sekanie,lagovanie,nestabilita- prosim o kontrolu logov

Stránka: 1 z 1

[ Príspevok: 1 ]

Autor

Správa

patrik89

Užívateľ

Užívateľ

Registrovaný: 28.07.10
Prihlásený: 05.08.10
Príspevky: 5
Témy: 2

Napísal

patrik89: 28.07.2010 14:39

ComboFix 10-07-27.02 - Tomi 07/28/2010 10:10:34.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.737 [GMT 2:00]
Running from: c:\documents and settings\Tomi\My Documents\Downloads\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\install.exe
c:\program files\AskSearch\bin\DefaultSearch.dll
c:\program files\RelevantKnowledge
c:\program files\RelevantKnowledge\rloci.bin
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000013_.tmp.dll
c:\windows\system32\_000019_.tmp.dll
c:\windows\system32\_000020_.tmp.dll
c:\windows\system32\_000021_.tmp.dll

.
((((((((((((((((((((((((( Files Created from 2010-06-28 to 2010-07-28 )))))))))))))))))))))))))))))))
.

2010-07-27 20:22 . 2010-07-27 20:22 10 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\SecTaskMan\icn_62766A54CB96B6647A4A21CFAB84387D.dll
2010-07-27 20:22 . 2010-07-27 20:22 833 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\SecTaskMan\icn_000021599B0090400000000000F01FEC.dll
2010-07-27 20:22 . 2010-07-27 20:22 1175 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\SecTaskMan\icn_6F9E66FF7E38E3A3FA41D89E8A906A4A.dll
2010-07-27 19:35 . 2010-07-27 19:35 -------- d-----w- c:\program files\AceLogix
2010-07-27 19:26 . 2010-07-27 19:26 -------- d-----w- c:\documents and settings\Tomi\Application Data\Registry Mechanic
2010-07-27 19:23 . 2010-07-27 19:37 -------- d---a-w- c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2010-07-27 19:01 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-07-27 19:01 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-07-27 18:47 . 2010-07-27 18:55 -------- d-----w- c:\program files\Microsoft AntiSpyware
2010-07-27 18:41 . 2010-07-27 18:41 -------- d-----w- c:\documents and settings\Tomi\Application Data\Uniblue
2010-07-25 18:33 . 2010-07-25 18:33 15872 ----a-r- c:\documents and settings\Tomi\Application Data\Microsoft\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C9.exe
2010-07-25 18:33 . 2010-07-25 18:33 -------- d-----w- c:\program files\Valve
2010-07-25 15:10 . 2010-07-25 15:10 -------- d-----w- c:\documents and settings\Tomi\Local Settings\Application Data\Downloaded Installations
2010-07-25 15:03 . 2010-07-25 15:03 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\ATI
2010-07-25 15:00 . 2010-07-25 15:01 -------- d-----w- c:\program files\ATI
2010-07-25 14:59 . 2010-07-25 14:59 -------- d-----w- C:\ATI
2010-07-25 12:12 . 2010-07-25 14:26 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\NVIDIA Corporation
2010-07-25 12:12 . 2004-08-03 20:29 1897408 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-07-25 12:12 . 2004-08-03 22:56 4274816 ----a-w- c:\windows\system32\nv4_disp.dll
2010-07-25 12:12 . 2010-07-25 12:12 -------- d-----w- C:\NVIDIA
