VIRY.CZ

Logfile of random's system information tool 1.06 (written by random/random)
Run by ivf at 2013-11-27 15:55:31
WIN_XP Service Pack 3
System drive C: has 142 GB (93%) free of 153 GB
Total RAM: 1023 MB (79% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\MpIdleTask.job
C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2005-06-30 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files\AVG\AVG2013\avgui.exe [2012-12-11 3147384]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-30 3568312]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-10-31 683576]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2013-07-25 5624784]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2013-12-01 14:05:40 ----A---- C:\WINDOWS\ntbtlog.txt
2013-12-01 06:34:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\SecTaskMan
2013-12-01 06:32:26 ----D---- C:\Program Files\Security Task Manager
2013-12-01 05:35:20 ----D---- C:\WINDOWS\pss
2013-12-01 03:43:35 ----RSHD---- C:\cmdcons
2013-12-01 03:43:27 ----D---- C:\WINDOWS\setup.pss
2013-12-01 02:29:33 ----A---- C:\WINDOWS\system32\hidserv.dll
2013-12-01 02:04:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-11-30 21:42:17 ----D---- C:\Documents and Settings\ivf\Data aplikací\Avira
2013-11-30 21:34:47 ----D---- C:\Program Files\Avira
2013-11-30 21:34:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2013-11-30 19:43:03 ----D---- C:\WINDOWS\temp
2013-11-30 19:27:20 ----RASH---- C:\Boot.bak
2013-11-30 19:13:02 ----D---- C:\Qoobox
2013-11-30 19:12:17 ----D---- C:\WINDOWS\erdnt
2013-11-30 15:21:02 ----D---- C:\AdwCleaner
2013-11-30 13:55:56 ----D---- C:\WINDOWS\system32\appmgmt
2013-11-30 07:19:18 ----A---- C:\WINDOWS\system32\sdnclean.exe
2013-11-30 07:15:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-11-30 07:11:50 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2013-11-30 03:26:37 ----A---- C:\WINDOWS\system32\muweb.dll
2013-11-30 03:26:32 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2013-11-30 03:26:24 ----A---- C:\WINDOWS\system32\mucltui.dll
2013-11-30 01:59:08 ----D---- C:\Documents and Settings\ivf\Data aplikací\AVAST Software
2013-11-30 01:29:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2013-11-30 01:18:14 ----D---- C:\Program Files\Google
2013-11-30 01:17:11 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-11-30 01:13:26 ----D---- C:\Program Files\AVAST Software
2013-11-30 01:10:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-11-30 01:07:05 ----D---- C:\Documents and Settings\ivf\Data aplikací\Macromedia
2013-11-30 00:43:16 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-11-30 00:40:33 ----SHD---- C:\WINDOWS\CSC
2013-11-30 00:37:32 ----D---- C:\bb2a938085e625c360ffc07c
2013-11-29 23:13:15 ----D---- C:\Documents and Settings\ivf\Data aplikací\Malwarebytes
2013-11-29 23:12:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-11-29 23:12:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-11-29 05:53:49 ----D---- C:\Documents and Settings\ivf\Data aplikací\MCS Electronics
2013-11-29 05:47:33 ----D---- C:\Program Files\MCS Electronics
2013-11-27 15:55:31 ----D---- C:\rsit
2013-11-27 15:55:31 ----D---- C:\Program Files\trend micro
2013-11-26 06:50:10 ----D---- C:\Program Files\CCleaner
2013-11-26 06:43:10 ----D---- C:\Program Files\Microsoft Security Client
2013-11-23 06:28:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2013-11-21 04:59:57 ----D---- C:\Auto-diagnostika
2013-11-09 16:13:48 ----A---- C:\dll-download-system.com.URL
2013-11-09 15:53:19 ----A---- C:\avrdude-GUI.exe

