Nelze přehrát žádný zvuk na internetu
Napsal: 08 kvě 2009 13:52
Nejde mi přehrát zvuk z videí a zvukových souborů na netu. V zabezpečení internetu mám možnost přehrávat zvuk zaškrtnutý. Projel jsem počítač pomocí Avira Antivir i Ad-Aware.
Zde je log z Combofix, mockrát díky za pomoc.
ComboFix 09-05-07.06 - Owner 08.05.2009 14:22.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2039.1390 [GMT 2:00]
Spuštěný z: d:\program files 2\Combofix\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-04-08 do 2009-05-08 )))))))))))))))))))))))))))))))
.
2009-05-05 22:18 . 2009-05-05 22:18 278528 ----a-w c:\windows\system32\livesnth.dll
2009-04-09 11:44 . 2009-04-09 11:44 -------- dcsh--w c:\documents and settings\LocalService\IETldCache
2009-04-08 23:31 . 2009-04-08 23:31 -------- dcsh--w c:\documents and settings\Owner\IECompatCache
2009-04-08 23:30 . 2009-04-08 23:30 -------- dcsh--w c:\documents and settings\Owner\PrivacIE
2009-04-08 23:29 . 2009-04-08 23:29 -------- dcsh--w c:\documents and settings\Owner\IETldCache
2009-04-08 23:28 . 2009-04-08 23:28 -------- d-----w c:\windows\ie8updates
2009-04-08 23:26 . 2009-04-08 23:27 -------- dc-h--w c:\windows\ie8
2009-04-08 23:25 . 2009-02-28 04:55 105984 -c----w c:\windows\system32\dllcache\iecompat.dll
2009-04-08 23:16 . 2009-05-03 22:43 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-04-08 22:46 . 2009-04-08 22:46 -------- dc----w c:\documents and settings\LocalService\Plocha
2009-04-08 22:42 . 2009-05-03 22:43 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-04-08 22:30 . 2009-04-08 22:30 -------- d-----w c:\program files\Lavasoft
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-08 06:28 . 2008-04-14 12:00 46196 ----a-w c:\windows\system32\perfc005.dat
2009-05-08 06:28 . 2008-04-14 12:00 309990 ----a-w c:\windows\system32\perfh005.dat
2009-03-13 15:09 . 2008-10-27 20:31 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-11 08:33 . 2009-03-11 08:33 -------- d-----w c:\program files\Beruska
2009-03-08 02:34 . 2008-04-14 12:00 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 02:34 . 2008-04-14 12:00 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 02:33 . 2008-04-14 12:00 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 02:33 . 2008-04-14 12:00 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 02:32 . 2008-04-14 12:00 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 02:32 . 2008-04-14 12:00 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 02:31 . 2008-04-14 12:00 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 02:31 . 2008-04-14 12:00 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 02:31 . 2008-04-14 12:00 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 02:22 . 2008-04-14 12:00 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-06 14:23 . 2008-04-14 12:00 284160 ----a-w c:\windows\system32\pdh.dll
2009-02-09 14:07 . 2008-04-14 12:00 1846784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:26 . 2008-04-14 08:06 2025984 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 11:26 . 2008-04-14 12:00 2147328 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:25 . 2008-04-14 12:00 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:56 . 2008-04-14 12:00 728064 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:56 . 2008-04-14 12:00 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:56 . 2008-04-14 12:00 709632 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 10:56 . 2008-04-14 12:00 684032 ----a-w c:\windows\system32\advapi32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-01 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-09-23 21755688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-11-08 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-11-08 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-11-08 137752]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="d:\program files 2\Canon\Omnipage\OpwareSE4.exe" [2007-02-04 79400]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-05-03 516440]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-10-25 16855552]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2007-10-11 1826816]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [9.4.2009 0:42 64160]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe [30.10.2008 11:54 68865]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18.1.2009 23:34 953168]
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\drivers\l251x86.sys [27.10.2008 22:34 30720]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [14.4.2008 14:00 69120]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Obsah adresáře 'Naplánované úlohy'
2009-05-03 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 22:42]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {933575C6-B7B6-4CCA-94D2-90A17E590519} = 172.27.59.254,172.17.251.254
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-08 14:23
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(704)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
- - - - - - - > 'explorer.exe'(3772)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
d:\program files 2\Canon\Omnipage\OpHookSE4.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2009-05-08 14:24
ComboFix-quarantined-files.txt 2009-05-08 12:24
ComboFix2.txt 2008-11-08 16:32
Před spuštěním: 696 311 808
Po spuštění: 767 905 792
130 --- E O F --- 2009-04-29 10:41
Zde je log z Combofix, mockrát díky za pomoc.
