Kontrola logu
Napsal: 07 led 2010 12:22
Dobrý den,
můžete mi prosím zkontrolovat tento log z combofixu? Dneska se mi počítač nějak zpomalil zničehonic a nemůžu otevřít Internet explorer. Respektive otevřu, ale nenačte se mi žádná stránka. SKYPE mi jede.
ComboFix 10-01-04.01 - 07.01.2010 12:09:49.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1527.839 [GMT 1:00]
AV: AVG Anti-Virus Network Edition *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\oem15.inf
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-07 do 2010-01-07 )))))))))))))))))))))))))))))))
.
2010-01-07 10:44 . 2010-01-07 10:44 -------- d-----w- c:\windows\system32\wbem\Repository
2010-01-07 10:42 . 2010-01-07 10:42 -------- d-----w- c:\program files\PDFCreator Toolbar
2010-01-07 10:42 . 2010-01-07 10:42 -------- d-----w- c:\program files\TCL
2010-01-07 10:21 . 2010-01-07 10:21 -------- d-----w- c:\windows\ie8updates
2010-01-07 10:16 . 2010-01-07 10:41 -------- dc----w- c:\windows\ie8(2)
2010-01-07 10:00 . 2010-01-07 10:00 -------- d-----w- c:\documents and settings\!Sdilene sablony K4\K4 Projekce
2010-01-07 10:00 . 2010-01-07 10:00 -------- d-----w- c:\documents and settings\!Sdilene sablony K4\K4 obecné
2010-01-07 10:00 . 2010-01-07 10:00 -------- d-----w- c:\documents and settings\!Sdilene sablony K4
2010-01-07 10:00 . 2010-01-07 10:00 -------- d-----w- c:\documents and settings\!Sdilene sablony K4\K4 DPŘ
2010-01-07 09:45 . 2010-01-07 09:45 -------- d-----w- c:\documents and settings\LocalService\IETldCache
2009-12-26 14:07 . 2009-12-26 14:07 -------- d-----w- C:\$AVG
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-07 11:01 . 2009-04-17 10:28 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-01-07 11:01 . 2009-04-17 10:28 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-01-07 11:01 . 2009-04-17 10:28 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-01-07 11:00 . 2009-04-17 10:28 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-01-07 11:00 . 2009-04-17 10:28 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-01-07 10:35 . 2009-04-17 12:28 -------- d-----w- c:\program files\Java
2010-01-07 10:35 . 2006-03-02 12:00 458882 ----a-w- c:\windows\system32\perfh005.dat
2010-01-07 10:35 . 2006-03-02 12:00 90924 ----a-w- c:\windows\system32\perfc005.dat
2009-12-26 11:24 . 2009-04-17 10:28 -------- d-----w- c:\program files\AVG
2009-12-04 17:51 . 2009-04-17 09:42 -------- d-----w- c:\program files\Microsoft Silverlight
2009-10-29 07:45 . 2008-04-14 06:52 832512 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:45 . 2008-04-14 06:52 832512 ----a-w- c:\windows\system32\wininet(3).dll
2009-10-29 07:45 . 2008-04-14 06:52 1168384 ----a-w- c:\windows\system32\urlmon(3).dll
2009-10-29 07:45 . 2008-04-14 06:51 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-29 07:45 . 2008-04-14 06:51 17408 ----a-w- c:\windows\system32\corpol.dll
2009-10-21 05:40 . 2008-04-14 06:52 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2008-04-14 06:51 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2008-04-13 22:23 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2008-04-14 06:51 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2008-04-14 06:51 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2008-04-14 06:51 150016 ----a-w- c:\windows\system32\rastls.dll
2009-04-17 11:14 . 2009-04-17 11:14 14290 ----a-w- c:\program files\settings.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 12:02 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-14 102400]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-13 2043160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-17 148888]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-2-15 581693]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-01-07 11:01 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [17.4.2009 11:28 161800]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [17.4.2009 11:28 333192]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [17.4.2009 11:28 360584]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files\T-Mobile\Web'n'walk Manager\ameisvc.exe [8.1.2009 20:25 58608]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [17.4.2009 11:28 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [17.4.2009 11:28 297752]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [26.12.2009 12:24 285392]
R2 Ethpdrv;Ethernet Packet Driver;c:\windows\system32\drivers\ethpdrv.sys [1.8.2007 21:30 16376]
S3 IpwP;IPWireless 3G Network Adapter;c:\windows\system32\drivers\ipw3gnet.sys [18.4.2009 19:01 51040]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - DMADMIN
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-07 12:13
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-01-07 12:15:40
ComboFix-quarantined-files.txt 2010-01-07 11:15
Před spuštěním: 7 428 308 992
Po spuštění: 7 514 673 152
- - End Of File - - 542AAD278CAEE56E254169E9357FEA3B
můžete mi prosím zkontrolovat tento log z combofixu? Dneska se mi počítač nějak zpomalil zničehonic a nemůžu otevřít Internet explorer. Respektive otevřu, ale nenačte se mi žádná stránka. SKYPE mi jede.