======List of files/folders modified in the last 1 months======

2013-12-01 14:27:11 ----D---- C:\WINDOWS\system32\CatRoot2
2013-12-01 14:18:10 ----SD---- C:\WINDOWS\Tasks
2013-12-01 13:57:35 ----RASH---- C:\boot.ini
2013-12-01 13:57:33 ----A---- C:\WINDOWS\win.ini
2013-12-01 13:57:33 ----A---- C:\WINDOWS\system.ini
2013-12-01 13:49:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2013-12-01 08:01:36 ----D---- C:\WINDOWS\Prefetch
2013-12-01 06:50:46 ----D---- C:\WINDOWS\system32
2013-12-01 03:43:35 ----A---- C:\WINDOWS\UPGRADE.TXT
2013-12-01 02:10:02 ----D---- C:\WINDOWS\SoftwareDistribution
2013-11-30 21:49:19 ----SD---- C:\Documents and Settings\ivf\Data aplikací\Microsoft
2013-11-30 19:43:30 ----D---- C:\WINDOWS\system32\config
2013-11-30 19:41:58 ----D---- C:\WINDOWS\system
2013-11-30 19:36:10 ----D---- C:\WINDOWS\AppPatch
2013-11-30 19:36:06 ----D---- C:\Program Files\Common Files
2013-11-30 19:21:29 ----SHD---- C:\System Volume Information
2013-11-30 19:21:29 ----D---- C:\WINDOWS\system32\Restore
2013-11-30 15:00:10 ----D---- C:\Dell
2013-11-30 14:33:30 ----D---- C:\Program Files\PonyProg2000
2013-11-30 07:22:22 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-11-30 06:40:46 ----SHD---- C:\WINDOWS\Installer
2013-11-30 04:49:16 ----D---- C:\Program Files\Ask.com
2013-11-30 03:26:43 ----HD---- C:\WINDOWS\inf
2013-11-30 02:49:43 ----HD---- C:\WINDOWS\$hf_mig$
2013-11-28 19:37:45 ----D---- C:\Program Files\PonyProg208
2013-11-27 15:55:31 ----RD---- C:\Program Files
2013-11-27 15:52:49 ----D---- C:\WINDOWS
2013-11-27 15:52:20 ----D---- C:\WINDOWS\system32\drivers
2013-11-27 06:20:08 ----D---- C:\avrdude-5.11-Patch7610-win32
2013-11-26 06:58:49 ----D---- C:\WINDOWS\Debug
2013-11-23 06:33:04 ----D---- C:\WINDOWS\WinSxS
2013-11-21 04:57:27 ----D---- C:\Program Files\Auto-diagnostika

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 aswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
S1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
S1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
S1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
S1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2012-10-22 179936]
S1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2012-09-21 19936]
S1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2012-10-02 159712]
S1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2012-09-21 164832]
S1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2013-10-31 137208]
S1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2013-10-31 37352]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 MpKsle363b10b;MpKsle363b10b; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{83A8D946-9524-4029-968C-0D0E4DFA5D77}\MpKsle363b10b.sys []
S1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2013-10-31 28520]
S1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
S2 aswFsBlk;aswFsBlk; \??\C:\WINDOWS\system32\drivers\aswFsBlk.sys []
S2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
S2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2013-10-31 90400]
S2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
S2 HOSTNT;HOSTNT; C:\WINDOWS\system32\drivers\HOSTNT.sys [2005-06-28 4032]
S2 inpout32;inpout32; C:\WINDOWS\System32\Drivers\inpout32.sys [2013-11-30 11936]
S2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.7; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2013-04-14 15781]
S2 TVicPort;TVicPort; C:\WINDOWS\system32\drivers\TVicPort.sys [2005-03-30 14544]
S3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-05-10 156160]
S3 BCM43XX;Ovladač bezdrátové karty Dell WLAN; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-06-25 315392]
S3 catchme;catchme; \??\C:\DOCUME~1\ivf\LOCALS~1\Temp\catchme.sys []
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
S3 cuigufkd;cuigufkd; C:\WINDOWS\system32\drivers\cuigufkd.sys [2013-11-30 403440]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2006-05-18 47249]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2006-05-18 61067]
S3 GEMPC430;GEMPLUS GemPC430 USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\grclass.sys [2001-10-24 82432]
S3 givieo-sys;givieo-sys; \??\c:\windows\system32\drivers\givieo-sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 RT-USB;Ross-Tech USB driver; C:\WINDOWS\system32\drivers\RT-USB.SYS [2010-06-16 59464]
S3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\STAC97.sys [2002-11-11 193840]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]
S2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-10-31 440376]
S2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-10-31 440376]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-10-31 1164360]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-30 50344]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
S2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-30 116648]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2005-06-30 170912]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-10-15 3921880]
S2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-09-20 1042272]
S2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-09-13 171416]
S2 wltrysvc;WLTRYSVC; C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-30 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-11-30 194032]

-----------------EOF-----------------

nuz Ty budes asi majster sveta v pouzivani AV

avira-avast-avg-mse >> ponechaj iba 1
odinstaluj aj SpyBot - PATRI DO HISTORIE

ok , no trochu jsem to s AV prepiskl

nechavam tedy pouze avg
Mam cpu na 100% svchost.exemá 99% v nouzovem rezimu je rychlost ok

ked budes mat odinstalacie hotove - pouzi postup:
Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Folder::
C:\Program Files\Ask.com


Driver::
oreans32

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:

Obrázek

po aplikacii by mal vzniknut dalsi log, ten vloz sem

AV odinstalovány , Combofix mi píše : Platnost Combofixu vypršela

no musis stiahnut "cerstvy"

VIRY.CZ

velmi pomlalý noteboook XP prosím o kontrolu logu

velmi pomlalý noteboook XP prosím o kontrolu logu

Re: velmi pomlalý noteboook XP prosím o kontrolu logu

Re: velmi pomlalý noteboook XP prosím o kontrolu logu

Re: velmi pomlalý noteboook XP prosím o kontrolu logu

Re: velmi pomlalý noteboook XP prosím o kontrolu logu

Re: velmi pomlalý noteboook XP prosím o kontrolu logu