ComboFix 09-05-07.06 - Owner 08.05.2009 14:22.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2039.1390 [GMT 2:00]
Spuštěný z: d:\program files 2\Combofix\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-04-08 do 2009-05-08 )))))))))))))))))))))))))))))))
.
2009-05-05 22:18 . 2009-05-05 22:18 278528 ----a-w c:\windows\system32\livesnth.dll
2009-04-09 11:44 . 2009-04-09 11:44 -------- dcsh--w c:\documents and settings\LocalService\IETldCache
2009-04-08 23:31 . 2009-04-08 23:31 -------- dcsh--w c:\documents and settings\Owner\IECompatCache
2009-04-08 23:30 . 2009-04-08 23:30 -------- dcsh--w c:\documents and settings\Owner\PrivacIE
2009-04-08 23:29 . 2009-04-08 23:29 -------- dcsh--w c:\documents and settings\Owner\IETldCache
2009-04-08 23:28 . 2009-04-08 23:28 -------- d-----w c:\windows\ie8updates
2009-04-08 23:26 . 2009-04-08 23:27 -------- dc-h--w c:\windows\ie8
2009-04-08 23:25 . 2009-02-28 04:55 105984 -c----w c:\windows\system32\dllcache\iecompat.dll
2009-04-08 23:16 . 2009-05-03 22:43 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-04-08 22:46 . 2009-04-08 22:46 -------- dc----w c:\documents and settings\LocalService\Plocha
2009-04-08 22:42 . 2009-05-03 22:43 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-04-08 22:30 . 2009-04-08 22:30 -------- d-----w c:\program files\Lavasoft
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-08 06:28 . 2008-04-14 12:00 46196 ----a-w c:\windows\system32\perfc005.dat
2009-05-08 06:28 . 2008-04-14 12:00 309990 ----a-w c:\windows\system32\perfh005.dat
2009-03-13 15:09 . 2008-10-27 20:31 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-11 08:33 . 2009-03-11 08:33 -------- d-----w c:\program files\Beruska
2009-03-08 02:34 . 2008-04-14 12:00 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 02:34 . 2008-04-14 12:00 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 02:33 . 2008-04-14 12:00 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 02:33 . 2008-04-14 12:00 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 02:32 . 2008-04-14 12:00 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 02:32 . 2008-04-14 12:00 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 02:31 . 2008-04-14 12:00 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 02:31 . 2008-04-14 12:00 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 02:31 . 2008-04-14 12:00 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 02:22 . 2008-04-14 12:00 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-06 14:23 . 2008-04-14 12:00 284160 ----a-w c:\windows\system32\pdh.dll
2009-02-09 14:07 . 2008-04-14 12:00 1846784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:26 . 2008-04-14 08:06 2025984 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 11:26 . 2008-04-14 12:00 2147328 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:25 . 2008-04-14 12:00 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:56 . 2008-04-14 12:00 728064 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:56 . 2008-04-14 12:00 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:56 . 2008-04-14 12:00 709632 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 10:56 . 2008-04-14 12:00 684032 ----a-w c:\windows\system32\advapi32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-01 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-09-23 21755688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-11-08 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-11-08 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-11-08 137752]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="d:\program files 2\Canon\Omnipage\OpwareSE4.exe" [2007-02-04 79400]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-05-03 516440]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-10-25 16855552]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2007-10-11 1826816]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [9.4.2009 0:42 64160]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe [30.10.2008 11:54 68865]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18.1.2009 23:34 953168]
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\drivers\l251x86.sys [27.10.2008 22:34 30720]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [14.4.2008 14:00 69120]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Obsah adresáře 'Naplánované úlohy'
2009-05-03 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 22:42]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {933575C6-B7B6-4CCA-94D2-90A17E590519} = 172.27.59.254,172.17.251.254
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-08 14:23
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(704)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
- - - - - - - > 'explorer.exe'(3772)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
d:\program files 2\Canon\Omnipage\OpHookSE4.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2009-05-08 14:24
ComboFix-quarantined-files.txt 2009-05-08 12:24
ComboFix2.txt 2008-11-08 16:32
Před spuštěním: 696 311 808
Po spuštění: 767 905 792
130 --- E O F --- 2009-04-29 10:41