ComboFix 10-01-04.01 - 07.01.2010 12:09:49.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1527.839 [GMT 1:00]
AV: AVG Anti-Virus Network Edition *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\oem15.inf
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-07 do 2010-01-07 )))))))))))))))))))))))))))))))
.
2010-01-07 10:44 . 2010-01-07 10:44 -------- d-----w- c:\windows\system32\wbem\Repository
2010-01-07 10:42 . 2010-01-07 10:42 -------- d-----w- c:\program files\PDFCreator Toolbar
2010-01-07 10:42 . 2010-01-07 10:42 -------- d-----w- c:\program files\TCL
2010-01-07 10:21 . 2010-01-07 10:21 -------- d-----w- c:\windows\ie8updates
2010-01-07 10:16 . 2010-01-07 10:41 -------- dc----w- c:\windows\ie8(2)
2010-01-07 10:00 . 2010-01-07 10:00 -------- d-----w- c:\documents and settings\!Sdilene sablony K4\K4 Projekce
2010-01-07 10:00 . 2010-01-07 10:00 -------- d-----w- c:\documents and settings\!Sdilene sablony K4\K4 obecné
2010-01-07 10:00 . 2010-01-07 10:00 -------- d-----w- c:\documents and settings\!Sdilene sablony K4
2010-01-07 10:00 . 2010-01-07 10:00 -------- d-----w- c:\documents and settings\!Sdilene sablony K4\K4 DPŘ
2010-01-07 09:45 . 2010-01-07 09:45 -------- d-----w- c:\documents and settings\LocalService\IETldCache
2009-12-26 14:07 . 2009-12-26 14:07 -------- d-----w- C:\$AVG
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-07 11:01 . 2009-04-17 10:28 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-01-07 11:01 . 2009-04-17 10:28 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-01-07 11:01 . 2009-04-17 10:28 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-01-07 11:00 . 2009-04-17 10:28 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-01-07 11:00 . 2009-04-17 10:28 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-01-07 10:35 . 2009-04-17 12:28 -------- d-----w- c:\program files\Java
2010-01-07 10:35 . 2006-03-02 12:00 458882 ----a-w- c:\windows\system32\perfh005.dat
2010-01-07 10:35 . 2006-03-02 12:00 90924 ----a-w- c:\windows\system32\perfc005.dat
2009-12-26 11:24 . 2009-04-17 10:28 -------- d-----w- c:\program files\AVG
2009-12-04 17:51 . 2009-04-17 09:42 -------- d-----w- c:\program files\Microsoft Silverlight
2009-10-29 07:45 . 2008-04-14 06:52 832512 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:45 . 2008-04-14 06:52 832512 ----a-w- c:\windows\system32\wininet(3).dll
2009-10-29 07:45 . 2008-04-14 06:52 1168384 ----a-w- c:\windows\system32\urlmon(3).dll
2009-10-29 07:45 . 2008-04-14 06:51 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-29 07:45 . 2008-04-14 06:51 17408 ----a-w- c:\windows\system32\corpol.dll
2009-10-21 05:40 . 2008-04-14 06:52 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2008-04-14 06:51 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2008-04-13 22:23 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2008-04-14 06:51 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2008-04-14 06:51 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2008-04-14 06:51 150016 ----a-w- c:\windows\system32\rastls.dll
2009-04-17 11:14 . 2009-04-17 11:14 14290 ----a-w- c:\program files\settings.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 12:02 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-14 102400]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-13 2043160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-17 148888]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-2-15 581693]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-01-07 11:01 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [17.4.2009 11:28 161800]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [17.4.2009 11:28 333192]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [17.4.2009 11:28 360584]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files\T-Mobile\Web'n'walk Manager\ameisvc.exe [8.1.2009 20:25 58608]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [17.4.2009 11:28 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [17.4.2009 11:28 297752]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [26.12.2009 12:24 285392]
R2 Ethpdrv;Ethernet Packet Driver;c:\windows\system32\drivers\ethpdrv.sys [1.8.2007 21:30 16376]
S3 IpwP;IPWireless 3G Network Adapter;c:\windows\system32\drivers\ipw3gnet.sys [18.4.2009 19:01 51040]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - DMADMIN
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-07 12:13
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-01-07 12:15:40
ComboFix-quarantined-files.txt 2010-01-07 11:15
Před spuštěním: 7 428 308 992
Po spuštění: 7 514 673 152
- - End Of File - - 542AAD278CAEE56E254169E9357FEA3B