2010-07-24 10:33 . 2010-07-24 10:33 388096 ----a-r- c:\documents and settings\Tomi\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-07-24 10:33 . 2010-07-24 10:33 -------- d-----w- c:\program files\Trend Micro
2010-07-24 10:15 . 2010-07-24 10:15 -------- d-----w- c:\documents and settings\Tomi\Local Settings\Application Data\ESET
2010-07-23 21:42 . 2010-07-24 10:10 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Yahoo! Companion
2010-07-23 21:42 . 2010-07-23 21:42 -------- d-----w- c:\documents and settings\Tomi\Application Data\Yahoo!
2010-07-23 21:05 . 2010-07-23 21:05 1152 ----a-w- c:\windows\system32\windrv.sys
2010-07-23 20:58 . 2010-07-23 22:06 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SystemKey
2010-07-23 13:55 . 2010-07-23 14:58 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\avg9
2010-07-23 11:25 . 2010-07-23 11:28 -------- d-----w- c:\program files\WinClamAVShield
2010-07-23 11:08 . 2010-07-23 12:22 -------- d-----w- c:\program files\Crawler
2010-07-23 11:08 . 2010-07-23 11:39 -------- d-----w- c:\documents and settings\Tomi\Application Data\Spyware Terminator
2010-07-23 11:08 . 2010-07-23 11:08 6144 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Spyware Terminator\sp_rsdel.exe
2010-07-23 11:08 . 2010-07-23 11:08 5632 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Spyware Terminator\fileobjinfo.sys
2010-07-23 11:08 . 2010-07-23 11:08 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-07-23 11:08 . 2010-07-23 12:24 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Spyware Terminator
2010-07-22 11:14 . 2010-07-22 11:14 3806 ---ha-w- C:\aaw7boot.cmd
2010-07-22 10:28 . 2010-07-22 10:28 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-07-22 10:19 . 2010-07-22 10:19 -------- d-----w- c:\documents and settings\Tomi\Local Settings\Application Data\Sunbelt Software
2010-07-22 10:17 . 2010-07-24 10:56 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2010-07-21 11:45 . 2010-02-12 10:44 1274160 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\CentrumczToolbar\IEToolbar.dll
2010-07-19 21:24 . 2010-07-19 21:24 -------- d-----w- c:\documents and settings\Tomi\Local Settings\Application Data\Centrum.cz Toolbar
2010-07-19 21:20 . 2010-07-21 11:45 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\CentrumczToolbar
2010-07-17 09:59 . 2010-07-17 09:59 -------- d-----w- c:\program files\Phyxion.net
2010-07-16 22:15 . 2010-07-16 22:15 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\ICQ
2010-07-16 22:14 . 2010-07-27 14:08 -------- d-----w- c:\documents and settings\Tomi\Application Data\ICQ
2010-07-16 22:14 . 2010-07-16 22:14 -------- d-----w- c:\documents and settings\Tomi\Local Settings\Application Data\AOL
2010-07-16 22:14 . 2010-07-16 22:17 -------- d-----w- c:\program files\ICQ7.2
2010-07-06 22:14 . 2010-07-07 23:41 -------- d-----w- c:\program files\XTB-Trader
2010-07-03 21:00 . 2010-07-03 21:00 -------- d-----w- c:\program files\Plus500

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-28 08:00 . 2010-07-23 21:14 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SecTaskMan
2010-07-27 19:03 . 2010-05-08 14:47 17464 -c--a-w- c:\documents and settings\Tomi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-25 14:27 . 2009-07-14 13:53 -------- d-----w- c:\program files\NVIDIA Corporation
2010-07-24 10:56 . 2009-08-12 09:58 -------- d-----w- c:\program files\Lavasoft
2010-07-24 10:30 . 2010-06-05 11:37 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2010-07-23 22:18 . 2010-05-08 16:13 -------- d-----w- c:\program files\AMD
2010-07-22 11:20 . 2010-05-15 11:05 -------- d-----w- c:\program files\ATI Technologies
2010-07-19 21:20 . 2009-11-30 08:17 -------- d-----w- c:\program files\CentrumczToolbar
2010-07-18 19:37 . 2009-07-14 13:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-16 22:15 . 2009-07-14 14:57 -------- d-----w- c:\program files\ICQ6Toolbar
2010-07-16 18:59 . 2009-08-18 08:38 -------- d-----w- c:\program files\Eusing Free Registry Cleaner
2010-07-14 12:17 . 2009-07-14 14:18 -------- d-----w- c:\program files\Opera
2010-07-07 11:46 . 2010-05-09 13:24 604776 -c--a-w- c:\windows\system32\NVUNINST.EXE
2010-06-17 20:24 . 2010-06-08 10:03 -------- d-----w- c:\documents and settings\Tomi\Application Data\pdfMachine
2010-06-12 23:29 . 2009-07-27 00:02 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-11 10:43 . 2010-06-11 10:43 61440 ----a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-37dd3130-n\decora-sse.dll
2010-06-11 10:43 . 2010-06-11 10:43 12800 ----a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-37dd3130-n\decora-d3d.dll
2010-06-10 15:46 . 2010-06-10 15:46 0 ----a-w- c:\windows\nsreg.dat
2010-06-08 10:39 . 2010-04-16 18:01 -------- d-----w- c:\program files\Syncrosoft
2010-06-08 08:24 . 2010-06-10 15:53 52224 ----a-w- c:\documents and settings\Tomi\Application Data\Mozilla\Firefox\Profiles\e11pdbzm.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
2010-06-08 08:24 . 2010-06-10 15:53 101376 ----a-w- c:\documents and settings\Tomi\Application Data\Mozilla\Firefox\Profiles\e11pdbzm.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
2010-06-06 19:05 . 2010-04-10 21:07 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-06-06 13:44 . 2010-06-06 13:44 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2010-06-06 11:56 . 2010-06-06 11:56 -------- d-----w- c:\program files\Another Day
2010-06-05 17:27 . 2010-06-04 12:10 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Test Drive Unlimited
2010-06-05 17:05 . 2010-06-05 17:05 -------- d--h--r- c:\documents and settings\Tomi\Application Data\SecuROM
2010-06-05 17:05 . 2010-06-05 17:05 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-06-05 11:43 . 2010-06-05 11:43 -------- d-----w- c:\documents and settings\Tomi\Application Data\IObit
2010-06-04 12:07 . 2010-06-04 12:07 49152 -c--a-r- c:\documents and settings\Tomi\Application Data\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe
2010-06-04 11:56 . 2010-06-04 11:56 -------- d-----w- c:\program files\DAEMON Tools
2010-06-04 11:54 . 2010-06-04 11:54 639224 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-02 12:12 . 2010-06-02 12:12 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-05-31 13:49 . 2010-05-08 15:48 -------- d-----w- c:\documents and settings\Tomi\Application Data\Ventrilo
2010-05-30 14:06 . 2010-05-24 19:51 -------- d-----w- c:\documents and settings\Tomi\Application Data\DivX
2010-05-28 10:54 . 2010-05-28 10:54 503808 -c--a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3330e7a6-n\msvcp71.dll
2010-05-28 10:54 . 2010-05-28 10:54 499712 -c--a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3330e7a6-n\jmc.dll
2010-05-28 10:54 . 2010-05-28 10:54 348160 -c--a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3330e7a6-n\msvcr71.dll
2010-05-27 17:37 . 2010-05-08 14:52 4830720 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-05-27 17:12 . 2010-05-08 14:52 45056 ----a-w- c:\windows\system32\aticalrt.dll
2010-05-27 17:12 . 2010-05-08 14:52 45056 ----a-w- c:\windows\system32\aticalcl.dll
2010-05-27 17:10 . 2010-05-08 14:52 4071424 ----a-w- c:\windows\system32\aticaldd.dll
2010-05-27 17:05 . 2010-07-22 11:21 15208448 ----a-w- c:\windows\system32\atioglxx.dll
2010-05-27 17:02 . 2010-07-22 11:21 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-05-27 16:59 . 2010-07-22 11:21 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-05-27 16:58 . 2010-05-08 14:52 299520 ----a-w- c:\windows\system32\ati2dvag.dll
2010-05-27 16:54 . 2010-05-08 14:52 3699936 ----a-w- c:\windows\system32\ati3duag.dll
2010-05-27 16:46 . 2010-07-22 11:21 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-05-27 16:46 . 2010-07-22 11:21 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-05-27 16:45 . 2010-07-22 11:21 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-05-27 16:45 . 2010-07-22 11:21 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-05-27 16:45 . 2010-05-08 14:52 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-05-27 16:44 . 2010-07-22 11:21 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2010-05-27 16:43 . 2010-07-22 11:21 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-05-27 16:42 . 2010-05-08 14:52 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-05-27 16:41 . 2010-05-08 14:52 2256512 ----a-w- c:\windows\system32\ativvaxx.dll
2010-05-27 16:41 . 2010-07-22 11:21 887724 ----a-w- c:\windows\system32\ativva6x.dat
2010-05-27 16:41 . 2010-07-22 11:21 3 ----a-w- c:\windows\system32\ativva5x.dat
2010-05-27 16:39 . 2010-05-08 14:52 573440 ----a-w- c:\windows\system32\atikvmag.dll
2010-05-27 16:38 . 2010-05-08 14:52 184320 ----a-w- c:\windows\system32\atiadlxx.dll
2010-05-27 16:37 . 2010-07-22 11:21 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-05-27 16:35 . 2010-05-08 14:52 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-05-27 16:33 . 2010-05-08 14:52 692224 ----a-w- c:\windows\system32\ati2cqag.dll
2010-05-27 16:29 . 2010-05-08 14:52 65536 ----a-w- c:\windows\system32\atimpc32.dll
2010-05-27 16:29 . 2010-05-08 14:52 65536 ----a-w- c:\windows\system32\amdpcom32.dll
2010-05-27 16:28 . 2010-05-08 14:52 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-05-24 19:51 . 2010-05-24 19:51 57344 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-05-24 19:51 . 2010-05-24 19:51 56978 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\DivX\WebPlayer\Uninstaller.exe
2010-05-24 19:51 . 2010-05-24 19:51 56766 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-05-24 19:51 . 2010-05-24 19:51 57679 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\DivX\Player\Uninstaller.exe
2010-05-24 19:51 . 2010-05-24 19:51 53600 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\DivX\Update\Uninstaller.exe
2010-05-24 19:47 . 2010-05-24 19:47 144696 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-05-24 19:47 . 2010-05-24 19:51 754984 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\DivX\Setup\Resource.dll
2010-05-24 19:47 . 2010-05-24 19:51 1180952 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\DivX\Setup\DivXSetup.exe
2010-05-13 11:43 . 2010-05-13 11:43 472576 -c--a-w- c:\windows\Radeon Omega Drivers v4.8.442 Uninstall.exe
2010-05-10 21:25 . 2010-05-10 21:25 503808 -c--a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-46976bba-n\msvcp71.dll
2010-05-10 21:25 . 2010-05-10 21:25 499712 -c--a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-46976bba-n\jmc.dll
2010-05-10 21:25 . 2010-05-10 21:25 348160 -c--a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-46976bba-n\msvcr71.dll
2010-05-10 21:25 . 2010-05-10 21:25 61440 -c--a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-521436b1-n\decora-sse.dll
2010-05-10 21:25 . 2010-05-10 21:25 12800 -c--a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-521436b1-n\decora-d3d.dll
2010-05-10 21:25 . 2010-05-10 21:25 411368 -c--a-w- c:\windows\system32\deployJava1.dll
2010-05-10 11:13 . 2010-05-10 11:10 518 -c--a-w- c:\documents and settings\Tomi\Application Data\iolo\Registry\Last\restore.bat
2010-05-10 10:58 . 2010-05-10 10:58 1569 -c--a-w- c:\documents and settings\Tomi\Application Data\iolo\restore.bat
2010-05-10 10:54 . 2010-05-10 10:54 74703 -c--a-w- c:\windows\system32\mfc45.dll
2010-05-09 10:27 . 2010-05-08 14:30 86327 -c--a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-05-08 15:08 . 2010-05-08 15:09 737280 -c--a-w- c:\windows\iun6002.exe
2010-05-08 14:52 . 2010-05-08 14:52 0 -c--a-w- c:\windows\ativpsrm.bin
2010-05-08 14:28 . 2010-05-08 14:28 21640 -c--a-w- c:\windows\system32\emptyregdb.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Tomi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-07-11 136176]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-06-08 133368]
"Steam"="c:\program files\valve\steam\steam.exe" [2010-07-25 1238352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="c:\program files\AMD\amd_dc_opt\amd_dc_opt.exe" [2006-06-28 106496]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"DeathAdder"="c:\program files\Razer\DeathAdder\razerhid.exe" [2010-03-16 251904]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-04-12 1135912]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-11-12 157592]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 843776]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)
"MemCheckBoxInRunDlg"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoWelcomeScreen"= 1 (0x1)
"NoRecentDocsNetHood"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bgsmsnd.exe]
2006-06-01 23:33 106496 ----a-w- c:\windows\system32\spool\drivers\w32x86\2\bgsmsnd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Ati HotKey Poller"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Analog Devices\\SoundMAX\\SMax4Wiz.exe"=
"c:\\Program Files\\Valve\\Steam\\Steam.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\WINDOWS\\system32\\LMabcoms.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\patulo89\\counter-strike\\hl.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1200:UDP"= 1200:UDP:c

R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [7/23/2010 1:08 PM 142592]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [7/14/2009 4:57 PM 246520]
R3 AmdTools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [5/8/2010 6:13 PM 31744]
R3 vHidDev;Razer Gaming Device;c:\windows\system32\drivers\vHidDev.sys [5/18/2010 10:16 PM 5760]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/15/2010 5:58 PM 136176]
S3 Asushwio;Asushwio;c:\windows\system32\drivers\ASUSHWIO.SYS [5/8/2010 4:39 PM 5824]
S3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [5/8/2010 7:43 PM 22784]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6/4/2010 1:54 PM 639224]
.
Contents of the 'Scheduled Tasks' folder

2010-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cb0d5165f6c7d8.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-15 15:03]

2010-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-507921405-362288127-682003330-1003Core.job
- c:\documents and settings\Tomi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-11 17:14]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.icq.com/
mStart Page = hxxp://www.ngohq.com
IE: E&xportovat do programu Microsoft Excel - c:\progra~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
IE: {{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\ICQ7.2\ICQ.exe
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - c:\program files\CentrumczToolbar\IEToolbar.dll
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-SystemKey - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-28 10:12
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(708)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Completion time: 2010-07-28 10:13:12
ComboFix-quarantined-files.txt 2010-07-28 08:13

Pre-Run: 64,177,074,176 bytes free
Post-Run: 64,151,896,064 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

- - End Of File - - 7906EE37E447FB1363F802852B454784

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:41:35 PM, on 7/28/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Documents and Settings\Tomi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\program files\valve\steam\steam.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcLog.exe
C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcAppFlt.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcIp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\valve\steam\steamapps\patulo89\counter-strike\hl.exe
C:\program files\valve\steam\GameOverlayUI.exe
C:\Documents and Settings\Tomi\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tomi\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ngohq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Tomi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcAppFlt.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lmab_device - Unknown owner - C:\WINDOWS\system32\LMabcoms.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcLog.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Unknown owner - C:\Program Files\Spyware Terminator\sp_rsser.exe (file missing)

--
End of file - 7489 bytes

Stránka: 1 z 1

[ Príspevok: 1 ]

Obsah fóra » Software » Antivíry, bezpečnosť a sieť » Antivíry a antispywary » sekanie,lagovanie,nestabilita- prosim o kontrolu logov

Témy		Odpovede	Zobrazenia	Posledný príspevok
Podobné témy
	prosim o kontrolu logov po viruse v Antivíry a antispywary	7	399	11.04.2013 17:04 personal compuper
	Prosim o kontrolu v Antivíry a antispywary	19	2208	25.12.2007 14:31 yaJohny
	Prosim o kontrolu v Antivíry a antispywary	3	1373	27.09.2007 21:47 Rbot
	Prosím o kontrolu v Antivíry a antispywary	0	348	15.10.2011 21:20 Royksopp
	Prosim o kontrolu logu v Antivíry a antispywary	11	543	22.03.2008 13:11 jero
	prosim o kontrolu logu v Antivíry a antispywary	10	663	18.08.2008 22:53 Kosak
	Prosim o kontrolu logu v Antivíry a antispywary	4	559	29.12.2007 20:03 br4n0
	prosím o kontrolu logu v Antivíry a antispywary	0	525	21.01.2008 22:38 igiok1
	prosim o kontrolu logu v Antivíry a antispywary	2	765	21.12.2009 15:41 pitimir
	prosim o kontrolu logu v Antivíry a antispywary	3	624	04.08.2008 18:26 Spirit
	Prosím o kontrolu logu v Operačné systémy Microsoft	2	499	09.02.2008 10:24 _DanWer_
	Prosím o kontrolu logu v Antivíry a antispywary	8	725	09.01.2008 20:07 igiok1
	Prosím o kontrolu logu v Antivíry a antispywary	6	564	24.03.2008 13:40 igiok1
	prosim o kontrolu HJT v Antivíry a antispywary	10	784	08.01.2008 0:40 domcek
	prosím kontrolu logu HJT v Antivíry a antispywary	9	739	07.11.2007 0:49 patrick1
	prosim o kontrolu logu v Antivíry a antispywary	2	583	25.08.2008 14:50 xixan

Nemôžete zakladať nové témy v tomto fóre
Nemôžete odpovedať na témy v tomto fóre
Nemôžete upravovať svoje príspevky v tomto fóre
Nemôžete mazať svoje príspevky v tomto fóre

Skočiť na:

Powered by phpBB Jarvis © 2005 - 2024 PCforum, webhosting by WebSupport, secured by GeoTrust, edited by JanoF
Ako väčšina webových stránok aj my používame cookies. Zotrvaním na webovej stránke súhlasíte, že ich môžeme používať.
Všeobecné podmienky, spracovanie osobných údajov a pravidlá fóra

sekanie,lagovanie,nestabilita- prosim o kontrolu logov

Podobné témy