do nekonecna otvirajici se nove listy google.com
Napsal: 01 dub 2011 11:23
Zdravim, muzu poprosit o kontrolu LOGu? Pri spusteni prohlizece se mi do nekonecna otviraji nove listy se strankou google.com. je jedno, jaky prohlizec spustim..predem diky za radu, log prikladam
ComboFix 11-03-31.03 - Administrator 01.04.2011 12:10:45.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.510.276 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-01 do 2011-04-01 )))))))))))))))))))))))))))))))
.
.
2011-04-01 10:03 . 2011-04-01 10:03 28752 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4FB8C710-51BC-4061-9F87-58A63A69BE0F}\MpKsl4b0d2254.sys
2011-04-01 09:53 . 2011-03-15 04:05 6792528 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4FB8C710-51BC-4061-9F87-58A63A69BE0F}\mpengine.dll
2011-04-01 09:49 . 2011-04-01 09:49 -------- d-----w- c:\program files\CCleaner
2011-04-01 09:40 . 2011-04-01 09:40 -------- d-----w- c:\windows\system32\wbem\Repository
2011-03-25 13:22 . 2011-03-25 13:22 -------- d-----w- c:\documents and settings\Petr\Local Settings\Data aplikací\NOS
2011-03-25 12:49 . 2011-03-25 12:51 -------- d-----w- C:\tisk
2011-03-25 12:46 . 1998-06-23 23:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2011-03-25 12:46 . 2005-04-15 18:58 1071088 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2011-03-25 12:46 . 2004-03-08 23:00 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2011-03-25 12:46 . 2001-10-28 15:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2011-03-25 12:46 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2011-03-25 12:46 . 2011-03-25 12:47 -------- d-----w- c:\program files\PDFCreator
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-11 06:54 . 2010-08-31 09:40 5943120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-02-09 13:53 . 2008-04-14 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2008-04-14 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:58 . 2009-08-07 11:14 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2009-08-07 11:14 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2008-04-14 12:00 440320 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2008-04-14 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2011-01-07 08:29 . 2011-01-07 08:29 371272 ----a-r- c:\documents and settings\br01\Data aplikací\Microsoft\Installer\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}\SkypeIcon.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-05-25 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-05-25 126976]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\br01\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-5-15 384512]
.
c:\documents and settings\jk02\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [N/A]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CounterPath\\X-Lite\\x-lite.exe"=
"c:\\Documents and Settings\\br01\\Local Settings\\Data aplikací\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R1 MpKsl4b0d2254;MpKsl4b0d2254;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4FB8C710-51BC-4061-9F87-58A63A69BE0F}\MpKsl4b0d2254.sys [1.4.2011 12:03 28752]
S1 MpKsl816f69a6;MpKsl816f69a6;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{26A673D8-3476-4B17-82E1-1C907645FD29}\MpKsl816f69a6.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{26A673D8-3476-4B17-82E1-1C907645FD29}\MpKsl816f69a6.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL4B0D2254
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-01 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2010-03-25 19:40]
.
2011-04-01 c:\windows\Tasks\User_Feed_Synchronization-{4B968B9C-3DFC-4833-B746-F736D36CB549}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
2011-04-01 c:\windows\Tasks\User_Feed_Synchronization-{C26FF35D-D0B1-40E1-BA44-179DC3D9EA28}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-01 12:15
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-343818398-1383384898-1644491937-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,10,06,c5,48,75,5e,a3,49,ad,0f,3c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,10,06,c5,48,75,5e,a3,49,ad,0f,3c,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1460)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-04-01 12:17:00
ComboFix-quarantined-files.txt 2011-04-01 10:16
.
Před spuštěním: 9 344 745 472
Po spuštění: 9 353 666 560
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - F31CA8C4BD70C2BF6D3A733CD1D0E599
ComboFix 11-03-31.03 - Administrator 01.04.2011 12:10:45.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.510.276 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-01 do 2011-04-01 )))))))))))))))))))))))))))))))
.
.
2011-04-01 10:03 . 2011-04-01 10:03 28752 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4FB8C710-51BC-4061-9F87-58A63A69BE0F}\MpKsl4b0d2254.sys
2011-04-01 09:53 . 2011-03-15 04:05 6792528 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4FB8C710-51BC-4061-9F87-58A63A69BE0F}\mpengine.dll
2011-04-01 09:49 . 2011-04-01 09:49 -------- d-----w- c:\program files\CCleaner
2011-04-01 09:40 . 2011-04-01 09:40 -------- d-----w- c:\windows\system32\wbem\Repository
2011-03-25 13:22 . 2011-03-25 13:22 -------- d-----w- c:\documents and settings\Petr\Local Settings\Data aplikací\NOS
2011-03-25 12:49 . 2011-03-25 12:51 -------- d-----w- C:\tisk
2011-03-25 12:46 . 1998-06-23 23:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2011-03-25 12:46 . 2005-04-15 18:58 1071088 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2011-03-25 12:46 . 2004-03-08 23:00 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2011-03-25 12:46 . 2001-10-28 15:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2011-03-25 12:46 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2011-03-25 12:46 . 2011-03-25 12:47 -------- d-----w- c:\program files\PDFCreator
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-11 06:54 . 2010-08-31 09:40 5943120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-02-09 13:53 . 2008-04-14 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2008-04-14 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:58 . 2009-08-07 11:14 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2009-08-07 11:14 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2008-04-14 12:00 440320 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2008-04-14 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2011-01-07 08:29 . 2011-01-07 08:29 371272 ----a-r- c:\documents and settings\br01\Data aplikací\Microsoft\Installer\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}\SkypeIcon.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-05-25 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-05-25 126976]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\br01\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-5-15 384512]
.
c:\documents and settings\jk02\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [N/A]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CounterPath\\X-Lite\\x-lite.exe"=
"c:\\Documents and Settings\\br01\\Local Settings\\Data aplikací\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R1 MpKsl4b0d2254;MpKsl4b0d2254;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4FB8C710-51BC-4061-9F87-58A63A69BE0F}\MpKsl4b0d2254.sys [1.4.2011 12:03 28752]
S1 MpKsl816f69a6;MpKsl816f69a6;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{26A673D8-3476-4B17-82E1-1C907645FD29}\MpKsl816f69a6.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{26A673D8-3476-4B17-82E1-1C907645FD29}\MpKsl816f69a6.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL4B0D2254
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-01 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2010-03-25 19:40]
.
2011-04-01 c:\windows\Tasks\User_Feed_Synchronization-{4B968B9C-3DFC-4833-B746-F736D36CB549}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
2011-04-01 c:\windows\Tasks\User_Feed_Synchronization-{C26FF35D-D0B1-40E1-BA44-179DC3D9EA28}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-01 12:15
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-343818398-1383384898-1644491937-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,10,06,c5,48,75,5e,a3,49,ad,0f,3c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,10,06,c5,48,75,5e,a3,49,ad,0f,3c,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1460)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-04-01 12:17:00
ComboFix-quarantined-files.txt 2011-04-01 10:16
.
Před spuštěním: 9 344 745 472
Po spuštění: 9 353 666 560
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - F31CA8C4BD70C2BF6D3A733CD1D0E599