user.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-22 21:04
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CtrlVol = c:\program files\Launch Manager\CtrlVol.exe?x???0???\???????0??????????? ??|???|???????|????????L????????h????F?????????????h?????????????B????? ??|`??|????]??|[?A?????????z?A????W??7~??????F?4^@???????????????A??fAW????z?A???@?ph??6u@?ph?????W??@??h?????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-507921405-861567501-682003330-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\N*e*e*d* *F*o*r* *S*p*e*e*d* *W*o*r*l*d* *S*i*t*e*"!\NFS Most Wanted Bugatti Veyron Mod]
"Install Dir"="d:\\Hry\\MOSTWA~1"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(592)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\cscui.dll
c:\windows\system32\COMRes.dll
.
- - - - - - - > 'lsass.exe'(648)
c:\windows\system32\setupapi.dll
c:\windows\system32\psbase.dll
.
- - - - - - - > 'explorer.exe'(4036)
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\msi.dll
c:\windows\System32\cscui.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\MSVCP60.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\HP\Digital Imaging\bin\hpqimzone.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Celkový čas: 2011-07-22 21:11:23 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-22 19:11
ComboFix2.txt 2011-07-21 21:27
ComboFix3.txt 2011-07-21 21:04
ComboFix4.txt 2011-07-21 20:38
ComboFix5.txt 2011-07-22 18:41
.
Před spuštěním: Volných bajtů: 16 489 422 848
Po spuštění: Volných bajtů: 16 376 295 424
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 08025B7D2A21BC00FD692A472C58D899

Re: Prosím o kontrolu logu

Napsal: 22 črc 2011 20:35
od Rudy
Log již vypadá čistý. Nastala nějaká změna?

Re: Prosím o kontrolu logu

Napsal: 22 črc 2011 20:36
od Octavo
Ikony na hlavnim panelu stale miznu

Re: Prosím o kontrolu logu

Napsal: 22 črc 2011 20:40
od Rudy
Zkuste obnovu systému k datu, kdy korketně fungoval.

Re: Prosím o kontrolu logu

Napsal: 22 črc 2011 20:42
od Octavo
Prave ze neviem kedy to zacalo blbnut lebo pc pouziva aj manzelka

Re: Prosím o kontrolu logu

Napsal: 22 črc 2011 21:22
od Rudy
Můžete zkusit nejstarší bod obnovení. Jinak nezbude, než oprava systému pomocí XPManageru: http://www.viry.cz/forum/viewtopic.php?f=46&t=17549, nebo z instal. média.
Všechny časy jsou v UTC+01:00
Stránka 2 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz